That’s not actually the mode in which I use my 850 it’s in “high” security mode, as that is the only option in the BIOS, but the master password is set (to be the same as the user password). In the “maximum” security ATA mode, the 850 Evo is listed as not vulnerable. If the BIOS/UEFI allows you to set maximum security mode, that means the master password cannot be used to unlock the drive or to remove the user password. It’s up to the BIOS maker to offer the possibility of setting both passwords, and for the user to understand that they both must be set (and further, that they’re not the same as the BIOS/UEFI password, which can really be confusing to some people). Note that this isn’t really a vulnerability– this is the expected behavior as defined in the ATA spec. If the master password is not set, there’s essentially no security. If the master password is not set, it remains at the default setting, whatever that may be, and it can be used to unlock the drive or to remove the user password without actually knowing the user password. I read much about this possibility when I first set up my 850 Evo (bought in a Black Friday sale just over 2 years ago)… you set the user password, but the master password isn’t necessarily set (there may not be an option to set it in the BIOS/UEFI, but it’s there in the drive anyway, as it is part of the ATA spec). The chart published in this article shows that one of the SSDs I use for its self-encryption capabilities, the 850 Evo, is only vulnerable in the ATA mode in “high” security.
0 kommentar(er)
