DriveLock on Compaq/HP Laptops?

whois asks: "I just purchased a new Compaq laptop and noticed a feature in the BIOS called 'DriveLock'. It locks the drive so a password has to be entered on startup. If you take the drive out and put it in a system without a drivelock BIOS, the system can't boot from the drive. There is very little information on the web about this feature. Most people talk about what happens if you lose your password (buy a new drive) and what happens if you want to reuse the drive in other machines (you can't). What I want to know is the tech specs on this. Is it security through obscurity, and just sets a password in the drive BIOS, or is it doing encryption in hardware? My guess is it's the former, but I'm submitting to find out if anyone knows the real story. Here is an HP doc that mentions it in passing." According to information provided by the included links, this "feature" isn't something you can disable, either. Are we likely to see more manufacturers tie hardware together like this, in the future?

Isn't this what the XBOX does?

[balamw]

Sounds like the same ATA standard passwords that the XBOX uses. See for example http://www.siliconice.net/XBOX/Guides/hdd_password .shtml

Balam

It is,

[His+name+cannot+be+s]

It is most likely just using the ATA password feature present on most ATA drives. Some mfrs don't implement them, but alot do.

XBOX, UltimateTV and other systems use this to stop you from accessing the drive.

I beleive there is two passwords for the drive, an OEM password and a user password.

nothing magical here folks..

ATA Spec

[MountainLogic]

Since ATA-4, IIRC, there has been a password call to which drives will respond. The password locatoin is not accessable to the user, could be stored in FLASH on the HDD board or on the disc proper depending on the mfg. Most drivres give you x tries (apx 4???) and then lock-up forever. I'm sure that there is a back door, but don't expect to get it unless you live in San Jose and buy lots of pizza & bear for HDD firmware engineers. The one flaw in the system is that it is easy to sniff the ATA bus and read the password when it is written. I assume that this is the flaw for x-box.

Re:ATA Spec

[Quikah]

According ot HP/Compaq it is based on ATA-3 specifications. There is a whitepaper discussing it here.

Re:ATA Spec

[Isomer]

The "permanently" is until the next power cycle. There are 5 attempts before you have to completely power cycle the drive, therefore slowing down brute force attacks on the password.

You can reset the password but you lose all the data currently on the drive, look up SMART, I believe smartmontools under linux can tinker with these settings.

Can't be disabled?

[gaj]

According to the text of the third link (I know, I know, WTF am I doing reading the links? And I'm not even new here), it appears that DriveLock must be enabled.

1. When the DriveLock function is enabled and the User Password is forgotten, the device can be unlocked using the Master Password. [first footnote, first page, emphasis mine]

If anyone has evidence that HPaq sells laptops with DriveLock permanently enabled, I'd love to hear about it, as I'm shopping for a new machine. (OT, but currently my short list is down to the Dell Inspiron 8600 or the IBM ThinkPad T40, but I'm considering HPaq as a budget alternative, as both of the above are a bit more than I really want to spend)

ATA standard

The Hard Disk ATA Standard allows for a hard rive to be locked, and unlocked. The passwords (user, and master) are not on the platter, but stored in a register on the controller board. The logic sequence on boot up is to check if the drive is locked, and if it is it won't unlock the drive until the proper command, then the password is sent to the drive.

Re:Use the fdisk, Luke!

[DA-MAN]

The machines tend to fail to recognize the hard disk when the password is not entered. When you do boot up off a dos floppy to attempt to fdisk, it doesn't find any hard disks (assuming it's the only disk in the machine).

Same Issue

[DA-MAN]

My friend gave me an HD that he didn't need anymore, and it had a password set. My laptop did not recognize the drive when I didn't enter the password and my friend didn't remember his password.

Just by dumb luck, I happen to have an external USB enclosure and I figured what the hell. I put the drive in this and it worked fine as an external drive. However no amount of fdisk'ing, low level formatting or anything would remove the password. Oh well, it makes for a great Ghost'ing/portable hd that works (with fat16 or fat32) with just about every major OS out there.

I believe it stores the information in some sort of NVRAM on the hard disk. Using a dumber implementation of IDE (I.E. the USB Enclosure) got around it, so it must require the BIOS to honor the password stored in NVRAM. Don't know much else.

These guys say they can help

[dhwebb]

Nortek claims that they can do it. They have 3 options for recovery: unlock - $85, unlock & certify - $145, and unlock, retrieve and restore data, and certify - $295.

I received some toshiba(I think) laptop hdd's one time and they all were locked from toshiba. I called toshiba tech support and could never get it through their heads that these were hdd passwords and not CMOS/BIOS password problem. They kept telling me to just remove the battery. Needless to say, I just returned to reseller for another brand.