Slashdot Mirror

← Back to Stories (view on slashdot.org)

How To Head Off ATA HDD Password Abuse

Posted by timothy on from the I-did-not-know-that dept.

An anonymous reader submits "German c't magazine has a story about abusing the security features of ATA hard disks. The bottom line is that almost all ATA hard disks in desktop PCs can be password-protected. However, on most desktop PCs, the BIOS does not support locking this option -- so viruses or malware could set a random password, making any data unreadable unless recovered by professionals."

5 of 215 comments (clear)

  1. Re:why would you do this? by tivoKlr · · Score: 5, Informative

    Well, for software modding an Xbox for starters.

    Xboxen will only boot from a locked hard drive, and to modify the files on an Xbox to, you know, allow you to run your own home written unsigned code, you need to be able to lock the drive once you've modified it to get the Xbox to recognize it.

    I have encountered bioses that won't allow you to lock or unlock drives. Very annoying...

    --
    Ocean is land, covered with water.
  2. the word being "could" by Anonymous Coward · · Score: 5, Insightful


    but when was the last highly destructive virus you saw ?

    virus writers/skripterz have long since learnt, if you kill the host it is of no use to you, you achieve nothing

    99% of viruses today are trojans because you can use your fancy stealth infection/propogation routines AND make a profit if you keep the host alive, locking a HD would be pointless and contrary to opinion most Virus writers are not stupid, misguided perhaps but not stupid

  3. Re:professional? by Anonymous Coward · · Score: 5, Funny
    If you lock out the drive you aren't going to spread yourself very far.
    Think of it like this: A Slashdotter with a venereal disease. He isn't going to infect anyone.
  4. Re:professional? by warrior · · Score: 5, Informative

    No, you cannot use atapwd to reset it. There are two passwords, a master and a user. If you know the master password, you can use atapwd to reset the user password. These passwords are stored across platters and are stored as a checksum in flash on the HD controller. Resetting the password is not trivial at all. There are two options, use a logic analyzer and try to intercept the pieces of the password on it's way in to generate the checksum (haven't heard of anyone being able to accomplish this), or take the drive apart in a clean room, erase the password of the platters and attach a virgin controller. There are no companies in the US that will do either of these for you, and I don't think that's a coincidence. The very few (3-4) companies that perform this service make very good money of it. If you don't believe me, set your master ATA pwd to a known value and try to reset it by any means _without_ using the password. You can't, you're hosed. Most people at this point chuck the disk, they're cheap. But if you need the data you'll pay anything. The idea behind it is that should it get stolen, the data is safe. The companies that do data retrievel require proofs of ownership. However, for the fool that forgets or accidentally sets the password, you're hosed. For those of you that own Toshiba 80GB laptop hdds, beware, there's a flaw in the controller that may glitch and set a random password for you. In that case you'll want to talk to Nortek.

    --
    Intel transfer the difficult from Hadware to software, for get more power, programmer need more technology. -- chinaitn
  5. Re:why would you do this? by darkwhite · · Score: 5, Insightful

    Why on earth would you want to password "protect" a hard drive? How would that be any better than properly encrypting your files?

    Speed.

    Only very sophisticated organizations have the means to lift data off a password-protected hard drive. Encryption, while more durable in that regard, sacrifices speed with every access to the files in question.

    --

    [an error occurred while processing this directive]