Forgot your password?
typodupeerror
Data Storage Encryption Intel

Intel Launches Self-Encrypting SSD 91

Posted by Soulskill
from the masochistic-storage-devices dept.
MojoKid writes: Intel just launched their new SSD 2500 Pro series solid state drive, the follow-up to last year's SSD 1500 Pro series, which targets corporate and small-business clients. The drive shares much of its DNA with some of Intel's consumer-class drives, but the Pro series cranks things up a few notches with support for advanced security and management features, low power states, and an extended management toolset. In terms of performance, the Intel SSD 2500 Pro isn't class-leading in light of many enthusiast-class drives but it's no slouch either. Intel differentiates the 2500 Pro series by adding support for vPro remote-management and hardware-based self-encryption. The 2500 Pro series supports TCG (Trusted Computing Group) Opal 2.0 features and is Microsoft eDrive capable as well. Intel also offers an administration tool for easy management of the drive. With the Intel administration tool, users can reset the PSID (physical presence security ID), though the contents of the drive will be wiped. Sequential reads are rated at up to 540MB/s, sequential writes at up to 480MB/s, with 45K – 80K random read / write IOps.
This discussion has been archived. No new comments can be posted.

Intel Launches Self-Encrypting SSD

Comments Filter:
  • by Little_Professor (971208) <littleprof&dodgeit,com> on Wednesday July 23, 2014 @03:44PM (#47517687) Journal
    Self-encryption? So it encrypts itself? Wow. On my laptop I have to encrypt my drive myself. Takes ages to work out all the ciphers
    • Yes, this has technology called the "Clapper Chip" (formerly known as the "Clipper Chip") that allows this massive increase in speed...the NSA says this technology is very secure. /s
  • by Motard (1553251) on Wednesday July 23, 2014 @03:46PM (#47517697)

    My new device is designed to accept any amount of data and any rate imaginable. Once stored, the data can *never* be retrieved, no matter what is tried. And this new technology is surprising affordable. Call now for your new StorageBrick 3K!

  • by sasparillascott (1267058) on Wednesday July 23, 2014 @03:52PM (#47517747)
    The usual comment, if you care about your drive being able to be unencrypted when the right govt authorities decide to go snooping, it'd be best not to trust this...

    Great point of reference:

    https://plus.google.com/+Theod... [google.com]
    • Re: (Score:1, Informative)

      by Anonymous Coward

      Its sad, but this has made everything american absolutely useless lately. Though the correct word would be "un-usable"

      It's sad because the engineers who develop the products themselves aren't to blame, but their bosses. And their bosses bosses and so on. And down the ladder too, with people not caring who they vote, and allowing things to spiral so insanely out of control.

      You've brought it on yourselves as a collective I guess.

    • by medv4380 (1604309)
      If I actually cared about the Government breaking into my encrypted files I'd be using a One Time Pad. It might be cumbersome, and it might flag it as actually important info, but if I really didn't want someone to have the possibility of breaking it then only a encryption method that cannot be broken with any amount of processing power will do. However, I don't have any need to worry about some trivial thing like are they looking at me today. I don't have that kind of secret to hide.
      • by Charliemopps (1157495) on Wednesday July 23, 2014 @04:26PM (#47518021)

        If I actually cared about the Government breaking into my encrypted files I'd be using a One Time Pad. It might be cumbersome, and it might flag it as actually important info, but if I really didn't want someone to have the possibility of breaking it then only a encryption method that cannot be broken with any amount of processing power will do. However, I don't have any need to worry about some trivial thing like are they looking at me today. I don't have that kind of secret to hide.

        You should always be worried about the government breaking into your encrypted files.
        There is only 1 group in this country that can legally torture you and put you to death. Only one group that actually does that very thing on a daily basis.
        Irrelevant of their current laws and practices, it's in your best interest to protect yourself from their prying eyes.
        You've no idea what you're doing today that will be illegal tomorrow. Every device I own has some degree of encryption. Will that protect me if they target me directly? Probably not, but I certainly am not going to make it easy for them if it comes to that. Decent encryption isn't that hard, and just takes a few minutes of your time.

        • by medv4380 (1604309)
          If you're really that paranoid then you should be using a one time pad already. If it's not mathematically impossible to break then it's not worthy of that paranoia level. If I ever became worried on that level I'd switch to One Time Pads over night. The fear mongering that the NSA might have instant access to your nude selfies is meaningless fear mongering. Someone who does that should actually be afraid that anyone could get those photos off the phone and post them everywhere. That's not a lesson for why
        • by eth1 (94901) on Wednesday July 23, 2014 @05:28PM (#47518489)

          Not to mention that even if you have "nothing to hide," what about when you piss the wrong person off, and suddenly there's child porn on your encrypted drive that obviously only you could ever have had access to.

          • and suddenly there's child porn on your encrypted drive that obviously only you could ever have had access to.

            At the bottom of the revealed Pandora's Box of NSA horrors is this: now, even a jury of Red-State yokels have pause for belief when the defense can say to them: planting such evidence is childs' play for the organs of state security - step out of line and you may be next.

        • by Luckyo (1726890)

          The problem is that if you have something that government finds worth torturing over on your drive, you're boned regardless.

          Very few people have the sufficient stress and pain tolerance to be able to not divulge the password to the files for extended period of torture by best professionals in the world.

        • by mark_reh (2015546)

          How long do you think you'll keep your pass phrase secret when one of the government sanctioned torturers tightens the screws on your thumbs?

          You can't protect your data from the government any more than all the gun "enthusiasts" in the US can protect themselves from the government with their guns. The government ALWAYS has ways and means beyond what any individual or even any group can muster.

