Solved

Hard Drive Lock/Password

Posted on 2002-12-11
222
246,206 Views
Last Modified: 2012-06-04
I have a few Laptop Hard drives that have the password lock enabled.  I have researched it and these drives are 3 gig or less, so not worth paying for service to have the password removed.  If anyone knows of a way to do this for free, or extremely cheap.  Like really cheap.  3 gig drives are practically useless, but if they are good drives it'd be nice to restore them back to functionality.  Please let me know.  Thanks!

0
Comment
Question by:Wakeup
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
222 Comments
 

Expert Comment

by:jmp3712
ID: 7570070
I have never seen a HD that use locked
How??
Trying booting fron a DOS floppy and fdisk the drive
0
 
LVL 49

Expert Comment

by:dbrunton
ID: 7570359
The BIOS does the locking.  Various methods exist, generally by changing a jumper or shorting pins or removing battery.

It depends on the model of laptop and who made them.  IBM for example made a great number of laptops and there are numerous ways of bypassing the protection.
0
 

Expert Comment

by:jmp3712
ID: 7570434
Than it is the BIOS password that is the problem not the hard drive.
0
Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

 
LVL 18

Author Comment

by:Wakeup
ID: 7570474
Nonono...........not true....Look...I pull the laptop HDD, out of one laptop (after getting "Hard drive password=") and i put it in another and it says the same damn thing...however if I put a brand new drive or an unlocked drive in the same laptop boots up fine or detects the drive fine.  So no...It is not a bios issue.  Do a search on Google: "Hard Drive Password"
it tells ya about all that stuff.  I am not making this up!  Trust me.  I know what I am doing.  I just dont know how to remove the hard drive password.  I also went to Fujitsu's Website and it tells you how to set it and use it, but not how to remove it.  Do you need me to give you more information?! hehe
I have tried 4 different laptops all with the same: Hard Drive Password:
and then you type in a pw, like 3 times and then the laptop shuts off, and you have to turn it back on again.  Doesnt matter which laptop.  (same drive)
0
 
LVL 18

Author Comment

by:Wakeup
ID: 7570509
Here are some sites that explain sorta what I am looking at:
http://www.ja.olm.net/unlock/
http://searchwin2000.techtarget.com/tip/1,289483,sid1_gci856604,00.html
here is an exerpt from the website I just pasted:
most BIOS makers also have a "hard drive password" actually stored on the hard drive. If a thief puts this hard drive in another PC, he will still get a password prompt before he can access the data.

Anyway there are more things i can cut and paste but that doesnt matter right now...

0
 

Expert Comment

by:jmp3712
ID: 7570682
0
 

Expert Comment

by:jmp3712
ID: 7570705
Note: Do not forget your hard disk password! Keep it in a safe place. If you forget your hard disk password, there is no way to reset your password or recover data in the hard disk drive. Neither an IBM authorized reseller nor IBM marketing
representative can make the hard disk drive usable.


*Removing a Hard Disk Password:
The procedure to remove a hard disk password depends on whether or not it is set to the same password as the power-on password.

When the hard disk password is set the same as the power-on password:
Remove the password by following the procedure below. This operation removes both the hard disk password and the power on password.

You must remove your password at the password prompt that appears when you turn on the computer. To remove the password, at the prompt: Enter your current password, press the Spacebar and then press Enter.

When the hard disk password and the power-on password are different, or a power-on password has not been
set:
1. Turn off the computer and wait at least 5 seconds: then turn it on.
2. If you have set the power-on password, type it; then press Enter.
3. When the hard disk password prompt appears, type your current password, press the Spacebar, and then press Enter.

0
 
LVL 18

Author Comment

by:Wakeup
ID: 7570718
ya been there done that.  Same ole stuff....I just need someone who knows how to do it.  If they dont they dont.  I have been to all the sites...take battery out...short cmos....short this....cut this....etc etc...but that is not what it is going to take...it is going to take something from the hard drive to do this.  So If you guys know...then cool. If not nothing else is going to solve my problem...and I'll just ebay the drives and close the question.  All i want to know is how to reset the pw on the hdd, without having to pay more than a 3 gig hdd is worth...which is like pennies......I can get a 6 gig laptop drive for less than 10 bux.  Easy.  I just dont wanna have to throw away a good 3 gig drive if I dont have to.  That is my dilema.  I looked at most if not all of the sites, it will cost $25-100 dollars or even more just to get the pw off.  I dont need the data, I dont care about it. I just want to unlock em.  That is it!

Thanks..

0
 
LVL 18

Author Comment

by:Wakeup
ID: 7570722
Again, seen that site already.  I dont genenrally ask a lot of questions on EE.  I know my stuff...but this one is one thing I can not find out how to do.  I know how to use google and every other search engine out there.  I just need someone that knows physically how to open the drive (if necessary) and short whatever i need to short...and remove pw.  Is all...  Thanks again for searching/helping etc.

0
 
LVL 31

Expert Comment

by:rid
ID: 7570958
If you only need the drives and not anything on them, I guess a "zap" or low-level format will take care of all password stuff. Or can't the BIOS even find the drive? The zap utility (download from IBM) will wipe boot and partition tables from a drive, even if you cannot access it (you need to boot from a floppy). BIOS must find it, though.

Regards
/RID
0
 
LVL 18

Author Comment

by:Wakeup
ID: 7570988
OK...I havent tried that rid.  However i can not boot to a floppy when the HDD is in the laptops.  The bios does detect it.  Again if I put the HDD in any machine doesnt matter which.  It will say "HARD DRIVE PASSWORD="  and then you have three shots and then the laptop shuts down.  I can't even get into the bios.  However if I put in a regular non locked/pwed drive it comes up fine.  and can access bios fine etc etc etc.  So it is not the bios..and it is not the machine.  IT is the hard drive.  Unless someone can prove me wrong there.  

0
 
LVL 31

Expert Comment

by:rid
ID: 7571075
<Guesswork>
The BIOS looks at the hard drive for a password required flag of some kind, before going into boot media seek. This would prevent floppy boot if HD is password protected. If the BIOS could be reset to *not* look for this flag, you might get it to boot from floppy.
< end Guesswork>

I think that I would try hooking these HD's up as slaves to another HD (in a desktop machine) and see if they can be "zapped" when hooked up like that. Not many desktop BIOS:es do look for a password protection of a HD, do they?

Regards
/RID
0
 
LVL 18

Author Comment

by:Wakeup
ID: 7571102
Already did/tried.  hehe.  Read above.  Anyway yes slaved....Mastered... Secondary slave/master....(i do have an adaptor that goes from 2.5" laptop drive to 3.5" convertor/cable/adaptor thingy.  Anyway drive powers up...recognized by bios, but same thing...HDD PW problem still exists.  And even then i can not format it, or do anything...no fdisk no lowlevel...no format....
0
 
LVL 31

Expert Comment

by:rid
ID: 7571208
http://zurich.ai.mit.edu/hypermail/thinkpad/2002-02/1093.html

There is a thread about this. There seems to be a possibility to store some info on the electronics board of the drive, shutting out communication before pw is entered.

Regards
/RID
0
 
LVL 1

Expert Comment

by:patrickab2
ID: 7572856
I've just had a look and so far I've only found the following:

: : How do I bypass a HDD password request??

: You can't.  The password is written into the EEPROM on the drive by the BIOS, and the computer simply won't boot until the password is removed.

All I did was enter 'HDD password' in Google and look at the first entry!

On another thread in EE I read with fascination that someone had written a routine in Pascal to up-date the BIOS for a machine in which for some reason the BIOS could not be normally accessed - I not too sure. However I would guess that someoone who has that detail of knowledge might know how to deal with your problem. Perhaps you can do a search in EE to track down that bod.

Mind you is it really worth keeping any drive with only 3Gb total storage. Seems a tad on the small size to me and I thought that size mattered!

Mind you it would be good to crack your problem.
0
 
LVL 1

Expert Comment

by:patrickab2
ID: 7572945
Locate CMOS the battery and remove it.  After a couple of hours the CMOS will clear and you can reset it. That is the advice given elswhere for another similar problem. Been there done that?


0
 
LVL 18

Author Comment

by:Wakeup
ID: 7573261
Rid, Been there.  Not necessarily true.  Do some more research and you will see people advertising Unlocker type utilities or programs or tools to fix this.  I just dont want to spend a hundred bux to do it on a 3 gig drive.  Like I said earlier, I can buy a 20gig Laptop drive for probably 100.00
Patrickab, ya been there again and done that.  Yes the dirve is small...but for an older laptop that can't handle much anyway, is no big deal.  It's a waste of a laptop drive is my reasoning.  Again I can go on ebay and find 4 and 6 gig drives....but I dont want to spend the money on a half dead or almost dead horse anyway.  If I can get this 3 gig drive to work, then I will be fine!  
And again on the CMOS thing, if you follow the thread and what I have been saying, Have already tried, plus it is not a CMOS issue. I can take the drive to ANY other machine (Laptop or Desktop) and it will give me the same problem.
0
 
LVL 16

Expert Comment

by:Kyle Schroeder
ID: 7573524
Wakeup buddy, I think you're out of luck...the drive manufacturers intentionally make it just about impossible to remove the password from the drive.  Hmm, here's a thought...are the drives (and others you may have) the same models?  You could swap out the PCB from a non-locked drive to the locked drive...but I guess that wouldn't really accomplish much either since they you'd have another drive with a password.

I have a feeling its fairly hopeless.

However:
http://www.driverforum.com/harddrive3/1642.html

Sounds pretty crazy, but who knows...

-dog*
0
 
LVL 16

Expert Comment

by:Kyle Schroeder
ID: 7573589
http://www.labmice.net/articles/BIOS_hack.htm

From http://www.computing.net/windows95/wwwboard/forum/3542.html:
YOU MUST SUPPLY POWER TO THE HDD THEN SHORT OUT J11 J15 SHUT DOWN AND FDISK THEN FORMAT AND YOUR READFY TO GO

-dog*
0
 
LVL 1

Expert Comment

by:Kcferret
ID: 7574687
Hmm, could you not just make that HDD a slave and grab a good HDD with a bootable OS and format the slave (locked) HDD?
0
 
LVL 4

Expert Comment

by:kannabis
ID: 7575489
it sounds to me like we're willing to play a little so here goes my theory.....

