Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
×
Security Data Storage Hardware

How To Head Off ATA HDD Password Abuse 215

An anonymous reader submits "German c't magazine has a story about abusing the security features of ATA hard disks. The bottom line is that almost all ATA hard disks in desktop PCs can be password-protected. However, on most desktop PCs, the BIOS does not support locking this option -- so viruses or malware could set a random password, making any data unreadable unless recovered by professionals."
This discussion has been archived. No new comments can be posted.

How To Head Off ATA HDD Password Abuse

Comments Filter:
  • by Doppler00 ( 534739 ) on Saturday April 02, 2005 @02:45PM (#12120981) Homepage Journal
    Why on earth would you want to password "protect" a hard drive? How would that be any better than properly encrypting your files?
    • by tivoKlr ( 659818 ) on Saturday April 02, 2005 @02:48PM (#12120996) Journal
      Well, for software modding an Xbox for starters.

      Xboxen will only boot from a locked hard drive, and to modify the files on an Xbox to, you know, allow you to run your own home written unsigned code, you need to be able to lock the drive once you've modified it to get the Xbox to recognize it.

      I have encountered bioses that won't allow you to lock or unlock drives. Very annoying...
      • Hard drive password locking today, full system locking tomorrow. Once DRM supporting BIOSes ("trusted computing") hit a critical mass, we will surely see viruses that use that DRM itself to disable the entire hardware, not just one drive or two.

        In a way, these "trusted computing" solutions will be more risky than the open systems we have today. A virus on such a system could disallow your hardware to boot from any device and run any software, so even removing an affected drive would not be enough. User
    • Why on earth would you want to password "protect" a hard drive? How would that be any better than properly encrypting your files?

      So that when I die no one can go through my harddrive?
    • by darkwhite ( 139802 ) on Saturday April 02, 2005 @03:05PM (#12121106)
      Why on earth would you want to password "protect" a hard drive? How would that be any better than properly encrypting your files?

      Speed.

      Only very sophisticated organizations have the means to lift data off a password-protected hard drive. Encryption, while more durable in that regard, sacrifices speed with every access to the files in question.
      • Ya.
        This is just supesition but I'm assuming if 1 enables this in the bios, your password is then stored
        in bios's cmos memory and the bios then uses that to unlock the drive, to the support an autoboot feature.
        so the machine can boot by itself , w/o user interaction. So any computer that someone could just snatch and grab
        will likely autoboot and unlock the drive, and not be very good security, maybe for office desktops where maybe
        someone could open the case, take the drive , but not abscond with the the
      • Only very sophisticated organizations have the means to lift data off a password-protected hard drive. Encryption, while more durable in that regard, sacrifices speed with every access to the files in question.

        Really? So I can't just buy another drive that is the same, swap the PCBAs and have instant access to my data? (give that a shot.)

      • As things which require encryption become more commonplace, hardware aimed at the optomizing the encryption process is becoming more common and well. remember, some software encryption may be hard on your standard CPU because the PC by nature is - while optomized in certain areas - aimed at being more versatile than specific.

        There are boards that have chipsets aiming at supporting hardware-based encryption though (I know VIA has a few). Just like a sub-1Ghz GPU will kick your 3.2Mhz CPU's ass for 3d rende
    • the external hard drive you had in your bag yesterday?
    • My understanding is that this was intended mainly for laptops. I'm not sure how long this has been a part of the standard, but I wouldn't be surprised if many laptops were still being distributed with Windows 98 when this was drawn up. Is it better than encrypting your files? Well of course not, but it doesn't slow down the hardware at all, and it's rather simple.

      But how safe is encrypting your files? What algorithm does it use? Is it implemented properly? Even if you know for sure, someone can read
  • professional? (Score:4, Informative)

    by AmigaAvenger ( 210519 ) on Saturday April 02, 2005 @02:47PM (#12120992) Journal
    unless recovered by a professional? It takes all of 2 minutes to make a boot disk with atapwd and reset it. Besides, the reason no virus does this is because it needs an operational machine. If you lock out the drive you aren't going to spread yourself very far.

