Reformat USB stick with a CD ISO9660 FS
Bevin Watson
sticks at the train station. It has a small ISO9660 (CD) partition
which directs Windows users to their web site. The rest (500 Mb or so)
is left as an empty vfat partition.
I did the right thing and went to the web site and read it in detail.
Now I want to give the USB to my child. He is too young to take out
insurance so I want to remove CD partition to stop annoying pop-ups.
It says the CD file system is read-only (obviously) and won't let me
delete the files from it. It seems the simplest thing is to just
reformat the whole device. However, I'm getting a little out of my
league thinking about partitions versus the whole device. fdisk etc.
seem to be partition-based. Should I just "dd" all over it?
nb: The USB stick shows up as /dev/scd1 (ISO 9660) and /dev/sdd1 (vfat)
--
ubuntu-au mailing list
ubun...@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-au
Dave Hall
> A couple of days ago the nice people from MBF handed out 512 Mb USB
> sticks at the train station. It has a small ISO9660 (CD) partition
> which directs Windows users to their web site. The rest (500 Mb or so)
> is left as an empty vfat partition.
> I did the right thing and went to the web site and read it in detail.
> Now I want to give the USB to my child. He is too young to take out
> insurance so I want to remove CD partition to stop annoying pop-ups.
> It says the CD file system is read-only (obviously) and won't let me
> delete the files from it. It seems the simplest thing is to just
> reformat the whole device. However, I'm getting a little out of my
> league thinking about partitions versus the whole device. fdisk etc.
> seem to be partition-based. Should I just "dd" all over it?
> nb: The USB stick shows up as /dev/scd1 (ISO 9660) and /dev/sdd1 (vfat)
Try this
Install gparted via Synaptic (System -> Administration)
put the usb stick into your PC
Unmount the devices (In nautilus right click and select unmount)
Run gparted (System -> Administration -> Partition Editor)
Enter your password when prompted
Select the usb stick from the drop down on the right (probably /dev/sdd
for you)
Make sure it shows the 2 partitions one ISO9660 and the other as vfat
Select each partition and hit delete
Click apply and confirm (and hope you selected the right device)
Now click on the unallocated area
Click the new button
By default it should have selected all of the device
Change the filesystem to FAT32
Click the Add button
Click Apply and confirm
Give it to your son and tell him the reason why private health insurance
is such a rip off is because the companies waste sooo much money on
stupid promotions like giving away USB keys which link to their website.
Also point out to him that part of the reason for such high petrol
prices is because of the amount of pointless plastic produced each year
which ends up in landfill within days on a consumer receiving it. Then
finally tell your son to ask his IT teacher when his school will stop
wasting money on MS licenses
Ok, that last step is optional :)
Cheers
Dave
Daniel Mons
Hash: SHA1
Bevin Watson wrote:
> delete the files from it. It seems the simplest thing is to just
> reformat the whole device. However, I'm getting a little out of my
> league thinking about partitions versus the whole device. fdisk etc.
> seem to be partition-based. Should I just "dd" all over it?
> nb: The USB stick shows up as /dev/scd1 (ISO 9660) and /dev/sdd1 (vfat)
I'd zero the device with dd. Find out the device using "sudo fdisk -l"
to print out all partitions and physical devices. If it turns up as
/dev/sdd, for example, use the following dd command to wipe it:
sudo dd if=/dev/zero of=/dev/sdd
This will give no output until the dd operation is complete. It will
simply write zeros (as in binary zeros, not the ASCII charcter "0") to
the physical device, destroying all partitions in the process. (Again,
I cannot stress how important it is to check and ensure you are wiping
the right disk - do this to your system or data disks and you can kiss
their contents goodbye).
Once done, eject/remove the device, re-insert it, and type "sudo fdisk
- -l" once again. The device should show up all on it's own with no valid
partition information attached.
- From here, partition and format it in whatever way you feel comfortable
(fdisk, gparted, whatever).
On a semi-related note, those who want to securely wipe hard disks can
use a similar method with alternating passes of /dev/zero and
/dev/urandom. I do this as standard when decomissioning desktops and
laptops if they are to be donated, re-imaged, or eBay'ed somewhere.
