Results 1 to 16 of 16
  1. #1
    Member
    10 Year Badge
    Join Date
    Nov 2001

    Hard Drive Protection w/o Encryption

    My goal is to protect access to my harddrive if my computer is stolen from my home. I use an Intel SSD soley for the speed boost it provides so I do not want to encrypt it and slow it down. I also use a secondary conventional HD for storing large amounts of data. Is there a method for making these drives unreadable if used in another computer or preventing them from being readable in my computer unless a password is used when starting it? Ideally this might be done via the hard drives firmware but I doubt this feature exists.
    Asus P8P67 Pro Rev 3.1
    Intel i7 2600K
    Samsung 840 256GB SSD
    WD 750 GB Caviar Black
    8 GB Corsair Vengeance DDR3 1600 8-8-8-24
    EVGA 9800GTX Graphics
    Corsair H50
    Corsair HX850W Power Supply
    Corsair 600T Case
    W7 Professional 64 bit

  2. #2
    Destroyer of Empires and User Accounts, El Huginator
    Premium Member #3
    First Responders
    thideras's Avatar
    Join Date
    May 2006
    Location
    South Dakota
    Author Profile Benching Profile Heatware Profile
    I believe encryption is the only method. I don't think you will see that much of a performance decrease, though. I didn't even notice when I encrypted my laptop's FC13 install (5400 rpm mechanical disk). Try it and find out how much of a difference it is.
    Desktop: Gigabyte Z77X-UD5H | 3570k | 32 GB | GTX 770 Classified | 1 TB Samsung Evo & 2 TB HDD | Windows 3.1 | 4x 2560x1400 Monitors
    VM Server 1: Dell R710 | 2x L5630 | 96 GB RAM | 8x 300 GB Savvio | IBM M1015 | 34 TB Raw disk | XenServer
    VM Server 2: Dell R710 | 2x L5630 | 96 GB RAM |
    8x 300 GB Savvio | XenServer
    Router: Dell R410 | E5620 | 32 GB RAM | 3x 300 GB | pfsense
    "That's not overkill, or a lot. That's just thiderastic." -txus.palacios
    "Clouds are silent, cold, and wet. Servers are none of these things." -Bobnova

    Current projects: Rackmount Overkill (New) | Little Overkill (New)
    Articles: Rack Mounting 101 | Dell Perc 5/i Throughput Benchmarks
    My Website


    Want to talk directly to all the moderators at once? Call the Mod Hotline!

  3. #3
    Senior Member


    Bobnova's Avatar
    Join Date
    May 2009
    Author Profile Benching Profile Folding Profile Heatware Profile Rosetta Profile
    Encryption is the only way.
    All other methods lock it via software, which is easily avoided by slapping it in a linux box.
    "Two things are infinite: the universe and human stupidity; and I'm not sure about the the universe." -- Einstein (maybe)

    Thinking about an Asus motherboard? Think again.

    How to check your PSU with a multimeter.

    17bXw5t51rEBXGavJFMJsC8g7HQgThUGc7

  4. #4
    Senior Member
    DaveHCYJ's Avatar
    Join Date
    Jun 2003
    Location
    San Diego
    Like the others said the only way to prevent someone from reading a file if they have physical access to the drive is to encrypt it.

    However you can certainly try to mitigate the performance hit as much as possible. Rather than doing entire drive encryption you could just encrypt critical files. There isn't much of a reason to have all your OS files, or movies/mp3's encrypted.

