# Message: 4
# From: Eric Auer <[EMAIL PROTECTED]>
# Date: Tue, 12 Apr 2005 23:14:34 +0200 (MEST)
# To: freedos-user@lists.sourceforge.net
# Subject: [Freedos-user] Methods against harddisk password troubles
# Reply-To: freedos-user@lists.sourceforge.net
#
#
# Hi, as neither harddisk makers nor BIOS makers really seem to
# care about users getting locked out of their own disks, you
# might want to have a look at this article:
#
# http://www.heise.de/ct/english/05/08/172/
#
# Years ago, IDE / ATA harddisks started to support a password lock
# feature, but nobody really used it. Well, probably the X-BOX is
# using it. Anyway. The problem: A virus or trojan can set a random
# password for your harddisk, with the effect that you never get back
# access to your data. If you are lucky, you can use "the reset
# password and format disk" function to get at least the hardware back.
#
# As far as I know, no harddisk vendors have yet taken the effort to
# add a simple jumper to block password changes - really a pity. That
# kind of jumper works pretty good to protect your flash BIOS on a lot
# of mainboards out there...
#
# However, at least a few BIOS makers have included "freeze password
# access at boot time", but the "freeze" only has effect until the
# next disk reset. If a trojan or virus can get access to the raw disk
# to mess with password features, then it will probably be able to
# trigger a disk reset, too. Again zero protection :-(.
#
# The only real protection at the moment is: Set a disk password
# yourself. But then, you need a BIOS which gives you an interface
# to unlock the disk every time you boot... Or you have to boot
# from diskette or USB
# to unlock your harddisk every time you boot. Really crappy
# situation. Especially given that this potentially disastrous
# feature got introduced roughly SEVEN years ago!
#
# In Linux, you can use hdparm to control the password feature,
# and in DOS, you can use tools like ATAPWD.
#
# Eric
(I've done some research since I got your last message, Eric... I
didn't blow you off before. I'm just crazy busy.)
Actually, that's not true; the only way, according to the ATA-7
specification, to quit the Security Freeze Lock state is to power
off the drive:
------------------------------------------------------------------
The SECURITY FREEZE LOCK command shall set the device to Frozen
mode. After command completion any other commands that update the
device Lock mode shall be command aborted. Frozen mode shall be
disabled by power-off or hardware reset(1). If SECURITY FREEZE
LOCK shall be issued when the device is in Frozen mode, the
command executes and the device shall remain in Frozen mode.
Commands disabled by SECURITY FREEZE LOCK are:
- SECURITY SET PASSWORD
- SECURITY UNLOCK
- SECURITY DISABLE PASSWORD
- SECURITY ERASE PREPARE
- SECURITY ERASE UNIT
------------------------------------------------------------------
(1) A hardware reset is a *hard* reset, which is triggered by
driving pin 1 low - not something possible by issuing a command
to the drive. There are are *maybe* one or two plug-in
controllers out there on which it is possible to trigger a hard
reset on the cable (NOT the drive), but in order to do that you
would have to have the access level of a driver (ring 0), and have
intimate knowledge of how *that particular* card would go about
it.
I am hereby stating that the following is ONLY my opinion - I am
not nearly so lofty as to speak for Maxtor :)
That said... it seems to me that there's already a mechanism in
place to lock the drive. That most BIOS manufacturers aren't
bothering to implement it is hardly the HD manufacturers' problem.
It would make sense to me to take it up with the BIOS writers (and
perhaps the c't article will go some ways to encouraging that!)
It wouldn't be hard for the BIOS writers to do this - I've seen
several that do much the same thing with Auto-Acoustic Management.
The reason I can think of that the manufacturers are unlikely to
want to add a jumper - besides the fact that the ATA spec has
already addressed this - is cost. Adding a jumper is actually a
non-trivial thing. It's not just the jumper itself; I/O lines
into the ASIC have gotten to be at quite a premium.
Anyway, my quick take on the matter (and hopefully clearing up a
misconception as to how easy it would be to bypass).
--
Gordon Schumacher
Tools Group, Maxtor Corporation
-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_ide95&alloc_id�396&op=click
_______________________________________________
Freedos-user mailing list
Freedos-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/freedos-user
