Go Down

Topic: USB/SD Write Blocker (Read 2374 times) previous topic - next topic

AriosYonsen

Please let me know if I've got this in the wrong place, but I'm trying to make a write blocker as an interface for a USB or SD card and I was wondering if it could be done with Arduino.  Please understand that I'm completely new to this and likely won't understand something too in-depth without a bit of hand holding.

AriosYonsen

So, after about a week with no response I think it's safe to say that no one has a distinct answer. Well, only one thing for it then. I'll post what I do to find out whether it's possible in this thread, if that's alright, and would appreciate any feedback if there's a better way to do any part of it. The end product will be slim enough to be used with most USB ports and will essentially be plug and play. Any ideas where to begin?

AriosYonsen

Well, slow progress so far, and it occurs to me that this now being project documentation there's probably somewhere better to put it, so could one of the staff let me know where they would want it put and how to move it, please?

On a related note, I've been informed that I might get a more positive response if I share the purpose of the original question. I've known a few startup computer technicians and IT people in the circles I travel in, and have noticed that when it comes to disinfecting a computer they tend to have these -to me- unnecessarily complicated ways of refreshing the USB after it's been used. My thoughts usually run along the lines of 'why not simply stop the computer being able to write to the usb?'. After a bit of research I've discovered is that all available ways to do this are either easily subverted, require cracking open the USB and soldering parts that might not even be there or cost a rediculous amount of money.

This struck me as being more 'niche' than it really needs to be, and my thoughts turned to making an open-source and reliable, if rather cheap, way of doing this for a USB or microSD card.

I realize this may easily become far more complicated than it sounds, and have already been 'treated' to a lecture about how the device will have to handle a 'hand-shake' and place write attempts in the stack before the code does whatever with them, but quite a bit of this simply went over my head, frankly, and I didn't get any direction from it.

Finally, I realize that this isn't going to be a three week code wrangle and could likely take over a year of work, but I am willing to put in the time. I simply don't know where to begin.

MorganS

Your long explanation still has me wondering, What is a "write blocker"?

If you have data on a USB stick that you want to make impossible for an infected computer to change, then use an SD adaptor and set the write-protect switch on the SD card. Job done.

If it's a bootable USB recovery disk, then it is possible that the operating system needs to write to the disk, but bootable CDs used to exist and they're not writeable.
"The problem is in the code you didn't post."

AriosYonsen

The problem is that the switch is actually software based, and can therefore be circumvented. I want to make it so that a virus or computer-savvy individual can't, for example, change a registry entry and suddenly be able to write to the card.

The inspiration for the project comes from this:
https://www.cru-inc.com/products/wiebetech/usb_writeblocker/

But these are expensive and it kinda raises eyebrows if you try to order one, so I was thinking of a cheaper, easier way to do it.

In any case, the microSD adaptor I ordered is here, so I can set it up to test if I can access the media though the nano that I'm using, and after that I'll try to find a way so that write requests simply don't get as far as the microSD card.

On another note: yay, I got a reply. I was kind of worrying that I'd been relegated to the kook bin for a while there.

MorganS

The software which reads the write-protect switch is inside the USB reader. So long as the infected PC can't upload new firmware to the USB reader device then it can't subvert that function and write to the SD card.

Most USB readers have totally locked-down ROM firmware. I seem to remember a virus that propagated on USB memory sticks by editing the firmware but that got stopped years ago when the manufacturers worked out that this was a security hole.

Of course in an environment where data security is really important (like the CIA offices) all their computers have the USB ports filled with epoxy glue. But this is to stop spies stealing the data, not to protect against viruses.
"The problem is in the code you didn't post."

AriosYonsen

#6
Feb 06, 2017, 02:59 am Last Edit: Feb 06, 2017, 03:04 am by AriosYonsen
Well, this is a bit of a blast from the past.

I'd pretty much forgotten about this after having my conclusions proven more or less wrong by further research, so I ended up changing the focus of the idea to another application that I was toying with.

I have some free time now, so I guess it's time to RAISE THE DEAD!
*Ahem* Drama aside, I want to make a Holocron. It really boils down to the same problem, but with a bit size restriction added; I simply won't have enough space in the project for a full size SD card and the thickness of a reader for that card, and this seems like a 'why-the-hell-not?' kind of idea.

EDIT: It occurs to me to clarify further. The Holocron in question will be a puzzle box designed to allow the micro-SD to be removed so it can be written to, but be read-only while it is mounted inside the adapter. Why? 'Cause I wanna.

AriosYonsen

Okay, so it's back to this then.

I realise that double posting and necroposting may be frowned upon here, but I want a record somewhere in case someone has a similar idea. At least they won't be as stumped.

So, despite all the research I've done, I've yet to find any information one way or the other about what I am trying to do. There's plenty to do with reading and writing data to and from an SD card, but it's all to do with simple files and logging. I've found nothing to do with allowing direct access to the SD card through the Arduino, let alone stopping an SD card being written to. I may be simply looking in the wrong places, and am about as far from expert as you can get in Arduino and C coding in general, and if this is the case, I would very much like a prod in the right direction.

In summary, I'm trying to find out if an Arduino, specifically an ATMega 328, can:
1. be programmed to allow access to a connected SD card using Windows Explorer as an interface, and;
2. be programmed so that this access does not allow new data to be written to the connected SD card, without having to perform other actions on the host machine.

All this would have to be in the size constraint of a 10cm cubed, including mechanisms to make said space a 'puzzle box'. This limits the build to using an Arduino Nano or equivalent.

If and when I can find or write this code, it shall be presented to this thread.

Thank you for your time.

MorganS

1. Can't be done with a 328P (Uno, Nano). If you allow any of the "U" variants such as the 328U4 used in the Micro, then you may have a chance.

I don't see any evidence that you've even looked at the USB mass-storage standard. Try reading it. You have been warned that it's not simple but it's not impossible either.

2. I still don't understand why gluing the lock switch on an SD card isn't a solution. It's not like you have government-level secret operatives trying to write data to your card. You're making a game. One of the rules of the game is "Don't use illegal software to bypass the lock switch." Do you have this software? Do your players have the software?

I don't believe the software exists anyway. There's lots of software available at various prices to read data from damaged SD cards but if the lock switch jams on a card, you just buy another card. There's no money to be made in selling such software.
"The problem is in the code you didn't post."

AriosYonsen

Now that you mention it, that would be a really obvious place to start. I likely didn't find it due to specifically looking for arduino related information.

A couple of corrections, though. I'm not trying to make a game, I'm trying to make a lore-friendly prop. The main idea is that the information in a holocron is generally view-able, but can't be added to without fulfilling certain prerequisites, in this case being provided the key to opening the box.

Also, the size restriction makes using a full-size SD card difficult and most USB to micro-SD adapters sold here don't have the switch.  Other design constraints mean I'd also have to find one that has a micro USB port instead of a jack.

At first blush, an arduino nano seems to fit these constraints.

Go Up