<disclaimer>
DO NOT ATTEMPT THIS AT HOME UNLESS YOU'RE NOT INTERESTED THAT MUCH IN THE HARDWARE YOU'RE MESSING WITH
</disclaimer>


If you have a few of these 3 gig drives, and have one that is unlocked with the same parameters, what I would do is boot with the unlocked drive, then without powering down the computer carefully unplug the HD and plug in one of the locked ones.  That might give you access to it, and you could try to format or whatever.

I have no idea if this will work, so don't take my word for it, but this kind of reminds me of the times we've screwed up a BIOS or had a mobo with a bad BIOS.  If we had another board with the same BIOS, we'd boot that mobo, take out the BIOS (working) without powering down, and plug in the bad BIOS.  Now that we're back in the system you could use a utility to flash the bad BIOS to a working one.

We used to do this crap before we got an EEPROM burner....that's a much nicer way

anyhow.....give 'er a shot if you feel up to it.

0
 
LVL 18

Author Comment

by:Wakeup
ID: 7576478
See i know there is something that is available to do it.  I just have to figure out what.  I mean hey if there is no way to do it, by myself then hey there is no way.  But I do know that people are out there charging money to unlock drives.  So it must be possible otherwise no such company would exist.  Anyay Dog, that www.computing.net msg is not there anymore.  YOu wouldnt happen to still have that up somewhere or can cut and paste it? or send me another link etc?  Let me know what you can do.  Thanks!
0
 
LVL 1

Expert Comment

by:patrickab2
ID: 7577088
Mmm. Desparate times = desparate measures.

I know someone says that the info is in an EEPROM but surely a BIOS cannot burn an EEPROM - can it? Apart from which it's and irreversible process - surely?

The password surely cannot be stored in the chips on the hard drive. The information would be volatile without an external power source and harddrives don't have batteries. The charges retained by the condensors must surely be short lived and would soon drain off. So the only conclusion I can come to is that the password is stored in one of the boot sectors on the harddisk. Now logically unless there is some sub-routine on the hdd to ensure that this is dealt with irrespective of the BIOS how does it know it has to be satisfied before it will proceed. Again I guess because there is a flag that is either in the BIOS or is passed to the bios during boot up. Is that possible?

So is it possible to up-date the bios from some external source such as a floppy after the hdd has powered-up. Or perhaps even booting up the machine after having set the bios to tell it that there is no hdd attached. Instead boot from floppy and up-date the bios from the floppy. So back to the guy who can write Pascal routines to up-date a bios.

It was never going to be easy - otherwise you wouldn't have posted the question in the first place!

Not much help I'm afraid
0
 
LVL 31

Expert Comment

by:rid
ID: 7578770
more guesswork:
The HD must have some sub-routines that is run at power-on of the HD. Just power one up and listen to the head seek procedure. Probably one of these routines can include a serch for a pw flag in any reserved sector - the pw info need not be in the electronics

Regards
/RID
0
 
LVL 16

Expert Comment

by:Kyle Schroeder
ID: 7579477
Wakeup:

I think there is a : on the end of that link, try it again.

-dog*
0
 
LVL 18

Author Comment

by:Wakeup
ID: 7588068
Sorry.  Computer went down for a bit...have to reinstall and recover my data.  Will be back in a few days or so.  Bear with me!  thanks!
0
 

Expert Comment

by:dogg1782
ID: 7599156
There is a device made by a company called omniclone.  It will be able to do the things you need.
0
 
LVL 16

Expert Comment

by:Kyle Schroeder
ID: 7599360
This device somehow can remove a HD password stored in EEPROM on the drive?  Somehow I doubt it...

-dog*
0
 
LVL 18

Author Comment

by:Wakeup
ID: 7599551
Where do i find such a device dogg1782?   And how does it work?  All the sites that i see that have the omniclone device is just a fast hard drive duplicator?  I dont want to copy my data.  I can care less about it.  Plus I want a cheap solution.  The drive is not worth much.  So a cheap fix is all i need.
0
 
LVL 2

Expert Comment

by:DARRYL
ID: 7602052
What I was told sounds to far fetched,this guy I know say's what you do is when you power up press a key down to get a keyboard error into the bios setup,then you set a bios password,restart computer & when it comes back up you type the password you just created,I'm sure it's bogus but what the heck.
0
 
LVL 18

Author Comment

by:Wakeup
ID: 7602436
Thanks but no cigar darryl.
0
 
LVL 2

Expert Comment

by:DARRYL
ID: 7606453
I didn't think so (too easy).
0
 
LVL 1

Expert Comment

by:patrickab2
ID: 7606573
I never liked cigars!
Merry Xmas.
0
 
LVL 18

Author Comment

by:Wakeup
ID: 7715917
Anyone else have any bright ideas?
0
 
LVL 45

Expert Comment

by:patrickab
ID: 7716301
I would still love to know the solution - not because I need it but because it is an enigma which like the wartime one was ultimately cracked and it would be interesting to how it can be done. Mind you if it's cracked I reckon it might be an idea to find a more secure forum than this to publicise it!

A further thought - is it possible that the electronics of the drive actually do retain the pw information in the same way that smart credit cards retain information (or do even these have samll batteries - I don't know, even though I have a wallet full of them). It's amazing the stuff we take for granted these days!

Anyhow you might be able to:

1. Zap the electronics with a low voltage - can someone provide the hdd operating voltages? - or use a multimeter to find the out (bit if last ditch effort I reckon) or
 
2. More simply get a ribbon cable connector and just short out all the ribbon cable wires so that everything connects with everything. If the electronics do retain the pw info' this shorting-out might just wipe it all clean. You might need to leave it shorted out for a while - say an hour - I dunno.

You haven't much to lose I guess and for the sake of a few minutes experimentation it would be interesting to know if it has any effect at all.

No more dim ideas I'm afraid - for this moment.
0
 
LVL 24

Expert Comment

by:SunBow
ID: 8010534
I think there are plenty experts above deserving point splits, but here's my 2 cents.

1) Time is money. You've already spent more time in this thread than the drives are worth.

2) If it was so easy to do for free, why would anyone expect to gain from 100 dollar offer? (Has anyone validated that any of them work?)

3) More than curious here, I guess we all are. I don't quite understand why bios requires psw for drive#2, and am just learning here on HD PW, but if bios can access it, I can code it. Simple stuff, <heh>. Not for public consumption.

4) You did not mention platform, OS. Here's a thought on what may be your easy way out, but it is not an overall solution.

4a) Make system with XP on nice good drive. Add your funky drive to the system.

(no, you ain't been there done that yet...)

4b) go into bios and DISABLE the funky drive.

4c) magic. boot the 2 HD system, to XP and see the drive contents(?)

5) It works? Theory begins with your need to access drive, not to mess with PW. So end could be the drive forever remains slave. But it not so big to be regular drive anyway, just having it for temp store should be satisfactory.

5a) Why it should work: I had need to rebuild OS on two drive system. I wanted HD2 to be new c: with new build, so I used bios to disable HD1 to save from opening case. Upon install, the OS did go to HD2, but as d: for my XP decided it could use HD1 anyway, despite bios setting. I dunno if same goes for other OS.

5b) Why it should work: if bios is set to do PW check but is told to ignore drive, it should ignore the PW check. MS OS is at different level and won't be checking.

5c) Why it should not work: A good implementation would have HD begin with a default latch condition of no transfer of data from sector reads until a condition is reached, where a PW meets the condition and resets the latch.

5d) Why it should work: The system is operating at a point past the PW check, as_if it was passed (if I understand the description above properly)

5e) What may make it work anyway: Boot XP CD and move to its recovery console. This should be possible with bios disable of the funky HD. There are an enormous amount of utilities there that appear written by the good folk who gave us tools of Resource kits, and these are better. Maybe one of them can help out on HD2, if you login as Administrator (Not an admin).
0
 

Expert Comment

by:JerMe
ID: 8060593
I'm not sure if this is a dead thread now, but if Wakeup is still reading this, here's my input:

The HDD *IS* related to the BIOS.  I was in the same seat not too long ago, but for a WD drive with a password.  The 2nd "funky" drive that SunBow refers to will not boot AT ALL with an older BIOS.  How do I know?  I tried booting a "hand me down" HDD to my older Compaq K7 500MHz (hence an older BIOS), and the computer wouldn't post - it was just dead in the water until i removed the "funky" drive.

Next thing I did was try out the "funky" drive on the newer XP 2000+ system, and voila - I got the same message Wakeup did.  "HDD LOCKED, ENTER PASSWORD: (5 tries left)", or something like that.

To SunBow: Nice logic, but the guys who developed the HDD password were way ahead of you.  One of the things I tried doing a while back was like you said - disabling the 2nd password-protected drive via bios, but I couldn't access BIOS in any way whatsoever because of the lock.  I made it primary master, primary slave to a good XP drive, secondary master, secondary slave, every config didn't work, and still I got that red message - "HDD LOCKED, ENTER PASSWORD: (5 tries left).

I got curious again, that's why I'm here. So Wakeup, you're not crazy, and it's there.  But sorry that I can't offer any information on how to access/wipe/use the locked HDDs.
0
 
LVL 18

Author Comment

by:Wakeup
ID: 8062354
hehe  ya I am still here.  I am still trying to find myself a solution.  And haven't yet.  If worse comes to worse...I will close the question out and disperse the points or something...
0
 
LVL 45

Expert Comment

by:patrickab
ID: 8063015
I'm still reading, watching and waiting for some bright spark to supply the answer. I suppose at some moment this thread will need to be closed but I still hope a solution will be found and posted here.
0
 
LVL 16

Expert Comment

by:Kyle Schroeder
ID: 8065761
How about a hot plug n play?  Boot up the system with the power connected to the bad drive, then plug it in to the IDE connector :)  Probably would want to do this on a machine you're not too worried about frying (though I guess you can do worse things...some guy here recently was hot plugging/unplugging  a PCI USB 2.0 card into his PCI slot while the system was running!!!!)  Then try refreshing device manager.

-dog*
0
 
LVL 18

Author Comment

by:Wakeup
ID: 8066407
Hmmm....Hotplugging?  But when do i plug it in?  Doesnt the bios need to detect the drive first?  Otherwise the drive is still inaccessible.
0
 
LVL 16

Expert Comment

by:Kyle Schroeder
ID: 8066673
I dunno if it'll work or not...but worth a shot I guess...a good experiment in any case :)

-dog*
0
 
LVL 45

Expert Comment

by:patrickab
ID: 8070434
The hdd manufacturers must read this thread with a high degree of satisfaction that they have managed to develop a system which is so secure that even the best of EE cannot crack it. There are clearly some bods who do know the answer but I guess they have signed confidentiality clauses.

