How to make an undeletable, hidden file, which persists after formatting an SD card?

Question

My SD card was stolen some weeks ago. I can't know which SD card is mine, because the thief formatted it. As such, I bought a new one.

In order to prevent such situations in the future, I thought of creating a hidden, undeletable file, which would persist, even in the event of the SD card being formatted.

Is this possible? How can I create such a file?

Answer 1

It's not possible to make an "un-deletable" file, because formatting an SD card doesn't delete the file. Formatting the SD card removes the data structure that tells you that the file ever existed.

Even if you were to use forensic tools to examine the SD card, the thief could simply overwrite the entire SD card with zeroes, random data or whatnot, and you would be out of luck again.

What you can do however is physically mark the SD card. Non-erasable pen with your initials should work just fine. This should physically mark your SD card as yours. While it doesn't prevent theft outright, it might cause someone like a classmate to hesitate from taking your SD card.

Other than that, I would recommend taking better care of your removable media.

• Don't leave your SD card unattended. Always have an eye on it. If you have to lend it to someone, get it back as soon as possible.
• Always have backups of critical data. The more "spread-out" your data is, the less likely it is to disappear in case of theft, damage to the SD card, accidental deletion, etc.
• Don't transport potentially sensitive data unencrypted. Always use strong encryption with a long, random passphrase to ensure the confidentiality of your data.

Answer 2

Yes it is possible but not easy. If you can hack the SD microcontroller you can do that and much more. The theory was demonstrated back in 2014 at CCC event.

https://media.ccc.de/v/30C3_-5294-en-_saal_1_-201312291400-_the_exploration_and_exploitation_of_an_sd_memory_card_-bunnie-_xobs

The problem is that is hard and specific to the microcontroller the SD card is using.

Answer 3

You do not need to create a file. Information to uniquely identify the card is already on the card in the CID (card identification). On almost all SD cards the CID data structure is read only. The fields in the CID are:

• Manufacturer ID
• OEM/Application ID
• Product Name
• Product Revision
• Serial Number
• Manufacture Date
• CRC7 checksum

The CID may be read with the SD card in a directly connected SD card slot (not USB adapter) and e.g. on Linux mounting the device and looking at block 0. The command will be similar to

cat /sys/block/mmcblk0/device/cid

Answer 4

Strictly speaking, this is impossible (you cannot create something that nobody else can delete), although you can make it unlikely that somebody would find the file. SD cards, like most "block storage devices", can be partitioned; split into multiple parts, each of which show up as their own "storage volume" (and, on Windows, typically each get their own drive letter). Each partition is (usually) formatted separately, so if your thief only formats one partition, they won't get data stored elsewhere in the device. In fact, you don't really format a disk or SD card, you format a volume, which is usually a single partition and (on removable media) often the only partition, but doesn't have to be.

If you shrink the default (single) partition of your SD card just slightly, you can create space at the end of the device that will not be touched by reformatting the (visible) partition. You can then:

• Leave that space un-partitioned, but optionally put some data there anyhow. This is somewhat tricky to do, especially on Windows, but it can be done.
• Create a partition there and leave it unformatted, but optionally put some data in it anyhow. This is also somewhat tricky and mostly the same as the previous option.
• Create a partition and format it, but with some format Windows doesn't know how to read. This is slightly more likely to fail - with the right driver installed, Windows can read anything, and it will mount any volume it can read as a drive letter that a thief would readily see - and is of course hard to do from within Windows (but what says your thief uses Windows anyhow?).
• Create a partition, format it with a Windows-readable file system, and mark it as a partition type that Windows does not normally assign a drive letter to and/or set a flag telling Windows not to give it a drive letter. This can technically be done with out-of-the-box Windows tools, but may require converting the SD card from "MBR" format (old but very widely supported) to "GPT" format (newer and with lots of new features, but stuff like cameras and whatnot may not be able to use it).

I should stress that none of this is SECURITY at all; you're just hoping the thief doesn't bother to look. There is no way to actually secure an SD card such that you can use it but nobody else can. (SD cards do support password locking, but most OSes can't set the password or work with password-locked cards, and an attacker who knows how can reset the password anyhow, destroying all data on the card but making it available for any use.)