Servers and machines carrying highly sensitive data get a more severe
dose of DoD 5220.22-M via "Darik's Boot and Nuke" (Google it for details).
- -Dan
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFIURW+eFJDv0P9Qb8RArskAJ9W+jkCkrMO4RWLt3pNzlzJ+6rb+QCeIHK1
F6WDYyuC7BmjqLH+Kw7BgZ4=
=0UZq
-----END PGP SIGNATURE-----
Bevin Watson
When I call up gparted I only see /dev/sdd (the harmless vfat
partition). I removed the vfat partition.
sudo gparted I get:
Unable to open /dev/scd1 read-write (Read-only file system). /dev/scd1
has been opened read-only.
Unable to open /dev/scd1 - unrecognised disk label.
The little blue light on the USB is flogging itself to death.
Interestingly, on my wife's laptop running MS Vista I had similar
results - it basically locked the thing up. Maybe I've just got crook
hardware?
BTW Good point, but I'm more concerned about publicly-subsidised health
insurance going towards chiropracy and sports shoes than USB keys.
BTW2 ...tell me about it... My daughter in a specialised high-tech high
school takes in ISO standard document to her science teacher and he
can't read it !!! The govt spends millions on MS software and hardware
for schools, but isn't interested in air-conditioning, power points,
network cables or teacher training.
Ahhh, it's nice to have things to whinge about.
Christopher Lees
wrote:
> Subject: Reformat USB stick with a CD ISO9660 FS
> To: ubun...@lists.ubuntu.com
> Message-ID: <1213270816.3087.19.camel@downstairs>
> Content-Type: text/plain; charset=UTF-8
>
> A couple of days ago the nice people from MBF handed out 512 Mb USB
> sticks at the train station. It has a small ISO9660 (CD) partition
> which directs Windows users to their web site. The rest (500 Mb or so)
> is left as an empty vfat partition.
> I did the right thing and went to the web site and read it in detail.
> Now I want to give the USB to my child. He is too young to take out
> insurance so I want to remove CD partition to stop annoying pop-ups.
> It says the CD file system is read-only ?(obviously) and won't let me
> delete the files from it. It seems the simplest thing is to just
> reformat the whole device. However, I'm getting a little out of my
> league thinking about partitions versus the whole device. fdisk etc.
> seem to be partition-based. Should I just "dd" all over it?
> nb: The USB stick shows up as /dev/scd1 (ISO 9660) and /dev/sdd1 (vfat)
Recently my father asked me to do the same thing, with a USB stick from
his workplace. Gparted would just freeze when starting up if the USB
drive was connected. Cfdisk could easily reformat the writable portion,
but it couldn't touch the ISO9660 part. I tried dd'ing all over it, but
that also did not touch the ISO9660 part!
I think there must be some sort of hardware protection. Maybe the
ISO9660 part is actually a ROM chip rather than just part of the flash.
I noticed a couple of electrical stores are selling flash drives for
less than $10, so if you can't de-insurance your freebie stick, at least
you can get your son one cheaply.
The technique of having a seperate partition emulating a CD was actually
invented for the purpose of distributing a device driver on the device
itself. I'm sure the technique has never been used for its original
purpose, but the guy's got to be rich now :-)
Chris Lees
andre...@gmail.com
In both cases I removed the partitions and then reformatted.
Gparted has never worked for me except to display the formatted structure of the device. The procedure Dave Hall described should have worked.
On my screen, Gparted shows the 'Delete' option as unavailable.
You could try to remove the partitions using Windows. Right click on 'My Computer' and select 'Manage' from the dropdown menu. With your device plugged in, a screen will show you what your partitions are. Click on a partition and select 'Delete'.
Andre
Owen Townend
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
>
> Bevin Watson wrote:
> > delete the files from it. It seems the simplest thing is to just
> > reformat the whole device. However, I'm getting a little out of my
> > league thinking about partitions versus the whole device. fdisk etc.
> > seem to be partition-based. Should I just "dd" all over it?
