One can’t outsmart the world
Although with limited capabilities security features introduced with ATA standard and password protected drives have been a standard for many years but in most cases locked drives are easily hacked. Big change’s came into play in 2001 and 2002 with the new Federal Information Processing Standard or FIPS. FIPS describes the encryption and security requirements that computer products should meet for sensitive, but unclassified, use! While hard drive makers were in process of consolidation of the industry itself from many to just three new approaches and technologies begin to emerge. These are the days of self-encrypting technology.
Hard disk drives are work horses of the data storage systems out there. Drives are continuously returned for warranty, harvested for data, repaired, re-purposed, sold, lost or stolen. In one study Seagate estimated that 50,000 drives containing terabytes of data leave data centers daily, while 90 percent of drives returned for warranty contained readable data. It is a staggering number that over 80 percent of laptops contains sensitive data, and as many as 10 percent of all laptops are lost or stolen during their lifetime, estimated 12,000 laptops every week are lost or stolen in U.S. airports alone!
Both of the giant hard drive manufacturers Western Digital and Seagate including to some extent Toshiba introduced their solutions to comply with the new standard. Some more successful than the others.
Not all manufacturers recognized the importance of reverse engineering. About five years after FIPS was introduced Seagate acquired one of the most successful data recovery companies at the time, Action Front. However, another technology that came from Russia, followed by copy from China made possible for thousands of independent reverse engineers around the world to keep up the pace with the latest technology improvements. Story of how Ace Lab became a pioneer in hard disk drive reverse engineering is for another post but in many ways closely related to self-encrypting hard drives today. This pioneering technology made possible for data recovery service providers including My Data Recovery Lab to help others suffered from data loss.
It was not a surprise that today Seagate has the most advanced security protection yet introduced. Development of SED involved their data recovery department to great extent. The latest families of Seagate drives features encrypted firmware, controlled diagnostic port and other features which may be retrofitted into all non-SED drives. Firmware is encrypted using advanced encryption methods directly in drive’s ASIC or application-specific integrated circuit while random number generation is done using signals coming from the magnetic media itself. Cloud also came into play but not the way most of us use this game-changing technology. Seagate can potentially in their cloud store firmware copy of every single drive shipped in the past five years or so. But, one can’t outsmart the world. Reverse engineers got busy again and ROM patching/short-pinning methods created a way in.
Seagate data recovery is routinely performed in our lab. My Data Recovery Lab is participating in all current ADRECA projects. Recently we published new version of HDD Serial Commander 2.2.3 in which we updated large number of diagnostic port commands for Seagate F3 series. We are working on new app (again for Seagate F3 drives alone) and hopefully we will have it ready by August 1st, one year after HDD Serial Commander was released to public.