Passwords

195 readers

1 users here now

Discussion of passwords, password managers, biometrics, CAPTCHAs, secret questions, MFA/2FA/2SV, or other factors related to user authentication.

founded 2 years ago

MODERATORS

[email protected]

Apacer SSD forced itself into read-only mode -- how can this be reversed? Anyone know what pw Apacer uses? (slrpnk.net)

submitted 1 week ago by [email protected] to c/[email protected]

5 comments fedilink hide all child comments

cross-posted from: https://slrpnk.net/post/21033639

The background is here. In short, an SSD with the “Apacer” brand froze itself into read-only mode, presumably due to reaching a point of poor reliability.

The data on the drive is useless. It was part way through installing linux when it happened. I would like to reverse that switch to make one last write operation (to write a live linux distro), which thereafter can be read-only.

I have heard some speculation that the manufacturer uses password to impose read-only mode. If true, then the password would be in the drive’s firmware. Does anyone know what Apacer uses for this password?

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 1 points 1 week ago* (last edited 1 week ago) (4 children)

If it were true that a password is required to write to the storage medium in the event of corruption, that would imply that it's required for every write event. Wouldn't that entail a performance hit for any reasonably secure password mechanism? Either the password is trivial or write speed is impacted by this process.

Is there an interface for examining the firmware?

[–] [email protected] 1 points 6 days ago* (last edited 6 days ago) (3 children)

Hard drive passwords are removeable. The nuts and bolts of it is performing a change password operation where the new password is the NULL char.

If it were true that a password is required to write to the storage medium in the event of corruption, that would imply that it’s required for every write event.

Consider how OPAL drives have passwords just to get read access. You only have to enter the password once when the controller first powers up the drive. It does not have to send the password with every read operation because the drive remains unlocked until it powers off.

But I have to say I’m hand-waving because I only heard speculation that a password is used for write-access gate-keeping to begin with. Certainly it’s feasible that the ATA standard could have included a separate password for write access, but my question is whether that’s actually the case.

[–] [email protected] 1 points 6 days ago (1 children)

I wonder if there are cases where the system malfunctioned and went read only early? Presumably there would be some means of reversing it that you could exploit. Their customer service dept might have the answer.

[–] [email protected] 1 points 6 days ago (1 children)

In this case it’s an “Apacer” drive.. some no name brand. It seems unlikely that I would be able to track down a responsive customer service worker. Seems like really a long-shot because even if I reach someone they will consider it a waste of their time and money that they are even talking to someone well after a warranty period is over. And from there, anything that enables someone to put a product back into service rather than buy a new drive is probably treated as a trade secret. Perhaps some social engineering could be used to reach an employee disgruntled enough to help.

[–] [email protected] 2 points 4 days ago

It sucks that we can't maintain much of our machinery. This problem is most acute with anything that has embedded code. Good luck with your search.

load more comments (1 replies)