USB mass storage

from Wikipedia, the free encyclopedia
USB memory stick with loop
USB stick, housing removed

USB mass storage ( English USB mass storage device , UMS ) are devices that have the Universal Serial Bus communication (USB) and a built-in data storage have or predominantly as a removable storage device to be used.

They are often used in the form of USB memory sticks , also known as USB sticks for short and generalized purposes , and external hard drives . Due to their higher storage capacity and access speed as well as their easier handling, USB sticks have replaced other mass storage devices with the application profile “removable storage media” such as floppy disks , CD-RWs and the Iomega Zip . The storage system is usually a flash memory . External hard drives are mainly used for backup purposes.

USB mass storage devices also include all other mass storage devices that are connected to a computer via USB, such as external SSDs , floppy disk drives, and most MP3 players and digital cameras with built-in storage.

USB interface

USB mass storage devices are available for the USB 1.1 bus, the much faster USB 2.0 bus and the USB 3.0 bus with max. 625 MB / s. There are now 3.1 USB storage media. USB 2.0-capable mass storage devices can theoretically store and read data on a USB 2.0 interface at a transfer rate of up to 480  Mbit / s (60 Mbyte / s), but in practice, due to the large protocol overhead, rarely more than 30–35 MByte / s achieved. The USB 2.0 bus is backwards compatible with the USB 1.1 bus, but the transfer rate is reduced to 12 Mbit / s (1.5 Mbyte / s).

In 2008 the new specifications for the USB 3.0 interface were presented. USB 3.0 mass storage devices are automatically recognized by most current operating systems; Some older operating systems (e.g. Windows 98, XP) require the installation of a driver in order to use USB 3.0 mass storage devices. In 2013 the storage capacities of USB 3.0 sticks are between a few MB and 1 TB. USB 3.0 has the "SuperSpeed" transfer mode (distinguishable from USB 2.0 by the blue interface and the designation SS) with a transfer rate of up to 5 Gbit / s - more than ten times as fast as the highest USB 2.0 transfer rate of 480 Mbit / s. Many newer USB 3.0 sticks have minimal dimensions; some models are smaller than a 1 euro coin.

There is no lock for USB devices so that they can be disconnected from the computer at any time. If this happens while data is being written to the device, data will be lost without warning. To prevent this, the operating system should be informed that the relevant device should be removed. After all write operations to the device have been completed, you will be notified that the device can now be removed.

In the design of the plugs and sockets defined by the USB standard, the problem of maintaining the power supply when the plug is removed was taken into account, in that the two outer pins of the plug, to which the supply voltage is applied, are longer than the two middle pins, via which communication is handled.

Operating system support

Modern operating systems recognize USB mass storage devices automatically. With older operating systems that were developed before the year 2000, it may be necessary to install appropriate drivers before using them. With operating systems that do not support USB, a USB device is generally only available if a driver for the bus has been installed first.

The handling of USB mass storage devices differs from operating system to operating system:

  • In Windows, after plugging in a USB mass storage device, one (or more) additional logical data carriers, usually referred to as a drive, appear to which a free so-called drive letter is assigned. The USB mass storage device can be completely logged off from the system (via the system tray icon) or individual logical data carriers can be "ejected" (via the context menu of the data carrier icon).
  • Under macOS , all readable logical data carriers on the USB stick (referred to here as volume ) are automatically activated ( “mounted” ) with their name when they are inserted ; volumes are deactivated, for example, by dragging them to the trash.
  • Under Linux, most USB mass storage devices are managed by the kernel module usb-storage , which integrates the USB mass storage devices into the SCSI subsystem. USB mass storage devices usually appear as SCSI devices under Linux.

USB memory stick


The term USB (memory) stick is not a German pseudo-Anglicism , as is often assumed. The Germanizations USB pen or USB memory stick are not in use. (USB) Flash (ROM) Drive describes the technology in general and is not limited to pen-shaped devices. In English, USB flash drive is the most common name for a USB memory stick, or USB key or thumb drive because of its size . Occasionally the term memory stick is used, which is actually a protected trademark for a memory card of the same name made by Sony .


The USB memory stick is a passive data carrier in a compact housing. The data are stored electronically on a flash memory . The Israeli engineer Dov Moran (* 1956) is considered to be the inventor of the USB stick, which he developed with his company M-Systems . At the end of 2006, M-Systems was sold to SanDisk Corp. for 1.6 billion US dollars . sold.

There are no recognized procedures for testing the service life and robustness of USB memory sticks. According to the manufacturer, the data stored on it is retained for up to ten years. The memory cells of the sticks are affected by wear. Theoretically, they can be read indefinitely, but the manufacturers only guarantee 100,000 to 1 million write cycles per memory cell. The controller electronics therefore ensure that the memory locations to be changed are in a physically different area after each write. For this reason, portable software such as Apache OpenOffice Portable avoid overly frequent write access.

The flash memory chips built into USB sticks are often of inferior quality due to the high price pressure on this type of device; the higher quality chips in production are mostly used for SD cards or built into solid state drives . It is not recommended to use it as a backup medium.

The first sticks came onto the market in 2000 with a storage capacity of 8 megabytes. In the meantime (April 2017) there are products with a capacity of up to two terabytes. Occasionally the firmware of the devices has additional functions, for example for data encryption on the stick. The dimensions of USB sticks are getting smaller and smaller. The smallest currently known stick is only 20 × 15 × 3 mm in size and weighs two grams (as of January 2012).


