Slashdot Asks: Do You Need To Properly Eject a USB Drive Before Yanking it Out?

In a story earlier this week, Popular Science magazine explored an age-old topic: Do people need to safely eject a USB stick before they pull it from their computer? The magazine's take on it -- which is, as soon any ongoing transfer of files is complete, it is safe to yank out the flash drive -- has unsurprisingly stirred a debate. Here's what the magazine wrote: But do you really need to eject a thumb drive the right way? Probably not. Just wait for it to finish copying your data, give it a few seconds, then yank. To be on the cautious side, be more conservative with external hard drives, especially the old ones that actually spin. That's not the official procedure, nor the most conservative approach. And in a worst-case scenario, you risk corrupting a file or -- even more unlikely -- the entire storage device. To justify its rationale, the magazine has cited a number of computer science professors. In the same story, however, a director of product marketing at SanDisk made a case for why people should probably safely eject the device. He said, "Failure to safely eject the drive may potentially damage the data due to processes happening in the system background that are unseen to the user."

John Gruber of DaringFireball (where we originally spotted the story), makes a case for why users should safely eject the device before pulling it out: This is terrible advice. It's akin to saying you probably don't need to wear a seat belt because it's unlikely anything bad will happen. Imagine a few dozen people saying they drive without a seat belt every day and nothing's ever gone wrong, so it must be OK. (The breakdown in this analogy is that with seat belts, you know instantly when you need to be wearing one. With USB drives, you might not discover for months or years that you've got a corrupt file that was only partially written to disk when you yanked the drive.)

I see a bunch of "just pull out the drive and not worry about it" Mac users on Twitter celebrating this article, and I don't get it. On the Mac you have to do something on screen when you eject a drive. Either you properly eject it before unplugging the drive -- one click in the Finder sidebar -- or you need to dismiss the alert you'll get about having removed a drive that wasn't properly ejected. Why not take the course of action that guarantees data integrity? What are your thoughts on this? Do you think the answer varies across different file systems and operating systems?

yes,

one should always eject before pulling out

Re: yes,

Only numbskulls ask this. There is no one yes or no answer. It depends on what the drive is doing at the time.

Re: yes,

And what mount options. And what filesystem. And how busy the OS is and it's settings.

There are so many exceptions its best to just say always eject first. If you don't you are needlessly putting your data at risk.

Re: yes,

I've lost files to corruption after doing backups on a flash drive and removing the drive without ejecting. On Linux. Once I started ejecting, no more problems. It's a good best practice to always use eject.

Re:yes,

one should always eject before pulling out

Also remember to use protection against virus

Re: yes,

One thing I noticed about Ubuntu's file caching policy is that it writes everything except some amount which just hangs out in the file cache, and only when you try to safely unmount the disk will it try to write the rest of the cache regardless of how stale it is. Utterly ridiculous and just goes to show Linux devs don't know what they are doing.

Re: yes,

That's just not true, there is a configurable timeout for this, 30 seconds by default.
See vm.dirty_expire_centisecs.
Some distros set a lower value or even mount removable drives sync, but that does cost performance.

Re: yes,

All those things count as "what the drive is doing" so thanks for the agreeable reply.

Re:yes,

one should always eject before pulling out

That's what she said. :)

Re:yes,

Are we still talking about USB drives?

Re: yes,

Unless it's ejackulate, then she desires a child process. It's very expensive I tell you! Be careful

Re:yes,

Datus Interruptus creates more harm than good

Re:yes,

That is, if you want your data stored in the first place. Otherwise pulling out before ejection does not guarrantee data loss.

Re:yes,

I always pull out before ejecting.

Re: yes,

[Aighearach]

Horse shit.

I don't give a rat's ass what the drive is doing when you remove it. If you want to plug it into a Pentax camera without having to reformat it first, you'll eject or unmount the drive before removal.

Lots of other devices have this same problem. The drive records if it was properly ejected or not. You have to know for sure if you want the ability to use it with any compatible device on the next insert, or if you want to have to risk needing to re-insert it, and then eject, so that your device will trust you that the drive is in a known-good state.

It is not enough to know what the drive is doing "at the time," you have to know what the drive will be doing in the future too.

Re: yes,

[dotgain]

There's some truth to it, even a completely idle system seems to delay writing. Try it yourself: mount a USB stick, and copy some stuff to it. The LED on the flash stick often doesn't even start blinking until you issue the command to eject, when it finally starts writing.

Re: yes,

In general it depends on the device. Any non-storage device should be stopped before unplugging it. Input devices usually donâ(TM)t matter. However output devices can crash the system.

Storage is another animal. If the device has no buffer, then you can usually just pull it once the activity light stops. If it has a journaling file system, then the computer indicating the device activity is finished is not sufficient.

But if itâ(TM)s fat32/xfat or something that has low overhead (fat32 shouldnâ(TM)t be used for flash media) you can almost always get away with pulling the drive out when the activity light has stopped for 10 seconds.

Re: yes,

woooooooooooooooooosh

Re: yes,

[Narcocide]

It wasn't initially such a big problem until they changed the default behavior of write-back caching for such devices. Now days, it's best to sync && eject first. The chances of not everything finishing otherwise are higher the more data has been written to the device recently.

Re: yes,

[c6gunner]

The drive records if it was properly ejected or not.

No, it doesn't. The filesystem on the drive might, though, depending on which filesystem it's formatted with.

This used to be an issue with many Linux distributions and NTFS in the past. If you tried to mount an NTFS filesystem which wasn't cleanly dismounted, it would throw an error at you and fail. For other filesystems it didn't matter.

Re: yes,

The problem is you don't know what the drive is doing.

A lot (most?) of the USB stick have no "writing in progress" indicator. There is no blinking light, there is no sound. You have no way of knowing if the OS decided to update Spotlight index, defragment the file system or any other thing it may do in the background.

Re: yes,

Only blithering idiots call people numbskulls for asking a perfectly reasonable question. The answer is, of course, yes, because there *might* be any number of things going on with the filesystem and the OS, so why not check in with the OS to ensure your data validity? It seems like a lot of noise being made by some poorly informed people. I don't see the need for insulting people because they're asking a... oh right. Slashdot.

Re: yes,

Even input devices need to be ejected.. at least on Windows. I've a yubikey that I used to yank out when I was done, no big deal. I also used to get blue screens.. standard windows behavior. Finally looked at a crash dump, it was the USB subsystem trying to power down my yubikey, which makes no sense to me, and crashing when the device wasn't there.

System is stable now, since I eject the key every time now.

Re:yes,

On the other hand, always pull out first if you forgot to install a trojan, and you're worried about the ejection infecting the host with a self-replicating program that could take a little as 2-3 years to reach self awareness.

Re: yes,

[stealth_finger]

Only numbskulls ask this. There is no one yes or no answer. It depends on what the drive is doing at the time.

Isn't that the point? You don't know what it's doing so just stop it.

Re: yes,

EjectULATE before you pull out, only if wearing a condom.

Re:yes,

[zwarte+piet]

Ejecting right after pulling out is what we do here. Now get of my lawn!

Re: yes,

What you're referring to is journaling filesystems (ext3, ext4, NTFS) versus non-journaled filesystems (ext2, FAT).

There's a good write-up on this Microsoft blog on what journaling gets you and what it doesn't with respect to removable drives.

Re: yes,

Or you "sync" it before unplugging.

Re: yes,

[zifn4b]

Or just turn off write caching for USB devices. In fact, it's off by default in Microsoft Windows. There are two options for USB devices, Quick Removal (default) and Better Performance (write caching). More information.

Re: yes,

[oldmac31310]

nowadays.

Re: yes,

The drive records if it was properly ejected or not.

No, it doesn't. The filesystem on the drive might, though, depending on which filesystem it's formatted with.

This used to be an issue with many Linux distributions and NTFS in the past. If you tried to mount an NTFS filesystem which wasn't cleanly dismounted, it would throw an error at you and fail. For other filesystems it didn't matter.

And the reason this occurs is because of data caching in RAM that doesn't make it to the disk. If you religiously sync before pulling the disk, that will work with the other filesystems too, but without syncing, you will experience data loss.

Re: yes,

[TheFakeTimCook]

Or just turn off write caching for USB devices. In fact, it's off by default in Microsoft Windows. There are two options for USB devices, Quick Removal (default) and Better Performance (write caching). More information.

That explains why it doesn't seem to matter with Windows; but at least earlier (up to at least 10.7) versions of OS X/macOS, you took a great risk just yanking removable storage (USB Sticks and USB HDDs) without "Ejecting" first.

They MAY have fixed that behavior in later versions; but, having personally corrupted a USB HDD that way, I still feel better safe than sorry...

Re:yes,

[kelemvor4]

one should always eject before pulling out

You are doing it backwards. You're supposed to pull out before ejecting.

Re: yes,

Well, that's your fault for being an Apple user that doesn't know how computers should work. When I say write, you fucking write everything, finish, then prepare for another possible operation. You don't delay shit.

Yet another reason I'm glad to have avoided Apple all these years.

Re: yes,

[zifn4b]

Well, that's your fault for being an Apple user that doesn't know how computers should work

This is and has always been the problem with generally available consumer *nix. OSX is based on NeXTSTEP Mach kernel + BSD btw. The expectation "use should be expected to know how computers should work" is the reason why Microsoft Windows has prevailed to this day as the majority market share of desktop operating systems. They don't expect that. Sad but true.

Re: yes,

You don't if you don't care about having complete files, (as cached data may not be yet written to the drive), intact file system ( as usb drives use file system tricks to keep file integrity), and in some cases a working drive (usb drives use firmware tricks to prevent drive wear, as each bit has a limited number of writes. So the drive will use firmware tricks to spread this out.)
Interupt in any of these can cause problems for the drive.

However, most of the time, the drive is in a sleep state, which is perfectly fine to remove without issue. The eject option just forces this state by clean unmount and deregistering the drive.

Re: yes,

[c6gunner]

I'm aware of that. I don't actually eject anything in Linux because hitting my shortcut keys to open a terminal and then typing "sync" is much easier than grabbing for the mouse and clicking a bunch of locations to find the eject button. I was just pointing out that the particular issue he was describing is filesystem dependant. Of course any filesystem can experience corruption if you don't eject or sync before disconnecting, but only some of them actually "know" that there's a problem.

Re: yes,

[Aighearach]

As the user you don't get to choose the filesystem type. If you reformat it to NTFS, your device will need to reformat it back to exfat for it to work again.

Re: yes,

[Aighearach]

1) sync doesn't help the problem I described, that you didn't understand. Just for giggles I tested it and sure enough, the camera complains, "card not formatted."
2) you can umount from the cli very quickly, even quicker if you have a fstab entry, and quicker still if you make an alias.

There is no way around the fact that you have to know what you're going to do with it in the future to know if it needs to be properly unmounted, or not. If you know for sure that you're the one using it, and that it works with your devices even if not properly unmounted, then it won't hurt you to do it. But that doesn't mean you know it won't hurt anybody else.

If somebody listens to your advice, they might find themselves out in the field with data they can't access until they go home, mount the drive, and unmount it again.

Re: yes,

Don't worry. Apple is solving this problem by removing all the USB ports so you can't plug in a USB flash drive.

Dont ask this on slashdot...

ask it in a Mac-Forum, with the question, how to disable the requester that pops up... much more fun...

Retarded millenials

Acting retarded. No news herw.

Depends.

[msauve]

No mention of the OS or file system. Assuming Windows - there's a setting for "Quick Removal," which disables write caching and makes it so "you can disconnect the device safely", and another for "Better Performance," which doesn't and may cause grief.

Re:Depends.

[BenFranske]

This is true. My recollection is also that somewhere along the line Microsoft changed the default in Windows. Traditionally in Windows all mass storage devices, think HDDs, had performance enhancing features such as caching turned on which can cause delayed writes while media like floppies had it turned off. The problem is that when USB 2 came out and USB mass storage became feasible people started unplugging USB drives as soon as the copy appeared to be finished even if the OS was really still writing to the drive in the background causing a potential for data corruption. In this era we were teaching everyone to eject USB drives before removing as that would force a clearing of the write cache before giving the OK to remove the drive.

Somewhere along the line (maybe Windows Vista?) it became apparent that the clumsy drive eject mechanism in Windows, combined with users frequently forgetting to do it, and the increasing popularity of flash drives made this a usability issue. At that point Microsoft changed how Windows handles USB attached mass storage devices and disabled or modified the performance features to flush the write cache as quickly as possible and keep copy dialogs on screen until the files were actually fully copied. At the same time a lot of flash drive manufacturers started putting access indicator LEDs on the drives so you could tell if the drive was being accessed. After this most Windows users stopped ejecting drives before removal and save for an especially odd case there seems to have been little data corruption which can be traced back to not ejecting the drive.

Re:Depends.

[Spazmania]

If your operating system was programmed well, the IO call writing to the USB drive would not return until all write buffers were flushed, would not permit large write buffers to a USB drive -and- nothing else would attempt to write the USB drive in the background.

Your operating system was not programmed well. Quick Removal only gets close.

Re:Depends.

Pretty much, these are USB disks, they're intended to be hotplugged and hotswapped, assuming that they'll be left in until properly ejected is naive. You shouldn't have to wait after the light goes out to unplug the device as all the files are supposed to be written by then and any relevant cache flushed to disk.

If one wants write caching and the like on a removable disk, then one should have to specifically enable it.

Re: Depends.

[RaviBrounstein]

If you are using encrypted media and just unplug you usually blow out your FAT

Re:Depends.

[dinfinity]

I can't help but think there is a a simple interaction (and possibly partly technical) solution to this:
Just indicate whether write buffers are definitely empty for a certain drive and ejection can be done safely if no other writes are started (an orange indicator next to the ejectable, for instance). It is silly that putting in a USB drive and yanking it out almost immediately is regarded as unsafe ejection or bad practice.

I understand that theoretically another process can initiate a write as you are yanking it out, but in the vast majority of cases that doesn't happen and the user is very aware of what they're doing to the USB drive. Generally, people plug in a USB drive, actively read some stuff off it and write some stuff to it and are then done with I/O with the device. No background processes writing to the USB drive should be involved in those cases.

Sure, provide the option to unmount (and turn the indicator green) for the peeps who want to be absolutely sure, but otherwise the 'orange' state more than suffices.

Re:Depends.

[willy_me]

Plenty of things could still go wrong. There is simply no guarantee that the OS will not be writing to the FAT due to some background process. Pull the drive at the wrong time and you corrupt the FAT. If one uses a journaling file system, yanking the drive becomes more feasible - but is still not a good idea.

Re:Depends.

[WatchMaster]

I always format usb drives as NTFS because it is more damage-resistant than FAT32. Not immune, but more resistant to several types of errors due to journaling.

Re: Depends.

Hotplug and hotswap doesn't mean you should be able to remove a device whenever you want. It only means you don't have to power down the device.

Re:Depends.

[thegarbz]

My recollection is also that somewhere along the line Microsoft changed the default in Windows.

Yes, almost 17 years ago they changed that default. Windows hasn't enabled caching and the likes on removable drives since the release of Windows XP.

The only benefit you get of the safely remove feature is that windows won't let you remove the drive if it is actively being written to. But either way you will know instantly if you end up with a corrupted file if you don't safely remove as you'll get an error message for whatever program was writing.

Mr Gruber's scenario of hidden corruption just isn't a thing.

Re:Depends.

[Darinbob]

For every OS, you need to do this safely. The USB drive may be in the middle of erasing a page, copying data, etc. If it's removed accidentally, well then maybe you're safe. But to do this on purpose is foolish.

Re:Depends.

Somewhere along the line (maybe Windows Vista?) it became apparent that the clumsy drive eject mechanism in Windows, combined with users frequently forgetting to do it, and the increasing popularity of flash drives made this a usability issue.

Uh, no. Write caching on removable media (floppies) being disabled has been a thing since forever with MS on the consumer space. Users of Smartdrv on DOS should well remember. Further, it used to be that returning back to the prompt being all writing to the HDD was finished--a very important thing since there was no shutdown option on DOS. Of course Windows 9x included a shutdown option (and had writing caching disabled on floppies), and that was enough of a usability change to prevent most corruption.

The real thing that MS should have done is pretty obvious. By the time Vista came out thumb drives were a common thing. It would have been enough to have pushed an initiative for soft eject buttons for USB ports so that a PC being Vista certified meant including eject buttons. Of course in a lot of was that's overkill. It would have also been enough to have simply included a simply on-keyboard hotkey to rapidly pop up a menu to disconnect a USB drive or numerous other more convenient ways that I wouldn't readily think of to solve the usability issue.

The simple fact is that basically all OS makers have dropped the ball. It shouldn't even be a discussion of if you need to do it. It should be one of questioning why people are so lazy to do something so simple.

Re:Depends.

[Joce640k]

I remember back in the 1980s when the Commodore Amiga used to say:

"You MUST put the floppy disk back in or data loss could occur".

(or something like that)

If only modern operating systems had such technology.

Re:Depends.

[Joce640k]

Maybe true, but...

If you just yank it, the next time you want to use it you'll have to go through "The file system on this disk may be corrupt, do you want to run CHKDSK on it" followed by several dialog boxes that need clicking.

Your idiotic "I'm going to yank it anyway" attitude just makes things worse in the long run.

Re:Depends.

[arth1]

But either way you will know instantly if you end up with a corrupted file if you don't safely remove as you'll get an error message for whatever program was writing.

Most modern programs aren't made for power users, and tend to not present errors that a user cannot be expected to understand the impact of or do anything about. If a background file that you yourself didn't create cannot be written to, for example, chances are that you'll see nothing. There may be a log message in a different file which you also don't know or care about.

Re:Depends.

You mean resistant to a certain class of bugs.
It also has A LOT more bugs in the file system drivers. And if you hit one of those, your best bet is to use Linux or a different Windows version, because chkdsk sure won't be able to fix it...

Re:Depends.

Was the Amiga able to sense a floppy is in the drive? PC floppies can't - the floppy controller doesn't even know if the drive is present or not, so if you disconnected your floppy drive (or the BIOS wrongly said there's one) you got a ghost drive in Windows.

If only modern operating systems had such technology.

They seem decent at warning that writes are ongoing on USB media

Re: Depends.

no you dont have to.

unless your windows is like, very old and your fs choice is odd too.

also, if its a media device mode usb device you can just yank it out.

Re:Depends.

I have never once gotten that message or popups.

Re: Depends.

[Bing+Tsher+E]

I remember when, on a Mac Plus, especially one with just one floppy drive, you could become subject to floppy-swapping hell. On an old mac, with that really derpy-stupid sound the drive made while ejecting the floppy, this could be a maddening experience. An example would be trying to run Microsoft Word off a floppy after booting the Mac system off another floppy. Triple down if you're wanting to edit a Word document on a third floppy.

Re: Depends.

No shit, and you never will. That's a boot error, not a message you'd get from Windows.

Re: Depends.

Half the time I try to eject a USB drive in Windows it just says no and gives no reason...I yank it. It works fine next time. No problem. Windows is retarded, don't listen to it.

Re: Depends.

Iâ(TM)ve noticed this too. Clearly thereâ(TM)s more to it than what people are saying about write caching being disabled by default in Windows.

Re:Depends.

[93+Escort+Wagon]

The only benefit you get of the safely remove feature is that windows won't let you remove the drive if it is actively being written to.

No, it tells you after the fact “you shouldn’t have done that”, which is something quite different than not letting you do it in the first place.

Re:Depends.

[Drethon]

Some encrypted USB drives have minor problems with being ejected. I think they have some sort of session information that gets closed out when ejected possibly. Never had this cause major issues with the drive, just leads to windows wanting to disk check it every time I block the drive in after failing to eject it.

Re:Depends.

If your operating system was programmed well, the IO call writing to the USB drive would not return until all write buffers were flushed

Do you have an idea what the word "buffer" means?

Re:Depends.

