how can I get rid of encryption on an external harddrive?

Hi fellows,

don´t know if this is a support question, but I don´t think so, that´s why I post it in the community section. I hope you can help me…

My brother in law bought an external USB 3.0 hard drive (IOmega). On this hard drive there is an encryption software which prevents access to the harddrive completely. My brother in law already knows that he has bought a piece of junk, but maybe it can be saved (and used) anyway? So… here it goes:

  1. connecting the drive to a Windows computer (he just has Windows) results in that the system asks what to do… so you open the folder to see the files. You just can see one folder, where this encryption software is stored. This folder is 81.5 Mb. Thats it. You can not copy files to the drive, you can not do anything, besides looking at the icon of this stupid encryption utility.

Or you can run it… but then, nothing happens either. There is just one folder accessible: 81.5 Mb

  1. I connected it to my Linux box and wanted to reformat it with Gparted. First to the openSUSE box. Suzy does not realise that there is an external harddrive connected. Nothing happens. Gparted does not see it.

  2. I connected it to my old Xubuntu Laptop. Here we go: it mounts the drive. There are now two drives mounted. One drive is mounted as a CD and the other one as a harddrive. In the CD-part, there is this encryption software-thing and a file “autorun.inf”. I can not delete these files. They are protected. I also can not remove this write protection, because there must be something to the filesystem in this CD-part of the harddrive.
    Gparted can see the harddrive part of it, but not the CD-part. So I took my chances and reformatted the harddrive and also re-wrote the partition table.
    But after that, it is still the same: there is one CD and one hard drive part…

So I thought to myself, that if it is mounted like a CD, then I could delete it with K3B, Brasero or whatever, as I would delete a CD-RW… Nope, Brasero or XFburn don´t see this drive.

The big question is now: how can I access the CD part? How can I delete this part of the harddrive? Or at least how can I delete this encryption-junk and make it accessible for a Windows computer?

some ideas on this would be great. Or maybe someone of you went through this mess before and could tell me what to do?

thank you very much!

Steffen

Don’t know
I would google it

I’m wondering if dd will do
dd if=/dev/urandom of=/dev/sd?

On 01/20/2012 05:46 PM, steffen13 wrote:
> some ideas on this would be great.

tell your brother-in-law to take the drive back and get his money back.


DD
openSUSE®, the “German Engineered Automobiles” of operating systems!

On Fri, 20 Jan 2012 16:46:03 +0000, steffen13 wrote:

> 2. I connected it to my Linux box and wanted to reformat it with
> Gparted. First to the openSUSE box. Suzy does not realise that there is
> an external harddrive connected. Nothing happens. Gparted does not see
> it.

Sounds like it’s locked to Windows, then - the “partition” you see is a
virtual CD-ROM device that has the access software on it. Since it’s a
read-only virtual device, you can’t modify it without special tools.

I’d return the drive and buy something that doesn’t have encryption on it
by default since that’s typically locked to the platform.

Jim


Jim Henderson
openSUSE Forums Administrator
Forum Use Terms & Conditions at http://tinyurl.com/openSUSE-T-C

There are tools which can remove the partition, try this thread.

On Fri, 20 Jan 2012 18:36:03 +0000, finders wrote:

> There are tools which can remove the partition, try ‘this thread.’
> (http://ubuntuforums.org/showthread.php?p=11288726)

Yes, you can use various tools to remove the virtual CD image, but if the
device itself doesn’t show up, doing so would likely void the warranty
and then he’d be stuck with a drive he can’t use at all.

Jim

Jim Henderson
openSUSE Forums Administrator
Forum Use Terms & Conditions at http://tinyurl.com/openSUSE-T-C

On 2012-01-20 18:16, caf4926 wrote:
>
> Don’t know
> I would google it
>
> I’m wondering if dd will do
> dd if=/dev/urandom of=/dev/sd?

Please, not urandom. Use plain zero.


Cheers / Saludos,

Carlos E. R.
(from 11.4 x86_64 “Celadon” at Telcontar)

On Fri, 20 Jan 2012 20:53:09 +0000, Carlos E. R. wrote:

> On 2012-01-20 18:16, caf4926 wrote:
>>
>> Don’t know I would google it
>>
>> I’m wondering if dd will do dd if=/dev/urandom of=/dev/sd?
>
> Please, not urandom. Use plain zero.

