dslreports logo
 
    All Forums Hot Topics Gallery
spc
Search similar:


uniqs
11944

Brano
I hate Vogons
MVM
join:2002-06-25
Burlington, ON
(Software) OPNsense
Ubiquiti UniFi UAP-AC-PRO
Ubiquiti NanoBeam M5 16

Brano

MVM

Why don't they make USB keys with write protect anymore?

I remember times when every single USB key had small hardware switch to disable write on it.
Still have one such 128MB key at home.

I wish they made them these days.
It's ideal for archiving as precaution to not delete your data accidentally needles to say making it read only when using it on untrusted computer for let's say presentations, security cleaning, browsing of the stick...


jmn1207
Premium Member
join:2000-07-19
Sterling, VA

jmn1207

Premium Member

Depending on your operating system, you might be able to write protect your USB drive through the registry or with some freeware utility.

This one works for Windows.

»www.softpedia.com/get/PO ··· or.shtml

angussf
Premium Member
join:2002-01-11
Tucson, AZ

1 recommendation

angussf to Brano

Premium Member

to Brano
They do, I bought a PQi USB drive with WP last year. Google for "PQI U339" or 'pqi usb flash "write protect"'

Brano
I hate Vogons
MVM
join:2002-06-25
Burlington, ON

Brano to jmn1207

MVM

to jmn1207
You're missing my point. The above software solution will work on one machine only running windows.

HW switch works on all machines regardless of OS.

jimkyle
Btrieve Guy
Premium Member
join:2002-10-20
Oklahoma City, OK

1 recommendation

jimkyle

Premium Member

They're still available. I've bought 20 of them in the past several months. Google for "RIData" (they make several kinds of flash drives) then search the results for "hidden write protect switch" and you've got what you are looking for. I bought 1-GB units but they are also available in larger sizes...
lorennerol
Premium Member
join:2003-10-29
Seattle, WA

1 recommendation

lorennerol

Premium Member

said by jimkyle:

They're still available. I've bought 20 of them in the past several months. Google for "RIData" (they make several kinds of flash drives) then search the results for "hidden write protect switch" and you've got what you are looking for. I bought 1-GB units but they are also available in larger sizes...
Yep. I bought two 8GB RiData thumb drives with a write protect switch from Newegg last month. Very handy, though RiData is definitely not Apple when it comes to design.

dave
Premium Member
join:2000-05-04
not in ohio

1 recommendation

dave to Brano

Premium Member

to Brano
Because it cost them 5 cents more per unit to make.

Brano
I hate Vogons
MVM
join:2002-06-25
Burlington, ON

Brano

MVM

Thank you all.
I did not see them in stores but it's good to know I can get one on-line ...will surly get one.

Thanks.
Brano

Brano to dave

MVM

to dave
said by dave:

Because it cost them 5 cents more per unit to make.
Yes!

jmn1207
Premium Member
join:2000-07-19
Sterling, VA

jmn1207 to Brano

Premium Member

to Brano
said by Brano:

You're missing my point. The above software solution will work on one machine only running windows.

HW switch works on all machines regardless of OS.
From what I read, not having used the product myself, it appears that you are making the USB drive read only. The software is making the USB drive a read only device until you change the settings on the computer running this software.
B04
Premium Member
join:2000-10-28

B04 to Brano

Premium Member

to Brano
You could also use an SD card with a pocket reader/key. Most of them still have write-protect switches.

-- B

Brano
I hate Vogons
MVM
join:2002-06-25
Burlington, ON
(Software) OPNsense
Ubiquiti UniFi UAP-AC-PRO
Ubiquiti NanoBeam M5 16

Brano

MVM

said by B04:

You could also use an SD card with a pocket reader/key. Most of them still have write-protect switches.
That's just a fake switch on SD cards. It's a SW switch but you can still write on write protected card with proper software.
B04
Premium Member
join:2000-10-28

3 edits

B04

Premium Member

 
 
 
Yeah, I thought so too! But according to some reports --

»www.tomshardware.com/for ··· rotected

there actually is a corresponding write-protect hardware switch on the SD card readers that honors the position of the write-protect tab/hole.

That switch existing in a $5 portable SD reader is perhaps unlikely.

Edit: Hmm, it's a pretty simple switch -- here's a good description at »www.getflashmemory.info/ ··· otected/

Their pictures mirrored above in the interest of the greater good.

-- B

Brano
I hate Vogons
MVM
join:2002-06-25
Burlington, ON
(Software) OPNsense
Ubiquiti UniFi UAP-AC-PRO
Ubiquiti NanoBeam M5 16

1 edit

Brano

MVM

Hmm

My Canon PowerShot camera with 3rd party firmware can easily write on write protected card. In fact, it uses the switch to determine what firmware to boot to. If un-protected standard firmware is booted, if protected custom firmware is booted (and yes, it still can write pictures to the card).
V7
join:2006-04-14
Dinuba, CA

1 edit

V7 to Brano

Member

to Brano
I had the same thought about a year ago. I do computer consulting and keep all my software tools on a flash drive. I work on alot of computers that are spyware and virus infested and I managed to infect my own flash drive a couple of times. I searched everywhere for a flash drive that had a write protect option and found the pickings very slim. As "jimkyle" posted above, RIDATA is about the only manufacturer that still makes flash drives with a write protect option. I bought a 4GB unit from Newegg about a year ago, but after a quick search I see they only stock the 1GB & 2GB models. I found the 4GB model available here:

»www.x-tremegeek.com/temp ··· ID=14640

This is the same 4GB I have and it works fine. It is SLOWER than my workhorse Sandisk Cruzer Micro, but acceptable, especially considering I don't have to worry about infecting it every time I plug it into a client's computer.

Chuck
B04
Premium Member
join:2000-10-28

2 edits

B04 to Brano

Premium Member

to Brano
Great, but that's really a hardware (or at least firmware) function if you think about it. Canon may have decided that it didn't make sense to support "write-protect" for a dedicated image capture device, so they used the switch for something else. (Uh, either that, or your custom firmware reprogrammed that firmware operation.)

I haven't found software that bypasses the write-protect feature in PCs. As the readers themselves are primitive (no firmware per se), my guess is you'd have to futz with the OS's driver for it.

Some other choices besides Ridata:

»club.cdfreaks.com/f122/u ··· -218895/
Re: USB flash with write protect
Vendors are reintroducing the external write protect switch.

The Imitation Clip Flash Drive 1GB, 2GB, 4GB, 8GB (Clips securely to your bag, briefcase, backpack, or belt loop) has an external write protect switch.

The Trekstor 50324 8GB USB-Stick CS Flash Drive has a external write protect switch.

The thread is old but hopeful someone can benefit from this information.

-- B

Brano
I hate Vogons
MVM
join:2002-06-25
Burlington, ON

1 recommendation

Brano

MVM

OK, agreed, but it's still a fake switch and with modified HW/SW an attacker can write to your write protected card.

microserf v1
@cgocable.net

microserf v1 to B04

Anon

to B04
*sigh*

Firmware is software.

A hardware toggle (switch) is used. It's an optional feature found on the vast majority of SD, not miniSD, readers. The status of the toggle must be honoured by firmware due to the command-based, as opposed to hardwired, writes. See the specification pinouts for the obvious.

"Write protection" is separate from CPRM. Let's avoid card specific data registers - we wouldn't want to confuse the issue .
bigddybn
join:2000-10-18
Stuart, FL

bigddybn to Brano

Member

to Brano
said by Brano:

OK, agreed, but it's still a fake switch and with modified HW/SW an attacker can write to your write protected card.
If an "attacker" has physical access to your memory card then you have much larger problems to begin with. The purpose of the switch is to prevent accidental data loss and for that purpose it doesn't really matter how the switch works.

Brano
I hate Vogons
MVM
join:2002-06-25
Burlington, ON
(Software) OPNsense
Ubiquiti UniFi UAP-AC-PRO
Ubiquiti NanoBeam M5 16

1 edit

Brano

MVM

Disagree.
Imagine following scenario: I go to a customer site to drop off some documents. I insert the key into their PC, copy docs over and remove the key.
During this process I want to be sure nothing got on my USB key. With "soft" switch you can't guarantee this.

Same goes for security cleaning.
lorennerol
Premium Member
join:2003-10-29
Seattle, WA

lorennerol

Premium Member

said by Brano:

Disagree.
Imagine following scenario: I go to a customer site to drop off some documents. I insert the key into their PC, copy docs over and remove the key.
During this process I want to be sure nothing got on my USB key. With "soft" switch you can't guarantee this.

Same goes for security cleaning.
Yep.

