ATA-3 drive security
Pawel Krawczyk
kravietz at ceti.pl
Thu Feb 22 08:22:42 PST 2001
I've recently got interested the security feature of ATA-3 hard
disk interface standard (described e.g. in [1]). It's vendored under
different names, mostly in portable computers environment, for example
Compaq notebooks refer to DriveLock feature. It allows an user to lock
the drive at hardware level with user and master passwords (the latter
allows removing user password, in short).
I wondered how it works internally and what level of security it provides?
A quick guess is that it works only at the HDD controller level and
involves no actual data encryption. An implication would be that if
you have such drive, you can try to change the electronics, leaving the
plates untouched, and retain open access to the data stored on the disk.
Anyway, it would be another step of protection, requiring much more
technical knowledge and capabilities from the thief than just removing
the disk and putting it into some other laptop (like it can be done to
bypass computer's BIOS passwords etc.).
But maybe I'm wrong - could anyone clarify or at least point me to some
more detailed documentation?
[1] http://viking.delmar.edu/courses/Cis312J/EBOOK/wrh09.htm#E69E196
--
Paweł Krawczyk *** home: <http://ceti.pl/~kravietz/>
security: <http://ipsec.pl/> *** fidonet: 2:486/23
More information about the cypherpunks-legacy
mailing list