drive with read-only dip switch

[ivowel]

I recall that many, many years ago, there were PATA drives that had a
dip switch setting that prevented all writing to the drive. In light
of so many novel security issues, I miss this very old feature. Are
there any drives that still have such a feature? (SATA preferred, but
I would live with PATA.)

(PS: No, this must not be software settable. This would defeat my
intent. It must only be hardware settable, so that changes can only
be made if I am physically at the hard drive and insert the switch.
Interestingly, this should be something that should be very easy to
implement for drive manufacturers.)

sincerely,

/iaw

 

[Rod Speed]

I recall that many, many years ago, there were PATA drives that
had a dip switch setting that prevented all writing to the drive.
Nope.

In light of so many novel security issues, I miss this very old feature.

You can get the same result by unplugging the drive.

Are there any drives that still have such a feature?
Nope.

(SATA preferred, but I would live with PATA.)

(PS: No, this must not be software settable. This would defeat my
intent. It must only be hardware settable, so that changes can only
be made if I am physically at the hard drive and insert the switch.
Interestingly, this should be something that should be very easy to
implement for drive manufacturers.)

Yes, but there are much better ways to protect the contents of a drive.

 

[RonnieJP]

I recall that many, many years ago, there were PATA drives that had a
dip switch setting that prevented all writing to the drive. In light
of so many novel security issues, I miss this very old feature. Are
there any drives that still have such a feature? (SATA preferred, but
I would live with PATA.)

(PS: No, this must not be software settable. This would defeat my
intent. It must only be hardware settable, so that changes can only
be made if I am physically at the hard drive and insert the switch.
Interestingly, this should be something that should be very easy to
implement for drive manufacturers.)

sincerely,

/iaw

All modern operating systems continually need to write to the drive
(paging file, etc.).
Write protecting the system drive would render the OS unusable.

 

[Arno Wagner]

I recall that many, many years ago, there were PATA drives that had a
dip switch setting that prevented all writing to the drive. In light
of so many novel security issues, I miss this very old feature. Are
there any drives that still have such a feature? (SATA preferred, but
I would live with PATA.)

No drives, but you can get forensic write blocker, e.g. these here:

http://www.forensicpc.com/proddetail.asp?prod=T35e

I think they are a bit over-priced, but if you want to be sure,
(as in preserving evidence) they are the way to go. Seems this
offering is a s cheap as it gets.

(PS: No, this must not be software settable.

That would kind of defeat the purpose anyways ;-)

This would defeat my
intent. It must only be hardware settable, so that changes can only
be made if I am physically at the hard drive and insert the switch.
Interestingly, this should be something that should be very easy to
implement for drive manufacturers.)

For drive manufactueres, spending the extra 50 Cent is not cost
effective, since apparently only very, very few people
want this feature.

Arno

 

[Arno Wagner]

All modern operating systems continually need to write to the drive
(paging file, etc.).
Write protecting the system drive would render the OS unusable.

That is untrue. Paging can be switched off or done to an other disk.
Under some OSes it can even be done to RAMDISK (which sounds redundant,
but is not.) Ans disks can be mounted in read-nonly mode. A device that
often has the switch for that today is memory sticks.

Side note: A Knoppix CD-only linux does not write a single bit to disk,
unless you explicitely allow it to. It works fine.

Arno

 

[Folkert Rienstra]

Arno Wagner wrote in news:[email protected]

No drives, but you can get forensic write blocker, e.g. these here:

http://www.forensicpc.com/proddetail.asp?prod=T35e

I think they are a bit over-priced, but if you want to be sure,
(as in preserving evidence) they are the way to go.

Seems this offering is a s cheap as it gets.

Cheaper that SCSI even?

That would kind of defeat the purpose anyways ;-)

And what purpose would that be, babblebot?

 

[Folkert Rienstra]

Arno Wagner wrote in news:[email protected]

That is untrue.

Babblebot, cluelessv as always.

