
Intro to hacking MicroSD cards (2013) - bubblehack3r
http://bunniestudios.com/blog/?p=3554
======
WestCoastJustin
If you're interested in this type of stuff. Here's a pretty good Youtube video
on the subject of SD card data recovery (soldering with a breakout PCB). His
channel is also packed with useful info on the subject of data recovery from
all types of devices.

[https://youtu.be/jjB6wliyE_Y](https://youtu.be/jjB6wliyE_Y)

Here's the point where it is all wired up.

[https://youtu.be/jjB6wliyE_Y?t=518](https://youtu.be/jjB6wliyE_Y?t=518)

------
dehrmann
> It can be anything from high-grade factory-new silicon to material with over
> 80% bad sectors.

Guess I hadn't considered that a 512GB SD card could be repackaged as a 32GB
card if the wear pattern isn't even and only 90% of the cells are dead. Also,
2013. I'm not convinced recycling this way is cost-effective.

------
ge0rg
This is the 2013 presentation about firmware analysis / modification of the
internal controller inside of uSD cards.

~~~
2013
Yeah, those mini and regular SD cards looked huge, and micro SD is pretty much
a universal standard by now.

~~~
gurgus
Sweet username!

------
T3OU-736
Shameless plug for bunnie: the "The Hardware Hacker" book has a fair bit more
on the subject, and is, the verall, quite a good read.

~~~
metamet
Amazon link for convenience: [https://www.amazon.com/Hardware-Hacker-
Adventures-Making-Bre...](https://www.amazon.com/Hardware-Hacker-Adventures-
Making-Breaking/dp/159327758X)

~~~
fapjacks
Thanks for not dressing it up with an affiliate link, seriously.

~~~
jeromegv
Would that be so bad that a fellow HackerNews user could get some revenue
instead of having one of the richest person/corporation on Earth collect the
full share of the sale instead?

~~~
Arubis
If they were shady about it, perhaps. I have no objection to affiliate links
that are disclosed.

~~~
toomuchtodo
Can you generate an affiliate link where the affiliate fee is directed to a
non-profit?

~~~
paulmd
If the non-profit has a known affiliate code, adding it to any random Amazon
item should be sufficient.

There is also AmazonSmile, although I am not 100% sure whether affiliate links
still generate revenue when using a Smile link.

~~~
dublo7
Smile transfers a portion (0.5%) of the sale to a charity of the buyers
choice. You can't force or even suggest one in the link and it only applies to
smile.amazon.com links. I think St Jude's is the default though so they may
come out ahead if you change the URL.

------
dooglius
> Those in high-risk, high-sensitivity situations should assume that a
> “secure-erase” of a card is insufficient to guarantee the complete erasure
> of sensitive data.

People in such situations should be encrypting anything sensitive that goes
onto external storage anyway, you shouldn't be in a position where you have to
"secure-erase" anything.

~~~
pbhjpbhj
Maybe "secure erase" caches, swap space, and RAM - don't know if it's true but
I understand RAM can hold a pattern when powered down, sufficient to be
recovered if you need it enough. Anything you consume unencrypted gets
displayed unencrypted at some point and so is stored in some way in clear-text
(unless you use external mechanical means for the last step?).

~~~
icebraining
Swap can be encrypted just fine.

As for RAM encryption, Linux already supports it, if you're using a very new
AMD CPU with SME:
[https://github.com/torvalds/linux/blob/master/Documentation/...](https://github.com/torvalds/linux/blob/master/Documentation/x86/amd-
memory-encryption.txt)

------
benj111
So are there any practical applications, in the sense of projects
reprogramming sd cards for other uses, as a cheap micro controller, etc?

~~~
askvictor
Given the lack of I/O, probably not (or perhaps in not thinking creatively
enough). But you can get microcontrollers for less than a dollar anyway...

Relatedly, I remember the eyeFi (or similar) wifi-enabled SD cards got
'hacked' a few years ago, and you could get a Linux shell on them.

~~~
int_19h
I mean, it still does have I/O, it just needs to present itself as a regular
SD card. So computation could be triggered by e.g. changing the contents of a
file with a certain name, and output would be another file.

One immediate practical application is a hidden cryptographic partition on an
SD card. It could be implemented in a way such that during normal use, no data
shows up, and the corresponding blocks are marked as bad. But create a
password file with the right content, and the firmware decrypts and exposes
the hidden data. Since there's no way to _read_ the firmware, only to update
it, even detecting such a scheme would require tearing the SD card down in a
lab - not really feasible for routine searches, given how many cards there are
around (used in phones and tablets etc).

------
Sujan
(2013)

------
sathackr
Needs (2013)

------
thisisit
Can we please add 2013 to this? Additionally it was discussed at that time:

[https://news.ycombinator.com/item?id=6980058](https://news.ycombinator.com/item?id=6980058)

~~~
sctb
Done. Thanks!