By the way Wakeup - did you try any of the shorting out ideas I gave earlier in this thread? I'd be interested to hear.
0
 

Expert Comment

by:magiclab
ID: 8072211
Oh , Maybe your harddisk is locked by some software.

Because I have write a one , but I am sure that It's not

locked by my software.

Can you try to use floppy boot the system ,and Low-format

it ?

My software named magic locker ,it can protect HDD with a
password ,and it can prevent floppy to boot.
Download link: http://www.magic2003.net

So, I think maybe your hdd is locked by some similar

software..


0
 

Expert Comment

by:scrawner
ID: 8073097
There is a free dos based program called ATAPWD that will give you a more detailed status of the type of ATA-Spec password security that is enabled on your drives.  

http://rockbox.haxx.se/lock.html

It will give you a status of the lock, tell you if it is set to 'high' or 'maximum', and give you the chance at entering the user or master password. It has options to erase the drive, though i'm not sure if you need the password to do this or not.

If you are lucky, only the user password is set, but the master isn't, or whatever.  If maximum security is set, even if you have the master password, the only 'documented' option forces you to wipe the drive, which is something you don't mind doing. You may have to move the drive to another machine, possibly using a 2.5" ide adaptor to try it on a desktop...

Good luck




0
 

Expert Comment

by:scrawner
ID: 8073142
There is a free dos based program called ATAPWD that will give you a more detailed status of the type of ATA-Spec password security that is enabled on your drives.  

http://rockbox.haxx.se/lock.html

It will give you a status of the lock, tell you if it is set to 'high' or 'maximum', and give you the chance at entering the user or master password. It has options to erase the drive, though i'm not sure if you need the password to do this or not.

If you are lucky, only the user password is set, but the master isn't, or whatever.  If maximum security is set, even if you have the master password, the only 'documented' option forces you to wipe the drive, which is something you don't mind doing. You may have to move the drive to another machine, possibly using a 2.5" ide adaptor to try it on a desktop...

Good luck




0
 

Expert Comment

by:scrawner
ID: 8074704
Some other links for reference:

http://www.pwcrack.com/bios.html -- Info at Bottom of Page
http://www.nortek.on.ca/hdd_pw.html#HDD


0
 

Expert Comment

by:JerMe
ID: 8074815
Wakeup, can you boot to floppy with the locked drive installed?

If you could, is there a zero write utility out there that doesn't care if the drive is locked? Anyone care to answer this?

I have a locked 30GB WD drive, and can't unlock it. I can boot to floppy, and read the status of the drive with the ATAPWD program that Scrawner referred to.  The drive is set to maximum security, but won't let me wipe the drive clean. It won't let me do anything to the drive, without a password.
0
 

Expert Comment

by:JerMe
ID: 8074905
Wakeup, can you boot to floppy with the locked drive installed?

If you could, is there a zero write utility out there that doesn't care if the drive is locked? Anyone care to answer this?

I have a locked 30GB WD drive, and can't unlock it. I can boot to floppy, and read the status of the drive with the ATAPWD program that Scrawner referred to.  The drive is set to maximum security, but won't let me wipe the drive clean. It won't let me do anything to the drive, without a password.
0
 
LVL 18

Author Comment

by:Wakeup
ID: 8077981
Ya, can't boot to floppy.  Still leary about shorting/hotswapping the drive.  I dont want to damage a laptop or damage a computer.
Always asks for HD PW first.
0
 
LVL 18

Author Comment

by:Wakeup
ID: 8077982
increased points to 300.
0
 
LVL 45

Expert Comment

by:patrickab
ID: 8078617
Wakeup - I reckon this is worth even more points to find the solution. I'm not encouraging you to add any more points but if there is a way that others can contribute to a pool to crack this one you wouln't need much from a number of people to raise the stakes significantly. As a small contribution I would throw in 50 points! I wonder if Community Support could find a way...
0
 
LVL 18

Author Comment

by:Wakeup
ID: 8078647
Here...I will throw in 50 points more in honor of patrickab! :)
0
 

Expert Comment

by:JerMe
ID: 8078954
I'm new, so I only have the points that I started with, but I'll throw in 50 points as well!

I'm glad I found this thread through a good ole Google search, maybe something will come out of it...
0
 
LVL 18

Author Comment

by:Wakeup
ID: 8078997
Since the interest is sparked, I think i will keep this open a bit longer and see if we can not find anything out!  So continue to post...and continue to ask around from your techie friends that may work for a hard drive company or laptop company!  Thanks!

0
 
LVL 45

Expert Comment

by:patrickab
ID: 8079025
Wakeup - I am honoured :) ^ n
0
 

Expert Comment

by:JerMe
ID: 8079031
Wow that was a quick response.. 3am in the morning, 10 minutes later... heheh
0
 

Expert Comment

by:JerMe
ID: 8079035
Wow that was a quick response.. 3am in the morning, 10 minutes later... heheh
0
 
LVL 45

Expert Comment

by:patrickab
ID: 8079058
UK - GMT 11:35am now.
0
 
LVL 4

Expert Comment

by:pratigan
ID: 8080202
Hello wakeup,
I have been checking this out for the past 2 weeks to get as much feedback info for you as possible.  Here are a few ideas, although you may have already tried them.  The true feedback I am getting from 90% of my sources is that your really out of luck without a cost involved.
The only other attempt that I see you have not checked for is this.  I know it sounds trivial.
The CMOS clear jumper (on laptops) is usually behind the removable battery or removable CD-ROM.
Good Luck !!
0
 
LVL 24

Expert Comment

by:SunBow
ID: 8081271
I've nothing more to say for now other than: "Good Luck"

Answer1: Get new HDs

IMO if you shop to compare dollars per megabyte, I think you'd find your time 'spent' on this to be of more value than HDs. Besides, modern applications may choke on 'em, what user would be happy with you for receiving one? (Oh, btw, the unit I am using at moment has 2 GB as largest drive, scsi).

Answer2: Keep on truckin'.

I find myself itching to have hands on drive to try this and that with them myself.  Good food for the grey matter.

Answer3: Go radical. Do something really different!

My first step would remove HD and place it as 2nd HD. Apparently that is not supposed to work. Well, here's another tack: when new specs come out, everybody implements some of it, but rarely do many fully comply. So, why not try a very old system, with early bios? I doubt it would check the password. pessimistically, the drive should be latched in locked condition until proper conditions satified, so it ought not to work, but one doesn't know until it is tried.

btw, can we assume all drives equal? I thought the mfr and model were given for information searches, but I don't see it above, maybe I miss it. Can you provide that now? - mfr + model of HD?
0
 

Expert Comment

by:scrawner
ID: 8081379
Ok, the best thread i've found on this topic is at:
http://www.geek.com/news/geeknews/q22000/gee2000918002375.htm

It has about 2 years worth of discussion, including some comments from a guy who actually knows how to fix it:

As you will probably understand it is not possible for me to give the 'official' method of cracking the HDD password and this in any case requires a small amount of hardware.

However I can tell you that the drive controller checks for the password protection only once at startup. Also that the data on a 'locked' drive is not encrypted.

Therefore after successful calibration on an unlocked drive, the drive controller is in a condition where it can read data from the disk platters and no subsequent check for password is made until the drive is powered down or is put into sleep mode (using the appropriate ATA command).

So you will probably have guessed what you could try should you have a second unlocked 'donor' drive of the same model & firmware revision.

This method if done properly will allow one to bypass the password lock to gain access to data but will not reveal what the original password was. To do that you must use the 'official' method, which on a drive from a DELL or IBM Thinkpad machine reveals what the original password was, in plain text (or in encrypted form if from another type of laptop).

Please note that the two controllers must have an IDENTICAL firmware level otherwise corruption of the data (due to sector mapping errors) may occur. The firmware level is available as an ASCII field in the IDENTIFY information returned by issuing the IDENTIFY DEVICE ATA command (0xEC). This will work on a locked or unlocked drive. Also please note that the above 'bypass' procedure could damage one or both controllers if not performed properly - you have been warned!
-------------

Another suggestion was from a guy who indicated hooking it up to his Macintosh G4 using firewire enabled him to format the drive, though I'm skeptical about it..depends on what part of the drive controller is enforcing the block...


0
 
LVL 9

Expert Comment

by:drev001
ID: 8083183
Here's a crazy idea for you. Put the drive in a different machine, enter incorrect CHS settings in the BIOS for this drive so it's seen but not translated properly (eg. reports wrong size etc.) and then try booting from a floppy, run fdisk or whatever. Who knows, it may require the drive to be seen properly for the password function to work.
0
 

Expert Comment

by:Win2K4Life
ID: 8084463
I have an idea that could work IF the password is stored on the platters and not in silicon:

I don't know if this would work (I may have to try it myself on an old HD just for fun), but could you "format" this hard drive in a way similar to erasing tapes by using a powerful magnet? Maybe leaving a medium/large speaker on top overnight(for a few days?)? Sounds crazy, but could it hurt? This is all based on the (likely, IMO)theory that the password is stored on the platters and not the EEPROM.

Hard drive gurus: Would this ruin the HD?
0
 
LVL 1

Expert Comment

by:nicholasp
ID: 8084577
I'm with scrawner. Drop the PC bios talk... the password is kept on the HDD's controller card. There are only a few ways to get around it.

1.) Modify the circuit on the control board so that the "Read OK" pin is returning a high signal, you will also need to bypass three other pins so that command data from the PC goes straight to the drive controller and through the passworded HDD BIOS. (I don't recommend this unless you really know what you are doing, as you can totally kill the drive if done wrong, and it will disable the password feature completely)

2). Replace the HDD controller board with an IDENTICAL one from an unlocked drive with no password set.

3). Find out the chip specs for the controller board, chances are you can wipe the password and BIOS by applying voltage to the right pins. Or there may be a reset jumper, chances are it won't have any pins, just solder contacts.

4). Get the official method of unlocking the drive and rest the pasword. (you will obviosly have to speak to the HDD manufacturer about this, and may have to prove ownership of the drive, or they may want you to send the drive in and they will do it for you.)

