On Monday, 17 June 2013 at 12:08 AM, gnulinuxist@gmail.com wrote:
Friends,
With so much espionage happening in computers, I was wondering whether a read only mounted partition is read only by software only or is there an electrical lock on the hdd, which does not seem possible for multi-partition disks as another partition may be writeable.
Partitions are logical. That is why they can be altered and moved around. Most HDDs don't know about the partitions on them, just like an SD Card with a image of you on it won't know it is really you - so no electrical locks. The locks are only logical.
Can a malicious software gain control of the electrical side of the hdd and modify or delete data, even on a read only mounted partition? For the military then, would it be better to use an entire disk as a single partition and lock it down electrically?
Yes. You can have software to gain control of the HDD, modify and delete data - but it isn't possible on modern Operating Systems like GNU/Linux (unless there are hidden/unknown backdoors). Again, such requests have to be routed THROUGH the Operating System. Since the source is open, I'd give such a case a very low probability for GNU/Linux. Other OSs? There is no concrete way to find out.
For the military or most agencies where security is paramount - strategies and decisions are based on exactly what is at risk and the functionality required. The best strategy is to keep a good two-inch air gap between the NIC and the network cable.
Cheers,
Amol Hatwar Exceed Consulting