 

[ivowel]

No drives, but you can get forensic write blocker, e.g. these here:

http://www.forensicpc.com/proddetail.asp?prod=T35e

I think they are a bit over-priced, but if you want to be sure,
(as in preserving evidence) they are the way to go. Seems this
offering is a s cheap as it gets.


That would kind of defeat the purpose anyways ;-)


For drive manufactueres, spending the extra 50 Cent is not cost
effective, since apparently only very, very few people
want this feature.

Arno

thanks. yes, these kinds of devices are what I would like, but they
do look expensive, and they look like a pain to install inside my
server.

the extra 50 cents that this feature would cost a drive manufacturer
would not be worth it for every drive, but I could imagine there being
a limited market (1% of the market) that would pay $50 extra for this
feature. this could make it worthwhile for some manufacturers to have
one or two models that have this feature. (used to be this way.)

RAMdisk as a solution does not work, because I need to be able to boot
and then prevent all write access to the hard drive until I switch my
button.

CD as a solution does not work, because I need to update it once a
week or so (security patches, etc.). I would want to disconnect the
server from the web, reboot it to my safe system that does not run
anything else, hit the read-write toggle, and then execute the
updates.

regards,

/iaw

 

[Rod Speed]

thanks. yes, these kinds of devices are what I would like, but they
do look expensive, and they look like a pain to install inside my server.

the extra 50 cents that this feature would cost a drive manufacturer would
not be worth it for every drive, but I could imagine there being a limited
market (1% of the market) that would pay $50 extra for this feature.

Nope, anyone with a clue uses more sophisticated
ways of stopping unwanted writes on a particular drive.

The problem with a physical switch on the drive itself is that its a pain in the arse to use.

this could make it worthwhile for some manufacturers to have
one or two models that have this feature. (used to be this way.)
Nope.

RAMdisk as a solution does not work, because I need to be able to boot
and then prevent all write access to the hard drive until I switch my button.

The point about a ram disk is that you dont care if its written to because
any changes to that COPY of the drive contents is gone when you reboot.

CD as a solution does not work, because I need to update it once a
week or so (security patches, etc.). I would want to disconnect the
server from the web, reboot it to my safe system that does not run
anything else, hit the read-write toggle, and then execute the updates.

Anyone with a clue has proper backups and so it makes a lot more
sense to detect writes that you didnt want to happen and restore from
backup if that does happen instead of a physical write protect jumper.

 

[Arno Wagner]

thanks. yes, these kinds of devices are what I would like, but they
do look expensive, and they look like a pain to install inside my
server.

the extra 50 cents that this feature would cost a drive manufacturer
would not be worth it for every drive, but I could imagine there being
a limited market (1% of the market) that would pay $50 extra for this
feature. this could make it worthwhile for some manufacturers to have
one or two models that have this feature. (used to be this way.)

I would think so too, but aparently drive manufacturers believe
differently. Also probably only very few people actually implement
this type of security measure.

RAMdisk as a solution does not work, because I need to be able to boot
and then prevent all write access to the hard drive until I switch my
button.

CD as a solution does not work, because I need to update it once a
week or so (security patches, etc.). I would want to disconnect the
server from the web, reboot it to my safe system that does not run
anything else, hit the read-write toggle, and then execute the
updates.

Hmm. Maybe use a USB flash drive with write protection switch?
Some do have them. If your server can boot from USB, you could
keep the flash drive on the outside and conveniently reachable
via USB extension cable.

An other idea would be to use a fileserver that exports the
partition read-only. Depends on your OS and requires
a separate server.

Arno

 

[Eric Gisin]

There were SCSI drives with this feature, mine is an 9GB IBM UW.
There are USB-PATA bridge boards with this feature for around $20.

 

[timeOday]

For drive manufactueres, spending the extra 50 Cent is not cost
effective, since apparently only very, very few people
want this feature.

Arno

Floppy drives, Mini-DV, VHS, some flash drives, and audio tape all have
write-protect switches.

