USB bricked during Veracrypt encryption?

I am testing Veracrypt. I booted with Tails USB and downloaded it and did a full encryption on the volume, I wanted to test the hidden partition option, I went for FAT, entered a password, erased free space after like 30 minutes.. then when it finished, it crashed with this error:

Input/output error:
/dev/sdc

The drive is damaged (there is a physical defect on it) or a cable is damaged, or the memory is malfunctioning.

Please note that this is a problem with your hardware, not with VeraCrypt. Therefore, please do NOT report this as a bug/problem in VeraCrypt and please do NOT ask for help with this in the VeraCrypt Forums. Please contact your computer vendor’s technical support team for assistance. Thank you.

Note: If the error occurs repeatedly at the same place, it is very likely caused by a bad disk block, which should be possible to correct using third-party software (note that, in many cases, the ‘chkdsk /r’ command cannot correct it because it works only at the filesystem level; in some cases, the ‘chkdsk’ tool cannot even detect it).

VeraCrypt::File::Read:(some number here)“

And now the USB is useless. I have opened disks and everything is grayed out except power off, and it wouldn’t even power off. I will restart and see if it’s a Tails thing or it has really damaged it. It is a new USB drive so this sucks. How do I check if the drive is actually defective or it’s Veracrypt/Tails or something software related?

Update: I unplugged and plugged the USB again and it asked for a password. After entering the password it said:

”Kernel cryptographic service test failed. The cryptographic service of your kernel most likely does not support volumes larger than 2 TB.

Possible solutions:

• Upgrade the Linux kernel to version 2.6.33 or later.
• Disable use of the kernel cryptographic services (Settings > Preferences > System Integration) or use ‘nokernelcrypto’ mount option on the command line.”

So I disabled that option (im not sure what it does) and it works. However, since it finished with an error, im not sure now if it’s working as intended. It also did not do the hidden volume part so it’s just a regular volume.

I don’t get the volumes larger than 2TB. I have tried with 128GB USB that was encrypted with ext4 and it works fine. I tried FAT this time because I’ve read filesystems that allow for journal can leak metadata for this and I only need a few GB for documents so I don’t care about all that space anyway but im not sure if this is Tails complaining about not being an ext filesystem or what.

Do not make backups to memory sticks. Ever.

Yeah but I wanted to have a quick backup in case there is a fire or something who knows, at least its better than nothing. I was also testing the hidden volume thing. I will test in another USB and see what happens. What filesystem do you recommend?

It possibly formatting malfunction. Not a hardware.

Boot from another Linux.

And i will try to draft you how to hard reset USB. If this not working, than it is indeed hardware issue

WARNING! My instructions using dd command! Always double-check what you are entering!

sdX - replace with your actual device, do NOT use commands from instructions without checking path!

Firstly, erase faling filesystem and headers:

sudo dd if=/dev/zero of=/dev/sdX bs=1M count=10 status=progress

If not working, try (full erase):

sudo dd if=/dev/zero of=/dev/sdX bs=4M status=progress

Then apply partitioning. I don’t know which is your case (if PC modern, most likely GPT), so you should try it yourself:

GPT:

sudo parted /dev/sdX --script mklabel gpt
sudo parted /dev/sdX --script mkpart primary ext4 1MiB 100%

MBR:

sudo parted /dev/sdX --script mklabel msdos
sudo parted /dev/sdX --script mkpart primary ext4 1MiB 100%

Then, run this:

sudo partprobe /dev/sdX
lsblk /dev/sdX

Then, format:

sudo mkfs.ext4 -L USB /dev/sdX

Then mount:

sudo mkdir -p /mnt/usb && sudo mount /dev/sdX /mnt/usb
df -h /mnt/usb

And you better use LUKS on USB since it is built in Linux. There will be far less possibility to get something like this (if it is software issue)

WARNING! Replace /sdX with actual device path!

Thanks, I will try. But I need FAT as I need to move some files in windows, I only need a bit of space for documents.

Since these pendrives have no SMART feature how do you check if it’s cooked or it’s just software issue?

Edit: I was trying your tutorial and didn’t get past step 2. It froze and said:

sudo parted /dev/sdc --script mklabel gpt

Error: Input/output error during read on /dev/sdc
Warning: Error fsyncing/closing /dev/sdc: Input/output error

So it looks like it’s dead? oh wow, it was a barely used pendrive. Maybe I shouldn’t have attempted this on an old 2.0 USB. I had it because it was handy to have to move files and do bios updates for instance which require FAT and now it’s done.. it just refuses to make a partition.

Im zeroing the entire drive and it’s working at 17 MB/s so it’s capable of writing but for some reason it refuses to do the partitions.

So if I want to discard the drive what do I do with it? Im not sure if there was anything of importance there. I don’t reckon saving documents there but who knows. These things don’t seem easy to open to crack them, it’s hard sealed plastic.

You absolutely cannot depend on it to maintain functionality for even a fleeting moment. They are utterly useless for backups.

I agree, but I still would say it’s better than nothing. There was a dude here that said he would always carry one in his pocket for worst case scenarios like you came back to your house and there was a fire, storm, thieves, or some other idiot getting on your files and you lose everything. Well if you have a copy of your passwords and important documents with you you can at least recover.

