preventing oh shit moments for 20 or less
play

Preventing Oh Shit Moments for 20 or Less Philip A. Polstra, Sr. - PowerPoint PPT Presentation

Oct 13, 2023 •540 likes •1.15k views

Preventing Oh Shit Moments for 20 or Less Philip A. Polstra, Sr. University of Dubuque Roadmap Why this talk? Brief history of USB How does USB work? Its all descriptors and endpoints Bulk-only Mass Storage

  1. Preventing “Oh Shit” Moments for € 20 or Less Philip A. Polstra, Sr. University of Dubuque

  2. Roadmap • Why this talk? • Brief history of USB • How does USB work? • It’s all descriptors and endpoints • Bulk-only Mass Storage Devices • Keeping your toys intact • Microcontrollers are fun (and cheap) • How can I have more fun with USB?

  3. Why this talk? • USB flash drives have become defacto standard for storing and exchanging info • Everyone uses them, but few understand them • Having your Katana drive deleted by antivirus sucks • A cheap way of write-blocking your thumb drives doesn’t suck

  4. Brief History or USB • Non-universal serial, PS/2 ports, & LPT • 1996 USB 1.0 (1.5 or 12 Mbps) • 1998 USB 1.1 • 2000 USB 2.0 (1.5, 12, or 480 Mbps) • Long pause • 2008 USB 3.0 (up to 5 Gbps)

  5. HOW DOES USB WORK?

  6. Hardware • Simple 4-wire connection (power, ground, 2 data wires) • Cabling prevents improper connections • Hot pluggable • Differential voltages provide greater immunity to noise • Cable lengths up to 16 feet are possible Pin Name Cable color Description 1 VBUS Red +5 V 2 D − White Data − 3 D+ Green Data + 4 GND Black Ground

  7. Software • Automatic configuration • No settable jumpers • Enumeration • Standard device classes with corresponding drivers – HID – Printer – Audio – Mass Storage

  8. Connecting a Device • Device is connected • Hub detects • Host (PC) is informed of new device • Hub determines device speed capability as indicated by location of pull-up resistors • Hub resets the device • Host determines if device is capable of high speed (using chirps) • Hub establishes a signal path • Host requests descriptor from device to determine max packet size • Host assigns an address • Host learns devices capabilities • Host assigns and loads an appropriate device driver (INF file) Device driver selects a configuration •

  9. IT’S ALL DESCRIPTORS AND ENDPOINTS

  10. Endpoints • The virtual wire for USB communications • All endpoints are one way (direction relative to host) • Packet fragmentation, handshaking, etc. done by hardware (usually) • High bit of address tells direction 1=in 0=out • Types of endpoints – Control – Bulk transport – Interrupt – Isochronous

  11. Control Endpoints • Primary mechanism for most devices to communicate with host • Every device must have at least one in and out control endpoint EP0 • Device must respond to standard requests – Get/set address, descriptors, power, and status • Device may respond to class specific requests • Device may respond to vendor specific requests

  12. Control Endpoints (continued) • May have up to 3 transport stages: Setup, Data, Status • Setup stage – Host sends Setup token then data packet containing setup request – If device receives a valid setup packet, an ACK is returned – Setup request is 8 bytes • 1 st byte is bitmap telling type of request & recipient (device, interface, endpoint) • Remaining bytes are parameters for request and response • Data stage (optional) – requested info transmitted • Status stage – zero length data packet sent as ACK on success

  13. Interrupt & Isochronous Endpoints • Interrupt endpoints – Used to avoid polling and busy waits – Keyboards are a good example – Usually low speed (allows for longer cables, etc.) • Isochronous endpoints – Guaranteed bandwidth – Used primarily for time-critical apps such as streaming media

  14. Bulk Endpoints • No latency guarantees • Good performance on an idle bus • Superseded by all other transport types • Full (8-64 byte packets) & high speed (512 byte packets) only • Used extensively in USB flash drives (and external hard drives) • Transactions consist of a token packet, 0 or more data packets, and an ACK handshake packet (if successful)

  15. Descriptors • They describe things (duh!) • Have a standard format – 1 st byte is the length in bytes (so you known when you’re done) – 2 nd byte determines type of descriptor – Remaining bytes are the descriptor itself • Common types – Device: tells you basic info about the device – Configuration: how much power needed, number of interfaces, etc. – Interface: How do I talk to the device – Endpoint: Direction, type, number, etc. – String: Describe something in unicode text

