Sridhar Ayengar wrote:
Jules Richardson wrote:
Sridhar Ayengar wrote:
I don't believe that it is possible. When a
hard drive password for
a ThinkPad gets lost, it usually means buy a new hard drive and send
the old for recovery.
So why's it 'new drive' - what does it do to it that means it at least
can't be reformatted by the user? I didn't think there was anything in
the ATA spec along the lines of 'hose this drive' - or does it try and
keep track of drives it's 'seen' before?
It could probably be reformatted by the user, but that precludes
retrieval of any of the data.
indeed - I'm just curious about IBM's statement that it would need replacing
with another drive, as though the machine somehow 'breaks' the old drive
(implying it won't even work in a different machine, or can't just be
reformatted and restored from backups).
I'm not completely sure, but I would
guess that the method it uses is to encrypt the partition table.
If that's all it is though, it should be possible to put the drive in another
system, figure out where the start and end blocks of the filesystem(s) is/are,
grab the raw data and mount it so that the individual files can be copied.
That or restore the MBR to something sensible.
I doubt it makes any attempt to encrypt the whole drive - too time-consuming.
But I'm just not aware of anything it could do to 'break' the drive, either.