If not on the drive itself, perhaps an external HDD enclosure could
offer that feature.

Here's one, looks a few years old though.
<http://www.stargeek.com/item/95899.html>

 

[Arno Wagner]

Arno Wagner wrote:

Floppy drives, Mini-DV, VHS, some flash drives, and audio tape all have
write-protect switches.

Indeed. But they are on removable media (counting the flash
drives as media). HDDs are not in that class.

If not on the drive itself, perhaps an external HDD enclosure could
offer that feature.

They could. Of course, implementing this is more diffecult for (S)ATA,
than for the removable medua you mention, since the ''switch''
needs to understand the ATA command set.

Arno

 

[Robert Nichols]

:
:>> For drive manufactueres, spending the extra 50 Cent is not cost
:>> effective, since apparently only very, very few people
:>> want this feature.
:>>
:>> Arno
:
:> Floppy drives, Mini-DV, VHS, some flash drives, and audio tape all have
:> write-protect switches.
:
:Indeed. But they are on removable media (counting the flash
:drives as media). HDDs are not in that class.
:
:> If not on the drive itself, perhaps an external HDD enclosure could
:> offer that feature.
:
:They could. Of course, implementing this is more diffecult for (S)ATA,
:than for the removable medua you mention, since the ''switch''
:needs to understand the ATA command set.

That would be true for parallel ATA as well. Accessing and reading data
from the drive requires writes to internal control registers. You can't
just interrupt the "WRITE" signal in the bus and expect to use the drive
at all.

 

[Arno Wagner]

:
:>> For drive manufactueres, spending the extra 50 Cent is not cost
:>> effective, since apparently only very, very few people
:>> want this feature.
:>>
:>> Arno
:
:> Floppy drives, Mini-DV, VHS, some flash drives, and audio tape all have
:> write-protect switches.
:
:Indeed. But they are on removable media (counting the flash
:drives as media). HDDs are not in that class.
:
:> If not on the drive itself, perhaps an external HDD enclosure could
:> offer that feature.
:
:They could. Of course, implementing this is more diffecult for (S)ATA,
:than for the removable medua you mention, since the ''switch''
:needs to understand the ATA command set.

That would be true for parallel ATA as well.

Have you seen the "(" and ")" around the "S" above?

Accessing and reading data
from the drive requires writes to internal control registers. You can't
just interrupt the "WRITE" signal in the bus and expect to use the drive
at all.

Indeed. THat was feasible, though, with MFM and RLL drives.

Arno

 

[Folkert Rienstra]

Arno Wagner wrote in news:[email protected]

Indeed. But they are on removable media (counting the flash drives as media).

HDDs are not in that class.

And as we all know, SCSI drives are not HDDs.

They could. Of course, implementing this is more diffecult for (S)ATA,
than for the removable medua you mention,

(Yeah, obviously flashdrives do not use the ATA command set at all).
Any device that accepts write protect media will have extra code to
handle the extra functions that such a protection scheme requires.

since the ''switch'' needs to understand the ATA command set.

Like that same effort isn't required for the physical drive itself when
fitted with such a switch.

 

[Folkert Rienstra]

Robert Nichols wrote in news:[email protected]

That would be true for parallel ATA as well. Accessing and reading data
from the drive requires writes to internal control registers.

You can't just interrupt the "WRITE" signal in the bus and expect to
use the drive at all.

Right,
but if you know through the other bus signals that a device register write
is underway you can interrupt conditionally using those other bussignals.

But that's all academic/besides the point.
The point being that you need a controller response back to the host
saying that the device cannot write.
Otherwise you can move data to the drive thinking you won't loose it because it will be saved there, but it just vanishes.
Same with saving hours of hard work into oblivian without any warnings.

 

[Folkert Rienstra]

Arno Wagner wrote in news:[email protected]

Have you seen the "(" and ")" around the "S" above?


THat was feasible, though, with MFM and RLL drives.

Like that is all that is required.