U.S. flag

An official website of the United States government, Department of Justice.

NCJRS Virtual Library

The Virtual Library houses over 235,000 criminal justice resources, including all known OJP works.
Click here to search the NCJRS Virtual Library

Test Results for Software Write Block Tools: PDBLOCK Version 2.00

NCJ Number
209832
Date Published
June 2005
Length
88 pages
Annotation
This report presents the results from testing PDBLOCK Version 2.00, copyrighted by Digital Intelligence, Inc., in 1999, against Software Write Block Tool Specification & Test Plan Version 3.0.
Abstract
This specification sets the following top-level tool requirements: it shall not allow a protected drive to be changed; it shall not prevent obtaining any information from or about any drive; and it shall not prevent any operations to a drive that is not protected. All 40 test cases listed in the specification were applied to PDBLOCK Version 2.00. For all test cases run, the tool always blocked all write commands sent to a protected drive; however, the tool did not block some commands from the configuration and miscellaneous categories that were either undefined (invalid) or outmoded and not routinely used by current software. These commands in current BIOS implementations do not write to a hard drive, but in the future they could be defined such that they would change the content or accessibility of a protected drive. In the test specification these commands are therefore included in categories that should be blocked. Five commands in the configuration category were not blocked: Initialize Drive parameters (0x09), PS/2 ESDI Diagnostic (0x0E), PC/XT Controller Ram Diagnostic (0x12), the controller drive diagnostic command (0x13), and Controller Internal Diagnostic (0x14). The tool only blocked three commands in the miscellaneous category (command codes 0x1A, 0x22, and 0xED). For all test cases run, the tool always allowed commands to obtain information from any protected drives; and the tool always allowed any command to access any unprotected drives for all test cases run. Extensive tabular data