If somebody tries to promote you 30TB of solid-state storage for lower than $40, think about turning round and operating away, irrespective of what number of clip-art rockets they use of their photos.
It looks like high-capacity SSDs are getting cheaper on a regular basis, however within the phrases of a safety researcher referred to as Ray Redacted on Twitter, there are nonetheless some offers which can be too good to be true. Within the spirit of discovery, he purchased a “30TB” exterior SSD from AliExpress for $31.40, which additionally occurs to be listed on Walmart’s web site for $39 (I’m linking it for instructional and leisure worth, please don’t purchase it).
For these of you who’re following this thread however not understanding the rip-off:
Scammer will get two 512MB Flash drives. Or 1 gigabyte, or no matter. They then add hacked firmware that makes it misreport its dimension.
Home windows stories EXACTLY 15.0 terabytes. Not 14.89, Not 14.78
— Ray [REDACTED] (@RayRedacted) August 26, 2022
However whenever you go to WRITE an enormous file, hacked firmware merely writes all new information on high of previous information, whereas holding listing (with false information) intact.
H2Testw really WRITES & then RE-READS its information. However the scammer slowed the bus down from 5 gigabits per second to .48 gigabits
— Ray [REDACTED] (@RayRedacted) August 26, 2022
On the within, this “SSD” appears like two small-capacity microSD playing cards sizzling glued to a USB 2.0-capable board. This board’s firmware has been modified so that every of those playing cards stories its capability as “15.0TB” to the working system, for a complete of 30TB, despite the fact that the precise capability of the playing cards is far decrease. That is one other giveaway; Home windows stories drive capacities in gibibytes (1,024 mebibytes) or tebibytes (1,024 gibibytes), whereas drive producers use gigabytes (1,000 megabytes) and terabytes (1,000 gigabytes). This is the reason a 1TB drive usually solely has a reported capability of 930-ish GB, reasonably than a pleasant spherical quantity.
The drive is much more intelligent in relation to tricking individuals into considering it is working. It preserves the listing construction of no matter you are copying, however when it is “copying” your information, it simply retains writing and rewriting over the tiny microSD playing cards. Every part will look superb till you go to entry a file, solely to search out that the info is not there.
Replies to Ray Redacted’s thread are stuffed with alternate variations of this rip-off, together with a number of iterations of the hot-glued microSD model and not less than one which hid a USB thumb drive inside a bigger enclosure.
Pretend USB storage units are neither new nor uncommon, although this one makes spectacularly egregious claims about its price-per-gigabyte. Relating to shopping for storage on-line, commonsense recommendation is greatest: stick to call manufacturers, purchase from reliable sellers (not simply retail websites you belief—the Walmart itemizing is bought by “JD E Commerce America Restricted,” no matter that’s), and know that if a deal appears too good to be true, it nearly actually is.
