On So, 2004-02-01 at 22:45, Felix E. Klee wrote:
> I have no experience with HD passwords (never used them) but I guess
> that working around them may not be all that hard: Simply replace the
> hard disks "system board". However, the password may be stored on a
> certain part of the disks themselves. Then a work around becomes a bit
> harder, but not impossible.
As far as I know (and I'm pretty sure about that), the HD password is
indeed stored on a "private area" on the disk. It is only possible for
the HD firmware to access this area (not for the user).
This is quite safe, but a lab can dismantle the drive and take external
heads to recover the password from this area (the same procedure as it
is done in HD crash recovery labs).
More expensive than a new disk, but definitely affordable for an
attacker, if the data is valuable.
(Another thing we discussed shortly ago, was the question, if it was
possible to recover the HD password from the TP eeprom, if it is
*additionally* stored there (for your convenience). This might be
possible, if a supervisor password was set, but depends on the actual TP
model. Or even simpler, if the HD password is the same as the power-on
password, it would be possible to recover the power-on password from the
eeprom (via some services, which can be found on the internet) and try
it on the HD... Don't quote me on anything of that, since I have noe
enough information about these speculations of mine. ;))
> a LINUX user). If not, there certainly are other solutions. You may want
> to contact IBM as they probably have experience in this area and may
> even provide ready solutions.
Definitely.
Greetings, UW(e)
_______________________________________________
Thinkpad mailing list
Thinkpad@stderr.org
http://stderr.org/cgi-bin/mailman/listinfo/thinkpad
Received on Mon Feb 2 05:30:51 2004
This archive was generated by hypermail 2.1.8 : Fri May 26 2006 - 16:02:03 EDT