Samsung Self-Encrypting Solid-State Drive Vulnerabilities

Please remember the terms of your membership agreement.

Moderators: valis, garyb

Post Reply
User avatar
ronnie
Posts: 788
Joined: Thu Jul 17, 2003 4:00 pm
Location: Varies Between 30Hz & 20KHz
Contact:

Samsung Self-Encrypting Solid-State Drive Vulnerabilities

Post by ronnie »

National Cyber Awareness System:

Self-Encrypting Solid-State Drive Vulnerabilities
11/06/2018 07:17 PM EST

https://www.us-cert.gov/ncas/current-ac ... rabilities
11/06/2018 07:17 PM EST

Original release date: November 06, 2018
NCCIC is aware of reports of vulnerabilities in the hardware encryption of certain self-encrypting solid-state drives. An attacker could exploit these vulnerabilities to obtain access to sensitive information.
NCCIC encourages users and administrators to review Microsoft's Security Advisory ADV180028 https://portal.msrc.microsoft.com/en-US ... /ADV180028 and Customer Notice regarding Samsung SSDs https://www.samsung.com/semiconductor/m ... er-notice/ for more information and refer to vendors for appropriate patches and recommendations, when available.
"I’ve come to the conclusion that synths are like potatoes, they’re no good raw—you’ve got to cook ‘em, and I cooked these sounds for months before I got them to the point where they sounded musical to me." Lyle Mays
User avatar
valis
Posts: 7306
Joined: Sun Sep 23, 2001 4:00 pm
Location: West Coast USA
Contact:

Re: Samsung Self-Encrypting Solid-State Drive Vulnerabilities

Post by valis »

Saw this as well...

Micron is vulnerable too, as are a few others. Also WIndows with bitlocker apparently defaults to the SSD based encryption if it detects it as available for your boot volume, whereas MacOS applies software encryption regardless. However on MacOS there are critical parts of your user directory structure left unencrypted... so it's a tossup on that one.

Isn't security fun!
Post Reply