[Bug 14862] Re: Freezing all security settings on ATA hard disks

Jani Uusitalo jani at mummila.net
Sun Sep 25 19:43:39 UTC 2011


According to my understanding and based on what Jonas wrote above and
also [1], doing the freeze post-BIOS would be useless securitywise; it's
not even a workaround, as any malicious software then just inserts
itself into the MBR. This really needs to be fixed at the BIOS level to
be effective at all.

[1] http://www.coreboot.org/pipermail/coreboot/2005-May/011688.html

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to hdparm in Ubuntu.
https://bugs.launchpad.net/bugs/14862

Title:
  Freezing all security settings on ATA hard disks

Status in “hdparm” package in Ubuntu:
  Confirmed

Bug description:
  Nearly all modern ATA hard disks can be locked with a password. Usually the BIOS
  should freeze all security settings on these hard disks to prevent changing. But
  many BIOSes don't do that. Then, if you haven't set a password, it is possible
  to change the password and lock the disk. This can also happen without user
  interaction by viruses and worms. On Linux you need root rights, so the problem
  is not as big as on other systems.

  There is a patch available for hdparm which adds an option to freeze all
  security settings on a hard disk (see
  http://www.heise.de/ct/ftp/projekte/atasecurity/files/hdparm-5.9-ct.zip). For
  more information and workarounds for Windows and Mac OS X see
  http://www.heise.de/ct/english/05/08/172/

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/hdparm/+bug/14862/+subscriptions




More information about the foundations-bugs mailing list