[Bug 14862] Re: Freezing all security settings on ATA hard disks
Jani Uusitalo
jani at mummila.net
Sun Sep 25 19:43:39 UTC 2011
According to my understanding and based on what Jonas wrote above and
also [1], doing the freeze post-BIOS would be useless securitywise; it's
not even a workaround, as any malicious software then just inserts
itself into the MBR. This really needs to be fixed at the BIOS level to
be effective at all.
[1] http://www.coreboot.org/pipermail/coreboot/2005-May/011688.html
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to hdparm in Ubuntu.
https://bugs.launchpad.net/bugs/14862
Title:
Freezing all security settings on ATA hard disks
Status in “hdparm” package in Ubuntu:
Confirmed
Bug description:
Nearly all modern ATA hard disks can be locked with a password. Usually the BIOS
should freeze all security settings on these hard disks to prevent changing. But
many BIOSes don't do that. Then, if you haven't set a password, it is possible
to change the password and lock the disk. This can also happen without user
interaction by viruses and worms. On Linux you need root rights, so the problem
is not as big as on other systems.
There is a patch available for hdparm which adds an option to freeze all
security settings on a hard disk (see
http://www.heise.de/ct/ftp/projekte/atasecurity/files/hdparm-5.9-ct.zip). For
more information and workarounds for Windows and Mac OS X see
http://www.heise.de/ct/english/05/08/172/
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/hdparm/+bug/14862/+subscriptions
More information about the foundations-bugs
mailing list