Just been to a friends birthday party (40th so lots of people I’ve never met before or know - workmates of my friend, etc).
Got home and found a Sandisk USB drive (presumably) in my pocket; tiny one like a Bluetooth dongle for a mouse.
It’s not mine, never seen it before. Front pocket of my jeans, so not someone putting something into the wrong coat pocket or anything like that.
Assuming it’s not a USB killer device (from the people at that party, I find it unlikely any of them have ever heard of USB never-mind a nefarious device) what are the options for plugging it and seeing what’s on it? According to the printing on the metalwork, it’s USB3.0 and 128GB.
It really does look legit. Screen printed (I think!) on one side to state USB3.0 and the size, embossed into metalwork on the other side, SanDisk is screen printed on the end of it, straight, clean and neatly). It does actually look pukka.
I’d plug it into a random TV USB service port (smart TVs might have a file browser, but at the very least if it’s a USB killer it won’t take out something too important for a curiosity check)
It is possible to buy forensic analysis boxes that have write disabled. I think thats going too far!
I wonder if there is a way to set Linux to read only?
There are programs on some USBs such as wifi dongles that autoexecute on Windoze, but I’ve never seen one for Linux. I’m fairly sure that at the consumer level Linux won’t be affected by random USBs.
So long as you have not setup automatic mounting of USB disks you can just plug it in and under control examine it.
Using fdisk you can look at the partitions, likely you will se its got one NTFS partition on it. So long as you have nothing setup to automatically examine a new USB disk then I’d mount it read-only and see what you can see.
(smart TVs might have a file browser, but at the very least if it’s a USB killer it won’t take out something too important for a curiosity check)