Either/or, depends on what your goals are.

Jim


Jim Henderson
openSUSE Forums Administrator
Forum Use Terms & Conditions at http://tinyurl.com/openSUSE-T-C

thanks for your answers. The 1st tip would be the best: returning it.

But I guess I give the dd option a shot. But I didn´t get it… so, should I use

dd if=/dev/urandom of=/dev/sdb

??

Or the other one, robin_listas posted? This would be then dd if=/dev/0 of=/dev/sdb, right? – the drive would be mounted as sdb

What is the problem/bad consequences with dd if=/dev/urandom of=/dev/sdb ?

Either/or, depends on what your goals are.

my goal is, to have a normal drive which can be used by every computer, without encryption which means that I want to delete the read-only part on the disk and put it together into one single ntfs partition . :slight_smile:

On Fri, 20 Jan 2012 22:06:02 +0000, steffen13 wrote:

> thanks for your answers. The 1st tip would be the best: returning it.
>
> But I guess I give the dd option a shot. But I didn´t get it… so,
> should I use
>
> dd if=/dev/urandom of=/dev/sdb

You need to be absolutely sure that /dev/sdb is what device the drive
is registered as. If it isn’t, you’ll wipe the wrong device.

You can use either /dev/zero (not /dev/0) or /dev/urandom. The idea is
to overwrite the boot blocks and partition table.

You said that openSUSE didn’t recognise there was a drive connected. If
that’s the case (lsscsi or fdisk -l should tell you what devices are on
the system), then you won’t be able to overwrite it. It has to be
recognised at the hardware level in order to overwrite it.

Jim

Jim Henderson
openSUSE Forums Administrator
Forum Use Terms & Conditions at http://tinyurl.com/openSUSE-T-C

On 2012-01-20 23:58, Jim Henderson wrote:
> On Fri, 20 Jan 2012 22:06:02 +0000, steffen13 wrote:

> You need to be absolutely sure that /dev/sdb is what device the drive
> is registered as. If it isn’t, you’ll wipe the wrong device.
>
> You can use either /dev/zero (not /dev/0) or /dev/urandom. The idea is
> to overwrite the boot blocks and partition table.

The difference is that generating the random data to fill a disk can be
horribly slow, like several hours, depending on the hardware (not
necessarily the speed of the cpu). Writing random data is not needed unless
you want to clear the disk for security reasons.

In this case you simply need to clear the partition table (at least), so
zeroes is good enough.

> You said that openSUSE didn’t recognise there was a drive connected. If
> that’s the case (lsscsi or fdisk -l should tell you what devices are on
> the system), then you won’t be able to overwrite it. It has to be
> recognised at the hardware level in order to overwrite it.

Absolutely.

It would be a good idea to enter this hardware in the HCL as does not work,
so that others can see it. But I don’t know what category to put it under.


Cheers / Saludos,

Carlos E. R.
(from 11.4 x86_64 “Celadon” at Telcontar)

On Sat, 21 Jan 2012 01:13:06 +0000, Carlos E. R. wrote:

> On 2012-01-20 23:58, Jim Henderson wrote:
>> On Fri, 20 Jan 2012 22:06:02 +0000, steffen13 wrote:
>
>
>> You need to be absolutely sure that /dev/sdb is what device the drive
>> is registered as. If it isn’t, you’ll wipe the wrong device.
>>
>> You can use either /dev/zero (not /dev/0) or /dev/urandom. The idea is
>> to overwrite the boot blocks and partition table.
>
> The difference is that generating the random data to fill a disk can be
> horribly slow, like several hours, depending on the hardware (not
> necessarily the speed of the cpu). Writing random data is not needed
> unless you want to clear the disk for security reasons.

True, but it doesn’t actively hurt anything to use /dev/urandom. Some
might take your meaning to indicate that it does, so I clarified. :slight_smile:

> In this case you simply need to clear the partition table (at least), so
> zeroes is good enough.

True, and the entire disc isn’t needed either.

>> You said that openSUSE didn’t recognise there was a drive connected.
>> If that’s the case (lsscsi or fdisk -l should tell you what devices are
>> on the system), then you won’t be able to overwrite it. It has to be
>> recognised at the hardware level in order to overwrite it.
>
> Absolutely.
>
>
> It would be a good idea to enter this hardware in the HCL as does not
> work,
> so that others can see it. But I don’t know what category to put it
> under.

