security issue: hard disk lock
From: Jonas Diemer
Date: Mon Apr 04 2005 - 12:43:45 EST
Hello!
I don't know if you guys already know, there is a possible security risk with
all modern desktop-pcs and ata hard drives. In short:
Modern ata drives can be locked by password. This lock could be set by a
malicous software. This security feature can be frozen, so no programs can
set a lock until the next reboot. Ususally, the BIOS should take care of
locking the security feature, but most desktop BIOSes (unlike laptop BIOSes)
fail to do so. Once a lock is set and the password is unknown, the drive is
trash.
See http://www.heise.de/ct/english/05/08/172/ for more details.
In the above article, a patched hdparm is used to freeze the drive's security
features. This can be used during boot to prevent programs from setting a
password. However, a malicous program could infect the computer and install
itself in the boot sequence prior to the execution of hdparm...
I figured there could be a kernel compiled-in option that will make the kernel
lock all drives found during bootup. then, a malicous program would need to
install a different kernel in order to harm the drive, which would be much
more secure.
What do you think of this?
Regards,
Jonas
PS: Please CC me in replies, I am not subscribed to the list.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/