    Here is a website that shows how to unlock it, and you don't even have to be a professional!

    http://www.rockbox.org/lock.html [rockbox.org]

    • by Anonymous Coward on Saturday April 02, 2005 @02:51PM (#12121018)
      If you lock out the drive you aren't going to spread yourself very far.
      Think of it like this: A Slashdotter with a venereal disease. He isn't going to infect anyone.
    • Re:professional? (Score:4, Informative)

      by C_To ( 628122 ) on Saturday April 02, 2005 @02:53PM (#12121036)
      Did you read the bottom part of the page you quoted? It said there was no way to fix the ATA password in Maximum security mode without knowing what it is.
      • Re:professional? (Score:2, Interesting)

        by Cylix ( 55374 ) *
        Eh,
        you can wipe the disk for a recover if the master password is tampered.

        Read the provided roxbox link.
        • You can't. You still need to pass the password with the SECURITY ERASE UNIT command.

          See the end of this document [t13.org].
        • Re:professional? (Score:4, Informative)

          by evilviper ( 135110 ) on Saturday April 02, 2005 @07:21PM (#12122809) Journal
          you can wipe the disk for a recover if the master password is tampered.

          No, you certainly can't.

          The hard drive will not accept any commands until you give it the correct password (stored in an eeprom). You'll get a stream of errors even if you just try to cat zeros to the drive's device.

          In case it isn't obvious, I have first-hand experience with this, though on notebook drives, never desktop drives.
        • Re:professional? (Score:2, Informative)

          by k8to ( 9046 )
          I am baffled that the parent was modded up, given that it is clearly incorrect even according to the link listed.

          To be clear, the link listed provides only one piece of information in addition to the heise article: drives come with a default master password, and it is possible to find out if it the default master password is still in place.

          While handy information, it does not alleviate the security concerns. A locked drive is still inaccessable without the password. A malicious user or malware can change
      • Re:professional? (Score:3, Interesting)

        by Lehk228 ( 705449 )
        yes there is, get an identical drive and swap the logic boards.
        • Re:professional? (Score:3, Insightful)

          by tomhudson ( 43916 )
          yes there is, get an identical drive and swap the logic boards.
          RTFA: The passwords, and most of the drive firmware, are stored on the drive platters, not on the logic boards.
    • In Maximum security mode, you cannot unlock the disk! The only way to get the disk back to a usable state is to issue the SECURITY ERASE PREPARE command, immediately followed by SECURITY ERASE UNIT.


      The SECURITY ERASE UNIT command requires the Master password and will completely erase all data on the disk. The operation is rather slow, expect half an hour or more for big disks. ...
      Well doesn't that suck
      • can't you crack open the drive and read the platters with whatever special device recovery experts have?

        If the virus can set the password, I doubt that the actual contents are encrypted (that would require a few hours to do retroactively).
        • You would probably be better off replacing the circuit board on the drive with the same board from another drive of the same model. Would get rid of the passwords and would not require nearly as much specialty work as it would to remove the platters and read it with special machineary.
          • by Anonymous Coward
            Actually, the article states that the password is distributed across the platters, and a checksum is in the flash memory on the controller board. Therefore stripping out the controller board & replacing it is not going to make the drive work.

            In fact the recovery company mentioned in the article reportedly didn't have to open the drive to recover the password... Probably there's a flaw in the logic that controls checking the password. I suspect the password is stored unencrypted on the disk and there's
            • by pegr ( 46683 ) *
              Variation of the swap logic boards trick...

              Swap with one of your own design. Since the password is on the disk, the orginal logic board has to get it, right? That means the logic board can talk to the platters... You just need a logic board that retrieves the password for you. Then swap back and do whatever you want.

              I bet that's how the data recovery outfits do it. They even stated in TFA that known models are no problem, unknown models may take awhile. Yup, designing a logic board to talk to some
    • Re:professional? (Score:5, Informative)

