Thread: Hard Drive Password Problems
View Single Post
  #13 (permalink)  
Old 02-04-2007, 06:18 AM
Arno Wagner
Guest
  
Posts: n/a
Default Re: Hard Drive Password Problems
In comp.sys.ibm.pc.hardware.storage Odie Ferrous <odie_ferrous@hotmail.com> wrote:
> Vanguard wrote:
>>
>> "Barry Watzman" <WatzmanNOSPAM@neo.rr.com> wrote in message
>> news:45c4b406$0$9009$4c368faf@roadrunner.com...
>> > Re: "The other half of the hash (to decode) was back in the original
>> > laptop. Preventing someone from getting at it, especially by stealing
>> > the drive, is just what that security is for; i.e., unless the drive
>> > is in the original laptop that hashed up the drive's contents AND you
>> > know the password, you will never get at the decoded contents of the
>> > drive."
>> >
>> > I don't think that's correct. This isn't windows,
>>
>> I don't care what OS is on the drive, encrypted or not. The whole-disk
>> encryption is performed in hardware. Half of that support is on the
>> hard drive, the other half is back in the mobo. If the drive wanders
>> off from the mobo that hashed up the drive, that drive cannot be
>> decoded. It is very similar to e-mail encryption: the source (owner of
>> the certificate or the mobo) has the "private" portion and the target
>> (recipient or hard drive) has the "public" portion. Without both,
>> there's no decryption, and the source controls that.
>
> Vanguard,


> All the drive manufacturers have their own method of enforcing password
> protection at this level.

> Some of them can be overcome quite easily (for instance, a typical
> resurrection for Western Digital drives is to enter, as the password,
> WDC repetitively for 32 characters) whereas others (most) require
> hardware intervention.

> We can recover / obliterate passwords for almost all drives - using
> specialist equipment - but for the lucky user of a WD-type drive, it's
> fairly straightforward.

> The password is rarely stored on multiple media - as far as I can tell
> with up-to-date information and experience. (i.e. it's never stored as a
> combination of platter-based info (system area) and hardware (BIOS / ROM
> / NVRAM.)

So basically a HDD password is only protection angainst amateurs and
even they can get it removed for a few thousand EUR/USD?

Hmmm. If this were crypto, it would fall into the ''ridiculous''
security level class...

Arno

Reply With Quote