Last year, security researchers found that most SSD hardware encryption schemes have weaknesses and are easily cracked. The solid-state hard drives that the researchers tested at the time were not lacking in the well-known brands of Samsung. These high-end SSDs basically have hardware encryption. Surprisingly, however, these built-in hardware encryption security is worrying, given that Microsoft decided to switch the default encryption scheme to Microsoft’s software encryption.
The update released by Microsoft this week has switched the Windows 10 LTSC 2016 default encryption scheme to software encryption. The so-called software encryption is encrypted using Windows Bitlocker provided by Microsoft. Microsoft believes that the encryption scheme of its own software is not worse than hardware encryption. Only after the serious security flaws were discovered, Microsoft felt that these hard disk manufacturers were even more unreliable, so Microsoft now decided to switch the default way to software encryption. Here’s the exact update Microsoft said it made in KB4516071: “Changes the default setting for BitLocker when encrypting a self-encrypting hard drive. Now, the default is to use software encryption for newly encrypted drives. For existing drives, the type of encryption will not change.”
In addition, if users are using Windows 10 Version 1709 Enterprise Edition and Education Edition, Microsoft will also replace the default scheme with a software encryption scheme.