245
Tested: Windows 11 Pro's On-By-Default Encryption Slows SSDs Up to 45%
(www.tomshardware.com)
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 21 Oct 2023
245 points (95.5% liked)
Technology
34498 readers
514 users here now
This is the official technology community of Lemmy.ml for all news related to creation and use of technology, and to facilitate civil, meaningful discussion around it.
Ask in DM before posting product reviews or ads. All such posts otherwise are subject to removal.
Rules:
1: All Lemmy rules apply
2: Do not post low effort posts
3: NEVER post naziped*gore stuff
4: Always post article URLs or their archived version URLs as sources, NOT screenshots. Help the blind users.
5: personal rants of Big Tech CEOs like Elon Musk are unwelcome (does not include posts about their companies affecting wide range of people)
6: no advertisement posts unless verified as legitimate and non-exploitative/non-consumerist
7: crypto related posts, unless essential, are disallowed
founded 5 years ago
MODERATORS
Doesn't really seem like news to me, encryption makes communication slower, that's pretty standard.
Said by AutoTL;DR
As TWeaK replied to you, 20-40% is too much to say it is viable for daily usage. Most of SSD already has good encryption methods and an easy way to safely wipe data without re-writing each byte. That's efficiency.
Unless you purchase a SED-non FIPS or FIPS SSD, no, they don't
ATA Secure Erase is a god send for SSD.
Win 11 comes pre-installed with newer computers, which normally has the latest SED mechanism available. Isn't it? I don't see the need to overthink how to encrypt data if there is a method that doesn't slower your disk usage already.
Btw, hw-based encryption is always a compromise betwen security, speed and cost. And holes in the blackbox firmware can only be fixed with updates, as long as supported and if the vendor is willing to.
Yeah, that's why I just use LUKS which doesn't slow my HD almost 50%.
You’re routinely reading and writing multi gig files in daily life? O.o Do you work with video editing or something?
I would see myself saying that not long ago, but now a 50GB game is nothing unusual.
True, but you’re limited in many, many ways before the SSD. Downloading the game? Network bottleneck. Playing the game? GPU/CPU bottleneck. (Not to mention, if a game is attempting to access multiple gigs of stored data every second, there’s likely something wrong with that game.)
Installing the game, absolutely. But you only do that once, and I doubt you’re installing a 500GB game daily.
An 80gb game played in 16gb ram is always going to have work to do.
Yes, the initial install of the game is storage intensive. But again, that happens only once. I doubt you’re doing that very often.
Actually, that’s fair. I forgot some updates are just terrible.
I work with data wiping, and old drives needed to re-write multiple times (https://en.wikipedia.org/wiki/Data_erasure#Standards). That lowers the hard drive life/health, while SSD just needs to reset the encryption key.
… Then you would disable auto adoption of newly connected drives into bitlocker, would you not?
This is like complaining that the login screen pops up every time for a machine that doesn’t need security. Just change the setting instead of complaining about a niche use case.
The majority of users won’t notice a slowdown of even 50% on an SSD. It won’t effect game performance, your network will bottleneck before your SSD in any internet download, most users don’t interact with extremely large sets of data which is needed asap on the regular.
You’re essentially only going to have a problem, in daily use for the average user, in (un)packing large sets of data, or moving large sets of data between drives. Things most people don’t do regularly.
So a slight alteration to my question, how exactly does this negatively affect most users in daily usage.
Okay xD go ahead... but encrypting the encrypted makes no sense.
SSDs, unless you buy a specifically encryption supported drive, are not encrypted. If it doesn't indicate SED, SED non-FIPS or a FIPS certification level, the drive doesn't have an encryption circuit.
So good they can still use a Linux distribution with LUKS.
I don’t think you understood my comment. I said nothing about adding more encryption, in fact I said the opposite.
But is what Microsoft is doing here. Most SSD already has hardware level encryption... is what I said on the first comment...
No, they don't.
Sure, but 20-40% slower? That points to something being poorly optimised.
Yes, that's what happens when there's no hardware acceleration and it fails back to software.
They should still be using the CPU's built-in AES hardware acceleration, yes? It seems they have good reason not to trust the SSD to handle the encryption but that doesn't mean it has to be entirely implemented in software. CPU-accelerated AES shouldn't be that much slower.
This is the same as all other solutions.