On the topic of new rituals for storage devices, whenever I buy a microSD card or a USB flash drive and before I setup the filesystem, I've been filling it with random data and reading it back to ensure it does have the storage capacity it's supposed to have.
I started doing this after reading comments online (probably here) on fraudulent cards and drives circulating around Amazon. Some comments mentioned that there are even some devices that have their firmware set-up such that writes don't fail even when you've written more than what the device can actually hold. They supposedly manage this by reusing previously used blocks for new files. I suppose in other words, each block has multiple addresses. The addresses would probably loop around the same blocks until the fake size is reached. That would give it the most realistic appearance that it's of the reported size while silently corrupting previously written storage.
In any case, so far I've only gotten 4 cards/drives since then, and I haven't found them to be frauds.
I've since wondered how much I'm subtracting from their product lifespan with my testing. I mean, I imagine that microSD cards and USB flash drives do wear leveling on unused blocks, but without TRIM support on them, after testing them, I'm probably eliminating the devices' ability to do wear leveling since I'm occupying all blocks without the ability to tell the device that they're unoccupied now.
As far as I understand, the problem with lacking TRIM support on USB flash drives is not that there's no protocol for it through USB, since there are USB-SATA adapters that specify support for UASP. Admittedly, though, I'm assuming that UASP is enough to get TRIM support. I don't remember testing that.
In any case, I wonder if this new ritual I'm doing is really worth it, and if it's not, when would it be?
EDIT: I wonder if it's realistic to expect that one day we'll get USB flash drives and microSD cards with TRIM support. I don't expect the need to check for fraudulent storage devices to go away.
Filling with random data is advisable anyway if you use encryption for storage, which almost everybody should do (it's clearly fine to store stuff that is genuinely public unencrypted, but if you're not sure probably not everything is public and so just encrypt everything)
The reason to write random data is that otherwise an adversary inspecting the raw device can determine how much you really stored in the encrypted volume, as the chance of a block being full of zeroes _after_ encryption is negligible so such blocks are invariably just untouched.
The encryption will ensure that random bits and encrypted data are indistinguishable (in practice, in theory this isn't a requirement of things like IND-CPA it just happens that it's what you get anyway).
Apart from under-sizing, there are other issues with fake SD cards too. For e.g. with a crappy controller, you can lose data on the sd card during powerouts, or because it reported that the write was successful when it hasn't finished writing, or it can have silent corruption over its lifetime, etc, etc.
> In any case, I wonder if this new ritual I'm doing is really worth it, and if it's not, when would it be?
Depends on the chances and impact of getting a fake/faulty device, yeah? I've heard claims that most online marketplaces have rampant fakes, although you're 4 for 4 with good ones. On the other hand, the failure mode is data loss, which seems pretty bad. So personally I think your approach is a good idea.
I want to think so too, but I wonder how much less the devices are going to last me before they wear out. I know it depends a lot on usage patterns, though. Luckily, I needed these devices almost exclusively for reading, but I wonder if I reduced the available writes something massive.
I mean if the write cycles are so low on a device that one drive write is a problem then it was already a problem before you did one drive write. Even a cheap (legitimate) uSD should have hundreds of full drive write cycles.
Yes, I run f3write / f3read on every USB drive I get. So far, I found one instance of a flash drive equipped with a FIFO controller (reporting itself as a large capacity, but only retaining a much smaller amount of data).
I started doing this after reading comments online (probably here) on fraudulent cards and drives circulating around Amazon. Some comments mentioned that there are even some devices that have their firmware set-up such that writes don't fail even when you've written more than what the device can actually hold. They supposedly manage this by reusing previously used blocks for new files. I suppose in other words, each block has multiple addresses. The addresses would probably loop around the same blocks until the fake size is reached. That would give it the most realistic appearance that it's of the reported size while silently corrupting previously written storage.
In any case, so far I've only gotten 4 cards/drives since then, and I haven't found them to be frauds.
I've since wondered how much I'm subtracting from their product lifespan with my testing. I mean, I imagine that microSD cards and USB flash drives do wear leveling on unused blocks, but without TRIM support on them, after testing them, I'm probably eliminating the devices' ability to do wear leveling since I'm occupying all blocks without the ability to tell the device that they're unoccupied now.
As far as I understand, the problem with lacking TRIM support on USB flash drives is not that there's no protocol for it through USB, since there are USB-SATA adapters that specify support for UASP. Admittedly, though, I'm assuming that UASP is enough to get TRIM support. I don't remember testing that.
In any case, I wonder if this new ritual I'm doing is really worth it, and if it's not, when would it be?
EDIT: I wonder if it's realistic to expect that one day we'll get USB flash drives and microSD cards with TRIM support. I don't expect the need to check for fraudulent storage devices to go away.