Comments on: HDD Security System

By: uuu

uuu — Fri, 10 Jun 2011 13:58:03 +0000

>>They all work using vendor specific commands to access firmware and to extract password from HDD.
+maybe vendor specific commands to access crypted data(when ejected), or even auto uncript – by [hidden]saved early key or bruteforce (+if key algo – bad, like in BIOS)
>>So HDD(and all HW protection) security system is a very weak protection mostly.
Who make HW – that (potentionally,but…)always have backdoor, minimum becouse that info – $$$.

By: Manuel

Manuel — Tue, 25 Jan 2011 10:47:38 +0000

From where do you have the information that the password is stored somewhere on the drive (e.g controller chip).

If you are right, then if someone use ATA security commands to encrypt (not only to protect!!!) the drive (e.g. Seagate Full Disk Encryption), the encrpytion is useless if the vendor could “recover” the key (used password).
Or do you mean that the vendor could remove (not recover the password) the password request only for protected (not encrypted) drives?
If the vendor could only remove the password request then a encrypted drive is still encrypted and useless.
Do you have a good and reliable source for this information?

By: Fedir Nepyivoda

Fedir Nepyivoda — Tue, 01 Jun 2010 09:10:55 +0000

In reality all drives can be unlocked without correct known password – because password is stored in the HDD’s firmware.

There is a plenty of specialized tools on the internet for HDD unlocking. They all work using vendor specific commands to access firmware and to extract password from HDD.

So HDD security system is a very weak protection mostly.

By: Peter

Peter — Thu, 27 May 2010 13:38:42 +0000

So when the password is lost, there is no way to unlock the hard drive?