A security researcher has raised concern about a portable SSD that appears to be configured to misrepresent its storage capacity on both AliExpress and Walmart.
According to Ars Technica, a researcher known on Twitter as @RayRedacted has published a dissection of an XGeek-branded SSD with a rumoured capacity of 30TB, which is available for $29-$39.
After closer analysis, he discovered that the manufacturer had likely tampered with the drive’s firmware to mislead Windows into misreporting the available storage capacity, which is far smaller in reality. Redacted purchased the SSD from AliExpress after becoming suspicious of the capacity claims. However, when he opened it all apart, he saw what seemed to be two microSD cards haphazardly taped to a board.
When the drive was plugged in, a second red flag appeared. Although Windows reports drive capacity in gigabytes (GB), the operating system measures in gibibytes (GiB) and tebibytes (TiB), which is why 1TB drives appear to have a capacity of around 930GB. However, in this scenario, the SSD appeared as two independent drives, each with its capacity.
Redacted attributes this gap to a firmware hack that allows a low-capacity drive to register a significantly higher capacity.
“When you go to write a large file, hacked firmware just writes all new data on top of existing data while keeping the directory intact,” he stated.
Furthermore, it appears that the manufacturer has taken steps to slow down the bus speed so that testing aimed to verify the drive’s actual capacity would take more than a year to complete.
The claims made in the Twitter thread are supported by the Walmart reviews area, which is full of negative feedback from customers.
“Do not buy this,” one reviewer wrote. “This piece of garbage does not work in any way, shape or form”.
Since then, a Walmart official has verified that the listing has been taken down. However, he also asserted the following:
“Walmart has a full trust and safety program, which actively works to protect our customers and help ensure items are authentic. After reviewing this item, it has been removed from our site.”