| reply to Brano
Re: Why don't they make USB keys with write protect anymore? said by Brano:Disagree. Imagine following scenario: I go to a customer site to drop off some documents. I insert the key into their PC, copy docs over and remove the key. During this process I want to be sure nothing got on my USB key. With "soft" switch you can't guarantee this. Same goes for security cleaning. Yep.
FWIW, I tore the case off one of the drives I bought to see if it would work- the case is fat and doesn't fit if there is another device in an adjacent USB port. It works just fine and the write-protect switch is a bit easier to get to. |
|
Reviews:
 ·AT&T U-Verse
| reply to Brano
Imagine the following scenario: Joe Average accidentally touches the switch. Joe Average also doesn't need the switch.
How much can be saved by:
1. not including the switch in the hardware on 1 million units
2. avoiding countless hours of customer support calls, RMA's, etc etc... |
|
 jmn1207Premium
join:2000-07-19
Ashburn, VA | Perhaps a solution would be be to provide a notch on the device and allow the user to cover it with a piece of tape at their discretion, reminiscent of the 5 1/4" floppies of yesteryear?  |
|
Reviews:
·AT&T U-Verse
| said by jmn1207:Perhaps a solution would be be to provide a notch on the device and allow the user to cover it with a piece of tape at their discretion, reminiscent of the 5 1/4" floppies of yesteryear? That write protection was in the drive, not in the disk... |
|
 DrunkulaPremium
join:2000-06-12
Denton, TX | reply to Brano
I have an Imation 8GB model that has a physical write-protect switch. |
|
|
|
BPremium,MVM
join:2000-10-28 | reply to microserf v1
said by microserf v1 :*sigh* Firmware is software. A hardware toggle (switch) is used. It's an optional feature found on the vast majority of SD, not miniSD, readers. The status of the toggle must be honoured by firmware due to the command-based, as opposed to hardwired, writes. See the specification pinouts for the obvious. "Write protection" is separate from CPRM. Let's avoid card specific data registers - we wouldn't want to confuse the issue  . Uhh, what the heck does that have to do with anything? Sigh right back atcha. You're not seriously saying $5 SD card readers have firmware running on them, are you? 'Cause they don't. I followed your advice and looked up some pinouts to confirm this.
When I said "firmware" we were talking about Brano's camera. What comment, exactly, are you taking issue with again, anonymous one?
-- B
--
In a realm outside causality and function |
|
| Good thread. I have a 512MB PNY flash drive with a write-protect switch, but I haven't seen any lately in recent sizes, except for those Ritek/RiData drives that were pointed out in this thread. Newegg carries the 8GB and 16GB models, better grab them while you still can. (The reviews on the RiData flash drives are less than stellar, however.  ) |
|
| reply to B
said by B:You could also use an SD card with a pocket reader/key. You offered this up as an equivalent alternative to a USB flash drive with a write-protect switch.
said by B: Most of them still have write-protect switches. As was explained to you multiple times, the "write-protect" functionality you're referring to is implemented outside of the SD card itself. For the OPs purpose, this is worse than useless: it provides a false sense of security.
He told you so:
said by Brano:That's just a fake switch on SD cards. It's a SW switch but you can still write on write protected card with proper software. Instead of leaving well enough alone, you continued to defend your initial suggestion while ignoring requirements:
»Re: Why don't they make USB keys with write protect anymore?
Politely, the OP provided an example to help you understand what had been explained:
said by Brano:My Canon PowerShot camera with 3rd party firmware can easily write on write protected card. In fact, it uses the switch to determine what firmware to boot to. If un-protected standard firmware is booted, if protected custom firmware is booted (and yes, it still can write pictures to the card). Not willing to concede, you kept it up:
said by B:Great, but that's really a hardware (or at least firmware) function if you think about it. The retreat begins.
said by B:Canon may have decided that it didn't make sense to support "write-protect" for a dedicated image capture device, so they used the switch for something else. (Uh, either that, or your custom firmware reprogrammed that firmware operation.) Option 2.
said by B:I haven't found software that bypasses the write-protect feature in PCs. We were talking about your "pocket reader" but I'll humour you for a moment.