  5. #5
    Destroyer of Empires and User Accounts, El Huginator
    Premium Member #3
    First Responders
    thideras's Avatar
    Join Date
    May 2006
    Location
    South Dakota
    Author Profile Benching Profile Heatware Profile
    Quote Originally Posted by DaveHCYJ View Post
    There isn't much of a reason to have all your OS files, or movies/mp3's encrypted.
    I don't want someone modifying the files on my laptop. All they'd have to do is yank the entire drive and add a file/script to the system to add a backdoor. There really isn't an issue with encrypting the whole drive. During setup, it is one checkbox and two password boxes. On startup, it asks for the password. I don't see how that is any more difficult than doing individual files/folders. I actually think it would be more annoying doing it separately.
    Desktop: Gigabyte Z77X-UD5H | 3570k | 32 GB | GTX 770 Classified | 1 TB Samsung Evo & 2 TB HDD | Windows 3.1 | 4x 2560x1400 Monitors
    VM Server 1: Dell R710 | 2x L5630 | 96 GB RAM | 8x 300 GB Savvio | IBM M1015 | 34 TB Raw disk | XenServer
    VM Server 2: Dell R710 | 2x L5630 | 96 GB RAM |
    8x 300 GB Savvio | XenServer
    Router: Dell R410 | E5620 | 32 GB RAM | 3x 300 GB | pfsense
    "That's not overkill, or a lot. That's just thiderastic." -txus.palacios
    "Clouds are silent, cold, and wet. Servers are none of these things." -Bobnova

    Current projects: Rackmount Overkill (New) | Little Overkill (New)
    Articles: Rack Mounting 101 | Dell Perc 5/i Throughput Benchmarks
    My Website


    Want to talk directly to all the moderators at once? Call the Mod Hotline!

  6. #6
    Member
    10 Year Badge
    Join Date
    May 2002
    IF this drive is in a laptop and it supports security features, you can password protect the HDD. Its not a form of encryption, it asks for your PW on boot, if its incorrect the drive is in a security frozen lock state until the correct password is entered to the drive itself. So, therefore noone can just take it to another PC and take files off it =) Its in the secure frozen state, the only way to unfreeze it is with correct password or performing the HDD's security wipe procedure which basically zero's the entire drive and then unlocks it =)
    Lian Li Black Mid Tower
    PCP&C 500watt Silencer
    Core i3 550 @ 4.4ghz 1.28vcore
    4GB DDR3 1600 @ 1800mhz 8-9-8-24
    Asrock PM55-Pro mATX mobo
    Scythe Mugen 2
    HD 6950 @ default clocks
    Razer Barracuda AC-1 sound card.
    Pioneer 115D DVDRW

  7. #7
    Destroyer of Empires and User Accounts, El Huginator
    Premium Member #3
    First Responders
    thideras's Avatar
    Join Date
    May 2006
    Location
    South Dakota
    Author Profile Benching Profile Heatware Profile
    Quote Originally Posted by amdking View Post
    IF this drive is in a laptop and it supports security features, you can password protect the HDD. Its not a form of encryption, it asks for your PW on boot, if its incorrect the drive is in a security frozen lock state until the correct password is entered to the drive itself. So, therefore noone can just take it to another PC and take files off it =) Its in the secure frozen state, the only way to unfreeze it is with correct password or performing the HDD's security wipe procedure which basically zero's the entire drive and then unlocks it =)
    You could just swap the logic board on the hard drive. Wouldn't be difficult at all. It would deter someone from taking the data, but no where near impossible.
    Desktop: Gigabyte Z77X-UD5H | 3570k | 32 GB | GTX 770 Classified | 1 TB Samsung Evo & 2 TB HDD | Windows 3.1 | 4x 2560x1400 Monitors
    VM Server 1: Dell R710 | 2x L5630 | 96 GB RAM | 8x 300 GB Savvio | IBM M1015 | 34 TB Raw disk | XenServer
    VM Server 2: Dell R710 | 2x L5630 | 96 GB RAM |
    8x 300 GB Savvio | XenServer
    Router: Dell R410 | E5620 | 32 GB RAM | 3x 300 GB | pfsense
    "That's not overkill, or a lot. That's just thiderastic." -txus.palacios
    "Clouds are silent, cold, and wet. Servers are none of these things." -Bobnova

    Current projects: Rackmount Overkill (New) | Little Overkill (New)
    Articles: Rack Mounting 101 | Dell Perc 5/i Throughput Benchmarks
    My Website


    Want to talk directly to all the moderators at once? Call the Mod Hotline!

