• Welcome to Overclockers Forums! Join us to reply in threads, receive reduced ads, and to customize your site experience!

Hard Drive Protection w/o Encryption

Overclockers is supported by our readers. When you click a link to make a purchase, we may earn a commission. Learn More.

Barryng

Member
Joined
Nov 16, 2001
My goal is to protect access to my harddrive if my computer is stolen from my home. I use an Intel SSD soley for the speed boost it provides so I do not want to encrypt it and slow it down. I also use a secondary conventional HD for storing large amounts of data. Is there a method for making these drives unreadable if used in another computer or preventing them from being readable in my computer unless a password is used when starting it? Ideally this might be done via the hard drives firmware but I doubt this feature exists.
 
I believe encryption is the only method. I don't think you will see that much of a performance decrease, though. I didn't even notice when I encrypted my laptop's FC13 install (5400 rpm mechanical disk). Try it and find out how much of a difference it is.
 
Encryption is the only way.
All other methods lock it via software, which is easily avoided by slapping it in a linux box.
 
Like the others said the only way to prevent someone from reading a file if they have physical access to the drive is to encrypt it.

However you can certainly try to mitigate the performance hit as much as possible. Rather than doing entire drive encryption you could just encrypt critical files. There isn't much of a reason to have all your OS files, or movies/mp3's encrypted.
 
There isn't much of a reason to have all your OS files, or movies/mp3's encrypted.
I don't want someone modifying the files on my laptop. All they'd have to do is yank the entire drive and add a file/script to the system to add a backdoor. There really isn't an issue with encrypting the whole drive. During setup, it is one checkbox and two password boxes. On startup, it asks for the password. I don't see how that is any more difficult than doing individual files/folders. I actually think it would be more annoying doing it separately.
 
IF this drive is in a laptop and it supports security features, you can password protect the HDD. Its not a form of encryption, it asks for your PW on boot, if its incorrect the drive is in a security frozen lock state until the correct password is entered to the drive itself. So, therefore noone can just take it to another PC and take files off it =) Its in the secure frozen state, the only way to unfreeze it is with correct password or performing the HDD's security wipe procedure which basically zero's the entire drive and then unlocks it =)
 
IF this drive is in a laptop and it supports security features, you can password protect the HDD. Its not a form of encryption, it asks for your PW on boot, if its incorrect the drive is in a security frozen lock state until the correct password is entered to the drive itself. So, therefore noone can just take it to another PC and take files off it =) Its in the secure frozen state, the only way to unfreeze it is with correct password or performing the HDD's security wipe procedure which basically zero's the entire drive and then unlocks it =)

You could just swap the logic board on the hard drive. Wouldn't be difficult at all. It would deter someone from taking the data, but no where near impossible.
 
That doesnt really work on todays hdd's that well. Because even the same board has media specific entries in its firmware/nvram that is "learned" over the coarse of time from use with the HDD. I am not talking about SMART either.

This use to work on drives back in the 20GB days when there really werent media specific attributes located in the devices firmware or nvram.

This is one of the reasons why data recovery on todays drives where the controller board has failed is really difficult unless you have a device like the PC3000 =) where it can transfer firmware /nvram media specific stuff to a new board.
 
I swapped logic boards on 1tb WD Greens very recently and it worked fine. The board was toasted and I had to make sure that the drive still worked. It works.:shrug:
 
I don't want someone modifying the files on my laptop. All they'd have to do is yank the entire drive and add a file/script to the system to add a backdoor. There really isn't an issue with encrypting the whole drive. During setup, it is one checkbox and two password boxes. On startup, it asks for the password. I don't see how that is any more difficult than doing individual files/folders. I actually think it would be more annoying doing it separately.

I got the impression the OP was more concerned about minimizing the performance hit while still getting security. You're right, encrypting the whole drive would be far less annoying, but you take a performance hit.

It also didn't seem like he was worried about someone stealing his laptop and then kindly unstealing it after installing a backdoor :D
 
Well you were lucky thideras =) were the drives really old or no? Cuz if new I guess there wasnt that much learned about the specific media.
 
Well, it is secure enough so it wont be erased by chaning the board.

It is stored in an area that is only addressable by the firmware. So you cannot get to it and erase it yourself.
 
Yes I believe its stored in the service area of the platter which is not accessible except if taken apart in a clean room.
 
Back