CybserSecurity News

Tag: NVMe

  • Unlocking the Speed of Light: How Hardware-Accelerated BitLocker Saves Your FPS

    Microsoft has introduced a new hardware-accelerated version of its built-in BitLocker encryption in Windows 11. The feature is designed to boost performance and reduce CPU load by offloading heavy cryptographic operations to dedicated security modules within modern systems-on-a-chip. It is particularly timely as NVMe storage performance continues to rise, exposing the limitations of software-based cryptography in compute-intensive workloads.

    BitLocker has long served as a cornerstone of disk data protection: during boot, the system relies on the Trusted Platform Module (TPM) to securely manage keys and unlock storage. With the new approach, compatible hardware automatically applies the XTS-AES-256 algorithm, easing the burden on the processor and accelerating input/output operations.

    In testing, this shift resulted in a marked reduction in per-operation CPU usage, though outcomes vary depending on system configuration. The updated architecture also relocates encryption keys into protected hardware enclaves, theoretically reducing their exposure to memory-based attacks.

    The update is already available in Windows 11 starting with version 24H2 when the autumn updates are installed, and it will be fully integrated into 25H2. The first devices to support hardware-accelerated BitLocker are systems built on Intel vPro platforms with third-generation Intel Core Ultra “Panther Lake” processors, with additional SoC vendors expected to follow. Users can verify the encryption mode via the manage-bde -status command, which will indicate “Hardware accelerated” as the method in use.

    Despite the optimism surrounding faster encryption, real-world incidents suggest that built-in security mechanisms are increasingly attracting adversarial attention. In a recent attack on Romania’s water infrastructure, thousands of workstations were locked using Windows’ native BitLocker, crippling critical services and prompting intervention by national cyber incident response teams.

    Such cases raise an uncomfortable question: could hardware acceleration exacerbate the problem? On one hand, it promises higher performance and stronger key protection; on the other, it may enable the automation of malicious workflows built entirely on legitimate system tools, allowing near-instant, invisible encryption that leaves defenders little time to respond.

  • Unlocking the Speed: Windows Server 2025 Delivers 80% IOPS Boost with New Native NVMe Stack

    As early as the spring of 2024, Microsoft promised a substantial performance boost for Windows Server 2025 on modern NVMe storage, even citing a concrete figure: up to a 70 percent increase in IOPS compared with Windows Server 2022. At the time, this sounded like one of those rare cases where “storage subsystem optimization” translated into something more than marketing rhetoric—into a genuinely measurable gain. Eighteen months later, the company has now officially confirmed that native NVMe support has indeed arrived in Windows Server 2025.

    The feature became available once Windows Server 2025 reached general availability and was delivered via the October 2025 Patch Tuesday update (KB5066835). One important caveat remains: it is currently opt-in. The functionality is disabled by default, requiring administrators to enable it manually.

    Notably, Microsoft has raised the bar on its original promises. While the roadmap initially referenced roughly a 70 percent IOPS uplift, the company now speaks of an improvement closer to 80 percent—an increase of ten percentage points over earlier claims. In addition, Microsoft cites approximately 45 percent savings in CPU cycles per I/O operation in 4K random read scenarios on NTFS volumes. In other words, the gains extend beyond raw throughput to include a meaningful reduction in the processor overhead consumed by disk access itself.

    The underlying explanation is surprisingly straightforward. Historically, Windows has built much of its storage stack around the SCSI model, an approach originally designed for spinning hard drives. With Windows Server 2025, the system no longer attempts to treat all storage devices as SCSI by default. For NVMe, this translates into a far more direct path to the hardware’s capabilities. In Microsoft’s own terms, native NVMe enables true multi-queue access, eliminates unnecessary synchronization and locking within the kernel I/O path, reduces latency, and offloads the CPU—leaving more resources available for application workloads.

    The rollout is deliberately designed to give administrators room to assess both impact and risk within their own environments. Microsoft provides two activation paths: via the registry or through Group Policy. The registry method involves a PowerShell command that adds a key under FeatureManagement Overrides, after which the system begins using the native NVMe stack. Alternatively, administrators can deploy an MSI policy package and enable the corresponding setting through the Local Group Policy Editor.

    One particularly intriguing aside in Microsoft’s documentation is the observation that, thanks to the NVMe 2.0 specification, NVMe can theoretically apply not only to SSDs but also to HDDs. In practice, however, the real significance of this change for Windows Server 2025 lies squarely in unlocking the full potential of NVMe SSDs in server workloads.

    Given that Windows Server 2025 and Windows 11 24H2 share a closely aligned codebase—and that Windows 11 25H2 is reportedly continuing along the same servicing branch—a natural question arises: could similar storage subsystem improvements eventually matter for desktop Windows as well? Microsoft has made no explicit promises, but the broader logic of platform unification suggests that such optimizations may gradually find their way into client builds. If they do, the impact could be especially compelling for heavy I/O workloads and gaming scenarios.

  • Kioxia Unveils World’s Largest SSD: The LC9 Boasts a Staggering 245.76TB Capacity

    Flash memory manufacturer Kioxia has recently unveiled the world’s highest-capacity solid-state drive, the Kioxia LC9, offering an astounding maximum capacity of 245.76TB—enough to store approximately 12,500 movies at 4GB each.

    Technically, the LC9 employs BiCS8 2Tb 3D QLC NAND flash memory and an unspecified controller chip that supports the NVMe 2.0 protocol. It interfaces via PCIe 5.0 x4 and features dual-port functionality. The drive comes in multiple form factors: U.2 (up to 122.88TB), E3.S (also up to 122.88TB), and E3.L (up to 245.76TB). Achieving such density in the E3.L form factor likely requires packaging at least 32 NAND chips into individual 8TB units, which are then connected to the controller—potentially more when factoring in redundancy.

    Kioxia claims this packaging method has set a new benchmark for SSD density, made possible through its proprietary wafer processing and assembly techniques. The company envisions future iterations delivering even higher capacities within standard SSD dimensions.

    In terms of performance, the LC9 delivers sequential read speeds of up to 12,000 MB/s and write speeds of up to 3,000 MB/s. Random read performance peaks at 1,300K IOPS, while write performance reaches 50K IOPS.

    Admittedly, these speeds are modest by enterprise-grade PCIe 5.0 SSD standards, but represent a deliberate compromise between capacity and performance. Ensuring signal integrity across 32 QLC NAND packages presents a formidable engineering challenge, and trading some interface performance for massive storage capacity is a necessary concession.

    Kioxia has also incorporated advanced reliability and data protection features into the LC9, including chip-level data recovery, parity-based error correction, and safeguards against sudden power loss. The drive further supports intelligent data placement and reduced write amplification to extend its lifespan—a crucial consideration given its use of QLC flash in data center environments, where endurance remains a critical concern.

  • Kingston Unveils NV3 PCIe 4.0 NVMe M.2 2230 SSD: High-Speed Storage for Steam Deck, ROG Ally & Ultrathin Laptops

    Kingston has announced an expansion of its NV3 series PCIe 4.0 NVMe SSD lineup, introducing a new variant that supports the compact M.2 2230 form factor. Designed for ultrathin laptops, handheld gaming consoles, and other portable devices, this addition delivers a high-speed, low-power NVMe storage upgrade tailored for space-constrained environments.

    The newly launched M.2 2230 NV3 PCIe 4.0 NVMe SSD features a streamlined single-sided design, measuring just 22×30 mm, with capacities of up to 2TB. It is compatible with devices such as the Steam Deck, ROG Ally, and Microsoft Surface series that support the M.2 2230 specification.

    Built on the PCIe Gen4 x4 interface, this NVMe SSD offers impressive performance with read speeds of up to 6000MB/s and write speeds reaching 5000MB/s, significantly enhancing data access efficiency. Whether for gaming, content creation, or multitasking office workflows, it ensures seamless transitions and accelerated responsiveness.

    Targeting mobile entertainment enthusiasts and users with demanding performance needs, Kingston emphasizes that the NV3 series in the M.2 2230 form factor not only delivers high-speed capabilities but also maintains exceptional stability and durability, ensuring a dependable storage experience.

    Available in 500GB, 1TB, and 2TB capacities to suit varying user requirements and budgets, the new SSDs support Kingston’s SSD Manager software—enabling users to monitor drive health, firmware versions, and wear status for long-term reliability. Additionally, each product includes a one-year license for Acronis True Image for Kingston, allowing for effortless data backups, system migration, and seamless upgrades from existing devices.