Jump to content











Photo
- - - - -

Make a write protected Windows pendrive

write protected boot windows pendrive

  • Please log in to reply
5 replies to this topic

#1 PSPlover

PSPlover
  • Members
  • 8 posts
  •  
    Germany

Posted 02 January 2017 - 01:20 PM

Hey people

 

I have already used my pendrives as bootable windows installation drives and know how to do it.

But now I want to make a bootable windows (8.1) installation "disk" from my flashdrive, and this flashdrive should be write-protected. (it shouldn't be possible to overwrite the partition)

 

Here is the chipgenius report : 

 

 

Description: [E:]USB-Massenspeichergerät(SMI USB DISK)

Device Type:        Mass Storage Device
 
Protocal Version: USB 2.00
Current Speed: High Speed
Max Current: 500mA
 
USB Device ID: VID = 090C PID = 1000
Serial Number: AA00000000004572
 
Device Vendor: PSPlover
Device Name: PSPlover
Device Revision: 1100
 
Manufacturer: SMI
Product Model: USB DISK
Product Revision: 1100
 
Controller Vendor: SMI
Controller Part-Number: SM3257ENAA - ISP 130430-AA-
Flash ID code:      ECD798CE - Samsung K9ABGD8U0B - 1CE/Single Channel [TLC-8K] -> Total Capacity = 4GB

 

It's an older intenso rainbow stick with an SM3257ENAA chip, and I can't remember to see an option in the manufacture tool.

 

I hope someone can give me an useful advise  :) 


Edited by PSPlover, 02 January 2017 - 01:23 PM.


#2 Wonko the Sane

Wonko the Sane

    The Finder

  • Advanced user
  • 16066 posts
  • Location:The Outside of the Asylum (gate is closed)
  •  
    Italy

Posted 02 January 2017 - 01:45 PM

The SMI MP Tool does have a setting for "Disk Read Only":

https://translate.go...-xXh6idmkXRlapA

smmpt-setmainflow.png

 

As always how the various settings combine is difficult to say (and the SMI tool is particularly complex) but if the use is that of a Windows Install probably using a CD partition would be more easy.

There are other utilities to do that (you'll have to check iof your speciifc device/controller is supported by them) that are much easier, see:
https://translate.go...NUz3WWVRDjMJ9yA

 

:duff:

Wonko


  • PSPlover likes this

#3 Ivan Kostov

Ivan Kostov

    Member

  • Members
  • 46 posts
  •  
    Serbia

Posted 02 January 2017 - 09:13 PM

Hello. I have 2 questions. 1. Does this programs can change id-s and serial number for usb pendrive? 2. Does any solution for make usb drive with win PEE, wich are boot only on specific usp pen drive? For example if are on this usb flash specify serial number? Thanks and best regards.



#4 Wonko the Sane

Wonko the Sane

    The Finder

  • Advanced user
  • 16066 posts
  • Location:The Outside of the Asylum (gate is closed)
  •  
    Italy

Posted 03 January 2017 - 10:17 AM

Hello. I have 2 questions. 1. Does this programs can change id-s and serial number for usb pendrive? 2. Does any solution for make usb drive with win PEE, wich are boot only on specific usp pen drive? For example if are on this usb flash specify serial number? Thanks and best regards.

Sure they can change (or remove altogether) the serial number. (it is not a good idea to remove the serial, generally speaking as some programs may use it to "identify" the device).

 

The solution to have the PE (or *whatever*) check the serial number and either boot or fail to is not so straightforward (though of course possible).

 

The real point is that there are (mainly) two ways to do that, both "wrong":

1) in a pre-OS-boot phase (let's say - hypothetically - grub4dos)

2) in a post-OS-boot phase (the PE loads then - as soon as the serial is checked shuts down itself)

 

#1 is m00t as another - still say - grub4dos instance can be used to boot from the key

#2 is also m00t as it may be possible to workaround the limitation, as an example by removing the file that "interrogates" the device

 

To have something even basically "secure" one would need to "integrate" the check in a needed system file :w00t: :ph34r:

 

Maybe the check needs to be inserted *somehow* in the Registry. :dubbio:

 

:duff:

Wonko



#5 Guest_AnonVendetta_*

Guest_AnonVendetta_*
  • Guests

Posted 06 January 2017 - 01:50 AM

I doubt that any of this is truly write-proof. If someone really wants to write to it they will find a way. Low level disk access may also still be possible regardless of what you do.



#6 Wonko the Sane

Wonko the Sane

    The Finder

  • Advanced user
  • 16066 posts
  • Location:The Outside of the Asylum (gate is closed)
  •  
    Italy

Posted 06 January 2017 - 10:18 AM

No, it is truly write-proof or at least "write-proof-enough" as you program the controller to reserve an area of the device as Read Only, there is no "low level" stuff that can change it if not the MP Tool (or of course corresponding commands).

Sure if someone wants to write to the memory it is possible by simply disassembling/opening the stick and write to the flash directly (or by using the MP tool) but no OS/program glitch (or malware) will be able to overwrite the area (unless it specifically contains code similar to the controller manufacturer one for the specific stick/controller, and BTW soem of thise sticks/controllers do not communicate through the normal USB driver, but you usually need to install a specific driver (SMI and Alcor as an example use such a "factory driver")

 

:duff:

Wonko







Also tagged with one or more of these keywords: write protected, boot, windows, pendrive

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users