Technocrat

Use DriveLock, get humiliated

Beryllium Sphere(r)
Fri Mar 09 19:15:52 -0800 2007
Security.
manage

A man used Compaq's DriveLock to protect his homemade porn, only to have the FBI retrieve it when he was arrested on an unrelated charge.

Michael Alan Crooker sued Circuit City, Compaq, and Microsoft for selling defective security software when the FBI forensics lab uncovered his porn preferences following his arrest for selling a rifle with a silencer. Circuit City for telling him the software would work, Compaq for leaving a hole, Microsoft for not erasing IE's browsing history securely when he configured it to discard history/cache/whatnot.

Summary of the Crooker/DriveLock case for nontechnical people at my blog.

Not sure why this hit the news just now, unless it's because Circuit City and Compaq settled. Covered almost a year ago on Bruce Schneier's blog.

Accurate information is, as usual, not forthcoming. It looks like Compaq is using the ATA command to lock a disk with a password, which stores the password in a controller register or in the hidden system maintenance cylinder, depending on who you listen to. There's a limit of 5 password attempts per power cycle, and apparently no way to read the password. According to HP, There is no "back-door" that can be used without the correct password and unauthorised individuals will find the data on your hard drive impossible to access. See also Compaq's white paper about DriveLock.

The DriveLock software allows you to set a master password that will unlock the disk if someone forgets the user password. This may or may not be the same as the master password in the ATA spec.

The "information" from the press leaves all these possibilities open:

  • He left the master password at its default
  • The FBI used the ATA master password, which they could ask the drive manufacturer for, assuming it's one that hasn't leaked out already.
  • The FBI cracked the case and copied the drive in a cleanroom. The ATA password doesn't encrypt the disk, it just tells the controller to refuse to talk to anyone.
  • The FBI moved the drive to a new controller card. I thought that threw off calibration data, but some sources say it works, which implies that the password lives on the controller card.
  • Compaq left a back door and is still lying about it.

What I find disturbing

wowbagger
Fri Mar 09 19:45:35 -0800 2007
 manage
What I find disturbing is that the man, who was charged with a firearms violation (i.e. NOT a computer violation) had his computer seized and scanned.

Which raises the question in my mind "Under what legal logic did the FBI seize his computer?" Were they looking for records of his transactions? If he had kept his transactions on paper, in a filing cabinet, with his other papers (tax records, receipts, warranties, old love letters) could they have taken the whole filing cabinet?

In short, what ever happened to "secure in their person and papers"?

What I find disturbing
the womble
Sat Mar 10 02:27:48 -0800 2007
 manage

I expect this to happen more and more in many countries.

Anyone who is suspected of a crime will have substantial amounts of their property seized. Computers, CDs, digital camera's, any equipment that could be used to store information. With embedded computers everywhere this could end up meaning a lot of stuff.

Read what happened to someone arrested in London for just looking suspicious
What I find disturbing
Bhima
Sat Mar 10 07:02:08 -0800 2007
 manage
Have you ever witnessed a search warrant being executed?

When I was a teenager I saw the aftermath of a DEA search & seizure in a house of an accused LSD trafficker in Atlanta GA.  If memory serves the damage was around 20~30% of the value of the house.  Sheet rock was ripped from the walls, carpet removed, major appliances disassembled, and all electrical fixtures removed.

More recently I saw photos of damage made during the search & seizure of the home security equipment belonging to  the man who recorded an incident with the police on his front porch, when they came to speak with him about his son.  All of the sensors had been ripped out & off and the wiring simply cut.

Then there is the incident of the gun collector whose estranged wife made unfounded accusations against him... he still doesn't have the entire collect returned and many of the pieces that were returned were returned damaged.

Finally I watched the unfortunate search of a co-worker's house for child porn.  This, from a detached perspective, was forceful lesson on how much the government, at least  enforcement, is not your ally.  There is a vindicative quality about the way they go about things... a cultivated indifference to the damage they do.  There is also this backhanded reveling in the lack of their knowledge... the idea that because they do not know about computers everything that may have circuitry or wiring inside is seized.  The large screen television was seized (and then broken) but backup tapes were not.  The VCR was seized along with all the VCR tapes but the CD & audio tape collection was ignored.  The safe was seized & drilled despite the combination being written down and tapped to it.