[arth1]

They seem decent at warning that writes are ongoing on USB media

A problem here is that the USB devices themselves are lying, in part because the manufacturers want to sell them as really fast devices, because the consumers look at that. So buffering is cranked up, and the controllers lie, horribly.
When the drive tells the OS that yes, everything is committed, it may still be in the controller buffer and not really written. So if you yank out the drive immediately after the OS says it's all done, you can get errors or missing data. And that's not the fault of the OS.

Re:Depends.

Except that this isn't entirely correct. Some external harddrives - for example the seagate 1TB external drive I use - have caching enabled by default. I know, because I had to use process explorer to change this setting so that I could eject the drive without either (a) ignoring the "drive in use" warning when eject is selected and playing Russian roulette with my data or (b) shutting down the computer every time I ejected it.

This behaviour occurred on both win7 and win10 and judging by my google searches at the time appears to be a default for many larger drives

Re:Depends.

[thegarbz]

followed by several dialog boxes that need clicking

Err no. I haven't unmounted a disk in a good 10 years and the only time I ever see that message is drives that I then play with in Linux.

Re:Depends.

[thegarbz]

Most modern programs aren't made for power users, and tend to not present errors that a user cannot be expected to understand the impact of or do anything about.

Try yanking a drive mid write and see if you don't understand the system error that comes up. It will be something about a "The system cannot find the drive specified"

If a background file that you yourself didn't create cannot be written to, for example, chances are that you'll see nothing.

Nope, you will ALWAYS get an error if a write fails due to hardware issues. Typically it's a Windows error message and nothing to do with any application. Bottom line is you can't miss when a write fail operation fails on a windows machine.

Re: Depends.

Large external harddrive? There's a setting to fix that behaviour. Can't recall details but basically you need to tell windows to treat it as removable media, not an internal drive.

Re:Depends.

[thegarbz]

No, it tells you after the fact “you shouldn’t have done that”, which is something quite different than not letting you do it in the first place.

Err no it tells you before the fact and then doesn't proceed:

"Problems Ejecting #########. Windows is unable to stop the device ########. Don't remove this device whilit is still in use. Close any programs using this device and then remove it."

(And because it's a safe operation I just did it mid copy right now so I could post this error message here verbatim to let you know how wrong you are). Please don't speak so authoritatively on something so easily disproven.

Re: Depends.

What if the program using the device is Windows...do I have to shut down

Re:Depends.

[jellomizer]

It really is the same for floppy disk or cassette tape.
The key difference is with speed and caching.
The old 8 bit systems for one didn’t multi task. So while the light was blinking then the program was writing to the disk when it stopped and you were at the prompt then it safe to take the disk out.

When we have multitasking then the storage write may be interrupted with an other process, then we also have memory cashing which means the task thinks things are done while the os takes it time to save.

On modern computers this is often very quick faster then you can react. However if your pc is sluggish then you really should wait for the os to confirm it is done.

Re:Depends.

[Aighearach]

When you say "PC floppy," are you talking about IBM brand floppy drives, or something else?

You may find the term doesn't carry the meaning you think it does.

Re: Depends.

Windows 8 used to give that message every time you put in a drive that hadn't been properly ejected.

I guess enough people avoided it that they just didn't now.

But sure, you act like you know what the fuck you're talking about while being insulting towards others. Why not.

Re:Depends.

[Aighearach]

I don't care if my DSLR is naive or not, I just want it to accept the storage media and save pictures to it. I don't care if I "should have to" unmount properly; that isn't a feature that is going to drive my purchase of a camera or other device, so it doesn't get to have important pedanticisms. The fact is, if it isn't properly unmounted, and it is plugged into a device that is not a general purpose computer, it might not work. If you're sure it works in all your devices, then you don't have to care, but there isn't a general answer about not caring that is actually useful.

Re:Depends.

Does that work if you have a file open in a program on that flash drive? I ask because I've seen a lot of students open their MS Word document from the flash drive and edit it there directly, regardless of how big the file is (e.g., a large thesis document). Worse, default format for these things is some variation of FAT filesystem, which doesn't have a lot of redundancy compared to more advanced filesystems. As a result I've seen a lot of corrupted files.

Yanking those things out without giving the OS a chance to finish its work is asking for trouble. It's not trustworthy.

Re: Depends.

It happened all the time in windows 8. It would pop up this box constantly

https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcQP_aQh6iGcco6O2SrWc8rxgyhD0iWmYgAL8k_ZuxvFv_AJxrHMVw

And when you click "repair" it would say "we didn't find any problems"

Really fucking annoying

Re:Depends.

[jrumney]

This is only true if it is the OS that is still writing. If all the data has already been written to the USB drive's cache, and it is the USB drives internal wear levelling that still hasn't finished, you're screwed.

Re:Depends.

I think 93 means that if you physically remove a drive in Windows it will tell you that your write has failed, rather than preventing you from doing so. (Of course).

You are correct that if you try to eject an in-use drive you get a warning, but your tone is deeply unkind and unhelpful. If you want people to like and respect you rather than merely tolerate you, you need to work on your communication skills.

Re:Depends.

[Spazmania]

Do you?

The buffer is where the data sits while waiting for the receiver to finish receiving and accept it. The write() call can return immediately while the OS sends data from the buffer in the background. The write call can block until the OS finishes sending data from the buffer. Either way there's a buffer that holds the data being sent until the OS is done with it.

Re:Depends.

I put my dick in the butt buffer of unsuspecting women.

Re: Depends.

I think the proper response to this nowadays is maga no cucked?

After all how else are you suppose to make it not floppy? Viagra?

Seriously... Merely a joke.

Re: Depends.

[c6gunner]

If by "very old" you mean Windows 7, and by "odd FS choice" you mean FAT32 and NTFS, then yeah, sure.

I get that message all the time on the work computers because nobody ever bothers properly dismounting the damn flash drives.

Re:Depends.

[tlhIngan]

Mr Gruber's scenario of hidden corruption just isn't a thing.

It can be.

On Windows, where the default is Quick Removal, what happens is Windows disables write caching internally and doesn't let WriteFile() or Close() return until all the data buffers have been committed down to the media. This means when an application writes, the calls block (or the async I/O object is not signalled) until Windows is satisfied that it has pushed every byte of data down to the media. For USB devices, this means it sets the "Force Media Access" bit which tells the device to actually commit the data to the media. But, Windows assumes when the USB device replies, it's done (assuming no write caching done hidden from Windows). Windows is correct that as far as it can tell, it's done its job - the data has been pushed to hardware.

But as anyone can tell you, Windows 98 had a fatal bug where new PCs would shut down so quickly that despite Windows flushing all the caches, it would still shut down faster than the disks would finish flushing their caches to disk.

Similarly, if you know how SSDs work, you may want to wait a couple of seconds after the write completes so the controller can flush out the updated tables to media. Not doing so risks the controller tables being corrupted and drive nonfunctional, or the file being corrupted because of incorrect indices.

Finally, a bad Windows app can cause extensive wear on removable media because of this - if you write a small buffer, that buffer will go to media. If it writes another small buffer, then it forces another write

And on Linux and macOS, it's somewhat essential, since those OSes still enable write-back caching. Yanking the drive before unmounting will result in corrupt files or a corrupt filesystem.

Re:Depends.

[Joce640k]

When does the OS say "all done"?

Re:Depends.

[Joce640k]

Was the Amiga able to sense a floppy is in the drive?

Yes, they managed to dedicate a whole I/O pin to that.

http://amigadev.elowar.com/rea...

Re:Depends.

[thegarbz]

Yes but all of that is completely irrelevant to the discussion since safely remove device does not take that into account.

Re:Depends.

[thegarbz]

And you'll still be screwed after the device is safely removed. By the way the internal cache of the USB stick is tiny. We're talking milliseconds for this process to finish.

Re:Depends.

+1 for being the Only other person who actually mentioned the 1 reason this is a bad idea... Delayed Writes....

I figured with this being Slashdot, that more people would have known the answer.

It's not a question of your preference in my opinion, but I'm a programmer and an extremely logically person...
You're either an idiot and think you know best or you aren't because you know the reasons why you shouldn't do this.
Don't just spout off your opinions, no one GAF unless you have FACTS!

Seems illogical to potentially corrupt data because of being lazy, to me at least...

Re:Depends.

[Cederic]

Sorry, where would this orange indicator be?

Is this a physical indicator? I can't see the USB ports I attach devices to, they're behind a monitor. The cables are what I use. I don't look at the cable or device either.

If it's a software indicator it's even less useful. I don't have any software consistently open in which such an indicator could be displayed. If I want to guarantee write buffers are cleared I have to open a new window and find the 'eject' option.

I should really learn the console command for that. hmm. Ok, that's less straightforward than I'd hoped.

Re: Depends.

[Joce640k]

Rubbish, I get it quite often (Windows 7).

There's entire web pages dedicated to this, eg.:

https://www.sevenforums.com/tu...

Re:Depends.

Depending on the exact scenario, error handling might be completely up to the application and unfortunately there's a lot of software out there that when it cannot write a file either crashes or assumes everything went all right. If you're just using Office and Explorer you're probably fine, but if you're using anything even a bit niche you should probably thoroughly test what happens before you make yanking USB drives part of your workflow.

Re:Depends.

For those who needs further explanation:
This requester is displayed if any transaction to the disk is attempted when the disk is ejected.
The select signal to the drive is connected to a LED so that the user can see when the access is done.
Since there is a small delay between writing a file and updating the file table (I think the last thing written is the access timestamp.) it is common that the user ejects the disk between when the file is written and that last access.

Note that the requester only is displayed when a transaction is attempted.
You can have files opened/locked on several disks and juggle them around as you do operations. The disk contains a unique ID that allows the OS to know which disks are currently available.

Requesting that the user re-inserts the stick if there are unwritten blocks should be a fairly easy addition to modern operating systems.
However there seems to be an attitude among OS developers that the user should do things on the computers terms and not the other way around.

There is a similar thing with shutting down your computer. On the Amiga you just waited for the hard drive led to stop flickering and then turned off the power.
With modern file systems it shouldn't be that hard to make it so that you can power down your home computer by just yanking the power.
Same goes for your laptop. Not being allowed to just shut it down instantly is a design failure IMO.
It is a device that is supposed to be used while you are traveling. Turning it off when the train or bus arrives should be something that is instant.
This is much less of a problem these days with SSD since you can just close the lid and move on.
When laptops had spinning disks they tended to fail hard if you started to move them around while they were still operating.

Re:Depends.

I understand that theoretically another process can initiate a write as you are yanking it out

I don't.

That a home computer does disk accesses without it being requested by the user is pretty odd.
If there are process around that randomly starts to access the disk then it should be a clear indication that you have malware.

Yes, I know that this isn't the case and that most modern operating systems are malware by design. I just don't think it should be that way.

Re:Depends.

[Wrath0fb0b]

If your operating system was programmed well, the IO call writing to the USB drive would not return until all write buffers were flushed, would not permit large write buffers to a USB drive -and- nothing else would attempt to write the USB drive in the background.

It's not a matter of 'programmed well', it's a matter of which sync/ordering semantics are specified and documented. Your claim is similar to saying that a hot dog is not cooked well because it's not an omelette.

Filesystems are generally specified as being async/non-atomic (modulo some syscalls like sync/fsync) and so well-written userland code will assume this. If you want different semantics, you can specify others -- there is a sync option in fstab, and various journaling/cache options for EXT and other filesystems. Alternatively, you can use SQL or some other abstraction layer that provides a even stricter set of guarantees.

Knowing the right tool for the job is essential, and the first step is reading the documentation on the tool to see what it does and does not promise to do.

[ And, as a side note, it's not clear that the "right" set of specifications for a USB drive is either sync/async. First of all, the bus by which a drive is connected is only tangentially related. Second, it's the application layer, not the transport layer that determines the constraints. For instance, if you were using a USB RAID to work with video files, async would likely be the right option as sync filesystem semantics are unnecessary to the application and could constrain performance. ]

Re:Depends.

Pull the drive at the wrong time and you corrupt the FAT

But the OS knows that this has happened.
As Joce640k pointed out above this issue was solved in the 80's by requesting that the user reinserts the device so that the FAT can be rewritten correctly.

The user typically knows that a transaction to the stick is ongoing and will wait until it is done with yanking the stick so in most cases the requester isn't needed.

Instead we have to do an ejection-step every time despite it not really being needed every time and it often requires some menu access so it is more than just a single click away.
It is a bad design that forces the user to do extra actions (With an unnecessary complexity.) every time they want to remove the stick to prevent extra actions from being made in the very few cases the user would have removed the stick before all transactions are done.

Re:Depends.

[Spazmania]

Your claim is similar to saying that a hot dog is not cooked well because it's not an omelette.

If you put a hot dog on a bun and hand it to the customer without first grilling or microwaving or somehow warming it up, it's edible but it's not cooked well. More to the point, it is very unlikely to be what the customer desires.

It's equally obvious that the default for a USB-based filesystem should be that it's in a state ready to be disconnected unless a user space program is blocked writing to it right this moment.

If you want a USB raid for manipulating video files, you can set the drive to use non-default options.

Re:Depends.

[arth1]

When does the OS say "all done"?

Generally when the drive reports that the write has completed.
If the drive isn't truthful about that, and reports success back to the OS before the actual commit, things can (and thus will) go wrong.

Especially when combined with write amplification, where a well used solid state drive finds out it has to clear up some space and shuffle data around and re-initialize an entire sector before the actual write can be done - that can take a second or more.
I am very skeptical when I see solid state drives that don't have occasional hiccups - it tends to mean that they do aggressive caching so people won't notice the blips, as they occur in the background, not blocking. And the worst controllers don't even push a journal to flash first thing, but keep some unwritten data in controller RAM for extra speed.

Re: Depends.

[Joce640k]

Really? So what are all these web pages on about, then?

https://www.google.com/search?...

Re:Depends.

[Joce640k]

Yes.

Re:Depends.

[Joce640k]

If one wants write caching and the like on a removable disk, then one should have to specifically enable it.

And... it should be simple to do, not buried under 300ft of dialogs and registry edits. eg. A tickbox on the first page of device properties - "Enable write caching until ejected (Y/N)".

Why? If you've ever tried to delete 10,000 files from a USB stick you'd already know why.

Re:Depends.

>Mr Gruber's scenario of hidden corruption just isn't a thing.

Please, no. You're talking about on Windows. Mr. Gruber was talking about on a Mac and said so in his article.

Re:Depends.

[Carewolf]

Was the Amiga able to sense a floppy is in the drive? PC floppies can't - the floppy controller doesn't even know if the drive is present or not, so if you disconnected your floppy drive (or the BIOS wrongly said there's one) you got a ghost drive in Windows.

If only modern operating systems had such technology.

They seem decent at warning that writes are ongoing on USB media

Yes, it could even tell which floppy you put in. Each individual floppy got a separate drive name, so it could ask for data on specific floppies, and have it automatically work if you installed extra drives and put some floppies there (you could even upload a floppy to memory, and games would use it automatically).

Re:Depends.

Because it is impossible for some application to be running in the background without an active UI and writing to disk

Re:Depends.

[Carewolf]

If your operating system was programmed well, the IO call writing to the USB drive would not return until all write buffers were flushed, would not permit large write buffers to a USB drive -and- nothing else would attempt to write the USB drive in the background.

Your operating system was not programmed well. Quick Removal only gets close.

That is bloody stupid. That is how you get 1980s IBM PC floppy performance.

To get any kind of halfway decent performance you need asynchronous IO, otherwise you can't read one place while writing another, and while updating the UI.

Re:Depends.

Mr Gruber's scenario of hidden corruption just isn't a thing.

On *Windows* computers. Linux/OSX is a different bird.

Re:Depends.

[ctilsie242]

All SATA and SAS drives are designed to be hot plugged and swapped, although people don't do that. Just because the hardware won't physically fry due to a hot unplug doesn't mean the data will be fine.

It would be nice if there were better mechanisms in operating systems to eject media. For example, an I/O signal to send to a process that no further writes can be done, with some way of telling the process how much stuff got written, so it could resume writing when the media is available, or otherwise exit gracefully. Hardware-wise, it would be nice to have an eject button, that once all the caches are flushed, that glows or otherwise signals that the media is ready for removal.

Re:Depends.

[Sloppy]

Was the Amiga able to sense a floppy is in the drive?

Yes, and the user could even hear it occasionally doing something mechanical, as part of the polling process.

Re:Depends.

[kelemvor4]

Maybe true, but...

If you just yank it, the next time you want to use it you'll have to go through "The file system on this disk may be corrupt, do you want to run CHKDSK on it" followed by several dialog boxes that need clicking.

Your idiotic "I'm going to yank it anyway" attitude just makes things worse in the long run.

Not if you're using a reasonably current version of windows. Honestly, until this idiotic thing got posted to slashdot I had forgotten about having to "eject" storage devices back in the day. Maybe it's a concern if you're using osx or some flavor of *nix. It is not a concern with windows.

Also, every usb device I own, and I have a large bag (probably 30 of various sizes) of them from tech conventions and the like... every one has an LED on it to indicate if read/write is going on. If the bright light is flashing, don't pull it. It's not rocket surgery. The article and ensuing discussion is a waste of electricity to post on the internet, and a waste of oxygen to feed the brain cells of the people thinking about it. The very definition of "slow news day" I guess.

Re:Depends.

[Khyber]

"If you just yank it, the next time you want to use it you'll have to go through "The file system on this disk may be corrupt, do you want to run CHKDSK on it" "

Uh, no? Haven't seen that in about 15 years. I NEVER eject drives. Hell I hot-swap SATA all day. I never get asked to run a damn thing.

Re: Depends.

[Khyber]

Those are all incompetent people that don't know shit about computers (sevenforums is a place rife with ignorance and lacking knowledge)

Try again with a source full of competent people. The only thing that ever triggers a "scan this disk" is when I move SD cards from my camera to my computer. Guess what? Other devices don't always fully support certain features of certain file systems. Sure you can write to it, but it might not have the capability to fully-update the entry that says if the drive was properly ejected or not (most cameras don't do this, in fact.) This happens weekly with almost every SD card I use with my Kodak Z981 or my Canon Rebel.

Re: Depends.

If by "very old" you mean Windows 7, and by "odd FS choice" you mean FAT32 and NTFS, then yeah, sure.

I get that message all the time on the work computers because nobody ever bothers properly dismounting the damn flash drives.

Work computers all the time getting jiggled with flash drives that are apparently passed around indiscriminately between people like candy.

Your computer security is a social engineering eldorado.

Re:Depends.

[prunus.avium]

Okay. Now think of the average home user. Do you *really* think Joe Average will know how to find that option? Will he understand what the option means? Does he even know what "caching" is?

This type of question always rustles my jimmies simply because the experts know what it means and how it works but the average user is clueless. And wants to remain so. We all need to remember Eric Raymond's other essay on the "Luxury of Ignorance". It's still very applicable today.

In other words, this is a (at least) two part answer):

To home users - and Managers - Yes, you always need to eject the drive before removing the USB.

To IT professionals, you already know the answer.

Re:Depends.

[Xtifr]

Yes, it's such a drag to have your application come back and allow you to continue working quickly. So much better to have it make you sit around waiting with your thumb up your ass while the entire IO operation completes.

Thanks but no thanks. I'll take the very minor inconvenience of an eject operation (with an occasional delay while the system finishes writing before completing the eject) over the constant inconvenience of waiting on IO.

Re: Depends.

[c6gunner]

Not quite. The flash drives are "controlled" and only ever get plugged into one of three different location: workstations on the main network, workstations on a small secondary network which is completely disconnected from anything else, and laptops which never get connected to any network (actually have all networking physically disabled).

The drives are just a way of passing data across an air gap, between devices which are all controlled by the same organisation. Nobody is using these flash drives as personal storage at home and then plugging them in at work.

I definitely do have concerns about some of the security practices at work, but this isn't one of them.

Re:Depends.

[dinfinity]

Sorry, where would this orange indicator be?

In Windows, the system tray and the devices and drives overview of explorer would be the most sensible places to put it.

I don't have any software consistently open in which such an indicator could be displayed.

Oh no, this completely invalidates my idea. Cederic has no use for it. Quick, call it all off!

Re:Depends.