        • Obligatory xkycd [xkcd.com]
      • I don't have that kind of secret to hide.

        You don't think you do, today, but that doesn't mean you don't, nor does it mean you won't at some point in the future.

        The fact that governance is dynamic and contingent solely on the whims of a handful of powerful people are precisely why everyone, yourself included, should actually care about the government snooping on private information.

        Oh, that and fetish sex. Because there's nothing wrong with fetish sex, but I'd bet most people who are into that sort of thing want to keep it hidden regardless.

      • If I actually cared about the Government breaking into my encrypted files I'd be using a One Time Pad. ....snip....

        I think this is a place where a big "Woosh" applies.

        Someone does not understand the way one-time pads work.
        Using a one-time pad is a blunder. To get your files you must also have the pad. For a disk this would be one monster pad.
        Since it is a one time pad you use it and toss it (special flushable paper) -- now the data is lost.

        One-time pads between two friends are interesting but require a physical exchange of pads.

        The Intel trick has one big value in the context of repair, redeployment and intentional a

    • by Lehk228 (705449)
      if the government really wants what is on your disk, they will put you in a small cage until you give up the keys, if they REALLY want it you will take a trip to an officially nonexistant location and find out what successively higher and higher voltage across your genitals feels like until you give up the key, or die.
    • If the drive's software were flashable (the device could be updated with different software) and the software were Free Software [gnu.org], there would be no reason to fear Intel's connection to the NSA. Users would have the freedoms they need to make sure the software does what they want it to do. Proprietary encryption, no matter who writes it or distributes it, is always untrustworthy for the same reason proprietary software is untrustworthy—you don't really know what it's doing and neither does anyone you c
    • by AmiMoJo (196126) *

      Realistically most people have to trust a commercial company at some point. Even if you switch from Windows to Linux, you still need a CPU and motherboard with BIOS code on it. Even the SSD's firmware could subvert you.

      The encryption used here is good enough for most purposes. Sure, the NSA could probably break it, but they probably won't want to. Aside from the time and money it takes, it would reveal their capabilities. The good news is that this kind of encryption has been shown to keep the cops and othe

  • by CanHasDIY (1672858) on Wednesday July 23, 2014 @04:02PM (#47517829) Homepage Journal

    We all know, at this point, that these tech hardware companies are total butt-fuck buddies with clandestine government organizations.

    We all know, at this point, that as a result of the aforementioned butt-fuck buddies relationship, all hardware can be considered compromised before you even open the damn box.

    I don't know about you all, but I'm far more concerned that an organization with the power to take away my life and/or freedom can access my data without my permission or knowledge than infamous Russian credit card scammer "Peggy."

    That be my 2 pennies.

  • Some of the Samsung SSD drives have encryption since 2009. I don't use it because one has to setup the ATA password to enable it, and does not feel as secure. http://www.samsung.com/global/... [samsung.com]
  • by Kardos (1348077) on Wednesday July 23, 2014 @04:16PM (#47517927)

    ... treat it as a regular unencrypted drive and apply proper encryption on top. Next.

    • by 0123456 (636235)

      ... treat it as a regular unencrypted drive and apply proper encryption on top. Next.

      While true, the problem with that approach is that the SSDs compress the data you write to them to improve performance and wear-levelling. So, if you encrypt the disk at the operating system level, you lose all that.

      Obviously, if most of your data is already compressed, it won't matter.

      • Not really.

        SSD performance boosts are 95% due to the massively reduced seek times, which are on the order of 1000x faster than traditional platter latency. The throughput is higher too, but only on the order of 2x-3x.

        Meanwhile, AES encryption is generally accelerated by AES-Ni so that a typical supporting processor can hit ~2000MB/s, which is easily 5x faster than your average SSD can output.

  • This idea is amazing.
    Instead of having:
    - full control over the encryption software
    - full control over the encryption key
    - data that goes in clear in the ram, then is never seen in clear by the hard-drive
    - performance nearly identical through either hardware-enabled encryption (AES...), or even software based implementations (even a smartphone can do it transparently)
    We're trading all this for:
    - who knows what really happen down there
    - hey, is your secure key even used for anything more than cipherin
    • Encrypted RAM would be utterly worthless. The encryption key would have to be in RAM or in the CPU registers, so a RAM dump would get the data either way.

    • full control over the encryption software

      - performance nearly identical through either hardware-enabled encryption (AES...),

      Do you see what you did there?

      - performance nearly identical through (supposedly) hardware encryption.

      Unless your system can multi-task and uses the hardware encryption resources for other processes. Like a web server that's also doing SSL/TLS.

  • by tech.kyle (2800087) on Wednesday July 23, 2014 @05:00PM (#47518291)
    I suggest encrypting everything multiple times with a more simple encryption algorithm. I find it gives me twice the security at virtually no performance loss whatsoever. Myself, I use ROT13 twice.
  • Now it's self-encryption. Caveat Emptor, of this self-deceit!

  • First of all this article is nothing more than a giant slashvertisement.

    Second of all, essentially every SSD on the market self-encrypts, because it is how the secure wipe feature of SSDs functions. Any SSD that is locked with a password is encrypted and unreadable. This is not a new or novel feature at all, and whoever decided this was newsworthy should not be posting articles to slashdot.

  • Can I set my own key? Set and maintain my own hash? No?

    Not interested.

    We want true, user-controlled security, not vendor provided.

    We've learned our lessons already. The trust is gone.

  • I have a self encrypting hard drive already.

    IBM Deskstar from last decade.

    Unfortunately no one has the key....

I am the wandering glitch -- catch me if you can.

Working...