canon hard drives

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • slimslob
    Retired

    Site Contributor
    25,000+ Posts
    • May 2013
    • 37115

    #16
    Re: canon hard drives

    Comment

    • Michael
      Trusted Tech

      Site Contributor
      100+ Posts
      • Dec 2020
      • 158

      #17
      Re: canon hard drives

      Trusted Platform Module (TPM)
      Every imageRUNNER ADVANCE system includes a Trusted Platform Module (TPM), a tamper-resistant
      open standards security chip that is responsible for encrypting and decrypting information such as
      passwords, certificates, IDs and cryptographic keys. TPM protects information on the internal hard disk
      drive by storing the encryption key in a separate location. Once enabled, the device will not launch if the
      TPM chip is removed to protect against physical attacks.
      TPM functionality is disabled by default. The feature can be enabled on Canon imageRUNNER
      ADVANCE devices within the Additional Functions menu. Once enabled, it is important to back up
      the TPM key in the event of failure through USB memory.


      HDD Password Lock
      The imageRUNNER ADVANCE Series offer a feature called HDD Lock. HDD Lock provides the
      capability of securing the HDD with a Password making it difficult to access the data that is stored on the
      hard disk to be accessed. If the HDD is physically removed from the device, its data cannot be accessed
      via a PC.


      HDD Lock have nothing to do with encrypting Data on the drive. This are TWO different things.


      tonerhead ask about HDD Lock password nothing about encryption.

      How to Remove hard disk password | Restore firmware | Erase HDD password | Bangla - YouTube
      My profile is not working at the moment. The profile you see is not mine. Board redirects to a wrong userprofile. So you CAN´T REACH ME over the profile via SEND PRIVATE MESSAGE and even not over regular Email too

      You only can contact me if you click my name on a post and select PRIVATE MESSAGE straight from there.

      Comment

      • slimslob
        Retired

        Site Contributor
        25,000+ Posts
        • May 2013
        • 37115

        #18
        Re: canon hard drives

        Originally posted by Michael
        tonerhead ask about HDD Lock password nothing about encryption.
        And prior to that he said that he it was locked by TPM. If it does have TPM that cheap YouTube video won't work.

        Comment

        • Tricky
          Field Supervisor

          Site Contributor
          2,500+ Posts
          • Apr 2009
          • 2620

          #19
          Re: canon hard drives

          Originally posted by slimslob
          As for encryption, it requires a 2 part decryption code. One part is stored on a chip on the board on the drive. The other is stored on the Canon.
          According to this site it's using public-key cryptography which uses a public key and a private one, data encrypted with the public key can only be decrypted with the private key and vice versa, finding the private key from the public one is impossible.

          With all this talk of complicated encryption, I would be looking at the lowest common denominator, the end user, and weak passwords. The IT department of the company I work for thought the company name with a capital letter at the beginning would be good enough, it didn't fool me.

          Comment

          • Michael
            Trusted Tech

            Site Contributor
            100+ Posts
            • Dec 2020
            • 158

            #20
            Re: canon hard drives

            Originally posted by tonerhead
            I am trying to use a canon hard drive in a computer. Unable to read/write to the hard drive as it needs a password. I am thinking Canon uses TPM to lock down their hard drives to the copier.

            I have tried gparted, dban, and everything else, no sucess. Has anyone gotten past this password lockout?
            Old Versions | Hiren's BootCD PE

            and use : HDD Erase 4.0: Secure erase using a special feature built into most newer hard drives (Dos Freeware).
            My profile is not working at the moment. The profile you see is not mine. Board redirects to a wrong userprofile. So you CAN´T REACH ME over the profile via SEND PRIVATE MESSAGE and even not over regular Email too

            You only can contact me if you click my name on a post and select PRIVATE MESSAGE straight from there.

            Comment

            • emujo2
              Service Manager

              1,000+ Posts
              • Mar 2017
              • 1580

              #21
              Re: canon hard drives

              Not a Canon tech, but in KM world if lock or encryption password is lost the HDD can be formatted, this will remove the lock/encryption password and any data on the drive. TPM is no enabled by default. I'm not sure if a HDD with KM encryption and lock password can be erased outside of the machine. E

              Comment

              • slimslob
                Retired

                Site Contributor
                25,000+ Posts
                • May 2013
                • 37115

                #22
                Re: canon hard drives

                Originally posted by Michael
                Old Versions | Hiren's BootCD PE

                and use : HDD Erase 4.0: Secure erase using a special feature built into most newer hard drives (Dos Freeware).
                All of these software that you keep giving links to, how many, if any, have you personally used to prepare a TPM protected drive removed from a Canon MFP for use as a spare drive. Until you have done so and can post step by step instruction as to how you were able to do so STFU.

