If you set up hardware encryption, be sure to change the master password and set the security level to maximum.
Be aware, this password is different than the Physical Secure ID (PSID) printed on the front of the disk. PSIDs are used when the release to reset command doesn’t work, typically due to key issues, and the drive gets “locked”.
You use the PSID to run a revert to factory defaults command, unlocking the drive. Since this triggers the drive to release its’ key, the drive is considered “cryptographically erased” when you do this.
If you revert the drive, data on it is unrecoverable.
If you’re going to revert a drive, I suggest using a QR Code reader to get the PSID off the drive. Some venders are sadists with the font they choose making it so much fun to figure out if it’s a 1, l i I I O or 0…
It sounds like the article is an update to the age old performance issue discussions between hardware and software RAID solutions.
If you use a software solution for anything where there’s a dedicated hardware solution, the software solution is always slower due to CPU overhead.
Article recommendation boils down to: If you’re going to use encryption, and you want your full disk speed, use a hardware encryption solution. In their test their hardware supported OPAL.
No, they don’t.
SSDs, unless you buy a specifically encryption supported drive, are not encrypted. If it doesn’t indicate SED, SED non-FIPS or a FIPS certification level, the drive doesn’t have an encryption circuit.
Most of SSD already has good encryption methods
Unless you purchase a SED-non FIPS or FIPS SSD, no, they don’t
and an easy way to safely wipe data without re-writing each byte.
ATA Secure Erase is a god send for SSD.
Replacement for X server