{"id":820,"date":"2018-11-07T15:07:21","date_gmt":"2018-11-07T13:07:21","guid":{"rendered":"https:\/\/www.zaskolit.cz\/?p=820"},"modified":"2018-11-07T15:55:49","modified_gmt":"2018-11-07T13:55:49","slug":"sifrovani-nekterych-ssd-disku-lze-obejit-ukazala-studie","status":"publish","type":"post","link":"https:\/\/www.digitalnisebeobrana.cz\/en\/sifrovani-nekterych-ssd-disku-lze-obejit-ukazala-studie\/","title":{"rendered":"Security flaws in SSD data storage devices"},"content":{"rendered":"<blockquote><p><em><a href=\"https:\/\/www.ru.nl\/english\/news-agenda\/news\/vm\/icis\/cyber-security\/2018\/radboud-university-researchers-discover-security\/\">Researchers at Radboud University in the Netherlands<\/a> have discovered that widely used data storage devices with self-encrypting drives do not provide the expected level of data protection. A malicious expert with direct physical access to widely sold storage devices can bypass existing protection mechanisms and access the data without knowing the user-chosen password.<\/em><\/p><\/blockquote>\n<p><strong>Which models are affected?<\/strong><\/p>\n<ul>\n<li><span class=\"li-content\">Crucial (Micron) MX100, MX200 and MX300 internal hard disks<\/span><\/li>\n<li><span class=\"li-content\">Samsung T3 and T5 USB external disks<\/span><\/li>\n<li><span class=\"li-content\">Samsung 840 EVO and 850 EVO internal hard disks<\/span><\/li>\n<\/ul>\n<p>As not all disks available on the market have been tested, there is possibility there is more affected range of models.<\/p>\n<p><strong>Is the remote attack possible (via internet)?<\/strong><\/p>\n<p>No. Attacker has to have direct physical access to disk.<\/p>\n<p><strong>I am using BitLocker for encryption, am I affected?<\/strong><\/p>\n<blockquote><p><em>On computers running Windows, a software component called BitLocker handles the encryption of the computer&#8217;s data. In Windows, the kind of encryption that BitLocker uses (i.e. hardware encryption or software encryption) is set via the Group Policy. If available, standard hardware encryption is used. For the affected models, the default setting must be changed so that only software encryption is used. This change does not solve the problem immediately, because it does not re-encrypt existing data. Only a completely new installation, including reformatting the internal drive, will enforce software encryption.<\/em><\/p><\/blockquote>\n<p><strong>I am using other tool for encryption (e.g. VeraCrypt), Am I affected?<\/strong><\/p>\n<p class=\"mentions-texteditor__content\">Probably not. Tools such a VeraCrypt use software encryption<\/p>\n<p>You can learn how to use VeraCrypt during the <a href=\"https:\/\/www.zaskolit.cz\/en\">Digital Self-defense workshop<\/a><\/p>\n<p><strong>Are there security patches?<\/strong><\/p>\n<p>There is firmware update for Crucial disks and Samsung T3 and T5 models. Samsung EVO are unpatched, Samsung recommends installing encryption software that is compatible with your system (e.g. VeraCrypt).<\/p>\n<p><strong>How to force BitLocker to use software encryption?<\/strong><\/p>\n<ul>\n<li>Open the Local Group Policy Editor by entering &#8220;gpedit.msc&#8221; in the Run dialog.<\/li>\n<li>Head on to &#8220;Computer Configuration\\Administrative Templates\\Windows Components\\BitLocker Drive Encryption\\Fixed Data Drives.&#8221;<\/li>\n<li>Double-click the &#8220;Configure use of hardware-based encryption for fixed data drives&#8221; option in the right panel.<\/li>\n<li>Select the &#8220;Disabled&#8221; option there and click &#8220;OK&#8221; to save the new setting.<\/li>\n<li>Before software encryption will be used, after you change these policies you must first completely decrypt the drive and then enable BitLocker again to use software encryption.<\/li>\n<\/ul>\n<p>(sources: <a href=\"https:\/\/www.ru.nl\/english\/news-agenda\/news\/vm\/icis\/cyber-security\/2018\/radboud-university-researchers-discover-security\/\">Radboud University<\/a>, <a href=\"https:\/\/thehackernews.com\/2018\/11\/self-encrypting-ssd-hacking.html?m=1\">The Hacker News<\/a>)<\/p>\n\n<div data-mode=\"normal\" data-provider=\"html5\" id=\"arve-html5-\" style=\"max-width:1280px;\" class=\"arve\">\n\t<div class=\"arve-inner\">\n\t\t<div class=\"arve-embed\">\n\t\t\t<video class=\"arve-video fitvidsignore\" controls controlslist=\"\" data-arve=\"arve-html5-\" onloadstart=\"this.volume=1\" preload=\"metadata\"><source type=\"video\/mp4\" src=\"https:\/\/www.zaskolit.cz\/wp-content\/uploads\/2018\/11\/bitlocker.mp4#t=0.1\"><\/video>\n\t\t\t\n\t\t<\/div>\n\t\t\n\t<\/div>\n\t\n\t\n\t<script type=\"application\/ld+json\">{\"@context\":\"http:\\\/\\\/schema.org\\\/\",\"@id\":\"https:\\\/\\\/www.digitalnisebeobrana.cz\\\/en\\\/sifrovani-nekterych-ssd-disku-lze-obejit-ukazala-studie\\\/#arve-html5-\",\"type\":\"VideoObject\",\"contentURL\":\"https:\\\/\\\/www.zaskolit.cz\\\/wp-content\\\/uploads\\\/2018\\\/11\\\/bitlocker.mp4\"}<\/script>\n\t\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>Researchers at Radboud University in the Netherlands have discovered that widely used data storage devices with self-encrypting drives do not provide the expected level of data protection. A malicious expert with direct physical access to widely sold storage devices can bypass existing protection mechanisms and access the data without knowing the user-chosen password. Which models &hellip;<br \/><a href=\"https:\/\/www.digitalnisebeobrana.cz\/en\/sifrovani-nekterych-ssd-disku-lze-obejit-ukazala-studie\/\" class=\"more-link pen_button pen_element_default pen_icon_arrow_double\">Continue reading <span class=\"screen-reader-text\">Security flaws in SSD data storage devices<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_vp_format_video_url":"","_vp_image_focal_point":[],"footnotes":""},"categories":[1],"tags":[],"class_list":["post-820","post","type-post","status-publish","format-standard","hentry","category-blog"],"translation":{"provider":"WPGlobus","version":"3.0.2","language":"en","enabled_languages":["cs","en"],"languages":{"cs":{"title":true,"content":true,"excerpt":false},"en":{"title":true,"content":true,"excerpt":false}}},"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.4 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Security flaws in SSD data storage devices - DIGITAL SELF-DEFENSE<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.digitalnisebeobrana.cz\/sifrovani-nekterych-ssd-disku-lze-obejit-ukazala-studie\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Security flaws in SSD data storage devices - DIGITAL SELF-DEFENSE\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.digitalnisebeobrana.cz\/sifrovani-nekterych-ssd-disku-lze-obejit-ukazala-studie\/\" \/>\n<meta property=\"og:site_name\" content=\"DIGITAL SELF-DEFENSE\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/digitalnisebeobrana\/\" \/>\n<meta property=\"article:author\" content=\"https:\/\/www.facebook.com\/digitalnisebeobrana\/\" \/>\n<meta property=\"article:published_time\" content=\"2018-11-07T13:07:21+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2018-11-07T13:55:49+00:00\" \/>\n<meta name=\"author\" content=\"Milan\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@sodomak\" \/>\n<meta name=\"twitter:site\" content=\"@sodomak\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Milan\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.digitalnisebeobrana.cz\\\/sifrovani-nekterych-ssd-disku-lze-obejit-ukazala-studie\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.digitalnisebeobrana.cz\\\/sifrovani-nekterych-ssd-disku-lze-obejit-ukazala-studie\\\/\"},\"author\":{\"name\":\"Milan\",\"@id\":\"https:\\\/\\\/www.digitalnisebeobrana.cz\\\/en\\\/#\\\/schema\\\/person\\\/e932432719ebfc02a9b05e7b12047736\"},\"headline\":\"Security flaws in SSD data storage devices\",\"datePublished\":\"2018-11-07T13:07:21+00:00\",\"dateModified\":\"2018-11-07T13:55:49+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.digitalnisebeobrana.cz\\\/sifrovani-nekterych-ssd-disku-lze-obejit-ukazala-studie\\\/\"},\"wordCount\":831,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/www.digitalnisebeobrana.cz\\\/en\\\/#\\\/schema\\\/person\\\/e932432719ebfc02a9b05e7b12047736\"},\"articleSection\":[\"Blog\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/www.digitalnisebeobrana.cz\\\/sifrovani-nekterych-ssd-disku-lze-obejit-ukazala-studie\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.digitalnisebeobrana.cz\\\/sifrovani-nekterych-ssd-disku-lze-obejit-ukazala-studie\\\/\",\"url\":\"https:\\\/\\\/www.digitalnisebeobrana.cz\\\/sifrovani-nekterych-ssd-disku-lze-obejit-ukazala-studie\\\/\",\"name\":\"Security flaws in SSD data storage devices - DIGITAL SELF-DEFENSE\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.digitalnisebeobrana.cz\\\/en\\\/#website\"},\"datePublished\":\"2018-11-07T13:07:21+00:00\",\"dateModified\":\"2018-11-07T13:55:49+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.digitalnisebeobrana.cz\\\/sifrovani-nekterych-ssd-disku-lze-obejit-ukazala-studie\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.digitalnisebeobrana.cz\\\/sifrovani-nekterych-ssd-disku-lze-obejit-ukazala-studie\\\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.digitalnisebeobrana.cz\\\/sifrovani-nekterych-ssd-disku-lze-obejit-ukazala-studie\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.digitalnisebeobrana.cz\\\/en\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"\u0160ifrov\u00e1n\u00ed n\u011bkter\u00fdch SSD disk\u016f lze obej\u00edt, uk\u00e1zala studie.\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.digitalnisebeobrana.cz\\\/en\\\/#website\",\"url\":\"https:\\\/\\\/www.digitalnisebeobrana.cz\\\/en\\\/\",\"name\":\"DIGITAL SELF-DEFENSE\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.digitalnisebeobrana.cz\\\/en\\\/#\\\/schema\\\/person\\\/e932432719ebfc02a9b05e7b12047736\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.digitalnisebeobrana.cz\\\/en\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":[\"Person\",\"Organization\"],\"@id\":\"https:\\\/\\\/www.digitalnisebeobrana.cz\\\/en\\\/#\\\/schema\\\/person\\\/e932432719ebfc02a9b05e7b12047736\",\"name\":\"Milan\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.digitalnisebeobrana.cz\\\/wp-content\\\/uploads\\\/2022\\\/01\\\/logo.png\",\"url\":\"https:\\\/\\\/www.digitalnisebeobrana.cz\\\/wp-content\\\/uploads\\\/2022\\\/01\\\/logo.png\",\"contentUrl\":\"https:\\\/\\\/www.digitalnisebeobrana.cz\\\/wp-content\\\/uploads\\\/2022\\\/01\\\/logo.png\",\"width\":613,\"height\":73,\"caption\":\"Milan\"},\"logo\":{\"@id\":\"https:\\\/\\\/www.digitalnisebeobrana.cz\\\/wp-content\\\/uploads\\\/2022\\\/01\\\/logo.png\"},\"description\":\"Jmenuji se Milan P\u016flkr\u00e1bek, pamatuji si po\u010d\u00edta\u010de bez internetu, Internet bez Google a mobiln\u00ed komunikaci bez \u0161ifrov\u00e1n\u00ed. M\u00e1m za sebou v\u00edce ne\u017e dvacet let profesion\u00e1ln\u00ed praxe v IT, p\u0159edn\u00e1\u0161\u00edm a p\u00ed\u0161u \u010dl\u00e1nky o IT bezpe\u010dnosti, kryptom\u011bn\u00e1ch a nov\u00fdch technologi\u00edch. Od roku 2014 jsem sou\u010d\u00e1st\u00ed nezikov\u00e9 organizace Paraleln\u00ed Polis v Praze.\",\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/digitalnisebeobrana\\\/\",\"https:\\\/\\\/x.com\\\/sodomak\"]}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Security flaws in SSD data storage devices - DIGITAL SELF-DEFENSE","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.digitalnisebeobrana.cz\/sifrovani-nekterych-ssd-disku-lze-obejit-ukazala-studie\/","og_locale":"en_US","og_type":"article","og_title":"Security flaws in SSD data storage devices - DIGITAL SELF-DEFENSE","og_url":"https:\/\/www.digitalnisebeobrana.cz\/sifrovani-nekterych-ssd-disku-lze-obejit-ukazala-studie\/","og_site_name":"DIGITAL SELF-DEFENSE","article_publisher":"https:\/\/www.facebook.com\/digitalnisebeobrana\/","article_author":"https:\/\/www.facebook.com\/digitalnisebeobrana\/","article_published_time":"2018-11-07T13:07:21+00:00","article_modified_time":"2018-11-07T13:55:49+00:00","author":"Milan","twitter_card":"summary_large_image","twitter_creator":"@sodomak","twitter_site":"@sodomak","twitter_misc":{"Written by":"Milan","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.digitalnisebeobrana.cz\/sifrovani-nekterych-ssd-disku-lze-obejit-ukazala-studie\/#article","isPartOf":{"@id":"https:\/\/www.digitalnisebeobrana.cz\/sifrovani-nekterych-ssd-disku-lze-obejit-ukazala-studie\/"},"author":{"name":"Milan","@id":"https:\/\/www.digitalnisebeobrana.cz\/en\/#\/schema\/person\/e932432719ebfc02a9b05e7b12047736"},"headline":"Security flaws in SSD data storage devices","datePublished":"2018-11-07T13:07:21+00:00","dateModified":"2018-11-07T13:55:49+00:00","mainEntityOfPage":{"@id":"https:\/\/www.digitalnisebeobrana.cz\/sifrovani-nekterych-ssd-disku-lze-obejit-ukazala-studie\/"},"wordCount":831,"commentCount":0,"publisher":{"@id":"https:\/\/www.digitalnisebeobrana.cz\/en\/#\/schema\/person\/e932432719ebfc02a9b05e7b12047736"},"articleSection":["Blog"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.digitalnisebeobrana.cz\/sifrovani-nekterych-ssd-disku-lze-obejit-ukazala-studie\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.digitalnisebeobrana.cz\/sifrovani-nekterych-ssd-disku-lze-obejit-ukazala-studie\/","url":"https:\/\/www.digitalnisebeobrana.cz\/sifrovani-nekterych-ssd-disku-lze-obejit-ukazala-studie\/","name":"Security flaws in SSD data storage devices - DIGITAL