-   Linux - Hardware (
-   -   SD card security (

malloc 12-27-2012 02:12 PM

SD card security
I recently thought my own 16 GiB microSD card was defective because I was unable to get it detected as a device in GNU/Linux.

I inserted the card into the card drive and did fdisk /dev/sdd, which is the device of my "USB SD reader" according to lsscsi. However I got the error message that no medium was found. I also got some error messages from dmesg, sorry I don't have the error messages any longer.

I tried the card in a different computer to rule out a bad reader, I even tried on a Windows computer. Windows didn't respond at all, and I couldn't find any error in the event log, Linux seems to be the only OS that even reported an error.

Then I inserted the card back into the smartphone I used it in, and apparently I had encrypted it a while back. Apparently the smartphone did something beyond just encrypting the data, but what? After some searching I found that it is probably this:


Card password

A host device can lock an SD card using a password of up to 16 bytes, typically supplied by the user. A locked card interacts normally with the host device except that it rejects commands to read and write data. A locked card can be unlocked only by providing the same password. The host device can, after supplying the old password, specify a new password or disable locking. Without the password (typically, in the case that the user forgets the password), the host device can command the card to erase all the data on the card for future re-use (except card data under DRM), but there is no way to gain access to the existing data.
(from Wikipedia)

Some more searching tells me that the command is:


However, how does one send raw commands to an SD card in GNU/Linux? Does SD cards use ATA or SCSI commands? I looked through hdparm and sdparm's manpages to no avail.

Even if I managed to send CMD42 to the card, what if I don't remember the password and just want to delete the data on it and use the card for something else? Surely there must be some way to just make fdisk allow me to create a filesystem so I can format it?

In the end I solved my problems by inserting the card into the original smartphone, which seems to be the only device I've tried that doesn't indicate the card is defective. I then selected "format" from the menu, which obviously does more than a simple format, because now the card is immediately detected in my GNU/Linux system and I can format it, interact with it, everything.

My question is in short: How does one deal with this from GNU/Linux, without having the original smartphone? How does one lock/unlock an SD card, and how does one simply unlock it and discard the data when the key is lost?

No, I'm not asking for how to "crack" the card or break the security, the latter case is just to remove whatever is on it, so it can be used again.

jefro 12-27-2012 04:51 PM

Not a solution, just some ideas.

Look in a folder called mmcstore just to check if it is simple password.

I'd also see what fdisk can do with it. Some card readers need some extra lines for some of this security deal. Not all of the readers have that.

All times are GMT -5. The time now is 06:10 PM.