当许多人主动选择加密他们的数据时，其他人可能会惊讶地发现，他们当前的驱动器在没有他们输入的情况下自动进行加密。为什么？今天的超级用户问答帖子回答了一位好奇的读者的问题。

今天的问答环节是由SuperUser提供的，SuperUser是Stack Exchange的一个分支，是一个由社区驱动的问答网站分组。

照片由Roo Reynolds（Flickr）提供。

问题

超级用户读者Tyler Durden想知道为什么他的SSD内部没有密码加密数据：

I recently had an SSD fail and I am attempting to recover the data. The data recovery company has told me that it is complicated because the built-in drive controller uses encryption. I assume this means that when it writes data to the memory chips, it stores it in an encrypted format on the chips. If this is true, why would an SSD do that?

为什么SSD会在没有密码的情况下对数据进行内部加密？

答案

超级用户贡献者DragonLord为我们提供了答案：

Always-on encryption allows you to secure your data by setting a password without having to wipe or separately encrypt the data. It also makes it fast and easy to “erase” the entire drive.

• The SSD does this by storing the encryption key in plain text. When you set an ATA disk password (Samsung calls this Class 0 security), the SSD uses it to encrypt the key itself, so you will need to enter the password to unlock the drive. This secures the data on the drive without having to erase the entire contents of the drive or overwrite all data on the drive with an encrypted version.
• Having all the data encrypted on the drive also brings another perk: the ability to effectively erase it instantly. By simply changing or deleting the encryption key, all data on the drive will be rendered unreadable without having to overwrite the entire drive. Some newer Seagate hard-drives (including several newer c***umer drives) implement this feature as Instant Secure Erase(1).
• Because modern hardware encryption engines are so fast and efficient, there is no real performance advantage to disabling it. As such, many newer SSDs (and some hard-drives) have always-on encryption. In fact, most newer WD external hard-drives have always-on hardware encryption.

(1) In resp***e to some of the other comments: This may not be entirely secure c***idering that governments may be able to decrypt AES within the near future. It is, however, generally sufficient for most c***umers and for businesses who are trying to reuse old drives.

有什么要补充的解释吗？在评论中发出声音。想从其他精通技术的Stack Exchange用户那里了解更多答案吗？在这里查看完整的讨论主题。