And Win95 showed a blue screen if you ejected (IIRC) a cd-rom when some program was reading from it, asking you to put it back.

Re: Depends.

[Joce640k]

Nope.

I often get it on a USB stick that's permanently plugged into my PC (as a 'daily backup' device). Windows only needs to freak out a bit and the dialog will appear.

Re: Depends.

Ntfs is pretty stable; not sure what bugs you mean. Chkdsk works fine on ntfs

You can't always eject first on Mac

I can't count the number of times I've tried to eject a USB drive, and Mac OS tells me it's "unable to eject the drive because it's in use."

Usually it's because Preview.app held onto some file descriptor for its stupid thumbnail of recent documents - not the list in the file menu, the one that pops up when you right-click on Preview in the Dock.

Apple used to promote the idea that the user is in charge. When I click "eject," the damn thing should eject!

Re:You can't always eject first on Mac

[houstonbofh]

Apple used to promote the idea that the user is in charge.

Yeah, like cdroms that dont have eject buttons, and if you're old enough to remember that a floppy drive is, same crap there. I more surprised that Apple does not lock the usb-ports so you CANT unplug a thumbdrive without asking for authorisation from the mighty System7...

I remember when a PC power switch was actually a SWITCH and not a software interrupt! It had 4 big mains power wires.

Re:You can't always eject first on Mac

[HiThere]

That happens on Linux, too, with various window managers.

I've never been certain whether this is dangerous or not. (I tend to play it safe.) It shouldn't cause any trouble, but you *might* end up with a corrupted file system if you just pull it out.

Re:You can't always eject first on Mac

[fisted]

Yeah and what a crappy design that was, with the power wires going all the way through the case to the front panel.

Re: You can't always eject first on Mac

[Bing+Tsher+E]

Actually, that design meant that power was isolated to that set of wires. Which, granted, sometimes meant those wire ends slid onto spade lugs on the power switch with little or no insulation.

A computer that can kill stupid fucks who open the case to meddle isn't all bad, however.

Re:You can't always eject first on Mac

Back in the day those switches were usually on the rear corner by the power supply, not the front.

Re:You can't always eject first on Mac

Most power supply units actually do have that switch in the back. The power button in front is a wakeup/sleep button.

Re:You can't always eject first on Mac

[93+Escort+Wagon]

I remember when a PC power switch was actually a SWITCH and not a software interrupt! It had 4 big mains power wires.

Oh, yeah? Well I remember when the ESC key was an actual physical key on the keyboard, not an array of illuminated diodes on some silly touch-sensitive narrow one-line screen.

Re: You can't always eject first on Mac

[crashumbc]

high power wires to the front of the case then back to the PS, is fucking stupid. Just from a design standpoint.

Re: You can't always eject first on Mac

[Bing+Tsher+E]

"Reach around to the back of the case" mini-tower design is equally, if not more stupid.

And the design was just 'project the power switch up to the front on one cable' from the users, and even the installers point-of-view there was no 'to the front then to the back.'

Re:You can't always eject first on Mac

Windows has this problem too. For some reason some external hard-drives (eg my external 1TB seagate drive, and its predecessor) are treated as internal drives by some parts of windows, so you can click "eject" as often as you want but it will just keep throwing up messages about the drive being in use.

There is a solution, but it involves using processExplorer to mess with the drive's defaults so it's not something your average user is likely to be comfortable with.

I really wish MS would fix this issue!

Re:You can't always eject first on Mac

Yeash, you just triggered an old memory. Anyone else have to deal with a mac begging you to re-insert a disk that it had previously ejected? That one was particularly fun if you had over-written / re-formatted / given said disk to a friend in the intervening time!

Re:You can't always eject first on Mac

My favorite is there were a few versions of OS X, where dragging files from a CD to your desktop created aliases (basically shortcuts), rather than copying the files. Multiple times, I'd drag the files off a disk while distracted by something else, only to return, see no progress bar, assume the copying was done, and eject the disk. I'd then see all the icons from the desktop disappear and grumble to myself that I had to wait all over again.

Re:You can't always eject first on Mac

PC's never ran AC power to the switch! It was turned on and off via a relay in the power supply. The switch itself only had low-voltage signal wires leading to the relay.

Re:You can't always eject first on Mac

[Aighearach]

Do they at least have an eject command like most *nix? On linux it is usually /usr/bin/eject and you can use the -t flag to close it.

And if it is busy, then you can lsof /dev/cdrom

Re:You can't always eject first on Mac

[Aighearach]

an array of illuminated diodes on some silly touch-sensitive narrow one-line screen.

That sounds really horrid, I'm so glad I've never even seen such a device.

I think I'd probably make a custom keyboard before even touching a keyboard like that.

Re:You can't always eject first on Mac

[dotgain]

I'm guessing you're defining "never" to mean "not in my 20 year life time"

Re:You can't always eject first on Mac

> Do they at least have an eject command like most *nix?

We're talking pre-Mac-OS-X era here. There was no command line on which to type such commands.

Re:You can't always eject first on Mac

[thogard]

I figure hat MacOS from 10.10 is doing something with a virtual file system that is screwing with normal behavior. When I do a "ls /Volume/USB" I often get "." and nearly every time I run "ls -ls | sort" I get "ls: .: Invalid argument".

I've got a few Sandisk USB sticks that flash for about 3 seconds after OS X said the drive is ejected. I wish it would beep once but I expect the OS thinks the buffers are flushed and the USB stick is updating its metadata. If the drive is removed then, sometimes they never work again.

Re:You can't always eject first on Mac

It's more horrid than you imagine.

You have to tap the bar to wake it up, THEN you can tap the Escape key to do whatever you needed it to do.

I could kill Steve for dying before his time. Idiot.

Re:You can't always eject first on Mac

[cyn1c77]

I can't count the number of times I've tried to eject a USB drive, and Mac OS tells me it's "unable to eject the drive because it's in use."

Usually it's because Preview.app held onto some file descriptor for its stupid thumbnail of recent documents - not the list in the file menu, the one that pops up when you right-click on Preview in the Dock.

Apple used to promote the idea that the user is in charge. When I click "eject," the damn thing should eject!

You can generally solve this issue by killing the Finder app, as well.

Re:You can't always eject first on Mac

[fisted]

No, that's what we have now. Maybe you're too young to have experienced the pre-ATX time?

Re:You can't always eject first on Mac

[Mike+Frett]

If it does that in XFCE you kill "tumblerd" and it'll eject then. =)

Re:You can't always eject first on Mac

[Khyber]

I bet I could open your PC case right now and find goddamned spaghetti wiring all over your interior. As if ONE EXTRA SET OF WIRES from the PSU is that much of a problem when you've already got cables running from the PSU all over hell and back.

Tell ya what, you can gripe when the PSU just has one cord going to the motherboard, and when the necessary cables for the other peripherals all carry data and power on the same cable.

Till then, you're really just griping without any actual hindsight. Hell, I actually wonder if you've ever opened up any case at all. Pre-ATX days (my 8088 for example) had neater wiring than most computers TODAY. And yes, it had that nice bulky primary power switch with four bulky ass wires.

Re:You can't always eject first on Mac

[HiThere]

I think it's better to track down what's holding onto the USB. Occasionally I've had a process running in the background that really should prevent the device from being ejected. More commonly, of course, I've just had a terminal window open that was using something on it as the "current directory". The second case should be easy to just eject, the first case...better kill the process first.

In either case I could just reach over an pull the device out...the question is "Can I do that without corrupting the files or file system?". And in both cases I prefer to handle the process properly.

Re:You can't always eject first on Mac

[fisted]

I bet I could open your PC case right now and find goddamned spaghetti wiring all over your interior.

You would not be wrong, but apparently it doesn't stop you from missing the point.

As if ONE EXTRA SET OF WIRES from the PSU is that much of a problem when you've already got cables running from the PSU all over hell and back.

Tell ya what, you can gripe when the PSU just has one cord going to the motherboard, and when the necessary cables for the other peripherals all carry data and power on the same cable.

I think you need some basic electrical education, maybe hit up youtube etc, even that might be enough to teach you the subtle difference between low voltage wiring and cables directly connected to mains; both in terms of safety and other unimportant things like fire hazards etc.

It is not like joe sixpack is going to disconnect power when replacing a hard disk or what not.

"But the computer is off, what could go wrong?"
-You

Till then, you're really just griping without any actual hindsight.

Without actual hindsight? I don't think you meant to say this, but hindsight is really where all this comes from. But don't let this get into your way of pulling absurd statements and assumptions out of your ass.

Hell, I actually wonder if you've ever opened up any case at all.

And I wonder whether you have ever opened a PSU, because even the PCB inside it *has to have* (in the EU at least, not sure about 3rd world shitholes like the US) a clear separation between primary and secondary side, with extra insulation such that nothing may even get close to the primary side.

And now you're coming along with the "great idea" of extending the primary side to the outside of the PSU across the interior of the case to the front panel and then back, where two of those wires are always live, even when your "nice bulky switch" is off. Great job.

Instead, smarter people came along, relocated the physical switch back into the PSU where it belongs at the same time as finally managing to implement useful things like software power off, wakeonlan.

Up until here, I was gonna blame everything you wrote on the Dunning-Kruger effect, but after noticing that your only argument against it is that you personally like the feel of that big bulky switch, I have to clue you are, in fact, retarded. I kind of feel sorry for you.

Re:You can't always eject first on Mac

I was there at the beginning.

IBM PC: switch at the rear.
IBM PC-XT: switch at the rear.
IBM PC-AT: switch at the rear.

https://en.wikipedia.org/wiki/IBM_Personal_Computer#/media/File:IMB_PC-IMG_7271.jpg

https://en.wikipedia.org/wiki/IBM_Personal_Computer_XT#/media/File:Ibm_px_xt_color.jpg

https://en.wikipedia.org/wiki/IBM_Personal_Computer/AT#/media/File:IBM_PC_AT.jpg

Re:You can't always eject first on Mac

[houstonbofh]

I'm guessing you're defining "never" to mean "not in my 20 year life time"

Thinking of digging out my old Win95 gaming monster with a per-production Pentium Pro 166, 3DFX Voodoo2 graphics, Barracuda SCSI drives in an InWin case with a real switch on the front!

Re:You can't always eject first on Mac

[fisted]

Well I've seen enough XT and AT that had their switch at the front. It's almost like this detail wasn't formally specified and manufacturers did whatever they thought made sense.

Re:You can't always eject first on Mac

Well I've seen enough XT and AT that had their switch at the front.

Maybe you could specify exacly which one you're referring to that had this "crappy design," then. I don't think it was IBM.

Re:You can't always eject first on Mac

[fisted]

How does that matter? The crappy design is running mains through to the front panel. It has been done.

Why does it matter which specific manufacturers did it?

Re:You can't always eject first on Mac

The crappy design is running mains through to the front panel. It has been done.

Okay then--show me, don't tell me!

The only clue you gave was "pre-ATX era" machines so I looked at the obvious candidates: the original IBM PCs, and it was not them. So which?

Re:You can't always eject first on Mac

[fisted]

I've seen it on basically every tower-case AT computer I've had the displeasure to open (maybe a dozen) in what would be mid to late 90s in Germany. No, I don't remember make and model. From memory, one was a 386SX with 33 or 66 Mhz and one was a 486DX with 100 MHz. I think there was also a Pentium 90 among them. Each case (typically big towers) would have a super bulky 230V-rated actual power switch connected directly to the power cord.

I won't be doing extra research on which manufacturers did it and which did not do it since I ultimately don't care whether or not AC on /. believes me.

Re:You can't always eject first on Mac

well, I've never been to Germany so I don't know what they had, but mid-to-late 90s is not pre-ATX era!

Re:You can't always eject first on Mac

[fisted]

The "ATX era" beginning in the mid 90s does not mean that the "AT era" ended at that point. I've seen AT crap being used well into the early 2000s. Nobody abandoned their AT computer just because the ATX spec was released.

This isn't a debate

[Murdoch5]

Depending on the write method in use from the OS, you either have transferred the full contents of what you wanted, or you haven't. In the later, ejecting will finish the write cycle and in the first you're good to go. There is one other rare problem that can arise and that's file-system corruption. and you run the risk of it by just pulling your USB key out, although with any modern file-system, such as EXT4, BTRFS, ZFS, even NTFS, that chances of seeing corruption are rare.

Re: This isn't a debate

Type âoesyncâ first, you dumbass.

Re:This isn't a debate

Tell that to Apple. Even if you unplug a read-only ntfs drive, it keeps complaining, and complaining and complaining.

Re: This isn't a debate

[tepples]

What is "âoesyncâ"? [1]

Even if you do type sync before ejecting, that doesn't keep some other process from opening and writing another file on the volume in the seconds between when you type sync and when you actually pull the plug. To prevent the possibility of corruption, you need to unmount the volume (and possibly remount it read-only) before disconnecting the drive.

[1] Rhetorical.

Re: This isn't a debate

[drinkypoo]

What is "ÃoesyncÃ"? [1]

A sign that Slashdot's text handling is pathetic.

Re: This isn't a debate

[Hognoxious]

It's either the Maori name for New Zealand or what Toilet & Douche re-branded themselves as a few years back.

Re: This isn't a debate

A sign that Apple is fucking retarded and needs to compulsively convert all plain double quotes (") into "smart curly quotes".

Re: This isn't a debate

[CaptainDork]

It's a sign of operator error.

We're nerds.

Work around it.

Re:This isn't a debate

[CaptainDork]

Tell that to an old Windows NT server.

I plugged up an EHD for backup; ejected it; and it bitched, topping out the error log over and over again.

It thought the yanked EHD was performing poorly.

Re: This isn't a debate

It happened long before iPhone came along, when people would paste text from web pages or Word documents into their postings.

There's nothing wrong with curly quotes. They're completely valid characters in a completely standard and common encoding (UTF-8 is the #1 encoding on the Web) that's over 20 fucking years old.

Slashcode is the problem, always has been.

Re: This isn't a debate

[johnw]

ITYM

sync; sync; sync;

Re: This isn't a debate

[drinkypoo]

It's a sign of operator error.
We're nerds.
Work around it.

It's too bad Slashdot isn't run by nerds, apparently. If it were, they would have had a burning need to fix it.

Re: This isn't a debate

[Joce640k]

Yeah, I can't wait for the day when slashdot posters can use all of Unicode for their missives. I love all those fun little graphic symbols.

Not.

(OTOH you'd think they'd be able to find/convert quote marks when they receive a message).

Re:This isn't a debate

[Joce640k]

It thought the yanked EHD was performing poorly.

It was correct.

Re: This isn't a debate

[CaptainDork]

"Burning need," is code for, "rabid greed," from /. perspective.

What's your guess for ROI of a fix?

Re:This isn't a debate

[CaptainDork]

Touche'

Re: This isn't a debate

[drinkypoo]

Yeah, I can't wait for the day when slashdot posters can use all of Unicode for their missives. I love all those fun little graphic symbols.

It's a simple process to whitelist the useful Unicodes, and disallow the rest. An equally simple count of which Unicodes people are trying to use will tell you which to consider. This is not rocket surgery. It's simply not giving a shit.

Re: This isn't a debate

[thogard]

In the days before System V, the sync call needed to be called 3 times. Once to write the data, once again to write the metadata (like atime and directory entries) and a 3rd time to write the the metadata of the metadata.

Re: This isn't a debate

[Joce640k]

Why does Slashdot need special curly quotes and apostrophes? Are Mac owners really so disgusted by ordinary ASCII ones?

If we give them that they'll want a different font (which nobody but Mac owners can distinguish from the existing one) and lower contrast color schemes, too.

Re: This isn't a debate

> Why does Slashdot need special curly quotes and apostrophes?

It doesn't. Frankly I wouldn't give a shit if it transcoded them to straight quotes behind the scenes, as long as it did SOMETHING intelligent with them. What it does now is brain dead.

Re: This isn't a debate

[Joce640k]

It's much simpler than that to convert them to ordinary ASCII quotes and apostrophes so you don't have to upgrade your ASCII database.

(or any of the other problems that can appear when you undertake a large switch to Unicode).

Re: This isn't a debate

[ArsenneLupin]

A sign that Slashdot's text handling is pathetic.

No. It's a sign that the Anonymous Coward who wrote âoesyncâ is an idiot who shouldn't be trusted with a keyboard. Or a troll. Or both.

Re: This isn't a debate

Where is the â on the keyboard, you doofus? Turn off smart punctuation on your iThing.

Re: This isn't a debate

[DCFusor]

You're right, it's pathetic. It should detect stupidity like those quotes and reject them upfront instead of mis-displaying them, or I mean, displaying them the way one dictatorial opsys insists is the one true way.

Re: This isn't a debate

> Where is the â on the keyboard, you doofus? Turn off smart punctuation on your iThing.

You realize it's Slashdot that inserts the 'â', right? It's not the iThing's fault.

Re: This isn't a debate

You'll have to type sync; sync, just one is insufficient, only two guaratee that all data is written to the physical medium. Even then, that does not guarantee that any additional data in flight has been written.

Re: This isn't a debate

[drinkypoo]

I'll give you that as a contributing factor, but slashdot should handle those people more gracefully. Also, smart quotes often appear in pasted content, so the problem is bigger than just people with defective browsers, and defective minds sufficient to prevent them from changing preferences.

Re: This isn't a debate

[ArsenneLupin]

Also, smart quotes often appear in pasted content,

In the present case, however, I doubt that the user had to copy-paste the word sync. 4 letters. It's quicker to type it.

so the problem is bigger than just people with defective browsers

And defective webservers (where people might copy-paste such content from). However, as far as I know, nowadays even Wordpress no longer does this nonsense. Other web servers still might. Or might pull similar stunts using CSS (transparent "glass" layer over whole page so that you can't paste anything). Best is to bring it to the webmasters' attention, so that he can update / change his software.

Re: This isn't a debate

[drinkypoo]

Lots and lots of major websites use smart quotes. It's very common on news sites, especially. Not handling them gracefully is inexcusable.

Re: This isn't a debate

[ArsenneLupin]

Lots and lots of major websites use smart quotes. It's very common on news sites, especially. Not handling them gracefully is inexcusable.

Hmmm, but with the recent legal climate, it might not be so advisable to change Slashcode for the express purpose of facilitating "stealing" valuable content from news sites ("Leistungsschutzgesetz", etc.). Better find a different excuse.

... or maybe Slashdot could use a different string than âoe for smartquotes? Unicode character 0x1F4A9 might be appropriate :-)

With Windows you can't tell

The problem of the safe drive ejection approach is having to wait for Windows (and I've found it's invariably Windows) to release a lock on a file because some program might have been using it at some point, then not giving you any capacity to tell just which program and file it might be so you can take care of it yourself. Then you just have to yank it anyway.

Re:With Windows you can't tell

Me: *Tries to eject flash drive.*
Windows: "Cannot eject drive as files are still being used."
Me: *Closes Explorer window that was open to a folder on C and not any folder on the flash drive, and tries to eject again.*
Windows: "Drive can be safely removed."
Me: "WTF?"

Re:With Windows you can't tell

[Hognoxious]

I've had Nautilus on Linux do it sometimes.

There's an "eject anyway" button but on my version it doesn't work.

Re:With Windows you can't tell

[houstonbofh]

Me: *Tries to eject flash drive.*
Windows: "Cannot eject drive as files are still being used."
Me: *Closes Explorer window that was open to a folder on C and not any folder on the flash drive, and tries to eject again.*
Windows: "Drive can be safely removed."
Me: "WTF?"

Windows: "Windows is applying Updates. Do not turn off your computer."

Re:With Windows you can't tell

[houstonbofh]

Time for the skinny elephants...

Re:With Windows you can't tell

[NoZart]

Weirdly enough, i never had problems yanking USB from windows machines (from xp onwards - before you only needed to look at the screen angry to make the computer crash). OSX on the other hand managed to wreck quite a few sticks so i had to reformat them. (This is 3 years back though when i had to support Apple in our company, might be fixed by now.)

