How is floppy drive write protection enforced?

[Devinco]

Hi Everyone,

I've always taken floppy write protection for granted, just flip the tab (3 1/2") and it is safe. But I would like to understand how the write protect mechanism actually works. I've searched Wilders and Google, but haven't found anything yet so I thought I'd ask here.
From what I understand when you put in a write protected floppy some kind of sensor (either mechanical or optical) detects there is a hole open in the floppy. But then what?
1. Is the write protection enforced there in the floppy drive? So when the OS tries to send data to it the drive says to the OS no go?
2. Or does the drive merely pass the "write protected state" (or signal) on to the floppy controller? So when the OS tries to send data to the drive, the floppy controller says to the OS no go?
3. Or does the drive pass the "write protected state" on to the floppy controller which then passes it on to the OS? In this case, the OS would be the one enforcing the write protection.

I would think that option 1. would be the safest least corruptable method.
If write protection is controlled (enforced) by an OS driver only (option 3.), could it then be compromised by malware?
Even if write protection is controlled by the drive (option 1.), could 32 bit drivers like what are in Windows be compromised to ignore or bypass the write protection and write to the floppy any way?

Thanks

[ronjor]

Quote:

Originally Posted by Devinco

I would think that option 1. would be the safest least corruptable method.
If write protection is controlled (enforced) by an OS driver only (option 3.), could it then be compromised by malware?
Even if write protection is controlled by the drive (option 1.), could 32 bit drivers like what are in Windows be compromised to ignore or bypass the write protection and write to the floppy any way?

Thanks

(I removed my erroneous statement.)

Floppy

This site says some operating systems can protect floppies. Link

[Devinco]

Quote:

Originally Posted by ronjor

The floppy protection is purely mechanical. You can't write to the disk if you can't slide the door open.

Floppy

This site says some operating systems can protect floppies. Link

Hi Ronjor,
Thank you for the reply and links. They are very informative. I read the article twice and followed other links there, but maybe I am missing something.
The article says:

Quote:

There is a system of levers on the inside that control whether or not the heads are allowed to touch the recording medium. The mechanical frame is one system of levers that is changed when the protective window at the top of the diskette is open/closed. When the window is closed, the heads are not permitted to touch the medium. When the diskette is inserted into the floppy frive, the window opens, thereby allowing the heads to make contact and data to be changed. Even when inserted into the drive, though, a set of electronic optics checks for an opening in the lower corner of the diskette. This opening us is controlled from the outside, and controls whether or not the user wants to allow writing to the diskette.

That means that the protective dust cover window on the floppy disk(that protects the media) is mechanically opened and closed. But the Write protect switch has an optoelectronic sensor to determine write protect status.
Does the optoelectronic write protect sensor directly control the opening and closing of the protective dust cover on the floppy disk?
I thought the dust cover on the disk is automatically opened when the disk is inserted?
If the dust cover is not controlled by the optoelectronic write protect sensor, then where is the signal from the sensor sent to?
Then what prevents the writing to disk?

Thanks

[ronjor]

Quote:

Originally Posted by Devinco

Hi Ronjor,
Thank you for the reply and links. They are very informative. I read the article twice and followed other links there, but maybe I am missing something.
The article says:



That means that the protective dust cover window on the floppy disk(that protects the media) is mechanically opened and closed. But the Write protect switch has an optoelectronic sensor to determine write protect status.
Does the optoelectronic write protect sensor directly control the opening and closing of the protective dust cover on the floppy disk?
I thought the dust cover on the disk is automatically opened when the disk is inserted?
If the dust cover is not controlled by the optoelectronic write protect sensor, then where is the signal from the sensor sent to?
Then what prevents the writing to disk?

Thanks

The read/write heads do not touch the diskette media when the heads are traveling between tracks. Electronic optics check for the presence of an opening in the lower corner of a 3.5-inch diskette (or a notch in the side of a 5.25-inch diskette) to see if the user wants to prevent data from being written on it.

That is a quote by the way.

[Devinco]

Quote:

Originally Posted by ronjor

The read/write heads do not touch the diskette media when the heads are traveling between tracks. Electronic optics check for the presence of an opening in the lower corner of a 3.5-inch diskette (or a notch in the side of a 5.25-inch diskette) to see if the user wants to prevent data from being written on it.

That is a quote by the way.

