In practice all SSDs are always encrypted because they use the encryption to whiten the data written to them. That's why "Secure Erase" takes less than a second on SSDs, it doesn't erase anything but the key.
Thanks for the correction - I expect that support is just a temporary state of affairs though. I used hardware accelerated BitLocker for a few years, and had my systems break multiple times due to BitLocker-related regressions when MS pushed updates. I can't imagine it's going to get more attention now that's it's never enabled by default.
With the caveat that this occurs in proprietary firmware which is non-trivial to audit. There have also been vulnerabilities discovered in the encryption features of disk firmware.
But AFAIK this isn't true for all solid state storage, like cheap USB memory keys. These would generally also benefit from log structured filesystems - but really should be encrypted too.
(which is one great promise of zfs on linux/openzfs - cross-platform encrypted removable storage).
Interesting! Do you happen to know which encryption algorithm is used? I would think that, if the only goal is whitening (as opposed to robust security), a fairly weak algorithm would be used, or perhaps a strong algorithm with a reduced number of rounds.
the hardware is going to use AES because their ASIC vendor will have well tested AES IP that they can just throw down on the chip. any other algorithm would require massive development effort for zero benefit.
and by using AES they can probably claim to satisfy some security standards that will make their marketing people happier.
It would need to be a fairly good algorithm to provide good "whitening", but they could be using a small or easy to guess/derive keys especially if the primary purpose is just whitening rather than security.
The algorithm probably depends on the drive, but AES-256 is common due to hardware acceleration. Read a SSD spec sheet sometime, it will likely mention it, along with supporting TCG Opal (the self encrypting drive standard).
