I've recently got interested the security feature of ATA-3 hard disk interface standard (described e.g. in [1]). It's vendored under different names, mostly in portable computers environment, for example Compaq notebooks refer to DriveLock feature. It allows an user to lock the drive at hardware level with user and master passwords (the latter allows removing user password, in short). I wondered how it works internally and what level of security it provides? A quick guess is that it works only at the HDD controller level and involves no actual data encryption. An implication would be that if you have such drive, you can try to change the electronics, leaving the plates untouched, and retain open access to the data stored on the disk. Anyway, it would be another step of protection, requiring much more technical knowledge and capabilities from the thief than just removing the disk and putting it into some other laptop (like it can be done to bypass computer's BIOS passwords etc.). But maybe I'm wrong - could anyone clarify or at least point me to some more detailed documentation? [1] http://viking.delmar.edu/courses/Cis312J/EBOOK/wrh09.htm#E69E196 -- Paweł Krawczyk *** home: <http://ceti.pl/~kravietz/> security: <http://ipsec.pl/> *** fidonet: 2:486/23
participants (1)
-
Pawel Krawczyk