> > nb: The USB stick shows up as /dev/scd1 (ISO 9660) and /dev/sdd1 (vfat)
>
>
> I'd zero the device with dd. Find out the device using "sudo fdisk -l"
> to print out all partitions and physical devices. If it turns up as
> /dev/sdd, for example, use the following dd command to wipe it:
>
> sudo dd if=/dev/zero of=/dev/sdd
>
This is overkill here, there is no inherant security or other risk in
leaving the data unscrubbed. This should be sufficient:
sudo dd if=/dev/zero of=/dev/sdd bs=512 count=1
This will wipe the partition table. You can then use gparted, fdisk,
cfdisk etc to add partitions back in.
This is of course providing that there are no hardware limitations on
removing the cd image partition.
[snip]
>
> On a semi-related note, those who want to securely wipe hard disks can
> use a similar method with alternating passes of /dev/zero and
> /dev/urandom. I do this as standard when decomissioning desktops and
> laptops if they are to be donated, re-imaged, or eBay'ed somewhere.
> Servers and machines carrying highly sensitive data get a more severe
> dose of DoD 5220.22-M via "Darik's Boot and Nuke" (Google it for details).
>
> - -Dan
The few times I have had to securely destroy data for customers have
been situations where the data is much more valuable than the hardware
itself. This opens opportunities for physical destruction.
cheers,
Owen.
Daniel Mons
Hash: SHA1
Owen Townend wrote:
> This is overkill here, there is no inherant security or other risk in
> leaving the data unscrubbed. This should be sufficient:
> sudo dd if=/dev/zero of=/dev/sdd bs=512 count=1
Agreed. And it's a heck of a lot quicker.
> The few times I have had to securely destroy data for customers have
> been situations where the data is much more valuable than the hardware
> itself. This opens opportunities for physical destruction.
I work for a few financial/superannuation types who tend to hold
sensitive data (AU Tax File Numbers and US Social Security Numbers,
etc). While not as inherently "valuable" (compared to credit card
numbers and so forth which are more easily abused), there is a certain
government/legal conformance requirement to take all necessary steps to
safely scrub data.
On the topic of hard disk destruction - I've seen good (read: expensive)
data recovery agencies recover data even from laptops that have been in
house fires or car crashes. For a while there, the Australian
government standard was to destroy the disk via a nailgun, but again
even that can be recovered from partially if the data wasn't properly
scrubbed beforehand. Data recovery agencies have many methods of
retrieving data from physical disk platters even if part of the platter
has sustained physical damage.
If you're deadly serious about removing data from drives, a combination
of software like DBAN as well as physical destruction of the hard disk
platters themselves (e.g.: industrial metal shredders) is a good choice.
But without going to the expensive extreme of physical disk destruction,
most data recovery places concede that the 7-pass DoD methods of data
wiping are generally good enough to remove any ability to recover past
data. Even if there is anything left, it's generally not enough to
rebuild whole files or even strings of useful data. It's certainly
enough if you're not worried about the practical ramifications, and only
worried about the legal "tick the boxes" conformance side of things.
- -Dan
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFIU3E9eFJDv0P9Qb8RApnJAJ9dP6qT9EAV/SJAq5x9DYY9yGzzfACfX2M0
cHQlCebJ5dpIJoHFCLkynVY=
=kUk2
-----END PGP SIGNATURE-----
Bevin Watson
On reflection, the fact that it shows up as two separate devices (scd
and sdd) implies that it is something in the hardware.
I've also had a go with MS Vista and XP with the same result.
I think I'll just happily take the 500Mb and teach my son to ignore the
advertisement.
(Hmmm.. next experiment - does my son's XP box have something like udev
rules so I can tell it to not autorun the advertisement?)
Thanks for the entertaining discussion.
Norm
I've used it a few times to remove the bootable CD partition
Norm
Bevin Watson wrote:
> I've given up on trying to remove the "cd" component.
> On reflection, the fact that it shows up as two separate devices (scd
> and sdd) implies that it is something in the hardware.
> I've also had a go with MS Vista and XP with the same result.