  8. #8
    Member
    10 Year Badge
    Join Date
    May 2002
    That doesnt really work on todays hdd's that well. Because even the same board has media specific entries in its firmware/nvram that is "learned" over the coarse of time from use with the HDD. I am not talking about SMART either.

    This use to work on drives back in the 20GB days when there really werent media specific attributes located in the devices firmware or nvram.

    This is one of the reasons why data recovery on todays drives where the controller board has failed is really difficult unless you have a device like the PC3000 =) where it can transfer firmware /nvram media specific stuff to a new board.
    Lian Li Black Mid Tower
    PCP&C 500watt Silencer
    Core i3 550 @ 4.4ghz 1.28vcore
    4GB DDR3 1600 @ 1800mhz 8-9-8-24
    Asrock PM55-Pro mATX mobo
    Scythe Mugen 2
    HD 6950 @ default clocks
    Razer Barracuda AC-1 sound card.
    Pioneer 115D DVDRW

  9. #9
    Destroyer of Empires and User Accounts, El Huginator
    Premium Member #3
    First Responders
    thideras's Avatar
    Join Date
    May 2006
    Location
    South Dakota
    Author Profile Benching Profile Heatware Profile
    I swapped logic boards on 1tb WD Greens very recently and it worked fine. The board was toasted and I had to make sure that the drive still worked. It works.
    Desktop: Gigabyte Z77X-UD5H | 3570k | 32 GB | GTX 770 Classified | 1 TB Samsung Evo & 2 TB HDD | Windows 3.1 | 4x 2560x1400 Monitors
    VM Server 1: Dell R710 | 2x L5630 | 96 GB RAM | 8x 300 GB Savvio | IBM M1015 | 34 TB Raw disk | XenServer
    VM Server 2: Dell R710 | 2x L5630 | 96 GB RAM |
    8x 300 GB Savvio | XenServer
    Router: Dell R410 | E5620 | 32 GB RAM | 3x 300 GB | pfsense
    "That's not overkill, or a lot. That's just thiderastic." -txus.palacios
    "Clouds are silent, cold, and wet. Servers are none of these things." -Bobnova

    Current projects: Rackmount Overkill (New) | Little Overkill (New)
    Articles: Rack Mounting 101 | Dell Perc 5/i Throughput Benchmarks
    My Website


    Want to talk directly to all the moderators at once? Call the Mod Hotline!

  10. #10
    Senior Member
    DaveHCYJ's Avatar
    Join Date
    Jun 2003
    Location
    San Diego
    Quote Originally Posted by thideras View Post
    I don't want someone modifying the files on my laptop. All they'd have to do is yank the entire drive and add a file/script to the system to add a backdoor. There really isn't an issue with encrypting the whole drive. During setup, it is one checkbox and two password boxes. On startup, it asks for the password. I don't see how that is any more difficult than doing individual files/folders. I actually think it would be more annoying doing it separately.
    I got the impression the OP was more concerned about minimizing the performance hit while still getting security. You're right, encrypting the whole drive would be far less annoying, but you take a performance hit.

    It also didn't seem like he was worried about someone stealing his laptop and then kindly unstealing it after installing a backdoor

  11. #11
    Member
    10 Year Badge
    Join Date
    May 2002
    Well you were lucky thideras =) were the drives really old or no? Cuz if new I guess there wasnt that much learned about the specific media.
    Lian Li Black Mid Tower
    PCP&C 500watt Silencer
    Core i3 550 @ 4.4ghz 1.28vcore
    4GB DDR3 1600 @ 1800mhz 8-9-8-24
    Asrock PM55-Pro mATX mobo
    Scythe Mugen 2
    HD 6950 @ default clocks
    Razer Barracuda AC-1 sound card.
    Pioneer 115D DVDRW

