posted 15 Oct 2016
Flash Fraud is a real and it affects hundreds of millions… or thousands… well, I have no idea how many people it really effects, but I have been a victim of Flash Fraud once and the experience was very irritating.
What is Flash Fraud? In short you are sold a device of lower capacity than what was advertised. Solid state media comes in many forms, most common consumer forms are SD cards and USB flash drives (yes, there are other forms, SSDs, mSATAs, etc but that is not as common for off the shelf or cheap data storage units). It is possible for a seller to take a lower capacity flash drive like a USB drive or SD Card and modify the controller so that it reports that the total capacity is larger than what is reality.
The casual consumer could see a great deal on the Internet, thinking he/she is getting a steal on on 32GB MicroSD Card when it is unknowingly only a 16GB card. Someone may actually go for weeks, months, even a year a while without any problems at all problem will show when the victim takes the 10,401st selfie that over writes the first selfie and the whole file system starts to unravel and corrupt. The average user may not know they are using a faulty drive for months after purchase and well past the 30 day return policy.
Fight Flash Fraud
You can Fight Flash Fraud by checking new devices as soon as you buy them. The tool to do that in Linux is F3. This can be found in the openSUSE Software Service. This is a terminal only program, although there is a User Interface it is not compiled for openSUSE at this time. This is not a problem as the usage of it is really quite easy… and FUN!
The two primary functions you will use are f3write and f3read, that is how you will conduct the test on the drive itself.
Installation
As with everything using the openSUSE Build Service, it is really easy to install just take a quick trip over to the openSUSE Software Service, select your distribution version number, and do the 1 Click Install.
If you prefer the terminal:
sudo zypper install f3
f3write
Since this is only available as a terminal program in openSUSE from the repositories, I will go through using this in the terminal and using KDE as my Desktop Environment.
Insert your USB drive or SD Card, whatever flash medium it is you have that you want to verify.
Mount the drive in the system. I am using KDE but it should work similarly on other Desktops
f3write [location to the media that needs to be checked]
f3write /run/media/cubiclenate/SMI/
f3read
f3read /run/media/cubiclenate/SMI/
What you should do if you’ve been had
You certainly should inform the seller you have been sold a faulty or fraudulent flash drive. It is possible, the seller has also been had as well. Even though it is possible to correct the drive controller chip to tell the operating system what the actual size it is you still have a drive that does not match up with your sales description. It would be fair to ask for your money back, if it is too late for that, than at least make the fix and repeat the test.
Final Thoughts
This a utility I wish I had known about years ago. It is really quite empowering to know that I can check to verify the honesty of a seller and not find out that I had been had when the drive fills up and starts to destroy the previously saved content. I like knowing that there is one more place that some fellow isn’t going to slip another one past CubicleNate again.
External Links
For further reading on the F3 project go here.