Self-Encrypting Drives Hardly Any Better Than Software-Based Encryption

itwbennett writes: The main security benefit of Self-Encrypting Drives (SEDs) is that the encryption key is not stored in the OS memory, but on the disk itself, which makes it less exposed to theft. However, some attacks that work against software-based encryption products also affect SEDs, including evil maid attacks and those that bypass Windows authentication. Once a SED is unlocked, it remains in that state until the power to it is cycled or a deauthentication command is sent. When the laptop is put in sleep mode the drive state is locked, but when it resumes from sleep, the pre-boot management software, which is already loaded in memory, unlocks the drive. [A team of] researchers devised three attacks to take advantage of this situation.

Re:Self encrypting hard drives are WORSE!

[FuegoFuerte]

You've clearly never researched how SED drives work. No one has "the key for the drive," it's generated by the drive on the fly. The drive ships unsecured, and when you secure it, it generates a new encryption key using the passphrase you supply. When you Instant Secure Erase the drive, it throws out the old keys and generates new ones. You can revert the encryption settings back to factory default, but you lose all data in the process. On top of that, on the better drives, all of this is reviewed by NIST for FIPS compliance.

Software encryption requires a couple of sufficiently motivated and clever Russians to break. Proper hardware encryption requires far more motivated, clever, and trained NSA engineers.