  16. Device Descriptor Offset ¡ Field ¡ Size ¡ Value ¡ Description ¡ 18 bytes ¡ 0 ¡ bLength ¡ 1 ¡ Number ¡ Device Descriptor (0x01) ¡ 1 ¡ bDescriptorType ¡ 1 ¡ Constant ¡ 0x200 ¡ 2 ¡ bcdUSB ¡ 2 ¡ BCD ¡ Class Code ¡ 4 ¡ bDeviceClass ¡ 1 ¡ Class ¡ Subclass Code ¡ 5 ¡ bDeviceSubClass ¡ 1 ¡ SubClass ¡ Protocol Code ¡ 6 ¡ bDeviceProtocol ¡ 1 ¡ Protocol ¡ Maxi Packet Size EP0 ¡ 7 ¡ bMaxPacketSize ¡ 1 ¡ Number ¡ Vendor ID ¡ 8 ¡ idVendor ¡ 2 ¡ ID ¡ Product ID ¡ 10 ¡ idProduct ¡ 2 ¡ ID ¡ Device Release Number ¡ 12 ¡ bcdDevice ¡ 2 ¡ BCD ¡ Index of Manu Descriptor ¡ 14 ¡ iManufacturer ¡ 1 ¡ Index ¡ Index of Prod Descriptor ¡ 15 ¡ iProduct ¡ 1 ¡ Index ¡ Index of SN Descriptor ¡ 16 ¡ iSerialNumber ¡ 1 ¡ Index ¡ Num Configurations ¡ 17 ¡ bNumConfigurations ¡ 1 ¡ Integer ¡

  17. Configuration Descriptor (header) Offset Field Size Value Description 0 bLength 1 Number Size in Bytes 1 bDescriptorType 1 Constant 0x02 2 wTotalLength 2 Number Total data returned 4 bNumInterfaces 1 Number Num Interfaces 5 bConfigurationValue 1 Number Con number 6 iConfiguration 1 Index String Descriptor 7 bmAttributes 1 Bitmap b7 Reserved, set to 1. b6 Self Powered b5 Remote Wakeup b4..0 Reserved 0. 8 bMaxPower 1 mA Max Power in mA/2

  18. Interface Descriptor Offset Field Size Value Description 0 bLength 1 Number 9 Bytes 1 bDescriptorType 1 Constant 0x04 2 bInterfaceNumber 1 Number Number of Interface 3 bAlternateSetting 1 Number Alternative setting 4 bNumEndpoints 1 Number Number of Endpoints used 5 bInterfaceClass 1 Class Class Code 6 bInterfaceSubClass 1 SubClass Subclass Code 7 bInterfaceProtocol 1 Protocol Protocol Code 8 iInterface 1 Index Index of String Descriptor

  19. Endpoint Descriptor Offset Field Size Value Description 0 bLength 1 Number Size of Descriptor (7 bytes) 1 bDescriptorType 1 Constant Endpoint Descriptor (0x05) 2 bEndpointAddress 1 Endpoint b0..3 Endpoint Number. b4..6 Reserved. Set to Zero b7 Direction 0 = Out, 1 = In 3 bmAttributes 1 Bitmap b0..1 Transfer Type 10 = Bulk b2..7 are reserved. I 4 wMaxPacketSize 2 Number Maximum Packet Size 6 bInterval 1 Number Interval for polling endpoint data

  20. String Descriptors Offset Field Size Value Description 0 bLength 1 Number Size of Descriptor in Bytes 1 bDescriptorType 1 Constant String Descriptor (0x03) 2 bString n Unicode Unicode Encoded String Note: String 0 is a special case that lists available languages. Most common is 0x0409 – U.S. English

  21. Now that we have learned a little about general devices, without further delay… BULK-ONLY MASS STORAGE DEVICES

  22. USB Flash Drives • Hardware • Software • Filesystems • Talk to a flash drive

  23. Hardware

  24. Hardware (continued) • Typically utilize NAND flash memory • Memory degrades after 10,000 write cycles • Most chips not even close to high-speed USB speed (480 Mbps) • Can only be written in blocks (usually 512, 2048, or 4096 bytes) • Chips are somewhat easily removed from damaged drives for forensic recovery • Some controllers have JTAG capability which can be used for memory access • Some controller chips steal some flash memory for themselves