                Comment

                • tonerhead
                  Senior Tech

                  500+ Posts
                  • Sep 2009
                  • 582

                  #23
                  Re: canon hard drives

                  To reinstate. I am thinking it is TPM causing the issue, not 100% sure though. Trainer last year said it was TPM when I asked.

                  I stick a canon hdd into a blank dell laptop, laptop goes through splash screen, asks for hdd password.

                  I have tried hddllf 4.4
                  Gparted
                  hddscan
                  command prompt as admin
                  linux boot disk
                  windows recovery disk
                  mmc

                  What I am thinking is this. I can take a laptop hdd that is password protected, use any of the above and reuse it. I can not say that I've tried to reuse a laptop hdd that uses TPM and bitlocker. There is hdd encryption on Ricohs. I have reused those just fine. I don't know what it is about Canon hdd's. When I try anything in Windows with those, it's like it doesn't exist, it won't read/write. In the past people have given me flash drives that they pulled during a read/write activity that were damaged and no longer work. You plug those into windows, it sees the flashdrive and when you go to properties it says no media present. Same thing happens with Canon hdd's. Windows sees the hdd in mmc, but it shows no media present.

                  I think Slim is right, maybe someone has figured out the process and needs to tell us how.

                  I haven't had a chance to really try the linux command line suggestions. I will try to get to that and report back.
                  I've proved mathematics wrong. 1 + 1 doesn't always equal 2.........


                  Especially when it comes to sex

                  Comment

                  • Michael
                    Trusted Tech

                    Site Contributor
                    100+ Posts
                    • Dec 2020
                    • 158

                    #24
                    Re: canon hard drives

                    @slimslob:
                    It seems to me that no matter what I write, you make everything worse, but I've repeated myself often enough now,
                    but you don't seem to understand it or you don't want to.

                    So read this carefully!

                    This is from CANON documents:

                    Trusted Platform Module (TPM)

                    Every imageRUNNER ADVANCE system includes a Trusted Platform Module (TPM), a tamper-resistant open standards security chip that is responsible for encrypting and decrypting information such as
                    passwords, certificates, IDs and cryptographic keys. TPM protects information on the internal hard disk drive by storing the encryption key in a separate location. Once enabled, the device will not launch if the
                    TPM chip is removed to protect against physical attacks.
                    TPM functionality is disabled by default. The feature can be enabled on Canon imageRUNNER ADVANCE devices within the Additional Functions menu. Once enabled, it is important to back up
                    the TPM key in the event of failure through USB memory.


                    HDD Password Lock

                    The imageRUNNER ADVANCE Series offer a feature called HDD Lock. HDD Lock provides the capability of securing the HDD with a Password making it difficult to access the data that is stored on the
                    hard disk to be accessed. If the HDD is physically removed from the device, its data cannot be accessed via a PC.

                    YOU can read that TMP encryption have nothing to do with the HDD LOCK, this i already wrote several times.

                    Canon also write: .... of securing the HDD with a Password making it difficult to access.....
                    but the never wrote IMPOSSIBLE

                    so this must show almost you that encryption and the HDD password have nothing to do with each other.

                    If a hard disc ask for password during boot, it have really nothing to do with TPM! The bios from a computer see during boot that a password is set on the drive and ask for it. This feature was used earlier for antitheft protection when there was no TPM was aviable.


                    @tonerhead:
                    here you can find a detailed information how you can find out which ATA features are set from your drive and how you can enable or disable.

                    Understanding ATA Security >> ADMIN Magazine


                    so everything is said often enough, i am out.

                    good luck.
                    My profile is not working at the moment. The profile you see is not mine. Board redirects to a wrong userprofile. So you CAN´T REACH ME over the profile via SEND PRIVATE MESSAGE and even not over regular Email too

                    You only can contact me if you click my name on a post and select PRIVATE MESSAGE straight from there.

                    Comment

                    • tonerhead
                      Senior Tech

                      500+ Posts
                      • Sep 2009
                      • 582

                      #25
                      Re: canon hard drives

                      So far hdparm command failed permission denied. Badblocks also failed.
                      I've proved mathematics wrong. 1 + 1 doesn't always equal 2.........


                      Especially when it comes to sex

                      Comment

                      • tonerhead
                        Senior Tech

                        500+ Posts
                        • Sep 2009
                        • 582

                        #26
                        Re: canon hard drives

                        Tried utilities on Hiren's CD boot disk .15.2 Tried secure disk erase, no good, tried other wipe/erasing options on the disk, no good.

                        I am open to anyone else trying to crack these hdd's. If the instructor said these are soda coasters outside of the copier, I am really thinking he is right. TPM marries them to the machine as far as I know.

                        I am still relatively new to Canon's (15 months). However, I am guessing if you could "reuse" these like you can with Ricohs, the James Bonds' of the world might be able to glean some info. Hence TPM marries it to the machine with (I'm guessing) a random password. Probably all done in the background with the copier firmware and the hdd firmware.

                        I know the very old (6 years or more) Canon hdd's I can erase and reuse, not anything current though.

                        If anyone can do it, post, I'd like to put this thread to bed.
                        I've proved mathematics wrong. 1 + 1 doesn't always equal 2.........


                        Especially when it comes to sex

                        Comment

                        • slimslob
                          Retired

                          Site Contributor
                          25,000+ Posts
                          • May 2013
                          • 37115

                          #27
                          Re: canon hard drives

                          Originally posted by tonerhead
                          Tried utilities on Hiren's CD boot disk .15.2 Tried secure disk erase, no good, tried other wipe/erasing options on the disk, no good.

                          I am open to anyone else trying to crack these hdd's. If the instructor said these are soda coasters outside of the copier, I am really thinking he is right. TPM marries them to the machine as far as I know.

                          I am still relatively new to Canon's (15 months). However, I am guessing if you could "reuse" these like you can with Ricohs, the James Bonds' of the world might be able to glean some info. Hence TPM marries it to the machine with (I'm guessing) a random password. Probably all done in the background with the copier firmware and the hdd firmware.

                          I know the very old (6 years or more) Canon hdd's I can erase and reuse, not anything current though.

                          If anyone can do it, post, I'd like to put this thread to bed.
                          On a Ricoh encryption is at the individual file level and restrict access to the file only. Security of data that might remain on a drive after a copy or print job completes is handled Disk Overwrite Security System. It over writes all sectors used by the job. Prior to the introduction of DOSS, Ricoh recommended removing the HDD and handing it to the customer if they were worried data remaining on the drive.

                          Comment

                          • Michael
                            Trusted Tech

                            Site Contributor
                            100+ Posts
                            • Dec 2020
                            • 158

                            #28
                            Re: canon hard drives

                            Originally posted by tonerhead
                            So far hdparm command failed permission denied. Badblocks also failed.
                            did you use hdparm as root? you need root privilegs for all this stuff...
                            My profile is not working at the moment. The profile you see is not mine. Board redirects to a wrong userprofile. So you CAN´T REACH ME over the profile via SEND PRIVATE MESSAGE and even not over regular Email too

                            You only can contact me if you click my name on a post and select PRIVATE MESSAGE straight from there.

                            Comment

                            • tonerhead
                              Senior Tech

                              500+ Posts
                              • Sep 2009
                              • 582

                              #29
                              Re: canon hard drives

                              Originally posted by Michael
                              did you use hdparm as root? you need root privilegs for all this stuff...

                              Yes. When using hdparm --sanitize-block-erase, hdparm comes back with Sanitize feature is not supported. When using hdparm-w (perform device reset), hdparm comes back with
                              HDIO_DRIVE_RESET failed: Inappropriate ioctl for device.

                              Like I have been saying, something in the hdd itself is keeping it from a read/write without password. The hdd in a empty dell laptop does this..... I can tell the dell to boot from cd in bios. It pauses for a period during boot then asks for hdd password, 3 times, then will boot from cd.
                              I've proved mathematics wrong. 1 + 1 doesn't always equal 2.........


                              Especially when it comes to sex

                              Comment

                              • tonerhead
                                Senior Tech

                                500+ Posts
                                • Sep 2009
                                • 582

                                #30
                                Re: canon hard drives

                                in using hdparm -I /dev/sda I found Security level maximum.

                                In reading more about hdparm and hdd's I found this. So like the instructor said these hdd's are soda coasters.

                                In Maximum security mode, you cannot unlock the disk! The only way to get the disk back to a usable state is to issue the SECURITY ERASE PREPARE command, immediately followed by SECURITY ERASE UNIT. The SECURITY ERASE UNIT command requires the Master password and will completely erase all data on the disk. The operation is rather slow, expect half an hour or more for big disks. (Word 89 in the IDENTIFY response indicates how long the operation will take.)


                                In checking more, the hdd is a Seagate. Master password for Seagate is "Seagate " (Seagate with 25 spaces)

                                Hdparm -I shows master password has been changed.

                                Without the password (random I am assuming) nothing will work.

                                The needed password is not on the actual hard drive disk, but is embedded into the circuitry of the disk. I believe this is one of the provisions of TPM. That is why we can not crack it.
                                Last edited by tonerhead; 06-24-2021, 09:23 PM.
                                I've proved mathematics wrong. 1 + 1 doesn't always equal 2.........


                                Especially when it comes to sex

                                Comment

                                Working...