LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 04-27-2012, 05:04 PM   #1
libCognition
LQ Newbie
 
Registered: Jun 2011
Posts: 10

Rep: Reputation: Disabled
Question hardware crypto on ThinkPads -- What happens after many password attempts?


There was an article a while back saying that after 20 or so password attempts, hardware FDE drives will throw away the key -- in effect doing an instant wipe.

The article did not mention what brands/models of drives that do this, and the documentation is lousy in this respect. Anyone have insight on the behaviour of Hitachi and Seagate drives, as far as how many attempts are tolerated and what action the drive takes?

Is this dependent on the BIOS, or the drive?

Last edited by libCognition; 04-27-2012 at 05:06 PM.
 
Old 04-28-2012, 11:44 AM   #2
NyteOwl
Member
 
Registered: Aug 2008
Location: Nova Scotia, Canada
Distribution: Slackware, OpenBSD, others periodically
Posts: 512

Rep: Reputation: 138Reputation: 138
The encryption key is generated by the encryption chip on the drive. It is however dependant on setting the hard drive password (and preferably Master drive password as well) in the BIOS. The ecryption key on the drive can only be regenerated (effectively making the contents inaccessible) though the drive password (if the master isn't set), or through the master password if set.

As far as I know you can enter the password as many times as you like. Nor is there any mention I've seen of such a feature on Lenovo's website or support documents of such behaviour. The best way would be to send and e-mail to Lenovo support and ask them directly.
 
Old 04-28-2012, 03:41 PM   #3
libCognition
LQ Newbie
 
Registered: Jun 2011
Posts: 10

Original Poster
Rep: Reputation: Disabled
I appreciate the reply, but after more thought, I'm doubting that the BIOS is what controls the limit of password attempts. If it did, then an adversary could use their own BIOS (or software TPM) to allow for infinite rapid attempts. If there's a limit, it would have to be imposed by the drive manufacturer.

OTOH, I read here that "If the user's Hard drive password has been forgotten...the hard drive must be replaced". Yikes! So not only is the data lost, but the hardware is bricked and drive cannot even be reformatted and reused. Great feature for the company selling the drives.

What strikes me as odd is that Lenovo is making that statement, not the maker of the hard drive. How can Lenovo brick the hard drive? It would seem only the drive itself could block the use of the instant wipe feature. Otherwise someone could simply install the drive in a non-Lenovo machine, use instant wipe to throw away the key, and then re-install the drive back into the Thinkpad.

What am I missing?
 
Old 04-28-2012, 06:40 PM   #4
jlinkels
Senior Member
 
Registered: Oct 2003
Location: Bonaire
Distribution: Debian Lenny/Squeeze/Wheezy/Sid
Posts: 4,067

Rep: Reputation: 491Reputation: 491Reputation: 491Reputation: 491Reputation: 491
You can read "the hard drive has to be replaced" as: "if you forget the password, don't expect to access the hard drive again, ever". Which prevents malicious users to circumvent the hard disk's encryption in any way. If you don't know the password, game is over. Imagine that if Lenovo or anyone else would make the drive accessible in any way and data comes in the hands of someone who isn't the owner. If the real owner sues Lenovo or breaks publicity, Lenovo would be in deep trouble. It is much simpler not to touch an encrypted hard drive. It is the user's responsability not to loose the password, and if they do loose it, they have been warned.

jlinkels
 
Old 04-29-2012, 05:03 AM   #5
libCognition
LQ Newbie
 
Registered: Jun 2011
Posts: 10

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by jlinkels View Post
You can read "the hard drive has to be replaced" as: "if you forget the password, don't expect to access the hard drive again, ever".
In effect, they are the same statement. It's a scam against the consumer. Of course read access should remain blocked when the password is not supplied, but there is no reason not to grant write access from a security standpoint. From a business standpoint, they can sell more drives if they also block write access in the event of password loss.

If the idea is that adversaries cannot wipe the drive as a DoS attack, it doesn't matter because the adversary has physical access to the drive anyway (they can destroy it). If the idea is that a thief is getting something that's unusable, they're generally stealing the whole laptop anyway, which still has value without the drive.
 
