HDD Password any good?

[victord1]

Hello.

My hd failed (strangely SMART did not report anything in advance) and I just bought a new Samsung 40gb 5400 rpm 8meg buffer drive that brought new life to my 600X (for $80, a worthwile investment). However, I am curious about the HDD Bios protection password. Does anyone know how it works and if it is compatible with non-ibm supplied drive? I enabled it, but want to know if it is actually an affective defense? Are there any docs about it? If the drive is taken out of the thinkpad, can it be usable or can the data be accessible? I would appreciate any information about the topic.

If that password is useless, what encryption tools do you guys use on your notebook to protect your sensitive information from being used in the unfortunate even the notebook is stolen?

Another question: do you guys know where I can find a utility to put my name and address as ownership info into the bios boot up screen?

Also, my battery now only goes to 19% and refuses to recharge. I am thinking of buying a new one (though I don't really use battery all that often). Are there any recommendations for batteries that work best with 600X? has any batter manufacturer on the market fixed the issues with cells not being recharged properly? Any good retailers that you guys could recommend that sell good ibm or other brand batteries for 600x at a reasonable price would help out too.

Thanks for any information.
Victor

[egibbs]

If it's an ATA spec drive it will implement the ATA password protocol, and the answer is It's "pretty good."

There are no simple cheats - no jumper to pull, no piece of dodgy software that will render it readable. The data can be accessed, but only by someone with special equipment and techniques. A data recovery company could do it - a thief could not. Nor could you if you forget the password - you would be looking at a hefty bill to have the data recovered.

If you want to read up on the spec here is a link - http://www.seagate.com/support/disc/man ... 153r17.pdf

Note that the spec does not define where the password will be stored. Some drives store it in a chip, other store it on the platters. IMHO it is more secure to store it on the platters because it will remain even if the drive electronics are switched out. But most vendors choose to store it in a chip. I'm not sure if the electronics are in any way locked to a specific set of platter, or if simply switching out the electronics for a set with a blank password will unlock a locked drive.

If you are really concerned about your data falling into the wrong hands you should use encryption. I'm not that concerned so I can't make a personal recommendation.

On the newer machines with the TCPA chip and fingerprint reader there is IBM software that works with the hardware. On a 600 I think you may find the performance hit from a software based solution to be quite heavy. I'd recommend against trying to encrypt the entire dirve - make a folder for only sensitive info and just encrypt that. But then you need to be aware that the swap file and other caching areas may preserve clear-text versions of sensitive documents if you are not very careful.

Ed Gibbs

[whizkid]

You can customize the screen that asks for a password. Strangely, IBM puts it in the power management category, but it's called Personlization Editor. It only runs in Windows, and is here:

http://www-307.ibm.com/pc/support/site. ... MIGR-44008

You can have the password set but stealthy... by leaving the power on password blank. The drive will be readable until someone tries to enter the BIOS. The hard drive would then not work in another machine.

Set your power on password to have your text displayed when asking for the password. You can even set a little 16-color image in the background.

Give people the option to be nice, I say. You might look at yellowtag.com or something similar too.

IBM still has some 600-series batteries on clearance. They work best, of course.