Info request: read - only traffic filter?

[kubycsolutions]

Can the Cynthion be used as a protocol filter?

I have been looking for a way to restrict hard drive access to read only. Unfortunately drives no longer come with a switch for this, and since they now communicate via serial protocols it's no longer a matter of leaving a wire out of a cable. You would think that by now dedicated gadgets for this purpose would be available at the SATA or USB layers, but the few I have found are being sold to the data forensics market and seem to start at around five times the price of your device.

Of course, I would be utterly delighted if there was a sample configuration provided which implemented this, and I suspect there would be significant interest in it. But simple confirmation that it could do this job might be enough to get me to invest in one.

[nekrondev]

I followed the project right from the start and my best bet would be to check if Moondancer (i.e. Facedancer running on Cynthion) allows MITM of MTP protocol to change data packets on-the-fly to get your drive into read-only state.

However, don't expect high throughput as the Moondancer RISC-V softcore had some bandwidth limitations they are working on to improve. There is currently no appliance like solution with Cynthion, but I think it would be capable of if some firmware or bitstream would support it to use it as a hardware firewall for your USB devices.

That being said it would be much easier for you to mount your USB drive on a Linux system read-only and proxy it to your host computer using mass storage gadget system (https://docs.kernel.org/usb/mass-storage.html) if your device supports USB OTG (see https://github.com/AristoChen/usb-proxy).