> I think I'll just happily take the 500Mb and teach my son to ignore the
> advertisement.
> (Hmmm.. next experiment - does my son's XP box have something like udev
> rules so I can tell it to not autorun the advertisement?)
>
> Thanks for the entertaining discussion.
>
>
>
>
> ------------------------------------------------------------------------
>
>
> No virus found in this incoming message.
> Checked by AVG.
> Version: 8.0.100 / Virus Database: 270.3.0/1502 - Release Date: 6/13/2008 7:25 PM
Bevin Watson
It seems to see them as different devices (scd and sdd)
I tried again, writing zeroes to scd but it didn't seem interested in
me.
zzz@zzz:/media$ sudo dd if=/dev/zero of=/dev/scd
dd: writing to `/dev/scd': No space left on device
514929+0 records in
514928+0 records out
263643136 bytes (264 MB) copied, 16.7721 s, 15.7 MB/s
zzz@zzz:/media$ sudo gparted
======================
libparted : 1.7.1
======================
Unable to open /dev/scd1 read-write (Read-only file system). /dev/scd1
has been opened read-only.
Unable to open /dev/scd1 read-write (Read-only file system). /dev/scd1
has been opened read-only.
Unable to open /dev/scd1 - unrecognised disk label.
I'm strarting to think I should just leave the USB next to a big magnet
for a few days...
Owen Townend
> I've given up on trying to remove the "cd" component.
> On reflection, the fact that it shows up as two separate devices (scd
> and sdd) implies that it is something in the hardware.
> I've also had a go with MS Vista and XP with the same result.
> I think I'll just happily take the 500Mb and teach my son to ignore the
> advertisement.
> (Hmmm.. next experiment - does my son's XP box have something like udev
> rules so I can tell it to not autorun the advertisement?)
>
> Thanks for the entertaining discussion.
>
>
Hey,
There's a registry entry to disable autorun, though IIRC this will
disable it for groups of devices, though I've never had need to go
looking for fine-grained control over this.
A quick google will net you instructions such as:
Microsoft support: uses cdrom reg key
http://support.microsoft.com/kb/155217 (cdrom only)
Random search result: uses group policy key
http://blog.ashfame.com/2008/03/disable-usb-autorun-save-pc-usb-viruses/
(usb etc)
Another simple option is buying a new stick. The place I usually go to
has no-name 1/2/4/8/16GB sticks for $8/$12/$19/$36/$72 respectively.
While the learning curve here is nice, depending on how you value your
time it may be cheaper to just buy a new one, or go down the nagware
path of 'if you actually do your set chores you could afford one
without adds'. He'd either live with it, do the chores, save for a new
one anyway, or figure out the registry key hack himself :)
cheers,
Owen.
Christopher Lees
> Failed.
> It seems to see them as different devices (scd and sdd)
> I tried again, writing zeroes to scd but it didn't seem interested in
> me.
> zzz@zzz:/media$ sudo dd if=/dev/zero of=/dev/scd
> dd: writing to `/dev/scd': No space left on device
> 514929+0 records in
> 514928+0 records out
> 263643136 bytes (264 MB) copied, 16.7721 s, 15.7 MB/s
> zzz@zzz:/media$ sudo gparted
> ======================
> libparted : 1.7.1
> ======================
> Unable to open /dev/scd1 read-write (Read-only file system). /dev/scd1
> has been opened read-only.
> Unable to open /dev/scd1 read-write (Read-only file system). /dev/scd1
> has been opened read-only.
> Unable to open /dev/scd1 - unrecognised disk label.
> Unable to open /dev/sdd - unrecognised disk label.
> I'm strarting to think I should just leave the USB next to a big magnet
> for a few days...
If you want to leave it next to a magnet, be my guest. But it won't do
anything, as flash is not sensitive to magnetism.
As I mentioned before, I've already tried writing zeroes to a similar
flash drive, to no avail. I've since found out that there is special
hardware that causes the "CD" portion to be visible and read-only, so I
guess doing anything else now is a waste of time. Unless you have
Windows.