a trend with laptops that needs to die is this whole "lets just put the NVMe directly on the motherboard" thing. apple started it, but now other vendors have followed. i shouldn't have to do impromptu board repair to save my data.
13
21
155
Conversation
Replying to
Just FYI, but at least with Apple’s implementation, the onboard SSD is cryptographically linked with the security coprocessor. Even if you could remove the SSD, there is nothing useful that can be done (unless you count erasing the drive as useful)
1
9
Apple's SSD controller is *in* the SoC. What you can pull off of the board is basically raw flash memory with a custom interface, so not exactly easy to do data recovery on, even ignoring the crypto.
1
12
yes, on apple (especially M1) the flash memory is entirely useless if you take it off the board.
i don’t know to what extent that is true on my dell, but either way, that still sucks that it’s all on one board there too
1
2
At least there are security reasons for the crypto stuff, and security and performance reasons to put the controller in the SoC... Other vendors just solder down generic NVMe for no damn reason.
3
5
UFS/NVMe controller in the SoC is how most mobile devices work.
Snapdragon has similar inline encryption/decryption support, but it's optional to use in the wrapped key mode where the OS can't access the keys. Even when it's not in wrapped key mode, keys are usually hw bound.
3
2
The security property of preventing a past compromise of the OS from providing future decryption of storage is the only part that depends on the wrapped key support and Apple's equivalent. Pixels choose not to use that because they want to verify encryption works from the OS.
1
1
It would be nice if laptops had a secure element with the Weaver feature from the Titan M:
grapheneos.org/faq#encryption
It provides a set of slots (one per possible user) where you can store a key + value and need to provide the key to get back the value, with aggressive throttling.
TPMs are strange, usually not paired with SoC and think insider attack resistance means requiring wiping it to do a firmware upgrade instead of requiring that the owner user authenticates successfully like the Titan M approach. Maybe opentitan.org will bring sanity?
4