FWIW, I tore the case off one of the drives I bought to see if it would work- the case is fat and doesn't fit if there is another device in an adjacent USB port. It works just fine and the write-protect switch is a bit easier to get to.

cowboyro
Premium Member
join:2000-10-11
CT

cowboyro to Brano

Premium Member

to Brano
Imagine the following scenario: Joe Average accidentally touches the switch. Joe Average also doesn't need the switch.
How much can be saved by:
1. not including the switch in the hardware on 1 million units
2. avoiding countless hours of customer support calls, RMA's, etc etc...

jmn1207
Premium Member
join:2000-07-19
Sterling, VA

jmn1207

Premium Member

Perhaps a solution would be be to provide a notch on the device and allow the user to cover it with a piece of tape at their discretion, reminiscent of the 5 1/4" floppies of yesteryear?

cowboyro
Premium Member
join:2000-10-11
CT

cowboyro

Premium Member

said by jmn1207:

Perhaps a solution would be be to provide a notch on the device and allow the user to cover it with a piece of tape at their discretion, reminiscent of the 5 1/4" floppies of yesteryear?
That write protection was in the drive, not in the disk...

Drunkula
Premium Member
join:2000-06-12
Denton, TX

1 recommendation

Drunkula to Brano

Premium Member

to Brano
I have an Imation 8GB model that has a physical write-protect switch.
B04
Premium Member
join:2000-10-28

B04 to microserf v1

Premium Member

to microserf v1
said by microserf v1 :

*sigh*

Firmware is software.

A hardware toggle (switch) is used. It's an optional feature found on the vast majority of SD, not miniSD, readers. The status of the toggle must be honoured by firmware due to the command-based, as opposed to hardwired, writes. See the specification pinouts for the obvious.

"Write protection" is separate from CPRM. Let's avoid card specific data registers - we wouldn't want to confuse the issue .
Uhh, what the heck does that have to do with anything? Sigh right back atcha. You're not seriously saying $5 SD card readers have firmware running on them, are you? 'Cause they don't. I followed your advice and looked up some pinouts to confirm this.

When I said "firmware" we were talking about Brano's camera. What comment, exactly, are you taking issue with again, anonymous one?

-- B
VirtualLarry
Premium Member
join:2003-08-01

VirtualLarry

Premium Member

Good thread. I have a 512MB PNY flash drive with a write-protect switch, but I haven't seen any lately in recent sizes, except for those Ritek/RiData drives that were pointed out in this thread. Newegg carries the 8GB and 16GB models, better grab them while you still can. (The reviews on the RiData flash drives are less than stellar, however. )

microserf v1
@cgocable.net

microserf v1 to B04

Anon

to B04
said by B04:

You could also use an SD card with a pocket reader/key.
You offered this up as an equivalent alternative to a USB flash drive with a write-protect switch.
said by B04:

Most of them still have write-protect switches.
As was explained to you multiple times, the "write-protect" functionality you're referring to is implemented outside of the SD card itself. For the OPs purpose, this is worse than useless: it provides a false sense of security.

He told you so:
said by Brano:

That's just a fake switch on SD cards. It's a SW switch but you can still write on write protected card with proper software.
Instead of leaving well enough alone, you continued to defend your initial suggestion while ignoring requirements:
»Re: Why don't they make USB keys with write protect anymore?

Politely, the OP provided an example to help you understand what had been explained:
said by Brano:

My Canon PowerShot camera with 3rd party firmware can easily write on write protected card. In fact, it uses the switch to determine what firmware to boot to. If un-protected standard firmware is booted, if protected custom firmware is booted (and yes, it still can write pictures to the card).
Not willing to concede, you kept it up:
said by B04:

Great, but that's really a hardware (or at least firmware) function if you think about it.
The retreat begins.
said by B04:

Canon may have decided that it didn't make sense to support "write-protect" for a dedicated image capture device, so they used the switch for something else. (Uh, either that, or your custom firmware reprogrammed that firmware operation.)
Option 2.
said by B04:

I haven't found software that bypasses the write-protect feature in PCs.
We were talking about your "pocket reader" but I'll humour you for a moment.

You gave no details: motherboard interface type? USB is the most common, especially for simple storage. PCI SD Host Controllers are generally used for newer function (WiFi, Bluetooth, etc.) SD interface cards. Both are more common with firmware than without. In Windows (only), you get a kernel mode driver stub/lib to plug your lobotomized SD Host Controller driver code into.
said by B04:

As the readers themselves are primitive (no firmware per se), my guess is you'd have to futz with the OS's driver for it.
Firmware is normally used with USB devices. SD IP cores are more common on PCI devices - you'd think you'd be vindicated at least here but no, I2C eeprom/flash microcode updates give us an in.
said by B04:

Uhh, what the heck does that have to do with anything?
Everything.
said by microserf v1 :

Firmware is software.
A simple statement that you were starting to wiggle around.
said by microserf v1 :

A hardware toggle (switch) is used. It's an optional feature found on the vast majority of SD, not miniSD, readers. The status of the toggle must be honoured by firmware due to the command-based, as opposed to hardwired, writes.
The position of the slider ("switch" on the card that actuates the slot pressure switch) is unknown to the card itself. When a write command is received over the SD or SPI bus, the card waits for the block+CRC and writes it. It has no way of knowing if it's supposed to do otherwise - it does what it's told.
said by microserf v1 :

See the specification pinouts for the obvious.
I guess it's not obvious.
said by microserf v1 :

"Write protection" is separate from CPRM. Let's avoid card specific data registers...
CPRM is the type of DRM available on SD cards. One possible use is to prevent deletion (alteration) of content - the point of this thread, though not in the proper form factor and not nearly as easy as flipping a switch.
said by B04:

Sigh right back atcha.
Your replies aren't complete without them. Why do you think I added mine? ;)
said by B04:

You're not seriously saying $5 SD card readers have firmware running on them, are you?
That wasn't my intent but let's see where this goes: Yes (though I haven't seen them available for $5). Are you envisioning something complex?

Without it, you end up with a physical SD/SPI interface on one end and a proprietary chipset/bus interface on the other. The external interface now has to present some kind of driver controlled GPIO or a complete removable mass storage front end. You don't do that for "$5 readers." Try not to forget your initial suggestion, the subject: a pocket SD Card reader (external device in need of a host with an I/O plug).

I've seen internal and external USB implementations as well as standalone, device-specific microcontroller configurations. Even two PCI SD Host controllers. What did I miss?
said by B04:

'Cause they don't.
Yes, they do. Those that provide voltage level interfacing only (good cost savings) will piggyback bus command handling right on the USB (E)EPROM along with the Mass Storage HID setup.
said by B04:

I followed your advice and looked up some pinouts to confirm this.
Interesting that you can confirm the absence of firmware by looking at a pinout (hints are all I've ever been able to glean). The pinouts show no direct read/write access.

SD SPI
----------- -----------
Clock Clock
Command Chip Select
4 x Data MOSI
3 x Power MISO

It's command based (multi-wire bus protocol), something a wee bit difficult to selectively alter with a simple, external SPST. Did SPI mode confuse you into thinking their was a direct write line?
said by B04:

When I said "firmware" we were talking about Brano's camera.
When I said firmware I was talking about firmware. You know, software so named for it's relatively (or absolutely - OTP) unchanging nature and direct relationship to specific hardware.
said by B04:

What comment, exactly, are you taking issue with again,...
Quite a few. See above.
B04
Premium Member
join:2000-10-28

B04

Premium Member

That's all fascinating, microserf. I'm curious -- of the estimated 1.1 million malware variants (as of 4/08), how many do you guess include the direct access I/O and/or firmware rewriting code that you believe invalidates the approach of using a write-protected SD-RAM card as a security measure?

'Cause I'm guessing zero over here. I also assume you're aware of the rather flaky history of false security measures as applied directly in the USB sticks you seem to prefer and trust? (I can't speak to the Ridata or to the Imation or Trekstor models I mentioned above, but I assume they're better than previous attempts.)

-- B
dave
Premium Member
join:2000-05-04
not in ohio

dave

Premium Member

said by B04:

That's all fascinating, microserf. I'm curious -- of the estimated 1.1 million malware variants (as of 4/08), how many do you guess include the direct access I/O and/or firmware rewriting code that you believe invalidates the approach of using a write-protected SD-RAM card as a security measure?
The original posting talked about plugging a USB drive into an 'untrusted computer'.

It was left unspecified as to who the adversary might be. If it was some clueless guy who plugged an infected device into the same USB slot a few minutes earlier, that's one threat level. If it's the computer owner, that's an entirely different threat level.

Later on, the OP talked about wanting a 'guarantee' of non-writing, which I think we can all agree does not include having the USB drive merely request that a co-operating computer refrain from writing to it.

Thus, the question of 'how much malware can bypass a soft switch' is not relevant, because that's not what the OP is asking about.