  25. Hardware (continued) • Nearly all flash drives present themselves as SCSI hard drives • “Hard drive” sectors are typically 512, 2048, or 4096 bytes • SCSI transparent command set is used • Most drives are formatted as one partition or logical unit – Additional logical units can hide info from Windows machines • Reported size may not match actual media size – Info can be hidden in higher sectors – Some cheap drives are out there that grossly over report size – A typical 512 byte sector needs 16 bytes for error correction

  26. Software • Usually implemented in firmware within specialized controller chips • Must: – Detect communication directed at drive – Respond to standard requests – Check for errors – Manage power – Exchange data

  27. Filesystems • Most preformatted with FAT or FAT32 • NTFS • TrueFFS • ExtremeFFS • JFFS • YAFFS • Various UNIX/Linux file systems

  28. Talking to a Flash Drive • Bulk-Only Mass Storage (aka BBB) protocol used – All communications use bulk endpoints – Three phases: CBW, data-transport (optional), CSW – Commands sent to drive using a Command Block Wrapper (CBW) – CBW contains Command Block (CB) with actual command – Nearly all drives use a (reduced) SCSI command set – Commands requiring data transport will send/receive on bulk endpoints – All transactions are terminated by a Command Status Wrapper (CSW)

Recommend

five moments and http://www.physics.umd.edu same translation but different rotation rigid

five moments and http://www.physics.umd.edu same translation but different rotation rigid

E LEMENTS OF A RCHITECTURAL S TRUCTURES : Moments F ORM, B EHAVIOR, AND D ESIGN forces have the tendency to make a ARCH 614 D R. A NNE N ICHOLS body rotate about an axis S PRING 2019 lecture five moments and http://www.physics.umd.edu

115 views • 9 slides
three forces and moments Forces & Moments 1 Architectural Structures S2018abn Lecture 3

three forces and moments Forces & Moments 1 Architectural Structures S2018abn Lecture 3

A RCHITECTURAL S TRUCTURES : F ORM, B EHAVIOR, AND D ESIGN A RCH 331 D R. A NNE N ICHOLS S PRING 2018 lecture three forces and moments Forces & Moments 1 Architectural Structures S2018abn Lecture 3 ARCH 331 Structural Math quantify

919 views • 60 slides
three forces and moments Forces & Moments 1 Architectural Structures F2018abn Lecture 3

three forces and moments Forces & Moments 1 Architectural Structures F2018abn Lecture 3

A RCHITECTURAL S TRUCTURES : F ORM, B EHAVIOR, AND D ESIGN A RCH 331 D R. A NNE N ICHOLS F ALL 2018 lecture three forces and moments Forces & Moments 1 Architectural Structures F2018abn Lecture 3 ARCH 331 Structural Math quantify

649 views • 60 slides
Moments of Traces for Circular -ensembles Tiefeng Jiang University of Minnesota This is a

Moments of Traces for Circular -ensembles Tiefeng Jiang University of Minnesota This is a

Moments of Traces for Circular -ensembles Tiefeng Jiang University of Minnesota This is a joint work with Sho Matsumoto September 19, 2014 Outline Moments for Haar Unitary Matrices (D.E. Thm) Background for Circular -Ensembles Moments

1.05k views • 79 slides
SHIT/EXCRETA FLOW DIAGRAM MBI Water Services Master Class #6 February 2018 Durban What is SFD?

SHIT/EXCRETA FLOW DIAGRAM MBI Water Services Master Class #6 February 2018 Durban What is SFD?

SHIT/EXCRETA FLOW DIAGRAM MBI Water Services Master Class #6 February 2018 Durban What is SFD? Tool to understand and communicate visualizing how excreta physically flows through a municipality/city or town. Where is What my poop? next?

