| bergman on 8 Nov 2018 08:30:19 -0800 |
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
| Re: [PLUG] Fwd: Self-Encrypting Solid-State Drive Vulnerabilities |
In the message dated: Thu, 08 Nov 2018 09:50:47 -0500, The pithy ruminations from Rich Freeman on [Re: [PLUG] Fwd: Self-Encrypting Solid-State Drive Vulnerabilities] were: => On Thu, Nov 8, 2018 at 9:37 AM K.S. Bhaskar <ksbhaskar@gmail.com> wrote: => > => > Aren't self-encrypting SSDs like putting a nice lock on your front door and hiding the key under the mat? => > => => They require a key to unlock them. The idea is to offload the => encryption computation from the main CPU. => => The problem is that they're not securing the session key in a secure manner. A better analogy might be: The vulnerability in self-encrypting SSDs is like putting a good deadbolt on your front door, putting a strong lockbox outside the door with a spare key inside, but the lockbox has a preset combination of 0000 that cannot be changed. Oh, and every house up and down the block has the same brand of lockbox, with the same combination. Mark => -- => Rich => ___________________________________________________________________________ => Philadelphia Linux Users Group -- http://www.phillylinux.org => Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce => General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug => -- Mark ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug