Question Effectiveness of hardware-encrypted NVMe M.2 SSDs

[Cliychah]

Before building a PC, and while searching for the best practices of making PCs more secure, I came across online articles and YouTube videos recommending the use of Password Managers, Antivirus/Internet Security suits, 2FA and YubiKeys, safe web browsers and web browsing habits, TOR and VPNs, etc., but such sources did not even recommend or mention the effectiveness of hardware-encrypted NVMe M.2 SSDs against security threats such as viruses and other malware.

Such include the Samsung 990 Pro, 980 Pro and 980, and SK Hynix Platinum P4.

What is the effectiveness of hardware-encrypted NVMe M.2? Does it work most of the time?

Learning more about real-world effectiveness by PC users of hardware-encrypted NVMe M.2 SSDs will help me to decide if I should use one when building my PC.

 

[kanewolf]

Before building a PC, and while searching for the best practices of making PCs more secure, I came across online articles and YouTube videos recommending the use of Password Managers, Antivirus/Internet Security suits, 2FA and YubiKeys, safe web browsers and web browsing habits, TOR and VPNs, etc., but such sources did not even recommend or mention the effectiveness of hardware-encrypted NVMe M.2 SSDs against security threats such as viruses and other malware.

Such include the Samsung 990 Pro, 980 Pro and 980, and SK Hynix Platinum P4.

What is the effectiveness of hardware-encrypted NVMe M.2? Does it work most of the time?

Learning more about real-world effectiveness by PC users of hardware-encrypted NVMe M.2 SSDs will help me to decide if I should use one when building my PC.

Effectiveness against what? Virus? An erased encrypted file is still gone. An entire volume that has been encrypted a second time is still inaccessible.
The same behavior that is done by legitimate applications is done by malicious ones. The disk does not know the difference.
Generally the encryption protects the files if the disk is removed from the original system.

 

[Cliychah]

Effectiveness against what? Virus? An erased encrypted file is still gone. An entire volume that has been encrypted a second time is still inaccessible.
The same behavior that is done by legitimate applications is done by malicious ones. The disk does not know the difference.
Generally the encryption protects the files if the disk is removed from the original system.

I believe I understand your answer. It seems the benefit to having a hardware-encrypted SSD is to protect against a house theft in which the thief physically steals the SSD (or entire the PC) and cannot have access to the encrypted files in it.

As for viruses, it seems the virus/malware can delete all encrypted files, but cannot decrypt them (assuming the encryption password is strong). And if the amlware erases the SSD drive, then it becomes unusable.

Question:
suppose a hacker steals documents such as PDFs and photos from a hardware-encrypted SSD, will the hacker be able to open those files and see them for what they are, or will those files be encrypted? (just trying to understand how hardware-encrypted SSD works so I can decide if it would be of any benefit for me given the extra price tag).

 

[kanewolf]

I believe I understand your answer. It seems the benefit to having a hardware-encrypted SSD is to protect against a house theft in which the thief physically steals the SSD (or entire the PC) and cannot have access to the encrypted files in it.

As for viruses, it seems the virus/malware can delete all encrypted files, but cannot decrypt them (assuming the encryption password is strong). And if the amlware erases the SSD drive, then it becomes unusable.

Question:
suppose a hacker steals documents such as PDFs and photos from a hardware-encrypted SSD, will the hacker be able to open those files and see them for what they are, or will those files be encrypted? (just trying to understand how hardware-encrypted SSD works so I can decide if it would be of any benefit for me given the extra price tag).

Assuming the original OS is running with the virus then the virus has access to all the files. If a bootable USB is used and that has a virus, then the disk may not be accessible. It depends on the scenario.

 

[fzabkar]

Each drive ships with a unique key. This key transparently encrypts the data during writing and decrypts it during reading.

When you set a password, this password encrypts the key. All copies of the original key are then discarded. The only way to recover the original key is to supply the correct password which then decrypts the encrypted key.

The advantage is that any attacker who is able to gain access to the raw data in the NAND array will only see gibberish rather than plain text. Of course, the password should be discarded as well.

http://www.hddoracle.com/viewtopic.php?p=12048#p12048