WelcomeWelcome | FAQFAQ | DownloadsDownloads | WikiWiki

Author Topic: counterfeits and fakes continue, buyers be aware and do due-diligence always  (Read 3657 times)

Offline gadget42

  • Hero Member
  • *****
  • Posts: 823
counterfeits and fakes continue, buyers be aware and do due-diligence always

https://arstechnica.com/gadgets/2024/02/rejected-chips-hidden-microsd-cards-plague-the-usb-stick-market/
The fluctuation theorem has long been known for a sudden switch of the Hamiltonian of a classical system Z54 . For a quantum system with a Hamiltonian changing from... https://forum.tinycorelinux.net/index.php/topic,25972.msg166580.html#msg166580

Offline Rich

  • Administrator
  • Hero Member
  • *****
  • Posts: 11702
Hi gadget42
Last summer I purchased an 8 Gig SD card for my camera
at Best Buy. I used the f3 (Fight Flash Fraud) utilities on it:
https://fight-flash-fraud.readthedocs.io/en/latest/introduction.html
and it failed, so I returned it. Last December I ordered a couple
of 4 Gig cards from Amazon, and they passed.

I downloaded version 8.0 from here:
https://github.com/AltraMayor/f3/tags
Then:
Code: [Select]
tce-load -wi compiletc
unzip f3-8.0.zip
cd unzip f3-8.0
make

Then to test a card:
Code: [Select]
mount /dev/sdf1
./f3write /mnt/sdf1
./f3read /mnt/sdf1
I think the write process took about 10 minutes.
I don't recall how long the read process took, but
I'm certain it was much quicker.
« Last Edit: February 08, 2024, 04:36:38 PM by Rich »

Offline gadget42

  • Hero Member
  • *****
  • Posts: 823
The fluctuation theorem has long been known for a sudden switch of the Hamiltonian of a classical system Z54 . For a quantum system with a Hamiltonian changing from... https://forum.tinycorelinux.net/index.php/topic,25972.msg166580.html#msg166580

Offline patrikg

  • Wiki Author
  • Hero Member
  • *****
  • Posts: 722
I can very recommend ThioJoe short video regarding this scams drives.
And faster program that not scans the hole drive, sadly I think it's only for Windows.

Maybe some one can write similar program for the other platforms.

https://youtu.be/xMgEHy1A9QA

Offline Rich

  • Administrator
  • Hero Member
  • *****
  • Posts: 11702
Hi patrikg
... And faster program that not scans the hole drive, ...
As you saw in the video, these scammers create their own firmware
to make these devices look like something they are not. They already
create fake directory entries to make it look like files were saved. I'm
sure they are capable of figuring out ways to evade partial size tests
like ValiDrive which states it does a 576 region spot check. There's
nothing to stop them from keeping track of the most recently written
locations so they are available for reading back when requested.

Testing the whole device is the only way to be certain. Leaving untested
holes just leaves openings for the scammers to eventually exploit.

Offline patrikg

  • Wiki Author
  • Hero Member
  • *****
  • Posts: 722
HI Rish

Truth be told, where there is money to be made, there are always crooks around.

Offline gadget42

  • Hero Member
  • *****
  • Posts: 823
mostly i pointed to ValiDrive because that webpage is fairly informative and gives an account of recent purchases of fraudulent drives.
(i haven't tried it as i don't do windows but i was using Steve Gibson's stuff decades ago when i did do microsoft)

i agree with Rich that the description does say "576-region spot-check" near the top of the page

further down on that webpage it says "ValiDrive performs a quick, random-sequence spot-check across the drive's entire declared storage space. At every location it verifies the successful storage and retrieval of random (unspoofable) test data."

actually this additional webpage gives more details:
https://www.grc.com/validrive/ui-details.htm

someday i may grab some old spinning rust and load up windows to play around with ValiDrive but it's not likely in the short-term

ymmv
The fluctuation theorem has long been known for a sudden switch of the Hamiltonian of a classical system Z54 . For a quantum system with a Hamiltonian changing from... https://forum.tinycorelinux.net/index.php/topic,25972.msg166580.html#msg166580

Offline gadget42

  • Hero Member
  • *****
  • Posts: 823
just ran f3 on a 2GB flash media so i could do a paste:
Code: [Select]
somebody@somewhere:~$ sudo f3probe --destructive --time-ops /dev/sdd
F3 probe 7.1
Copyright (C) 2010 Digirati Internet LTDA.
This is free software; see the source for copying conditions.