I read about this particular incident last year or so when Bruce wrote about it.  He was right then and he's still right.... these people are the sorts of people that you are not likely to be sympathetic with but this doesn't matter.  In order for anyone's rights to be upheld and respected everyones rights must be respected.

As a side note...given how hard good crypto is to achieve anyone buying into this sort of thing is bound to be disappointed.

A final observation:  Many folks in the tin hat crowd has made suggestions that inside the government there was some sort of decision making process which sounds like this:  "Do we want to prosecute this so much that we a willing to disclose our ability to overcome the cryptology used" I think this case highlights the flaw in this line of thinking.

It wasn't crypto, though

Beryllium Sphere(r)
Sat Mar 10 18:44:06 -0800 2007
 manage
One of the important points here was actually that if you don't have crypto, you can't count on anything. The ATA security lock simply means the controller won't talk to the host until it gets the right password. If he'd encrypted his disk, instead of "lock"ing it, he would have had a different set of problems (look at the support boards for full disk encryption products, scary).
What I find disturbing
pyro9
Sun Mar 11 11:14:39 -0700 2007
 manage
This sort of thing won't go away untill law enforcement is required to make full restitution for any damage in all cases. It would be wise to require that even if the evidence leads to a conviction, otherwise they will have way too much incentive to plant evidence in every search just to avoid paying.

A few years ago here in Atlanta there were a few cases that appear to be people 'punishing' neighbors they didn't like by phoning in false drug tips anonymously knowing that the 'red dog' squad would be sure to destroy their home as a result. Since anonymety was assured, there could be no negative consequences for these very bad neighbors.

Until we as a society really consider the consequences of being accused of a crime and take steps to restore the innocent, we are just deluding ourselves when we presume that innocent people have nothing to worry about. It's far to easy for an innocent person to find themselves practically homeless, jobless, and saddled with huge legal bills just from the process of being accused and found innocent. Unfortunatly, the same protection will have to be extended to the guilty. Otherwise we'll start seeing a lot more wrongful prosecutions in an attempt to avoid paying a staggering bill for damages.

At the heart of this is a failure to presume innocence in the first place. While suspicion of guilt does require searches for evidence and in many cases, incarceration,  there is a duty to minimise the inherant harm of those actions unless/until the citizen is found guilty in a court of law.
Use DriveLock, get humiliated
krp
Sat Mar 10 06:43:58 -0800 2007
 manage
Honestly, you would be amazed at what is "requested" for on a search warrant and the warrant affidavit.

Law enforcement asks for, and generally it is rubber stamped, everything. House, outbuildings, vehicles (including relatives [kids, wife, etc.]).

What is utterly awful is the method of the search. Property is quite literally destroyed in the process and the house appears to be ransacked.

Law enforcement response? So sue us. That is no joke.

Lastly, this is not something new since 9/11. This has happened since at least prohibition and it isn't getting any better.

krp
Use DriveLock, get humiliated
Charles E Hill
Sun Mar 11 07:20:21 -0700 2007
 manage
You missed a possibility:

Drive manufacturers need to test the functionality while developing, therefore have controller firmware that doesn't fully implement the ATA spec.  This "developer" firmware does everything the full-spec firmware does, including read the password, generate the checksum, etc. but it doesn't lock the firmware if a password is found.  It just says "here I will lock the firmware until the ATA UNLOCK WITH PASSWORD command is sent".

I.E. - Debug firmware.

The FBI either has copies of this, along with a utility to either burn or replace the firmware on the drive; and/or has contacts with all major drive manufacturers and can get updates on short notice.

Understand Your Crypto

bill_mcgonigle
Sun Mar 11 19:24:40 -0700 2007
 manage
Moral: understand your security systems and have the source to check.
 

Do you have questions about the site? Write to bruce at perens.com . List of all articles we've ever published. Source Code Developer's Documentation RSS XML Sitemap XML News Sitemap Valid XHTML 1.0 Strict Valid CSS! [Valid RSS]