Before I Sledgehammer Some Hard Drives and Stuff
Tronic Graveyard
couple old laptops and phones, but didn't know if ya'll would have any
use for the parts to make cool shit.
morgellon the lowtek mystic
--
You received this message because you are subscribed to the Google
Groups "LVL1 - Louisville's MakerSpace" group.
To post to this group, send email to lv...@googlegroups.com
To unsubscribe from this group, send email to
lvl1+uns...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/lvl1?hl=en
For more info about LVL1 visit www.lvl1.org
--
http://www.google.com/profiles/morgellon
http://twitter.com/morgellon
http://dailyduino.com
Raj -
playing with the platters and head assemblies and would like some newer drives
to practice on. If you're worried about any data on there, your or I could wipe
them using the internal ATA command spec. The Center for Magnetic Recording and
Research, in conjunction with the NSA, researched and developed an internal
command built into the ATA command spec in all modern drives to thoroughly wipe
all data, including bad sectors (which most programs cannot do), usually within
1-2 hours, even for very large drives. It is DOD-MIL and NIST approved for data
sanitization. You can get the program to activate the drive's internal
mechanism read more about it here:
http://cmrr.ucsd.edu/people/Hughes/SecureErase.shtml Anyway, if you're going to
toss them, I'd appreciate if I could practice on them. Thanks.
Raj
jason p
does this erase command work like Dban ? whenever i read the words " in conjunction with the NSA " my tin foil hat starts vibrating an paranoia makes me think backdoors an trickery .
jason p
https://ata.wiki.kernel.org/index.php/ATA_Secure_Erase
ATA Secure Erase
This procedure describes how to use the hdparm command to issue a Secure Erase ATA instruction to a target storage device. When a Secure Erase is issued against a SSD drive all its cells will be marked as empty, restoring it to factory default write performance.
DISCLAIMER: This will erase all your data, and will not be recoverable by even data recovery services.
DISCLAIMER: If you hit kernel or firmware bugs (which are plenty with not widely-tested features such as ATA Secure Erase) this procedure might render the drive unusable or crash the computer it's running on.
DISCLAIMER: The security-erase command is a single command which typically takes minutes or hours to complete, whereas most ATA commands take milliseconds, or seconds to complete. Whilst drives directly attached to a straight-forward SATA controller should work reliably, some "intelligent" interfaces such as USB or firewire to PATA/SATA bridges, SAS controllers or hardware RAID controllers may try to reset devices which they have decided are no longer responding. They may also decide that locked devices are faulty, and hence not provide any access to them in order to issue unlock commands. Such devices may still be unlocked by connecting them directly to a different SATA interface. Additionally, hdparm versions prior to 9.31 do not pass-through the long command time-outs required for the erase commands to the SCSI-ATA Command Translation ("SAT") layer which such devices use. Do not use versions of hdparm prior to 9.31 with such interfaces.
WARNING: Do not attempt to do this through a USB interface! This procedure worked fine when I tried it on my X-25M through the SATA interface. When I tried it again later on the same drive through a USB adapter, it let me password protect the drive, but would not accept the SECURITY-ERASE command. I shut down the system, reconnected the drive to the SATA controller, and found that the drive was bricked - BIOS couldn't recognize it. I will update this warning if I find a way to un-brick the drive.
To successfully issue an ATA Security Erase command you need to first set a user password. This step is omitted from almost all other sources which describe how to secure erase with hdparm.
The example output shown is from an INTEL X25-M G1 80GB SSD running 8820 firmware. It was run from an Ubuntu 9.04 32-bit (Jaunty) Live CD booted from a USB flash drive.
Contents |
Step 1 - Make sure the drive Security is not frozen:
Issue the following command, where "X" matches your device (eg. sda).
hdparm -I /dev/X
Step 1a - Command Output (should display "not frozen"):
If the command output shows "frozen" you cannot continue to the next step. Most BIOSes block (do no allow) the ATA Secure Erase command, they block it by issuing a "SECURITY FREEZE" command to "freeze" the drive before booting an operating system, your BIOS may (most likely not) have a switch to disable the security freeze.
A possible solution for SATA drives is hot-(re)plug the data cable (this might crash your kernel). If hot-(re)pluging the SATA data cable crashes the kernel try letting the operating system fully boot up, then quickly hot-(re)plug both the SATA power and data cables.
- It has been reported that hooking up the drive to an eSATA SIIG ExpressCard/54 with an eSATA enclosure will leave the drive security state to "not frozen".
- Placing my system into "sleep" (Clevo M865TU notebook) worked too---and this may reset other drives to "not frozen" as well.
