I'm glad to see that Synology will release volume encryption in DSM 7.2. The one large weakness volume encryption has, both on NAS and on computers, is that the encryption keys remain unencrypted in live memory and this can be extracted by an potential attacker.
To mitigate this some systems have implemented memory encryption, or some times encryption of keys in memory. I know the DS923+ and the DS1522+ comes with the AMD Ryzen R1600 embedded processor. This processor supports full memory encryption, but usually it has to be enabled in BIOS as its deactivated by default.
Do any of you know if memory encryption can be enabled on the 1522+ or the 923+?
I think the memory is solded to the DS920+, so memory enryption wont be needed on that device, even if the processor doesnt support memory encryption.
I asked Synology, but I got in an email a response that the Synology has AES-processor, so its safe. And that was not what I was asking.
PS! If you're here to post the "hit him with the wrench" comic or talk about unrealistic threat model, please refrain from commenting. Its not relevant to the question.
To mitigate this some systems have implemented memory encryption, or some times encryption of keys in memory. I know the DS923+ and the DS1522+ comes with the AMD Ryzen R1600 embedded processor. This processor supports full memory encryption, but usually it has to be enabled in BIOS as its deactivated by default.
Do any of you know if memory encryption can be enabled on the 1522+ or the 923+?
I think the memory is solded to the DS920+, so memory enryption wont be needed on that device, even if the processor doesnt support memory encryption.
I asked Synology, but I got in an email a response that the Synology has AES-processor, so its safe. And that was not what I was asking.
PS! If you're here to post the "hit him with the wrench" comic or talk about unrealistic threat model, please refrain from commenting. Its not relevant to the question.