Date: Sun, 03 Apr 2005 17:15:32 +0200 From: =?ISO-8859-1?Q?S=F8ren_Schmidt?= <sos@DeepCore.dk> To: ALeine <aleine@austrosearch.net> Cc: freebsd-hackers@FreeBSD.ORG Subject: Re: ATA security commands, bug in atacontrol Message-ID: <42500894.1050400@DeepCore.dk> In-Reply-To: <200504031452.j33EqbMG078325@marlena.vvi.at> References: <200504031452.j33EqbMG078325@marlena.vvi.at>
next in thread | previous in thread | raw e-mail | index | archive | help
ALeine wrote: > Recent c't magazine article "At Your Disservice - How ATA security func= tions > jeopardize your data", which you can find at the URL below, warns about= the > dangers of ATA security commands. Specifically, a malicious attacker wi= th > sufficient access could render a disk useless to the legitimate owner o= f > the disk by setting the 32 byte user and master passwords using the ATA= > security command 0xf1. >=20 > http://www.heise.de/ct/english/05/08/172/ >=20 > To prevent such attacks in case of compromise one can issue the ATA sec= urity > freeze lock command 0xf5, which disables further ATA security commands = until > the next cold boot. Software for issuing the ATA security freeze lock c= ommand > has been made available at the URL below. >=20 > http://www.heise.de/ct/ftp/projekte/atasecurity/ >=20 > There is a patched version of the Linux hdparm utility there, but the c= 't > guys seem to have neglected the BSD world, they have not even mentioned= the > fact that OpenBSD's atactl(8) already supports this command as well as = all > the other ATA security commands, as can be seen at the URL below. >=20 > http://www.openbsd.org/cgi-bin/cvsweb/src/sbin/atactl/ >=20 > Currently FreeBSD's atacontrol(8) has no support for ATA security comma= nds, > so I would like to know if adding the ATA security features is a priori= ty > on the TODO list. I would like to see these features implemented and I = would > also be willing to port the code from OpenBSD if there are some more > experienced kernel developers who would be willing to review my code an= d > commit it? Let me know. Right, I did see that article but I've not settled on how if at all to=20 deal with it. The by far most secure method would be to have ATA issue=20 the freeze command ASAP in the probe/attach code, thats about one line=20 of code :) At any rate atacontrol is not the place to put it if we want this to up=20 security... --=20 -S=F8ren
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?42500894.1050400>