A package from Lithuania arrived today that may be interesting for the Infosec Community at large. Arsenijs has finally implemented a theoretical approach to program SD Cards to be temporarily or
permanently protected from write operations. Having reliable read-only media can be very usefully in many situations - ranging from offensive to defensive. Implants will no longer suffer from premature SD Card failures, tools like CIRClean can get an additional layer of tamper-resistance and forensic operations become cost-effective.
Picture of the SD Card Locker |
History
This device was developed by Karl Lunt back in 2013, then improved by Nephiel in 2014. Arsentijs recently discovered it was never sold or mass-manufactured.New in version 2
- Redesigned the laser-cut case to be thinner, making the "laser-cut case" locker version less bulky. It's also now transparent, except for the middle layer which is transparent orange.
- Added usage instructions on the bottom of the PCB.
- Added a MicroSD slot on the bottom - it allows you to plug a MicroSD card in directly, without using any adapters.
- Reinforced the MicroUSB port soldering
- Make read-only Raspberry Pi SD cards
- Make virus-resistant LiveCDs (or, rather, LiveSDs) for all your computer maintenance needs
- Distribute SD cards with promotional materials
- Forensic research and data recovery (reading from the SD card while preventing all write operations)
- Test your SD-card-powered products for unexpected behavior (an SD card becoming read-only is a popular failure mode and tends to happen when the card controller detects severe data corruption).
Feature Set of the SD Card Locker |
How does it work?
Larger SD cards have a mechanical "write protect" slide switch on the side. However, that switch is useless :- not all readers support it
- the OS can choose to ignore it
- it's not available on MicroSD cards
- the switch tends to slide accidentally (or fall out of the SD card altogether) when you have no intention of enabling write protection.
How to order ?
You can order it from Tindie for only 12USDHints
- Look into zRAM (Virtual Swap Compressed in RAM,) to move your swap into RAM Memory, this way you can still swap effectively and even use RAM more efficiently.
- Use fstab to create directories (Like /etc/log) that only exist in RAM
0 comments
Post a Comment