I would love to be able to program this device myself, instead of relying on Samsung's firmware. BTW, what's the point of AES encryption on this pre-p0wned device? More security theatre? http://hothardware.com/reviews/samsung-portable-ssd-t1-review Samsung Portable SSD T1 Review: Blazing Fast External Storage Utilizing Samsung's proprietary 3D Vertical NAND (V-NAND) technology and a SuperSpeed USB 3.0 interface, the Portable SSD T1 redlines at up to 450MB/s when reading or writing data sequentially, according to Samsung. For random read and write activities, Samsung rates the drive at up to 8,000 IOPS and 21,000 IOPS, respectively. Capacity 1TB (250GB and 500GB also available) Interface Compatible with USB 3.0, 2.0 Dimensions (W x H x D) 71.0 x 9.2 x 53.2 mm Weight Max. 30 grams Transfer Speed Up to 450MB/sec UASP Mode UASP Mode Encryption AES 256-bit Security Password setting (optional) Certification CE, BSMI,KC, VCC, C-tick, FCC, IC, UL, TUV, CB RoHS Compliance RoHS2 Warranty Limited 3 year Price$569 (street) - Find It At Amazon
-------- In message <E1YOTjj-0004uI-59 at elasmtp-mealy.atl.sa.earthlink.net>, Henry Baker writes:>BTW, what's the point of AES encryption on this pre-p0wned device? >More security theatre? > >http://hothardware.com/reviews/samsung-portable-ssd-t1-reviewIt's so that you can decommision the drive without destroying it. Pulverizing electronics gets you hazardous waste under EU's ROHS/WEEE rules. Throwing away the AES key gives you run-of-the-mill electronic garbage. -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk at FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence.
On Feb 19, 2015, at 11:12 AM, Henry Baker <hbaker1 at pipeline.com> wrote:> I would love to be able to program this device myself, instead of relying on Samsung's firmware.Good luck with that. SSD performance and even proper operation is still somewhat of a black art; much of the value of the device comes from the proprietary algorithms that control it, which are build knowing details of the design. Samsung, like other SSD makers, has every reason to keep that stuff secret. The market advantage of increments in speed and other features is significant; the market to people who want to program it themselves is essentially non-existent.> BTW, what's the point of AES encryption on this pre-p0wned device? More security theatre?It depends on the implementation and what kind of attacker you're considering. There have been implementations in the past which use simply match a password stored in the device - encrypted with AES so that the advertising claims aren't outright lies - against a password entered at boot; the data itself was left unencrypted. But there's plenty of power in a device like this to essentially build FDE right into the SSD. That's probably proof against any attack against a stolen/seized SSD. (Of course, Samsung may have deliberately, or through incompetence, provided a back door - we'd never know. But most attackers wouldn't know either. I'm sure North Korea would *assume* that the South Korean intelligence services have access, whether it's true or not.) Low-enough level attacks against the boot sequence could intercept and leak the password. The OS typically would come in way too late to see the password - but of course if you take it over, you have full access to the device. In summary: Assuming a decent implementation and no back doors available to the attackers of interest to you, this has exactly the strengths and weaknesses of FDE, with no overhead in the host. Not really security theatre, but given modern hardware, perhaps not much of an advantage either. You could go for defense in depth by using FDE on top of what the device provides. -- Jerry
On Feb 19, 2015, at 8:12 AM, Henry Baker <hbaker1 at pipeline.com> wrote:> I would love to be able to program this device myself, instead of relying on Samsung's firmware. > > BTW, what's the point of AES encryption on this pre-p0wned device? More security theatre?NAND memory runs faster when the hamming weight of the data is approximately even between zeroes and ones. You can speed up NAND flash by running the data through a suitable whitening function. AES is a great whitening function. If you then go to the extra effort to do key management, you have security. It's a simple matter of architecture and programming. :) Jon
Henry Baker <hbaker1 at pipeline.com> writes:>BTW, what's the point of AES encryption on this pre-p0wned device? More >security theatre?Almost. Its sole use is for very fast "drive erasure", i.e. you change the key and the data on it becomes inaccessible. Have a look at this presentation: http://www.snia.org/sites/default/education/tutorials/2012/spring/security/MichaelWillett_Implementing%20Stored-Data_Encryption_2.pdf which describes what Samsung (and others) are doing, in particular slide 18. The decryption key (DEK) is stored in the drive, and is unlocked using a password (and "authentication key", AK). So to decrypt the drive you extract the encrypted DEK, brute-force the password (AK), and you're in. In any case though it doesn't protect against an attack that occurs when the drive is mounted since it looks like an unencrypted drive at that point (and presumably the AK is hardcoded into a startup script or something similar in order to survive power outages, so you can grab that if you really need it). It's actually hard to see what purpose this "encryption" is serving (the vendors studiously avoid providing a threat model), it doesn't protect live data, it barely protects data at rest (say if you decide to Fedex the contents of your data centre across town), the only thing it really does is allow for fast erasure of contents, and protect against casual snooping of the "buy a batch of drives on ebay and see what's on them" kind. So I guess if ebay is your threat, it's good enough. OTOH a BIOS password set for the drive will do the same thing. As a more general response to "what's the point", regulatory compliance ("our drives were encrypted so we don't have to disclose the 40M credit card breach from last week"), buzzword-compliance, CYA, it's not a bad idea from a marketing point of view. Peter.