What should I do with a presumably fraudulent thumb drive?
August 22, 2016 5:13 PM Subscribe
I found a thumb drive online claiming to hold 2 terabytes for $16. For no good reason, I bought it. It must be a fraud, and now I'm afraid to even plug it in.
On a Chinese website called wish.com which sells unusually cheap, generally poor-quality goods with a long shipping wait, I found a Flash thumb drive that claims it holds 2 Terabytes. It cost about $16.
For a lark, I went ahead and bought it. Now that it's arrived, I'm afraid to even plug it in. If something sounds too good to be true, it probably is. It couldn't possibly hold two terabytes, could it? Is it possible it's loaded with malware?
I don't think anyone even really makes two-terabyte thumb drives. I just looked it up, and other companies are selling 2-terabyte solid-state drives for $625.
I have an old PC in the basement I could re-assemble so that I could plug this thing in without fear of it infecting the computer I actually use. Is that the best course of action?
On a Chinese website called wish.com which sells unusually cheap, generally poor-quality goods with a long shipping wait, I found a Flash thumb drive that claims it holds 2 Terabytes. It cost about $16.
For a lark, I went ahead and bought it. Now that it's arrived, I'm afraid to even plug it in. If something sounds too good to be true, it probably is. It couldn't possibly hold two terabytes, could it? Is it possible it's loaded with malware?
I don't think anyone even really makes two-terabyte thumb drives. I just looked it up, and other companies are selling 2-terabyte solid-state drives for $625.
I have an old PC in the basement I could re-assemble so that I could plug this thing in without fear of it infecting the computer I actually use. Is that the best course of action?
Depends on how much you care about $16. When you plug it in, it'll probably ask you whether you want to format it. If so, you can say "yes" and that'll wipe out whatever bugs might be on it, most likely, plus you can see how much storage space it actually has. A 2TB drive is gonna take a while though. Or it'll take 30 seconds because they actually meant 2MB lol.
posted by Autumnheart at 5:18 PM on August 22, 2016
posted by Autumnheart at 5:18 PM on August 22, 2016
You could log into the guest account of your computer (so you don't have software-installation priveledges) and look at it from there. (Turn off autorun if you can.)
I'm guessing that either there is no software on it or it comes with horrible free software that you wouldn't want to install, but I doubt it will auto-install malware with no input from you. That said, the level of risk you're comfortable with (and the recourse available to you) is entirely personal. I would look, but I'm not you.
posted by -harlequin- at 5:23 PM on August 22, 2016
I'm guessing that either there is no software on it or it comes with horrible free software that you wouldn't want to install, but I doubt it will auto-install malware with no input from you. That said, the level of risk you're comfortable with (and the recourse available to you) is entirely personal. I would look, but I'm not you.
posted by -harlequin- at 5:23 PM on August 22, 2016
Maybe boot off a linux live cd to check out the contents?
posted by TrinsicWS at 5:33 PM on August 22, 2016 [3 favorites]
posted by TrinsicWS at 5:33 PM on August 22, 2016 [3 favorites]
Use a flash tester like F3 or H2testw. They have quick capacity sanity checks, then slow "write all the blocks" checks to really test capacity.
posted by scruss at 5:41 PM on August 22, 2016 [1 favorite]
posted by scruss at 5:41 PM on August 22, 2016 [1 favorite]
Do not plug it into a computer under any circumstances. It could very easily put your machine under control of Chinese hackers. Even if you don't open anything that might be stored on it.
posted by kindall at 5:49 PM on August 22, 2016 [3 favorites]
posted by kindall at 5:49 PM on August 22, 2016 [3 favorites]
It's obviously a fraud. Just toss it. The firmware on the USB stick itself can contain malware. Even reformatting the stick won't erase that. Not worth the risk.
posted by LoveHam at 5:53 PM on August 22, 2016 [5 favorites]
posted by LoveHam at 5:53 PM on August 22, 2016 [5 favorites]
This is a total worst case scenario:
When a USB device is plugged in, the computer asks it "what are you?". The device can give any reply it chooses, from "I'm a 2TB storage device" to "I'm a combination Wifi dongle, storage device and keyboard (with sekret embedded processor)". The computer will believe whatever the device says. Now the device can do nasty things like re-route your internet traffic via an evil site, or change your password!