  12. #12
    Destroyer of Empires and User Accounts, El Huginator
    Premium Member #3
    First Responders
    thideras's Avatar
    Join Date
    May 2006
    Location
    South Dakota
    Author Profile Benching Profile Heatware Profile
    Quote Originally Posted by amdking View Post
    Well you were lucky thideras =) were the drives really old or no? Cuz if new I guess there wasnt that much learned about the specific media.
    1tb drives are quite new...
    Desktop: Gigabyte Z77X-UD5H | 3570k | 32 GB | GTX 770 Classified | 1 TB Samsung Evo & 2 TB HDD | Windows 3.1 | 4x 2560x1400 Monitors
    VM Server 1: Dell R710 | 2x L5630 | 96 GB RAM | 8x 300 GB Savvio | IBM M1015 | 34 TB Raw disk | XenServer
    VM Server 2: Dell R710 | 2x L5630 | 96 GB RAM |
    8x 300 GB Savvio | XenServer
    Router: Dell R410 | E5620 | 32 GB RAM | 3x 300 GB | pfsense
    "That's not overkill, or a lot. That's just thiderastic." -txus.palacios
    "Clouds are silent, cold, and wet. Servers are none of these things." -Bobnova

    Current projects: Rackmount Overkill (New) | Little Overkill (New)
    Articles: Rack Mounting 101 | Dell Perc 5/i Throughput Benchmarks
    My Website


    Want to talk directly to all the moderators at once? Call the Mod Hotline!

  13. #13
    Member
    Join Date
    Oct 2007
    The password information is stored on the platter, so ...

  14. #14
    Destroyer of Empires and User Accounts, El Huginator
    Premium Member #3
    First Responders
    thideras's Avatar
    Join Date
    May 2006
    Location
    South Dakota
    Author Profile Benching Profile Heatware Profile
    Quote Originally Posted by hansen View Post
    The password information is stored on the platter, so ...
    I haven't done a lot of research on this, are you sure? That just seems insecure to me .__.
    Desktop: Gigabyte Z77X-UD5H | 3570k | 32 GB | GTX 770 Classified | 1 TB Samsung Evo & 2 TB HDD | Windows 3.1 | 4x 2560x1400 Monitors
    VM Server 1: Dell R710 | 2x L5630 | 96 GB RAM | 8x 300 GB Savvio | IBM M1015 | 34 TB Raw disk | XenServer
    VM Server 2: Dell R710 | 2x L5630 | 96 GB RAM |
    8x 300 GB Savvio | XenServer
    Router: Dell R410 | E5620 | 32 GB RAM | 3x 300 GB | pfsense
    "That's not overkill, or a lot. That's just thiderastic." -txus.palacios
    "Clouds are silent, cold, and wet. Servers are none of these things." -Bobnova

    Current projects: Rackmount Overkill (New) | Little Overkill (New)
    Articles: Rack Mounting 101 | Dell Perc 5/i Throughput Benchmarks
    My Website


    Want to talk directly to all the moderators at once? Call the Mod Hotline!

  15. #15
    Member
    Join Date
    Oct 2007
    Well, it is secure enough so it wont be erased by chaning the board.

    It is stored in an area that is only addressable by the firmware. So you cannot get to it and erase it yourself.

  16. #16
    Member
    10 Year Badge
    Join Date
    May 2002
    Yes I believe its stored in the service area of the platter which is not accessible except if taken apart in a clean room.
    Lian Li Black Mid Tower
    PCP&C 500watt Silencer
    Core i3 550 @ 4.4ghz 1.28vcore
    4GB DDR3 1600 @ 1800mhz 8-9-8-24
    Asrock PM55-Pro mATX mobo
    Scythe Mugen 2
    HD 6950 @ default clocks
    Razer Barracuda AC-1 sound card.
    Pioneer 115D DVDRW

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •