Elbox Dragon "news"

[Piru]

It seems some in this community have very short memory.

refresh here

More:
Security warning: Elbox' usb.device contains RDB trashing code
Security warning: Elbox' pci.library also contains RDB trashing code
Will Dealers still be stocking Elbox Products?

[Piru]

@stopthegop

That concerns a very old version of pci.library; pre-5.0.

No it doesn't. 5.x versions had the code aswell, at least version 5.6.

Current version is 6.2.

The RDB trashing code was removed soon after the revelation. Elbox never acknowledged its existance. Other than removing the code from the drivers, of course... [EDIT] They did ack it later, calling it "anti-piracy measure", and claimed it was pointless to have it anymore [/EDIT]

Also, problem described can be avoided by using SFS or PFS instead of standard FFS.

Eh how? The type of the filesystem has nothing to do with it.

Elbox's code is safe

If you're happy with possibility of having RDB erasing code in your drivers, sure, why not. Such code is illegal in EU, however. While Elbox continues to crypt their drivers, it's impossible to tell if such code will be put back at some point.

[Piru]

@stopthegop

Has this actually happened to anyone?

My understanding is that it has. To be fair, I have no first hand confirmation of that however.

I can't remember exactly what the conditions required for the trigger were, but IIRC there was a random element to it: sometimes it would not trigger. Also, while it was claimed the code would not trigger itself normally, how about say memory error togging one bit? That would be enough to make the code detect "modification", and wipe RDB of the hard disk containing SYS:.

Now, while this is theoretical, how would you know what caused your HDD to lose all data?

The code itself indeed is capable of erasing the RDB, and there is NO reason whatsoever to put something like that in your drivers. Even if you would only target "hackers" there is always possibility it will trigger for innocent users.

[Piru]

@stopthegop

They later claimed it was their anti-piracy measure, so I doubt it. Also they mention this as the reason for removing it:

Our fully legal anti-piracy safeguard lost its purpose when information about it was spread among crackers

Fully legal... Yeah right.

[Piru]

@stopthegop

I'm not sure your scenario makes Elbox look any better, really.

[Piru]

@stopthegop

If this "trashing" routine were triggered would it physically ruin the drive such that it could never be used again?

That's not possible.

It's irrelevant anyway. What is important is the user data that is seemingly lost. For user it appears as the disk was totally wiped clean (no partitions at all). The disk would appear as uninitialized and HDToolBox would suggest initializing it when selected. Unless if you're an expert there's little you could do. Even if you're an expert, restoring the RDB without existing backup is very tricky.

Or does it trash the file structure (thus data) on the drive, but where I could still partition and reformat the drive?

You could still partition and reformat. But data is much more valuable than the actual drive.

[Piru]

@Bennymee

Ah, problems referred to the performance problems. Anyway, is there reason to believe they used FFS? If they did, is there any particular reason to use it (it does have worse performance indeed)?

It'd be rather silly to slow down the demo machine with slow filesystem.