I have an older Seagate Momentus FDE.1 HDD (model ST9250424ASG) in an old Dell Latitude D820 which was set up with Wave Embassy Security Center from Dell. The FDE.1 offers full disk encryption, though runs Seagate's security feature called DriveTrust. DriveTrust security must be enabled by 3rd party software like Wave Embassy Security Center or WinMagic SecureDoc. You can also use regular ATA security on it.
Anyways, here is the problem. The OS that was on it (Windows 7 Ultimate 64-bit) was having some issues after a few Windows updates so I decided to restore the system back to a previous state using Macrium Reflect Home edition. I used my password to log into Wave Embassy Security Center's Trusted Drive control panel and un-initialized the drive and reverted the system back about 6 hours before the updates were installed. The problem now is that for some reason, after the system was reverted, it shows that the drive's DriveTrust security was somehow initialized again. No big deal, right? Just use your password and log in to Wave Embassy Security Center and un-initialize it again. Well now it tells me either my username or password are incorrect and they're not incorrect. Even the FDE's backup file shows they're the same as before.
The Seagate FDE.1 has a SID printed on the front of the drive (not a PSID), and the SID is set default as the drive's master password. This can then be used to do a crypto-erase. Unfortunately, no crypto-erase will succeed. I have tried Seagate's SeaTools for DOS, Parted Magic and even straight hdparm via Linux terminal. I am unable to set a user password for the drive and security on the drive is shown to NOT be enabled. Seagate's SeaTools is suppose to use the SID for a crypto-erase but even that fails, and tells me to check in the BIOS to see if drive passwords can be disabled. This hard drive has never had an ATA password set and its master password has never been changed. I have swapped the drive around to multiple systems thinking perhaps it was an issue with the IDE/SATA controller used but no matter what laptop I use - even my new business laptops - I'm unable to issue a secure erase/enhanced secure erase command that's successful. Enhanced Secure Erase on a FDE/SED acts as a crypto-erase, too, per Seagate's manual.
So there's no ATA security enabled on this drive, yet crypto-erase fails. If I try to set a hard drive password in the BIOS, I get an error message "The password is unacceptable!" Trying to set a password using hdparm returns an error of:
Quote:
SG_IO: bad/missing sense data, sb[]: 70 00 05 00 00 00 00 0a 00 00 00 00 24 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
hdparm -N /dev/sda shows the HPC as being disabled. Running sudo smartctl -a /dev/sda will show all the correct drive information, but will also show a "DCO Checksum Failed."
So I'm convinced that the Drive Trust security was re-enabled when the system was reverted somehow which renders ATA security commands useless.
Next to being unable to use any drive security, the drive still acts just like a regular hard drive. I am not locked out of it and can still access it and install anything on it I want.
This is an old laptop and I have 2 brand new business laptops with dual Opal 2 Intel SSDs in each that I just bought, so this FDE.1 is not crucial to anything; however, I've decided to sell the Dell D820 and want to include this FDE.1 with it. I have other older FDE drives (FDE.2-4) but this is the drive I ordered with the D820 back in 2006.
If anyone has any ideas on further options, I'd appreciate it. In the meantime I will continue to try various things and also report back if I have any success for anyone else down the road with the same issue. Thank you.