HTH
0
 
LVL 1

Expert Comment

by:nicholasp
ID: 8084608
Sorry but the passowrd IS stored in the sillicon not on the platters, the data on the HDD is not even encrypted.

If you can post the HDD model number and any other info you can glean from the outside of the drive itself and I'll get you the specs and hopefully a workaround.
0
 
LVL 1

Expert Comment

by:nicholasp
ID: 8084665
If someone wants to send me one of these drives I would be happy to reverse engineer one from a data recovery point of view.
0
 
LVL 24

Expert Comment

by:SunBow
ID: 8084677
>  may want you to send the drive in and they will do it for you.)

just had strange thought - how liable can mfr be? On one hand, they get off free because you did not buy from them. On other foot, they incorporated a feature that made their product, in essense, defective in that it is unavailable to you. And it is not new defect but had been there all along.     If it was a friendly Joe, possibility that you could return for replacement, which would be bigger, provided you'd accept refurbished one. If so, I'd go for taking that deal. (except for keeping one to play with later - er, for posterity.)
0
 
LVL 1

Expert Comment

by:lekan
ID: 8085011
Do You realy want the space or the data. If You are looking tor the space. Try low level formatingm then fdisk and format. This should work if there is a softlock. but if there is a hardware trick, like special cabling or ondrive nonvolatile memory lock or maybe rom lock which is unrecoverable (have to change a component), no help for You. If You are interested in the data on the hdds, try to fing the owner of the data.

Lekan
0
 
LVL 18

Author Comment

by:Wakeup
ID: 8086076
Dont care about the data.  WOuld love to wipe clean and start over.  I will try contacting the manufacturer.  I will get the specs of the drive later on.  Thanks for the ideas.
0
 
LVL 1

Expert Comment

by:ticktacksir
ID: 8086461
So because im lazy i didn't really read the whole thread, forgive me if im repeating....take the laptop hard drives out and connect them to a desktop machine with an adaptop like this one:

http://www.startech.com/ststore/itemdetail.cfm?product_id=IDE4044&topbar=topbara.htm

Then use some type of low level formatting tool to remove everything off the drive....thats unless the password is stored in some firmware on the drive
0
 
LVL 4

Expert Comment

by:kannabis
ID: 8086473
ticktacksir,

You're right, you didn't take any time to read the thread, which if you did read at least the last 5 short posts, you'd notice that the password is stored on firmware.

Thanks for your help
0
 
LVL 45

Expert Comment

by:patrickab
ID: 8086815
I like SunBow's ">  may want you to send the drive in and they will do it for you.)" It has all the elements needed for a commercial solution. A built in feature of forced absolescence. Imagine a car built with an electronic lock that could never be by-passed. It just would not exist. The manufacturers would be taken to the cleaners - so they have ways of dealing with similar problems. Let's hope the drive mfrs see sense.

Good luck
0
 
LVL 18

Author Comment

by:Wakeup
ID: 8087118
hehe...ya I hear ya guys.  Oh and as for ticktacksir, I have one of those...and got one for $3.65 instead of the $15+ for your link....
Got mine here:  
http://www.compgeeks.com/details.asp?invtid=HD-108

Actually have several.  And of course, you havent read the whole thread.  In which mentioned in much earlier postings is that we have discussed installing the drive as a slave etc using such an adaptor etc.  Anyway yes old news...give me something more to work with.
0
 
LVL 1

Expert Comment

by:compuphonic
ID: 8087945
Fujitsu drives ? What model are they ?

0
 
LVL 10

Expert Comment

by:pbarrette
ID: 8090229
Hi Wakeup,

I'd suggest checking out these Q's on the same topic:
http://www.experts-exchange.com/Storage/Q_20525321.html
http://www.experts-exchange.com/Hardware/Q_20517922.html

Basically, if you don't have a lot of expensive equipment, it can't be done.

There are a few companies which will remove the password, but I think I know how they are doing it. Brute force. You make a special IDE controller and some custom software, then you just have your software try 3 passwords, then reset the drive, then try 3 more passwords, then reset the drive, etc.

As was explained by Paul Sanderson of Sanderson Forensics in the first link, the HD password is stored on a system sector of the HD and not on the controller card. Replacing the controller card with one from an identical, unlocked drive will not work.

About the only feasible idea I've seen so far is from Win2K4Life when he suggests using a powerful magnet to corrupt the password data held on the platters.

The only problem with that is you risk corrupting the drive table itself, and are left with an unlocked, but completely unusable drive.

pb
0
 

Expert Comment

by:Win2K4Life
ID: 8090629
pbarrette,
By drive table, do you mean the partition table, or something else? If the partition table is corrupted or destroyed, wouldn't a low level format fix that?

Sorry this has turned into more of a discussion forum Wakeup, but it seems you have a stumper on your hands here...
0
 
LVL 10

Expert Comment

by:pbarrette
ID: 8090817
Hi Win2K,

Not just the partition table, but also the non-user accessible system areas of the disk and the physical geometry tables. A low-level might fix it, but is it possible? IDE drives come from the factory with their physical geometry already written to the disk platters.

Low level formatting used to be possible with MFM and RLL HD's, but I don't think you can do that anymore with IDE. There are "Low Level Format" utilities out there, sure, but they don't recreate the geometry, they just "zero fill" the drive in the pre-created sectors.

Check out:
http://www.pcguide.com/ref/hdd/geom/formatLow-c.html

Also, with a powerful magnet and no specific targeting involved, you could end up screwing up the alignment of the heads, or permanently embedding a magnetic preference to sections of the drive, making them unable to hold a new magnetic orientation, thus turning them into bad sectors.

pb
0
 

Expert Comment

by:Win2K4Life
ID: 8090937
hehe, oops. Guess I've been lucky a few times...
0
 
LVL 1

Expert Comment

by:ticktacksir
ID: 8090996
Seems that im not the only one not reading here, a low level format isn't going to get rid of the password that is on the firmware.  So for my mistake of not reading i went and did some research and the only thing that anybody has to say is that your screwed unless you send the drive into a repair shop that handles this kind of stuff.  

http://www.nortek.on.ca/hdd_pw.html#HDD
0
 
LVL 10

Expert Comment

by:pbarrette
ID: 8092321
Hi ticktacksir,

Exactly.

Not only that, but you can't even do a low-level format since the drive won't allow a write operation (or a read operation for that matter) until a valid password is supplied.

I've been batting this around with some friends and we came up with an interesting idea:

At some point, the controller must read the password off of the drive and pass it to a memory register to be compared with the password entered.

Using a logic analyzer (like this one?):
http://www.linkinstruments.com/lapar.htm

You could read off the data being passed to the controller from the HD, and extract the password from that.

Interesting, but not quite feasible for the home user.

pb
0
 

Expert Comment

by:jlb0331
ID: 8177150
I have gotten close to full access and format via starting with a good drive, selecting alternate boot option, and pulling out my good drive putting in the PW protected drive during the diskette boot process.  Have also tried several versions of boot/run from CD with no better results.  Have booted up with two versions of PC DOS from Norton Ghost and Partition Magic.  Tried several Boot routines to automate ZAP and another "KILL" process but with no luck.  Process used automates creation of a "RAMDRIVE" on the PW protected drive and I can access the drive as C: but it is only the "RamDrive" and any/all attempts to run anything from the "RamDrive" will not format any of C: - keep getting different messages about not being able to perform the process.  I have several more processes I want to try before giving up - getting so close with access from/to A: to C: or the reverse but cannot get any formatting programs to run - just started download shareware/freeware programs to continue testing.  I think this process can work with the right program running within the "RamDrive", though it is a bit risky changing the HD with power on!
0
 
LVL 10

Expert Comment

by:pbarrette
ID: 8178868
Hi Jib,

The RAMDRIVE is just that: A section of RAM that has been reserved to act as a hard-disk. Just becuase it is assigned a drive letter doesn't mean that has anything whatsoever to do with the physical HD in the system. The locked HD will not be accessible until the correct password is supplied.

As far as removing and reinserting a drive while the system is powered goes, that's definitely a risky procedure. There are drive caddies (also called "Mobile Racks") available which isolate the IDE interface to prevent possible damage to the IDE controller and your HD.

Personally, I've been using some software which, in theory, shuts down the secondary IDE controller thereby allowing you to remove and reattach devices to it. I haven't had any problems yet, but it certainly isn't 100% safe.

pb
0
 

Expert Comment

by:Nilsi
ID: 8199122
okay, here is one page explaining how a HD Passwork work's   http://rockbox.haxx.se/lock.html
and if you habe many HD drives mybe this ist an alternative
http://www.pwcrack.com/bios.shtml
0
 

Expert Comment

by:CAZ
ID: 8382429
Hmm, let's say that there is a workaround to boot your system and access the harddisk.
Can we reset the password then?
I've read all the items u guy's wrote down but i'm still not certain where the password is stored.
So this is my question: if u have access to disk can we reset the password?
0
 
LVL 10

Expert Comment

by:pbarrette
ID: 8383435
Hi CAZ,

For the umpteenth billionth time... It doesn't matter if you can boot the system with the HD attached or not.

Certainly, you can boot the system if the BIOS is so old that it doesn't support HD-locking. Also, (more dangerous) you can boot the system with the HD's power cable plugged in and the BIOS settings for the HD pre-configured, then attach the data cable to the HD after the system has booted.

The problem is that the HD controller (the one built into the HD) will not allow you to access the data on the HD until a valid password is given.

While the HD is locked, the HD will only allow a few, very specific commands to be executed on the HD. These commands are (in no particular order):
Identify Drive
Unlock With Password
Zero-Fill Drive With Password.

So, no password, no access to the drive.

The password itself is stored on a special, system area of the HD. When the HD powers up, the on-board controller does its POST, then checks to see if there is a password in the special area. If there is a password, the controller locks itself down to reject any commands except for those listed above.

Somewhere, in one of these threads, I have proposed a possible solution, but it's out of reach for most users.

The idea is that the HD controller must read the password off of the protected disk area to check if the supplied password is valid. When that happens, the HD password is being passed into the memory registers of the HD controller.

With a logic probe and sufficient knowledge of the ATA specifications and ATA chipsets, you could read the password off of the memory registers of the HD controller, or possibly read it while it's being passed to the HD controller.