      by warrior ( 15708 ) on Saturday April 02, 2005 @03:02PM (#12121088) Homepage
      No, you cannot use atapwd to reset it. There are two passwords, a master and a user. If you know the master password, you can use atapwd to reset the user password. These passwords are stored across platters and are stored as a checksum in flash on the HD controller. Resetting the password is not trivial at all. There are two options, use a logic analyzer and try to intercept the pieces of the password on it's way in to generate the checksum (haven't heard of anyone being able to accomplish this), or take the drive apart in a clean room, erase the password of the platters and attach a virgin controller. There are no companies in the US that will do either of these for you, and I don't think that's a coincidence. The very few (3-4) companies that perform this service make very good money of it. If you don't believe me, set your master ATA pwd to a known value and try to reset it by any means _without_ using the password. You can't, you're hosed. Most people at this point chuck the disk, they're cheap. But if you need the data you'll pay anything. The idea behind it is that should it get stolen, the data is safe. The companies that do data retrievel require proofs of ownership. However, for the fool that forgets or accidentally sets the password, you're hosed. For those of you that own Toshiba 80GB laptop hdds, beware, there's a flaw in the controller that may glitch and set a random password for you. In that case you'll want to talk to Nortek [nortek.on.ca].
      • Why the heck can't you just replace the chip with the flash with a new one? Or take it out and flash it back to it's initial state and plug it back in?
      • Re:professional? (Score:4, Interesting)

        by Qzukk ( 229616 ) on Saturday April 02, 2005 @03:17PM (#12121156) Journal
        There are two options, use a logic analyzer and try to intercept the pieces of the password on it's way in to generate the checksum (haven't heard of anyone being able to accomplish this), or take the drive apart in a clean room, erase the password of the platters and attach a virgin controller ....

        If this is just password protection and not encryption, wouldn't it be simpler to replace the drive controller with one using firmware that ignores the password? I'm certain the drive manufacturers would have a few of these laying around.
        • Re:professional? (Score:4, Informative)

          by darkwhite ( 139802 ) on Saturday April 02, 2005 @03:25PM (#12121199)
          Your reasoning is correct - that should be the easiest way. But I'm willing to bet the HDD manufacturers don't have a few of these laying around because if it became known that a particular HDD has password-bypassing controller boards available on the grey/black market, the corporations who use this feature as part of their security procedures would stop buying that manufacturer's drives.
          • Re:professional? (Score:5, Insightful)

            by mkldev ( 219128 ) on Saturday April 02, 2005 @03:52PM (#12121392) Homepage
            I'm willing to bet drive manufacturers -do- have custom firmwares that do that. Why? Because otherwise they would end up generating a lot of bricks while testing bug fixes to those parts of the firmware....

            Further, it shouldn't be that hard to solve this problem. The drive reads the data off the disk. There's a ribbon cable between the controller board and the disk. Tap the data stream. Feed it into a logic analyzer that has a digital data ouptut (e.g. a USB logic analyzer). Take the data captured, find the sync bytes, then shove the remainder into an RLL decoder.

            Now figure out the ECC format used (it will typically be four bytes at the end of each sector, but this may vary). Strip the ECC bytes. You now have a track image of the track in question, probably with some extra sync bytes between sectors, but I'm not sure. If you want, you could simply single-step the drive motor repeatedly and copy the entire disk this way, but it is probably more effective to write a program that scans for things that right be an ATA password and tries them sequentially.

            To make this easier, every 4 passwords or so, the tool should ask you to power-cycle the drive. To facilitate this, take a power extender cable and cut the 5v line. Put a momentary off pushbutton inline. Press for a second and then release. In all likelihood, you should only need to power cycle the drive electronics, not the drive motor (12v).

            I've never tried this, of course, but in principle, it shouldn't be that bad....

            • It doesn't have to be so easy if the OEM is really concerned about this.

              The location of the password on the platter may be determined by a random seed stored in the drive's flash ROM. The password might not be recoverable from a hash stored on the platter (so that the only way to bypass is to directly erase all sectors you suspect of having the password, which the non-hacked controller will refuse to do for you). The hash may be split and stored half on the platter, half on the flash (or the password simpl
        • Re:professional? (Score:2, Insightful)

          by HappyClown ( 668699 )
          Nope, RTFA. Part of the firmware and password is stored on the HDD itself, so even replacing the entire drive controller hardware doesn't help.
        • by xtal ( 49134 )
          I've been doing more work with FPGA's recently:

          If this is the case, there are some IDE controller projects available on opencores. It shouldn't be a serious problem for someone to build a board that would allow you to mount the drive so you can copy data off of it - there are also open, well tested, PCI bridge modules freely available now.

          http://www.opencores.org/browse.cgi/by_category [opencores.org]

          If it is indeed the serious concern that people indicate, and it can be broken by the means you suggest - I challenge s
      • RTFA. The article actually states that the recovery company accessed the contents of the drive WITHOUT taking it apart.
    • unless recovered by a professional? It takes all of 2 minutes to make a boot disk with atapwd and reset it.