The Microsoft - operating systems from version Windows Vista bring a ReadyBoost -called function that caches a small portion of the hard drive on the stick ( " caching ") to the long latency (access times) to bypass the plate. The stick is only faster for small and random data access (apart from some high-performance USB 3.0 sticks), otherwise it is accessed from the hard drive. Only fast sticks are suitable. In addition to throughput , the low access latency is particularly important here . Tests did not reveal any significant speed advantages (see also solid-state drive ).

Manipulated controller chips

As early as 2002 it became known that USB sticks were being put into circulation and sold which, due to manipulated controller chips, reported a greater storage capacity than was actually installed. Such counterfeits can still be found (status: 06/2015). According to tests by the magazine c't, such sticks delivered when reading data above a certain limit, e.g. B. 1 GB, only fixed values ​​instead of the previously saved data, which indicated that actually only 1 GB of flash memory was built in, although the USB stick reported a larger capacity or was labeled with it (e.g. 4 GB ). These cases of fraud occurred more frequently around 2007 and 2008 with some manufacturers in the low-cost segment. Since there is normally no automatic integrity check during the write process, e.g. when copying or moving files to the USB stick, most users only notice such an error when the memory is more than the actual memory limit and the data should be read again.

BadUSB problem

In 2014 it became known that by manipulating the firmware of conventional controller chips, which are built into USB sticks from various manufacturers, keyloggers and keyboard entries are possible, which can compromise a system and thus pose a security risk. This problem, known as “BadUSB” , is rooted in the protocol specification of the Universal Serial Bus (USB) itself and was actually discovered earlier and published in 2011. A controller chip can therefore identify itself to the operating system not only as a storage device, but also as an input device such as a mouse or keyboard. The user does not notice this on most operating systems, because input devices are usually integrated into the system without the user having to do anything. At the end of 2014, “BadUSB” was confirmed by security researchers.

External hard drive / SSD

External USB hard disks generally consist of a housing with an adapter board USB to hard disk connection (mostly Serial ATA ). The hard drive used is usually a model that can also be built directly into a computer. Due to the high starting current that the hard drive needs to set its platters in rotation, an additional power supply unit is often necessary; some cases also have a fan because of the waste heat generated.

The data transfer takes place with the USB Attached SCSI Protocol (UASP), which, in contrast to the bulk-only transport (BOT) protocol used in USB memory sticks, allows a higher data throughput.

Since most SSDs have the same data and power connections as (internal) hard disks, they can usually be built into a "USB housing" instead of a hard disk. In general, they do not require an increased starting current.


The use and data transfer via USB mass storage devices can generally lead to security problems, for example in companies, since their use is not subject to the control and maintenance of the system administrators. This applies not only to license and update problems with mobile software, but also to the exchange of data with computers outside the company, as a result of which potential malware can be smuggled in or data can be released from the company in an uncontrolled manner. In many companies, the use of mobile data carriers is therefore prohibited or restricted to special areas of application. In November 2008, the United States Strategic Command banned the use of personal USB sticks and other portable storage media in its own computer network in order to protect it from further computer worm attacks. Many memory sticks cannot be reliably erased and, despite careful handling, can lead to the unconscious disclosure of data.

With USB sticks with supposedly secure, NIST -certified hardware encryption, the data could be decrypted in several cases by means of a simple attack method.

The general public perceives a USB stick as a storage medium, similar to a floppy disk, “but in reality it is a computer that talks to the host over a network. The device can send all the data it wants. ”Against this background, USB sticks with case-specific behavior are possible - special stealth mode, hacking mode or even self-deletion if an attempt is made to make an unauthorized complete copy.


Some USB mass storage devices combine several functions in one. The basic function is usually that of the mass storage device, which is located, for example, inside a watch or a Swiss Army Knife or is combined with an MP3 player, dictation machine, radio or digital camera.

The punk band WIZO found another possible application , releasing their Stick EP exclusively on a USB stick.

Web links

Commons : USB mass storage device  - collection of pictures, videos and audio files

Individual evidence

  1. Guy Grimland: Dov Moran's world of total connectivity. In: February 12, 2008, accessed September 26, 2019 .
  2. Detlef Borchers: Electronic health card: Bad cards for USB sticks . Heise Zeitschriften Verlag. June 25, 2009. Retrieved June 26, 2009.
  3. Article from
  4. Description of modifications to the programs from [ Portable 2.0.4 Support . August 12, 2014. Archived from the original on August 12, 2014.]
  5. Lutz Labs: How fast is fast? USB sticks: measured values ​​and practice . In: c't. No. 12, 2015, p. 158 f.
  6. Kingston Ultimate GT
  7. Mini-USB stick Custom Micro from Deonet . editorial team. January 8, 2012. Retrieved June 2, 2012.
  8. C't: "How fast is fast? USB sticks: Measured values ​​and practice" , C't 12/2015, p. 158 f.
  9. "Loss of data through manipulated USB sticks" Heise-Newsticker December 21, 2007 with a link to a test program to determine memory allocation errors
  10. Manipulated USB sticks (chargeable article), Ingo T. Storm, from c't 1/2008, pp. 24-25.
  11. heise Security: BadUSB: When USB devices get angry , Jürgen Schmidt, from July 31, 2014
  12. heise Security: BadUSB tools are circulating on the net, self-made attack stick , Ronald Eikenberg, from October 3, 2014; accessed on February 24, 2014
  13. ( Memento from January 24, 2013 in the web archive )
  14. Many SSDs and USB sticks cannot be safely erased . Heise Zeitschriften Verlag. February 23, 2011. Retrieved February 26, 2011.
  15. NIST-certified USB sticks with hardware encryption cracked , Heise Online, accessed on May 3, 2011
  16. 29C3: When the USB stick is lying