- Users have also reported that IDE Drives may be unfreezed by plugging in an IDE cable to a CD-ROM first, booting your system and then moving the IDE cable to the drive in question. This will allow you to bypass "SECURITY FREEZE" commands sent by BIOS and your OS. BE AWARE, that IDE cables are not hot-pluggable and this technique possesses even higher risks; under no circumstances should you connect/disconnect/swap power cables of an HDD or CD-ROM, when your PC is on.
Security:
Master password revision code = 65534
supported
not enabled
not locked
not frozen
not expired: security count
supported: enhanced erase
2min for SECURITY ERASE UNIT. 2min for ENHANCED SECURITY ERASE UNIT.
Step 2 - Enable security by setting a user password:
WARNING: When the user password is set the drive will be locked after next power cycle (the drive will deny normal access until unlocked with the correct password).
Step 2a - Set a User Password:
Any password will do, as this should only be temporary. After the secure erase the password will be set back to NULL. For this procedure we'll use the password "Eins".
hdparm --user-master u --security-set-pass Eins /dev/X
Step 2a - Command Output:
security_password="Eins"
/dev/sdd: Issuing SECURITY_SET_PASS command, password="Eins", user=user, mode=high
Step 2b - Make sure it succeeded, execute:
hdparm -I /dev/X
Step 2b - Command Output (should display "enabled"):
Security:
Master password revision code = 65534
supported
enabled
not locked
not frozen
not expired: security count
supported: enhanced erase
Security level high
2min for SECURITY ERASE UNIT. 2min for ENHANCED SECURITY ERASE UNIT.
Step 3 - Issue the ATA Secure Erase command:
time hdparm --user-master u --security-erase Eins /dev/X
Step 3 Command Output:
Wait until the command completes. This example output shows it took about 40 seconds for an Intel X25-M 80GB SSD, for a 1TB hard disk it might take 3 hours or more!
security_password="Eins"
/dev/sdd: Issuing SECURITY_ERASE command, password="Eins", user=user 0.000u 0.000s 0:39.71 0.0% 0+0k 0+0io 0pf+0w
Step 4 - The drive is now erased! Verify security is disabled:
After a successful erasure the drive security should automatically be set to disabled (thus no longer requiring a password for access). Verify this by running the following command:
hdparm -I /dev/X
Step 4 - Command Output (should display "not enabled"):
Security:
Master password revision code = 65534
supported
not enabled
not locked
not frozen
not expired: security count
supported: enhanced erase
2min for SECURITY ERASE UNIT. 2min for ENHANCED SECURITY ERASE UNIT.
Known issues:
Executing security erase without setting a password
Some variations of this are spread on various Internet sources. It does not work because security is "not enabled" (see hdparm output below).
hdparm --user-master u --security-erase NULL /dev/X
security_password=""
/dev/sdd: Issuing SECURITY_ERASE command, password="", user=user ERASE_PREPARE: Input/output error
Error: 25
With some distributions setting a password does not work:
hdparm --user-master u --security-set-pass Eins /dev/X
/dev/sdd: Issuing SECURITY_SET_PASS command, password="Eins", user=user, mode=high Problem issuing security command: Inappropriate ioctl for device Error: 25
Compiling the latest hdparm from http://sourceforge.net/projects/hdparm/ resolved this problem on CentOS 5 x86_64.
Command time-out during erase with larger drives
hdparm versions prior to version 9.31 hard-coded the time-out for the erase command to be 2 hours. If your drive requires longer than 2 hours to perform a security-erase, then it will be reset part-way through the erase command.
If your drive reports that it needs longer than 120 minutes to perform the security erase operation, then you should ensure that you are using version 9.31 or newer.
If such a time-out has occurred, the output of the "time" command above will be just slightly longer than 120 minutes, and the drive will not have erased correctly. The drive will be reset when the time-out occurs, and whilst this appeared to do no harm to a 1GB Seagate ES.2, it's probably not a very well tested part of the drive firmware and should be avoided. In the case of the Seagate, the password was still enabled after the partial-erase and subsequent time-out/reset.
Alternative ATA Secure Erase Tools
HDDErase
The freeware DOS tool can also perform a ATA Secure Erase, although controller support is spotty at best.
Travis Geis
--
You received this message because you are subscribed to the Google
Groups "LVL1 - Louisville's MakerSpace" group.
