hardware encryption

Hardware encryption is not secure

A Little History…

It was believed that hardware encryption was more secure than software encryption in the past. This belief is still held by security experts and many others. It was also true in the past.

Recent history has shown that hardware encryption is extremely vulnerable. Spectre, Meltdown and other vulnerabilities in hardware encryption were recently published. Both Spectre as well as Meltdown exploit processor flaws.

Steve Gibson, our good friend, has also highlighted severe security flaws in a hardware encrypted solid-state drive (SSD). Researchers have found that every SSD has a critical vulnerability, which makes it almost impossible to access encrypted data. Steve provided details in his Security Now podcast.

Backdoors and poor encryption standards

Back doors are a hallmark of hardware companies. Back doors are an expectation. This is possible and likely.

Poor practices can also lead to hardware encryption vulnerabilities. It is possible that encryption keys are not secure or unique to every machine.

The Solution

It is easy. Use reputable software encryption to protect your data. Software encryption will be more secure than hardware encryption. It should be widely used. Use an obscure or less-known encryption solution. Because encryption is only as secure and reliable as its weakest link, strong encryption requires meticulous perfection.