      Which is not something most computer users know how to do. Trivial for most Slashdotters, but we have a higher level of skill than the typical computer user. It may seem strange to call a bunch of flaky geeks "professionals", but from most peoples' point of view , that's what we are.

      Besides, the reason no virus does this is because it needs an operational machine.

      Good lord, take a look at some of


    • Wrong. You need to know the password to reset it.
      RTFA.

      http://www.heise.de/ct/english/05/08/172/ [heise.de]

    • Well, a method to low down the email worm trend is to release a virus (i.e. the next mydoom/beagle/etc) that sends a big numbers of copies of itself (1k, 10k, whatever), and then encrypt the disk. The people that always click on attachments or use unsafe clients will start to fade fast (specially because will have no clue on how to unlock it or find websites with software for that).
  • by Anonymous Coward on Saturday April 02, 2005 @02:48PM (#12121000)

    but when was the last highly destructive virus you saw ?

    virus writers/skripterz have long since learnt, if you kill the host it is of no use to you, you achieve nothing

    99% of viruses today are trojans because you can use your fancy stealth infection/propogation routines AND make a profit if you keep the host alive, locking a HD would be pointless and contrary to opinion most Virus writers are not stupid, misguided perhaps but not stupid

    • by Tony Hoyle ( 11698 ) <tmh@nodomain.org> on Saturday April 02, 2005 @02:53PM (#12121033) Homepage
      It depends... in nature viruses silently reproduce before killing the host. There's no reason why computer viruses couldn't do the same - this would be very effective.
      • by kwalker ( 1383 ) on Saturday April 02, 2005 @03:19PM (#12121161) Journal
        Yes but the MOST successful viruses go years before they kill the host so as to maximize their infection rates. Plus often when a virus kills the host it's because the virus became TOO successful. Some viruses, like some of the herpes viruses, never kill the host, thereby living as long as the host organism does.
      • Lots of viruses never kill the host unless they have an already compromised immune system. When was the last time someone without AIDS died from a cold. On top of that, a computer virus could be defined as a program made to cause havoc. Killing the host system removes the chance of that instance infecting others, making a poor virus. That is probably one of the reasons you haven't had to worry about mysterious formatting going on.
        • "When was the last time someone without AIDS died from a cold."

          So true infuenza is so much "better" than ebola at propagating. Influenza genaraly does not kill but has you running around sneezing viral particles over everyone. Ebola gets you so fast that it does not propagate too well, plus people tend to stay clear of anyone bleeding from every hole and writhing in agony.

          The problems occur when we have mutant strains of infuenza. These spread like flu but can kill. That is when the shit really hits the f
    • What if someone is trying to get revenge on a former employer?

      Design the virus to propogade for a fixed period of time and then lock down all of the hard drives over night.

      LK
    • So the clever blackmailer would then send a ransom note to an attached printer, wait for confirmation of a successful print, and then initiate the lockdown. If it can't find a printer, it would just use that host to spread to other machines. Gotta be ethical, right? :)

      "Need your data back? For only $1000, we'll send you the correct password. Send payment via Western Union to..."
    • but when was the last highly destructive virus you saw ?
      What about the witty worm?
      It spread in less than an hour and the proceded to destroy data on the hosts hard disks.
  • by D4C5CE ( 578304 ) on Saturday April 02, 2005 @02:53PM (#12121031)
    There's a larger risk looming in this unwelcome feature... From an earlier submission:
    Heise has just released
    a dire warning (and temporary treatment) from c't regarding ATA hard disk security passwords [heise.de]: There may be a gaping security hole in millions of computers that allows malware to lock the hard drives from their legitimate users. Some will remember what this means from extortionate trojan horses as early as 1989 [virusbtn.com] (search for "Panama" - judicial outcome in 1995 [flashback.se]). Now factor in how some similar disaster, "supported" by firmware, could spread over the Internet rather than by postal mail today...
    It seems crucial to protect one's system ASAP against what could become a boon for blackmailers.
    The problem is that if BIOS doesn't disable the function, a "well"-(i.e. viciously)-positioned malware (early in the boot process) could lock the hard drive on first reboot even before any protective software can kick in.
    • OK im not Device programmer , but is it technicaly possible to create a virus that on certain brands of BIOSs using the hardware interface(i know MSI boards support software overclocking and many Graphics cards) could overclock the computer in some way and cause perminant dammage to the system as i am fairly certain you could and if so why is this not a more major worry as this could cause real damage
      • could overclock the computer in some way and cause perminant damage to the system (...) why is this not a more major worry as this could cause real damage

