All times are UTC - 5 hours [ DST ]


Forum rules


Please do not post questions about data recovery cases here (use this forum instead). This forum is for topics on finding new ways to recover data. Accessing firmware, writing programs, reading bits off the platter, recovering data from dust...



Post new topic Reply to topic  [ 5 posts ] 
Author Message
 Post subject: Make hard drives safer against firmware malware/rootkits ?
PostPosted: September 27th, 2017, 17:21 
Offline
User avatar

Joined: December 19th, 2006, 8:49
Posts: 8161
Location: Portugal
This is kind of silly but why won't :

1 - PC and Laptop makers don't allow for an option in BIOS set to ON by default to issue the security freeze lock to ALL hard drives as the PC boots up ? This is present in many laptops but could be extended to any PC with an option on BIOS to turn the feauture off. Windows (or other OS) could implement this as well.As soon as a drive is plugged to the system then Security freeze lock should be issued.

2 - HDD makers should REJECT the "Super ON" or any other Vendor Specific mode if Security Freeze lock is issued !!!

3 - If you want to access F/W on the drive you should move drive to a dedicated system with protection turned to off. On a regular system security freeze would be issued making hard drive unable to enter vendor specific mode and access to FW would be denied.

4 - If a computer were to be "infected" not only security erase wouldn't work but also attacks that would modify the hdd FW would fail.

:D :D :D

_________________
1Q9xrDTzTddUXeJAFRn37aqh1Yr6buDCdw - (Bitcoin Donations)
The HDD Oracle - Platform for OPEN research on Data Recovery.


Top
 Profile  
 
 Post subject: Re: Make hard drives safer against firmware malware/rootkits
PostPosted: September 27th, 2017, 23:16 
Offline
User avatar

Joined: September 29th, 2005, 12:02
Posts: 3140
Location: Chicago
Now you need to figure out how to do a FW update on such "locked" drive

_________________
https://www.linkedin.com/in/artemrubtsov/


Top
 Profile  
 
 Post subject: Re: Make hard drives safer against firmware malware/rootkits
PostPosted: September 28th, 2017, 14:22 
Offline
User avatar

Joined: December 19th, 2006, 8:49
Posts: 8161
Location: Portugal
Doomer wrote:
Now you need to figure out how to do a FW update on such "locked" drive


You would need to temporarly allow for security not to be locked in BIOS, for example by allowing to boot for some time without sending the security freeze ?

_________________
1Q9xrDTzTddUXeJAFRn37aqh1Yr6buDCdw - (Bitcoin Donations)
The HDD Oracle - Platform for OPEN research on Data Recovery.


Top
 Profile  
 
 Post subject: Re: Make hard drives safer against firmware malware/rootkits
PostPosted: September 28th, 2017, 16:59 
Offline
User avatar

Joined: September 8th, 2009, 18:21
Posts: 9783
Location: Australia
I notice that the ATA standard allows the vendor to decide how the drive responds to the ATA Download Microcode command when in the security freeze locked state.

_________________
A backup a day keeps DR away.


Top
 Profile  
 
 Post subject: Re: Make hard drives safer against firmware malware/rootkits
PostPosted: September 28th, 2017, 22:57 
Offline
User avatar

Joined: December 4th, 2012, 1:35
Posts: 2973
Location: Adelaide, Australia
you cant even get people to not click on links like:

Code:

from commonwealth Bank Astralia <xibit99@gmail.com>
dear %USER
You mustplease cl ikc here to change your password or your account will be locked.

signed
security team


so why pay for a million dollar research team to get that sort of protection right.
with attacks like rowhammer, you have to invest a LOT to get something that is secure.


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 5 posts ] 

All times are UTC - 5 hours [ DST ]


Who is online

Users browsing this forum: No registered users and 2 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group