On Sat, 21 Jul 2018 12:23:13 -0700 Ben Koenig <[email protected]> dijo:
>Did you already return the drives? It would be interesting to examine >them at a lower level. There were a bunch of Intel ME exploits in >2017, some of which using "specially prepared" USB sticks as attack >vectors. > >On the one hand this is probably a quick cash grab by some random >company. But then again, I wonder if these flash drives are an attempt >to modify low level firmware on exploitable Intel systems... Even if >the user finds out that the drive is a fake, the real goal was to >change your system firmware. I still have them. The seller hasn't responded yet to my 'I want to return this item' message via eBay. But I may have wiped out what you are looking for. When they arrived I stuck them in ports (one each on laptop and desktop), used Gnome Disk Utility to see what was on them, discovered the funny small partition and that they were NTFS. I deleted the small partitions, then used a 'clean' function in the utility that took about eight hours. I did that because the small partitions looked fishy and I didn't trust them. The next morning I set about creating new ext4 partitions, ran into problems, and came here. If you want to play with them, you're more than welcome. Now I wish I had left one of them untouched so you'd have the small partition to play with. The tag on the blister pack says 'Micro Vault contains a system management area,' so that's undoubtedly where the evil fraud stuff resided. _______________________________________________ PLUG mailing list [email protected] http://lists.pdxlinux.org/mailman/listinfo/plug
