Microsoft's Bitlocker compromised by bad SSD encryption

It defaults to the (nonexistent) passwords of Samsung and Crucial SSDs.

Bad computer security can sometimes have a cascading effect, as researchers from the Netherlands discovered. They first spotted vulnerabilities in the embedded encryption of several SSD models from Samsung and Crucial that allowed them to access data without a password. Then, to make matters worse, they noticed that Windows 10 Bitlocker defaults to SSD encryption, when available. That means if you happened to have one of those SSDs and used Bitlocker, attackers with access to your PC could easily gain access to your files.

The drives affected by the issues are the Crucial MX100, MX200 and MX300, along with Samsung's T3 and T5 portable SSDs and the 840 EVO and 850 EV internal SATA SSDs. To gain access, the researchers first reverse-engineered their firmware, and found what they called a "pattern of critical issues." One drive could be unlocked with virtually "any password," the researchers said, because the validation system didn't work. Another used an empty string as a password, meaning you could decrypt it just by hitting the "Enter" key.

The problem is bad, but Microsoft made it worse. Bitlocker, which lets you encrypt your files on Windows 10, defaults to the disk's built-in encryption, rather than its own system. That means that if you decided to use Bitlocker for extra safety and owned one of the above-mentioned drives, you could have basically zero protection.

"Several SSDs with hardware encryption appear to be busted," said John Hopkins cryptographer Matthew Green. "But the really terrible thing is that Bitlocker apparently relies totally on the SSD encryption if you have it." On top of that, researchers think Microsoft should have known better, as reports of poor hard disk encryption systems have been circulating for years.

The Dutch researchers also called out drive makers for using proprietary encryption systems when open source ones, like VeraCrypt, are much better. On top of that, modern CPUs are programmed to decode standard AES-NI encryption, so there's no speed advantage to using an SSD's own scheme.

The researchers gave the manufacturers a six month heads up, and both have issued firmware patches to update the reported flaws, where possible. Samsung has advised users to install third-party encryption software rather than its own firmware or Bitlocker. The researchers also called on organizations and consumers who used Bitlocker or the native SSD encryption to take action. At the same time they noted that, predictably, "most consumers haven't done that."