Skip to main content

A speed benefit in solid-state disk design opens them up for attack

ssd design contains data corruption vulnerability ps4 pro how to7
Image used with permission by copyright holder
Solid-state disks (SSDs) offer some serious benefits over their older hard-disk drive (HDD) siblings. SSDs are faster by orders of magnitude than HDDs, and they’re fundamentally more reliable — particularly for mobile devices where moving parts can be affected by movement and drops.

As SSD pricing has dropped from being significantly more expensive than HDDs to only a little more expensive, the price-to-performance ratio has improved to where SSDs have become by far the preferred storage device. However, some new information suggests that SSDs aren’t perfect and bring a unique vulnerability to particular kinds of attacks, as ExtremeTech reports.

Recommended Videos

The details are complex and require digging into the details of how SSDs are designed and how they work. Researchers at Carnegie Mellon University were the first to uncover the flaw, and their findings are covered in copious technical detail in a recently published paper.

In simpler terms, the vulnerability affects particular kinds of SSDs that are based on multilevel cell (MLC) technology, which make up the majority of those currently being sold and developed. The vulnerability in question does not affect older single-level cell (SLC) devices. The most advanced 3D NAND flash used in some SSDs are not affected yet but could be affected in future designs.

The vulnerability leverages a design quality of MLC-based SSDs that actually confers some benefits, including lower latency and better performance. The problem stems from the fact that data is written into a buffer directly from the individual flash cell that’s going to be written and not from the SSD’s flash controller.

Again, it’s all very technical, but basically, data can be corrupted by an attacker introducing interference and introducing errors during the programming process. That can result in corrupted data and actual damage to an SSD.

The solution would be to buffer data into the SSD flash controller and allow the controller to correct errors. The problem with this response is that it would also increase latency by around 5 percent and thus reduce performance — something that manufacturers might not be quick to do in the consumer market in particular given the important of raw speed to selling SSDs.

In any event, there’s something else to worry about to go along with the waves of malware and ransomware attacks we’ve seen lately. Our SSDs aren’t as safe as we thought they were, and that’s all we needed.

Mark Coppock
Mark Coppock is a Freelance Writer at Digital Trends covering primarily laptop and other computing technologies. He has…
We just got our first hint of the RTX 6090, but it’s not what you think
A hand grabbing MSI's RTX 4090 Suprim X.

As we're all counting down the days to a possible announcement of Nvidia's RTX 50-series, GPU brands are already looking ahead to what comes next. A new trademark filing with the Eurasian Economic Commission (EEC) reveals just how far ahead some manufacturers are thinking, because it mentions not just the Nvidia RTX 5090, but also an RTX 5090 Ti; there's even an RTX 6090 Ti. Still, it'll be a long while before we can count the RTX 60-series among the best graphics cards, so what is this all about?

The trademark registration filing, first spotted by harukaze5719 on X (formerly Twitter) and shared by VideoCardz, comes from a company called Sinotex International Industrial Ltd. This company is responsible for the GPU brand Ninja, which doesn't have much of a market presence in the U.S.

Read more
How the Blue Screen of Death became your PC’s grim reaper
The Blue Screen of Death seen on a laptop.

There's nothing more startling than your PC suddenly locking up and crashing to a Blue Screen of Death. Otherwise known as a Blue Screen, BSOD, or within the walls of Microsoft, a bug check screen, the Blue Screen of Death is as iconic as it is infamous. Blue Screen of Death is not a proper noun, but I'm going to treat it like one. It's what you were met with during crashes on Intel's 14th-gen CPUs, and it littered airport terminals during the recent CrowdStrike outage.

Everyone knows that a Blue Screen is bad news -- tack on "of Death" to that, and the point is only clearer. It's a sign that something catastrophic has happened, so much so that the operating system can't recover, and it needs to reboot your PC in order to save it. The Blue Screen of Death we know today, fit with its frowning emoticon, is a relatively new development in the history of Windows.

Read more
The performance downgrade made to the M4 Pro that no one is talking about
Someone using a MacBook Pro M4.

I've spent this whole week testing the new M4 chip, specifically the M4 Pro in both the Mac mini and 16-inch MacBook Pro. They are fantastic, impressive chips, but in my testing, I noticed something pretty surprising about the way they run that I haven't seen others talk much about. I'm talking about the pretty significant change Apple made in this generation to power modes.

First off, Apple has extended the different power modes to the "Pro" level chips for the first time, having kept it as an exclusive for Max in the past. The three power modes, found in System Settings, are the following: Low Power, Automatic, and High Power. The interesting thing, however, is that in my testing, the Low Power drops performance far more this time around.

Read more