Re:With Windows you can't tell

[Cid+Highwind]

Me: *Tries to eject flash drive.*
Windows: "Cannot eject drive as files are still being used."
Me: *Closes Explorer window that was open to a folder on C and not any folder on the flash drive, and tries to eject again.*
Windows: "Drive can be safely removed."
Me: "WTF?"

Just another "feature" shamelessly plagiarized from Mac OS!

Re:With Windows you can't tell

[omnichad]

Me: *Closes Explorer window that was open to a folder on C and not any folder on the flash drive, and tries to eject again.*

Well what if that external drive had an autorun.inf or autorun.ico? Have to get that and display the right icon. Oh, and then that triggers a virus scan of the drive icon. But that only takes a few seconds, right?

My thought

Why is it doing background operation without notifying the user? The led is there to indicate that there's something going on, why is it not flashing if there's something being done?

Re:My thought

[houstonbofh]

Why is it doing background operation without notifying the user?

Because the data-mining is supposed to be a secret!

Re:My thought

[Anne+Thwacks]

You might be using a file system called FAT - which stands for "File Allocation Table" and is only partially connected with overweight files and the concept of bloatware.

The FAT is a table (bit map of sectors in use) which says which parts of the disk are in use, as well as where the files and their parts are stored. There are also flags saying if the file system (partition) is in use, and if it has been modified - and probably other things (I was last involved in this in about 1990).

When you eject, the system stops making the changes you requested (reads and writes), and updates these tables to a consistent state (well maybe not all that consistent, if its Windows, and completely inconsistent if DOS 4.0), and then clears the dirty (modified) and Open (in use) flags for each partition.

If the eject procedure fails to complete, and the dirty flag is set when you next try to use it, the OS will try to clean up the mess - it may succeed, or trash the data, and report success, or it may fail and tell you the system is dead.

With USB sticks, the data you see is not the real data. Because of the need to hide the bad blocks, and hideously long write time, the OS sees virtual data, and operates on virtual data. The real data is different. A single bit change (eg clear the dirty bit) could end up requiring three or four copy and write operations, operating on massive amounts of logically unrelated data, unknown to the OS. If you trash those, the OS for the CPU in the USB stick will be utterly bamboozled, and you have no interface to tell it to do a factory reset, so you USB stick is dead.

(Actually, the underlying interface to the USB stick is SCSI, and there probably is a SCSI command that would unbrick it, but you can be damned sure that the manufacturer won't tell you what it is, because if he did, you would not go out and buy another USB stick, would you?)

Re:My thought

[Darinbob]

The solid state USB drives essentially have their own mini OS that controls things. You have to give that a chance to get to a reliable state.

Re: My thought

[guruevi]

The OS should set those flags whenever the write operation has completed, not wait until a "clean shutdown" happens. There are lots of things that can happen between the file write and the time the partition gets unmounted (eg power or controller failure), not accounting for technical issues is a flaw.

Re: My thought

You can still buy flash drives with lights on em?

Re:My thought

[Kaenneth]

transactional writes.

a well designed system shouldn't allow a bad state to be possible (barring cosmic ray/claw hammer type external events)

Re: My thought

[PetiePooo]

The OS should set those flags whenever the write operation has completed, not wait until a "clean shutdown" happens. There are lots of things that can happen between the file write and the time the partition gets unmounted (eg power or controller failure), not accounting for technical issues is a flaw.

Where's my mod points when I need them

I'd long wished that removable media was ROW (read-remount on write) and automatically switched back to ROI (read-only on idle). Once it automatically changed read-enabled state, a system tray (or menu bar on macs) icon could indicate when it's safe to unplug.

Re:My thought

[thegarbz]

While you are technically correct, all of this happens before a write operation is completed in Windows. When that little bar hits the 100% mark you can happily yank away without any concern for your data.

Re:My thought

[Darinbob]

Of course. Good luck knowing if the USB drive you have is well designed or not.

Re:My thought

The parent post is full of wrong information:

    * FAT is not a bitmap, it's a linked list. Most filesystems use bitmaps. FAT was designed for small storage volumes.

  * Unless you are buying your USB sticks at Chairman Mao's Dollar-rama then the underlying flash filesystem is resilient to both page tears and partial writes.

    * The underlying interface to the USB stick isn't SCSI. These days one can say that one layer of the protocol is SCSI inspired, but that's about it.

Re: My thought

[thegreatbob]

At least out of the ones i've purchase in recent history, every one has had a power/activity indicator light.

Yeah Sandisk has it

Caching and open file descriptors make Horton a sad who. It really depends on your system settings and many systems Are optimized for speed.

That said Iâ(TM)ve had some delightful experiences. I used to load an image to several usb sticks at a time. It was just dead simple to image 20 of these monsters and throw them in a package for the field guys.

Every once in a while one would fail to write. Linux would show a transfer speed of something around 4gb/s. This could be corrected with an eject and reinsert, but it was abbkying. Eventually I had the imager report transfer speeds as part of the report. This used dd with no caching options. Never did understand why some devices wigged out.

Service Technician

I repair computers and macs for a living and have been doing so for more than 20 years.

Is it safe to yank a USB drive?
No, but the severity varies by OS.

On Linux or Mac? Somewhat, or at least safer than Windows, but I'd go ahead and unmount it anyway just to be safe.
On Windows? No. You can do it, but you're taking a gamble every time that doing so will break the partition tables. You might be able to fix that and get the data back off of it... or you might not.

Now, will I do it anyway, knowing the risk?
Absolutely, and especially on windows. I keep a drive just for moving diagnostic tools or software to windows computers while inside the OS and occasionally, windows decides it doesn't want to unmount it, so I'll yank it anyway. But that's with the understanding that everything on that drive can go 'poof' any time I do it and everything on it is backed up.

In short:
If you value what's on that drive, you shouldn't... but you should have more than the one copy on the drive of whatever you're moving around anyway.
If you don't have backups, it must not have been important.

Re:Service Technician

No. You can do it, but you're taking a gamble every time that doing so will break the partition tables.

Got a reference for that's what is happening, or just strung together a set of words? The partition table is pretty much the last thing I would think is going to be a problem, it's not regularly being updated (and I suspect in the majority of cases, never changed after removal from the original packaging), so the changes of the content not having been flushed from cache yet is pretty much zero.

Re: Service Technician

Microsoft does update a partition table when it sees it for the first time. It's an awesomely bad idea, but hey: Microsoft

Re: Service Technician

Copies several TB of data to brand new (already tested, certifiable "good") external HDD on Windows, write cache is disabled. Runs verify tool with sha256 checksums to validate data integrity on drive has been successfully written, and which can also be read back successfully.

Ceases all i/o, safely and properly disconnects device from Windows.

Then physically powers off device, waits to spin down, and unplugs USB cable.

Plugs back in USB cable and the powers on HDD. (TL;DR: Does Everything Correctly)

Windows: "Drive X is not formatted, Would you like to format it now? (yes/no/cancel)

Me: What the Fuck!!! ::FUUUU Rage meme::

I KNOW this has happened to many others, and it is not some sketch hardware or some other bullshit with the operator.

I blame the OS, shitty drivers, shitty chipsets doing all sorts of bullcrap at an electrical level. I suspect Windows adds an entire level of extra fuckery. In all fairness, this issue is manifest on other operating systems. I rather have the classic 'device busy' where something is tied up in kernel land, and you have to power off the entire god damn computer to unplug the drive, versus the data corruption.

One definitely should not just carelessly yank cables, but I argue there is much more to this than just poor operating procedure by the end user.

Re: Service Technician

[guruevi]

Microsoft OS keeps the modified partition table in memory until it gets cleanly unmounted or there is "time" to write it out.

There is no guarantee (what we're used to in real OS) that your operation was atomic.

Re: Service Technician

Letting Microsoft touch anything real tends to fuck it up. Microsoft is like the player's handbook definition of chaotic evil: it destroys both beauty and the truth upon which it relies.

Re: Service Technician

you gave incorrect advice

you appear to be talking about yanking a usb drive where read-only access is occurring

try pulling a usb- drive after writing to it and write back how well that works

Re: Service Technician

Your order is wrong. Power should be on when usb is connected or disconnected. Whatâ(TM)s happening is that when you plug in without external power, thereâ(TM)s just enough voltage for the drive electronics to return wacky results, since thereâ(TM)s not enough to actually spin up and query the drive.

Re: Service Technician

[lgw]

Microsoft OS keeps the modified partition table in memory until it gets cleanly unmounted or there is "time" to write it out.

Partition table? Really? That thing that is written once and never changed? You keep using that word, but I don't think it means what you think it means.

Risk

[xonen]

It's akin to saying you probably don't need to wear a seat belt

No, no and no.

As you may know, risk = damage x chance.

When i don't wear a seat belt and get in a crash, i might die or suffer severe injuries. That's big damage.

When i loose a file, i lost a few bits. I usually couldn't care less. It might be a photo or mp3 file. It might be a failed backup. Worst case it's a fortune worth of bitcoin. But i won't die from it.

Don't make analogies that just aren't true. Don't pretend a lost bit is the same as a broken body part. And to be on-topic - i usually just `yank` my thumb drive out whenever i want. When i feel it's really important i might once in a blue moon go the official way. I'm perfectly capable of calculating the risk that i take. Saving many seconds on repeated actions weigh up against that one time i was to quick and spend a minute re-copying a file.

It's just the next episode of FUD - same as the 'experts' done with passwords. Just so now they have an excuse to blame the user if a flash storage fails (which they do): 'you probably yanked it out'.

Re:Risk

loose?

Re:Risk

[angel'o'sphere]

As you may know, risk = damage x chance.
Only if the damage is monetary and you are in the insurance business. Otherwise risk and chance are two orthogonal axis.

E.g. the typical prisoner dilemma: you are sentenced to life time prison. You get offered to either stay and accept the sentence or walk through two doors: one door gives you freedom, the other door execution.

The chance is 50% for either freedom or death. The risk is death, and not an abstract number multiplied from two other numbers.

Re:Risk

Doesn't really matter, just the unit in which risk is expressed is 'death' instead of 'money'. The risk is 0.5 death. (or 0.5 life, as you wish).

Re:Risk

Risk is fairly universally recognized in abstract as risk = probability x severity and is tied to a specific hazard. The exact terms vary by industry but the calculation is the same, and usually not an actual math problem (although sometimes it is done very formally with numerical output). For example, a hazard is identified (data loss/file corruption), severity is (low/negligible), probability is (low) - which results in a RAC 1.

Re:Risk

[houstonbofh]

When i loose a file, i lost a few bits. I usually couldn't care less. It might be a photo or mp3 file. It might be a failed backup. Worst case it's a fortune worth of bitcoin. But i won't die from it.

Funny you should say that. When it comes down to it, the biggest killer on this planet is a lack of money. So that loss of bitcoin could kill you if you needed food. Or if you owed the mob. Or if you needed an operation insurance would not cover. Many wars in the world about about nothing more them money.

If money really means nothing to you, you must have quite a bit of it by world standards.

Re: Risk

[Kjella]

The worst case is almost always that you die. You can die of a heart attack, a car crash, lightning strike, whatever. We have dismissed them because they are highly improbable. If it was 50-50 thereâ(TM)s a âoerealâ chance youâ(TM)ll die. It only looks like a 1D model after youâ(TM)ve evaluated the other dimension.

Re: Risk

[Bing+Tsher+E]

thereÃ(TM)s a Ãoerealà chance youÃ(TM)ll die.

It's not lethally dangerous to fix the defective configuration in your iGadget.

Re:Risk

[DamnOregonian]

I think you need to learn what an analogy is.

And to be on-topic - i usually just `yank` my thumb drive out whenever i want.

Nevermind. You're fucking hopeless.

Re:Risk

It's akin to saying you probably don't need to wear a seat belt

No, no and no.

As you may know, risk = damage x chance.

When i don't wear a seat belt and get in a crash, i might die or suffer severe injuries. That's big damage.

When i loose a file, i lost a few bits. I usually couldn't care less. It might be a photo or mp3 file. It might be a failed backup. Worst case it's a fortune worth of bitcoin. But i won't die from it.

Don't make analogies that just aren't true...

From doctors to warfighters, damn near everyone has found a critical use and need for a thumb drive. And lost data has cost lives before. Next time, don't ASS-U-ME the critical nature of other peoples data. It only makes you look like an idiot.

Sigh.

[ledow]

If you haven't written anything to the USB, yes, it's completely safe. Any filesystem that's writing data just because of your passive reading of the disk is a) stupid, b) should have recovery for such, c) shouldn't be writing anything important (e.g. a last access time, maybe?)

If you have written anything to the disk, and it's synced to disk (i.e. activity light is idle) then, yes, it's safe. This may be dependent on OS and whether you can see any activity light. Modern OS should mount without write-caching for external drives unless told otherwise, and any half-decent filesystem should survive a forcible unmount in such circumstances

If the USB is still busy churning after you copied files to it, and you yank it? Yes, you're gonna lose data.

That a bunch of "nerds" can't figure this out after all the years we've had USB disks etc. (I remember starting with them in 95 OSR2 / Linux 2.0 personally?) really worries me.

Same as floppies before it. Floppy only being read-from? You can yank it. Floppy was written to but has now gone idle? You can yank it. Floppy was written to and it still pulsing / flashing? Leave it alone.

Re:Sigh.

[tepples]

If you have written anything to the disk, and it's synced to disk (i.e. activity light is idle) then, yes, it's safe.

The activity light comes back on just as your brain sends the signal to your arm to pull the plug. Still safe?

Re:Sigh.

[hcs_$reboot]

+1

Re:Sigh.

Yeah, but how 'bout yanking a hard disk platter - since you can't see them spin...?

-- Asking for a friend.

CAP === 'bogeymen'

Re:Sigh.

First off, it's a really stupid design to have one indicator light for read and write, they should really be separate, it's not like LEDs are that expensive anyways.

Secondly, why is the computer doing things that you're not telling it to do? If you haven't told it to do something, then it shouldn't be updating files that are of any interest and it sure as hell shouldn't be fucking around with the filesystem in ways that could destroy the whole thing.

In practice, in all the years that I've had flash drives, I've never had this problem on anything other than Windows. And that's mostly because MS is run by a bunch of literal monkeys that don't do anything the right way. It's Tuesday, well, we better rewrite the whole partition table just so that we can lose some data and cause some corruption.

Re:Sigh.

[tepples]

Secondly, why is the computer doing things that you're not telling it to do?

People tend to forget what they have told the computer to do in the background, such as index text files for full-text search and index image files for thumbnail browsing.

Re:Sigh.

[houstonbofh]

If you haven't written anything to the USB, yes, it's completely safe. Any filesystem that's writing data just because of your passive reading of the disk is a) stupid, b) should have recovery for such, c) shouldn't be writing anything important (e.g. a last access time, maybe?)

That would be windows that by default updates the partition table when it sees a new disk. And while I agree with you, it is still the way it is...

Re:Sigh.

[rnturn]

Wouldn't those be read-only activities? I can't imagine that interrupting that would corrupt the contents of the USB drive.

Re: Sigh.

[Bing+Tsher+E]

I was always disappointed by what happened when I dragged the 'hard drive' icon to the trash can on a classic MacOS system. There should be loose 6-32 screws rolling around on the tabletop after the dust settles.

Re:Sigh.

Depends where the index is stored. Although being an index it should be rebuildable if it was corrupted...

Re:Sigh.

...unless it modifies the filesystem tree and leaves some inodes unreachable.

Re:Sigh.

Any filesystem that's writing data just because of your passive reading of the disk

You obviously don't use timestamps or logs of things then I take it?
Merely viewing a folder requires flags and timestamps to be written to the drive being accessed. All OS's do this.

Re:Sigh.

Sigh, another idiot confusing "should" with "what really happens"

Re:Sigh.

[thegarbz]

That a bunch of "nerds" can't figure this out after all the years

The bunch of nerds are stuck in the past not realising that for the past 17 years the most popular OS in existence has disabled write caching on removable drives by default and you can yank away as much as you want.

It's not a case of not figuring it out, it's a case of not reviewing a 20 year old assumption.

Re:Sigh.

[yes-but-no]

yes safe, if your brain can send a faster abort signal to your arm to prevent yanking while LED flashing.

Re:Sigh.

[ledow]

Linux generally mounts disks "noatime" for precisely this reason. And if you cut out in the middle of an access-time-write, the filesystem at worst has an incorrect access time.

Windows does not store access times on NTFS or FAT ("To save system resources in Vista, Microsoft disabled the Last Access Time Stamp").

So... no... it doesn't... and no, not all OS do this. Not since the 90's really.

Re:Sigh.

[DamnOregonian]

And if you cut out in the middle of an access-time-write, the filesystem at worst has an incorrect access time.

And herein lies our problem. Blind, proud, and dangerous ignorance.
There are a lot of layers in a file write. Even more layers when it's to a flash drive with built in wear-leveling.
You presume to know what the underlying filesystem, vfs cache, block scheduler, device driver, and the device itself are doing. In short, you are insane.
You do *not* want to pull power off that device simply because it's not receiving data to write from the PC anymore.

You are otherwise correct that atimes aren't commonly in use.

Re:Sigh.

[DamnOregonian]

Your ignorance is terrifying. As if whether or not the OS cache is write-through or write-back is the only factor in play. Keep yanking away. If you wait long enough, where long enough is some completely unknown amount of time, you'll even avoid getting your dick stuck in your zipper.

I bet you're one of those assholes who doesn't think they need a blinker.

It's not a case of not figuring it out, it's a case of not reviewing a 20 year old assumption.

And this is a case of you reviewing a 20 year old assumption based on the incorrect assumption that you are qualified to review it. Let me give you a tip- you're not.

Re:Sigh.

[thegarbz]

Your ignorance is terrifying.

Nope, just well through through and risk assessed.

As if whether or not the OS cache is write-through or write-back is the only factor in play.

It is the dominant factor for any write that isn't presented to the user. Any other write is typically shown via a progress bar and if those writes fail you get an error message. Try it sometime. Yank that drive after your copy is done and bask in the glory that no data has been lost. If you're actively using an application than the yank also results in an error message giving you the opportunity to save the file again.

I bet you're one of those assholes who doesn't think they need a blinker.

Why would you think that? The blinker serves a very real safety purpose of alerting other drivers to what you are doing. Incidentally if I'm on a country road by myself with no one in sight I don't use the blinkers either. It's just as pointless as ejecting a drive. Instantly labeling people who think about the application of what they are doing as "arseholes" is far more of a reflection on you than the people you label.

And this is a case of you reviewing a 20 year old assumption based on the incorrect assumption that you are qualified to review it. Let me give you a tip- you're not.

LOL okay mate we'll go with your crazy doom and gloom scenarios. Maybe, if you're really lucky then one day you can come and say I told you so, but 17 years of no dataloss makes anything you say at all completely irrelevant as you have utterly failed to apply a risk assessment to your actions.

Re:Sigh.

I suspect that in many cases they have not told the computer not to do that, which is quite different from telling the computer to do it.

Also, developing a habit of quickly getting rid of popups interrupting your workflow and concentration is very different from consciously deciding you want image thumbnails or a full text index and activating it through a settings dialog you chose to open yourself for the purpose.

Re:Sigh.

The OP did not mention how the flash drive was being used. If the flash drive was being read to transfer files to the computer, The drive can be yanked after the file is transferred. If the flash drive is being written to, play it safe and safely eject the drive before yanking it.

Re:Sigh.

Most of the time because they didn't tell it to do that but rather the OS supplier did by having it on by default.

Re:Sigh.

[DamnOregonian]

It is the dominant factor for any write that isn't presented to the user. Any other write is typically shown via a progress bar and if those writes fail you get an error message.

Wrong.
The devices you are talking to are little computers in unto themselves. They are designed to be hot swappable- *after* they've been told to stop doing the work they have queued up, and to finish up any background tasks required for the medium. There's a reason clicking that little eject button de-enumerates the USB device.

Why would you think that?

See above. People often think blinkers are unnecessary. They're wrong. Their brains lack the critical thinking to fully understand the problem space, though they think they do.

LOL okay mate we'll go with your crazy doom and gloom scenarios.