565 views • 19 slides
Preventing Preventing Sepsis: Sepsis: A C A Community B ommunity Based ased Approach

Preventing Preventing Sepsis: Sepsis: A C A Community B ommunity Based ased Approach

Preventing Preventing Sepsis: Sepsis: A C A Community B ommunity Based ased Approach Approach NY NYS S Se Senior nior Acti Action on Co Coun uncil cil Dec Decem embe ber 13 r 13, , 20 2016 16 Ev Eve e Bank Bankert ert

283 views • 24 slides
Estimating Frequency Moments Moments Estimating F 0 Algorithm Correctness Anil Maheshwari

Estimating Frequency Moments Moments Estimating F 0 Algorithm Correctness Anil Maheshwari

Estimating Frequency Moments Anil Maheshwari Frequency Estimating Frequency Moments Moments Estimating F 0 Algorithm Correctness Anil Maheshwari Further Improvements anil@scs.carleton.ca Estimating F 2 School of Computer Science

410 views • 30 slides
VMware Skyline Turn Moments of Panic into Moments to Shine with Proactive Support Arron King

VMware Skyline Turn Moments of Panic into Moments to Shine with Proactive Support Arron King

VMware Skyline Turn Moments of Panic into Moments to Shine with Proactive Support Arron King & Matt Lydy Technical Account Managers 12/3/19 Skyline: Benefits to Customers Proactive Support from VMware Issue A Avoidance Proactively

531 views • 30 slides
History and Approaches to Social Change Todays session is about... Moments in Organizing

History and Approaches to Social Change Todays session is about... Moments in Organizing

History and Approaches to Social Change Todays session is about... Moments in Organizing History (1940s-1970s) Empowerment Spectrum & Forms of Social Change Moments In History Struggles for Social Justice Moments In History

195 views • 19 slides
APPLYING THE METHOD APPLYING THE METHOD OF MOMENTS TO OF MOMENTS TO DEVELOP RELIABILITY

APPLYING THE METHOD APPLYING THE METHOD OF MOMENTS TO OF MOMENTS TO DEVELOP RELIABILITY

APPLYING THE METHOD APPLYING THE METHOD OF MOMENTS TO OF MOMENTS TO DEVELOP RELIABILITY DEVELOP RELIABILITY FUNCTION FOR RIGID FUNCTION FOR RIGID PAVEMENTS PAVEMENTS Ivan Damnjanovic & Zhanmin Zhang The University of Texas at Austin

291 views • 25 slides
THE BLAME GAME THE BLAME GAME WHAT I WANT TO COVER Our world and a brief history of security

THE BLAME GAME THE BLAME GAME WHAT I WANT TO COVER Our world and a brief history of security

WELCOME TO THE BLAME GAME THE BLAME GAME WHAT I WANT TO COVER Our world and a brief history of security standards in our industry "Shit Auditors Said" Current state of affairs "Shit Auditors Still Say" Our

717 views • 23 slides
Some applications of the method of moments in the analysis of algorithms Alois Panholzer

Some applications of the method of moments in the analysis of algorithms Alois Panholzer

The Method of Moments Example I Example II Example III Counterexample Some applications of the method of moments in the analysis of algorithms Alois Panholzer Institute of Discrete Mathematics and Geometry Vienna University of Technology

1.13k views • 112 slides
Estimating Frequency Moments of Streams In this class we will look at the two simple sketches for

Estimating Frequency Moments of Streams In this class we will look at the two simple sketches for

Estimating Frequency Moments of Streams In this class we will look at the two simple sketches for estimating the frequency moments of a stream. The analysis will introduce two important tricks in probability boosting the accuracy of a random

182 views • 5 slides
Generalized Method of Moments (GMM) Estimation Heino Bohn Nielsen 1 of 29 Outline of the

Generalized Method of Moments (GMM) Estimation Heino Bohn Nielsen 1 of 29 Outline of the

Econometrics 2 Spring 2005 Generalized Method of Moments (GMM) Estimation Heino Bohn Nielsen 1 of 29 Outline of the Lecture (1) Introduction. (2) Moment conditions and methods of moments (MM) estimation. Ordinary least squares (OLS)

186 views • 15 slides
3. Lecture: Basics of Magnetism: Local Moments Hartmut Zabel Ruhr-University Bochum Germany

3. Lecture: Basics of Magnetism: Local Moments Hartmut Zabel Ruhr-University Bochum Germany

3. Lecture: Basics of Magnetism: Local Moments Hartmut Zabel Ruhr-University Bochum Germany Content 1. Local moments of magnetic ions 2. Hunds rules 3. Magnetic moments of transition metal ions 4. Crystal field splitting 5. Magnetic