That's about the only solution short of taking the drive apart and reading the platters with specialized hardware.

pb
0
 
LVL 18

Author Comment

by:Wakeup
ID: 8386236
Thanks PB for clarifying that for Caz.  I still have not abandonned the question.  I have been searching for other means.  If anyone has any other ideas fire it off... If not I will see/review some of the other ideas, and maybe just split the points up as I see fit, on some of the comments that may seem close/helpful to my problem.  Anyone up for review that I should look at?  or anyone think they deserve the points or anyone you think deserve them?  Feel free to post.  I'll close this in a week or so if I haven't figured it out by then.
0
 

Expert Comment

by:CAZ
ID: 8386460
Thanks for your kind reply ;))
I already said i've read all the post in this group!!
So this is my question again: LETS SAY i have access to the drive, is it possible to erase or overwrite the area where the password is stored.
BTW mister wakeup, i might have a way to access the HD
0
 
LVL 18

Author Comment

by:Wakeup
ID: 8386726
and how would you suppose you could get access to the drive?
0
 
LVL 1

Expert Comment

by:nicholasp
ID: 8386906
The password is stored in flash ram.
You need to unlock the hardware with the password before the controller card will function.
Bypassing the security means modifying the controller card physically or sending the correct data to the card to access a back door in the firmware.

As the manufacturer will NOT give out the specs on the drive you have 3 options.

1.) Send it to the manufacturer for a hardware reset (this will wipe all info on the drive)

2.) Send the drive to someone who can reverse engineer it and bypass the security

3.) Buy a new one.

The reason that you can not place the platters in another drive of the same model or replace the controller card with one from another drive of the same model is such:
The drive security works in a way that is spread across both the platters and the controller card.
The password is not actually stored anywhere. A check sum is stored on the controller card. If the password supplied at start up cive the same check sum then the contoller card comes to life (the checksum is 16 bits long... that's 65536 different possibilities).
The controller card then uses the password supplied to unencrypt key areas of the harddrive. If the password is not exactly correct (more than 1 password will produce the same check sum) the data is still unreadable and the drive will appear unformatted with no data recorded.
not having the two processes linked means that even with the correct password, a mismatched set of drive and controller card will still not be readable.

The only 4 "non-legit" ways to get around the security are:
1.) Using specialist hardware read the data off the platters and manually de-crypt it. (forceably breaking the encryption would take about 50 years or so)
2.) replace the firmware on the controller card with a patched version and manually break the drive's encryption (another 50 years...)
3.) Physically modify the controller card, making pins 12 and 14 high and pins 15 and 17 the logical NOT of pins 2 and 4 respectively on the bios chip. Dump the bios to get the checksum. Using the checksum generate possible passwords (7, 8, 15 or 16 character max depending on the firmware) and forcibly decrypt the drive.
4.)The same as option 3, except reflash the bios instead of modifying the hardware.

As you can see option 4 is the easiest followed by option 3.

Your only options by the sound of things are:
- send it to the manufacturer (as per above)
- send it to a "hardware hacker"
- learn how to do it yourself

Sorry... there is no easy way out on this one.
0
 
LVL 18

Author Comment

by:Wakeup
ID: 8386931
I know it is not easy...hence the points being up on the high end.
0
 
LVL 1

Expert Comment

by:nicholasp
ID: 8387015
I should add that my comments on this issue prior to my previous one should be ignored as the are partially or completely incorrect. The security is on the silicon and the platters... the drive must be "cracked" as a whole unit.

See my previous post.

P.S. It can be done (I got my hands on an unpassworded drive and "experimented")
0
 

Expert Comment

by:CAZ
ID: 8387100
Oke, this is how it works:

You need a compaq N600C or N610C laptop(Tested)
Make sure the bios is not password protected, so only the drivelock is active.
Start the laptop and when it prompts for a password just hit enter 3 times.
The laptop will now start from CD.
Boot to dos and unplug the powercable, wait until the system goes to standby (15 minutes?)
After the system went to standby start the machine again and when u did it right the machine returns imediatly to the screen where it was before it went to standby.
At this point hit CTRL ALT DELETE and the machine is going to reboot to dos or from harddisk without asking for a password!!!!
You now have full accees to the drive!
Thats why i asked the damn question :))

PS. If u own a compaq don't do a bios update, because this might remove this Feature :))
Compaq has been notified this morning.

Greetz CAZ
0
 

Expert Comment

by:CAZ
ID: 8387111
Uhm, forgot one message:

After u hit enter 3 times u get a 1790 error, after this de machine will boot from cd
0
 

Expert Comment

by:CAZ
ID: 8387113
Uhm, forgot one message:

After u hit enter 3 times u get a 1790 error, after this de machine will boot from cd
0
 
LVL 10

Expert Comment

by:pbarrette
ID: 8390885
Hi CAZ,

I don't know where to begin on this one..

Not possible.

Your system may well recognize the drive when you do this, but go ahead and try to format the HD, or read, or write information of any sort to the HD.

As I said before, my old Compaq 486 laptop's BIOS doesn't recognize HD locking, so it boots with a locked HD with no problems whatsoever.

Unfortunately, the drive still isn't unlocked, so you can't do anything with it.

---------
Hi nicholas,

Actually, the password data is held on a Host Protected Area of the drive platters, and not the controller card itself. The controller card just requests the password, then reads the password off the drive, then compares them.

You can actually replace the controller card with an identical drive and the password will be unaffected.

Also, the data on the drive is not encrypted. To encrypt the data would take too much performance overhead. Besides, there is little point in encrypting the data when the controller won't let you access it anyway.

Frankly, I don't know about your BIOS chip mod, but it seems to be in the same vein as reading the PW off the controller as it comes in.

It may well be that the controller recieves a checksum of the password, as opposed to the actual password. In that case, our proposed answers are much more similar than they appear at first glance.

pb
0
 

Expert Comment

by:CAZ
ID: 8393006
How about thinking in solutions, everyone keeps telling me that it's impossible to workaround a disklock.
When there is a workaround (on some system) someone tells for the first time in this thread "hey i'm working on a old laptop and it doesn't ask for a password and the disk is accessable"
Then this person tell's me that it's impossible to access the area where the password is stored.

The difference between your laptop and mine is that my laptop has put the password on the disk and yours can't!!
So maybe there is someone with enough knowlegde to write a tool that say's to bios "hey remove the damn lock from disk 0" :))
I have this little theory that say's when a bios can put a password on a disk and we have the disk up and running with no limitations on a modern system, then there must be a way to remove or change the password!!
0
 

Expert Comment

by:CAZ
ID: 8393033
How about thinking in solutions, everyone keeps telling me that it's impossible to workaround a disklock.
When there is a workaround (on some system) someone tells for the first time in this thread "hey i'm working on a old laptop and it doesn't ask for a password and the disk is accessable"
Then this person tell's me that it's impossible to access the area where the password is stored.

The difference between your laptop and mine is that my laptop has put the password on the disk and yours can't!!
So maybe there is someone with enough knowlegde to write a tool that say's to bios "hey remove the damn lock from disk 0" :))
I have this little theory that say's when a bios can put a password on a disk and we have the disk up and running with no limitations on a modern system, then there must be a way to remove or change the password!!
0
 

Expert Comment

by:Win2K4Life
ID: 8395952
Way to be proactive! CAZ, I'm sure Wakeup wouldn't mind you shipping him your laptop!
0
 

Expert Comment

by:CAZ
ID: 8398456
Hehe, i'm not going to risk my own drive :))
But hey there are enough locked drives out there.
0
 
LVL 18

Author Comment

by:Wakeup
ID: 8399755
I could always go the other route and send my drive/s hehe...
0
 
LVL 10

Expert Comment

by:pbarrette
ID: 8401332
Hi CAZ,

Yes. You can see the disk, but that doesn't mean that you can access it.

The drive is locked according to ATA specifications, which have absolutely nothing to do with the system BIOS of any specific computer.

When your laptop is asking for the ATA password, it is merely passing that information on to the on-disk HD controller. It is the on-disk ATA controller (the Integrated Drive Electronics, or IDE) which is then determining what commands the drive will allow or disallow.

So, basically, the computer has no say in whether it can access the HD or not. The access is granted or denied entirely by the HD itself.

When the computer requests a READ or WRITE operation from the HD, the HD first determines whether it is locked or not. If the drive is locked, the drive returns a NOT AVAILABLE to the computer.

So I simply don't see how your Compaq laptop has the ability to force the HD to accept ATA commands which have been disabled.

There's only one ATA command-set available to use and it has been heavily standardized. Even if Compaq had decided to create their own, proprietary ATA interface structure and command-set (which they have never done), it would only work with drives developed specifically for that proprietary interface (which don't exist).

But hey.. Don't take my word for it. Visit the links I've provided and see for yourself.

In this thread, Paul Sanderson of Sanderson Forensics states that even he, a professional data forensics specialist, must send out drives that have been ATA locked:
http://www.experts-exchange.com/Storage/Q_20525321.html

I'm not saying there's no solution. I'm saying that the solution isn't easy. It requires a lot of knowledge and some costly hardware.

pb
0
 

Expert Comment

by:CAZ
ID: 8401824
Hi PB,

Listen, take my word for it that the drive is accessable.
I can read from the drive and i can write to the drive.
I don't know why it works, but it works the way i discribed earlier.
Somehow the drive gets fooled by a bug in the bios or something, i can't reproduce it on a HP.
For the 2 compaq machines i have tested it worked for sure.
I also let someone else try it; i gave him the laptop with a locked harddisk and the description about what to do.
I let him cold boot the machine and figure it out by the description.
He didn,t know the password for the hdd, a few minutes later he was booting xp!!!!
I don't mind if you don't believe me, but if tou can get your hands on the type of laptop i described earlier you can test it yourself.

Maybe it's a problem with the drive or a bug in the ata protocol, i don't know.

Caz
0
 

Expert Comment

by:JerMe
ID: 8401958
Caz,

Lets just say that you can access the drive with your laptop.  Have you tried accessing the drive with another newer machine?

I just remember waaaaay back in the day, when the original question pertained to "password removal".
0
 

Expert Comment

by:CAZ
ID: 8403914
JerMe

Duhuh, even in my own machine it doesn't remove the password, so after every cold boot you should do the trick.
But this is a step ahead i think, before we were not able to access the disk and then it is even harder to find a way to overwrite or anything.
Okay guy's nice talking to you all and have fun with your forum, i thought this was a expert exchange.
But only a few experts stayed i think.(and they have trouble reading)  
0
 

Expert Comment

by:Rogerbird1
ID: 8483464
CAZ

Can you low level format the drive now?
and does the Format remove the password if you were to put it in a different machine??

