0

Modern hard disk firmware is programmed to replace bad sectors with good sectors from the HD's spare sector pool. These are some questions about where physically on an HD this pool might be located.

  • Does the pool location vary by HD vendor or model?
  • Is the pool all in one place, or is it spaced out in tracks?
  • If it's all in one place, is it at any specific spot on the disk, near the center ring, the edges, the middle, or limited to any specific platters?
Community
  • 1
agc
  • 627
  • 5
  • 16
  • It probably varies per vendor and per disk. Also, what kind of problem are you trying to solve? The only time I ever needed that kind of information was when I was reformatting (low level, mostly to go from 520b to 512b PC format) 4GiB fast wide SCSI drives. (Yes, GB, not TB. It was a while ago). The particular batch I was reformatting had a spare sector on each track. – Hennes Feb 26 '17 at 23:14
  • 1
    As vendors do not normally document such details we can only guess. But from a performance standpoint it would be best to place them as close as possible to those being replaced, preferably on the same track. This would minimize head seek time, the #1 performance factor in a conventional drive. Putting all the spare sectors in one place, wherever that might be, would be the worst. Accessing a spare sector would mean a long seek to the spare, a wait until the platter rotated to the required sector, plus a long seek back. Spare sectors are not accessible to normal software. – LMiller7 Feb 27 '17 at 00:48
  • @Hennes, the question being general, there's no one problem to solve. Applications are various however. Ability of a drive to absorb defects, (supposing the media & mechanical reliability are constants), amount of space in which sophisticated *spy/mal*ware might hide in, remapped sector fragmentation speed impacts, planning optimal partitioning, etc. – agc Feb 27 '17 at 04:41
  • Spyware would have to reprogram the specific disks firmware to do that. Simply using the generic host protected area on SATA drives could accomplish much the same without needing to known about specific implementations. Ofc that does leave the challenge on how the spyware gets started when it is not normally accessible. – Hennes Feb 27 '17 at 16:42
  • @Hennes, Re *"how the spyware gets started"*: I'd imagine some sort of boot sector malware would perpetrate the deed, (i.e. tweak the HD firmware with which to hide things), then remove the boot sector portion after it was done. Or a consumer might inadvertently buy such a drive from a compromised vendor. – agc Feb 27 '17 at 17:43
  • Buying sunch a thing from a vendor would be perfectly safe though. It has data on the disk in a place which the computer cannot access until the malware is started and does something special. That is a catch-22. – Hennes Feb 27 '17 at 17:47
  • @Hennes, 1. the HD's firmware is part of the infection -- that is the firmware boots, reads the hidden malware, and then boots the OS. 2. failing that, suppose the attacker knows a few available OS level backdoors with which to enable the dormant storage/malware. 3. an OS backdoor might use it by default. Anyway, the implementation of such things is departing from the question if we agree such things can be difficult without being impossible in theory. – agc Feb 27 '17 at 18:06

0 Answers0