You gave no details: motherboard interface type? USB is the most common, especially for simple storage. PCI SD Host Controllers are generally used for newer function (WiFi, Bluetooth, etc.) SD interface cards. Both are more common with firmware than without. In Windows (only), you get a kernel mode driver stub/lib to plug your lobotomized SD Host Controller driver code into.
said by B:As the readers themselves are primitive (no firmware per se), my guess is you'd have to futz with the OS's driver for it. Firmware is normally used with USB devices. SD IP cores are more common on PCI devices - you'd think you'd be vindicated at least here but no, I2C eeprom/flash microcode updates give us an in.
said by B:Uhh, what the heck does that have to do with anything? Everything.
said by microserf v1 :
Firmware is software. A simple statement that you were starting to wiggle around.
said by microserf v1 :
A hardware toggle (switch) is used. It's an optional feature found on the vast majority of SD, not miniSD, readers. The status of the toggle must be honoured by firmware due to the command-based, as opposed to hardwired, writes. The position of the slider ("switch" on the card that actuates the slot pressure switch) is unknown to the card itself. When a write command is received over the SD or SPI bus, the card waits for the block+CRC and writes it. It has no way of knowing if it's supposed to do otherwise - it does what it's told.
said by microserf v1 :
See the specification pinouts for the obvious. I guess it's not obvious.
said by microserf v1 :
"Write protection" is separate from CPRM. Let's avoid card specific data registers... CPRM is the type of DRM available on SD cards. One possible use is to prevent deletion (alteration) of content - the point of this thread, though not in the proper form factor and not nearly as easy as flipping a switch.
said by B:Sigh right back atcha. Your replies aren't complete without them. Why do you think I added mine? ;)
said by B:You're not seriously saying $5 SD card readers have firmware running on them, are you? That wasn't my intent but let's see where this goes: Yes (though I haven't seen them available for $5). Are you envisioning something complex?
Without it, you end up with a physical SD/SPI interface on one end and a proprietary chipset/bus interface on the other. The external interface now has to present some kind of driver controlled GPIO or a complete removable mass storage front end. You don't do that for "$5 readers." Try not to forget your initial suggestion, the subject: a pocket SD Card reader (external device in need of a host with an I/O plug).
I've seen internal and external USB implementations as well as standalone, device-specific microcontroller configurations. Even two PCI SD Host controllers. What did I miss?
said by B:'Cause they don't. Yes, they do. Those that provide voltage level interfacing only (good cost savings) will piggyback bus command handling right on the USB (E)EPROM along with the Mass Storage HID setup.
said by B:I followed your advice and looked up some pinouts to confirm this. Interesting that you can confirm the absence of firmware by looking at a pinout (hints are all I've ever been able to glean). The pinouts show no direct read/write access.
SD SPI
----------- -----------
Clock Clock
Command Chip Select
4 x Data MOSI
3 x Power MISO
It's command based (multi-wire bus protocol), something a wee bit difficult to selectively alter with a simple, external SPST. Did SPI mode confuse you into thinking their was a direct write line?
said by B:When I said "firmware" we were talking about Brano's camera. When I said firmware I was talking about firmware. You know, software so named for it's relatively (or absolutely - OTP) unchanging nature and direct relationship to specific hardware.
said by B:What comment, exactly, are you taking issue with again,... Quite a few. See above. |
|
BPremium,MVM
join:2000-10-28 | That's all fascinating, microserf. I'm curious -- of the estimated 1.1 million malware variants (as of 4/08), how many do you guess include the direct access I/O and/or firmware rewriting code that you believe invalidates the approach of using a write-protected SD-RAM card as a security measure?
'Cause I'm guessing zero over here. I also assume you're aware of the rather flaky history of false security measures as applied directly in the USB sticks you seem to prefer and trust? (I can't speak to the Ridata or to the Imation or Trekstor models I mentioned above, but I assume they're better than previous attempts.)
-- B
--
In a realm outside causality and function |
|
davePremium,MVM
join:2000-05-04
not in ohio
kudos:7 Reviews:
·Verizon FiOS
 ·Verizon Online DSL
| said by B:That's all fascinating, microserf. I'm curious -- of the estimated 1.1 million malware variants (as of 4/08), how many do you guess include the direct access I/O and/or firmware rewriting code that you believe invalidates the approach of using a write-protected SD-RAM card as a security measure? The original posting talked about plugging a USB drive into an 'untrusted computer'.
It was left unspecified as to who the adversary might be. If it was some clueless guy who plugged an infected device into the same USB slot a few minutes earlier, that's one threat level. If it's the computer owner, that's an entirely different threat level.
Later on, the OP talked about wanting a 'guarantee' of non-writing, which I think we can all agree does not include having the USB drive merely request that a co-operating computer refrain from writing to it.
Thus, the question of 'how much malware can bypass a soft switch' is not relevant, because that's not what the OP is asking about. |
|
| reply to B
said by B:That's all fascinating, microserf. Translation: Damn, I'm wrong. Let's see if I can derail this in another way to save face.
said by B:...the direct access I/O and/or firmware rewriting code that you believe invalidates the approach of using a write-protected SD-RAM card as a security measure? You're assuming a lot and discounting even more. |
|
BPremium,MVM
join:2000-10-28 | reply to dave
said by dave:The original posting talked about plugging a USB drive into an 'untrusted computer'. It was left unspecified as to who the adversary might be. If it was some clueless guy who plugged an infected device into the same USB slot a few minutes earlier, that's one threat level. If it's the computer owner, that's an entirely different threat level. Later on, the OP talked about wanting a 'guarantee' of non-writing, which I think we can all agree does not include having the USB drive merely request that a co-operating computer refrain from writing to it. Thus, the question of 'how much malware can bypass a soft switch' is not relevant, because that's not what the OP is asking about. That's not how I read the OP at all, and malware seemed very much an issue. He or she seemed to want a general protection against overwriting due to fat fingers and casual encounters with malware or other installed software ("I wish they made them these days. It's ideal for archiving as precaution to not delete your data accidentally needles to say making it read only when using it on untrusted computer for let's say presentations, security cleaning, browsing of the stick..."), not armored protection against some custom-crafted and targeted attack in a known hostile environment. Far from that, Brano's specific example was "I go to a customer site to drop off some documents. I insert the key into their PC, copy docs over and remove the key." A rather generic and common scenario. Everyone can choose the level of security they like of course. I mean, are you going to be able to audit the particular implementation of a "real" write-protect switch in hardware? There are reports of these failing, albeit failing closed (stuck write-protected) rather than open.
I still can't see that using an SD card's switch (at least they have them) poses significantly greater risk in most all circumstances. I have not represented that it's exactly the same, but to dismiss the possibility of using an SD card (particularly in light of the OP's observation that switches on USB keys are hard to find) seems short sighted, impractical, preachy, and ultimately stupid.
On the other hand, in situations where it's a known hostile environment, wouldn't you choose to either not go to the environment at all, or use write-once optical media, or download your software via a network, or bring a laptop, rather than rely on anything to do with USB?
-- B
--
In a realm outside causality and function |
|
 sivranBack to Opera againPremium
join:2003-09-15
Arlington, TX
kudos:1 | I have a $5 pocket USB SD/MMC/CF/MS reader.
I can't write to my SD card when the switch is on. |
|
| reply to B
said by B:...in situations where it's a known hostile environment, wouldn't you choose to either not go to the environment at all,... Where's your sense of geeky adventure?
said by B:...or use write-once optical media, or download your software via a network, or bring a laptop, rather than rely on anything to do with USB? KISS. Your realistic options: availability of an optical drive or Universal Serial Bus. The laptop only comes out for connectivity issues or remote debugging, right?
B  on USB write-protect switches:
said by B:I mean, are you going to be able to audit the particular implementation of a "real" write-protect switch in hardware? Yes, easily. You can too.
B on USB hardware quality:
said by B:I also assume you're aware of the rather flaky history of false security measures as applied directly in the USB sticks you seem to prefer and trust? said by B:There are reports of these failing, albeit failing closed (stuck write-protected) rather than open. B on USB write-protect switch availability:
said by B:(particularly in light of the OP's observation that switches on USB keys are hard to find) said by B:(I can't speak to the [1]Ridata or to the [2]Imation or [3]Trekstor models I mentioned above... Me hitting a nerve:
said by B:...to dismiss the possibility of using an SD card ... seems short sighted, impractical, preachy, and ultimately stupid. No one has dismissed SD cards or their general utility.
»Re: An Information Security Concepts Primer
said by B:...how can you surmise that Risk=0 simply because there are no threats at this time? Don't we have to guesstimate the likelihood of a practical threat in the near term future? Alternatively, should the formula be discarded precisely because, while we can be quite sure about the particulars of the Vulnerability, we have no real way of determining whether the Threat exists? Shouldn't we assume that it does? Merry Christmas |
|