0
 

Expert Comment

by:CAZ
ID: 8487515
Offcourse i can lowlevel format the drive, only my data is on it, so i won't try that on my drive :)).
I might get my hands on another locked drive in the next couple of weeks and i will try it then.
0
 
LVL 10

Expert Comment

by:pbarrette
ID: 8490277
Hi CAZ, all,

I just thought of something that may describe the results you are seeing.

Quite a few IBM laptops have a BIOS integrated HD lock mechanism. What happens is, when you set a BIOS password, that password is replicated to the HD password. So the BIOS and the HD share the same password.

It may be that your Compaq has a similar structure. If you are able to bypass or disable the BIOS password, but the BIOS password is still stored in the BIOS, and it is linked to the HD password...

Then what may be happening is that the BIOS is automatically supplying the HD with the password that has been stored in the BIOS.

I'm going to guess that you haven't been able to access a disk that has been locked on another computer, or locked using a utility like ATAPWD with a password that is different than your BIOS password.

pb
0
 

Expert Comment

by:Rogerbird1
ID: 8495534
PB probably has it on the nose..
as in Wakeup's case, he has several drives that were PWDed on a different machine.

The same is true for XBox HD's the BIOS creates the password for the HD and if you were to swap drives between
Xboxes it would not work because the HD PWD doesnt match the BIOs PWD.

Unless the Compaq does not check the PW flag and the drive
interprets that as an UNLOCK condition. If that is the case
then it would be a solution to Wakeup's problem, Run them in a older machine without ATAPWD function, inadvertently Unlocking the drives and then they can be reformatted and used in his curent system.

It would be interesting to know if that would work.

Rogerbird1
0
 
LVL 10

Expert Comment

by:pbarrette
ID: 8496087
Hi Rogerbird1,

Unfortunately, that won't work. If the system doesn't recognize the ATA password specifications, it simply won't prompt you for a password.

That doesn't actually unlock the drive, but it does allow you to boot the system from another device while having the locked HD attached to your system.

The drive itself remains locked since it is the HD's built-in controller that determines whether the drive is locked or unlocked.

When the drive determines that it is locked, it only accepts a few, specific commands:
Identify - Allows the computer to determine the drive type/model and BIOS CHS/LBA settings.
Unlock - Allows the computer to supply the unlock password to the drive.
Secure Erase - Allows the computer to zero-fill the device AFTER having supplied the correct password to the drive.

Since the drive itself will not accept any other commands while it is locked, it is impossible to read/write the data on the drive without:
1) Knowing the password.
2) Hacking the password.
3) Tearing the drive apart and using specialized equipment to read the data off of the platters.

pb
0
 

Expert Comment

by:CAZ
ID: 8507340
Okay, i've tried to get around a drive locked on a different machine, this also works.
I think it has something to do with a hot reboot, when the machine enters hibernation mode, you can see harddisk activity, so i guess that the machine writes things down on the hardisk when it enters hibernation mode.
When it wakes up from hibernation the probably aleady isn't locked anymore.
You have to reboot to access the drive.
BTW: compaq has made a beta bios that should resolve the problem and it does.
The workaround only works again when you flash the old bios back.
Also tried a lowlevel format to remove the password, it doesn't work.
Maybe someone else knows a tool that really removes ALL data from the disk (Including the drivelock password)
0
 
LVL 4

Expert Comment

by:kannabis
ID: 8512490
CAZ,

Welcome to EE.  Please take the time to read the threads.  Everything you have said has been mentioned before.  
0
 

Expert Comment

by:CAZ
ID: 8515954
Mr Kannabis (the c was taken?)

Thanks for your welcome, i think you've read the thread?
(Especially 04/24/2003 02:30AM PST)
Give me a quote in the same context i wrote my comment.
0
 
LVL 10

Expert Comment

by:pbarrette
ID: 8526202
Hi Everybody,

All I can say, without having physical verification, is this:

Everyone please keep this quiet for CAZ.

He has become the 4th (possibly 5th) commercial entity in the world with the ability to recover data from an ATA-Password locked drive, beating out some of the top data-forensics specialists in the world.

So please don't spoil his commercial potential by spreading his secret around.

pb
0
 

Expert Comment

by:CAZ
ID: 8526599
Bite me!
0
 
LVL 18

Author Comment

by:Wakeup
ID: 8528993
Look....Pbarrette, Caz and whoever else is on that bandwagon trying to smack each other down....STFU!  Pardon my french.  This is my question.  I will determine who has the best comment/answer, and I will decide for myself which is true/false or a crock.  You dont need to pound each other.  I will do that for you.  

Pbarrette, just leave Caz alone.  He is trying to help.  And how do you know if his ideas are right or wrong?  Have you tried them?  And where do you base your information stating that he is the 4th or 5th person in the world?  There are companies out there that will do similar if not better things that he has/hasn't done...And for a big fee.  Of which I dont want to pay.  I have actually seen some partial schematics on tools that you can make to create a device that will disable the lock on the HDD.  And these guys are NOT: top data-forensics specialists in the world.

Caz, chill with the fighting back....You dont need to defend yourself.  Your work/comments will speak for itself.

0
 
LVL 10

Expert Comment

by:pbarrette
ID: 8535315
Hi Wakeup,

This is the last comment I will make on this thread.

I know CAZ is wrong because I know the ATA specifications. As I have stated several times, there is absolutely no way to access the drive without:
1) Supplying the correct password.
2) Using specialized hardware to:
 a: Read the password directly off the platters after cracking open the drive.
 b: Read the data registers of the HD as the password/password hash is read into the on-hd controller to be checked against the supplied password.
 c: Physically modify the on-hd controller.

These are the only companies I know that can actually recover data from ATA locked HDs:
www.datarecoverybc.com
www.nortek.on.ca
www.vogon.co.uk
www.easydatarecovery.co.uk

Vogon's website doesn't specify that they can remove the password, but they do say they can get the data off a locked drive.

The top three in the list all use a clean-room and take the drive apart, whereas the last one uses specialized hardware and software to get the password without opening the drive.

I am willing to put it to the test.

I have a 540MB 2.5" HD that I am willing to lock and ship to whomever says they can access a PW locked drive.

Conditions:
1) The drive will be locked with a password of my choice using ATAPWD.
2) The drive will contain 1 ASCII text file.
3) I will pay for outbound shipping, provided the reciever agrees to pay return shipping. Approximate cost of shipping should be about $3-5 US, so it's not really a burden.
4) The drive must not be permenantly modified, damaged or opened.

All you have to do is post the contents of the text file.

To prevent any fraud on my end, the contents of the text file can be handed over to a 3rd party for verification, and the file on the drive witnessed by my lawyer prior to shipping.

That's all I've got.

pb
0
 

Expert Comment

by:Darrel_Fong
ID: 8613024
me would flash the bios and if fails try guess password

(i am smart and trying WAKEUP)
0
 
LVL 18

Author Comment

by:Wakeup
ID: 8615435
Darrel, If you read any of the comments above.  you would have already seen that flashing the bios will not work.  And second, I do not wish to GUESS the password.  
0
 

Expert Comment

by:Darrel_Fong
ID: 8619263
sorry Wakeup I'm tired today reading but not "on my game" really today. I try only help you cus we are friends. Another option but warning BE CAREFIL:

I have search for password before and take cover off drive but careful no dust no static no mosture and extract password from drive.

please very very careful! DONOT lose data its worse than format ok? if you not sure do not do it better for a new drive and count some losses.

hope you help me as well with problems thankyou! :)
0
 
LVL 18

Author Comment

by:Wakeup
ID: 8619271
Darrel, whoever said we were friends?  I dont know you...you dont know me.  
0
 

Expert Comment

by:Darrel_Fong
ID: 8619586
<edited by PashaMod>
0
 
LVL 10

Expert Comment

by:makerp
ID: 8657239
Darrel,

May i may make a suggestion. i have been looking at some of you other posts in other questions and you abviously have a great deal of expireince in the IT world (by the looks of it, programming, hardware... not to mention security). Why dont you use this knowledge and create your very own advice web site, i dont know... maybe call it 'Darrels Corner'. I actually think people would pay money for your advice... Dont worry if the people here in EE mock you, you are clearly on a far higher plain than the other experts here, they just can not understand your abstract ideas..

>>I have search for password before and take cover off drive but careful no dust no static no mosture and extract password from drive.

for example, here i am sure you mean to actually perform 'open drive' surgery on the drive and extract the password with a scalpel...... fantastic idea... although you may be able to inflict less damage to the drive if you use 'key hole' surgery instead. my dad had this to fix torn cartlidge in his knee....

P
0
 
LVL 16

Expert Comment

by:Kyle Schroeder
ID: 8657373
HAHAHAH makerp!  I think someone here has trouble finding the `any' key... :)
0
 
LVL 18

Author Comment

by:Wakeup
ID: 8658598
Well due to some problems,  Darrel will not be visiting us forever.

:)
0
 

Expert Comment

by:flood92
ID: 8673051
First off - I have no idea of the inner workings of a typical HDD and that said - do not know how hard this would be or if the platters allow writing to both sides; but if they did (they look the same on both sides - could you not do some surgery and flip the platter over? This assumes the password is on the platter and you could torque the platter screws to the correct torque    (i.e. rebalance them). And you don't have big fingers like I do that would mark up the platter.

Just a thought
0
 
LVL 31

Expert Comment

by:rid
ID: 8673254
1) Opening the HD casing will in most cases render the question here null and void, since the HD will probably be ruined...

2) Even if you could operate on the drive without contaminating it, moving/flipping the platters will probably cause severe confusion, as the drive will
have problems finding the sectors again.
/RID
0
 

Expert Comment

by:flood92
ID: 8674789
1) Opening the case of a HD will not ruin it - they aren't that fragile (its been done before it will be done again)
2) I don't understand what you mean by moving? They are pretty much set in place - however, you are right about flipping the platters, they must not have sectors on the other side - the record mechanism just searches back and forth (I have an old drive and got bored this afternoon) - I flipped it back and the drive booted fine - however I figure if I damaged it it will show up later than sooner - most likely the recording arm if anything - it seems to be the weakest part.

