Samsung and Crucial SSDs have a security issue using Bitlocker

Discussion in 'PC Hardware' started by John Sutherland, Nov 5, 2018.

  1. John Sutherland

    John Sutherland MDL Addicted

    Oct 15, 2014
    644
    915
    30
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  2. Yen

    Yen Admin
    Staff Member

    May 6, 2007
    11,308
    11,140
    340
    #2 Yen, Nov 6, 2018
    Last edited: Nov 6, 2018
    It was just a matter of time until flaws are published. The entire bitlocker / TPM concept from M$ is a joke and they don't take it serious themselves.
    M$ is completely responsible since they certify the hardware as 'bitlocker suitable' and people who trust in the Bitlocker/TPM concept are screwed.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. John Sutherland

    John Sutherland MDL Addicted

    Oct 15, 2014
    644
    915
    30
    #3 John Sutherland, Nov 6, 2018
    Last edited: Nov 11, 2018 at 23:14
    (OP)
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  4. MS_User

    MS_User MDL Guru

    Nov 30, 2014
    2,801
    462
    90
    Im sure their scrambling to patch the hole firmware update soon;)
     
  5. Yen

    Yen Admin
    Staff Member

    May 6, 2007
    11,308
    11,140
    340
    I have pointed on senselessness when it has been announced for w8 already.
    First of all one must not confuse the official purpose:

    UEFI secure boot does NOT prevent that malware can be installed or modifications of the bootloader are done.
    It ensures the integrity of it and only then it boots.

    Secure boot is no feature to prevent malware, nor to protect personal data. It's also not here to exclude devices to boot....
    If there would be just the system partition allowed to boot you simply could have access to that device from another OS.
    To prevent that you have to encrypt it by 3rd party solutions, it's not the original purpose of secure boot either way.

    Other things:
    UEFI has been announced as requirement to realize GPT boot. That's BS. To boot from GPT can be realized with a 'legacy' BIOS as well.
    It has been introduced to make people stick to their OS, but resistance was strong...

    A simple correlation:
    What has malware that has been installed and the freedom to run another OS in common? A change of the installation / system contents!
    What is a established measure to have control? To sign a condition that is considered as normal and safe and by changing signature a change is detected.

    It's no wonder that 'security' and freedom are always co-affected.

    What would be the solution?

    The user determines his own idea of normal condition and signs THAT on his own.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  6. Tiger-1

    Tiger-1 MDL Guru

    Oct 18, 2014
    3,916
    4,285
    120
    sometimes you need to think about Who Use Today :: Windows OS or 3rd Party Contriborst:rolleyes:
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  7. Michaela Joy

    Michaela Joy MDL Crazy Lady

    Jul 26, 2012
    3,691
    3,998
    120
    Perhaps the best thing is not to use Bitlocker at all and use a 3rd party solution.

    Sorry. But to Me, UEFI is a useless piece of crap.

    Yup. Another gimmick designed to discourage people from switching OSes.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  8. lolnothankyou

    lolnothankyou MDL Novice

    Jul 27, 2018
    26
    22
    0
    That's what happen when you use NSA-approved / developed software like BitLocker and VeraCrypt.

    Use TrueCrypt 7.1a instead.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  9. Joe C

    Joe C MDL Guru

    Jan 12, 2012
    2,626
    1,447
    90
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  10. John Sutherland

    John Sutherland MDL Addicted

    Oct 15, 2014
    644
    915
    30
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  11. Joe C

    Joe C MDL Guru

    Jan 12, 2012
    2,626
    1,447
    90
    I think the fix for True Crypt (which is no longer supported) is to use Vera Crypt
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  12. Yen

    Yen Admin
    Staff Member

    May 6, 2007
    11,308
    11,140
    340
    #12 Yen, Nov 8, 2018
    Last edited: Nov 8, 2018
    Hmmm...one important reason to migrate to Linux was for me the encryption of partitions / volumes. Already the default way offered by the installer can be considered as safe.

    If you're a freak you can make your own..Linux comes with anything to make your custom encryption (cryptsetup), setup of LUKS and LVM...with custom key lengths and own custom parameters..
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  13. lolnothankyou

    lolnothankyou MDL Novice

    Jul 27, 2018
    26
    22
    0
    Funny enough I'm using TrueCrypt 7.1a right now :)






    I use it all the time actually.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  14. John Sutherland

    John Sutherland MDL Addicted

    Oct 15, 2014
    644
    915
    30
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  15. MrG

    MrG MDL Addicted

    May 31, 2010
    870
    210
    30
    I only use BitLocker on a SanDisk flash drive that I store all my crypto passwords on.
    Naturally I have a crypto PW printout in the 90 minute gun safe too.
    I have not experienced any problems yet.. knock knock :dance:
     
  16. Michaela Joy

    Michaela Joy MDL Crazy Lady

    Jul 26, 2012
    3,691
    3,998
    120
    @lolnothankyou: LOL No thank You.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  17. oyya

    oyya MDL Novice

    Nov 8, 2018
    20
    7
    0
    Really ? how do you proceed to do that ?
     
  18. Yen

    Yen Admin
    Staff Member

    May 6, 2007
    11,308
    11,140
    340
    #18 Yen, Nov 12, 2018 at 14:20
    Last edited: Nov 12, 2018 at 14:27
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...