HDD Troubles
in [Computer]
|
Prev: Vista issue
Next: HELP...CAN'T ACCESS MSN/YAHOO EMAIL
From: JD on 20 Apr 2010 20:16 Hi All Bit of a long post this (well for me anyway) the questions at the bottom if you want to skip the "guff". Ever start one of those 5 minute jobs that turns out to be a lot more complicated than you first anticipated. Someone asked me to look at a Laptop, a Toshiba Satellite A200 to be precise, the problem being that the "BIOS PASSWORD ON BOOT" had been set and turned on, and he would like the OS reinstalled as it was a bit slow. No real problems there I thought, turns out there is a fault with the BIOS on this model and some others which seems to set a BIOS password all by it's self, so I'll just pull the battery and reset the password simples. took off all the panels looking for the battery or the battery terminal, nothing, looked for some info on this model and All that was turning up was that toshiba laptops apparently store there BIOS password in an eprom and removing the battery would not work, "return to manufacturer for a free reset" blah-blah, so did some more digging, older models have a parallel port switch you can make to unlock them, no good for me, other models holding down the left shift while booting bypasses the password, also no good, hidden jumpers, turns out there are hidden jumpers on most models that will reset the password, usually under the RAM modules so I found it and reset it. So far so good or so it seemed, when I cleared the BIOS password I also removed the HDD Password which was set and guess what he cant remember what the password for that is, for those not familiar the ATA specification allows for HDD's to have a MASTER and USER password which IF set can lock the drive so that it cannot be used in another machine, I've used a spare HDD that I had for the mean time to reinstall the OS etc and I will clone it back over to a new drive when it arrives. So if anyone knows how to remove a HDD lock the info would be greatly appreciated, so far I have tried the Toshiba master password (which is supposedly all spaces using ATAPWD) I've also found a program that claims it can unlock most drives "HDD Unlocker" but it has an unusual pricing policy, the programs free but you pay per drive that you unlock and by what capacity the drive is, its not economical to pay the price to unlock the drive as its a couple of years old, and I'd have to install XP on a machine to use it. JD
From: Paul on 20 Apr 2010 23:12 JD wrote: > Hi All > > Bit of a long post this (well for me anyway) the questions at the bottom > if you want to skip the "guff". > > Ever start one of those 5 minute jobs that turns out to be a lot more > complicated than you first anticipated. > > Someone asked me to look at a Laptop, a Toshiba Satellite A200 to be > precise, the problem being that the "BIOS PASSWORD ON BOOT" had been set > and turned on, and he would like the OS reinstalled as it was a bit slow. > > No real problems there I thought, turns out there is a fault with the > BIOS on this model and some others which seems to set a BIOS password > all by it's self, so I'll just pull the battery and reset the password > simples. > > took off all the panels looking for the battery or the battery > terminal, nothing, looked for some info on this model and All that was > turning up was that toshiba laptops apparently store there BIOS password > in an eprom and removing the battery would not work, "return to > manufacturer for a free reset" blah-blah, so did some more digging, > older models have a parallel port switch you can make to unlock them, no > good for me, other models holding down the left shift while booting > bypasses the password, also no good, hidden jumpers, turns out there are > hidden jumpers on most models that will reset the password, usually > under the RAM modules so I found it and reset it. > > So far so good or so it seemed, when I cleared the BIOS password I also > removed the HDD Password which was set and guess what he cant remember > what the password for that is, for those not familiar the ATA > specification allows for HDD's to have a MASTER and USER password which > IF set can lock the drive so that it cannot be used in another machine, > I've used a spare HDD that I had for the mean time to reinstall the OS > etc and I will clone it back over to a new drive when it arrives. > > So if anyone knows how to remove a HDD lock the info would be greatly > appreciated, so far I have tried the Toshiba master password (which is > supposedly all spaces using ATAPWD) I've also found a program that > claims it can unlock most drives "HDD Unlocker" but it has an unusual > pricing policy, the programs free but you pay per drive that you unlock > and by what capacity the drive is, its not economical to pay the price > to unlock the drive as its a