The pitfalls of a curious mind
0
 
LVL 18

Author Comment

by:Wakeup
ID: 8675503
flood92,

Not necessarily true on the new drives....and some older ones....

some drives are very sensitive to dust.....
and some drives are vacuum sealed....you can put the drive back together perfectly...but doesn't mean that ALL drives are that easy....nor will all drives work as good as it did before you open them.  Specially the ones that are vacuum sealed.  it might still run, but the speed is not as desireable.  And could still cause damage to the drive etc.  I think what Rid means, is that if you knock the heads outta place...or if they get uncalibrated or misaligned, which they can do....I have many drives here that I have taken apart for fun...some still work.....
some wont work after playing with them.  Anyway moot point.  It's dangerous to the drive regardless.


0
 
LVL 31

Expert Comment

by:rid
ID: 8675584
You got my drift 100%... I was also thinking that if the PW is stored on the platters, in a sector that is normally not user-accessible, the drive still needs to find it,
somehow. Flipping a platter would perhaps place this sector in an unexpected position rendering it inaccessible to the drive itself? I'm not sure that would help.

If this thread goes on for a while yet, it may be considered a reference work on hard drive protection... there are lots of interesting ideas and links here.

Cheers
/RID
0
 

Expert Comment

by:Hashashin
ID: 8959875
I have been having the same problems, booted into pc check, ran the memory and harddrive editors.
All to no avail. tried low level format and of course... unable to write to the harddrive.
0
 

Expert Comment

by:Freddy_Fong
ID: 8983801
<edited by PashaMod>
0
 
LVL 16

Expert Comment

by:Kyle Schroeder
ID: 8985584
<edited by PashaMod>
0
 

Expert Comment

by:Freddy_Fong
ID: 8992024
<edited by PashaMod>
0
 

Expert Comment

by:CAZ
ID: 8993031
Hi, I'm back :)

Quote:> Hi Wakeup,

This is the last comment I will make on this thread.

I know CAZ is wrong because I know the ATA specifications. As I have stated several times, there is absolutely no way to access the drive without:
1) Supplying the correct password.
2) Using specialized hardware to:
a: Read the password directly off the platters after cracking open the drive.
b: Read the data registers of the HD as the password/password hash is read into the on-hd controller to be checked against the supplied password.
c: Physically modify the on-hd controller <:

He's right, i made a misstake with swapping the different drives with the compaq n600 laptop.
I probably put the same drive back in the laptop instead of the one i took from the other laptop.
The compaq n600 cached the password in the bios after the password entered correctly one time, after the laptop stored it it doesn't matter if you take off the power or baterries.
Compaq supplied a fix for it so after the latest bios update the bug/feature i discribed doesnt work anymore.
However if you would put another drive in the compaq the cached password doesnt match, so you wont have access.
0
 
LVL 18

Author Comment

by:Wakeup
ID: 9805520
I actually met a friend at work who has answered some of my questions.  1.  There are ways of unlocking hard drives.  2.  He has the tools to unlock them.  3.  He runs a Data recovery company near where I live.
4.  He says he can unlock the drives for me if I need.  

He says he can't give me the device nor can he give me blue prints on the device etc.  So sorry I can not post pertinent information here.  I as of yet have not asked him to unlock the drives for me.  Since I really dont need them(3gb 2.5" drives.)  So I dunno who do you guys think deserve points on this one?  or shall I ask for a refund?  or should I delete the question...?  or what?
0
 
LVL 31

Expert Comment

by:rid
ID: 9805749
I think the thread needs to be preserved - it makes interesting reading - so perhaps PAQ and refund is the way.
/RID
0
 
LVL 16

Expert Comment

by:Kyle Schroeder
ID: 9806052
I agree with rid...there is alot of info here, though none of it (past Wakeup's last comment) truly answered the question...

-dog*
0
 
LVL 18

Author Comment

by:Wakeup
ID: 9806813
Ok...Unless anyone feels other wise, then PAQ and refund is fine with me...
0
 
LVL 10

Expert Comment

by:pbarrette
ID: 9814060
Hi All,

I agree. There is a lot of very good information in this thread that should be preserved.

I think the question should be PAQ'ed and Wakeup's points refunded.

pb
0
 
LVL 6

Expert Comment

by:akboss
ID: 9974302
too much good info to just get rid of it.


============================
No comment has been added lately, so it's time to clean up this TA.
I will leave a recommendation in the Cleanup topic area that this question is:
PAQ/Refund Points
Please leave any comments here within the next seven days.
 
PLEASE DO NOT ACCEPT THIS COMMENT AS AN ANSWER!
 
akboss
EE Cleanup Volunteer
============================
0
 
LVL 1

Accepted Solution

by:
Computer101 earned 0 total points
ID: 10002013
PAQed, with points refunded (350)

Computer101
E-E Admin
0
 
LVL 18

Author Comment

by:Wakeup
ID: 10004027
Thanks guys and thanks C101.
0
 
LVL 1

Expert Comment

by:UserX
ID: 10033311
Wakeup,
Have you tried taking the laptop hard drive into a desktop system as a slave and if necessary reload its firmware?
Even if you have problems with the bios, you can use operating systems like XP or Windows 2000 Pro to hot swap it in (As im sure you already knew). Do you know what area of the drive or what component the password is stored in? Surely after a firmware reload, a low-level and new partitions the drive must no longer have a password?

~User X
0
 
LVL 31

Expert Comment

by:rid
ID: 10033345
I take the liberty of quoting pbarrette here:

"The drive itself remains locked since it is the HD's built-in controller that determines whether the drive is locked or unlocked.

When the drive determines that it is locked, it only accepts a few, specific commands:
Identify - Allows the computer to determine the drive type/model and BIOS CHS/LBA settings.
Unlock - Allows the computer to supply the unlock password to the drive.
Secure Erase - Allows the computer to zero-fill the device AFTER having supplied the correct password to the drive.

Since the drive itself will not accept any other commands while it is locked, it is impossible to read/write the data on the drive without:
1) Knowing the password.
2) Hacking the password.
3) Tearing the drive apart and using specialized equipment to read the data off of the platters."

Firmware reload, low-level format (zero-fill) and partitioning cannot be performed on a locked drive, if I understand the above correctly.
/RID
0
 

Expert Comment

by:oblietrix
ID: 10138387
I haven't looked through this entire topic because it's so long. Laptop hard drives can be locked and will only be unlocked by the machine they were locked in.

PLEASE UNDERSTAND THAT YOU CANNONT UNLOCK A LOCKED LAPTOP HARDDRIVE WITHOUT THE ORIGINAL LAPTOP.

This is purely for security due to the portable nature of these units. You will not be able to carry out any type of formatting, partitioning or anything on a locked drive, no matter what you use. Also, you cannot put the drive into a desktop system as a slave a read the data, all you will get will be an error message.

The locking is a partnership between the original laptop BIOS and the individual drive and is very, very secure. As for someone having a friend who has a device, the friend is lying. YOU CANNOT ACCESS A LOCKED HD WITHOUT THE ORIGINAL BIOS
0
 
LVL 18

Author Comment

by:Wakeup
ID: 10139507
oblietrix....

Not true....one of my customers who comes in to my store, has a device that can do it.  So not true at all.  Also there are many websites as well as the manufacturer (both the laptop manufacturer as well as the hard drive manufacture) who say that they can do it, but would need to send the drive in (obviously)  and want to charge me more than what the drive is worth new/blank.  So not worth paying any money on a laptop drive that is only worth a few measly dollars unless of course I needed the data on it.

0
 

Expert Comment

by:oblietrix
ID: 10139941
Well, alot of people say alot of things, so unless you've actually seen it done I would be very sceptical about a 'device'. Sure the manufacturers can do it, the make the hardware so its not a problem. All I meant to get across is that for 99.9% of the population, unlocking a locked drive is impossible.

Clarified?
0
 
LVL 18

Author Comment

by:Wakeup
ID: 10141585
Well....as stated my friend that comes into my store DOES DATA recovery.  He says he bought the tool to do it.  And I believe him...For the average home user, yes it is probably impossible without the necessary tools...as I have seen/stated above...

However if I have a need for the data, it is VERY POSSIBLE...and CAN BE DONE.  I have researched the information thru and thru...you said you didn't read all the stuff in here....why dont you read it?  Then I dont have to go over all this stuff again.  Thanks....Still not clarified because you haven't proven that it can't.....as much as I haven't proved to you it can.....again...read.....

Just because you haven't found the tools to do it.....doesn't mean it's not possible.  

Just like back in the 90's when 1 gig drives were available....people said hey it's IMPOSSIBLE to use/need more than that.....I remeber when 20 mb hdd's were large...and that was all ANYONE needed.....well now were in the quarter of a terrabyte drives.....guess we'll never neeed anything more eh?  Again just cuz you dont or may not need that space, doesn't mean someone else doesn't....


0
 
LVL 18

Author Comment

by:Wakeup
ID: 10141617
oh and oblietrix,

here are a few sites that will do this for you...apparently you haven't looked at all or know about them....

http://www.nortek.on.ca/hdd_pw.html#HDD
http://www.pwcrack.com/bios.shtml

These are only a couple...there are more listed up above...and as I stated, I just want to figure out a way to do it for free.  And I have found it really can't be done.  These drives I have are 3 gig 4 gig drives...worth nothing cuz the space is so small...hence the reason why I want a free solution.  Cuz they aren't useless....just small.  But not worth paying someone 80 bux to get the password removed...Only other reason to do it is to save the data...but I dont care about the data.  And my friend says he has the tools.  I just need to find time to work with him.  And it just hasnt been worth my time to do so.  3 gig drives...I dont have a laptop to put them in.....why waste his and my time to do it?  unless I absolutely need them...?

that is my reasonings for not having done it.

So thanks...but do some more reasearch before you blow some smoke up my rear....and say it can't be done....it can...I just dont want to pay....

If you were gonna do that...next time read what we have ALL discovered over this discussion....cuz most if not all of us have come to the conclusion that it can be done...just how much time and how much money will it cost.....is the thing.

0
 

Expert Comment

by:oblietrix
ID: 10141706
Why are you getting so irate about something so trivial? If its possible then go get it done. YOU WANTED IT DONE FOR FREE AND IT CANT BE DONE. If this friend of yours has the equipment, then surely he will do at least one drive to prove the point.