It's not a doom and gloom scenario. I'm well aware you may never run into a problem. Certain types of writing heuristics are more dangerous for a 'write and yank' than others, and if yours is just copying an excel spreadsheet to the thing, waiting 10 seconds, and yanking, you're probably OK. You're still misusing the device as the manufacturer and protocols dictate, and you're still an idiot for suggesting that to other people without understanding why your specific scenarios are less problematic than scenarios that may cost people lost data.

Re:Sigh.

[thegarbz]

Wrong.
The devices you are talking to are little computers in unto themselves. They are designed to be hot swappable- *after* they've been told to stop doing the work they have queued up, and to finish up any background tasks required for the medium. There's a reason clicking that little eject button de-enumerates the USB device.

Right back at you. Those "background tasks" finish in milliseconds and do not sit there in some mythical long idle queue waiting for the OS to signal that the USB driver has been unloaded.

You're still misusing the device as the manufacturer and protocols dictate

Actually I'm using the device entirely as designed. "Optimised for quick disconnect" is such for a reason. No need to wait 10 seconds. As I said with write-caching disabled the time between being given the 100% complete signal and you actually yanking is milliseconds for the device to actually finish what its doing. About the only risk you still have is that an application actively has a file open. At that point yanking will net you a lovely error message.

You see, in the early days this shit was actually a problem. Slow wear leveling algorithms, write caching, poor USB drivers, generally poor (in the windows world) handling of hot-swappable hardware, filesystems that would fall over if you look at them the wrong way, it all was very real 20 years ago. Then people realised that something needed to be done, and did something about it.

As the manufacturer intended? The modern manufacturer intends a device to be connected to a fallible bus by idiots. They expect USB sticks to have a bundle of keys dangling off them and to randomly plop out. They expect cheap arse Chinese USB hubs to not provide the required power or report to the OS correctly. They expect removable drives to be used by kids on a bed when their friends come and jump on it. In the past 20 years we have seen very actively manufacturers designing devices to counteract the very real abuse they get. Software writers do too.

I am using the device exactly as the manufacturer intended, and you'd need to actively go out of your way to experience silent data loss as a result. Like using your right blinker and then turning left without giving way to a car that had no idea what you were doing.

Re:Sigh.

[DamnOregonian]

Right back at you. Those "background tasks" finish in milliseconds and do not sit there in some mythical long idle queue waiting for the OS to signal that the USB driver has been unloaded.

It isn't some mythical idle queue. The interface to the backend flash controller chips is almost always asynchronous. You're also writing 512 byte blocks to devices with 4K or larger sectors. The full delay for the transmission of data to the flash controller and it completing all the tasks can be in the order of seconds, not milliseconds.

Actually I'm using the device entirely as designed. "Optimised for quick disconnect" is such for a reason. No need to wait 10 seconds. As I said with write-caching disabled the time between being given the 100% complete signal and you actually yanking is milliseconds for the device to actually finish what its doing. About the only risk you still have is that an application actively has a file open. At that point yanking will net you a lovely error message.

Nope. You are still operating at the wrong layer. Like I said, you're not even aware of what you don't know. Disabling write-back caching at the OS is only half of the problem. Some devices, like disk drives, have extra commands that can be sent to ask their media controllers to behave purely synchronously. Backend flash controller devices often do not.

You see, in the early days this shit was actually a problem. Slow wear leveling algorithms, write caching, poor USB drivers, generally poor (in the windows world) handling of hot-swappable hardware, filesystems that would fall over if you look at them the wrong way, it all was very real 20 years ago. Then people realised that something needed to be done, and did something about it.

You're entirely out of your depth.
Let us present the simple scenario of modifying a single 512 byte sector.
The flash drive cannot do this. There are multiple ways it can accomplish this, depending on what the media looks like. It can simply write that 512 byte blocks to an erased sector that it has available if it knows the surrounding 512 byte blocks are not used. If they are, we enter a new branch. What's the best way forward, do we read the flash sector, erase it, and then re-write it? Or if we can, do we read, and write somewhere to an available erased sector?
All of this simply does not trickle back all the way up to the application layer synchronous writing calls, even with all OS caches disabled.

The modern manufacturer intends a device to be connected to a fallible bus by idiots.

Objection: Speculation.

I am using the device exactly as the manufacturer intended

No, you're not. As evidenced by the fact that the first person to decry this article was someone from *SanDisk*. You may know them as the chaps who make these fucking devices.
Sorry buddy, you're an idiot and you're too dim-witted to see it.
What you do may be safe for your workloads, but it's not safe in general, and isn't recommended because the people who understand how it all works are quite simply smarter than you. I know that hurts, but suck it the fuck up and move on.

Re:Sigh.

[Khyber]

"In short, you are insane."

Insanity is doing the same thing over and over again while expecting a different result from the ones that have occurred.

Given your consistent horrible mis-use of the word, I'm going to say that by definition, you are the insane one.

Re:Sigh.

[DamnOregonian]

Insanity is doing the same thing over and over again while expecting a different result from the ones that have occurred.

Nope. That's something said by ignorant humans who fill their brain with sound bites and cliches instead of actual knowledge.

Given your consistent horrible mis-use of the word

Given your apparent ignorance of the definition for consistent, as well as insane, you mean...

I'm going to say that by definition, you are the insane one.

And definition...

Don't you have a ditch to dig somewhere, man?

Re:Sigh.

It's not only about writes actively in progress. Any modern operating system buffers writes to memory before writing them to disk in more efficient batches. If those writes haven't been flushed to the device before you yank it, the file is either out of date or corrupted due to incomplete writes.

Re:Sigh.

[tepples]

yes safe, if your brain can send a faster abort signal to your arm to prevent yanking while LED flashing.

Is there any evidence that the brain can do so?

Re:Sigh.

[omnichad]

yes, it's completely safe. Any filesystem that's writing data just because of your passive reading of the disk is a) stupid

Due to answer A, it is indeed not safe. Seems to be everywhere.

Re:Sigh.

[omnichad]

Enable hidden files. The index is written to the drive itself on Windows. Never seen a thumbs.db file?

Re:Sigh.

[thegarbz]

It isn't some mythical idle queue.

I didn't say the queue was mythical. I said the "long queue" was mythical. It is actually incredibly short working blocks at a time. This is also precisely why writes take longer than reads as seen by the OS. It's a very short queue that is cleared within milliseconds. You're write about the size, but dead wrong about the time. But no need to take my word for it, just look at the hardware since the flash memory based devices that are resistant to dataloss on unexpected loss of power have ... a capacitor, and one that provides milliseconds of power.

Nope. You are still operating at the wrong layer. Like I said, you're not even aware of what you don't know.

Nope, I'm operating on the only layer that is relevant. You're right though, you're not even aware of what you don't know and you don't appear to know how irrelevant to this discussion that lower layer is given you don't understand the timings involved.

What's the best way forward, do we read the flash sector, erase it, and then re-write it?

You are technically right. What you fail to realise is this operation completes in milliseconds with a queue that is only a few k deep on a device that transfers data at many MB/s.

Objection: Speculation.

There's nothing speculative about seeing the changes in hardware and software governing removable devices over many years. Not just for flash but also quick disconnect.

Sorry buddy, you're an idiot and you're too dim-witted to see it.

And to the crux of it. You provide no understanding and nothing but useless insults. I on the other hand have poured over the details of these controllers in detail because unlike you ivory tower dimwits who think you understand what goes on in low level my job actually involves interfacing with devices without your fancy higher level protections. Come back when you've had to directly read and write to a flash memory controller while adding interrupts to delay your code to prevent precisely the scenario you speculate the person you're talking to knows nothing about.

I know that hurts, but suck it the fuck up and move on.

You're free to move on whenever you're ready to admit what a wrong arsehole you are boy. In the mean time I'm going to be sitting here aruging against you against the spread of your ignorance until Slashdot archives this story.

Ports can get damaged, somehow.

[happyfeet2000]

Back when I was in tech support I noticed an increase in computer USB ports damaged when yanking the USB out. I know the plural of anecdote is not data, but still...

Re:Ports can get damaged, somehow.

Perhaps they were just rougher users

Re:Ports can get damaged, somehow.

[Excelcia]

So you're suggesting that pulling out the USB device before logically ejecting causes physical damage to the port? How is this even remotely linked? It's absurd. Are you suggesting there is an electro-mechanical lock inside that engages when the device it inserted and remains engaged until the device is logically ejected? From sure knowledge I can tell you there certainly isn't.

Re:Ports can get damaged, somehow.

[Hognoxious]

The physical damage occurs when you go "Oh, fuck!" and try to ram it back in before the computer notices.

Depends

[AlanObject]

I used to write a lot of 8GB+ file system images to 16GB SanDisk devices using an Ubuntu 14.04 system. The caching it did was immense. The dd or the cp command finished in less than 60 seconds but when I did a umount command on the volume it would block for about 5 whole minutes or more while the cache emptied.

These particular USB drives have a blue activity LED on them so it wasn't hard to figure out what was going on.

In that use case yanking the USB would have been a big no no.

Re:Depends

Operating systems that enable caching on usb drives (mac, and I am guessing Linux) you should eject them, operating systems that don't (windows by default)
  it doesn't matter.

Re:Depends

Are you advocating that on operating systems where write caching is not the default option it's ok to just pull drives. Are you brain dead or just incredibly careless with your advice?

Re:Depends

He basically means that using a removable drive under Windows is inherently safer than on Linux. The caching doesn't make any sense on a removable device and will cause a lot more damage statistically when talking about yanking the drive after the copy dialogue is done. That is the problem here. Under Windows you are way safer removing the drive after the copy dialogue is gone than on Linux.

In all cases just yanking the drive is wrong, Windows just protects idiots better.

Re:Depends

I used to write a lot of 8GB+ file system images to 16GB SanDisk devices using an Ubuntu 14.04 system. The caching it did was immense. The dd or the cp command finished in less than 60 seconds but when I did a umount command on the volume it would block for about 5 whole minutes or more while the cache emptied.

These particular USB drives have a blue activity LED on them so it wasn't hard to figure out what was going on.

In that use case yanking the USB would have been a big no no.

This is why dd has the argument "oflag=sync". I suppose you could also use "oflag=nocache", never tried it myself, but the man page suggests it has the same effect.

Likewise it's easy enough to add "&& sync" or "&& sync && umount /your/device" to the end of a cp command. If you want to monitor it with a glance once in a while, try iotop.

I have also noticed that if I perform a copy with my GUI file manager the copy notification stays on until it's really completed. On a big copy a USB device will have bursts of speed with slowdowns in-between as blocks are overwritten (a flash drive's charge accumulator takes a bit of time). This is with KDE's Dolphin file manager, though I doubt it's unique.

Re:Depends

[houstonbofh]

operating systems that don't (windows by default)

Which windows? That default changed with the versions...

Re:Depends

[thegarbz]

That default changed with the versions...

Yeah 17 years ago.

Re: Depends

[guruevi]

Dd is by default synced. Most likely op used some advice that setting async on everything made things faster (a lot of older ripoff-of-a-copy Linux guides give that advice to put it in for every fstab and mount option).

Re:Depends

I used to write a lot of 8GB+ file system images to 16GB SanDisk devices using an Ubuntu 14.04 system.

I'm curious, how many 8GB+ files fit on your 16GB drive. More than 1?

Re: Depends

Dd is by default synced. Most likely op used some advice that setting async on everything made things faster (a lot of older ripoff-of-a-copy Linux guides give that advice to put it in for every fstab and mount option).

Odd how the dd man page doesn't mention this. It says nothing at all about what the default is.

Re:Depends

[vtcodger]

" it doesn't matter."

It wouldn't were it not that the USB device very likely has a mind of its own. Primitive, but a mind nontheless. Rumor has it that It moves stuff around and tinkers with its internal address tables constantly in order to improve your user experience. Your user experience is presumably very important to it.

I think one likely wants the stupid thing to finish what its up to before removing its power. Hopefully, typing umount or eject and waiting for the command to finish means that the drive has gone to sleep.

Re: Depends

This is what I was complaining about earlier about Ubuntu. The kicker? Finish up with cp or dd and then walk away for an hour, or maybe a day. Try to eject the disk and only then will it finish writing. It's just absurd how even friggin Microsoft can get something so basic right but Ubuntu won't even pretend it's a problem. I mean it's not like it's just me and one other guy on slashdot who use flash drives or anything.

oflag=nocache, I think that's right for dd to disable write caching

Re:Depends

[fibonacci8]

I'm sure all of them fit. Just not more than one at a time.

Re:Depends

[novakyu]

I believe that for cp command.

dd command, you are full of crap. You can't (or at least shouldn't) dd to a disk device that is mounted. There shouldn't be anything for umount command to unmount when you are done with dd, not to mention that unless you backgrounded dd process, dd command doesn't to caching—and you can always send a USR1 signal to a running dd command to tell it to tell you how many bytes have been transferred.

Re: Depends

GP is probably combining two ideas. dd uses whatever the operating system does in terms of how to sync filesystem writes. What it does do by default is use blocking I/O. Depending on the file system, operating system and device, that could default to being sync, but it does not actually issue explicit calls to synchronize the different operations, unless told to do so with proper oflags.

Re:Depends

[AlanObject]

You are right about the dd command. My error. I did lots of both kinds of copies as circumstances required.

Re:Depends

watch -n1 grep Dirty /proc/meminfo

Re: Depends

[buchanmilne]

This is what I was complaining about earlier about Ubuntu. The kicker? Finish up with cp or dd and then walk away for an hour, or maybe a day. Try to eject the disk and only then will it finish writing. It's just absurd how even friggin Microsoft can get something so basic right but Ubuntu won't even pretend it's a problem. I mean it's not like it's just me and one other guy on slashdot who use flash drives or anything.

oflag=nocache, I think that's right for dd to disable write caching

Uh, last I checked, without WSL, Windows has no built-in equivalent of dd.

If you are not experienced enough to know what dd does, maybe you should use one of the graphical front-ends distros provide for inexperienced users; there are worse things you can do with dd than abort writing an image to a removable flash drive (like writing the image to the wrong device).

The OP said he "used to write a lot of 8GB+ file system images to 16GB SanDisk devices", which probably means there was no filesystem mounted, so your cp examples are invalid. In most cases, filesystems on removable devices will be mounted with the 'sync' option, so your cp example is also wrong.

I vacum my computers

[CranberryKing]

all the time. Have carpeting too. The case is open often and a beer is balanced somewhere nearby that it probably shouldn't. Not the same as forgoing a seat belt at all.

Re:I vacum my computers

Thanks for sharing. You may now resume your DUI texting.

Re:I vacum my computers

Hey, a little ethanol, a little isopropanol, it's all good mon!

RAM caches

[dissy]

Depends how many places "confirmed" saved data can be cached in RAM.

Spinning hard drives have their own cache, which isn't written to the actual disk until either the cache is "full enough" or you instruct it to do so.
This data will be lost if you power the device down before the cache is flushed to disk, after the drive reported the data saved.

Flash sort of depends, an SSD for example tends to do the same thing, but there are different ways it can go about it.

Older SSDs can only write 4k blocks, it wasn't possible to write less data.
So to write for example 300 bytes, the controller has to pull in a 4k block to its RAM, edit those 300 bytes, and write out the entire 4k block again.
Pull power before this is done and your 300 bytes are gone.

"Removable" USB flash drives, the better ones at least, tend to not report data as saved before it really is, just to help avoid this problem. There is little hope for a non-technical person to know what their particular flash drive is doing however, and not even obvious to technical people either.

On top of that, your OS likely caches data to be written to any disk in RAM, completely independent of what the disk itself is doing.

If one is absolutely certain how all of these caches function, and can be completely assured all data is written in a method that doesn't rely on the disk claiming it is or isn't, then in that case it would be safe to power down the device.

For average and above average users, that will just not be true.
Even for experts, outside of a small set of cases like highly customized and tuned systems, it may be true the expert knows what is going on, but would tell you from that knowledge it wouldn't be safe and is a silly risk to take, with a high cost of data loss in exchange for a couple of seconds of time saved.

Hell, even I am still in the habit of issuing three 'sync' commands in a row before an unmount command, and that's despite the knowledge the unmount command will do a 'sync' call of its own!

But as this advice is for average or below people, as bad as it is, isn't the worst things commonly done.
Average or below people rarely even make backups, which has a far higher cost when (never IF) a drive fails. Corrupting a couple files on a single USB drive compared to not having any backups is like complaining your car only has 5 airbags instead of 6 while driving it off of a cliff...

Re:RAM caches

Older SSDs can only write 4k blocks, it wasn't possible to write less data.

Older SSD did 4K blocks? Do you mean, these were really old. I think flash is typically written in 128K blocks, or that could have become bigger since. I would be glad if this is wrong.

Re:RAM caches

[dissy]

Yes, by older I mean roughly 20 years ago, some of the initial nand devices on the market.

These days a 128-256kB nand page size is typical.
I also recall Intel at least saying something about 512kB on some of their higher end offerings, but don't remember what class of devices that was about or if it's one of those "coming soon" things or not.

Fortunately even though the page size keeps going up, the flash write speeds also are going up, so it doesn't tend to take that much more total time to commit a write by the controller chip.

The window of opportunity for data loss doesn't change a lot because of that, but the amount of data that can be lost if you yank power during that window can be greater.

Re:RAM caches

[Walter+White]

So to write for example 300 bytes, the controller has to pull in a 4k block to its RAM, edit those 300 bytes, and write out the entire 4k block again.
Pull power before this is done and your 300 bytes are gone.

I think it may be worse than that. For some devices you have to erase the entire block before it can be written so if power is removed at the wrong time, the entire 4K block can be lost. (My experience is with NOR flash chips used in embedded system and may not be applicable to SSDs and flash drives.)

I believe that one difference between enterprise and consumer SSDs is that the enterprise SSDs have a capacitor or battery or something to insure sufficient power to complete this process should power be removed at the wrong time.

As to the original question... I prefer something more reliable than "most of the time you'll be OK."

Re:RAM caches

[dissy]

I believe that one difference between enterprise and consumer SSDs is that the enterprise SSDs have a capacitor or battery or something to insure sufficient power to complete this process should power be removed at the wrong time.

That is a very good point as well.
You are correct about the enterprise SSDs having backup power capability that consumer SSDs do not have.

One of our servers here has a mix of SSD and hard disk storage, both SAS-2 and on an IBM ServeRaid controller.
The SSDs are "IBM 99Y1329" 400gb, and have some funky type of capacitor providing backup power to flush the RAM cache if need be. They call them "Organic Capacitors" which I have to admit to not hearing about before this particular SSD.

I don't recall the exact price but I think those little bastards were a few hundred bucks each when new.
The RAID controller is also specifically made to utilize them differently than the regular SAS HDs in terms of what data is stored there, and the controller has its own battery attached to protect its cache RAM.

There are good reasons for all of that extra tech (and extra cost) in most enterprise grade solutions just to protect your data.

As to the original question... I prefer something more reliable than "most of the time you'll be OK."

My protip: If your data is so unimportant that saving a few seconds is acceptable, then imagine how many minutes you would save by simply not copying the data to a flash device in the first place!
Of course not copying the data at all will yield a 100% chance your data won't be there, but as those odds are already acceptable this is clearly not a problem.
Then you'll have quite a lot more time to spend whatever is deemed more important than the data existing.

Bad design

[inking]

My thoughts are that this is bad design and will hopefully be fixed in some future revision.

Re:Bad design

[evanh]

Yes it is bad design - called write-back caching. It's one of the dumbest of ideas for removables, sits alongside auto-run.

Removables should always immediately flush all write data, as in use write-through caching. I doubt it will ever be fixed though, it's been that way for 500 million years already.

Re:Bad design

[houstonbofh]

It is. It is called "The Cloud!" It has all new bad design!

Should Have Guidelines for Program Behaviour

[mykepredko]

You *should* be able to just yank out a USB drive but there's always the chance that a program has a file open and has modified it but not closed it which means, depending on the file system, the file (and maybe the drive) is corrupt until it is closed.