WARNING: Probing normally takes from a few seconds to 15 minutes, but it can take longer. Please be patient.

Good news: The device `/dev/sdd' is the real thing

Device geometry:
            *Usable* size: 1.83 GB (3842048 blocks)
        Announced size: 1.83 GB (3842048 blocks)
                     Module: 2.00 GB (2^31 Bytes)
   Approximate cache size: 0.00 Byte (0 blocks), need-reset=no
   Physical block size: 512.00 Byte (2^9 Bytes)

Probe time: 2'28"
  Operation: total time / count = avg time
          Read: 1.12s / 4747 = 236us
         Write: 2'27" / 1744961 = 84us
         Reset: 0us / 1 = 0us
somebody@somewhere:~$
The fluctuation theorem has long been known for a sudden switch of the Hamiltonian of a classical system Z54 . For a quantum system with a Hamiltonian changing from... https://forum.tinycorelinux.net/index.php/topic,25972.msg166580.html#msg166580

Offline Rich

  • Administrator
  • Hero Member
  • *****
  • Posts: 11702
Hi gadget42
Just wanted to point out, f3probe does just that, it probes.
It does not write and read all locations.

There's also this:
Quote
... I’ve marked f3probe as experimental for now because this model has not been battle proven. ...
Found here:
https://fight-flash-fraud.readthedocs.io/en/latest/usage.html

Offline gadget42

  • Hero Member
  • *****
  • Posts: 823
just ran f3write & f3read on a 2GB flash media so i could do a paste:
Code: [Select]
somebody@somewhere:~$ f3write /media/somebody/2gb-minimee
F3 write 7.1
Copyright (C) 2010 Digirati Internet LTDA.
This is free software; see the source for copying conditions.

Free space: 1.83 GB
Creating file 1.h2w ... OK!                       
Creating file 2.h2w ... OK!                       
Free space: 0.00 Byte
Average writing speed: 5.35 MB/s
somebody@somewhere:~$ f3read /media/somebody/2gb-minimee
F3 read 7.1
Copyright (C) 2010 Digirati Internet LTDA.
This is free software; see the source for copying conditions.

                  SECTORS      ok/corrupted/changed/overwritten
Validating file 1.h2w ... 2097152/        0/      0/      0
Validating file 2.h2w ... 1735320/        0/      0/      0

  Data OK: 1.83 GB (3832472 sectors)
Data LOST: 0.00 Byte (0 sectors)
       Corrupted: 0.00 Byte (0 sectors)
Slightly changed: 0.00 Byte (0 sectors)
     Overwritten: 0.00 Byte (0 sectors)
Average reading speed: 16.46 MB/s
somebody@somewhere:~$
f3probe done in my earlier post
The fluctuation theorem has long been known for a sudden switch of the Hamiltonian of a classical system Z54 . For a quantum system with a Hamiltonian changing from... https://forum.tinycorelinux.net/index.php/topic,25972.msg166580.html#msg166580

Offline CentralWare

  • Retired Admins
  • Hero Member
  • *****
  • Posts: 776
ValidDrive and its "spot-check" is actually a reasonably "quick" test 90+% of the time -- in a few instances it crawled as the fakeware on the bogus flash (eg: "Shannanzi USB3.0 512GB") couldn't make heads or tails of the addresses that were thrown at it and choked.  Out of three known "bogus" flash chips we tested (512GB China uSD - three different "brands" -- or "labeling" on the chips at least) all three were detected as fakes, their "real" size was properly detected (not that it matters as the firmware makes even the real physical size unreliable at best) and the amount of time it took for each averaged less than a minute (compared to byte-for-byte testing, that's nothing!)

Truth be told, where there is money to be made, there are always crooks around.
So sad...  but so true.

