Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label SSD. Show all posts

Identifying and Avoiding Fake SSDs: A Guide for Consumers

 

SSDs have become the standard storage solution for most modern computers, found in devices across various price ranges, from low-end Windows machines to MacBooks. However, as the market is flooded with a multitude of SSD options, the issue of counterfeit SSDs is on the rise.

These deceptive drives, disguised to look genuine, can lead to a range of problems for your device. These include misleading capacities, sluggish data transfer speeds, and unexpected failures.

Understanding Fake SSDs

Fake SSDs are exactly what their name implies. These low-performance drives, often containing eMMC storage, are packaged to resemble full-fledged SSDs. In some cases, a fake SSD might even be a combination of TF cards or microSD cards connected to a controller board, presenting itself as an SSD once connected to a computer.

While eMMC storage isn't inherently flawed, it significantly lags behind SSDs in terms of data transfer speed, reliability, and storage capacity. This holds true for fake SSDs with TF cards as well.

These drives can be manipulated to display false capacities and may even behave accordingly. For instance, if a fake SSD with a reprogrammed 1TB capacity (originally 32GB) begins to fill up, it will start overwriting old data.

This makes fake SSDs a potential threat to data security, often leading to irretrievable data loss. They also underperform, frequently exhibiting data transfer speeds comparable to or even slower than traditional hard disk drives. Furthermore, they pose a reliability risk, as they can fail without warning.

Identifying Fake SSDs

Detecting a fake SSD among genuine ones is not overly complicated.

1. Scrutinize the Details:
Begin by meticulously examining the packaging and specifications. Fake SSDs often come with subpar packaging that feels flimsy, contains spelling errors, or boasts unrealistic specifications.

For instance, if an SSD from an unknown brand claims 512GB storage with data transfer speeds of up to 15 GBps, all for $10, it's likely a fake.

Some fake SSDs are sold under reputable brand names like Kingston, Crucial, Samsung, Micron, and Western Digital. Despite seemingly flawless packaging, the listed specifications can be outright false. However, the giveaway is often the implausibly low price.

Moreover, branded SSDs feature serial numbers that can be verified on the manufacturer's website. If the SSD lacks a serial number or the provided one doesn't match the manufacturer's database, it's likely a fake.

Ensure you review the drive specifications, personally inspect the packaging when possible, and be cautious of anything that appears suspiciously good.

2. Examine the Hardware:
Next, physically inspect the drive. A flimsy enclosure or a noticeably light weight are indicators of a fake SSD. Authentic products typically feel sturdy and offer tactile feedback. Checking the distribution stamp on the drive can also confirm its authenticity. If the stamp is absent, blurry, or contains errors, it's likely a fake.

Additionally, genuine SSDs often have a glossy finish, whereas fake ones may have a matte finish, indicating cost-cutting measures.

3. Perform Software Analysis:
Conducting software analysis and using the drive are highly reliable methods for determining authenticity. This does not require specialized software or complex commands—just a few large files and common sense.

Copy large files to the drive to check data transfer speeds. Compare these speeds with other drives in the same price range. As long as they are reasonably close, the SSD is likely genuine.

Running programs or games from the SSD can also reveal its authenticity. If it's fake, diminished performance and longer loading times will be noticeable.

By loading several large games onto the drive, you can test if it truly possesses the claimed capacity. If a smaller drive is programmed to display a larger capacity, it will run into issues as it nears its storage limit.

Counterfeit SSDs are becoming more prevalent, posing serious risks to data security and system performance. However, with a thorough examination and some practical tests, distinguishing fake SSDs from real ones is achievable. Always remember, if an SSD's price seems too good to be true, it probably is.

Firmware Attacks can Leave Persistent Malware in the SSD's Hidden Section

 

Korean researchers have created a set of assaults against some solid-state drives (SSDs) that could allow malware to be planted at a position beyond the user's and security solutions' reach. The attack models are designed for drives with flex capacity characteristics and target a hidden section on the device known as over-provisioning, which is extensively used by SSD manufacturers these days for performance improvement on NAND flash-based storage systems. 

The over-provisioning region is invisible to the operating system and any applications that run on it, including security and anti-virus software. The SSD manager dynamically adjusts this space against the workloads when the user runs different applications, depending on how write or read-intensive they are. 

Flex capacity is a feature of Micron Technology SSDs that allows storage devices to automatically modify the sizes of raw and user-allocated space to improve performance by absorbing write workload volumes. It is a dynamic system that builds and changes a buffer of space which typically consumes between 7% and 25% of total disk capacity. 

Hardware-level assaults provide the highest level of persistence and stealth. In the past, sophisticated actors worked hard to execute such concepts against HDDs, concealing dangerous code in unreachable disk sectors. One assault modeled by researchers at Korea University in Seoul targets an invalid data area containing non-erased information that resides between the usable SSD space and the over-provisioning (OP) area, the amount of which depends on the two. According to the research article, a hacker can adjust the size of the OP region using the firmware manager, resulting in exploitable invalid data space. 

