Notices

Overclockers Forums > Software > Microsoft Operating Systems
Microsoft Operating Systems Microsoft Operating Systems and Applications
Forum Jump

Hard Drive Protection w/o Encryption

Post Reply New Thread Subscribe Search this Thread
 
 
Thread Tools
Old 06-18-10, 10:47 AM Thread Starter   #1
RhoXS
Member



Join Date: Nov 2001

10 Year Badge
 
Hard Drive Protection w/o Encryption


My goal is to protect access to my harddrive if my computer is stolen from my home. I use an Intel SSD soley for the speed boost it provides so I do not want to encrypt it and slow it down. I also use a secondary conventional HD for storing large amounts of data. Is there a method for making these drives unreadable if used in another computer or preventing them from being readable in my computer unless a password is used when starting it? Ideally this might be done via the hard drives firmware but I doubt this feature exists.

__________________
Asus P8P67 Pro Rev 3.1
Intel i7 2600K
Samsung 840 256GB SSD
WD 750 GB Caviar Black
8 GB Corsair Vengeance DDR3 1600 8-8-8-24
EVGA 9800GTX Graphics
Corsair H50
Corsair HX850W Power Supply
Corsair 600T Case
W7 Professional 64 bit
RhoXS is offline   QUOTE Thanks
Old 06-18-10, 10:49 AM   #2
thideras
Destroyer of Empires and User Accounts, El Huginator
Premium Member #3
First Responders

 
thideras's Avatar 

Join Date: May 2006
Location: South Dakota

 
I believe encryption is the only method. I don't think you will see that much of a performance decrease, though. I didn't even notice when I encrypted my laptop's FC13 install (5400 rpm mechanical disk). Try it and find out how much of a difference it is.

__________________
Desktop: Gigabyte Z77X-UD5H | 3570k | 32 GB | GTX 770 Classified | 1 TB Samsung Evo & 2 TB HDD | Windows 3.1 | 4x 2560x1400 Monitors
VM Server 1: Dell R710 | 2x L5630 | 96 GB RAM | 8x 300 GB Savvio | IBM M1015 | 34 TB Raw disk | XenServer
VM Server 2: Dell R710 | 2x L5630 | 96 GB RAM |
8x 300 GB Savvio | XenServer
Router: Dell R410 | E5620 | 32 GB RAM | 3x 300 GB | pfsense
"That's not overkill, or a lot. That's just thiderastic." -txus.palacios
"Clouds are silent, cold, and wet. Servers are none of these things." -Bobnova

Current project: Rackmount Overkill (New) | Little Overkill (New)
Articles: Rack Mounting 101 | Dell Perc 5/i Throughput Benchmarks
My Website


Want to talk directly to all the moderators at once? Call the Mod Hotline!
thideras is offline Author Profile Benching Profile Heatware Profile   QUOTE Thanks
Old 06-18-10, 11:52 AM   #3
Bobnova
Senior Member



 
Bobnova's Avatar 

Join Date: May 2009
Location: Humboldt

 
Encryption is the only way.
All other methods lock it via software, which is easily avoided by slapping it in a linux box.

__________________
"Two things are infinite: the universe and human stupidity; and I'm not sure about the the universe." -- Einstein (maybe)

Thinking about an Asus motherboard? Think again.

How to check your PSU with a multimeter.

17bXw5t51rEBXGavJFMJsC8g7HQgThUGc7
Bobnova is offline Author Profile Benching Profile Folding Profile Heatware Profile Rosetta Profile   QUOTE Thanks
Old 06-18-10, 05:32 PM   #4
DaveHCYJ
Senior Member

 
DaveHCYJ's Avatar 

Join Date: Jun 2003
Location: San Diego

 
Like the others said the only way to prevent someone from reading a file if they have physical access to the drive is to encrypt it.

However you can certainly try to mitigate the performance hit as much as possible. Rather than doing entire drive encryption you could just encrypt critical files. There isn't much of a reason to have all your OS files, or movies/mp3's encrypted.
DaveHCYJ is offline   QUOTE Thanks
Old 06-18-10, 05:35 PM   #5
thideras
Destroyer of Empires and User Accounts, El Huginator
Premium Member #3
First Responders

 
thideras's Avatar 

Join Date: May 2006
Location: South Dakota

 
Quote:
Originally Posted by DaveHCYJ View Post
There isn't much of a reason to have all your OS files, or movies/mp3's encrypted.
I don't want someone modifying the files on my laptop. All they'd have to do is yank the entire drive and add a file/script to the system to add a backdoor. There really isn't an issue with encrypting the whole drive. During setup, it is one checkbox and two password boxes. On startup, it asks for the password. I don't see how that is any more difficult than doing individual files/folders. I actually think it would be more annoying doing it separately.

