SoylentNews is people
SoylentNews
Big things can come in small packages. According to Computerworld, Samsung has released the world's first 2 TB consumer SSDs:
Samsung today announced what it is calling the first multi-terabyte consumer solid-state drive (SSD), which will offer 2TB of capacity in a 2.5-in. form factor for laptops and desktops.
[...] The 850 Pro is designed for power users and client PCs that may need higher performance with up to 550MBps sequential read and 520MBps sequential write rates and up to 100,000 random I/Os per second (IOPS). The 850 EVO SSD has slightly lower performance with 540MBps and 520MBps sequential read/write rates and up to 90,000 random IOPS.
The 2TB model of the 850 Pro will retail for $999.99 and the 850 EVO will sell for $799.99.
The 1TB EVO SSD will retail for $399; the 500GB for $179; the 250GB for $99 and the 120GB for $69. The 1TB 850 Pro will retail for $499; the 512GB model for $259; the 256GB model for $144.99 and the 128GB model for $99.
[...] Samsung guarantees the 2TB 850 Pro for 10 years or 300 terabytes written (TBW), and the 2TB 850 EVO for five years or 150 TBW.
To put that in perspective, there are approximately 7 billion people on earth. One of these drives has sufficient space to keep about 285 bytes of information on every single person on the planet! Put another way, that is over 6 KB for every single person in the USA.
(Score: 4, Interesting) by lentilla on Tuesday July 07 2015, @10:39AM
Per the linked article:
both SSD models come native with full AES 256-bit full disk encryption capability
I'm not sure I'd trust it. Am I being overly paranoid? Sure, it will prevent a casual laptop thief from trawling your files but I figure that's about as good as it gets.
I'd probably use a full disk encryption layer over the top - mightn't even bother turning the disk's encryption on.
I had one computer where I used the SSD's native encryption and then subsequently attempted to move that SSD to a new computer. The new computer didn't like it at all - couldn't even wipe the disk. Had to move it back to the old computer, turn off the encryption, then move it back to the new computer and then everything was fine. Might just have been an incompetent BIOS - I hope matters have improved since.
(Score: 3, Disagree) by VLM on Tuesday July 07 2015, @11:27AM
The purpose is probably to boost block size. So changing a single bit in a file (Capitalizing something?) will result in many bits of the file changing so they use up the limited writes faster and get to sell another sooner. Most encryption algos aren't exactly perfect hash algos but "usually" "often enough" changing one bit will change a hell of a lot more than one bit downstream.
Also you have to be realistic about encryption. Its a waste of time and effort to encrypt my copy of 'ls' when its the same old copy a bazillion freebsd mirrors already distribute for amd64. I do use encfs-over-dropbox for a handful of really important things total less than a meg, but its generally unnecessary other than PHBs and checkboxes on checklists.
(Score: 3, Insightful) by Dunbal on Tuesday July 07 2015, @12:04PM
So changing a single bit in a file (Capitalizing something?) will result in many bits of the file changing so they use up the limited writes faster and get to sell another sooner.
You're being paranoid. Of course you could have hard drive manufacturers planning obsolescence into their products. It would be suicide for that company and for the brand. Because what consumers are looking for in a hard drive is - RELIABILITY. Ask OCZ how shipping cheap shitty hard drives worked out for them as a strategy?
(Score: 5, Informative) by Anonymous Coward on Tuesday July 07 2015, @01:49PM
The purpose is probably to boost block size. So changing a single bit in a file (Capitalizing something?) will result in many bits of the file changing so they use up the limited writes faster and get to sell another sooner.
Please refrain from proclaiming on topics you are ignorant of. Like all disks implementing AES full-disk encryption they use CBC (chained-block-cipher) mode which breaks the data-stream up into discrete blocks sized to matched the size of the SSD's block-size. Any other configuration would absolutely kill performance - having to write multiple blocks for a single bit change.
(Score: 5, Touché) by DeathMonkey on Tuesday July 07 2015, @05:34PM
Please refrain from proclaiming on topics you are ignorant of.
If everyone did that there would be no comments on this site!
(Score: 2) by Kilo110 on Tuesday July 07 2015, @02:53PM
Encryption is already used on every modern ssd since repeated patterns are bad for data retention. It's just the master key is blank.