Old 04-29-2012, 05:35 AM   #6
libCognition
LQ Newbie
 
Registered: Jun 2011
Posts: 10

Original Poster
Rep: Reputation: Disabled
I've found that the Thinkpad BIOS is incapable of doing an instant wipe of Hitachi FDE drives (but it can do an instant wipe on Seagate FDE drives). In fact, there is (apparently) no instant wipe feature whatsoever for Hitachi drives, even when you have the password.

Since Lenovo is using Hitachi for their stock drives, their warning makes sense.

I wonder if Hitachi has omitted instant wipe deliberately, as a way to sell more drives to those who lose their passwords.
 
Old 04-29-2012, 08:21 AM   #7
jlinkels
Senior Member
 
Registered: Oct 2003
Location: Bonaire
Distribution: Debian Lenny/Squeeze/Wheezy/Sid
Posts: 4,067

Rep: Reputation: 491Reputation: 491Reputation: 491Reputation: 491Reputation: 491
Quote:
Originally Posted by libCognition View Post
In effect, they are the same statement. It's a scam against the consumer.
In a certain way it is yes. By not allowing to access the drive ever again they preclude that data can be tampered with. That is very manufacturer-centric and not consumer friendly. What's new? As long as they can get away with it (read: this policy generates more profit than other options, and less headache, which also translates in more profit) they will continue. It is no use fighting that, that is [unfortunately] how the Western community works. A more expanded rant on that should be in the general forum but I don't want to waste my time.

jlinkels
 
Old 04-29-2012, 10:35 AM   #8
libCognition
LQ Newbie
 
Registered: Jun 2011
Posts: 10

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by jlinkels View Post
What's new? As long as they can get away with it (read: this policy generates more profit than other options, and less headache, which also translates in more profit) they will continue. It is no use fighting that, that is [unfortunately] how the Western community works.
The Western community has competition. Seagate decided to go the other way, to offer a product that doesn't turn into a brick when you forget the password. Seagate apparently finds consumer-centric products to be more profitable than Hitachi does. So in this sense, consumers can sensibly and effectively fight this, by buying Seagate instead of Hitachi.

BTW, my original question still stands. It's still not clear which hard drives "self destruct" after too many password attempts. The IronKey usb sticks will erase after 10 attempts, and I'm beginning to wonder if that's the only drive that does this.
 
Old 04-29-2012, 04:31 PM   #9
NyteOwl
Member
 
Registered: Aug 2008
Location: Nova Scotia, Canada
Distribution: Slackware, OpenBSD, others periodically
Posts: 512

Rep: Reputation: 138Reputation: 138
If you have no Master password set then indeed, if you forget the drive password you're out of luck. If you have the master password set, that password can be used to regain access or reset the encryption key even if the regular drive password has been forgotten. Lenovo have a utility on their site that can be sued to reset the drive keys, effectively "wiping" the drive.
 
Old 04-30-2012, 08:57 AM   #10
libCognition
LQ Newbie
 
Registered: Jun 2011
Posts: 10

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by NyteOwl View Post
Lenovo have a utility on their site that can be sued to reset the drive keys, effectively "wiping" the drive.
Thanks for pointing that out.. I was not aware of it. Which tool is it, specifically? I see two Windows tools for my model that I think could have this capability:

1) Secure Data Disposal
2) Atmel TPM (Trusted Platform Module) device driver for Windows
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
sudo: no password prompt but 3 incorrect attempts? daweefolk Linux - Software 2 11-06-2011 09:45 PM
Lock after invalid login attempts, session lock, minimum password length nstarz Linux - Security 1 06-24-2010 05:36 PM
pam_cracklib not locking user after 3 bad password attempts legcard Linux - Security 3 06-25-2007 12:28 PM
Crypto filesystem : corrupt or wrong password? iainr Linux - Software 1 10-23-2006 08:15 AM
lock password after failed attempts... manudath Linux - Security 2 04-28-2005 10:55 AM


All times are GMT -5. The time now is 10:43 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration