Seagate ST9500421AS Can Your Computer Keep a Secret? - Page 3

Can Your Computer Keep a Secret? Why All Laptop Data Protection Methods Are NOT Created Equal Hard Drive Password Locking Most hard drive manufacturers offer a feature officially called the "ATA security feature set" but commonly known as "ATA hard drive password locking." As the name implies, this feature allows users to lock their drive with a password. Unlike BIOS or operating-system password protection, ATA password locking is implemented at the drive. Even if the operating system password and any BIOS-level password protection is satisfied (or removed), an ATA protected hard drive will not retrieve data unless the correct ATA password is presented to the drive. This password-locking feature is marketed under a variety of names by various manufacturers, including ATA password locking, DriveLock, HDD Password, HDP and Security Lock. On the surface, hard drive password locking appears to provide great protection, and many individuals and organizations are using this method to safeguard sensitive data stored on their computer hard drives. Unfortunately, in nearly all cases an attacker can easily disable the password lock and gain full access to the data on the drive. Michael Crooker learned the hard way that hard drive password locking is not secure. He purchased a personal Compaq computer in September of 2002 specifically because of its DriveLock ATA password-locking security feature. According to Crooker, the computer's manual claimed that if one were to lose both the master and user passwords, the hard drive is useless, and not even Compaq can access the data4. However, after being arrested for selling a rifle with a silencer, Crooker's computer was confiscated. Law enforcement agents who did not have the hard drive password quickly removed the security mechanism and had full access to Crooker's data. They found plenty of incriminating evidence. The case received considerable attention because Crooker sued both the retail establishment that sold him the computer and the computer manufacturer for false advertising. Hardware Tools Easily Remove Hard Drive Passwords The details of how the password security on Crooker's PC was disabled were not disclosed, but one need not search very far to find numerous methods to defeat this security mechanism. In Crooker's case, law enforcement agencies most likely used a hardware tool specifically designed to remove hard drive passwords. One such tool, the HDD Rock from YEC, sells for a little over US$1000. The product documentation states: "Instantly removes unknown passwords from locked hard drives. Total process time under 2 minutes5. In addition to the HDD Rock, a number of vendors offer similar products, including Ultrec6, Vogon7, AFF Laboratory8 and others. YEC and the other companies listed in this article sell their password recovery tools to law enforcement agencies and data recovery firms that are in the business of assisting legitimate owners in recovering their own data. These companies validate drive ownership before they will unlock a drive. However, there are other firms that will sell unlocking tools or provide unlocking services to anyone, no questions asked. Hard Drive Password Removal as a Service There are many companies that have the equipment and skills to unlock a passwordprotected hard drive. Bob Weiss, CEO of Password Crackers said that for around US$100 his company can easily recover 90 percent of password-locked drives, and US$1000 will remove the password security from any drive. Datatrack LABS, located in the United Kingdom will also remove hard drive password protection for a service, as will a number of other firms. Datatrack LABS also claim the ability to unlock any drive whatsoever. 4 Information Security News, May 1, 2006, Your Computer Is Not Secure 5 HDD Rock Password Removal Tool www.yec-usa.com/products/hddrock.htm 6 Ultrec LTD www.ultratec.co.uk./services/harddisk_password_removal.asp 7 Vogon Password Cracking POD www.vogon-forensic-hardware.com 8 AFF Laboratory's Repair Station www.hdd-tools.com/products/rrs/drives