To post to this group, send email to lv...@googlegroups.com
To unsubscribe from this group, send email to
lvl1+uns...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/lvl1?hl=en
For more info about LVL1 visit www.lvl1.org
--
Travis Geis
ottob...@gmail.com
(502) 287-8063
Raj -
DBAN works as an external program that writes patterns of waveforms to the disk in order to overwrite any data already existing. While this is a good approach, it has several drawbacks. It is not able to overwrite any bad sectors, as they have already been reallocated and substituted with spare sectors. SecureErase does not write any data to the hard drive itself. What it does is activate an internal command in the ATA spec. The ATA spec is a list of requirements for manufacturers on how to make sure all hard drives and controllers work with each other. It is the standard system by which they operate. A little-known part of this standard is a protocol built into the hard to erase itself. The SecureErase program just sends the drive this command. It then password locks the drive and activates this native command, causing the drive to erase itself. No external program is writing the waveforms. It is the firmware of the drive doing the work. The advantage of this is that it can access and securely erase areas not available to normal programs.
For example, when a drive ships from the factory, there are two lists of bad sectors, called the P-list and the G-list (there are also P-tracks and others based on manufacturer, but these two are universal). *Every* drive has many bad sectors on them straight from the factory. The P-list (for Permanent) is a list of the sectors found to be bad when they low-level formatted it at the factory. This cannot be altered. The G-list (for Grown) is an internal list of all the bad sectors that developed after the drive was shipped. When a bad sector is found, it adds the LBA of the bad sector to this list, marks it as unusable, and reallocates that bad sector's LBA to a spare sector. This re-allocation is transparent to the user. Because these lists are present on a "negative cylinder" in the system area , which contains things like the drive's firmware, servo timings, sector timings, RRO information, etc., the G-list can't be accessed by the user without specialized equipment. So when DBAN writes data patterns to the drive, it is writing them to the spare sectors, leaving the data on the bad sectors still present. A bad sector doesn't necessarily mean that data couldn't be read or written to. It usually means that reading it took longer than the firmware's timeout value, but can still hold data. The internal mechanism defined by the ATA spec can access the system area, so it can not only find and erase the bad sectors, it can erase all the entries in the G-list itself, clear the SMART data, and perform other internal erase functions.
In essence, it's the most secure way to software sanitize a drive. If you're really paranoid, you can run it more than once, although it's unlikely to add any value. One of the best advantages is that it only takes a couple of hours, even on a terabyte drive, compared to 24+ hours using DBAN. Sorry if this explanation was long-winded, but I figured you'd want to know the details of how it's different and why it's better. If you have any questions let me know.
Raj
jason p
man when you first said somthen aboue this it had me thinking about a guy named Zombie , not rob zombie but a guy that writes polymorpic virus engines , least i think im thinking of the right guy , anyway think i have read somthen on this being played with on a malicious level , i dunno i do remember hearing about this from somewhere ,
what got me wondering how well it works is the lack of info , or at least the lack of info ive came across on it , Example: https://ssd.eff.org/tech/deletion
" Some full-disk encryption software has the ability to destroy the master key, rendering a hard drive's encrypted contents permanently incomprehensible. Since the key is a tiny amount of data and can be destroyed almost instantaneously, this represents a much faster alternative to overwriting with software like Darik's Boot and Nuke, which can be quite time-consuming for larger drives. However, this option is only feasible if the hard drive was always encrypted. If you weren't using full-disk encryption ahead of time, you'll need to overwrite the whole drive before getting rid of it."
im assuming the EFF is referring the program that erases the hd key as the ata commands ?
as far as the nsa i allways think of the NSA keys http://en.wikipedia.org/wiki/NSAKEY
and read about them backdooring firmware i dunno ,i just watched to many xfiles episodes
aet...@gmail.com
Sent from my Verizon Wireless BlackBerry
jason p
that brings me back to it ? why dont you see more infos on using this to destroy data ? sounds like you could maybe make a panic button program or somthen with this ?
aet...@gmail.com
Sent from my Verizon Wireless BlackBerry
jason p
requirements, nor could it be, since it is an external disk wiper
crazy , learned somthen today :)
going to have me freaking up my drives now ,. playing with stuff ...
im missing somthen though , still hasnt sunk into my head yet , back to google i go :)
Raj -
Raj -
From: jason p <jasonpi...@gmail.com>
To: lv...@googlegroups.com
Sent: Tue, June 21, 2011 10:56:42 AM
Subject: Re: {LVL1} Before I Sledgehammer Some Hard Drives and Stuff
--
jason p
hardware level encryption sounds cool id like to learn more about it ,
i swear i wish could just plug my brain into an download the internet in one go , lawnmower man syle , lol