954 views • 36 slides
1 Method of Moments Examples of Method of Moments 1 n Recall: n- th

1 Method of Moments Examples of Method of Moments 1 n Recall: n- th

What Are Parameters? Why Do We Care? In real world, dont know true parameters Consider some probability distributions: = p Ber(p) But, we do get to observe data Poi( l ) = l o E.g., number of times coin comes up

240 views • 3 slides
Only in Scotland How do experiences drive VisitScotlands marketing Slide 1 A holiday is

Only in Scotland How do experiences drive VisitScotlands marketing Slide 1 A holiday is

Only in Scotland How do experiences drive VisitScotlands marketing Slide 1 A holiday is all about special moments moments with family and friends, moments to enjoy new experiences and visit new places or perhaps to return to

92 views • 6 slides
Cisco Security Authentication Failure Rate Cisco Security Authentication Failure Rate or SHIT

Cisco Security Authentication Failure Rate Cisco Security Authentication Failure Rate or SHIT

Cisco Security Authentication Failure Rate Cisco Security Authentication Failure Rate or SHIT THAT DOES NOT WORK!!! security authentication failure rate To configure the number of allowable unsuccessful login attempts, use the security

476 views • 6 slides
Preventing Slips, Trips and Falls Rob Shaw www.robshawassociates.com Who We Are Rob: Over

Preventing Slips, Trips and Falls Rob Shaw www.robshawassociates.com Who We Are Rob: Over

Preventing Slips, Trips and Falls Rob Shaw www.robshawassociates.com Who We Are Rob: Over 14 years with HSE investigating and preventing falls Technical Lead for the HSE Falls Prevention Team Has delivered training and consultancy

471 views • 36 slides
REFUGE CONTAINER FIRE PREVENTION PREVENTING PROTECTING RESPONDING [etc] PREVENTING PROTECTING

REFUGE CONTAINER FIRE PREVENTION PREVENTING PROTECTING RESPONDING [etc] PREVENTING PROTECTING

REFUGE CONTAINER FIRE PREVENTION PREVENTING PROTECTING RESPONDING [etc] PREVENTING PROTECTING RESPONDING FIRE KILLS BIN FIRE RISKS DELIBERATE ACCIDENTAL PREVENTING PROTECTING RESPONDING BIN FIRE RISKS PREVENTING PROTECTING RESPONDING BIN

141 views • 10 slides
Generalized method of moments estimation of linear dynamic panel data models Sebastian Kripfganz

Generalized method of moments estimation of linear dynamic panel data models Sebastian Kripfganz

Introduction Difference GMM System GMM Nonlinear moments Further topics Model selection Summary Generalized method of moments estimation of linear dynamic panel data models Sebastian Kripfganz University of Exeter Business School,

1.53k views • 128 slides
Estimating Frequency Moments Estimating F 0 Algorithm Correctness Further Anil Maheshwari

Estimating Frequency Moments Estimating F 0 Algorithm Correctness Further Anil Maheshwari

Estimating Frequency Moments Anil Maheshwari Frequency Moments Estimating Frequency Moments Estimating F 0 Algorithm Correctness Further Anil Maheshwari Improvements Estimating F 2 School of Computer Science Correctness Carleton

709 views • 21 slides
Preventing Needless Preventing Needless Work Disability Work Disability By Helping People By

Preventing Needless Preventing Needless Work Disability Work Disability By Helping People By

Preventing Needless Preventing Needless Work Disability Work Disability By Helping People By Helping People Stay Employed Stay Employed Jennifer Christian, MD, MPH Webility Corporation Plan for This Session Introduce ACOEMs newest

877 views • 29 slides
Exit Time Moments and Eigenvalue Estimates Je ff rey Langford Bucknell University Lewisburg, PA

Exit Time Moments and Eigenvalue Estimates Je ff rey Langford Bucknell University Lewisburg, PA

Exit Time Moments and Eigenvalue Estimates Je ff rey Langford Bucknell University Lewisburg, PA April 3, 2020 Talk based on the papers: a. D. Colladay, J. J. Langford, and P. McDonald. Comparison results, exit time moments, and eigenvalues on

231 views • 10 slides

More recommend