But then that’s the least of your problems if you think you got some sophisticated malware that could actually mess with it. Since the DCO is set up by the manufacturer, you must accept that messing with it will possibly brick the drive. To use HDPARM to check if a DCO is in place and set it back to factory defaults dev/sdx:setting max visible sectors to 78165360 (permanent)max sectors ?= 78165360/78165360, HPA is disabled It will spit back a report that the visible area is equal to the max sectors and that the HPA is disabled.
PRODISCOVER BASIC HPA DCO FULL SIZE
To remove the HPA and expand the visible area out to the full size of the drive use the denominator in the above report (visible area/max sectors): It will spit back something like the following if you have an HPA defined: So, there can be no data corruption or file system corruption as neither exist, DBAN having ensured this and so the following HDPARM warning is not applicable.įire up your Linux boot disk and run hdparmįor x = device you’re targeting, use the following HDPARM command to show if you have an HPA enabled. So we have a basic admission here the drive was wiped so therefore there is no partition table, file system or data on the drive. Later came to know that DBAN does not kill HPA (host protected area) and DCO (Drive configuration overlay) Out of approximately sixty-seven parameters, several are dangerous and could result in “massive filesystem corruption” when used indiscriminately.Īnswer: So, wiped drive with DBAN foolishly (PRNG, 8 pass). Hdparm has a more serious drawback: it can crash a computer and make data on its disk inaccessible if certain parameters are misused. I also saw this on the Wiki page and was a little worried: ? Will hdparm do a complete wipe of all malware that resides in the HPA and DCO? Is there a way to find out the size in terms of GB instead of sectors? What does this output mean? How do I ensure that there is no possibility of malware remaining on the HPA DCO?
dev/sda:DCO Revision: 0x0001The following features can be selectively disabled via DCO: ?Transfer modes: ?mdma0 mdma1 mdma2 ?udma0 udma1 udma2 udma3 udma4 udma5 udma6(?) ?Real max sectors: 625142448 ?ATA command/feature sets: ?SMART self_test error_log security HPA 48_bit ?(?): selective_test conveyance_test write_read_verify ?(?): WRITE_UNC_EXT ?SATA command/feature sets: ?(?): NCQ interface_power_management SSP The output of sudo hdparm –dco-identify /dev/sda: My drive is a 320GB 7200RPM Seagate drive.
I’m an average computer user with little Bash skill i.e I don’t really know what I am doing. As an aside, I also looked at “BC Wipe Total Wipeout” which does HPA and DCO removal but costs $50.
PRODISCOVER BASIC HPA DCO INSTALL
So, I came to Linux’s hdparm in the hope that it will wipe my HDD 100% clean so that I can install Windows again on a 100% clean hard drive. I saw that HDDErase made by CMRR can remove the HPA and DCO if present, but the project was stopped in 2005 or 2007. Later came to know that DBAN does not kill HPA (Host Protected Area) orand DCO (Drive Configuration Overlay) which are “hidden areas” used by some hard drives. I didn’t want to take any chances, so foolishly wiped my drive with DBAN (PRNG, 8 pass). I got some malware in Windows, possibly a rootkit or bootkit.