Anyway, im going to be using a spare backup I have of another USB but it’s fully encrypted with important files. To wipe this safely and use it as a regular USB, given that all important files were added after full encryption with VeraCrypt, I assume I can run this:
sudo dd if=/dev/zero of=/dev/sdX bs=4M status=progress
and that’s it.

Edit: To my surprise, the USB works again after it finished running the command above (took like 1+hours). I decided to use Disks with the GUI and created a MBR FAT32 partition.. for now it works and will do. I will not bother encrypting this.

I don’t agree. It’s worse because you think you have a backup and you’re not doing anything about it. I have multiple Kingston XS1000s and it weighs under 30g.

Wow, I never knew about those, sounds like a good replacement for this goal.

What are the main differences of USB pendrives vs these guys? Im assuming it has nice features like block erase and Secure Erase and is faster and the memory is more reliable? what makes them more reliable specifically.

These options are exponentially better than any flash drive. Flash drives are for temporary transfers; proper storage devices are for long-term retention. It’s crucial to invest in at least two physical drives for backups, alongside a secure, encrypted cloud service.

I’ve made this mistake before and it’s really true.

My idea was that USB pen drives were more reliable since they have no moving parts but no, they’re very unreliable..l wouldn’t recommend using a USB pen drive.

Remember that your data is the most valuable part of your PC.

It’s worth spending slightly more to get more reliability.

I just run commands and check by experiment, but hardware issues just because of encryption is unlikely.

Use /dev/urandom instead of /dev/zero if you are going to throw it away

Glad it worked! dd is really nice tool if you know how to use it.

Short: quality, reliability, well-documented TBW, warranty

I wouldn’t say that like this. See My experiment with flash

My recommendation: get Kingston SSDs. At least 2.

If budget is tight, use more than two sticks for backups. It still not so reliable as SSD, but at least possibility of 3 failing drives simultaneously is relatively low.

Windows have soon much issues with security and privacy, plus recent addition of agentic AI (which can be vulnerable to prompt-injections)…

If possible, just copy to flash without encryption, move to Linux and setup LUKS.

If data extra sensitive, erase unencrypted flash (do not forget to copy data to PC or on another encrypted flash) with

sudo dd if=/dev/urandom of=/dev/sdX bs=4M status=progress

After that just format it normally and it will be ready to use.

P.S: You will not find anything better than LUKS, since it is native tool. So possibility of getting in trouble with LUKS relatively low.

Thanks. I have some other dead or semi dead pendrives that don’t work. Some don’t even show up in lsblk. Should I physically destroy them? how do you do that if it’s some hard plastic? I cannot find a way to open them.

And another problem I have is, I wanted to sell some SSD and NVMe drive. Some said that if you do the Secure Erase and block cypher stuff is good enough, but some said you shouldn’t sell them and should destroy them so im not sure about that. Someone suggested microwave inside a plastic container but wouldn’t the microwave melt the plastic or cause a fire or something? I dont get it. Maybe just mash them? But the SSD is a hard block, at least the NVMe has the memory exposed. I wish this was simpler, with HDD you just had to wipe a number of passes but now it seems you have to do all this stuff.

Use sledgehammer.

Do not. They are expensive now. Better invest some money into something like RPI and set up home NAS. Or just use them as backup solutions.

I have 6 old SSD (3 - 128GB, 2 - 512GB, 1 - 256GB) and I bought this thing and use as backup solution. This adapter thingy really cheap, plus far better have own “cold” storage without subscriptions…

For NVME use something like this

But always remember to use 3-2-1 rule. Copy data to at least 2 separate SSD.

Destroying them is plain stupid if they are working. Just use them.

If they are dead or semi-dead - sledgehammer. No microwaves. You will break oven (you must NOT put there anything metal)

P.S: Next time utilize LUKS FDE on all disks. If data stored with LUKS you sell them after plain format (plus sudo dd if=/dev/zero of=/dev/sdX bs=4M status=progress if you extra paranoid, but it is redundant) them without risks because even if recovered data will be encrypted. Remember to use STRONG password (16+ chars)

P.P.S:

To FDE disk run:

sudo cryptsetup luksFormat --type luks2 /dev/sdX

Then:

sudo cryptsetup open /dev/sdb backup_enc

Then:

sudo mkfs.ext4 /dev/mapper/backup_enc

I appreciate your reply!

Are you saying that the USB drive brand makes the difference?

I’ll be looking for Kingston hardware if what you say is true? Is there any more evidence for Kingston hardware being more reliable???

Brand - not really. But better NOT use cheap one. If you can afford, better purchase USB SSD (like Kingston X2000). And for the things that sane and holy, DO NOT buy cheap ones from Amazon or Aliexpress (too many fake ones). You should purchase them offline in specific stores or online on official website of manufacturer

I said Kingston because I worked with it. I also have good experience with Patriot and Western Digital. It is just personal experience. As I know Crucial and Tranced good too, but I never tested them.

But BEWARE OF FAKES!

P.S: As for USB stick I use Tranced and Silicon Power.