Reply to post: Re: "Because MS was just blindly trusting them all, they have to take some of the blame."

Solid state of fear: Euro boffins bust open SSD, Bitlocker encryption (it's really, really dumb)

Dave K

Re: "Because MS was just blindly trusting them all, they have to take some of the blame."

Many other suppliers of encryption software don't just trust all 3rd party hardware implementations however. If you encrypt your system disk with VeraCrypt (for example), it uses its own encryption algorithm. Hence the only way your disk can be compromised is if VeraCrypt's own encryption is compromised.

It would be interesting to know if MS was testing and vetting SSD encryption from various vendors before approving BitLocker to utilise it, or whether they were just allowing any device that stated that it supported hardware encryption to go ahead. If it's the former, their testing clearly could have been better. If it's the latter, it's a major risk if Bitlocker is allowing untested and potentially insecure hardware encryption to take the place of its own encryption capabilities.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon