canon hard drives

Re: canon hard drives

Re: canon hard drives

Trusted Platform Module (TPM)
Every imageRUNNER ADVANCE system includes a Trusted Platform Module (TPM), a tamper-resistant
open standards security chip that is responsible for encrypting and decrypting information such as
passwords, certificates, IDs and cryptographic keys. TPM protects information on the internal hard disk
drive by storing the encryption key in a separate location. Once enabled, the device will not launch if the
TPM chip is removed to protect against physical attacks.
TPM functionality is disabled by default. The feature can be enabled on Canon imageRUNNER
ADVANCE devices within the Additional Functions menu. Once enabled, it is important to back up
the TPM key in the event of failure through USB memory.


HDD Password Lock
The imageRUNNER ADVANCE Series offer a feature called HDD Lock. HDD Lock provides the
capability of securing the HDD with a Password making it difficult to access the data that is stored on the
hard disk to be accessed. If the HDD is physically removed from the device, its data cannot be accessed
via a PC.


HDD Lock have nothing to do with encrypting Data on the drive. This are TWO different things.


tonerhead ask about HDD Lock password nothing about encryption.

How to Remove hard disk password | Restore firmware | Erase HDD password | Bangla - YouTube

Re: canon hard drives

And prior to that he said that he it was locked by TPM. If it does have TPM that cheap YouTube video won't work.

Re: canon hard drives

According to this site it's using public-key cryptography which uses a public key and a private one, data encrypted with the public key can only be decrypted with the private key and vice versa, finding the private key from the public one is impossible.

With all this talk of complicated encryption, I would be looking at the lowest common denominator, the end user, and weak passwords. The IT department of the company I work for thought the company name with a capital letter at the beginning would be good enough, it didn't fool me.

Re: canon hard drives

Old Versions | Hiren's BootCD PE

and use : HDD Erase 4.0: Secure erase using a special feature built into most newer hard drives (Dos Freeware).

Re: canon hard drives

Not a Canon tech, but in KM world if lock or encryption password is lost the HDD can be formatted, this will remove the lock/encryption password and any data on the drive. TPM is no enabled by default. I'm not sure if a HDD with KM encryption and lock password can be erased outside of the machine. E

Re: canon hard drives

All of these software that you keep giving links to, how many, if any, have you personally used to prepare a TPM protected drive removed from a Canon MFP for use as a spare drive. Until you have done so and can post step by step instruction as to how you were able to do so STFU.

Re: canon hard drives

To reinstate. I am thinking it is TPM causing the issue, not 100% sure though. Trainer last year said it was TPM when I asked.

I stick a canon hdd into a blank dell laptop, laptop goes through splash screen, asks for hdd password.

I have tried hddllf 4.4
Gparted
hddscan
command prompt as admin
linux boot disk
windows recovery disk
mmc

What I am thinking is this. I can take a laptop hdd that is password protected, use any of the above and reuse it. I can not say that I've tried to reuse a laptop hdd that uses TPM and bitlocker. There is hdd encryption on Ricohs. I have reused those just fine. I don't know what it is about Canon hdd's. When I try anything in Windows with those, it's like it doesn't exist, it won't read/write. In the past people have given me flash drives that they pulled during a read/write activity that were damaged and no longer work. You plug those into windows, it sees the flashdrive and when you go to properties it says no media present. Same thing happens with Canon hdd's. Windows sees the hdd in mmc, but it shows no media present.

I think Slim is right, maybe someone has figured out the process and needs to tell us how.

I haven't had a chance to really try the linux command line suggestions. I will try to get to that and report back.

Re: canon hard drives

@slimslob:
It seems to me that no matter what I write, you make everything worse, but I've repeated myself often enough now,
but you don't seem to understand it or you don't want to.

So read this carefully!

