removing autorun from a flash drive
Bruno Wolff III
bruno at wolff.to
Wed Mar 11 04:36:32 UTC 2009
On Tue, Mar 10, 2009 at 22:55:05 -0500,
Bruno Wolff III <bruno at wolff.to> wrote:
> On Tue, Mar 10, 2009 at 17:47:04 -0400,
> Todd Denniston <Todd.Denniston at ssa.crane.navy.mil> wrote:
> > Bruno Wolff III wrote, On 03/10/2009 05:34 PM:
> >>
> >> Repartitioning the raw device would probably work. You would then create
> >> a filesystem on the partition.
> >>
> >
> > No, if you repartition the device, you wipe out the ability for the U3
> > removal tool to work, but the fake CD remains IIRC.
>
> Maybe I am missing something. If you write over the blocks with the U3
> tool, how does it not get erased?
>
> Is this tool located somewhere of than the normal blocks on the device?
I found some info, though it doesn't look like the full details are
publicly known.
The device shows itself as two devices and indicates different types for
each so that one looks like mass storage and the other a cd drive.
It is suspected that nonstandard scsi commands are required to write
to the cd device. Some people have tricked one of the available tools into
loading custom isos into the cd portion of the device.
So it looks like you do need a special tool if you want to have the space
initially reserved for the cd image released for use in the normal part.
Probably theer is some secret scsi command to do this that wouldn't be
too hard to find if someone were serious about figuring it out.
Why anyone would want one of these devices is beyond me. It's a security
nightmare for both the computer being used (due to autorun being enabled)
and the usb device owner (due to not just running code from the device).
If you own both, there is no reason to have that feature.
More information about the fedora-list
mailing list