GNOME Bugzilla – Bug 732956
Preventing counterfeit FLASH storage
Last modified: 2018-05-24 10:30:20 UTC
Do a simple Google search or eBay search for microSD or FLASH memory and you'll quickly realize something: There are some great prices out there! That is, until you actually get the memory device in your hands, test it out, and it fails within a matter of hours. There needs to be something out there, a common technology practice, to correctly and accurately test these memory modules the first time the user plugs in the device in order to prevent imminent data failure at an unexpected moment. I have the idea for the GNOME Disk Utility in Ubuntu -- To accurately test any new memory module installed with the consent of the user the second the module is plugged in and allowed to gain ROOT access to the filesystem. A simple test like this can save the general public tonnes of money when it comes to buying memory, keep malicious codes from entering our loved computer systems, and help educate us on how to choose the correct memory technology, where to buy it, and what to look for, etc.. Included in this idea I have is an optional form to report certain module types into a larger database that is interconnected between all computers using the GNOME Disk Utility and connected to the internet for even faster emergency diagnosis with instant fraudulent device recognition that will then push a warning to the user to remove the module at once and a set of instructions on how to properly request a refund for their counterfeit device. Something like this has never before been integrated into mainstream computing methods, and it's about time a smart, automated, self-learning, user-teaching system like this is implemented. ProblemType: Bug DistroRelease: Ubuntu 14.04 Package: gnome-disk-utility 3.10.0-1ubuntu3 ProcVersionSignature: Ubuntu 3.13.0-27.50-generic 3.13.11 Uname: Linux 3.13.0-27-generic x86_64 NonfreeKernelModules: nvidia ApportVersion: 2.14.1-0ubuntu3.2 Architecture: amd64 CurrentDesktop: Unity Date: Wed Jul 9 13:15:58 2014 InstallationDate: Installed on 2014-02-19 (140 days ago) InstallationMedia: Ubuntu 13.10 "Saucy Salamander" - Release amd64 (20131016.1) ProcEnviron: LANGUAGE=en_US PATH=(custom, no user) XDG_RUNTIME_DIR=<set> LANG=en_US.UTF-8 SHELL=/bin/bash SourcePackage: gnome-disk-utility UpgradeStatus: Upgraded to trusty on 2014-04-18 (82 days ago)
Created attachment 280291 [details] Screenshot of the current abilities Gnome Disk Utility has to offer me on benchmarking a fraudulent microSD device I have received in the mail. Screenshot of the current abilities Gnome Disk Utility has to offer me on benchmarking a fraudulent microSD device I have received in the mail. Please note that I needed to have known what to do in order to get to the benchmarking process, after benchmarks are complete the application still does not tell me if this is likely counterfeit and has no automated "report" and "test" features.
Comment on attachment 280291 [details] Screenshot of the current abilities Gnome Disk Utility has to offer me on benchmarking a fraudulent microSD device I have received in the mail. Screenshot of the current abilities Gnome Disk Utility has to offer me on benchmarking a fraudulent microSD device I have received in the mail. Please note that I needed to have known what to do in order to get to the benchmarking process, after benchmarks are complete the application still does not tell me if this is likely counterfeit and has no automated "report" and "test" features.
As far as GNOME Disks is concerned, the flash device is legit. The microcontroller embedded in your flash device reports a manufacturer and device ID to your computer, and exactly what those IDs are programmed. Much like the logo that appears on the box, these IDs can be 'forged' by anyone with the capability. Not only that, but often the devices actually aren't fraudulent: flash manufacturing is a very low-margin business, so any part of the wafer that doesn't get used is money lost. Batches of flash too poor in quality for most of the consumer segment are usually sold on to third parties, who can then re-sell the product in other markets (ebay and the like, for example). There isn't a lot GNOME Disks (or any software, for that matter) can do. It's just a matter of 'buyer beware', unfortunately. There is a who goes by the nickname 'bunnie'; he's done a fair bit of research in this area. You can read a lot of it on his blog at https://www.bunniestudios.com/ if you're interested.
See: https://bugs.freedesktop.org/show_bug.cgi?id=89335
-- GitLab Migration Automatic Message -- This bug has been migrated to GNOME's GitLab instance and has been closed from further activity. You can subscribe and participate further through the new bug through this link to our GitLab instance: https://gitlab.gnome.org/GNOME/gnome-disk-utility/issues/23.