In his presentation to the U.N. Security Council about Iraq's covert weapons program, secretary of State Colin Powell said, 'Our sources tell us that, in some cases, the hard drives of computers at Iraqi weapons facilities were replaced. Who took the hard drives? Where did they go? What's being hidden? Why? There's only one answer to the why: to deceive, to hide, to keep from the inspectors.'

If Iraqi officials did change out the hard drives of PCs used to help manufacture illicit weapons, some evidence may remain. The PCs themselves would have recorded the hard drive replacement in the boot logs of their BIOS chips, which retain their memory when the system power is turned off. Boot logs can be erased and reset however, by an experienced PC operator.

Windows NT and later systems can record alerts that the PC's case has been opened.

inside gcn

  • When cybersecurity capabilities are paid for, but untapped

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above