__________________
Desktop: Gigabyte Z77X-UD5H | 3570k | 32 GB | GTX 770 Classified | 1 TB Samsung Evo & 2 TB HDD | Windows 3.1 | 4x 2560x1400 Monitors
VM Server 1: Dell R710 | 2x L5630 | 96 GB RAM | 8x 300 GB Savvio | IBM M1015 | 34 TB Raw disk | XenServer
VM Server 2: Dell R710 | 2x L5630 | 96 GB RAM |
8x 300 GB Savvio | XenServer
Router: Dell R410 | E5620 | 32 GB RAM | 3x 300 GB | pfsense
"That's not overkill, or a lot. That's just thiderastic." -txus.palacios
"Clouds are silent, cold, and wet. Servers are none of these things." -Bobnova

Current project: Rackmount Overkill (New) | Little Overkill (New)
Articles: Rack Mounting 101 | Dell Perc 5/i Throughput Benchmarks
My Website


Want to talk directly to all the moderators at once? Call the Mod Hotline!
thideras is offline Author Profile Benching Profile Heatware Profile   QUOTE Thanks
Old 06-23-10, 07:44 PM   #6
amdking
Member



Join Date: May 2002

10 Year Badge
 
IF this drive is in a laptop and it supports security features, you can password protect the HDD. Its not a form of encryption, it asks for your PW on boot, if its incorrect the drive is in a security frozen lock state until the correct password is entered to the drive itself. So, therefore noone can just take it to another PC and take files off it =) Its in the secure frozen state, the only way to unfreeze it is with correct password or performing the HDD's security wipe procedure which basically zero's the entire drive and then unlocks it =)

__________________
Lian Li Black Mid Tower
PCP&C 500watt Silencer
Core i3 550 @ 4.4ghz 1.28vcore
4GB DDR3 1600 @ 1800mhz 8-9-8-24
Asrock PM55-Pro mATX mobo
Scythe Mugen 2
HD 6950 @ default clocks
Razer Barracuda AC-1 sound card.
Pioneer 115D DVDRW
amdking is offline   QUOTE Thanks
Old 06-23-10, 07:47 PM   #7
thideras
Destroyer of Empires and User Accounts, El Huginator
Premium Member #3
First Responders

 
thideras's Avatar 

Join Date: May 2006
Location: South Dakota

 
Quote:
Originally Posted by amdking View Post
IF this drive is in a laptop and it supports security features, you can password protect the HDD. Its not a form of encryption, it asks for your PW on boot, if its incorrect the drive is in a security frozen lock state until the correct password is entered to the drive itself. So, therefore noone can just take it to another PC and take files off it =) Its in the secure frozen state, the only way to unfreeze it is with correct password or performing the HDD's security wipe procedure which basically zero's the entire drive and then unlocks it =)
You could just swap the logic board on the hard drive. Wouldn't be difficult at all. It would deter someone from taking the data, but no where near impossible.

__________________
Desktop: Gigabyte Z77X-UD5H | 3570k | 32 GB | GTX 770 Classified | 1 TB Samsung Evo & 2 TB HDD | Windows 3.1 | 4x 2560x1400 Monitors
VM Server 1: Dell R710 | 2x L5630 | 96 GB RAM | 8x 300 GB Savvio | IBM M1015 | 34 TB Raw disk | XenServer
VM Server 2: Dell R710 | 2x L5630 | 96 GB RAM |
8x 300 GB Savvio | XenServer
Router: Dell R410 | E5620 | 32 GB RAM | 3x 300 GB | pfsense
"That's not overkill, or a lot. That's just thiderastic." -txus.palacios
"Clouds are silent, cold, and wet. Servers are none of these things." -Bobnova

Current project: Rackmount Overkill (New) | Little Overkill (New)
Articles: Rack Mounting 101 | Dell Perc 5/i Throughput Benchmarks
My Website


Want to talk directly to all the moderators at once? Call the Mod Hotline!
thideras is offline Author Profile Benching Profile Heatware Profile   QUOTE Thanks
Old 06-23-10, 07:53 PM   #8
amdking
Member



Join Date: May 2002

10 Year Badge
 
That doesnt really work on todays hdd's that well. Because even the same board has media specific entries in its firmware/nvram that is "learned" over the coarse of time from use with the HDD. I am not talking about SMART either.