couple of years old, and I'd have to > install XP on a machine to use it. > > JD I vaguely remember some password features existing in the CMRR Secure Erase software. Start by reading the README link on this page. And, good luck on your mission :-) http://cmrr.ucsd.edu/people/Hughes/SecureErase.shtml A copy of the ATA/ATAPI spec, may help you understand how that stuff is intended to work. Part of the fun with ATA/ATAPI, is how the BIOS on the computer does a few things, and the playing field is not completely open. That is why, the things you read in the ATA/ATAPI spec, may not work as you would expect - so even if you had some program which allows emitting any possible ATA/ATAPI command, the BIOS may have already prevented certain things from working by the time you get your program running. (ATA/ATAPI has some features which lock things, until the drive is power cycled.) The BIOS tricks are done in the interest of preventing malware from doing more damage than it already does. A side effect, is you may not be able to do the maintenance you need to do, because of those tricks. Some BIOS on pre-built computers, support things like a HPA (host protected area) and hiding a partition so the user can't get at it, and then locking the door, so the user cannot rummage around in there. So some of this stuff can be tricky, with no guarantees of breaking through. It might mean using some other computer, a computer with a "dumber" BIOS, that leaves some of those doors open, so you can do repair work and so on. The ATA/ATAPI stuff will be documented - what the BIOS does, may not be. Paul
From: JD on 22 Apr 2010 15:06 On 21/04/2010 4:12 AM, Paul wrote: > JD wrote: >> Hi All >> >> Bit of a long post this (well for me anyway) the questions at the >> bottom if you want to skip the "guff". >> >> Ever start one of those 5 minute jobs that turns out to be a lot more >> complicated than you first anticipated. >> >> Someone asked me to look at a Laptop, a Toshiba Satellite A200 to be >> precise, the problem being that the "BIOS PASSWORD ON BOOT" had been >> set and turned on, and he would like the OS reinstalled as it was a >> bit slow. >> >> No real problems there I thought, turns out there is a fault with the >> BIOS on this model and some others which seems to set a BIOS password >> all by it's self, so I'll just pull the battery and reset the password >> simples. >> >> took off all the panels looking for the battery or the battery >> terminal, nothing, looked for some info on this model and All that was >> turning up was that toshiba laptops apparently store there BIOS >> password in an eprom and removing the battery would not work, "return >> to manufacturer for a free reset" blah-blah, so did some more digging, >> older models have a parallel port switch you can make to unlock them, >> no good for me, other models holding down the left shift while booting >> bypasses the password, also no good, hidden jumpers, turns out there >> are hidden jumpers on most models that will reset the password, >> usually under the RAM modules so I found it and reset it. >> >> So far so good or so it seemed, when I cleared the BIOS password I >> also removed the HDD Password which was set and guess what he cant >> remember what the password for that is, for those not familiar the ATA >> specification allows for HDD's to have a MASTER and USER password >> which IF set can lock the drive so that it cannot be used in another >> machine, I've used a spare HDD that I had for the mean time to >> reinstall the OS etc and I will clone it back over to a new drive when >> it arrives. >> >> So if anyone knows how to remove a HDD lock the info would be greatly >> appreciated, so far I have tried the Toshiba master password (which is >> supposedly all spaces using ATAPWD) I've also found a program that >> claims it can unlock most drives "HDD Unlocker" but it has an unusual >> pricing policy, the programs free but you pay per drive that you >> unlock and by what capacity the drive is, its not economical to pay >> the price to unlock the drive as its a couple of years old, and I'd >> have to install XP on a machine to use it. >> >> JD > > I vaguely remember some password features existing in the CMRR Secure Erase > software. Start by reading the README link on this page. And, good luck > on your mission :-) > > http://cmrr.ucsd.edu/people/Hughes/SecureErase.shtml > > A copy of the ATA/ATAPI spec, may help you understand how that stuff is > intended to work. > > Part of the fun with ATA/ATAPI, is how the BIOS on the computer does a few > things, and the playing field is not completely open. That is why, the > things > you read in the ATA/ATAPI spec, may not work as you would expect - so even > if you had some program which allows emitting any possible ATA/ATAPI > command, > the BIOS may have already prevented certain