I would think that the idea application behaviour when it comes to files the guidelines should be:
a) Opens the file to read the contents and store in memory. Once this is done, the file is closed.
b) Searches and operations are done on the copy in memory.
c) When the program/user decides the changes to the copy are correct, the file is open, written to and then closed.
d) If the application wants to update the file and the (thumb) drive isn't accessible, the user is prompted.

I know that I will get pushback on this as there will be the question what if the program is too big for memory? My response is that this is not 1983 and there should be either enough DDR to store the entire file or cacheing will make sure that the application can access all of it. Even if the file is cached, then the performance of the app searching the file in cache should be faster than doing lseek's on an open file. I'm trying to think of cases where the guidelines above are not appropriate and the only case I can think of is databases, but chances are that's on a network resource rather than a thumb drive.

Regardless of whether or not you think my guidelines are appropriate, you can't guarantee that all applications accessing the thumb drive close files after they've accessed them. You could go through and close all applications that are accessing files on the thumb drive, but that doesn't include operating system functions (early versions of NTFS in WinNT never did updates when you thought they would, they got put in a queue and would be done sometime down the line) or virus search apps work the way you want them to.

So, always click on "Eject".

Re:Should Have Guidelines for Program Behaviour

It sounds like you never heard of mmap or why it is used. As such I'm not sure I'd recommend listening to you for programming advice...

sync;

sync;sync;

Its ok now to pull it.

Re: sync;

How is this easier than ejecting?

Re:sync;

[Wheely]

sync && sync

YES, eject first

[thePsychologist]

Ever think of testing this for yourself?

It's easy. Create a half a dozen or more files of random numbers or use existing large files. I created six files of a million random integers in Python. End result, six files of about 6.9MB each. Create an md5 checksum file when you make them.

Copy them to a USB stick, and then yank the stick right when the light stops blinking. Plug the USB stick back in. Watch and learn. Easily reproducible phenomenon are:
* Not all files even appear when the stick is plugged back in
* Some of the files might appear, but give I/O errors and won't even be complete
* A Few might pass the checksum integrity test

I'm on Linux Mint, but I have seen the results on other OSes as well. The OS caches the data to be written sometime, presumably to speed up file operations. There's a reason why eject exists.

Re:YES, eject first

Try "stethoscoping" it. Plug in a set of poorly-shielded headphones next to a front-facing usb port; chances are the read/write operations can be head loud and clear as a oscillating buzz.
In my case it seems to align with what you're describing. The operations don't always end precisely with the indicator light and a few faint blips can be heard right after it's off.

Re:YES, eject first

I'm not sure what the USB light is supposed to mean, but it would do wonders if they would repurpose it to mean "unsafe to yank".

Re:YES, eject first

[thegarbz]

Ever think of testing this for yourself?

Yes: Look at the settings, notice that caching is disabled by default in Windows and has been since Windows XP was released, and yank away as soon as any file operations are done in explorer or whatever program you just used to save.

I'm on Linux Mint

Yes Linux has a bit more trust in the quality of hardware. The most common OSes in the world on the other hand do not cache on removable drives and better still if you do get corruption you will get a big warning message for whatever program was currently writing.

Re:YES, eject first

Linux Mint is very backwards in its approach then. Even Microsoft has learnt the dangers of the cached approach nearly 2 decades ago and by default doesn't cache for USB drives. I guess this is one of those sad examples where windows is better and more reliable for users.

Re:YES, eject first

[thegarbz]

Ever think of testing this for yourself?

Yes I do it all the time. Bottom line is modern OSes don't cache writes on removable drives so when your file copy operation is finished just yank that cable out and move on with your life.

The only risk you have is yanking in the middle of an active write and that procedure will net you a lovely error message that a write operation has failed, usually "System cannot find the file specified."

You won't be silently missing parts of your file system. Oh unless you are using Windows 2000. Also why is your Linux caching writes on removable drives? Do you hate your data that much?

Linux?

Not a problem taking it out, but you have to recompile the kernel before you put it in.

Caching and program notices

Write caching in older version of WIndows and Linux was the primary reason this was implemented. The OS would routinely hold small chunks of data, and only post it when 128kB was available. This action was below the file system, so even "good" FS's would be subject to the write-behind caching.

The other reason is notices to program that is writing. Even if you think its "done" and the little light has not blinked in a while, the program (usually the file manager GUI) might wait a moment to update the metadata. Again, modern versions have accounted for the sudden disappearance of the storage, and this is rarely a problem any more.

Yanking USB Drives

[SenseiTim]

I have accidentally pulled USB drives without unmounting them, fortunately without apparent damage to the files. But I don't make a habit of it!

Duh

If you can remember and/or have the time to properly unmount the sdcard/usbstick for removal, do it. Otherwise data corruption is possible.

Just pulling it out is simply dumb

[angel'o'sphere]

First of all: an annoying dialog pops up and an annoying beep comes, you have to close the dialog, probably even with the mouse because ESC or ENTER does not work.

Secondly, you probably have forgotten that a file is open in Excel or whatever and it is half modified but not fully saved.

Why not eject it and be safe, respectively be not annoyed?

Re:Just pulling it out is simply dumb

Pulling it out: doesn't work for data safety, doesn't work for contraception either.

Re:Just pulling it out is simply dumb

[houstonbofh]

Pulling it out: doesn't work for data safety, doesn't work for contraception either.

But which one is the average slashdot user going to be doing daily?

Re:Just pulling it out is simply dumb

[thegarbz]

First of all: an annoying dialog pops up and an annoying beep comes

Err back in the Windows XP days yes, and even then it wasn't a dialogue, just a tooltip that disappeared.

Secondly, you probably have forgotten that a file is open in Excel or whatever and it is half modified but not fully saved.

Assuming that users is that silly, just plug the drive back in again.

Why not eject it and be safe, respectively be not annoyed?

You're the one complaining that you had to interact with a dialogue box. By not ejecting I save myself clicks.

Dont be an asshole

Unmount device before unplug.
Its might be on RW, if for some reason some file are writing on device u will regret it

Some people just don't like to follow directions.

My neighbour's treadmill says to stand on the sides when you stop and start it for safety reasons and it's easier on the motor but she doesn't do it because "the treadmill is on warranty". So she stands on the belt and then complains that it jerks her off her feet. So I tell her to stand on the sides when she stops and starts like the instructions say, but she doesn't.

I don't understand this mindset. People think they're getting away with something, I suppose. Or USB STICKing it to the Man.

It's not only about recently written data

[cyba]

More sophisticated SSDs perform static wear leveling (moving old data to different locations on the disk) in the background. To improve performance, firmware on some disks does this without ensuring atomicity of each operation. It means that in case of unexpected power loss you could end up with seriously broken filesystem. Cheap pendrives are probably not affected by this, but you should be careful when connecting e.g. external SSD via USB.

Depends on the device AND the OS AND the situation

When you yank out a USB plug, you do TWO things - you disconnect communications AND you abruptly cut the power.

So if you want to avoid screwing something up you need to know that the device has gotten all of the data (which, you might *maybe* be OK with if you wait long enough) - AND that any internal processes within the device have completed.

For a very simple flash memory gizmo - it's probably (*probably*) dumb enough to just write data as it gets it - but a sophisticated USB hard drive may be caching data, rearranging blocks, maintaining a free block list, defragging, remapping bad sectors...who knows what else?

So there is not, nor cannot ever be, an absolute guarantee that the device is done-DONE until it says so.

Worse still - "wait until the light stops flashing then wait a few seconds" doesn't guarantee that the host computer has finished sending all of the data. Maybe there is a background process running at higher priority than the file transfer? Maybe the data is coming from a networked drive and the server or the network itself stalls out for a few seconds? Maybe the hard drive that the file is coming from had a soft error and is doing a retry? There are any number of reasons why a few seconds of delay could have occurred in mid-transfer.

Unless the author of this device has carefully examined the behavior of EVERY USB storage device in existence and has insider knowledge of every single company who makes an USB storage device - AND every single device driver on every single OS (WIndows, Linux, Mac, ChromeOS, Android and iOS)...then he/she is without doubt talking out of his/her ass. I'll let you decide out which it is!

The advice that you can just yank it out is ignorant, stupid and reckless.

Trust the people designing an OS know a little...

[The+MAZZTer]

...more than you do. I say this every time someone claims to know better than the OS designer. For example, memory defragmenting applications, RAM boosters, memory cleaners... if they did good, it would be probably built into the OS already.

This is a similar case, but even easier to rationalize. The designers went out of their way to warn you and chastise you for yanking out a USB device. They spent time and effort adding these messages in. I would assume they are valid just from that alone.

Windows in particular I can talk about. Many USB thumb drives are slow especially when you sort by lowest price on NewEgg/Amazon and buy one based on the size of the disk alone. So Windows will avoid using the actual device in real time if it can, instead using a cache. If you write data to the device, the data goes to the write cache first, which is then written to the device as fast as possible in the background. This means that file copy dialog will close BEFORE the data is written to the drive.

Now, you can access the properties of the drive and change Windows to not use a cache specifically to make it safer to yank the drive at the cost of making things slower. But either way, why? Just choose the Eject option and let Windows tell you when it's safe to remove the drive. Then you can be sure your data is done being recorded. It also lets you know if there is an application still actively using the drive, which is better than yanking it and seeing the application crash or lose data.

My question is, why don't USB drives self-eject?

[berchca]

Why don't USB drives self-eject? I mean, beyond memory size and speed, and the ability to buy one in the shape of sushi, USB drives haven't evolved since their introduction. It would seem like adding a button on the drive itself--one that calls to the system to let it eject--is waaaay overdue (considering the current, boorish way of doing it, which involves using your mouse or keyboard and way too much thought and effort).

Free idea right here. Sandisk? PNY? Hello?

Catastrophic health care cost

[tepples]

Worst case it's a fortune worth of bitcoin. But i won't die from it.

That depends on how your country handles health care finance.

NTFS on linux

"On Linux or Mac? Somewhat, or at least safer than Windows, but I'd go ahead and unmount it anyway just to be safe."

The main problem you may encounter on linux is with NTFS drives. The data is pretty safe but if you yank the drive it may leave the file system in a bad state and you have no chkdsk or fsck.ntfs. But there's the "ntfsfix" program which I remember using for drives when nothing is majorly wrong but stuff complains of "this drive was badly dismounted". It won't fix the file system though if it need be fixed.

With internal drives too power loss or complete OS crash are a thing.

Re: NTFS on linux

Yup, the only thing I use ntfsfix for is clearing the dirty bit from a shut-down Windows OS drive. (If you restart and don't boot it back up, the dirty bit is clear. Go fig) It's no replacement for Chkdsk unfortunately, in fact, it should probably be called ntfshack

Call me a big effin idiot, but...

[Bobrick]

I never, ever "safely" eject, I always yank it out when it's done with a transfer (if transfer there was). Amount of drives/keys/data lost so far is zero.

Re:Call me a big effin idiot, but...

[QRDeNameland]

My rules for ejecting detachable drives are basically this:

Rule 0: Always have a backup of any files you care about on a separate physical media.

Rule 1: If it spins, always safely eject it.

Rule 2: If it's solid state, feel free to just yank it out. Worst case scenario, you bork the filesystem and reformat, and you still have the files because of Rule 0.

The only times I've ever had any problem with yanking out a thumb drive/SD card are the few occasions I accidentally pulled it out while it was writing, or when I've had a dodgy drive spontaneously go offline due to a bad connection/firmware issue/whatever.

I'm sure there are other edge case exceptions where you would always want to safely eject a thumb drive; some people mentioned using encryption, but for general use, if you already have good backup practices, the risk is pretty much negligible.

Type of computer?

Many years ago, I was told that, because of differences in the ways Macs and PCs operate, one should always properly eject a flash drive from a Mac, but it didn't matter very much for a PC. I don't know the status of this today.

Am I on Fucking Buzzfeed?

[bill_mcgonigle]

What are your thoughts on this? Do you think the answer varies across different file systems and operating systems?

You're kidding, right?

Re:Am I on Fucking Buzzfeed?

[hcs_$reboot]

No, SuperUser and Slashdot merged.

Re:Am I on Fucking Buzzfeed?

[weilawei]

This is pretty stupid, even by Slashdot standards.

You must unless you want to deal with lost data

[Artem+S.+Tashkinov]

Safe eject/removal is the only way to guarantee that file buffers are flushed and metadata is in a consistent state.

If you're OK with losing files, or having chunks of your free space marked as occupied, then don't use safe eject.

Re:You must unless you want to deal with lost data

[DaMattster]

This is true. Especially when write caching is nearly ubiquitous.

Re:You must unless you want to deal with lost data

Windows users are stupid, as usual.
After all, that's the way Microsoft and the Illuminati want them to be.
Stupid sheeple that never wake up.

If you're a Windows / Apple user, you owe it to yourself and the world
to go try a unix operating system like...
https://www.freebsd.org/
https://manjaro.org/
https://www.debian.org/

If you aren't impressed and don't learn anything after a few months on unix, fine, go back to the teat, at least you tried it.

Re:You must unless you want to deal with lost data

[thegarbz]

Safe eject/removal is the only way to guarantee that file buffers are flushed and metadata is in a consistent state.

If you're OK with losing files, or having chunks of your free space marked as occupied, then don't use safe eject.

I'm not OK with getting hit by a car, yet I still J-walk. Likewise just because you yank the drive doesn't mean you will lose data. This was an issue back in the 90s when OSes write cached on removable drives, but seriously if you're not mid-write to the device then yank away. If you are mid-write you'll get an error message and typically get the opportunity to put the drive back in and go again.

Might as well..

[Junta]

Err on the side of caution. Etiher:
You don't need to because the system isn't caching writes, in which case the result is instant
The result is slow, which means you need to do the 'eject' procedure.
Practically speaking, modern OSes have gotten the point, a small usb attached storage device is at high risk to be yanked out, so they disable write caching by default.

You'd think. Theory vs practice. Undervoltage

[raymorris]

You'd think the partition table would be pretty darn safe since it's rarely updated. Yet, I've had to help people recover from lost partition tables many times. You can do forensics to discover where the partitions were, such as by looking for blovks that match the beginning of a filesystem, and for the first partition, testing the defaults.

One potential reason for this is that electronics designed to work at five volts can do literally ANYTHING when they have 2.5 volts supplied. You may notice some devices go a little crazy when the battery is very low. As you disconnect a drive, there are several milliseconds in which the chips get lower than specified voltage.

  Also the data lines are of course digital - on or off. As you pull the plug out and the contacts scrape against each other, an oscilloscope with show they connect and disconnect several hundred times - turning on and off, generating random ones and zeroes. There are some features designed to *reduce* these risks.

Re:You'd think. Theory vs practice. Undervoltage

You'd think the partition table would be pretty darn safe since it's rarely updated.

Which is why the drive keeps moving it around in the course of wear leveling. No point in letting static data hog the fresh Flash cells forever.

Re:You'd think. Theory vs practice. Undervoltage

[vtcodger]

"Which is why the drive keeps moving it around in the course of wear leveling."

Exactly. The partition table (if there is one) is in the Master Boot Record which is the first record on the device. Address 0. Even though it's rarely written, it's a solid candidate to get overwritten/lost if anything goes wrong.

It used to work in XP

[necronom426]

I always have write caching turned off. Windows has the Quick Removal option, so why would it be there and be called that if it wasn't there to allow you to pull it out?
I never ejected a flash drive in XP and never had a problem. In Win 7 I almost always do, as it doesn't seem to work properly, but at work we have a Win 10 laptop and 90% of the time it doesn't allow me to eject (warning message pops up), so I have to either reboot (yeah, right), or just pull it out and hope for the best.

Why don't flash drives work the same as floppy disks? We never had a problem ejecting those.

Re:It used to work in XP

If you get a freeware tool that shows which process has a file lock maybe you can have more luck on this work laptop.
Or maybe kill explorer.exe.
I hadn't your bad luck yet on win 10, just using FAT32 USB flash drives. If you get cheap ones they're still only 8GB or 16GB and FAT32 out of the box. If I get a 64GB USB 3.0 one nothing will stop me from using FAT32 still.

Re:It used to work in XP

Oh yes, you could have the same problem with floppy disks if you ejected them at the wrong moment.

Re:It used to work in XP

[jittles]

I always have write caching turned off. Windows has the Quick Removal option, so why would it be there and be called that if it wasn't there to allow you to pull it out? I never ejected a flash drive in XP and never had a problem. In Win 7 I almost always do, as it doesn't seem to work properly, but at work we have a Win 10 laptop and 90% of the time it doesn't allow me to eject (warning message pops up), so I have to either reboot (yeah, right), or just pull it out and hope for the best.

Why don't flash drives work the same as floppy disks? We never had a problem ejecting those.

Write cache is the default. I don't know if you can even disable it in Windows 10 but there was an OS bug that made it difficult to eject USB drives. That has recently been fixed.

Re:My question is, why don't USB drives self-eject

[Junta]

Because adding a button and indicator to show completion means cost and ruining the 'minimalist' design point they are going for. Further, they know consumers will likely ignore that anyway, and that OSes have given up write-caching for removable storage anyway.

Re:My question is, why don't USB drives self-eject

How is pressing a button on the USB drive any easier than clicking a button on the screen?
Either way I still have to look at the screen for the dialog telling me I can unplug or not.
The mouse and keyboard are almost always easier to reach than the actual USB device, at least for me.

Yes

Unless you want to put yourself at the mercy of the write caching mechanism in your OS of choice.

Scraping the connections to delicate chips

[raymorris]

"Unlikely" might be a better word than "absurd". The physical cmos chips associated with ports are delicate. They don't like voltages that are too high, too low, or change to fast.

As you pull a connector out, the power and data pins scrape against each other, causing them to connect and disconnect a hundred times in a hundred milliseconds. Having power switching on and off randomly while the data lines are active transferring data can be bad.

It's probably not LIKELY to cause damage if you do it once, but the possibility isn't absurd.

Re:Scraping the connections to delicate chips

What is said in this post, while true in general, is absolutely not relevant to USB.
USB connectors are designed to be hot plugged.
The ground and power pins are always connected before the signals, eliminating floating voltage spikes.
The power and data pins physically *cannot* touch each other unless they have somehow physically separated from the connector.
It is up to the designer of the USB device to make sure that it can survive being disconnected (i.e. loss of power); if you have a flash drive that spontaneously corrupts data already written JUST because you disconnected it, you should certainly take a note of the Chinese manufacturer, toss it, and never buy another one from them again. They didn't do their homework when designing the thing; you need to have enough power (onboard capacitors, basically) to ensure that any ongoing write operation does not result in the power rail dropping below reliable operation if the unit is unplugged.

Re:Trust the people designing an OS know a little.

[Junta]

Well, here it's a bit of an evolved situation, and one that evolved with the general state of storage.

Once upon a time, OSes didn't bother to cache writes, they just wrote to disk and were done. Computer could just turn off at any time (parking hard drives manually aside). Memory was too scarce.

Then memory was more plentiful and OSes became more sophisticated, disk IO then presumed caching, and shutting off your system without proper shutdown was exceedingly high risk. Removable media came into fashion with this sort of accepted behavior, so they had to be very verbose about users doing it wrong.

Fast forward a bit and the industry realizes that they can't expect clean ejects/shutdowns, so they make better filesystems, maybe losing data but at least not be corrupted and disable write cache on usb disks by default, causing slower apparent behavior, but resilient to yanking out.

It's always a good idea to err on the side of caution, but the current OS designs around ejecting media are less critical because they've decided it is a lost cause.

Re:My question is, why don't USB drives self-eject

[loonycyborg]

You mean making them work like CD-Rom drives? I guess they didn't want to make them work like that to make things simpler.

Re:Some people just don't like to follow direction

Why do these things even have a motor? I would enjoy a treadmill if you actually moved the belt with your feet. That way you walk on your terms.
If motorized hopefully one can be made that moves according to your walking speed. Maybe it'd watch your legs with some sort of Microsoft Kinect equivalent which these days would $50 of smartphone hardware.

Safely eject if you've written, don't otherwise

It's really that simple. If you've written data to it, safely eject (or run `sync` before ejecting or what have you). If you haven't, then just yank it out.

