Fight Flash Fraud
It was late, I was tired and since Amazon sold an AmazonBasic 512GB microSDXC for 40EUR. Too much! Altgough it was Black Friday we cpuld get that cheaper from a Fraud eBay Seller, namely a Samsung ExtremoPro 512GB microSD for 10EUR (that usually should be around 90-100EUR!).
Buyer Protection. That means I would get my money back from eBay, or would I? Let’s try!
Arrival
It did arrive in a very trustworthy fashion with pixelated smartphone in the background:
![[Pasted image 20221201100708.png]]
lsblk -OJ gave us following for /dev/sda (where it is mounted):
ptuuid: fa2cb833
model: 1081CS0
serial: 0123456789ABCDE
size: 500G
fdisk shows us following:
Disk /dev/sda: 500 GiB, 536871960576 bytes, 1048578048 sectors
Disk model: 1081CS0
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: dos
Disk identifier: 0xfa2cb833
Device Boot Start End Sectors Size Id Type
/dev/sda1 * 32 1048578047 1048578016 500G 7 HPFS/NTFS/exFAT
Verifiying Writable Sectors
We will check the card using the F3 project which stands for Fight Flash Fraud! And you should definatly do the same for newly ordered system memory – it can save you a lot of lost bug hunting time in future when your computer just crashes or other things
f3writewill write large files to your mounted disk and f3read will check if the flash disk contains exactly the written files:
Now be warned: Fake Flash means not promised speed. Instead of 130MB/s we go with around 16MB/s and it seems it’s even slower when it is initally really writing data with a speed of around 5.6MB/s.
Now the following took around 8h for fake 512GB! If course there is a fast variant with f3probe --destructive --time-ops /dev/sdX but don’t we want to be gentle to the fraud criminal? So U started that and went to sleep …
$ f3write "/media/ctang/D08F-6230"
F3 write 8.0
Copyright (C) 2010 Digirati Internet LTDA.
This is free software; see the source for copying conditions.
Free space: 499.98 GB
Creating file 1.h2w ... OK!
Creating file 2.h2w ... OK!
…
Eight hours later we look for results:
$ f3read "/media/ctang/D08F-6230" F3 read 8.0
Copyright (C) 2010 Digirati Internet LTDA.
This is free software; see the source for copying conditions.
SECTORS ok/corrupted/changed/overwritten
Validating file 1.h2w ... 951552/ 1145600/ 0/ 0
Validating file 2.h2w ... 0/ 2097152/ 0/ 0
Validating file 3.h2w ... 0/ 2097152/ 0/ 0
Validating file 4.h2w ... 0/ 2097152/ 0/ 0
Validating file 5.h2w ... 0/ 2097152/ 0/ 0
Validating file 6.h2w ... 0/ 2097152/ 0/
…
Since that takes the same amount of time, we cancel since we already can see a pattern.
Summary
Let’s do some math and calculate the real size! fdisk tells us we have a sector size of 512 bytes (if that’s true? can that be faked?) multiplied by the number of writable sectors (including 32 for MBR minus the sectors needed for FS meta – but that can be neglected) that would be around:
$ echo '512 * (951552 + 32)' | bc | numfmt --to=iec --format="%-5f"
465M
So we would end up with around 565M instead of 472G – what would be normally displayed for a 512GB card!
The real sector count would be like 988159999 for 512GB which results in 472G. With the fake 1048578047 sectors we would have 501G which also shows up in df – or probably Windows Explorer for the dummies so they can believe they really ordered 512GB before running into a data loss.
eBay
Now let’s see how this turns out. I confronted the seller.