So then are you saying that the enforcement of the write protect mechanism is self-contained within the drive itself and independent of the floppy controller and OS?
So let's say a malware infested OS with compromised floppy io driver sends a command to the floppy controller to write to the floppy (and perhaps ignore the reply that it is write protected). The floppy controller then sends a command to the drive to write to disk. Within the drive the electronic optics first determine that the disk is write protected before the write head moves into position. And because it is between tracks the write head is not touching the media, so no writing can occur. This write protection mechanism is electronically controlled (not by software) and cannot be compromised by malware.
Is this all correct?

Thanks

[ronjor]

Quote:

Originally Posted by Devinco

So then are you saying that the enforcement of the write protect mechanism is self-contained within the drive itself and independent of the floppy controller and OS?
So let's say a malware infested OS with compromised floppy io driver sends a command to the floppy controller to write to the floppy (and perhaps ignore the reply that it is write protected). The floppy controller then sends a command to the drive to write to disk. Within the drive the electronic optics first determine that the disk is write protected before the write head moves into position. And because it is between tracks the write head is not touching the media, so no writing can occur. This write protection mechanism is electronically controlled (not by software) and cannot be compromised by malware.
Is this all correct?

Thanks

Under the scenario you decribe, ignoring the write protect mode, I suppose it would write to the floppy.

And, I suppose, any firmware coded into the floppy controller "could" be compromised from the start enabling malware to do damage.

What do you think?

[Devinco]

Quote:

Originally Posted by ronjor

Under the scenario you decribe, ignoring the write protect mode, I suppose it would write to the floppy.

And, I suppose, any firmware coded into the floppy controller "could" be compromised from the start enabling malware to do damage.

What do you think?

I think you are right. Firmware is probably too specific to each drive for them to target. But the OS floppy io driver is universal, that is my concern. When the floppy drive system was developed I think the designers made the write protect feature as an end user convenience so they would not accidently overwrite their files. How could they have imagined that software would be deliberately used to try to defeat it?
I guess there is no such thing as absolute security. Just do the best that you can and move on.

Ronjor, Thank you very much for helping me to understand this, it is appreciated. .

P.S. To anyone reading this, if you have any knowledge about malware having successfully bypassed the floppy write protect mechanism, I (and probably others at Wilders) would be VERY interested - please post here. Once it is discovered, perhaps we can find a way to protect against it. Thank you

[Devinco]

For those interested, here is a blast from the past that provides some more info on the subject:

The Risks Digest

There were several relevant posts, but here are the two that I found most interesting:

Quote:

The outcome was this: I looked at the IBM ROM listing and saw that the ROM was attempting a write (via the hardware disk drive controller) and *then* checking to see if there was an error status returned. Furthermore, two of our students, Richard Baum and John Hunt, checked the circuit diagrams of the original IBM PC floppy disk drives and determined that, indeed, the write protection mechanism was in hardware. Now, assuming that the write protect sensor is correctly determining the presence of a write protect tab, we concluded that no disk writes could occur. It may or may not be different on other PC models (such as the AT that David Zielke refers to), but the IBM PC floppy disk write protection is done in hardware.

and

Quote:

It depends on what you mean by "at the hardware level". Almost any system with multiple heads (this includes most modern disk and tape) will find it difficult to run the final write signal to the heads via the write-protect switch. Any other scheme introduces electronics between the switch and the heads, and those electronics can fail. Also, said electronics may well include firmware in microcontroller chips -- is this "hardware" protection? That aside, everything I'm familiar with does the write-protect check at a level where user programming can't affect it... but what horrors microcomputer companies will perpetrate to save a few cents, only they and their customers can tell.

So what I understand from this is:
1. In the original floppy drive design, write protection enforcement is controlled within the drive itself and cannot be circumvented by malware. Unless the drive has firmware, which the malware could then maybe flash. Due to the drive specific nature of firmware this is highly unlikely although it is theoretically possible.
2. Due to manufacturers never ending quest to save a cent, they may have changed the original design to save money. In today's market, if it would save them a fraction of a cent in manufacturing cost, (at the expense of security), I'm sure they would do it. So, if manufacturers did not stray from the original design, then floppy write protection is pretty safe from malware. If they did stray from the original design, then who knows?

The info from the above posts is dated (circa '89), so any new info on this subject would be appreciated.

[bigc73542]

Just rest assured than when you have the tab on the floppy in the write protect position the disc cannot be written to. It is a mechanical device and malware is not able to move that tab It is just like a VHS video tape. With the plastic tab in position you can record but when you break out the tab you can no longer record to it unless you place a stiff piece of tape over the hole in place of the tab. Floppy works the same way except that you slide the tab into position instead of breaking it out so you can reuse the disc.

[Devinco]

Thanks BigC,

That's good enough for me.
Should new info on this subject appear, I'm sure we will hear about it here on Wilders.