That would be a good idea. Is there a storage devices category in the
HCL?

Jim


Jim Henderson
openSUSE Forums Administrator
Forum Use Terms & Conditions at http://tinyurl.com/openSUSE-T-C

On 2012-01-21 02:34, Jim Henderson wrote:
> On Sat, 21 Jan 2012 01:13:06 +0000, Carlos E. R. wrote:

> True, but it doesn’t actively hurt anything to use /dev/urandom. Some
> might take your meaning to indicate that it does, so I clarified. :slight_smile:

Right. But I remember a recent poster who did this and it took something
like seven hours… He was not very happy :wink:

> That would be a good idea. Is there a storage devices category in the
> HCL?

No… I see ide+sata cards, floppy drives, raid controllers…


Cheers / Saludos,

Carlos E. R.
(from 11.4 x86_64 “Celadon” at Telcontar)

okay, understood this dd - urandom or zero issue. I tried the urandom option anyway, because I am not really sure: will this zero-option also overwrite the CD-part of the drive…

So now the computer (my old Ubuntu box) is running now for several hours aleady :smiley: could I also cancel this operation or will this kill the hard drive completely?

I would put it in HCL if there was a category for that. Maybe there should a general junk category be created? >:)

Just leave it running!
Eventually it will be clear to you that it has finished, when the terminal returns to a prompt.
Just don’t let the machine go to sleep or anything.
It could take a long time

When it’s done
You’ll need to use GParted or some utility to create a partition table and partition the HD
Assuming it’s going to work

ok. will do that. Thanks!

You do not seem to understand at all what dd does. Did you read

man dd

before starting it? When not that was not very clever imho. We are of course all decent and trustable people, but in the end you are responsible for the commands you type. And we can make mistakes. Thus allways try to understand what you are doing when strangers (or friends) tell you to execute a command. E.g. by studying the man page of the command.

And in short on a few of what you asked/doubted about above:

  • dd
    copies disk blocks from input to output. While input and output can be normal files, the fact that it is about disk blocks allready points to the fact that it is mostly used on disks/disk partitions. Thus input/output are then block device special files (those inside /dev). - Block device special files like /dev/sda
    are only writable by root, thus you must be root to write to them, but take care, root will write blocks over the device without any compassion with constructs like file systems or partition tables or whatever. Thus any mistyping in the output specification can create havoc. - there are a few pseudo device special files that on reading offer special data: /dev/zero
    offers zero bytes and /dev/urandom offers random bytes. The last one involves calculating of as random data as possible and that takes extra time. - When you want only to overwrite the partition table, writing of one disk block is enough, thus adding count=1
    to the command is usefull and then it will not take 7 hours :frowning: - Interrupting it after it has written the first block (very soon indeed) is allright. Again you do not want to overwrite all those data that is not there, but only the partition table.

BTW, I doubt if the use of dd is needed at all. Using fdisk (or any other decent partitionning tool) and letting it create a new partition table (which you can immediatly make to you likeing) will work also imho.

But, when the system does not recocnise the device as a storage device (and thus there is no block special file created for it), you can not use dd no fdisk :wink:

no, I did not read the manpage of dd. But I know/knew that dd is a command for dumping something on a disk. Because I know that it is also used for writing .iso images onto USB sticks. So I could imagine what it does.

The command itself… I always look at the commands and when I understand that it does no harm to my system, then it is okay for me. In this case I saw the dd command and then the option and knew that I need to put “/dev/sdb” to it because the disk is sdb. But I didn´t know the difference between “urandom” and “zero” although I could imagine that they are not harmful, just from my technical understanding.

I already tried to create a new partitiontable with Gparted but it didn´t have any effect. The Xubuntu system recognises the disk and is working on the urandom part :smiley: I leave it running and see what comes out.

But anyway, thanks, Henk, for the explaination. And I will check commands I read, more accurate in the future.

You are welcome, but I hope I made clear that overwriting the first block destroys your partition table. In fact the MBR/Primary Partition table is only 512 bytes. All the rest of the diisk is random data anyhow, thus no need to overwrite it wih new random data (execpt when you want to destroy things you want to keep secret forever).