>>1275124>Basically, they program the USB drive inside so that when it runs out of space, it automatically deletes older data without asking for confirmation, even if it's data from the same fileNot quite, the disk is reprogrammed to tell it it has a larger flash rom soldered to its board than is actually there. The way roms like this work is that the controller says where it wants to read/write using a bunch of "address lines", which can be on or off and create a binary number that's the address. So if they're all off, that's address 0, the first one; if the lowest address pin is on, that's address [0+1=1], if the bottom two are on that's address [0+1+2=3] and so on. On an unmodified disk that knows the correct capacity of the flash ROM, trying to write past the end is not possible, because the controller notices and sends back "no, this is an error, you tried to write past the end". But if you tell the controller the rom is bigger than it is, then it won't do that, and will instead construct an address and try to write like normal. But the flash rom ignores any address bits that are bigger than it is*, so it (for example) treats 64GB+1byte the same as 1byte. Thus your write "wraps around" and overwrites the start of the ROM again.
This technique is quite powerful, it will defeat a lot of naive testing methods that just spam the same values across the disk and see if they're still there. To detect it you need to write unique data, remember what you wrote, and see if it's still there after you filled the disk.