Offline gadget42

  • Hero Member
  • *****
  • Posts: 823
this was a previous forum entry regarding counterfeits, fakes, and frauds:

https://forum.tinycorelinux.net/index.php/topic,26583.msg171356.html#msg171356

"brands" would relate to "resellers" and would be an unverifiable number in any case.

just try to get a valid/official chain-of-custody AND certifications-of-authenticity(for all the assemblies/components/processes) on even _one_ product!

the whole planet is awash with fake stuff!

for example, how do you KNOW each and every specified component at the motherboard level is authentic/real on a TALOSII that you just paid $10K for?
https://www.raptorcs.com/TALOSII/

what about all the components in the controls on civilian AND military rockets/missiles/biological-and-chemical-release-systems/weapons-of-mass-destruction-and-murder?
https://www.youtube.com/watch?v=LQUXuQ6Zd9w

referencing TALOS reminded of this unboxing commentary:
https://tenfourfox.blogspot.com/2018/04/unboxing-talos-ii-its-here.html
The fluctuation theorem has long been known for a sudden switch of the Hamiltonian of a classical system Z54 . For a quantum system with a Hamiltonian changing from... https://forum.tinycorelinux.net/index.php/topic,25972.msg166580.html#msg166580

Offline CentralWare

  • Retired Admins
  • Hero Member
  • *****
  • Posts: 776

Offline jazzbiker

  • Hero Member
  • *****
  • Posts: 934
Hi!

Thanks for warning about the problem anyone may face. I see many people take participation in the struggle with fake flash. They write articles, write sophisticated code, create and maintain repositories, produce issues and pull requests... But does the problem really worth so much efforts? Isn't it enough to fill the drive with any non-repetitive sequence and then verify it? Why so much hype and movements? Just as the mean to attract as much attention as possible? But I guess anyone who will once face the problem will be aware enough :-) Others will continue spending their still lives, not bad too.

Offline CentralWare

  • Retired Admins
  • Hero Member
  • *****
  • Posts: 776
@jazzbiker: In the past two months, we've ordered a few dozen 512GB flash based devices (SD cards, MicroSDs, USB sticks, etc.) from numerous vendors. Our local hardware store (55+ minute drive... and I call it local) sells these cards legitimately for $35 and the quality is reasonably solid.  Some of these "fake" vendors will go as low as $11 USD for a 512GB, I'm guessing with the mentality of "...stealing $11 is better than trying to get $30 and having fewer victims!" so even though there's a slight chance of financial loss, I've paid $11 through $28 for many different China brands and every single one of them is a fake.  In fact, only one China chip was what it claimed to be...  but it claimed to be 400GB.

400GB isn't "a thing."

More than likely, it was SUPPOSED to be a 512GB but the die likely cut quite a few rejects where 400 of the 512 was usable...  so technically they're defective but they passed testing!

Now, to make fun of the problem, these same "fake" vendors are using naive shoppers as their newest victims by hacking old 1GB and 2GB SD cards and selling them as 128MB, 256MB and 512MB...  most people don't "realize" that "MB" hasn't been manufactured in YEARS and it's not the size you're after, but these MB cards are selling like hotcakes because they have the right NUMBERS ("...my son told me to buy a 256...") and the hacks are LEGAL (if you buy a 512MB card --- you're GETTING 512MB!) so resellers, banks, credit card companies, etc. aren't as willing to approve charge-backs/refunds as you end up getting exactly what you purchased, even though you just paid $25 for a 256 MEGAbyte SD card!!!

Quote
does the problem really worth so much efforts?
Sometimes.

Quote
Isn't it enough to fill the drive with any non-repetitive sequence and then verify it?
To fill an SD card of 512GB at ~25MB/s...  I'm guessing that's about six hours of just writing to the card, another 3-4 hours verifying the data ~40MB/s... all for a $35 card that I know where I can get legitimate ones...  but our clients don't.  Their friends and family...  they probably do not as well. If I educate just ONE client, there's a possible impact of 20 or more people.  If all of them were "informed consumers" that's potentially HUNDREDS of dollars saved from theft.

Most clones/fakes start at 128GB these days, but there are plenty of the smaller ones still in circulation.  Plus, there's the MB issue, too.

We hunt down the bogus "brands" and where they can be purchased from and we find legitimate ones in the process.  Sharing this information doesn't put the bad guys out of business, but if enough people know how to look for problems, that's $XXX.xx the bad guys aren't making!