Lacie D2 Safe for recovery

[Rhys1506]

Hello, I have a Lacie D2 Safe external, i am trying to access the data for recovery, as the caddy has a biometric fingerprint reader i cant see anyway to get around this. I took the drive out of the caddy and opened up various pieces of recovery software to see if i could recovery all the data without the caddy, but nothing seems to be able to do this without giving errors and crashing, i have tested the drive and it is physically fine, so i am assuming there is some sort of encryption on this drive and because i cant access any of the data
Is there any method i can use to access this drive without the having the fingerprint of the user??

Any help would be appreciated
Thanks

[Nationwide DR]

How did you test it?

[Rhys1506]

I tested it using MHDD, drive doesn't click, scans with all good sectors

[Nationwide DR]

You say it crashes when scanned using software - what sort of error messages you seeing? CRC errors? I can't see how encrypted data would cause data recovery software to crash. What does it look like in a hex editor? can you see 'data'?

have you been on the Lacie site?

IMPENETRABLE DATA PROTECTION
With its revolutionary hardware encryption, the LaCie SAFE Mobile Hard Drive guaranties ultimate security for your highly confidential data. Files stored on the hard disk are automatically coded—without transfer rate compromise. Even if the drive is pulled out from the casing, data remains encrypted and no corruption is possible. The encryption depends on a sole key stored directly on the board; this innovative technology makes each drive unique.

I suggest you ask your customer to remove a finger and send it in the post or You could try to idendify which chip holds the key and transfer it to an identical caddy then ask your client to test the unit.

[rchadwick]

Just ask the customer to send you their finger

It's likely not recoverable. I haven't worked on these, but I'd be pretty pissed if I bought one, thinking my data was secure, and it could be bypassed by taking the drive out of the enclosure. I see one of four scenarios:

1) The data is encrypted by a single key, determined at the factory.
2) The data is encrypted with a random key, stored on the drive itself
3) The data is encrypted with a random key, stored in flash,
4) The data is encrypted with a key determined by the fingerprint itself

If it's #1 or 2, there might be a utility somewhere that will decrypt the drive. If I was LaCie, I'd keep such a utility under lock and key.

If it's #3, you'll need a method of decryption, and a way to read the flash.

If it's #4, there will be no decryption without the original finger.

This all assumes they used strong encryption. Some research might produce answers to these questions.

[rchadwick]

Ahhh, based on that information, it looks like #3. There's a possibility this could be bypassed with some research. For instance, you might have a chip for the fingerprint reader, and a chip for the encrypt/decrypt. It might be something as insecure as a single line going low or high. Examining a working drive would be a start. Also, if you have access to the flash chip, you could back it up, use another unit programmed with your fingerprint, and copy the key into your unit, and put their drive into yours. It might not be that easy, as they might use the same flash chip to store the encryption code, and the fingerprints. You might have to determine how all that is stored.

[Nationwide DR]

so basically it's going to be a right pain in the arse.

[Nationwide DR]

Nice to see he followed up on his own thread. Next time he's needs advice, I know where I am not going to bother wasting my time typing!

[TerraNova]

I have done one but luckily i have the customer's finger, now i have the enclosure with me and it is unusable, even i replace the drive it wont work, apparently like above mentioned (rchadwick).

Is there any way to re-use the enclosure? its a waste if i have to discard it.

[BlackST]

No.

[TerraNova]

Is there any way to re-use the enclosure? its a waste if i have to discard it.

Anyone got solution to resuse the enclosure yet?

[TerraNova]

Ahhh, based on that information, it looks like #3. There's a possibility this could be bypassed with some research. For instance, you might have a chip for the fingerprint reader, and a chip for the encrypt/decrypt. It might be something as insecure as a single line going low or high. Examining a working drive would be a start. Also, if you have access to the flash chip, you could back it up, use another unit programmed with your fingerprint, and copy the key into your unit, and put their drive into yours. It might not be that easy, as they might use the same flash chip to store the encryption code, and the fingerprints. You might have to determine how all that is stored.

If i were to erase the flash SST39VF400A will the enclosure resuable?