This use to work on drives back in the 20GB days when there really werent media specific attributes located in the devices firmware or nvram.

This is one of the reasons why data recovery on todays drives where the controller board has failed is really difficult unless you have a device like the PC3000 =) where it can transfer firmware /nvram media specific stuff to a new board.

__________________
Lian Li Black Mid Tower
PCP&C 500watt Silencer
Core i3 550 @ 4.4ghz 1.28vcore
4GB DDR3 1600 @ 1800mhz 8-9-8-24
Asrock PM55-Pro mATX mobo
Scythe Mugen 2
HD 6950 @ default clocks
Razer Barracuda AC-1 sound card.
Pioneer 115D DVDRW
amdking is offline   QUOTE Thanks
Old 06-23-10, 08:31 PM   #9
thideras
Destroyer of Empires and User Accounts, El Huginator
Premium Member #3
First Responders

 
thideras's Avatar 

Join Date: May 2006
Location: South Dakota

 
I swapped logic boards on 1tb WD Greens very recently and it worked fine. The board was toasted and I had to make sure that the drive still worked. It works.

__________________
Desktop: Gigabyte Z77X-UD5H | 3570k | 32 GB | GTX 770 Classified | 1 TB Samsung Evo & 2 TB HDD | Windows 3.1 | 4x 2560x1400 Monitors
VM Server 1: Dell R710 | 2x L5630 | 96 GB RAM | 8x 300 GB Savvio | IBM M1015 | 34 TB Raw disk | XenServer
VM Server 2: Dell R710 | 2x L5630 | 96 GB RAM |
8x 300 GB Savvio | XenServer
Router: Dell R410 | E5620 | 32 GB RAM | 3x 300 GB | pfsense
"That's not overkill, or a lot. That's just thiderastic." -txus.palacios
"Clouds are silent, cold, and wet. Servers are none of these things." -Bobnova

Current project: Rackmount Overkill (New) | Little Overkill (New)
Articles: Rack Mounting 101 | Dell Perc 5/i Throughput Benchmarks
My Website


Want to talk directly to all the moderators at once? Call the Mod Hotline!
thideras is offline Author Profile Benching Profile Heatware Profile   QUOTE Thanks
Old 06-24-10, 10:36 AM   #10
DaveHCYJ
Senior Member

 
DaveHCYJ's Avatar 

Join Date: Jun 2003
Location: San Diego

 
Quote:
Originally Posted by thideras View Post
I don't want someone modifying the files on my laptop. All they'd have to do is yank the entire drive and add a file/script to the system to add a backdoor. There really isn't an issue with encrypting the whole drive. During setup, it is one checkbox and two password boxes. On startup, it asks for the password. I don't see how that is any more difficult than doing individual files/folders. I actually think it would be more annoying doing it separately.
I got the impression the OP was more concerned about minimizing the performance hit while still getting security. You're right, encrypting the whole drive would be far less annoying, but you take a performance hit.

It also didn't seem like he was worried about someone stealing his laptop and then kindly unstealing it after installing a backdoor
DaveHCYJ is offline   QUOTE Thanks
Old 06-24-10, 10:49 AM   #11
amdking
Member



Join Date: May 2002

10 Year Badge
 
Well you were lucky thideras =) were the drives really old or no? Cuz if new I guess there wasnt that much learned about the specific media.

__________________
Lian Li Black Mid Tower
PCP&C 500watt Silencer
Core i3 550 @ 4.4ghz 1.28vcore
4GB DDR3 1600 @ 1800mhz 8-9-8-24
Asrock PM55-Pro mATX mobo
Scythe Mugen 2
HD 6950 @ default clocks
Razer Barracuda AC-1 sound card.
Pioneer 115D DVDRW
amdking is offline   QUOTE Thanks
Old 06-24-10, 10:57 AM   #12
thideras
Destroyer of Empires and User Accounts, El Huginator
Premium Member #3
First Responders

 
thideras's Avatar 

Join Date: May 2006
Location: South Dakota

 
Quote:
Originally Posted by amdking View Post
Well you were lucky thideras =) were the drives really old or no? Cuz if new I guess there wasnt that much learned about the specific media.
1tb drives are quite new...