Also write endurance on modern ssds are a non issue. Even the worst ssd lasted many hundreds of terabytes of writes, with the longest lasting multiple petabytes
http://techreport.com/review/27909/the-ssd-endurance-experiment-theyre-all-dead [techreport.com]
(Score: 0) by Anonymous Coward on Tuesday July 07 2015, @03:12PM
> Encryption is already used on every modern ssd since repeated patterns are bad for data retention. It's just the master key is blank.
I don't believe you. If that were true then all modern SSDs would expose that interface to the users so that they could use non-blank master keys. I don't even believe you that "repeated patterns are bad for data retention." You are encourage to provide reputable 3rd party support for your claims.
(Score: 3, Insightful) by WillR on Tuesday July 07 2015, @03:36PM
If that were true then all modern SSDs would expose that interface to the users so that they could use non-blank master keys.
Um.... No.
"Exposing this hardware feature would cost X more hours of contract dev time, so we left it hidden" is very much a thing. The things your average cheap home router can do when it isn't saddled with firmware written by the lowest bidder, working to a spec designed by marketing drones to preserve sales of high-margin "enterprise" devices would shock and appall you.
(Score: 0) by Anonymous Coward on Tuesday July 07 2015, @09:01PM
> "Exposing this hardware feature would cost X more hours of contract dev time, so we left it hidden" is very much a thing.
That's only plausible if you ignore the fact that full-disk encryption is a very marketable feature. Nowadays everybody wants their disks encrypted, stuff like HIPAA mandates it for healthcare businesses, regular people don't want their data falling into the wrong hands if their laptop gets stolen.
Note that you did not provide any proof of the OP's claims.
(Score: 2) by Kilo110 on Tuesday July 07 2015, @05:57PM
Wow, a little civility goes a long way. You are encouraged to not sound like an ass when conversing with others.
Anyway...
Every mlc SSD uses some form of data randomization. Encryption is a common way to achieve that. Enjoy http://soc.yonsei.ac.kr/Abstract/International_journal/pdf/106_Data%20Randomization%20Scheme%20for%20Endurance%20Enhancement%20and%20Interference%20Mitigation%20of%20Multilevel%20Flash%20Memory%20Devices.pdf [yonsei.ac.kr]
Also, as the other reply said, adding that feature costs money to develop so not every product will have it. I use a crucial m500 which supports eDrive on my bitlocker windows laptop. eDrive is a MS implementation of changing the master key. So I get instant "encryption" times with zero performance loss.
And yes, it's very common for potential features to be omitted due to time and cost constraints.
(Score: 2, Disagree) by Anonymous Coward on Tuesday July 07 2015, @09:20PM
> Wow, a little civility goes a long way. You are encouraged to not sound like an ass when conversing with others.
Whose the bigger ass, the guy makes a bullshit claim or the guy who calls them on their bullshit?
You bluntly asserted a falsehood, you've got no standing to whine about being bluntly challenged.
Actual working link to the cited paper, [etri.re.kr] thank you very much.
Cited paper says absolutely nothing about encryption at all.
> I use a crucial m500...
Me too! Twinsies!
> And yes, it's very common for potential features to be omitted due to time and cost constraints.
And as I said in response - full-disk encryption is a very marketable attribute, the marginal cost of exposing it to the BIOS using the standardized SATA command-set is tiny compared to the increased value in the marketplace making it a no-brainer. Perhaps not on the first firmware revision in the rush to market, but any update afterwards would certainly contain it. Citing another soylent post that itself contains no citations is not even close to a "reputable 3rd party support."
(Score: 2) by Kilo110 on Wednesday July 08 2015, @03:39PM
Easily the latter as you are perfectly capable of refuting a claim without being an ass. Sorry bro, you're being an unnecessary asshole and trying to justify your attitude by blaming my supposedly incorrect statement doesn't change that. Learn some social skills. I hope you know how to behave in public as there are more penalties for that behavior in that realm than online.
I said patterns are bad. You said I was wrong. I provided a paper to show I'm right when I said patterns are bad. Encryption is one way to break up patterns and it has other benefits too. Compression is another method. There are others, one such was outlined in the paper I linked.
