Sapphire Write-Protect Drive Reader Protects HDDs, SSDs

Status
Not open for further replies.
Ok....so you buy this thing and connect it to your puter say to store backups..... how you get data on it ? How does it protect your computer if your computer can read any infected drive you put in it ?
 

glasssplinter

Distinguished
Feb 22, 2006
111
0
18,680
0
Ok....so you buy this thing and connect it to your puter say to store backups..... how you get data on it ? How does it protect your computer if your computer can read any infected drive you put in it ?
That's what my thoughts were also. I can see it being used to try and remove a virus without having to worry if the drive itself got infected but beyond that I'm not seeing how read only prohibits the virus on the drive infecting the computer it's plugged into. I could see this possibly being used in a corporate environment where you don't want people deleting or modifying the files but even that is a stretch. Who cares if Forensic investigators can quickly discover if the interface bridge was tampered with and replaced with a read/write enabled board, the drives are removable so what impact does that even have? The only way I could see this working is if the unit itself encrypts all of the data so you could remove the drive, but couldn't use it on any other computer.
 

a1r

Reputable
Aug 6, 2014
41
0
4,540
2
Read only docks are a specific tool for specific uses. Use scenario 1) information is stored on the disk from a known trusted source. This information is desired by someone with a computer you don't trust and can't confirm it's security. Read only dock allows local data transfer in a single direction without damaging infections making it to the hard drive in the dock because it lacks the physical pathways allowing write access.

Use scenario 2) forensics. Forensics is more than a legal examiner searching for kiddie porn on a perp's hard drive. It also takes the form of known clean software being loaded from a drive with hardware write paths severed. This can be used with debuggers, memory dump software, file scanners of various sorts, and, yes, the more common malware scanners. These uses are all valid and since time is money, the faster this can be done, the less time is spent on each case.

In short, this sort of device isn't for the average kid writing backups at home. It's a device for professionals needing an inexpensive alternative to read-only imaging hardware. The last time I checked the least expensive of such was $250, and it was extremely limited.
 

glasssplinter

Distinguished
Feb 22, 2006
111
0
18,680
0
Botched article by Tom's. The press release sounds legit, Tom's added some confusion to it.

Following the link they describe it in a useful manner which is what a1r posted, mostly forensics.

"This unique feature ensure absolute protection on any hard drive or SSD against virus contamination or data tampering. It is a great tool for sharing drives containing important data among different users or for forensic application."

"Addonics Technologies today announced the Sapphire family of Write-Protect readers that treat hard drive, SSD or flash media as READ only storage to protect against virus
contamination or data tampering."
 
That was my impression also .... article was written so as to appear it would have wider appeal than it really does..... why it would be of interest to the 99.8% of the THG community escapes me.

In an office setting where you'd want to keep a set of "master documents" that could be downloaded and edited for specific projects, this keeps the original from accidentally being modified. But I can do that just by simply disabling write to any server partition or user.

No doubt it has it's very specific uses but article wasn't written that way.
 

a1r

Reputable
Aug 6, 2014
41
0
4,540
2
Yeah, I agree, Jack, the article itself is worded badly. This kind of item is only of use if you need local read only storage interfaces where the original must be absolutely preserved against alteration. Generally that's only the case in ultra secure environments and forensics. Most users are never going to need something like this. This is analogous to the old write protect notches on floppy disks and the write protect switches on some modern flash cartridges.
 
I've always wondered why these things aren't used for things like web servers. Configure the server the way you want it, direct any dynamic content or new files like logs to another drive, then just make the server's boot/OS drive read-only. Someone might be able to hack into it, but there's not much they can do once they're in because all the system files are read-only. They can't pwn it and reconfigure it for other purposes.
 
Status
Not open for further replies.

ASK THE COMMUNITY

TRENDING THREADS