        Not only because any attack like this would have to work with rather primitive code on a wide(spread) variety of hardware (like an ATA hard drive - very few systems don't have one), but also because the goal of an extortionist is to have hostages (cf. the above quotes on the 1989 attack). The "horror scenario" is something like this: A malware written to

  • Security hole? (Score:3, Interesting)

    by Gzip Christ ( 683175 ) on Saturday April 02, 2005 @02:59PM (#12121064) Homepage
    How is this any worse than if a virus were to erase the hard drive?
    • Re:Security hole? (Score:2, Insightful)

      by johkir ( 716957 )
      Here's a possible profitable situation. I get into your offices one day, perhaps for an interview. Through some social engineering, I get access to a PC to 'check my email.' I also load this virus, which, after spreading itself around a bit, goes through it's time delay, and then locks the HD, on as many disks as it can. The cheapest solution is to install new ones. I, of course, know the password, and I just wait at the dumpster for all your personnel/financial info and maybe some proprietary software
      • You could do the exact same thing by overwriting the original files with encrypted versions that only you have the decryption key for. In fact, that would let you put arbitrarily strong encryption on the data rather than relying on the relatively weak protection of a hard drive password. I fail to see how hard drive passwords allow you to do anything worse that what you could otherwise do (e.g., via deletion or encryption).
      • All hard drives, working or not, are stored for 2 years. After that they are smashed to tiny bits, forwarded to a member of senior management for verification, and then disposed of. I guess I wouldn't be surprised if most companies did not do this.
    • It's not, of course. Just as putting epoxy in a keyhole is no worse than burning down the whole building. But both are malicious acts you want to try to prevent.
    • That takes time, especially on large drives. Setting the password takes virtually no time.
    • It is worse because you can throw away the drive. You can not even format it without knowing the password when maximum security mode is used. And even replacing the controller does not help because the pw is also stored on the platters.
      • The obvious solution would be a hacked version of the drive's firmware that ignores the password.

        On the other hand, while I have updated the firmware on a number of devices, I've never done so on a disk drive that I can remember.

        It would be a good idea if the manufacturers made such firmware available that one could install before there was a problem.
    • How is this any worse than if a virus were to erase the hard drive?

      In an erase, you still have a functioning piece of hardware. You could partition, reformat, and reinstall. With a locked hard drive, you can't do any of that as I understand the problem. From the article "...The disk in this state allows no access to its data and accepts only a limited number of commands..."

  • Or even worse (Score:5, Interesting)

    by dilvish_the_damned ( 167205 ) on Saturday April 02, 2005 @03:01PM (#12121077) Journal
    What if someone encrypts all your data one night? You show up for work one morning only to find the latest worm has encrypted all your data and it forces you to recite the lyrics to ELOs Another Heart Breaks ("one, two, three," etc..) before you can get at your data again. Look, if it has enough access to reset the password on your ATA drive, you probably have bigger issues to worry about, like the gaping hole in your OS that allows user code direct access to your hardware.
  • If it's in a known and common chip on the control board couldn't someone just replace the chip?

    I regularly work with surface mount ICs and there are solutions to remove and replace virtually any device.
  • If the BIOS doesn't do it, the OS, upon boot could simply instruct the drive not to accept password change commands. Which wouldn't stop a sufficient virus from sabatoging the next boot and setting it, but still it increases security.

    • If the BIOS doesn't do it, the OS, upon boot could simply instruct the drive not to accept password change commands. Which wouldn't stop a sufficient virus from sabatoging the next boot and setting it, but still it increases security.

