Crucial Community
hoodoo
hoodoo
Kilobyte Kid
‎11-20-2018
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Re: Hardware encryption bypass on MX100, MX200 and...

by BerndLauert in Crucial SSDs
‎01-04-2019 10:04 AM
‎01-04-2019 10:04 AM
Thank you for informing us!   I've read the detailed instructions you have linked to get a more complete picture of the situation. Crucial's instructions to wipe the drive using "PSID revert" suggests that the DEK safekeeping is improved, e.g. the Disk Encryption Key is now cryptographically linked to the user passphrase. BUT that is just an assumption on my behalf. Crucial still recommends the use of software encryption on it's main SSD Support section, so I would not bet on it that it's now 100% securely implemented. And in addition to it MX100 and MX200 didn't get updated instructions, so still only JTAG interface disabled?!   For those interested in further reading, WinMagic reached out to SSD manufactures and asked them about security. https://www.winmagic.com/blog/sed-vulnerabilities/ https://www.winmagic.com/drive-compatibility?manufacturer=All SW means Software Encryption is recommended – FW means Firmware Update may suffice ... View more
‎01-04-2019 10:04 AM

Re: Feedback Thread Firmware M3CR022 for the MX500

by Whosdanoob in Crucial SSDs
‎12-07-2018 05:10 AM
‎12-07-2018 05:10 AM
Hey guys, M3CR023 firmware is out. These are the notes:   Corrected status response in the event of unsuccessful or aborted Sanitize command. Improved compatibility with certain 3rd party TCG software. Prevent potential loss of PSID during firmware update I had a TCG issue, hope it resolves it.   EDIT: Although it seems it happens a bit less than before, I'm still getting the "A TCG Command has returned an error."   ... View more
‎12-07-2018 05:10 AM

Re: Crucial MX500 SSD and BitLocker question

by hoodoo in Crucial SSDs
‎11-05-2018 03:41 PM
‎11-05-2018 03:41 PM
MANAGE-BDE -STATUS resulting in "Encryption Method: Hardware Encryption" then a bunch of numbers means BitLocker is using the drive's hardware encryption. Otherwise it would say "AES 128" or something similar.   Whether using software or hardware encryption, you should always set a password/PIN even if you've got a TPM, since using a TPM by itself just binds the SSD to the specific computer. If you pinch the drive and put it in another computer, you get blocked;, but if you take the whole computer with the SSD in it then you can boot it to the operating system login prompt, at which point the SSD is being transparently decrypted and all sorts of attacks open up.   A paper has just been published about attacks on design flaws in hardware encrypted SSDs including some older Crucial MX models (they didn't test the MX500), so I can see an argument for sticking with software encryption, but the attack vectors for Opal / eDrive involved modified firmware so I still trust hardware encryption to keep my data safe from opportunistic thieves which is all I'm really after.   It's quite hard (as someone else pointed out earlier) to stop a clean Windows install from enabling eDrive. The only way I know with the MX500 is to ensure there's a partition on it already before you run Windows setup, but I don't know at what point eDrive is enabled, so it's possible if you delete that partition and repartition during setup you'd still get eDrive turned on later in the process.   As well as MANAGE-BDE -STATUS, you'd know if you were using software encryption as it would take a while to encrypt, rather than being instantaneous to switch on/off. If your drive is now using software encryption, and you're happy with that, then stick with it and don't reinstall Windows. ... View more
‎11-05-2018 03:41 PM
Public Statistics
Date Registered ‎08-20-2018 05:09 AM
Date Last Visited ‎11-20-2018 09:48 AM
Total Messages Posted 14
Total Kudos Received 9