SELF-DEFENSE","isPartOf":{"@id":"https:\/\/www.digitalnisebeobrana.cz\/en\/#website"},"datePublished":"2018-11-07T13:07:21+00:00","dateModified":"2018-11-07T13:55:49+00:00","breadcrumb":{"@id":"https:\/\/www.digitalnisebeobrana.cz\/sifrovani-nekterych-ssd-disku-lze-obejit-ukazala-studie\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.digitalnisebeobrana.cz\/sifrovani-nekterych-ssd-disku-lze-obejit-ukazala-studie\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.digitalnisebeobrana.cz\/sifrovani-nekterych-ssd-disku-lze-obejit-ukazala-studie\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.digitalnisebeobrana.cz\/en\/"},{"@type":"ListItem","position":2,"name":"\u0160ifrov\u00e1n\u00ed n\u011bkter\u00fdch SSD disk\u016f lze obej\u00edt, uk\u00e1zala studie."}]},{"@type":"WebSite","@id":"https:\/\/www.digitalnisebeobrana.cz\/en\/#website","url":"https:\/\/www.digitalnisebeobrana.cz\/en\/","name":"DIGITAL SELF-DEFENSE","description":"","publisher":{"@id":"https:\/\/www.digitalnisebeobrana.cz\/en\/#\/schema\/person\/e932432719ebfc02a9b05e7b12047736"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.digitalnisebeobrana.cz\/en\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":["Person","Organization"],"@id":"https:\/\/www.digitalnisebeobrana.cz\/en\/#\/schema\/person\/e932432719ebfc02a9b05e7b12047736","name":"Milan","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.digitalnisebeobrana.cz\/wp-content\/uploads\/2022\/01\/logo.png","url":"https:\/\/www.digitalnisebeobrana.cz\/wp-content\/uploads\/2022\/01\/logo.png","contentUrl":"https:\/\/www.digitalnisebeobrana.cz\/wp-content\/uploads\/2022\/01\/logo.png","width":613,"height":73,"caption":"Milan"},"logo":{"@id":"https:\/\/www.digitalnisebeobrana.cz\/wp-content\/uploads\/2022\/01\/logo.png"},"description":"Jmenuji se Milan P\u016flkr\u00e1bek, pamatuji si po\u010d\u00edta\u010de bez internetu, Internet bez Google a mobiln\u00ed komunikaci bez \u0161ifrov\u00e1n\u00ed. M\u00e1m za sebou v\u00edce ne\u017e dvacet let profesion\u00e1ln\u00ed praxe v IT, p\u0159edn\u00e1\u0161\u00edm a p\u00ed\u0161u \u010dl\u00e1nky o IT bezpe\u010dnosti, kryptom\u011bn\u00e1ch a nov\u00fdch technologi\u00edch. Od roku 2014 jsem sou\u010d\u00e1st\u00ed nezikov\u00e9 organizace Paraleln\u00ed Polis v Praze.","sameAs":["https:\/\/www.facebook.com\/digitalnisebeobrana\/","https:\/\/x.com\/sodomak"]}]}},"_links":{"self":[{"href":"https:\/\/www.digitalnisebeobrana.cz\/en\/wp-json\/wp\/v2\/posts\/820","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.digitalnisebeobrana.cz\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.digitalnisebeobrana.cz\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.digitalnisebeobrana.cz\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.digitalnisebeobrana.cz\/en\/wp-json\/wp\/v2\/comments?post=820"}],"version-history":[{"count":8,"href":"https:\/\/www.digitalnisebeobrana.cz\/en\/wp-json\/wp\/v2\/posts\/820\/revisions"}],"predecessor-version":[{"id":825,"href":"https:\/\/www.digitalnisebeobrana.cz\/en\/wp-json\/wp\/v2\/posts\/820\/revisions\/825"}],"wp:attachment":[{"href":"https:\/\/www.digitalnisebeobrana.cz\/en\/wp-json\/wp\/v2\/media?parent=820"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.digitalnisebeobrana.cz\/en\/wp-json\/wp\/v2\/categories?post=820"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.digitalnisebeobrana.cz\/en\/wp-json\/wp\/v2\/tags?post=820"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}