ATA security

On the security topic tested it, and found that it was not enough to remove the circuit board and replace it with a board from an unlocked drive. So password data is stored on the drive platters as well.
They sent the drive to IBAS (Norwegian data recovery company) who were able to recover the key.. (They call it a trade secret)

As with most closed systems it is not known is there is a master master password, though vendors claim there isn’t.

So if you want to add another security hurdle besides encryption, you find a PC with a BIOS that supports the security features, set security the maximum, encrypt the disk with your favorite encryption software. This should scare off most except the mosts adamant hackers or big brother.

There is a tool called WinAAM (German) which is used to manipulate drives acoustics, it will also tell you the current security setting of the drive (You can use it to see if your BIOS sets the SECURITY FREEZE LOCK on the drive) If it doesn’t you might consider to check for a BIOS update, and you might be lucky that the new BIOS sets it.

From what I have read I am convinced that the ATA security standard is not unbreakable, with the right experience/equipment it is still possible to bypass the ATA password, and it does not mitigate the initial problem of the possibility to extract encryption keys from RAM. But it is definitely an extra layer of security.

comments powered by Disqus