Creating a Thumb drive checking machine

  • Be sure to checkout “Tips & Tricks”
    Dear Guest Visitor → Once you register and log-in please checkout the “Tips & Tricks” page for some very handy tips!

    /Steve.

  • BootAble – FreeDOS boot testing freeware

    To obtain direct, low-level access to a system's mass storage drives, SpinRite runs under a GRC-customized version of FreeDOS which has been modified to add compatibility with all file systems. In order to run SpinRite it must first be possible to boot FreeDOS.

    GRC's “BootAble” freeware allows anyone to easily create BIOS-bootable media in order to workout and confirm the details of getting a machine to boot FreeDOS through a BIOS. Once the means of doing that has been determined, the media created by SpinRite can be booted and run in the same way.

    The participants here, who have taken the time to share their knowledge and experience, their successes and some frustrations with booting their computers into FreeDOS, have created a valuable knowledgebase which will benefit everyone who follows.

    You may click on the image to the right to obtain your own copy of BootAble. Then use the knowledge and experience documented here to boot your computer(s) into FreeDOS. And please do not hesitate to ask questions – nowhere else can better answers be found.

    (You may permanently close this reminder with the 'X' in the upper right.)

D

dImpetus

Member
Apr 11, 2023
8
1
So, I have been chasing down some shows from my childhood that are not on sale anywhere. I found some eBay posts selling the series on a thumb drive. This got me thinking of a way to scan a thumb drive you don't know safely. It would be an air-gap that should ideally be single-use to do the scanning. This post is meant to discuss how and what recommendations are needed. This is what I have been thinking so far:
- Raspberry Pi or a Zima board
- Linux - live session without persistence - (not sure what would be the best distro for this purpose)
- Virus scanning software - maybe ClamAV - I don't use Linux as my daily driver so not sure

I would love to hear if I am missing something or if there is a better solution out there. This is a side project, so I am not looking to spend a lot of money on a dedicated tool.
 
I did this with a couple of clone PCs, displays, and keyboards, stacked onto hand-trucks, wheeling them from site to site, scanning diskettes, marking the diskettes clean, and SpinRite-ing the diskettes for good measure.

Nowadays, the challenge might be to upload to free VirusTotal.com, record the results, mark the drive, and put it in a snack-baggie with a paper note, perhaps a post-it note - I need the equivalent of a big diskette label for my tiny little USB drives - drat!

Don't put the testing PC on any internal network, only directly connected to the web, perhaps our local router's guest account or tether through a cell phone.

The beauty of a PC is that it may best match the same environment under which the USB drives will eventually have to function, and old PCs are cheap or free ( in our closets ), they use similar operating systems as are in use once the USB drives pass muster, including a free GRC ValiDrive test ( quick ), and PCs can usually run any programs and install any hardware accessories.

The challenge may be to work on and scan multiple drives at once, not wait for one USB drive to finish before moving on to the next one, yet keep track of the progress of each drive and not miss any steps, and record the results so you can audit what you have done and know if anything slips through, how that happened.

Do you need to zero out a drive in case there's malware in the erased space?

I keep copies of malware so I can backtrack where it came from, and so that I can 'test' any future anti-malware programs to see if they still work on old malware.

How do you check if the USB drive has firmware malware that is NOT in the data area?

Not all USB drives work in all USB sockets, there may be compatibility issues preventing full check, so how many different USB sockets can be added via adapters and hubs to cover all possible USB drives - USB 1, 2, 3, versions of each, different USB drivers, A and C plugs, and so on?

Cool challenge, keep us posted.

Thanks.

.
 
Last edited:
  • Like
Reactions: dImpetus
PHolder said:
In theory, it's damned near impossible to do it safely...
Click to expand...

Good look-up.

Yeah, one thought I had was,
- on an isolated computer,
- zip or just copy the USB contents to a file or directory on the local hard drive,
- send the zip or files to free VirusTotal.com ( size may require batch sends - arduous ),
- then, if OK, expand the zip or copy the files to a known good USB drive ( factory direct supply ? ),
- and 'deal' with the unknown original USB drive.

It doubles the price of USB drives, but that may essentially be trivial in comparison to any potential damage of an infection.

- - - - -

At what point can anyone say "I trust the drive's firmware'?

Thanks.

.
 
These are some great points. In my particular case I don't care about the flash drives, but more the files. I had been thinking about making sure I could get the files out and scan them and then move them to a new drive that would be safer to connect into my network.
 
You must log in or register to reply here.

Similar threads

B
Veracrypt – Interesting Way To Encrypt Drive…. Maybe?
Replies
5
Views
437
Software
AlanD
A
C
A few software programs I am looking for.
Replies
3
Views
866
Software
jchristyr
jchristyr
A
Drive Erasure Tool
Replies
20
Views
4K
Software
peterblaise
peterblaise
A
Software Crashing After System Restart—Any Fixes?
Replies
8
Views
368
Software
AlanD
A
Duckpaddle
Looking for a Windows Newsreader
Replies
0
Views
775
Software
Duckpaddle
Duckpaddle
Top Bottom
Back