Subject: Re: CVS commit: src/sbin/atactl
To: Takahiro Kambe <taca@back-street.net>
From: Matthias Drochner <M.Drochner@fz-juelich.de>
List: source-changes
Date: 04/13/2005 21:16:21
taca@back-street.net said:
> Do you have any plan to support the SECURITY ERASE UNIT command
> support?
Would't be hard to add, but I don't have that much time atm.
> It is dangerous but very useful for destroy contents of the
> disk.
Would be nice to be able to delete a disk completely with just
one command. As I understand the spec, it is not that easy
however:
- It cannot be done with security frozen. Modern BIOSes
leave the disks in frozen state. One might find a workaround,
eg hot-plug or an IDE RAID controller, but then it is
not convenient anymore.
- One needs to set a password before to get the disk into the
"security enabled" state. I might be able to set this in the
BIOS, and perhaps the BIOS will even leave the disk un-frozen
if I don't enter the right password on boot. What I don't
know is whether the BIOS passes the password as-is to the disk.
My laptop allows for 8 character passwords, while the ATA
spec has room for 32 bytes. There might be some translation,
hashing, secrets...
(no, I'm not going to try it out:-)
best regards
Matthias