[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

ATA-3 drive security

To: cypherpunks@toad.com
Subject: ATA-3 drive security
From: Pawel Krawczyk <kravietz@ceti.pl>
Date: Thu, 22 Feb 2001 17:22:42 +0100
Cc: cryptography@c2.net, coderpunks@toad.com

    [ The following text is in the "iso-8859-2" character set. ]
    [ Your display is set for the "US-ASCII" character set.  ]
    [ Some characters may be displayed incorrectly. ]

I've recently got interested the security feature of ATA-3 hard
disk interface standard (described e.g. in [1]). It's vendored under
different names, mostly in portable computers environment, for example
Compaq notebooks refer to DriveLock feature. It allows an user to lock
the drive at hardware level with user and master passwords (the latter
allows removing user password, in short).

I wondered how it works internally and what level of security it provides?

A quick guess is that it works only at the HDD controller level and
involves no actual data encryption. An implication would be that if
you have such drive, you can try to change the electronics, leaving the
plates untouched, and retain open access to the data stored on the disk.

Anyway, it would be another step of protection, requiring much more
technical knowledge and capabilities from the thief than just removing
the disk and putting it into some other laptop (like it can be done to
bypass computer's BIOS passwords etc.).

But maybe I'm wrong - could anyone clarify or at least point me to some
more detailed documentation?

[1] http://viking.delmar.edu/courses/Cis312J/EBOOK/wrh09.htm#E69E196


-- 
Paweі Krawczyk *** home: <http://ceti.pl/~kravietz/>
security: <http://ipsec.pl/>  *** fidonet: 2:486/23

Prev by Date: U2 is coming to Tacoma and Match.com has tickets!
Next by Date: [windows-1251] Внешность и здоровье
Prev by thread: U2 is coming to Tacoma and Match.com has tickets!
Next by thread: [windows-1251] Внешность и здоровье
Index(es):
- Date
- Thread