Can you make a USB flash drive read-only?

What is a USB flash drive?

A USB flash drive, also known as a thumb drive, pen drive, or memory stick, is a small storage device that uses flash memory to store files and transfer data between computers. It connects to a computer’s USB port and does not require any additional power source. USB flash drives are portable, rewritable, and efficient for transferring and backing up data. They are simple plug-and-play storage devices widely used for personal and professional data storage and transfer.

Reasons to make a USB drive read-only

There are several valid reasons why someone may want to make their USB flash drive read-only:

  • To protect against malware – Making the drive read-only prevents any malicious software from being able to write to the drive and infect it.
  • To preserve forensic evidence – When used by law enforcement, a read-only drive protects evidence from being tampered with or corrupted.
  • To make data tamper-proof – Sensitive files like legal documents or financial records can be made unalterable by making the drive read-only.
  • To prevent accidental deletion – With no write access, the data cannot be accidentally deleted or overwritten.
  • To discourage unauthorized changes – A read-only drive prevents others from modifying or deleting the data.
  • For archival storage – Historical records and other valuable data can be stored unmodified by making the drive read-only.

So in summary, the primary reasons are data security, integrity, and preservation.

Methods to make a USB drive read-only

There are a few different ways to make a USB flash drive read-only on both Windows and Mac OS:

Change permissions (Windows)

On Windows, you can remove write permissions for the drive:

  1. Connect the USB drive to your computer.
  2. Right-click on the drive and select Properties.
  3. Go to the Security tab and select Edit.
  4. Remove all permissions except Read & Execute for all user groups and accounts.
  5. Click OK to save and apply the permission changes.

This will make the entire drive read-only until permissions are added again.

Use diskpart (Windows)

The diskpart command line utility can also set a disk to read-only:

  1. Open the Command Prompt as Administrator.
  2. Type diskpart and press Enter.
  3. Type list disk to identify the disk number of your USB drive.
  4. Type select disk X (replace X with your disk number).
  5. Type attributes disk set readonly and press Enter.
  6. Exit diskpart by typing exit.

This will make the entire disk read-only until the attributes are changed again.

Use regedit (Windows)

You can edit the registry to make a drive read-only:

  1. Connect the USB drive and open regedit.
  2. Navigate to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\StorageDevicePolicies.
  3. Right click in the pane on the right and select New -> DWORD (32-bit) Value.
  4. Name it ReadOnly and press Enter.
  5. Double click on ReadOnly and set the Value data to 1 and click OK.
  6. Reboot your computer for changes to take effect.

This will make all external USB drives read-only until the registry key is modified again.

Use Terminal (Mac)

On Mac OS, you can use the Terminal to make a drive read-only:

  1. Connect the USB drive and open Terminal.
  2. Identify the drive name by typing diskutil list (e.g. /dev/disk2).
  3. Type sudo diskutil partitionDisk /dev/diskX R (replace X with your disk name).
  4. Type your admin password when prompted and press Enter.

This will reformat the drive as read-only. All previous data will be erased.

Use a 3rd party tool

There are also third party utilities available that can make drives read-only:

  • Rufus – Popular bootable USB creator that has a read-only option.
  • HP USB Disk Storage Format Tool – HP’s format tool with read-only setting.
  • Ext2Fsd – Open source driver for Windows that supports read-only ext2/3/4.
  • LockUSB – Small portable app that locks USB devices as read-only.

These tools work by reformatting the drive to a read-only file system or adding a read-only restriction at the driver level.

Limitations of a read-only USB drive

While making a USB drive read-only has its benefits, there are also some limitations to be aware of:

  • No new data can be added to the drive
  • Existing files cannot be edited or deleted from the drive
  • Software cannot be installed on a read-only drive
  • Drive reformatting is required to make it writable again
  • Not possible to easily selectively make some files/folders read-only
  • Requires more technical skill to implement on some operating systems

Due to these restrictions, a read-only USB drive is best suited for things like archival data storage, evidence handling, and transferring static, unchanging data. It is not well-suited for everyday portable use where files need regular updating.

Testing a drive is read-only

To test that a USB drive is actually read-only after setting it, you should try:

  • Copying a new file to the drive – fails if read-only
  • Editing or deleting an existing file on the drive – fails if read-only
  • Trying to format or reformat the drive – fails if read-only
  • Checking the drive properties or settings for any ‘Read-only’ indicators
  • Using a third party read-only testing tool

If those actions fail with permission errors or are greyed out, you can confirm the drive is in read-only mode.

Conclusion

Making a USB flash drive read-only is possible using built-in OS tools like permissions, diskpart, Terminal commands, or the registry. Third party tools like Rufus and HP USB Format Tool also allow setting a drive to read-only mode. The main reasons for doing this are preventing virus infection, preserving forensic data, archival storage, and preventing accidental file changes. There are limitations though – no new data can be written and reformatting is required to make the drive writable again. Overall, with some technical steps, USB drives can easily be made read-only for situations where that extra data protection and integrity is desired.