[Cryptography] Understanding state can be important.
hbaker1 at pipeline.com
Wed Dec 30 21:10:34 EST 2015
At 01:31 PM 12/29/2015, Arnold Reinhold wrote:
>My solution to the write-protect problem involves two single purpose devices.
>One is a board that would serve as a write-protect shield for an SD card.
>All SDcards implement a Serial Peripheral Interface Bus (SPI), which is supported on the Arduino and R Pi platforms.
>The SDcard specs, e.g. http://blog.chinaaet.com/282280072/p/17750, include a set of commands.
>There are two for writing blocks: CMD24 and CMD 25.
>The wedge board would send commands and data to and from the SDcard transparently except that it would block the Write commands.
>This feature might be controlled by a switch or a jumper on the board.
>A light or sound alert could warn of a write attempt.
>The write-protect board with an SDcard installed might be made to act like a USB flash drive.
>This should be easy to do on a Raspberry Pi Zero ($5 retail), using the Pi Zero's USB port.
I'd be happy with a *true* "USB condom"; one that MITM'd the USB port and made damn sure that a passive memory device acted like a *single* *passive* memory device, and not a keyboard/mouse/whatever; it would also watch out for any changes in its VID/PID.
This same device could also ground any write commands.
I've seen some cheap devices that could conceivably do this, but the manufacturer would have to allow me reprogram the firmware.
More information about the cryptography