Peter Philipp wrote:
Hi,
I had this USB stick called CHEER,
see message ID
Message-ID: <[EMAIL PROTECTED]>
here is a clip from messages showing the ID,
May 11 16:05:41 neptune /bsd: umass0: CHEER USB_DISK, rev 2.00/2.00, addr 2
May 11 16:05:41 neptune /bsd: sd1 at scsibus2 targ 1 lun 0: <CHEER, USB_DISK,
1.00> SCSI2 0/direct removable
bash-3.1$ grep sd1 /var/log/all | more
May 11 16:05:41 neptune /bsd: sd1 at scsibus2 targ 1 lun 0: <CHEER, USB_DISK, 1.
00> SCSI2 0/direct removable
May 11 16:05:41 neptune /bsd: sd1: 1010MB, 1010 cyl, 64 head, 32 sec, 512 bytes/
sec, 2069760 sec total
May 11 16:06:12 neptune /bsd: sd1 detached
May 26 15:12:31 neptune /bsd: sd1 at scsibus2 targ 1 lun 0: <SKYMEDI, USB Drive,
1.0> SCSI2 0/direct removable
May 26 15:12:31 neptune /bsd: sd1(umass0:1:0): only the first 4,294,967,295 sect
ors will be used.
May 26 15:12:31 neptune /bsd: sd1: 2097151MB, 2097151 cyl, 64 head, 32 sec, 512
bytes/sec, 4294967295 sec total
May 26 15:12:44 neptune /bsd: sd1 detached
Anyhow... yesterday was a holiday here in germany. And I left my apartment
with the iBook turned off. Someone musta done an exchange of my USB stick
drive while I was out. Surprisingly it booted OpenBSD like usual and I
did not notice a change until it blew up today and wiped itself. When I
plugged it into my host neptune I noticed the different USB Id...
The USB drive looks exactly the same coincidentally. So...
To get to the point. What are some recommendations by OpenBSD users for
physical security, other than run and don't look back (kidding, heh),
Keep my house a complete cluttered mess. If you don't know where to
step, you are dead. Someone tries to break in, I'll probably find their
remains sprawled across a pile of junk, with an old EISA FDDI card
puncturing their lung. :)
As a hind thought, how possible is it for a device to blow up and change
its own ID but then still being detected by the USB protocol?
A lot more likely than you might think.
Somewhere around here, I have a Compaq SCSI hard disk... Actually, it
was made by IBM, didn't really even try to hide that on their stickers
outside the drive. I had at one point probably fifty of these things,
all the same, all pulled from the same batch of computers (dealer's
customer wanted 4G, not 2G drives). Every one had the same ID string,
saying "COMPAQ" and some model number.
Except this one.
For unknown reasons, this one forgot its Compaq programming, and
reverted to being an IBM disk. As I recall, it worked fine for a while
like that, but I think it failed later (or maybe I noted the bizarre
change after it failed).
So yes, Funny Things Happen. I could attempt to make a wild guess as to
why this drive shed its altered ID and reverted back to the ID it was
originally engineered, but you are probably thinking the same thing, and
we are probably both wrong.
I think I've seen this elsewhere, too.
And yes, I've seen various supposedly non-volatile EEPROMs and Flash
devices spontaneously die. Seen it so many times, I really do snicker
when people try to use Flash "because it is has no moving parts and is
thus more reliable" than disk (there are very valid reasons to use it.
I just don't think "reliability" is one of them).
I really suspect that no one did the "swap" on you, your stick probably
just died, and in the process, lost some custom programming the marketer
did to it. You would have to have some thing Really Valuable for
someone to go through all that trouble. Much easier to replace your
good stick with a completely defective stick...you'd just think the
thing failed, and never think that maybe someone somewhere now had your
data.
Note also that your drive's "size" became very wrong. I think the thing
just died on you...and picked up another identity on the way.
Nick.