      Oops, the article said that. That's what I get for only reading half TFA. But, I did think of another hack - why not just buy a hard drive of the same make and model and switch the circut boards.
      • Re:OS level fix (Score:2, Insightful)

        by enosys ( 705759 )
        The article said the password was stored on the disk, not in flash memory on the board. Someone here claimed that it's stored in both. Remember, this is supposed to provide some security for your data if the disk is stolen. If swapping circuit boards "fixed" it that would be terrible security.
  • Funny (Score:3, Funny)

    by soniCron88 ( 870042 ) on Saturday April 02, 2005 @03:52PM (#12121396) Homepage
    "A DOS from a diskette boots suspiciously slowly"

    When does a diskette ever boot not "suspiciously slowly"?
    • DOS boots from a diskette in about 15 seconds [max] on my 80386, and that includes the BIOS POST, so really its about 1 or 2 seconds.
  • Dell BIOS HD Flaws (Score:5, Interesting)

    by __aaijsn7246 ( 86192 ) on Saturday April 02, 2005 @04:53PM (#12121816)
    In general, these features don't seem coded to well. Here's a post I made to Bugtraq back in December of 2003.

    The Dell BIOS allows users to set several different passwords to protect
    their machines from unauthorised access. There is 1) a Setup Password,
    which is required to enter the BIOS setup, as well as 2) a Hard Drive
    Password, as per the ATA Security Feature Set Specification.

    Unfortunately, once a Hard Drive Password is set which contains one or
    more of the following characters,

    , . ; : ' [ ] { }

    it can not be later entered to access the machine. It appears as though
    a bug in the BIOS code prevents those characters from being taken as
    input when the user is asked for the password - however, the BIOS
    incorrectly allows users to set passwords containing those characters.

    This is not an incredibly serious problem as such, since a user can go
    back into the BIOS setup and change the password there, provided the
    BIOS Setup is not protected with an unknown password. Or, as a last
    resort, Dell can be phoned to provide a master backdoor password, as
    long as the user can prove herself the legal owner of the computer. Of
    course, the prerequisite of physical access to the machine highly
    mitigates this vulnerability.

    It is however an interesting bug from the point of view of Dell's
    practices. I have contacted them over two weeks ago, but their
    'technical support' is unable to understand or resolve the problem. Two
    of their representatives told me to reinstall Windows XP Chipset
    drivers, even when I asked to be forwarded to people higher in the
    technical support chain. Perhaps this post will encourage Dell to pay
    more attention in the future.

    Affected Systems: Dell Inspiron 2650 System BIOS, A11
    (A11 is the current BIOS as of writing, and was released in late
    September of this year)
    Other BIOS/Dell models are perhaps vulnerable but have not been tested.
    • Perhaps this post will encourage Dell to pay more attention in the future.

      keen, Dell appreciates your constructive criticism. Your Slashdot post has inspired a full-scale probe, from Bombay to New Delhi, into our technical support practices, and we plan to roll out new training methods to avoid situations like yours from happening again.

      However, are you sure you have installed the latest Internet Explorer Hotfix? The version number is 6.1.2800.3.43.xpsp2.93.9.

      Sincerely,
      Michael Dell
      --
      Michael Dell
      CEO an
  • big deal (Score:4, Insightful)

    by idlake ( 850372 ) on Saturday April 02, 2005 @06:07PM (#12122255)
    Viruses and spyware can simply erase your disk, in addition to changing the password. The solution? The same solution as for hardware failures, cats walking across the keyboard, or babies drooling on the disk: restore from a recent backup. If you don't have a recent backup, a virus that sets the ATA HDD password is the least of your problems.
    • RTFA. If a password is set, the drive cannot even be erased without it. Setting a random password is thus different from erasing the drive even with a backup because, for all practical purposes, it physically destroys the drive.
      • RTFA. If a password is set, the drive cannot even be erased without it.

        You RTFA. If a password is set, you can still erase the drive with the master password.

        Furthermore, even if you lose the drive (and viruses can probably destroy drives by other means), that's just a cheap piece of hardware. The data is what counts.
  • the way i understood it, there are two passwords: user password and administrator password.

    Access to the harddrive will only be prevented if the user password is set, but the user password can only be set when the administrator password is known.

    So if I only set the administrator password, then the drive can be accessed as usual, but the user password cannot be set by some software.

    Correct? or did I misunderstand that?
    • There is no "administrator password". The "master password" is like a janitor's master key. It's a failsafe to let you unlock the drive if the user password was set.

      The incredibly stupid thing is there doesn't seem to be a way to say "disable the password mechanism completely". IMHO, this should be the default state, and it should require physical access to the drive (say, with a jumper) as well as (of course, any passwords) to switch it from one state to another. A laptop could connect that jumper to an external "security" button that you hold down while the BIOS does its thing.

The truth of a proposition has nothing to do with its credibility. And vice versa.

Working...