[tor-talk] USB sticks for Tails (write protection switch)

Moritz Bartl moritz at torservers.net
Thu Mar 12 04:35:16 UTC 2015


Hi!

It's been a while, and a lot of people have since asked if I can repeat
the action: I plan to do another bulk order of USB sticks with physical
write protection switch. They are certainly not perfect, and there's no
guarantee that there aren't any software-based attacks possible! (**)
Still, they are definitely 'more useful' than regular USB sticks with no
write-protection whatsoever.

I will order only one model this time. I believe they are the same than
the square ones last time, but I don't know for sure. Here's some data
from the last batch:
https://blog.torservers.net/20131115/usb-sticks-for-tails.html ( the
blue ones on http://share.pho.to/48Egt ).

I will bring sticks with me to events. I will not put Tails on them, and
I will not repackage and mail them. I plan to give them away "as is" at
the price that I pay from the wholesale company in China. You can find
sellers on alibaba.com.

The price will be around 8 Euro for 16GB sticks. Last time I went for
the 8GB version, but it only makes ~1€ difference these days. It largely
depends on the quantity, and obviously it can get cheaper the more I
buy. Please ask _organizations_ that would be interested so I can get a
rough idea of how many I should order. Last time I got 200, which were
gone astonishingly fast (I barely had any left after a single c3
congress). I need organizations/groups to commit to at least 25 sticks.
I don't have the energy to deal with smaller "orders". :-) The amount of
feedback I get to this will determine how many extra sticks I will buy.
I am tempted to at least go for 500.

I do not plan to print or engrave logos on them, so they don't "stick
out". If an organizations wants their logo on sticks, I can share my
Chinese contact and the org can order directly.

(**) Nobody has actually proven that you can circumvent the read-only
bit and simply write with modified kernel drivers ("please don't write
me bit", not enforced by the drive controller), and/or that you can
reflash the firmware in read-only mode. It sounds plausible that you
can, so I don't think that these USB sticks will protect against a
highly motivated attacker. "Safer" options I've heard so far, but have
not verified:

The (micro)SD exposes registers for permanent write protection (cannot
be undone) and temporary write protection. If you set TMP_WRITE_PROTECT
and expose the SD card as USB device (not as mmc card), the registers
cannot be accessed from the host, so they cannot be changed. For an
example of this, see https://github.com/Nephiel/sdlocker-tiny . Maybe
there's a nice little SD card USB reader with a firmware that can be
patched for this. Or someone finally does a kickstarter around proper
USB sticks, with open hardware, and better protection against rogue
firmware updates. It could then of course be based on flash memory
chips, not necessarily SD cards. I think it would be nice to find a
cheap, small, hackable SD-to-USB adapter.

-- 
Moritz Bartl
https://www.torservers.net/

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 455 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20150312/bcfe9c13/attachment.sig>


More information about the tor-talk mailing list