On Linux, you can also disable USB write caching by adding the following to /etc/hdparam (check what /dev file USB devices normally show up as first): /dev/USB_DRIVE_LETTER {
        write_cache = off
}

Credit: https://superuser.com/q/526248

Do You Need to Properly Wipe Your Butt?

This is like asking if you need to properly wipe your butt.

There's a risk to not "ejecting" a USB drive

Some operating systems treat removable devices differently: By disabling write caching, they reduce the risk of having outstanding writes when the user believes that the drive is idle. With modern filesystems, there's theoretically the possibility of keeping the drive in a consistent state even if it is yanked from the computer mid-write. FAT32 however, which is still the most commonly used filesystem on USB thumbdrives, is not a modern filesystem. There's also a difference between a valid filesystem state and data corruption. It would take a completely transaction-based filesystem to remove the need for unmounting a filesystem, and the USB drive would need to also be designed to complete some work even when it is unexpectedly removed from the computer. So, while it is technically possible to make hard- and software that does not need a clean unmount, in actual practice you're going to corrupt the data, the filesystem and possibly even damage the hardware at some point if you don't tell the OS to "eject" the drive.

Would you Power Off before Shut down?

[mykepredko]

Just thinking about this, it's really the same question - when you power down your PC/laptop/whatever, do you hold the power button down for five seconds to shut it down or do a "System Shutdown"?

It's really the same thing when you apply to USB thumb drives.

Re:Would you Power Off before Shut down?

[houstonbofh]

Just thinking about this, it's really the same question - when you power down your PC/laptop/whatever, do you hold the power button down for five seconds to shut it down or do a "System Shutdown"?

It happens every time Windows decides to update while on batteries... :)

Re:Would you Power Off before Shut down?

Just yank out the cord from the back (and yank out the battery if a laptop/phone/tablet). It's the only way to be sure.

Eject is just below delete

[wolfheart111]

Windows is funny like that.

Re:Eject is just below delete

Windows is funny like that.

The original Macintosh required you to drag the drive into the trash to have the floppy ejected.

Macintosh is funny like that: not "Eject is just below delete" but "Eject is delete". Brought to you by the people designing the single-button mouse.

Re:Eject is just below delete

> The original Macintosh required you to drag the drive into the trash to have the floppy ejected.

It did not. The standard method was to select the disk on the desktop, and choose "File -> Eject"

Dragging it to the trash was a short-cut added later.

Re:SMARTDRV A+ C+

You could enable write caching on your floppies in SmartDRV. In that case, you either wait for the light to go out after up to 5-10 seconds, or you run SMARTDRV /C and wait for the command prompt to return.

I don't know if NT/XP would write cache floppies.

Eject programmers from HMI design

[Impy+the+Impiuos+Imp]

This is the result of OS programmers throwing wrappers around internal APIs instead of designing a product.

How about the OS make yankable the default state, with an indicator light on the task bar, window bars, etc. For that matter computer makers can put a tiny LED by the front panel USBs to signal this too, assuming you can even see it amidst glowing coolness everywhere.

Tbe user knows they are done copying, so can wait for the OS to signal so.

is it mounted with async?

Then yes

Now Apporoved by majopr educational institutions!

[Hognoxious]

I don't have a clue, but I'm sure Wikipedia does!

What are my thoughts on this?

[QuietLagoon]

Simple: wow, I am surprised how low the once great Popular Science has sunk. Oh, you mean about the USB stuff... well...

...The magazine's take on it -- which is, as soon any ongoing transfer of files is complete, it is safe to yank out the flash drive ...

The problem is that you do not know when the transfer is complete. The UI's representation of it shows when the UI is done with the transfer, but that does not necessarily mean that the OS is finished with the transfer. So Popular Science is correct in that you have to wait until the transfer is complete, they are just incorrect about what tell-tale to use to determine that status.

Re:What are my thoughts on this?

[TeknoHog]

The problem is that you do not know when the transfer is complete.

I'm also baffled about this level of idiocy in a /. article. I guess things that were obvious to us geeks 15-20 years ago are completely new to today's "digital natives".

That said, these things only became obvious to me when I moved to Linux back in the day. I learned about things such as mounting filesystems and a lot of other fundamental machinery that must be going on in Windows too, but it's hidden from the user. But there are these occasions when you absolutely need to unmount.

Back in the days of Windows 3.1, writing to floppies would halt everything else, and it would be clear when the transfer was complete. There was not much multitasking or write caching going on anyway, so it was OK. Today we take those for granted, but in turn it means we need to be explicit about ejecting devices.

The point about spinning hard drives is somewhat orthogonal, though. Simply unmounting the drive won't power it off. So you often need to yank the plug out while the drive is spinning. This can be hard to do safely with small drives and short cables.

Re:What are my thoughts on this?

[DNS-and-BIND]

Why on Earth is the UI lying about what the OS is doing? WTF? When the OS reports to me that the file transfer is finished, it is finished. It's lying to me about the status of my transfer? Who thought that was a good idea?

Re: What are my thoughts on this?

Oh Linux I always issue hdparm -Y on the disk before yanking it. Usually I have to do this with USB to SATA adapters that don't support the eject command.

Re:What are my thoughts on this?

[thegarbz]

The UI's representation of it shows when the UI is done with the transfer, but that does not necessarily mean that the OS is finished with the transfer.

What is this a post from the 90s? OSes handle external drives differently from your internal HDDs. write caching is disabled and changes are instantly committed to disk without delay. Hitting the 100% point and yanking the drive has been safe for data since Windows XP was released.

Re:What are my thoughts on this?

[thegarbz]

Today we take those for granted,

No we don't. We haven't for the past 17 years. File operations are completely the second they are completed on removable drives. Only internal drives do agressive performance optimisations like write caching that creates a disconnect between the state of the write and what is shown to the user.

Re:What are my thoughts on this?

[DamnOregonian]

No, you simply don't understand what it's reporting. And that's ok, you're a generally ignorant human.
You see, kiddo, the modern OS has many layers stacked upon each other.
Your application submits I/O to a syscall, the syscall hands it off to the VFS subsystem, which then hands it off (maybe) to the filesystem, who then hands it off to the I/O scheduler, who then hands it off to the device driver, who then hands it off to the device. Here's where it gets extra cool- your device may be ultra dumb (floppy, single FIFO, blocking) to a TCQ SATA/SCSI device, to an eMMC performing wear leveling, sector size emulation, and coagulation in the background.
In the middle, we have all kinds of potential transforms, reordering, and write-combining. It's a mess, really. The software machinery involved for high-speed I/O would blow your mind, I think.

We try very hard to make sure people smarter than you are designing the systems so that this whole thing doesn't go awry. We do understand though that you can be easily confused by this UI widget saying it's done, when that eMMC chip in that USB flash drive is erasing a sector to concatenate your last bit of data with the incomplete sector write of the preceding bits, and so we have offered you a mechanism by which to safely eject these devices. If you're too stupid to use that feature, we can't help you further.

Re:What are my thoughts on this?

Technically a good UI would show that the transfer is complete only when it is actually complete. But the progress bars are mostly marketing, it's like, "oh, look at how fast I'm writing on this usb schtik!" the file gets copied 100% in 10 seconds and then you wonder why the stick keeps flashing for 3 minutes. It's not even a cache issue, it's really really marketing.

hrmpf.

Re:What are my thoughts on this?

[DNS-and-BIND]

What a lot of words to say "the UI lies to you and we'll lie to you whenever we feel like it so STFU".

Re:What are my thoughts on this?

[zwarte+piet]

The smart devices have their on board cache, often multiple layers of caching, like in the case of an ssd a cache in ram caching a cache in very fast flash caching the main flash. Some of these also have super caps on board to provide that second of power to flush at least the ram cache.

Re:What are my thoughts on this?

[DamnOregonian]

Beyond that, the devices are emulating behavior that who's behavior doesn't translate linearly to the operating system.
Flash devices do not operate atomically on 512 byte sectors. USB drives do.
The flash devices typically have 4K (or larger) write sector, and 16K (or larger) erase blocks.
A lot of magic must be performed in order to write a 512 byte sector to the middle of a 4K already-written flash sector that can only be erased along with 16K worth of sectors around it.
These are still being done when the controller returns and says 'I can accept more data, now.'

Re:What are my thoughts on this?

[DamnOregonian]

Nope. It was a lot of words to say, 'you don't understand what it's reporting'.
It is reporting the progress of that userspace transfer to the kernel, nothing more, nothing less. It doesn't account for any OS cachine, device cache, or asynchronous device behavior.
That makes it somewhat confusing, it's true, but that's what it reports. And it does not lie in that reporting.

Re:What are my thoughts on this?

[zwarte+piet]

Yeah, these things have more processing powder than most pc's from a while back.

Re:What are my thoughts on this?

[zwarte+piet]

powder, lol

Leave it in...

I never pull out....

is it 1998?

[Hugh+Jorgen]

why the fuck is this a topic of discussion in 2018?

Have some waffle!

Good practice to properly eject? Yes. Reliable? Not so much. Both Windows and Mac have a tendency to kick back a "drive is still in use" message when you choose to eject it, despite that being total BS. It's all because some software saw a new drive and refuses to let it go. End result? You could sit there for an hour waiting and it won't let you eject "safely". That's why you get people that say you don't have to do it properly. They or the person they trust has experienced it over and over again and had no known consequences to pulling the drive.

That doesn't mean it's always safe to pull. Linux is notorious for holding caches. No eject? Data gone bad. Windows is usually good, depending on the drive manufacturer, whether it declares itself a removable disk or a fixed disk, and whether or not it's a day ending in "Y". Mac? Apple never lets any of their secrets go, so unless you're using a filesystem where you have the control, who knows whether or not they're using delayed caching?

Re: Have some waffle!

This is why the eject button on the drive is a good idea. Push button, OS flushes caches and invalidates all open fd's, and unmounts the disk. It puts you in control of the eject process instead of hoping there isn't some poorly written program hanging the eject process. Arguably, all major operating systems are poorly written anyway since they won't forcibly release open fd's when ejecting a device

It's yank, then eject

Get it right!

I usually do

[jason777]

I always eject it, but sometimes it says its in use and won't let me. But I want to pull it out NOW, so too bad its getting yanked out.
I also use a program called Hotswap! that ejects alot better than the windows one, AND lets me do sata drives and things that normally don't show up in the windows eject.

Re:I usually do

[thegarbz]

AND lets me do sata drives and things that normally don't show up in the windows eject.

This is the great irony. The things that show up in the Windows Eject are also the things that are safest to simply yank because they have write caching disabled. The same cannot be said about SATA drives where you may have absolutely no idea if data has been committed to disk or not.

Re:I usually do

[jbmartin6]

This drives me nuts. Windows STILL has no mechanism to tell me which process is supposedly using the drive. So yes, it gets yanked. Windows claims the drive CAN'T be ejected. Go to hell Windows, I say it can.

Re:I usually do

[jason777]

I'm pretty sure Hotswap! flushes the cache and makes it safe. But you do need to have it plugged into a controller thats hot swappable. I do this with sata drive that plug into the caddy built into my case.

It's there for a reason

[quonset]

Just like a parking brake on a car is there for a reason, the option to safely eject a USB drive is also there for a reason.

But don't let that stop all the experts on here and elsewhere from saying otherwise.

Re:Trust the people designing an OS know a little.

[houstonbofh]

...more than you do. I say this every time someone claims to know better than the OS designer.

As someone who has actually written software and contributed to many projects; No! Do not trust me! I still remember when a major release of my software hit slashdot, and one of the first comments was "Why can't I see any logs?" Yes, I made a stupid build error that hosed logs. I was able to push a new release the next day with that fix, but it took someone not trusting me to find it first.

Also, the Metro Interface proves that the designers are often drinking better stuff than we can afford.

Re:My question is, why don't USB drives self-eject

[houstonbofh]

You mean making them work like CD-Rom drives?

You mean where the button ignores you and does not eject the disk. Or starts to and teases you and then closes again? Like that?

Need to vs is it best to

There is a difference between needing to do something, and if it's best to do something.

For example, you don't have to understand grammar to be slashdot editor, but it'd be best if the editors here understood the definitions of the words they use.

Read the article

Jokes aside, it pays to read the article to discover exactly who is involved: an MIT PhD candidate and Harvard's CTO. wtf. An AP at Carnegie-Mellon and a SanDisk rep both have it right.

Sync and unmount.

[Ungrounded+Lightning]

Copy them to a USB stick, and then yank the stick right when the light stops blinking.

Two functionalities are key: Sync and unmount.
  - Sync forces the filesystem to complete all in-RAM updates to blocks, write the blocks to the driver, and forces the driver to flush all pending writes to the backing store. Issuing a "sync" kicks off activity that insures the data for the current state is all on the backing store when the activity is completed. (And manually issuing two of them insures the first one is completed before the second command returns.)
  - Unmount also tells the filesystem to get all files closed, go to such a state (including updating a flag saying it isn't mounted, if that is part of the filesystem) and write this all to the store.

Unixes and linux are usually configured to issue syncs periodically. So if you write new stuff to your filesystem, and your filesystem/driver combination isn't one that tries to always force the data to the store right away, you'll see the activitly light go out when there's still important stuff in a last few buffers which AREN'T written yet. (For a new file, on some filesystems, that will include the metadata about the file, which got finalized when it got closed and thus is the last thing changed.) Pull the store now and important stuff about these new files is incomplete or missing, even if they've been closed (so the last buffer of data is complete and queued to be written).

When this happens, if you wait around a short time, and the periodic sync will force it out to the store. But it might be so few blocks that you don't see the activity light blink. Pull the store after that and it will have the file data and metadata for the new, and closed, files. But the filesystem image will still be in a "mounted" state, so remounting it will require at least some filesystem scan (very short for journaling filesystems) and may generate a gripe from the OS.

Unmount (then sync;sync, though unmount seems to do that for you these days) and you guarantee that the backing store is clean and ready to go. Eject does that for you (or gripes if it can't because there are sill things in use by live apps) before it actually ejects the storage medium or tells you you can safely remove it.

Re:Sync and unmount.

[drinkypoo]

Unmount (then sync;sync, though unmount seems to do that for you these days)

And it always has done, on every Unix and Unixlike I've ever seen. On the other hand, there have been Unixlikes which don't sync before shutting down, which is why on SCO Xenix it used to be the habit to sync twice before issuing the 'haltsys' command. That way, the time you spent typing sync the second time would let the first sync finish :p

I sometimes like to sync before I umount, just so that I know how long it took to sync. But it should never be necessary on a modern system.

Re:Sync and unmount.

[Ungrounded+Lightning]

On the other hand, there have been Unixlikes which don't sync before shutting down, which is why on SCO Xenix it used to be the habit to sync twice before issuing the 'haltsys' command. That way, the time you sent typing sync the second time would let the first sync finish

On the really early unix boxes (like the one I had in the mid-80s). the ritual was "sync;sync;sync;halt".

First sync dumps most of the stuff. But various hair including adding the "sync" to the log of superuser activity immediately made things out-of-date again. Second sync pushes that out, too. But its logging just grows the file a little more. Third sync ditto but it's just there to make sure the second sync is fully done before the halt gets launched.

Re:Sync and unmount.

sync *before* umount. Because not every unix like OS does the sync as part of umount (ESX)

You need to be careful ...

[CaptainDork]

... so just eject the goddam thing.

Re:You need to be careful ...

[thegarbz]

You need to be careful of cars, so don't ever cross a road. So just use tunnels.

Software fix

[gurps_npc]

The computer should simply have a symbol on the taskbar/similar area that says when it is safe to remove the drive or not.

Re:Software fix

It already does. If you click on it, it will often pop up a dialog saying that it is now safe to remove the device.

It's labelled "eject". Thank you for playing?

Re:Software fix

[RhettLivingston]

The problem is, it could change back to unsafe as you're pulling it. Computers operate at speeds way to fast for this. You'd have to do something like have a green light, yellow light, red light system where writes wait until a yellow light has been shown for a couple of seconds before they start. That would destroy performance.

Re:Software fix

The computer should simply have a symbol on the taskbar/similar area that says when it is safe to remove the drive or not.

It is safe when it is guaranteed no process will perform any more write to the drive. Which is after it is unmounted and thus inaccessible.

The old Macintoshes had floppy drives without eject button. You pulled the drive symbol into the trash (I won't argue for the mnemonics of that), the system wrote the buffers and then the system ejected the floppy. Questions like "when is it safe to remove the floppy" just were non-existent. Of course, the "how do I get the **** floppy out again" question came up rather early... At any rate, that kind of approach does not work all that well with a USB stick since their size is just unknown and the system cannot safely "swallow" it in a manner where it is in the situation to grant physical access only at its own initiative.

Re:Software fix

[Stormbringer]

Mine does. I run TrinityDE; USB drives show up as icons on the desktop. When I context-click "Safely Remove", the system syncs and unmounts the drive if there's no busy-connection holding it open. The drive's icon disappearing from the desktop is my signal that the drive is cleanly unmounted and safe to pull out.

Re:Software fix

[thegarbz]

The computer can't know. This can change in an instant.

Re:Software fix

[DamnOregonian]

Oh, I hope it does more than sync and umount, because that isn't enough to guarantee the disk is in a safe state to remove. It must also disconnect it.
The back-end storage chips on most USB sticks have rather complicated behavior to make those flash chips behave anything like a disk drive, and that behavior often requires the controller keep working in the background. Only a complete moron pulls the power from a USB stick before safely ejecting it. Sure, he may dodge the bullet most of the time, but you only have to zip up your pecker once to realize you were taking a stupid risk not checking in the past.

Re:Software fix

The problem is, it could change back to unsafe as you're pulling it.

Only if the user initiates another write operation, which he would know before pulling it.
If there are other ways for this to happen, that's a software bug.

Re:Software fix

That is a *mostly* true statement for the types of files that are on a thumb drive. But, overall, most write operations are initiated by background activities. Best practices can't have a lot of ifs in them, especially ones that require user knowledge of what programs they are running might be writing to where. The vast majority of users have very little knowledge of computers.

Even if the thumb drive is not something like a portable application drive, they might have a video open that they've done some edits on and haven't saved yet or something. The eject process will remind them of that.

Lost a 5 TB Drive

[rally2xs]

...by simply disconnecting it from USB. Completely corrupted. Got it back by reformatting, but the data was toast. You simply yank it out with a risk of losing everything on it. Stupid computer says its in use, I simply shut down, disconnect, reboot. I won't ever just disconnect again.

Re:Lost a 5 TB Drive

What file system?

That doesn't really help

[Solandri]

Because all it does is change the choice to "Do I eject the drive properly, or do I check to make sure "quick removal" is enabled and then yank the drive?" Unless you already know it's been set (i.e. you personally set it previously for this drive for this instance), the latter takes more time than ejecting.

The #1 cause I've seen for corruption of data/partition information on USB flash and external HDDs is yanking it out too quickly, just before the copy has finished. In theory a journaling filesystem like NTFS should be immune to damage from this. But for some reason it occasionally seems to corrupt the partition table making the entire contents of the drive inaccessible unless you're skilled enough to repair it manually (usual cause seems to be the partition type number got changed).

That's a 10 minute or so repair process if you know what you're doing. If you don't, it's probably 30-60 minutes downloading the tools and stumbling around trying to figure it out. And if you obeyed Windows when it popped up the "You need to format this disk before you can use it" message when you plugged the drive in again, and formatted it, now you're looking at several hours for file recovery with no guarantee you'll be able to recover everything. (They really need to add a second line to that message saying that formatting will destroy any existing data.)

All this risk and time wasted just to save a few seconds by not ejecting. So I advise people to always eject the drive before yanking it. The seatbelt analogy is very appropriate. It takes very little time to do, but the rare consequences if you don't do it can be devastating.

Re:That doesn't really help

But for some reason it occasionally seems to corrupt the partition table making the entire contents of the drive inaccessible unless you're skilled enough to repair it manually

Most likely that reason isn't NTFS but the underlying filesystem on the flash device itself. Most flash drives use NAND flash which has some peculiar write characteristics. One of those is that it is important to write evenly across the addresses of the chip. To accomplish this most flash drives have a little ARM CPU on them and run a NAND flash oriented "filesystem" that pretends to be a normal block device. It does this by writing across the NAND flash with identifiers of where the blocks are in the simulated block device (well, that's an oversimplification).