I really can't understand why so much has been written here on this subject pirely to satisfy someone who is too tight fisted to go out and buy a new drive. 3-6gb drives, no matter what are scrap and pointless keeping.


0
 
LVL 18

Author Comment

by:Wakeup
ID: 10141738
As stated...read the comments....
I told you why I haven't....
It can be done....I am not getting irate...I am telling you what I know....
It can be done...you can believe it or not..as stated it can't be done for free.
I know this....
and as stated, I dont really need the drives....so I dont really CARE....
hence the reason why....I have't done it.
I have purchased (4)  20 gig hdd's and I have two of them sitting here doing nothing.  I dont need the 3 and 4 gig drives....i was EXPLORING the situation to see if it can be done for free.  It can't...I already explained that...who's being irate?  not me...I am just telling you YES IT CAN BE DONE (unlock the drive....it is not impossible) but just NOT FOR FREE.  That is all.  
If you say it can't be done...then you are ignorant.  It can be done...i did the research....you apparently havent....AGAIN I STATE it CAN BE DONE...JUST NOT FOR FREE....

And I agree with that....and I understand that....so hence the reason why I DO NOT WANT TO WASTE MY TIME AND MONEY TO GET MY DRIVES DONE....IT IS NOTTTTTTT WORTH IT............
0
 

Expert Comment

by:oblietrix
ID: 10141740
Ha, Wakeup,

Just took a look at your profile and you claim to be a computer tech with 15years exp. Why does someone with so much experience need to ask a pointless question about something to which the answer is well known.

Seems this site is geared more towards fantacists than people living in the real world. Next you'll be asking if its possible to put DDR ram into a SDRAM slot!!!!!!!!!

Get a life
0
 
LVL 18

Author Comment

by:Wakeup
ID: 10141780
Hey look...you posted a comment....in a question that has been closed for a while...which you fail to read.  

Where do you base your information on it being IMPOSSIBLE to unlock a locked hard drive?  
I gave you sites to where it can be done.  

I asked a question to see if it can be done for free.  That is not a bad question.  I am not an idiot...so do not belittle me...you have proved nothing to me.  You make claims saying it is impossible...I just showed you 2 sites...of which I contacted and they say that they can unlock the drive for a price...I dont want to pay that price...what is wrong with that?  Nothing...There are no wrong questions here....maybe stupid...and maybe idiotic...but it is information that is good to know...whats wrong with finding out how to unlock a drive?  for a price or even for free?  Nothing...that is why it has been asked probably at least a handful of times.....

Even from the best of the best....even those who have tried to help me here are the best of the best....if it was impossible or not worth their time posting, would they have?  of course not....now just give it up....I answered all youhad to say and now you have to belittle me and may claims to say that my question is pointless well then why are you posting in a pointless quesiton?  and you tell me to get a life?  again...who is the stupid one?  I make my point clear.  Take it as you will.  Someone else needs to get a life....
0
 
LVL 18

Author Comment

by:Wakeup
ID: 10141791
may claims= Make claims
0
 
LVL 18

Author Comment

by:Wakeup
ID: 10141798
BTW...I never belittled you...I just said it can be done....you said it can't....I ask for proof?  I haven't found a REAL site that claims that it CAN NEVER be DONE.....of which you claim....

0
 
LVL 18

Author Comment

by:Wakeup
ID: 10141906
Also for someone with such extensive backround as you:
IT Consultant/System Engineer MCSE

has to argue about what you have on paper rather than whats in your brain.  Also resorting to name calling and proving stupidity levels to prove your point....Interesting....sounds like my little 3 year old nephew.  But at least he's 3 years old....I am guessing you are at least in your 20's....
0
 
LVL 18

Author Comment

by:Wakeup
ID: 10142004
Dropped...
0
 

Expert Comment

by:sjconrad
ID: 10249679
Cool debate you guys have been having.

Checkout

http://www.xbox-scene.com/articles/lock-hdd.php

and then

http://www.xbox-scene.com/tools.php

It describes a utility to remove passwords from locked HDD's. Micro$oft uses the same tecniques to lock and unlock XBOX hdd's, which is in the BIOS of the DRIVE.

I have just unlocked 5 ten GB hard drives myself.

Enjoy.
0
 
LVL 18

Author Comment

by:Wakeup
ID: 10250576
Cool...If i ever modify my xbox, I may have to try that one.  Oh and I did talk to my friend that has the tools to do it.  He says he can do it.  And will do it if I want to give him the hard drives to work on.  so now it's just a matter of getting the drives to him.  He says the tools he has works on IBM drives and may work on others.  So the tools he has are drive specific.  If you guys need Data recovery or help in similar matters as what i have asked, let me know and I can get you some contact information.

0
 

Expert Comment

by:sjconrad
ID: 10250632
You seemed to have missed the point.
Using the utils on the pages above, you can remove the passwords from the BIOS of your laptop drives, or any drive locked with the ATA_SECURITY commands.
You don't need an XBOX to do it either.
0
 
LVL 18

Author Comment

by:Wakeup
ID: 10250686
Oh? Ok...I am confused... I will have to re-read again....
0
 
LVL 18

Author Comment

by:Wakeup
ID: 10250702
did you use the hdd unlock program ?  or which one?
And how do you have the sw access the bios or whatever?  explain how you did it....I am not sure how it will work.

0
 
LVL 10

Expert Comment

by:pbarrette
ID: 10254059
Lord..

Not again..

[QUOTE] FROM - http://www.xbox-scene.com/articles/lock-hdd.php
------------------------------------------------------
The Lock codes

The OEM bios generates the unlock key “on the fly”. That is it generates a unique key or password which is dependant upon several things.

This password is generated by looking at your Xbox’s unique serial number, configuration, revision level and the information obtained from the currently installed hard drive itself.

******************************************
This in turn means that you cannot simply use a password from another drive or Xbox when locking a new drive. Instead you must figure out what the Xbox is going to use as an unlock password for your new replacement drive.Fortunately the Evolution-X hackers gave us a wonderful tool to do this very thing.
******************************************

This “tool” is built into the Evolution-X dashboards “backup” command. The “backup” command figures out what password the Xbox will use to unlock the currently installed drive. It places the password/key into the C:\Backup directory in a file called hddinfo.txt.

This is why Evolution-X must be installed and running on the Xbox and drive that you intend to lock first.

What do I need?

Before proceeding be aware that you will need the following.

*******************************************
* A working modified Xbox with a replacement hard drive ALREADY installed.
*******************************************
[END-QUOTE]

The link you have provided does not describe a method to unlock an XBox HD that was locked by an XBox that you do not have access to. This link ONLY describes how to LOCK a new HD given -AN ALREADY UNLOCKED AND MODIFIED- XBox and will only be useful for that SPECIFIC XBox.

Read! Then post.

pb
0
 

Expert Comment

by:Revwarnut
ID: 10458129
OK, I've just GOT to jump in on this one.  This is a bit off topic, but it was brought up, and people seem to be reading this and learning from it... so....
Someone suggested using a strong magnet on the drive to erase the password on the disks.
Well, if part of it is on there,that WILL WORK, it will disapear.  But..... the drive no longer will work... ever again.
The reason is that hard drives do not use stepping motors like floppy drives do and so the information recorded on the disks (called Servo Tracks) that define the TRACKS  (and of course the data too) will be erased and the drive arm will either sweep back and forth accross the disk looking for a track to settle on.... or it will slam itself silly doing the same thing if no type of control over access speed is employed, which is more likely without any tracks to tell it where it is on the disk.
I worked 3 years at Seagate in the Engineering lab before I moved on to another job.
I know quite a bit about hard drives (but I have forgotten some stuff too of course, it's been 7 years or so.).
I am not familiar with exactly how the password thing is setup as we did not deal with that when I was there.  But, it most likely is either in a flashram chip on the board or in an otherwise unused track on the drive.  There are tracks before and after the data tracks that are being used by the drive's built-in controller to store the data.  These are used to store additional information...like FAT tables, or error maps (bad sections of the disk that are skipped at the factory testing).  The error maps may not be used much anymore, it could be that bad locations are not tolerated anymore.  When I was testing them, if a few bad spots came up on the machinery that wrote the servo tracks and pre-formatted the drives, they would just put the locations in the error map and skip it.  In fact, the extra data tracks were used to make up for the bad spots.  A bad spot was just traded for a good one on the "spare" tracks (which you can not see or access) so no storage capacity was lost.
The original factory test equipment can certainly reset the password to blank, or what ever you want.  But you are unlikely to get to use it unless you are really close to someone who works in the test lab.  It could be duplicated though, to some extent at least.  Rewriting the servo tracks though would take a considerable investment in equipment.  But this stuff is all tested before shipping to ensure quality, so it could be duplicated if you really wanted to.

Flipping the disks over does not work, because the servo track is not on all surfaces.  That or, flipping it over fools the servo reading circuit into thinking the drive is spinning backwards (if it were smart enough to even understand this...which it is not...it's not expected!!!!) since the sector ending signal (in bits) will come before the sector starting signal (a different pattern of bits)  And in the wrong order...back to front!!!  So it would not know where the sectors were, or where the tracks were and would scan back and forth looking for the servo signal to start.
In the old days one surface was servo, all the rest were data tracks.  More recent technology allows for both to exist together, but perhaps only one head looks for servo data mixed with the data, while the rest just look for data.  The servo data is not destroyed by the data writting on it because it is written wider on or deeper into the surface so the data is either between the peaks of the servo signal or is a weaker component over it (data write heads would not generate as strong a magnetic field as the servo writting heads did in the factory) and so both signals are mixed together and sorted out by the drives circuitry.
This is probably more than you wanted to hear about this, but I just had to share this before some poor sap tried to demagnatize his drive with a bulk eraser to speed up a format or something equally stupid.
As to the hard drive password unlocking... I prefer the SHOTGUN approach.  Preferably,  "double aught" buckshot at 10 feet.  But slugs work well too.  (grin)  Wear eye protection of course...safety comes first.  But you can leave the static strap at home for this.

Thanks!
jba
0
 
LVL 31

Expert Comment

by:rid
ID: 10458237
Very interesting, and to the point, I think.
/RID
0
 

Expert Comment

by:Capt_Gagster
ID: 10842472
Ok, so I've just read this entire thread, as frustrating as it was.

This will NOT help you unless you know the password for the drive you are working on.  This is useful for things like Xbox hard drives where you can actually get the password.