__________________
Desktop: Gigabyte Z77X-UD5H | 3570k | 32 GB | GTX 770 Classified | 1 TB Samsung Evo & 2 TB HDD | Windows 3.1 | 4x 2560x1400 Monitors
VM Server 1: Dell R710 | 2x L5630 | 96 GB RAM | 8x 300 GB Savvio | IBM M1015 | 34 TB Raw disk | XenServer
VM Server 2: Dell R710 | 2x L5630 | 96 GB RAM |
8x 300 GB Savvio | XenServer
Router: Dell R410 | E5620 | 32 GB RAM | 3x 300 GB | pfsense
"That's not overkill, or a lot. That's just thiderastic." -txus.palacios
"Clouds are silent, cold, and wet. Servers are none of these things." -Bobnova

Current project: Rackmount Overkill (New) | Little Overkill (New)
Articles: Rack Mounting 101 | Dell Perc 5/i Throughput Benchmarks
My Website


Want to talk directly to all the moderators at once? Call the Mod Hotline!
thideras is offline Author Profile Benching Profile Heatware Profile   QUOTE Thanks
Old 06-24-10, 12:35 PM   #13
hansen
Member



Join Date: Oct 2007

 
The password information is stored on the platter, so ...
hansen is offline   QUOTE Thanks
Old 06-24-10, 12:39 PM   #14
thideras
Destroyer of Empires and User Accounts, El Huginator
Premium Member #3
First Responders

 
thideras's Avatar 

Join Date: May 2006
Location: South Dakota

 
Quote:
Originally Posted by hansen View Post
The password information is stored on the platter, so ...
I haven't done a lot of research on this, are you sure? That just seems insecure to me .__.

__________________
Desktop: Gigabyte Z77X-UD5H | 3570k | 32 GB | GTX 770 Classified | 1 TB Samsung Evo & 2 TB HDD | Windows 3.1 | 4x 2560x1400 Monitors
VM Server 1: Dell R710 | 2x L5630 | 96 GB RAM | 8x 300 GB Savvio | IBM M1015 | 34 TB Raw disk | XenServer
VM Server 2: Dell R710 | 2x L5630 | 96 GB RAM |
8x 300 GB Savvio | XenServer
Router: Dell R410 | E5620 | 32 GB RAM | 3x 300 GB | pfsense
"That's not overkill, or a lot. That's just thiderastic." -txus.palacios
"Clouds are silent, cold, and wet. Servers are none of these things." -Bobnova

Current project: Rackmount Overkill (New) | Little Overkill (New)
Articles: Rack Mounting 101 | Dell Perc 5/i Throughput Benchmarks
My Website


Want to talk directly to all the moderators at once? Call the Mod Hotline!
thideras is offline Author Profile Benching Profile Heatware Profile   QUOTE Thanks
Old 06-24-10, 01:10 PM   #15
hansen
Member



Join Date: Oct 2007

 
Well, it is secure enough so it wont be erased by chaning the board.

It is stored in an area that is only addressable by the firmware. So you cannot get to it and erase it yourself.
hansen is offline   QUOTE Thanks
Old 06-24-10, 01:14 PM   #16
amdking
Member



Join Date: May 2002

10 Year Badge
 
Yes I believe its stored in the service area of the platter which is not accessible except if taken apart in a clean room.

__________________
Lian Li Black Mid Tower
PCP&C 500watt Silencer
Core i3 550 @ 4.4ghz 1.28vcore
4GB DDR3 1600 @ 1800mhz 8-9-8-24
Asrock PM55-Pro mATX mobo
Scythe Mugen 2
HD 6950 @ default clocks
Razer Barracuda AC-1 sound card.
Pioneer 115D DVDRW
amdking is offline   QUOTE Thanks

Post Reply New Thread Subscribe


Overclockers Forums > Software > Microsoft Operating Systems
Microsoft Operating Systems Microsoft Operating Systems and Applications
Forum Jump

Thread Tools Search this Thread
Search this Thread:

Advanced Search


Mobile Skin
All times are GMT -5. The time now is 06:29 PM.
Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.
You can add these icons by updating your profile information to include your Heatware ID, Benching Profile ID or your Folding/SETI profile ID. Edit your profile!
X

Welcome to Overclockers.com

Create your username to jump into the discussion!

New members like you have made this the best community on the Internet since 1998!


(4 digit year)

Why Join Us?

  • Share experience
  • Max out your hardware
  • Best forum members anywhere
  • Customized forum experience

Already a member?