In a second attack model, the OP region is used as a covert location where a threat actor can hide malware that users cannot monitor or remove. According to the research article, "It is assumed that two storage devices SSD1 and SSD2 are connected to a channel in order to simplify the description. Each storage device has 50% OP area. After the hacker stores the malware code in SSD2, they immediately reduce the OP area of SSD1 to 25% and expand the OP area of SSD2 to 75%." 

"At this time, the malware code is included in the hidden area of SSD2. A hacker who gains access to the SSD can activate the embedded malware code at any time by resizing the OP area. Since normal users maintain 100% user area on the channel, it will not be easy to detect such malicious behaviour of hackers," the article added.

To counteract the first type of assault, the researchers advise that SSD manufacturers wash the OP area with a pseudo-erase algorithm that has no effect on real-time performance. Implementing valid-invalid data rate monitoring systems that monitor the ratio inside SSDs in real-time is a potentially effective security measure against injecting malware in the OP area for the second type of attack.

Cryptocurrency Mining Will Void Your SSD Warranty, Manufacturer Galax Warns

 

SSD designer Galax has warned users on its Chinese website that mining cryptocurrency with the company’s Solid State Drives (SSDs) will void their warranty with that product. This comes as no surprise with miners getting prepared to start mining the new Chia cryptocurrency which focuses on storage to mine coins rather than requiring the best mining GPUs.

“If users use our SSDs for mining/farming and other abnormal operations, the data writing volume is much higher than the standard for daily use, and the SSD will slow down or get damaged due to excessive data writing volume. Due to the tests carried out, the damages are qualitative according to the test results, and that is why according to the quality assurance standards of our SSDs, we have the right to refuse to provide warranty services. The right of final interpretation belongs to the company, " Galax published a note on their website.
 
Chia is a new cryptocurrency that isn't even available to trade just yet, but it's already gaining in popularity. The main attraction for this new crypto is the way you can mine the cryptocurrency. Chia relies on a 'proof of time and space' algorithm to mine the currency on hard drives and SSDs, so there's no need to optimize your GPU for mining.

The makers of Chia designed it to be mined this way so mining the cryptocurrency is more accessible to the end-user and won't penalize the customer with big electricity bills or the purchasing of single-use hardware (i.e., ASICs). But, on the negative side of things, this mining technique could severely affect storage supply and demand. If Chia gets popular at all, we will probably see the same shortages we're seeing on GPUs applied to hard drives and SSDs as well. At present, Chia already has over 950 petabytes of storage, consisting of 101.4GiB plots. That's a lot of hard drives and SSDs, and that space remains occupied as long as a miner wants to try to harvest Chia. 

Given how much data write is required to design a Chia plot, it's no surprise that Galax is already preventing users from using their warranty on its SSDs when it comes to mining workloads. If Chia is demanding enough on write performance, we could see all other SSD manufacturers following suit.

HP Issues Advisory Informing Users to Expect SSD Failure around October 2020


Computer enterprise company HP (Hewlett Packard Enterprise) warns its customers about a bug that it has recently found in its SSD (Solid State Drives). The company HP has made a new firmware patch to prevent some of its hard drives from crashing after 40,000 hours of consumer use. In a firmware incident last week, HP informed its consumers about a bug in some of its hard drives that will cause them to stop working after 40,000 hours of use, which is around four years and 200 days. SAS SSDs (Serial-Attached SCSI solid-state drives) is the model of the hard drives that are likely to be affected by this firmware bug.


According to HP, the hard disks manufactured during that period will crash around October this year, and these will be among the earliest failures. To solve this issue, HP has released some firmware updates to fix this bug last week. It has asked the companies to update to the latest firmware updates, and if they fail to do so, the companies might risk losing both the SSD and the data. If the SSD crashes, users can't restore their data, says HP in its security advisory.

This firmware bug incident is similar to another hard drive crash incident that happened in November last year. In the latter event, the HPE SAS SSDs crashed after nearly three years and 270 days of use. This time, however, this bug will affect far fewer SSDs than it did last year. According to HP, the company learned about this issue from a different SSD company that uses HP's SSDs, similar to last year. The list of SAS SSD models affected by the bug is available on HP's customer support website.

"This HPD8 firmware is considered a critical fix and is required to address the issue detailed below. HPE strongly recommends the immediate application of this crucial fixture. Neglecting to update to SSD Firmware Version HPD8 will result in drive failure and data loss at 32,768 hours of operation and require restoration of data from the backup in non-fault tolerance, such as RAID 0 and fault tolerance RAID mode if more drives fail than what is supported by the fault tolerance RAID mode logical drive," reads HP's notification.