How is floppy drive write protection enforced?

Hi Everyone,

I've always taken floppy write protection for granted, just flip the tab (3 1/2") and it is safe. But I would like to understand how the write protect mechanism actually works. I've searched Wilders and Google, but haven't found anything yet so I thought I'd ask here.
From what I understand when you put in a write protected floppy some kind of sensor (either mechanical or optical) detects there is a hole open in the floppy. But then what?
1. Is the write protection enforced there in the floppy drive? So when the OS tries to send data to it the drive says to the OS no go?
2. Or does the drive merely pass the "write protected state" (or signal) on to the floppy controller? So when the OS tries to send data to the drive, the floppy controller says to the OS no go?
3. Or does the drive pass the "write protected state" on to the floppy controller which then passes it on to the OS? In this case, the OS would be the one enforcing the write protection.

I would think that option 1. would be the safest least corruptable method.
If write protection is controlled (enforced) by an OS driver only (option 3.), could it then be compromised by malware?
Even if write protection is controlled by the drive (option 1.), could 32 bit drivers like what are in Windows be compromised to ignore or bypass the write protection and write to the floppy any way?

Thanks

 

Hi Ronjor,
Thank you for the reply and links. They are very informative. I read the article twice and followed other links there, but maybe I am missing something.
The article says:

That means that the protective dust cover window on the floppy disk(that protects the media) is mechanically opened and closed. But the Write protect switch has an optoelectronic sensor to determine write protect status.
Does the optoelectronic write protect sensor directly control the opening and closing of the protective dust cover on the floppy disk?
I thought the dust cover on the disk is automatically opened when the disk is inserted?
If the dust cover is not controlled by the optoelectronic write protect sensor, then where is the signal from the sensor sent to?
Then what prevents the writing to disk?

Thanks

 

So then are you saying that the enforcement of the write protect mechanism is self-contained within the drive itself and independent of the floppy controller and OS?
So let's say a malware infested OS with compromised floppy io driver sends a command to the floppy controller to write to the floppy (and perhaps ignore the reply that it is write protected). The floppy controller then sends a command to the drive to write to disk. Within the drive the electronic optics first determine that the disk is write protected before the write head moves into position. And because it is between tracks the write head is not touching the media, so no writing can occur. This write protection mechanism is electronically controlled (not by software) and cannot be compromised by malware.
Is this all correct?

Thanks

 

I think you are right. Firmware is probably too specific to each drive for them to target. But the OS floppy io driver is universal, that is my concern. When the floppy drive system was developed I think the designers made the write protect feature as an end user convenience so they would not accidently overwrite their files. How could they have imagined that software would be deliberately used to try to defeat it?
I guess there is no such thing as absolute security. Just do the best that you can and move on.

Ronjor, Thank you very much for helping me to understand this, it is appreciated. .

P.S. To anyone reading this, if you have any knowledge about malware having successfully bypassed the floppy write protect mechanism, I (and probably others at Wilders) would be VERY interested - please post here. Once it is discovered, perhaps we can find a way to protect against it. Thank you

 

For those interested, here is a blast from the past that provides some more info on the subject:

The Risks Digest

There were several relevant posts, but here are the two that I found most interesting:

and

So what I understand from this is:
1. In the original floppy drive design, write protection enforcement is controlled within the drive itself and cannot be circumvented by malware. Unless the drive has firmware, which the malware could then maybe flash. Due to the drive specific nature of firmware this is highly unlikely although it is theoretically possible.
2. Due to manufacturers never ending quest to save a cent, they may have changed the original design to save money. In today's market, if it would save them a fraction of a cent in manufacturing cost, (at the expense of security), I'm sure they would do it. So, if manufacturers did not stray from the original design, then floppy write protection is pretty safe from malware. If they did stray from the original design, then who knows?

The info from the above posts is dated (circa '89), so any new info on this subject would be appreciated.

 

Just rest assured than when you have the tab on the floppy in the write protect position the disc cannot be written to. It is a mechanical device and malware is not able to move that tab It is just like a VHS video tape. With the plastic tab in position you can record but when you break out the tab you can no longer record to it unless you place a stiff piece of tape over the hole in place of the tab. Floppy works the same way except that you slide the tab into position instead of breaking it out so you can reuse the disc.

 

Thanks BigC,

That's good enough for me.
Should new info on this subject appear, I'm sure we will hear about it here on Wilders.