Although I focus on Defensive Computing, I'm no more interested in entering multiple passwords when my computer boots up than anyone else. Security always involves a trade-off with convenience and, just like many other computer users, I've only got one password in me. That is, when I power on my laptop computer, I'm willing to enter a password for the added security it provides, but only one password.
Of the available boot-time passwords, the hard disk password, in my opinion, offers the most security. Windows XP passwords offer little protection, as any competent computer nerd can bypass them by booting the machine from a CD or USB flash drive. Power-on passwords don't protect sensitive files on the hard disk because a bad guy can always remove the hard disk and connect it to another computer.
Rather than protect the operating system or the computer, hard disk passwords protect the hard disk itself. Only the hard disk knows the password and only the hard disk can validate it. You do not need to install any software, the operating system is oblivious to hard disk passwords. The BIOS does not store the password, it merely passes along what you enter to the hard disk. As Jerry Seinfeld might have said, the hard disk is the master of its own domain.
As a devoted ThinkPad buyer, hard disk passwords have always been an option for me. However, not every computer offers hard disk passwords. For example, the last machine I purchased, an MSI Wind netbook, does not offer it. While the hard disk in the Wind may support a password, the BIOS in the computer also needs to support it.
On a day to day basis, the only effort involved in using a computer protected with a hard disk password is entering the password when the computer is turned on. That's it. To me, this seems like a small price to pay for pretty good security. And, it's free. A machine protected with a hard disk password doesn't really need an operating system password, although admittedly, this is a matter of opinion.
Setting up a hard disk password has been simple and quick every time I've done it. In the BIOS setup program on ThinkPads this is done in the Password section. There is, however, a big difference in the user interface for BIOS setup programs, so the hard disk password may, for example, be in a Security section on other machines. Still, all that's involved is turning on the option and entering the password. The instructions in the BIOS setup program should explain the process.
Steve Gibson recently shed some light on the subject in his Security Now podcast. Gibson is, unquestionably, an expert on hard disks. He makes his living selling SpinRite, a hard disk diagnostic program.
To get his take on the subject, see the December 4th Listener Feedback episode (number 173). It's available in two audio formats and a transcript of the show is available as a web page (my preference), plain text and PDF. Look for the question from John D. Patrick in Des Moines.
As Gibson explains it, the hard disk is itself a computer, supporting an API and able to respond to commands. Even in a locked state the hard disk will respond to some commands, those that self-identify it. However, it will not externalize any stored data until the correct password is provided.
And, he makes it very clear that moving the hard disk to another computer does not bypass the password. In fact, moving the hard disk makes it less likely that you'll be able to gain access the drive. Suppose, for example, that you enter a password of "abcd". Gibson points out that there is no standard or rule that says the BIOS has to pass that exactly as is to the hard disk. It's possible, for example, that the BIOS might pass "dcba" to the hard disk. In this case, even if you knew the password, you wouldn't be able to access the hard disk from another computer (unless it was the same make and model).
My ThinkPad has a feature that Gibson didn't touch on - it supports two hard disk passwords, a user password and a master password. Designed for corporate use, the same master password can be used on all computers owned by the company while each employee gets assigned their own user password. Employees only know their user-level hard disk password, but someone from the home office, who knows the master password, can get into any hard disk.
Here is the documentation on this from the ThinkPad Configuration utility on my machine:
The master password can be set and used only by a system administrator. Like a master key, it enables the administrator to get access to any hard drive in a system. The administrator sets the master password, and no one else knows it. Then the administrator sets a user password for each computer in the network, and tells each user the password for his or her computer. The user can then change the user password as desired; the administrator can still get access by using the master password.
In the November 20, 2008 Security Now podcast (episode 171) Gibson said "I don't think there's a drive on the market now that doesn't offer this [hard disk passwords] as an option." This implies it's available on both IDE and SATA disks. He usually doesn't address SCSI or SAS disks, so I'm not sure if they offer password protection.
But, as noted above, even if the hard disk supports passwords, the BIOS also has to support it. If the BIOS on your computer doesn't, Gibson suggests checking to see if there is an updated version of the BIOS that does. A word of warning though, updating the BIOS can be dangerous. I wouldn't attempt it without multiple backups of all my important files.
This is the first posting in a sort series on the topic. Next is combining hard disk passwords with power-on passwords. After that, the limitations of hard disk passwords.
Source : http://blogs.computerworld.com/hard_disk_passwords_offer_great_security_for_free
No comments:
Post a Comment