things from working by the time > you get your program running. (ATA/ATAPI has some features which lock > things, > until the drive is power cycled.) The BIOS tricks are done in the > interest of > preventing malware from doing more damage than it already does. A side > effect, > is you may not be able to do the maintenance you need to do, because of > those > tricks. > > Some BIOS on pre-built computers, support things like a HPA (host > protected area) > and hiding a partition so the user can't get at it, and then locking the > door, > so the user cannot rummage around in there. So some of this stuff can be > tricky, > with no guarantees of breaking through. It might mean using some other > computer, > a computer with a "dumber" BIOS, that leaves some of those doors open, > so you can > do repair work and so on. > > The ATA/ATAPI stuff will be documented - what the BIOS does, may not be. > > Paul Cheers Paul Thanks for the link, the program wont unlock the disk as it uses the secure features to do a secure erase of the disk, however the tools documentation was very helpful, as you pointed out not all bios's will use these features. I dug out an old socket A chip and motherboard, CD-ROM, PSU and created a bit of a Frankenstein's monster to test out this theory, I connected the Locked drive and booted the "PC" jumped into the Raid host controller and I did a low level format of the hard drive which appeared successful, however on reboot it was just the same, I suspect the formatting function of the raid controller was not verifying the writes and it was probably not formatting the drive. I'm not going to waste to much time on this, but it has given me a new look on the security features on PC's as someone who fixes them, the features are usually just an annoyance encryption and drive locks just make it hard/impossable to backup there data, but I guess that's there problem, on the other hand if I was a business I can see the benifits, laptops go missing all the time and there could be personal information and such like on these machines that the press just loves to report and this is a simple yet effective step. JD
From: . on 22 Apr 2010 15:36 http://www.digitalissues.co.uk/html/os/misc/ibm-wipe-zap.html?seenIEPage=1 "JD" <No.Reply(a)Sorry.com> wrote in message news:4bce43b2$0$2525$da0feed9(a)news.zen.co.uk... > Hi All > > Bit of a long post this (well for me anyway) the questions at the bottom > if you want to skip the "guff". > > Ever start one of those 5 minute jobs that turns out to be a lot more > complicated than you first anticipated. > > Someone asked me to look at a Laptop, a Toshiba Satellite A200 to be > precise, the problem being that the "BIOS PASSWORD ON BOOT" had been set > and turned on, and he would like the OS reinstalled as it was a bit slow. > > No real problems there I thought, turns out there is a fault with the BIOS > on this model and some others which seems to set a BIOS password all by > it's self, so I'll just pull the battery and reset the password simples. > > took off all the panels looking for the battery or the battery terminal, > nothing, looked for some info on this model and All that was turning up > was that toshiba laptops apparently store there BIOS password in an eprom > and removing the battery would not work, "return to manufacturer for a > free reset" blah-blah, so did some more digging, older models have a > parallel port switch you can make to unlock them, no good for me, other > models holding down the left shift while booting bypasses the password, > also no good, hidden jumpers, turns out there are hidden jumpers on most > models that will reset the password, usually under the RAM modules so I > found it and reset it. > > So far so good or so it seemed, when I cleared the BIOS password I also > removed the HDD Password which was set and guess what he cant remember > what the password for that is, for those not familiar the ATA > specification allows for HDD's to have a MASTER and USER password which IF > set can lock the drive so that it cannot be used in another machine, I've > used a spare HDD that I had for the mean time to reinstall the OS etc and > I will clone it back over to a new drive when it arrives. > > So if anyone knows how to remove a HDD lock the info would be greatly > appreciated, so far I have tried the Toshiba master password (which is > supposedly all spaces using ATAPWD) I've also found a program that claims > it can unlock most drives "HDD Unlocker" but it has an unusual pricing > policy, the programs free but you pay per drive that you unlock and by > what capacity the drive is, its not economical to pay the price to unlock > the drive as its a couple of years old, and I'd have to install XP on a > machine to use it. > > JD
|
Pages: 1 Prev: Vista issue Next: HELP...CAN'T ACCESS MSN/YAHOO EMAIL |