-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 This isn't particularly p2p-related, but it is crypto and transparency related.
AT passwords on Hard Drives do not encrypt the hard drives contents, and drive recovery services can recover the data (I believe this is done by moving the platters to an identical drive in a clean room). - http://en.wikipedia.org/wiki/Parallel_ATA#HDD_passwords_and_security Seagate introduced drives several years ago that allegedly use the AT password specification for actual encryption, including drives FIPS 140-2 certified. - http://www.schneier.com/blog/archives/2005/06/seagates_full_d.html - http://www.seagate.com/www/en-us/products/self-encrypting-drives/ - http://seagate.custkb.com/seagate/crm/selfservice/search.jsp?DocId=206011#2 However, despite being five years old - I don't know of any guide to use these drives in a way that verifies they are in fact encrypting their contents. I have a FIPS 140-2 Seagate Momentus SATA Drive, Model number ST9250414ASG and would like to write one. The scope would be basic validation - I don't plan to reverse engineer the firmware or conduct extensive cryptanalysis on the ciphertext. I aim to verify that the data is written to platter encrypted, that free space is or isn't filled with random data, any discernible structures on the platter (for example in the beginning), what changing the AT password changes and analysis of that area, that the ciphertext passes statistical randomness tests. The guide would show how to use the drive as a secondary or boot drive using F/OS software (if possible). Seagate also talks a lot about DriveTrust. As near as I can tell, this is a bootloader that provides more features (biometric, enterprise-managed passwords, etc) for unlocking a drive. I believe this is both unnecessary for pre-boot unlocking of the drive and dangerous as it provides an increased attack surface. I will not be testing DriveTrust. - http://www.seagate.com/docs/pdf/whitepaper/TP564_DriveTrust_Oct06.pdf hdparm does provide experimental options for using the AT security API, and in my experience they seem to work. - I was able to unfreeze a drive by power-cycling (SATA power unplug/plug) while PC was booted - I was able to set the user password - After rebooting once, powercycling, and rebooting again - the drive was 'locked'. I could not view the partition table, nor copy contents with dd: # dd if=/dev/sde of=/root/sde1.2048 count=5 dd: reading `/dev/sde': Input/output error 0 bytes (0 B) copied, 2.51387 s, 0.0 kB/s - After unlocking the drive, and reloading the partition table with partprobe I was able to view the partition and read the table, showing me the contents I had dd-ed earlier. Obviously this isn't a thorough survey, and most crucially I'm not actually verifying the data is written to platter encrypted. My current netbook is a Gigabyte T1028M running InsydeH20 BIOS Rev 3.5 - it does not seem to support the AT password specifiction. I'm looking for assistance in the following areas: - Anyone who has done this before. - Anyone well versed in the AT Security Specification against whom I can double-check my understanding. - Anyone familiar with these Seagate drives or DriveTrust. - Anyone familiar with BIOS support for the AT Security Spec, who can help me locate a new netbook to work with. - Anyone familiar with Data Recovery Services who could provide information on disk unlocking, AT password bypass, or moving platters between disks. - General comments, suggestions, or input. - -tom -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (Cygwin) iEYEARECAAYFAk5LOokACgkQJZJIJEzU09s4FACgzSovWJ7Svzm09tpQhdYmV9pt eGgAoLTEePjiN47py9VGw6g4DbFeXHf3 =Eqv9 -----END PGP SIGNATURE----- _______________________________________________ p2p-hackers mailing list [email protected] http://lists.zooko.com/mailman/listinfo/p2p-hackers