Source.
Never trust a usb device from a dodgy source!
Again, this is just an absolute worst case scenario, and likely won't happen in real life, unless Big Brother is out to get you.
posted by monotreme at 5:57 PM on August 22, 2016 [1 favorite]
When a USB device is plugged in, the computer asks it "what are you?". The device can give any reply it chooses, from "I'm a 2TB storage device" to "I'm a combination Wifi dongle, storage device and keyboard (with sekret embedded processor)". The computer will believe whatever the device says. Now the device can do nasty things like re-route your internet traffic via an evil site, or change your password!
Source.
Never trust a usb device from a dodgy source!
Again, this is just an absolute worst case scenario, and likely won't happen in real life, unless Big Brother is out to get you.
posted by monotreme at 5:57 PM on August 22, 2016 [1 favorite]
No one makes a thumb drive that large.
posted by Chocolate Pickle at 6:50 PM on August 22, 2016
posted by Chocolate Pickle at 6:50 PM on August 22, 2016
It's almost certainly just misreporting its filesystem; that's a very common scam with thumb drives. Like the uncomplicated soups of my childhood says above, your computer will see it as a blank 2TB drive but it data that is written to the non-existent parts of the filesystem will just vanish. That's probably all it is: a simple, low stakes, too-good-to-be-true scam.
There is a slight chance that it has sneaky sneaky malware on it. I've never heard of this happening (spreading malware via the internet is usually more cost-effective) but in principle there's no reason why that couldn't be done. If that's what it is, it will also still be misreporting its filesystem in the manner described above.
There is zero chance that it is a 2TB USB thumb drive. Such things do not exist.
posted by Anticipation Of A New Lover's Arrival, The at 7:42 PM on August 22, 2016
There is a slight chance that it has sneaky sneaky malware on it. I've never heard of this happening (spreading malware via the internet is usually more cost-effective) but in principle there's no reason why that couldn't be done. If that's what it is, it will also still be misreporting its filesystem in the manner described above.
There is zero chance that it is a 2TB USB thumb drive. Such things do not exist.
posted by Anticipation Of A New Lover's Arrival, The at 7:42 PM on August 22, 2016
just a note: I bought a shoulder bag from wish.com, and it's been excellent.
posted by jb at 8:32 PM on August 22, 2016 [1 favorite]
posted by jb at 8:32 PM on August 22, 2016 [1 favorite]
Don't plug it into a computer that is or will be internet-connected.
An offline computer, completely wiped of any personal data, which you then smash and wipe before recycling? Yeah, sure! But I would assume that some sort of malware is lurking on the drive or (worse) in the firmware.
Of course, it's also possible that someone in China just doesn't know that a 2TB drive is literally unbelievable and an obvious fake. As a friend of mine once said, "even China makes mistakes."
posted by sibilatorix at 9:48 PM on August 22, 2016
An offline computer, completely wiped of any personal data, which you then smash and wipe before recycling? Yeah, sure! But I would assume that some sort of malware is lurking on the drive or (worse) in the firmware.
Of course, it's also possible that someone in China just doesn't know that a 2TB drive is literally unbelievable and an obvious fake. As a friend of mine once said, "even China makes mistakes."
posted by sibilatorix at 9:48 PM on August 22, 2016
The letters T and G are right next to each other on my keyboards so it may have been a dumb typo for 2GB drive. Also unlikely though, that's pretty expensive for a 2GB thumb drive. I'd take a small risk and run a Linux from a Live CD/DVD while disconnected from the internet and then mount the drive to see what it says, but that's just me.
posted by Green With You at 10:08 AM on August 23, 2016
posted by Green With You at 10:08 AM on August 23, 2016
« Older Can I Eat This: Quasi-Legal Amphetamines Edition | Why can't I get over my bad ex-boss? Newer »
This thread is closed to new comments.
posted by the uncomplicated soups of my childhood at 5:17 PM on August 22, 2016 [3 favorites]