lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <CAKXGCz63o74i-0kCth4nq3oH1BZHMk+u-p91yUvPQ49X-K9M7w@mail.gmail.com>
Date: Tue, 19 Feb 2013 09:30:34 +0200
From: Ariel Berkman <aberkman@...il.com>
To: bugtraq@...urityfocus.com,
  Full Disclosure <full-disclosure@...ts.grok.org.uk>
Subject: Paper - Hiding Data in Hard-drive Service Areas

Hi,

We've recently released a paper discussing the ability to hide data in
hard-drive service areas.
The paper is available for download at:
http://www.recover.co.il/SA-cover/SA-cover.pdf

The introduction section is pasted below:

In this paper we will demonstrate how spinning hard-drives’ service areas
can be used to hide data from the operating-system (or any software using the
standard OS’s API or the standard ATA commands to access the hard-drive).
These reserved areas are used by hard-drive vendors to store modules that in
turn operate the drive, and in a sense, together with the ROM, serve as the
hard-drive’s internal storage and OS. By sending Vendor Specific Commands
(VSCs) directly to the hard-drive, one can manipulate these areas to read
and write data that are otherwise inaccessible. This should not be confused
with DCO or HPA which can be easily detected, removed and accessed via
standard ATA commands.

Thanks,
Ariel.
--
Recover Information Technologies LTD.
http://www.recover.co.il

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