At first, this might seem like a minor annoyance: You purchase a 1 or 2 terabyte drive at a bargain price, and you receive a 64 GB drive instead. But that’s NOT what happens here!
The drive appears to be the 1 or 2 terabyte drive you purchased. You plug it into your computer and everything looks fine. You can even copy files to the drive; as many as you want. And when you look at the drive’s contents, the files are there. But what’s insidious is that the files’ contents may have never been stored.
These fraudulent drives contain just enough storage – typically 64GB – to convincingly hold the file system’s directory listing. But once its first 64GB of storage space has been filled, the contents of any additional files will not actually be stored. Their names, dates and sizes will be stored in the directory at the front of the drive. Everything will appear to be fine. But the files’ contents will be blank because they were “stored” where no storage exists.
Operating systems do not verify that the data they write was actually written. They rely upon the honesty of storage devices to report errors. If a write error occurs, then the operating system will rewrite the data elsewhere. But these deliberately fraudulent drives never report any problems – they just silently discard any data written where there’s no storage.
It is a freeware, and very small footprint (written in Assembler), portable utility, so no installation required, but unfortunately does only run on Windows OS.
I was listening to feedback by Steve on his Security Now podcast (episode 943), and the scary part is he has already tested 12 USB sticks he bought off Amazon, and EVERY one of them was found to be fraudulent. Many show 4-star reviews full of praise for the devices, but you’ll see some reviews mention the drives “stopped” working after a few months. It is easy to fake what capacity is reported to Windows, and that is why a proper test needed to involve writing and reading back every region of the drive. ValiDrive performs a quick, random-sequence spot-check across the drive’s entire declared storage space. At every location, it verifies the successful storage and retrieval of random (unspoofable) test data.
He goes on to also explain why some drives can be very slow during the test, due to needing to step up the voltage from 5V to 20V for the write operations. This is apparently why SSD’s can be so much faster than a USB drive.
So, if you buy any USB drive online (or even from a retailer) you may want to run this test first and check you got what you paid for.