This message is from the T13 list server.
I have some questions about hard disk security. Recently a discussion started using the security feature set with non security aware BIOSs. According to a German magazine it is possible for a virus to set a random 32 bytes password in the drive. When this is done for both the user and master password no change for data retrieval exists. One could not even clear the drive but would need to go to a recovery company or an obscure web service to unlock it.
I have read the standard relating this matter several times and must come to the same conclusion.
If this is true I am quite shocked by this. Did any one even consider to ask the old password before accepting the new one?
I would like any ones opinion on this matter and better any solutions. Obviously the Freeze command does not work. This is really damaging for the ATA reputation and will IMHO require action on behalf of the drive manufacturers. For example firmware versions with security totally disabled / removed.
Sincerely,
Thomas