This is from CANON documents:

Trusted Platform Module (TPM)

Every imageRUNNER ADVANCE system includes a Trusted Platform Module (TPM), a tamper-resistant open standards security chip that is responsible for encrypting and decrypting information such as
passwords, certificates, IDs and cryptographic keys. TPM protects information on the internal hard disk drive by storing the encryption key in a separate location. Once enabled, the device will not launch if the
TPM chip is removed to protect against physical attacks.
TPM functionality is disabled by default. The feature can be enabled on Canon imageRUNNER ADVANCE devices within the Additional Functions menu. Once enabled, it is important to back up
the TPM key in the event of failure through USB memory.


HDD Password Lock

The imageRUNNER ADVANCE Series offer a feature called HDD Lock. HDD Lock provides the capability of securing the HDD with a Password making it difficult to access the data that is stored on the
hard disk to be accessed. If the HDD is physically removed from the device, its data cannot be accessed via a PC.

YOU can read that TMP encryption have nothing to do with the HDD LOCK, this i already wrote several times.

Canon also write: .... of securing the HDD with a Password making it difficult to access.....
but the never wrote IMPOSSIBLE

so this must show almost you that encryption and the HDD password have nothing to do with each other.

If a hard disc ask for password during boot, it have really nothing to do with TPM! The bios from a computer see during boot that a password is set on the drive and ask for it. This feature was used earlier for antitheft protection when there was no TPM was aviable.


@tonerhead:
here you can find a detailed information how you can find out which ATA features are set from your drive and how you can enable or disable.

Understanding ATA Security >> ADMIN Magazine


so everything is said often enough, i am out.

good luck.

Re: canon hard drives

So far hdparm command failed permission denied. Badblocks also failed.

Re: canon hard drives

Tried utilities on Hiren's CD boot disk .15.2 Tried secure disk erase, no good, tried other wipe/erasing options on the disk, no good.

I am open to anyone else trying to crack these hdd's. If the instructor said these are soda coasters outside of the copier, I am really thinking he is right. TPM marries them to the machine as far as I know.

I am still relatively new to Canon's (15 months). However, I am guessing if you could "reuse" these like you can with Ricohs, the James Bonds' of the world might be able to glean some info. Hence TPM marries it to the machine with (I'm guessing) a random password. Probably all done in the background with the copier firmware and the hdd firmware.

I know the very old (6 years or more) Canon hdd's I can erase and reuse, not anything current though.

If anyone can do it, post, I'd like to put this thread to bed.

Re: canon hard drives

On a Ricoh encryption is at the individual file level and restrict access to the file only. Security of data that might remain on a drive after a copy or print job completes is handled Disk Overwrite Security System. It over writes all sectors used by the job. Prior to the introduction of DOSS, Ricoh recommended removing the HDD and handing it to the customer if they were worried data remaining on the drive.

Re: canon hard drives

did you use hdparm as root? you need root privilegs for all this stuff...

Re: canon hard drives


Yes. When using hdparm --sanitize-block-erase, hdparm comes back with Sanitize feature is not supported. When using hdparm-w (perform device reset), hdparm comes back with
HDIO_DRIVE_RESET failed: Inappropriate ioctl for device.

Like I have been saying, something in the hdd itself is keeping it from a read/write without password. The hdd in a empty dell laptop does this..... I can tell the dell to boot from cd in bios. It pauses for a period during boot then asks for hdd password, 3 times, then will boot from cd.

Re: canon hard drives

in using hdparm -I /dev/sda I found Security level maximum.

In reading more about hdparm and hdd's I found this. So like the instructor said these hdd's are soda coasters.

In Maximum security mode, you cannot unlock the disk! The only way to get the disk back to a usable state is to issue the SECURITY ERASE PREPARE command, immediately followed by SECURITY ERASE UNIT. The SECURITY ERASE UNIT command requires the Master password and will completely erase all data on the disk. The operation is rather slow, expect half an hour or more for big disks. (Word 89 in the IDENTIFY response indicates how long the operation will take.)


In checking more, the hdd is a Seagate. Master password for Seagate is "Seagate " (Seagate with 25 spaces)

Hdparm -I shows master password has been changed.

Without the password (random I am assuming) nothing will work.

The needed password is not on the actual hard drive disk, but is embedded into the circuitry of the disk. I believe this is one of the provisions of TPM. That is why we can not crack it.