RE: [t13] Back to the main problem. Please read

[Mark Overby]

Title: Re: [t13] Back to the main problem. Please read

Replace many with some (just because we can't quantify the number) on #3.

On #1 there isn't such a thing as an "erase" password - there is the master password and the user password. If you cut down #1 to just the first sentence and replace the work break with block, you're accurate.

On #2 replace BIOS with host.

 

Do that and I think your nutshell is accurate.

---

From: [EMAIL PROTECTED] on behalf of Pat LaVarre
Sent: Tue 5/17/2005 7:25 AM
To: forum at t13.org
Subject: Re: [t13] Back to the main problem. Please read

This message is from the T13 list server.


Do we have a concise, dispassionate technical nutshell of the causes of
the main problem?

Can we substitute a nutshell more accurate than the Three bullets:

///

1) ATA since 1997 defines passwords that break write, read, and erase,
by design.  If the erase password is set, then you have to know or
discover it, else you can't start over.

2) ATA lets BIOS choose to disable this feature til next power cycle or
pin 1 reset of the ATA drive, by "freezing" out changes.

3) Significantly many BIOS do not disable this feature, for the boot
drive and/or other connected drives, in particular the ATA thru SCSI
drive population that many BIOS do not even see as connected.

///

Are those facts, wholly true, slanderous rumour, or something in
between?  Can we substitute a better nutshell, rather than tearing into
my words line by line?  I make that unusual request because I'm
guessing we agree, we won't reach closure quickly if we digress into
scenarios of who will be hurt most by what kind of attack, or a
discussion of how appalling is my deep ignorance of the ATA standard
and PC motherboard architecture.

Curiously yours, Pat LaVarre