Hardware Reference
In-Depth Information
ThinkPad systems, an icon consisting of a cylinder with a number above it (indicating the drive
number) next to a padlock appears onscreen. If the drive password prompt appears, you must enter it;
otherwise, you will be denied access to the drive, and the system will not boot.
As with many security features, a workaround might be possible if you forget your password. In this
case, at least one company can either restore the drive to operation (with all the data lost) or restore
the drive and the data. That company is Nortek. (See
www.nortek.on.ca
for more information.) The
password-removal procedure is relatively expensive (more than the cost of a new drive in most
cases), and you must provide proof of ownership when you send in the drive. As you can see,
password restoring is worthwhile only if you absolutely need the data back. Note that even this will
not work if the drive employs internal AES encryption. In that case, without the password, the data
simply cannot be recovered.
Passwords are not preset on a new drive, but they might be preset if you are buying a used drive or if
the people or company you purchased the drive or system from entered them. This is a common ploy
when selling drives or systems (especially laptops) on eBay—for example, the seller might set
supervisor or drive passwords and hold them until payment is received. Or he might be selling a used
(possibly stolen) product “as is,” for which he doesn't have the passwords, which renders them
useless to the purchaser. Be sure that you do not purchase a used laptop or drive unless you are
certain that no supervisor or drive passwords are set.
Most systems also support other power-on or supervisor passwords in the BIOS Setup. In most
systems, when you set a supervisor password, it automatically sets the drive password to the same
value. In most cases, if a supervisor password is set and it matches the drive user or master
password, when you enter the supervisor password, the BIOS automatically enters the drive
password at the same time. This means that even though a drive password is set, you might not even
know it because the drive password is entered automatically at the same time that you enter the
supervisor password; therefore, you won't see a separate prompt for the drive password. However,
if the drive is later separated from the system, it will not work on another system or be readable until
you enter the correct drive password. Without the services of a company such as Nortek, you can
remove a drive password only if you know the password to begin with.
Host Protected Area
Most PCs sold on the market today include some form of automated product recovery or restoration
feature that allows a user to easily restore the operating system and other software on the system to
the state it was in when the system was new. Originally, this was accomplished via one or more
product-recovery discs containing automated scripts that reinstalled all the software that came
preinstalled on the system when it was new.
Unfortunately, the discs could be lost or damaged, they were often problematic to use, and including
them by default cost manufacturers a lot of money. This prompted PC manufacturers to move the
recovery software to a hidden partition of the boot hard drive. However, this does waste some space
on the drive—usually several gigabytes. With 60GB or larger drives, this amounts to 5% or less of
the total space. Still, even the hidden partition was less than satisfactory because the partition could
easily be damaged or overwritten by partitioning software or other utilities, so there was no way to
make it secure.
In 1996, Gateway proposed a change to the ATA-4 standard under development that would allow the
HPA to be reserved on a drive. This change was ratified, and the HPA feature set was incorporated
