• blkpws@lemmy.ml
    link
    fedilink
    arrow-up
    48
    arrow-down
    2
    ·
    edit-2
    1 year ago

    While many SSDs come with hardware-based encryption, which does all the processing directly on the drive, Windows 11 Pro force-enables the software version of BitLocker during installation, without providing a clear way to opt out.

    Said by AutoTL;DR

    As TWeaK replied to you, 20-40% is too much to say it is viable for daily usage. Most of SSD already has good encryption methods and an easy way to safely wipe data without re-writing each byte. That’s efficiency.

    • flying_monkies@kbin.social
      link
      fedilink
      arrow-up
      11
      arrow-down
      3
      ·
      1 year ago

      Most of SSD already has good encryption methods

      Unless you purchase a SED-non FIPS or FIPS SSD, no, they don’t

      and an easy way to safely wipe data without re-writing each byte.

      ATA Secure Erase is a god send for SSD.

      • blkpws@lemmy.ml
        link
        fedilink
        arrow-up
        4
        ·
        1 year ago

        Win 11 comes pre-installed with newer computers, which normally has the latest SED mechanism available. Isn’t it? I don’t see the need to overthink how to encrypt data if there is a method that doesn’t slower your disk usage already.

    • MonkderZweite@feddit.ch
      link
      fedilink
      arrow-up
      4
      ·
      edit-2
      1 year ago

      Btw, hw-based encryption is always a compromise betwen security, speed and cost. And holes in the blackbox firmware can only be fixed with updates, as long as supported and if the vendor is willing to.

    • KairuByte@lemmy.dbzer0.com
      link
      fedilink
      arrow-up
      6
      arrow-down
      30
      ·
      1 year ago

      You’re routinely reading and writing multi gig files in daily life? O.o Do you work with video editing or something?

      • takeda@lemmy.world
        link
        fedilink
        arrow-up
        25
        arrow-down
        1
        ·
        1 year ago

        I would see myself saying that not long ago, but now a 50GB game is nothing unusual.

        • KairuByte@lemmy.dbzer0.com
          link
          fedilink
          arrow-up
          6
          arrow-down
          11
          ·
          1 year ago

          True, but you’re limited in many, many ways before the SSD. Downloading the game? Network bottleneck. Playing the game? GPU/CPU bottleneck. (Not to mention, if a game is attempting to access multiple gigs of stored data every second, there’s likely something wrong with that game.)

          Installing the game, absolutely. But you only do that once, and I doubt you’re installing a 500GB game daily.

        • KairuByte@lemmy.dbzer0.com
          link
          fedilink
          arrow-up
          1
          arrow-down
          7
          ·
          edit-2
          1 year ago

          … Then you would disable auto adoption of newly connected drives into bitlocker, would you not?

          This is like complaining that the login screen pops up every time for a machine that doesn’t need security. Just change the setting instead of complaining about a niche use case.

          The majority of users won’t notice a slowdown of even 50% on an SSD. It won’t effect game performance, your network will bottleneck before your SSD in any internet download, most users don’t interact with extremely large sets of data which is needed asap on the regular.

          You’re essentially only going to have a problem, in daily use for the average user, in (un)packing large sets of data, or moving large sets of data between drives. Things most people don’t do regularly.

          So a slight alteration to my question, how exactly does this negatively affect most users in daily usage.

          • blkpws@lemmy.ml
            link
            fedilink
            arrow-up
            6
            arrow-down
            1
            ·
            1 year ago

            Okay xD go ahead… but encrypting the encrypted makes no sense.

            • flying_monkies@kbin.social
              link
              fedilink
              arrow-up
              3
              ·
              1 year ago

              SSDs, unless you buy a specifically encryption supported drive, are not encrypted. If it doesn’t indicate SED, SED non-FIPS or a FIPS certification level, the drive doesn’t have an encryption circuit.

              • blkpws@lemmy.ml
                link
                fedilink
                arrow-up
                3
                arrow-down
                2
                ·
                1 year ago

                I said nothing about adding more encryption, in fact I said the opposite.

                But is what Microsoft is doing here. Most SSD already has hardware level encryption… is what I said on the first comment…