Berita Bitlocker di SSD Berhasil Dibobol.

lordi

lordi

Moderator
Staff member
Bitlocker salahs atu fitur dari Windows berfungsi mengenkripsi data di drive. ketika Bitlocker dijalankan di Windows 10 pada SSD yang mempunyai fitur enkripsi hardware, maka otomatis Bitlocker akan menggunakan enkripsi hardware, ketika dijalankan di windows 7 atau 8.1 , bitlocker akan menggunakan enkripsi sofftware yang tidak begitu efisien.
Pada sebuah paper, di blog ini :
Code: 
https://borncity.com/win/2018/11/06/ssd-vulnerability-breaks-bitlocker-encryption/
Disebutkan teknik untuk membongkar atau mendeskripsi data pada SSD terenkripsi dikarenakan cacat pada desain di firmware SSD tersebut.
Teknik ini sudah diuci coba di SSD berikut :
  • Crucial (Micron) MX100, MX200 dan MX300 ;
  • Samsung T3 dan T5 USB;
  • Samsung 840 EVO dan 850 EVO.
Untuk menangkal ini, Microsoft menghimbau mengganti dari enkripsi berbasis hardware menjadi enkripsi berbasis software

berita lengkap :
Microsoft’s BitLocker feature encrypts all the data on a drive. When you run BitLocker on a Win10 system with a solid state drive that has built-in hardware encryption, BitLocker relies on the self-encrypting drive’s own capabilities. If the drive doesn’t have hardware self-encryption (or you're using Win7 or 8.1), BitLocker implements software encryption, which is less efficient, but still enforces password protection.
Microsoft released ADV180028, Guidance for configuring BitLocker to enforce software encryption, in response to a clever crack published on Monday by Carlo Meijer and Bernard van Gastel at Radboud University in the Netherlands (PDF).

The paper (marked “draft”) explains how an attacker can decrypt a hardware-encrypted SSD without knowing the password. Due to a flaw in the way self-encrypting drives are implemented in firmware, a miscreant can get at all of the data on the drive, no key required.
The hardware-based self-encryption flaw seems to be present on most, if not all, self-encrypting drives.

Microsoft’s solution is to unencrypt any SSD that implements self-encryption, then re-encrypt it with software-based encryption. Performance takes a hit, but data will be protected by software, not hardware.
Click to expand...

sumber :
Code: 
https://www.computerworld.com/article/3319736/microsoft-windows/bitlocker-on-self-encrypted-ssds-blown-microsoft-advises-you-switch-to-software-protection.html
 
You must log in or register to reply here.
Back
Top