Report messages related to special areas handling
- Sami Purho
- Niko Puruskainen
Created Date | Updated date | Affects version | Fix version |
|---|---|---|---|
Feb 15, 2019 | Jan 20, 2025 | N/A | N/A |
Drives can be configured to contain special areas (hidden areas such as HPA or DCO, partition areas, protected memory blocks, etc.). Blancco Drive Eraser can detect and handle those areas, although this process may sometimes produce some exception messages in the report
Glossary
HPA: The Host Protected Area (HPA) is commonly used to store the recovery part of the operating system and can contain sensitive data.
DCO: The Device Configuration Overlay (DCO) feature allows to reduce the size of a drive to a certain amount of sectors via the creation of a hidden partition. This special area poses a risk that some data might be left on the drive after the erasure, if the area is left untouched.
Replay Protected Memory Block: The Replay Protected Memory Block (RPMB) area on an NVMe drive is designed to store sensitive and security-related data, it is a key component for ensuring the overall security and integrity of the storage device. This area can only be read and written via successfully authenticated read and write accesses.
# | Exception | Explanation |
1 | HPA/DCO area removed | This message informs that the hidden area(s) was (were) detected and removed. By “removed”, one must understand that the area was retired/suppressed, therefore it is not on the drive anymore. |
2 | HPA/DCO area content was erased | This message informs that the hidden area(s) content was erased. By “erased”, one must understand that the area content was overwritten/wiped and does not contain data anymore. |
3a | Firmware command failed or cannot be executed | These messages describe the cause of a problem:
This may be due to the following:
|
3b | HPA/DCO area is unreachable | |
4 | HPA/DCO area could not be removed | This message describes a direct consequence of the problem #3: the software cannot remove the hidden area(s) of the drive (because it is unreachable). By “could not be removed”, one must understand that the area cannot be retired or suppressed, therefore it may still exist on the drive. |
5 | HPA area content could not be erased | This message describes another potential problem: the software cannot erase the contents of the hidden area(s) of the drive. This happens if the drive does not implement any command that can erase it as a whole, or if such command has not been used during the erasure. By “could not be erased”, one must understand that the area content was not overwritten or wiped, therefore it may still contain data. |
6 | Drive has "Replay Protected Memory Block" area that can contain data. | The RPMB partition is a small portion of memory dedicated to storing system security-related information, such as certificates, device IDs, login attempt counters, etc. This area cannot be removed. This area is not designed to store user data. |
Some combinations:
In a normal case scenario, the messages 1 + 2 will be shown.
Nevertheless, reports may show the messages 3a/3b + 4 + 5 on some drives, this combination occurs if no command that can erase the drive as a whole has been used during the erasure process (the hidden area was not removed and its content was not erased i.e. the area may still contain data).
Other reports may show the messages 3a/3b + 4 + 2 instead, this combination occurs if the drive implements a command that can erase it as a whole and if such command has been executed during the erasure process (the hidden area was not removed but its content was erased i.e. the area does not contain any data).