Can a virus kill a drive?

[Arno Wagner]

Arno Wagner wrote:

Since the servo information is used to position the heads, the servo
information has to be in the location at which the heads reside when they
are reading and writing. It used to be that one surface of the drive was
reserved for the servo tracks--I'm not sure how they do it today.

Not anymore. At least not in all cases. Today it often (allways?) is
slim, very short tracks that are all over the disk, between the
data tracks and on the data tracks (there are short gaps in the data
for this). The idea is that while seeking the heads will actually read
many of these servo tracks and the disk will know where the heads
are. These short servo "bursts" are designed so that they can be read
with very little synchronisation, i.e. while the head is moving.

The reason the firmware woul need to be patched to overwrite the servo
info is siomply that great care has been investen in the firmware to
make sure that the normal operations do not harm the servo information.
There could also be operations to delete the servo info, but I see
no reason why those should be included.

Arno

 

[Arno Wagner]

"Folkert Rienstra" <[email protected]> wrote in message news:<[email protected]>...

[...]

This mode is device specific for each write channel IC,
and may require a additional hardware connections, etc.
Passwords are stored in system data area with other
firmware data. It stored like a user data, in data sectors.

So how come Nortek overwrite the servotracks to remove the
passwords? http://www.nortek.on.ca/hdd_pw.html#HDD

1.) You should not believe all that is on the web
2.) If you read something on the web, you still should read it carefully.
They don't say that they overwrite servo tracks.
They just say that in order to find out how to remove
passwords they had to use their servo writing _positioning_
equipment.
They do not even say that they wrote anything with the
equipment or or that it is used in actual password deletion,
just that it was used in the development of the process.

Arno

 

[Arno Wagner]

Arno Wagner wrote:

Not much of a server if continuous drive access overheats the drive. The
cooling on any server should be adequate for 24/7 100% utilization.

True, it would have to be a server with not adequately oversized
cooling. E.g. a cheap Linux-Box originally intended as desktop
computer without any HDD cooling at all? Or a box designed for low
load? I have a mini-itx box with a single, slow moving fan in it,
running 24/7. The hdd in there can be driven into (temporary)
thermal failure, it just does not happen in normal operation since
the box does not do much ordinarily. I considerd adding automatic
shutdown on HDD overheating, but the temperature log had no high
temperature spikes at all. However I have such monitoring on some
of my other servers.
Not all servers today use server hardware.

While it might be possibly to damage an inadequately cooled drive that way,
the likelihood of it happening is so small that I doubt that any virus
writer would bother making the effort.

I would rather see the general incompetence of virus writers as a
deterrent. However the orginial question was about whether there are
possibilities, not whether it was likely.

On the question of likely, I would agree that it is not something
to fear today.

Arno

 

[Carl Farrington]

On the question of likely, I would agree that it is not something
to fear today.

I'm glad someone has said this, since there are no viruses which do this
today and the OP might now believe all these Hoax Virus warnings telling him
that a new 'unknown to Norton' virus will physically destroy his harddrive
in a weeks time.

 

[Leo]

This window is for a special head for disk speed control . This head
do not write servo frames.

Since the servo information is used to position the heads, the servo
information has to be in the location at which the heads reside when they
are reading and writing. It used to be that one surface of the drive was
reserved for the servo tracks--I'm not sure how they do it today.

Last known to me HDD with dedicated servo surface is ST3144A (120Mb).
This design does not allow to reach higher density (there is a
temperature instability, elasticity of heads armature, etc., in result
it have a low accuracy of positioning), and not effectively uses
surfaces.

Folkert Rienstra:
So how come Nortek overwrite the servotracks to remove the
passwords?

I think, they use master passwords to unlock drives, or some other
methods, not such radical . It is possible theoretically to use an
external positioning to read password data, but it refers to "to use a
steam hammer to crack nuts" ;-). And I already spoke, that I doubt of
existence of technologies of external reading for modern HDD.

Leonid

 

[Rod Speed]

This is just a theory, but in a even more sophisticated
attack, the virus writer could make the disk head flip
back and forth at a very high, but controlled frequency.

Nope, the most that can be done is request data from the drive.

At a very specific frequency, the vibrations of the drive casing,
bearings, and platters could cause an irrevocable failure in some
part that was not designed to tolerate harmonic-induced loads.
Bullshit.

This attack would have to be tailored to a
specific model drive, or the virus would have
do some kind of search for the right frequency.

It cant know when its producing a resonance.

The only reason I thought of this is because
I have heard about failures in multi-drive
arrays caused by the harmonics of the casing.

Sure, but no virus can know when that is occurring
so cant home in on that frequency etc.

Another theory, from the shocks to the metal disk armature
caused by flipping the disk head back and forth, it will become
magnetized, and then suck up all the iron from the disk platters,
rendering the drive useless. Just kidding The armature is
probably aluminum or some other non-magnetizable alloy.

It aint an amature if its non magnetisable.

 

[Eric Gisin]

Nonsense.

This window is for a special head for disk speed control . This head
do not write servo frames.

The servo writer needs to move the heads mechanically, or use a laser to
measure them. That's what the openings are for.
Embedded servoes get mentions every few months around here.

 

[Leo]

The servo writer needs to move the heads mechanically, or use a laser to
measure them. That's what the openings are for.

For this purpose are windows on bottom side of HDA or on the top cover.

 

[Svend Olaf Mikkelsen]

Is it possible for a software virus to cause irrevocable damage to a hard
drive?

I.e. not just corrupt or wipe data, but actually cause a drive to become
unusable (even after reformatting)?

The virus also can write a bad sector. That will make the disk fail
the manufacturer disk test, but it can be repaired by writing to the
sector.

It may be possible to distinguish a bad sector made this way from a
normal bad sector by reading the sector a few times. If the read
result is the same each time, the bad sector may be deliberately made.

 

[Alexander Grigoriev]

The laser window is on the "side" side of the box, and is closed by a
sticker about 6-10 mm. You can find it on every model.
The formatting goes with the drive's own heads, while the head position is
controlled by a laser.

The servo writer needs to move the heads mechanically, or use a laser to
measure them. That's what the openings are for.

For this purpose are windows on bottom side of HDA or on the top cover.[/QUOTE]