And who knows why companies don't show the feature. Maybe it's product and market segmentation (enterprise drives get it but consumer drives don't). Maybe some idiot somewhere in management or accounting decided not to add it to save a few bucks. Samsung disks got firmware updates adding edrive to many ssd 1-2 years ago. More companies are coming around to it. The feature exists but often isn't given to the user. The world isn't ideal. Get over it.
(Score: 2) by hankwang on Wednesday July 08 2015, @06:59AM
"every mlc SSD uses some form of data randomization. Encryption is a common way to achieve that."
Encryption is not a common way to achieve that; it's an expensive way. The paper you cited (link provided by the helpful AC) talks of an 8-bit pseudorandom generator, presumably with a period of 255. A decent encryption (AES) will require vastly more silicon to deal with 500 MB/s throughput.
Avantslash: SoylentNews for mobile [avantslash.org]
(Score: 2) by Kilo110 on Wednesday July 08 2015, @03:42PM
No on-die aes hardware acceleration has been common for many years now on pretty much all the major ssd controllers.
He's a link to a roundup of various ssds and their implementation status. This link is several years old. It has only improved since then.
http://vxlabs.com/2012/12/22/ssds-with-usable-built-in-hardware-based-full-disk-encryption/ [vxlabs.com]
(Score: 2) by TheRaven on Wednesday July 08 2015, @08:22AM
sudo mod me up
(Score: 2) by forkazoo on Tuesday July 07 2015, @05:52PM
Endurance being a "non issue" depends somewhat on workload and industry. Typical file server or SOHO tasks are fine. If you are running a CG compositing workstation doing Nuke comps in 4K or higher, caching several TB of images per work day can actually be very normal and you could run into 100 TB in something like a month of heavy use. SSD as cache frontend in a large (PB+) storage cluster server serving many (100's + ) heavy users can see even higher usage.
But yeah, in practice something else goes before literal flash endurance exhaustion in most workloads. The desktop machine I am writing this post on has a ~4 year old SSD that still seems to work fun. (Though its twin that was purchased at the same time gave up over a year ago, so I should probably start being pretty paranoid...)
(Score: 0) by Anonymous Coward on Tuesday July 07 2015, @12:49PM
These firmware-encrypted devices almost always use your computers TPM (trusted computing) chip to authenticate. I don't trust it, usually have it disabled, and use full disk encryption provided by the OS.
Yes, I know that FDE on Linux is completely insecure because of the whole unencrypted boot partition, and while I prefer OpenBSD's FDE approach, I think a similar true disk encryption method is slated for Linux 4.2.
(Score: 5, Insightful) by LoRdTAW on Tuesday July 07 2015, @01:39PM
Sounds like the disk encryption worked exactly as it should. Think about that. If you are paranoid enough to enable full disk encryption, why even consider that disk be useable on a foreign machine?
(Score: 2) by lentilla on Tuesday July 07 2015, @02:30PM
I hadn't considered it like that! Given that I "unlocked" the drive with a password on the old computer, I expected it to unlock on the new computer with the same password. It hadn't occurred to me that it would be locked to the original computer.
There are times when having a disk locked forever to its original host could be useful. On the other hand, I like knowing that if a computer dies I can at least read the data off the disk on another machine.
These Samsung drives in the parent article - would they only be accessible to the computer that originally locked them? So (for instance), if the CPU fries, the data on the disk is effectively gone?
If you are paranoid enough to enable full disk encryption
I strongly believe all computers should have full disk encryption - even if it has a blank passphrase. We store too much of our identity that letting people resurface from a dumpster-dive with a digital treasure trove is too much of a risky proposition. Even with a blank passphrase, trashing the contents of your disk is as simple as deleting the key and only takes a few seconds.
(Score: 2) by tangomargarine on Tuesday July 07 2015, @03:04PM
Not having the data be readable on another machine doesn't preclude the ability to wipe and start from scratch, I wouldn't think.
"Is that really true?" "I just spent the last hour telling you to think for yourself! Didn't you hear anything I said?"
(Score: 2) by LoRdTAW on Tuesday July 07 2015, @03:14PM
I would almost consider that a feature. Then again, if your computer craps out, then how would you ever recover? Then again ... backups.
(Score: 2) by TheRaven on Wednesday July 08 2015, @08:25AM
sudo mod me up