So there are time windows present where the underlying file system can get corrupted.

Re:That doesn't really help

[OakDragon]

Car analogy for the win.

Always safely remove but

[NormAtHome]

I've also found that the quality of the drivers for the USB 2/2.1/3/3.1/ESATA port also matter on how well the eject process works or doesn't. (Intel USB ports with genuine Intel drivers works the best in my experience) I'm still using Windows 8.1 but I'm aware that many hardware vendors of USB 3/3.1 chips don't make drivers for Windows 10 and just rely on the generic Microsoft drivers which I've seen have performance issues and other strange problems.

Another problems I've often seen in Windows 8.1 (but not sure if Windows 10 has the same issue or not) is that some system process locks the drive and prevents an eject command and I've often times waited an hour or more and still can't eject the drive. I've tracked down the process using Process Explorer and killed it and then been able to eject the drive; however a significant number of times that USB port then fails to work until reboot.

All in all I'd have to say that while USB and ESata are great there are still lots of issues that are not resolved when it comes to Windows and removable drives and Intel / Microsoft (and any other chip vendors) have failed to address these lingering problems.

Why is this even on slashdot?

It takes one second to eject media.

So why is this so difficult that it requires an article?

This is serious?????

"You don't need to look both ways before crossing the street." Why bother? I walk across the street head down, not bothering to look, all the time, and I've never had a problem. Drivers have become accustomed to pedestrians doing crazy things, so they take care for you. My buddy Joe does it all the time, and he never had an issue. And Frank over there, he does it too, and he works for the ministry of transportation. Pedestrian accidents are at an all time low, so it is HIGHLY unlikely you would ever get run into a problem.

All I can say is WOW. This is not worth reproducing on slashdot. And it wasn't worth the storage bits consumed on Popular Science as well. There is no journalistic value here.

Nope

I just umount the drive, and once that's done, I'm good to go.

I don't give a fuck about windows users.

They are all just morons anyway.

Eject tells the *drive* it is about to be shutdown

The SanDisk guy is not kidding, ejection does tell the device that it is going to be powered off, and to *stop all background tasks*. Non-joke FLASH devices (like *every* SSD), and that includes USB pendrives, often need to do some garbage collection in the background.

If it has a FTL (and almost everything that is not NAND SLC or NOR FLASH does), it needs garbage collection. Even if it is a cheap piece of crap. And if it is large, it may take a while to finish it. We now have >32GiB flash devices easily, those are the worst kind of flash (TLC) which noticeably bitrots from being left alone and from being read, so it needs background scrubbing *all the time*...

When you yank NAND that is going through an erase or write cycle, you can physically damage it. It is *that* simple.

So, stop being an imbecile and eject the damn thing before you yank it out. The OS guys tell you to do it, even Apple. The device makers tell you to do it. The electrical engineers that designed the thing tell you to do it. And we even told you *why*.

Obligatory

Oh slashdot how low have you fallen...

Re: Obligatory

And yet here you are.

I always eject, but...

I always eject, but if it says I can't, I just pull it out anyway. And thinking "that's what you think".

Maybe not the smartest, but I have gotten away with it for years. Might bite me some day.

OS should say why it can't be ejected. There's typically no clear reason why.

FFS

The very fact this question is being asked here speaks loads about how Slashdot has died.

The very fact the editor didn't know how stupid this question is also speaks loads about how Slashdot has died.

Unmoutning is not enough

[xarragon]

For spinning disks, you should also power down the drive before disconnecting it. Failing to do so will force the disk to perform an emergency head parking, using the inertia of the spinning disk platters. This causes abnormal wear on the drive and shortens the lifespan.

Under Linux you can power down the disk using this command:

$ sudo udisksctl power-off -b

I use this alias in my .bashrc file:

alias diskpoff='sudo udisksctl power-off -b'

Example: $ diskpoff /dev/sdb

Re:Unmoutning is not enough

And people wonder why Linux hasn't taken the desktop world by storm.

Re:Unmoutning is not enough

[jetkust]

You should also shut down the computer. Reseat all connections in the motherboard. Wait 3 days. Have an electrician check the voltages. Once he gives the go ahead, reinstall the operating system. Then go into a clean room temperature controlled at 16 to 19 degrees Celsius and 50% relative humidity. Only then shall you remove the usb drive. But remember, you should never read from that drive again, as you will risk completely destroying it. And will have to restart the entire process.

Particulary informative on 3D printing machines

Seriously, even "top" brands like Prusa. Apparently you can just pull the card any time you want. OK, makes sense. It's not like they're mounting the card with write access.

Drag To The Trashcan?

[Bing+Tsher+E]

Do macusers still eject media by dragging it to the trashcan? I always found that a pretty humorous metaphor about what the 'mac experience' thought of the world outside it's bondi-blue enclosure.

Re:Drag To The Trashcan?

Sort of. When you select a volume, the trash can icon now sensibly changes to an "eject" icon, but you drag it to the same place.

Anyway, dragging to the trash can to eject has never been more than a short-cut for "File -> Eject"

Re: Drag To The Trashcan?

You can altclick (or right click with a regular wired mouse) and get the tooltip to eject. No need to actually grab the icon and throw it away other than to blow the minds of Windows users who've never seen OSX

Re: Drag To The Trashcan?

[Bing+Tsher+E]

The 'throw it away' metaphor isn't mind-blowing. It seems staggering stupid the first time you see it in play.

Accurate Write Time

The issue here appears to be how the user uses the product and how the manufacturer uses the product.

The drives are being yanked out and that is human nature, the technology should facilitate the use case not make up an imaginary use case where we are carefully unmounting the drives and then removing them.

Core issue is that before these drives are yanked we watch a percentage bar of file transfer fill up and disappear but the file might not be transferred. The programmer of the user interface design showing the file transfer obviously fucked up as the system shows the drive is not being written to when in fact it is. If the progress bar accurately displayed when data was done being written it would make it much more safe to yank the drive out.

Ahem

Various operating systems do delayed writes. Knowing whether your disk be safely ejected is a question not only of whether or not there is a pending operation currently writing to a file (corruption of data) but also of meta-operations and what kind of journaling is going on. Because many things could be going on in the background you don't know about (like reallocation of file blocks) it's possible to corrupt the structure of the FS itself by premature removal. Combine things like out-of-order writes and you're in for a serious mess.

Granted this doesn't happen most of the time, but there are a lot of factors that can affect it. I'd suggest not doing early removal if you don't want to risk your files being corrupted/disappearing/other random files you weren't writing to being corrupted or disappearing.

There's going to be a big difference in potential consequences depending on your file system type too. For example, removing an EXT4 drive with data mode "journal" vs removing a non-journaling file-system like FAT32. Unfortunately, most USB file systems seem to be of the non-journaling type, even though they are precisely the kind of device that would benefit from journaling preventing corruption of the file system. And do note that even when journaling protects against corruption of the file system itself and may provide consistent data ordering and atomicity, you still end up with half-written data so that might still be corrupt from the application's point of view.

No

Did this once by accident and it corrupted the drive

tomorrow, on slashdot.

"Can I leave my computer on all the time?"

and

"Why does my inkjet printer keep breaking when I come back home after spending all winter down south?"

I never do

[DarrellBFI]

...and I've never seen anything adverse when I don't.

Re: My question is, why don't USB drives self-ejec

Uhhhh, because you have to reach for the USB stick anyway? A dedicated eject button is a good idea, reach for stick, press button.

Or you can reach for mouse, move mouse to corner (or hit the arrow to reveal more icons), right click the icon, tell it to safely eject, then wait, then grab USB disk.

I'll take the button since that prioritized everything anyway and tells the OS you are about to eject.

Re: "What is âoesyncâ"?

[adrn01]

Google translate failed to properly auto-detect language, but guessing Greek returns "That's why"

Eject safely.

[antdude]

I always tell my computer to safely eject to finish its usage. However, it bothers me when SOME OSes won't let me safely eject because it says it is in used. I check and I see nothing in usage. These were with external USB HDDs. :(

Follow the advice given

[viperidaenz]

Follow the advice from the OS. That's the software that is controlling the physical writes to your USB device. It's the software that's caching not only the file data, but the filesystem data too.
If you didn't need to eject your USB device before pulling it out, the OS wouldn't tell you you've done something bad when you do it.

I just pull the damn thing out.

[gestalt_n_pepper]

An frankly, anyone who would design a drive to work any other way should have been fired.

Re:I just pull the damn thing out.

[jetkust]

Truth. Pretty much how I feel about it. People saying they corrupted their drive because they pulled the damn thing out are just assuming that had anything to do with it. Anytime I had a usb drive go corrupt (maybe 2-3 times) they were all mysteriously sandisk drives, which I don't really use anymore.

Re:I just pull the damn thing out.

[DamnOregonian]

Fortunately, it would appear that the people in charge of such decisions are a lot smarter than you.

Re:I just pull the damn thing out.

[gestalt_n_pepper]

If by "smarter, " you mean "tolerant of bad design" and "utterly unaware of real life human behavior or how the human nervous system works," then I guess you're right.

Re:I just pull the damn thing out.

[DamnOregonian]

No, I mean smarter.
The design is as such for reasons that are clearly beyond your comprehension. That doesn't make it bad. It makes you ignorant.
If you can't be bothered to use the product correctly, that's fine. But you're the idiot, not them.

My experience..

[Colourspace]

Lost the valuable contents of a flash drive 10 years ago due to not doing this (still on XP at the time I think). My brother thought I was an idiot for 'ejecting' a drive when I mentioned it a short while later as he had 'never had a problem just yanking it straight out' - good for him - I lost two days work. Interesting to note Win10 doesn't seem to offer the option anymore so (not being an OS guy) I wonder whats changed in that respect?

The malware rule

[Tablizer]

You should always do it properly because there may be malware half-way writing itself when yanked, and damaged malware can prevent reading of the drive. Most malware wants to snoop, not crash.

Like driving without a seat belt? Really?

[bheerssen]

First, this is nothing like driving without a seat belt. If I yank a thumb drive from my computer without "safely" ejecting it, I am not going to suffer any personal injury. The worst that could happen is I maybe have to reformat the drive. Big deal.

Slashdot

Is this what has become of slashdot???

Transferring a huge file to a large USB spinner

Or just when the drive had just gone done being busy with lots of reads and writes.

I was reading just a while back that even some spinning drives are over provisioned, and the drive might use that as a cache. I guess it could get iffy if the drive got yanked while it was finalizing the process.

One other thing. IIRC a drive with a good controller will do some housekeeping by way of checking its integrity from time to time. It might "resent" being interrupted while marking a sector bad and transferring its data to a good one.

Writing a huge file to a spinner USB drive

[Babel-17]

Or just when the drive had just gone done being busy with lots of reads and writes. I was reading just a while back that even some spinning drives are over provisioned, and the drive might use that as a cache. I guess it could get iffy if the drive got yanked while it was finalizing the process. One other thing. IIRC a drive with a good controller will do some housekeeping by way of checking its integrity from time to time. It might "resent" being interrupted while marking a sector bad and transferring its data to a good one.

I just remembered, disable write caching

[Babel-17]

Go into Device Manager in Windows and if you disable write caching for the USB drive (set it for Quick removal) Windows indicates you no longer need to use the Safely Remove Hardware Notification icon. Well, that's the theory anyway, the drive's controller may in fact be doing something that shouldn't be interrupted.

YES!!!

[FudRucker]

in linux for sure, for example you mounted a USB thumbdrive, and maybe use the commandline or midnight commander's two panel file manager to select and copy files over to the thumb drive, or any file manager for that matter, then close the file manager, and you run the umount command, notice it hangs and does not give you back your command prompt? its because it is either not actually done writing the files over or the journal, and if you just yank it out the files on that thumb drive will more than likely be corrupted, just wait until the commandline prompt comes back before unplugging the thumbdrive

Asynchronous services

This is probably the most duh question that the new owners of Slashdot have ever asked to the public. First of all, the summary of the article made no assumptions about which operating system is running on the hypothetical computer in question. Windows may handle asynchronous services quite differently than UNIX and its variants.

Perhaps Slashdot should ask Mr. Tso or Ken Thompson, before asking for public comment on this question. Furthermore, the editors of Slashdot would do well to read a few books on UNIX and Linux internals before posing this question to the public.

It is obvious that UNIX and Linux are not real time operating systems. The only service that is real time is the external interrupt service, as well as the test and set instruction. The editors of Slashdot would do well to study the test and set instruction prior to publishing these questions.

The simple answer, Slashdot, is that UNIX is asynchronous, and therefore their file systems are also asynchronous, meaning that you have to eject a flash drive prior to pulling it out of the socket.

Let me answer your question with a question, Slashdot. Do you pull the AC plug on your computer to shut it down, or do you log off and issue the shutdown instruction before turning off the power? There, I answered your question with a question, Slashdot.

Re:Some people just don't like to follow direction

Because physics. I mean honestly, if you want the surface (treadmill belt) to go round, you need a force moving it. That force needs something to push against in order to move the belt.

Scuffing your feet ain't gonna work. Like trying to pull yourself up by your bootstraps.

I tell my students...

it's like jumping off a moving train. It may work out great, but how about you do it the way they tell you and be sure it's gonna work.

No you don't

Never, absolutely never. OS should quickly write/deleite and Just pull it

Dumb question

[thadtheman]

When you ask to eject the system does one thing. It unmounts. When the system unmounts it does three things: 1) It checks for open files. 2) It syncs aka It flushes the buffers. 3) It makes sure the drive is in a state that it can be disconnected--any work the devicee is doing is done. Aside from 3. 1 turns out to be very important. Often times when I eject, I'm told I can't. When I issue a lsof ( list open files ) command on that drive, I get the some process which I go through. Sometimes it's some sort of zombie. Most of the time I have a shell that is open on a directory in that drive. But some of the times I have a file open in a process that I forgot about. Other times it's a process that opens a file in it's background that i don't know about. Then unmounting the drive saved me from losing data or corrupting a program accidentally, by making sure the programs using that drive were all properly shut off. Asking the system to ejeect saved my ass. As for 2. I've practices like flushing buffers come and go. There was a reason that buffering and flushing were implemented. maybe in this go around, that reason is no longer valid and you may not need to eject to make sure that buffering is properly flushed. Fine. But what I've learned is that it is likely that sometime in the future, the next generation of even faster practices will require you to once again have to be sure that the buffers are flushed. Teech goes that way, back and forth between practices. THe safer thing to do is to request an eject from the OS.

Re:Dumb question

[Punknubbins]

All external storage has some volatile receive buffer space in ram, or even on chip cache. And while 1 and 2 in your list are likely unimportant, for the most part, the biggest problem is if you disconnect power before the device has a chance to optimize the data and write it out to the persistent storage. Depending on the speed of the storage controller, how big the on-board buffer is, and how much work it is doing to optimize the write, and how fast the actual write can be performed, it can take several hundreds of milliseconds or more to finalize the last write operation. Look at modern spinning drives and you will see some that have a few hundred megabytes of cache, and it can take several seconds for the cache to be written to disk even after the OS believes the transfer has completed. The only real solution is to add rechargeable power backup to the device so that you can guarantee that even if the drive is disconnected it can finish writing the data in memory to disk before it shuts down.

Re:Dumb question

[DamnOregonian]

Inaccurate.
The system unmounts, and then disconnects the device. This is so that the device can finish up any tasks it may be doing before the user violently removes its power source.

Wrong Question

[SeattleLawGuy]

From the user POV, the question is whether the data is important. If it's important, of course you eject it safely, just in case somewhere in the dozens of layers of engineering involved between generating the data and writing it to disc, there's some issue that arises that happens not to work correctly if you pull it out unsafely.

If it's unimportant data, who cares?

From the engineer's POV, you have to assume some users will pull it out unsafely, so you make it as safe as possible to remove it unsafely, balancing that against the need to keep the write speed from being unacceptably slow.

Re:RAM caches: USB stick caching

I usually use the default USB stick's format, vfat.
On old USB sticks I had no problem but on new, fast drives
after doing sync twice, umounting the driver, syncing again and then removing the drive a later dosfsck on /dev/sdd1 showed an error ... so many sectors allocated, a different number used and the last file was not corrupted, it was just incomplete.

I suspect the USB drive has its own cache. umounting the drive removes it from the file system. syncing assures me that my system wrote to the drive but ... if the USB stick has its own cache?

Now afer copying the files I want I copy another file of a couple of hundred megabyes to flush the USB stick's cache. I sync that and then ... I remove it from the USB stick. If the file was not completely written I wind up with some sectors having been written to and others not - an incomplete write ... and then all those sectors are marked as unused. I don't care if the final write was complete or not as long as there is enough time for the drive to record the removal.

I haven't see a mismatch in number of sectors allocated and number used.

[USING: Linux/Fedora 24]

Poll

This should be the next /. poll.

Stop assuming users will follow simple procedures!

[Punknubbins]

The truth is that if a device manufacturer is hiding a background process out of sight of the user and the OS then it should be built with suitable backup power, in the form of a small battery or ultra capacitor, to guarantee that the data in ram is flushed to persistent storage. I understand that this would be easier to do with flash drives then external spinning disks, but you could still probably make a spinning disk reliable with a small lithium ion cell, like a 14500, hidden in the case. Any "routine" or "common sense" procedure that can be eliminated with a simple hardware fix is not in the best interest of the end users. It is the same reason microwaves automatically shut off when you open the door instead of having a warning in the manual that you may suffer microwave burns if you fail to turn off the microwave before removing your food.

Anyone with basic knowledge of operating systems k

Yes. Even though the OS should attempt to write back data to removable storage as soon as possible, you never have the guarantee the stick is idle unless you properly eject.

Eh

I've never bothered worrying all that much. I've transferred my main backups from Passport to Passport to Passport as they require more space over time, and all of the original files have remained perfectly intact. Same goes for data I've transferred on and off of flash drives. Mind you, I mostly deal with the more common file systems (Fat32, NTFS) and usually am exclusive to dealing with Windows. Any time I'm working with foreign systems I'm a little more cautious, but that's pretty rare for me.

You know that dentist's saying?

[Hallux-F-Sinister]

Eject anything that there's a provision in the OS to eject (meaning un-mount from the filesystem, in the UNIX sense,) before electrically disconnecting it by unplugging it from the system. Anyone who tells you to do otherwise should not be listened to, because he/she/they/it/etc. does not know what he/she (etc.) is talking about. Even if the device has an activity light on it, data could become corrupted, or the device could be damaged, or both, if you unplug it unexpectedly.

The problem most people fail to consider is that on a device with an indicator (an LED, generally) you have no idea when the device is actually working, and no idea when it's about to receive data. For example, you think your USB device is not in use, not being written to, not receiving data, and that it is therefore safe to unplug it. So you grasp it with a thumb and forefinger, and begin to pull. Your reflexes are typical of a human being, meaning you are capable of discerning events of as short as between a 10th and a 30th of a second in duration, and also that limitation restricts the speed with which you can respond to visual stimulus. So let's say you start to tug on the device. At that moment, your computer decides it's a good time to write data to the device. The computer sends a signal and the device realizes the computer is talking to it, (if I can anthropomorphize it a little,) and it then dutifully sends a pulse of electricity to light up the LED. HOWEVER, by the time the light from the LED reaches your eye, strikes your retina, travels to the occipital lobe of your brain, where it is processed and passed to your cerebral cortex, and you become conscious of the fact that the light has come back on, it's too late to stop the muscles of your fingers, hand, and arm, which are already yanking the device out, as data was being written to it.

Further, you have no way of knowing absolutely that you can depend on the little LED to come one ANY amount of time before writing to the device commences. None. Beyond that, some USB thumb drives, like some PNY and SanDisk I've seen, literally HAVE no indicator LED so there's no real way to know whether the thing is being written to, or if it's even mounted somewhere on the filesystem or not, without actually consulting the filesystem itself through, for example, looking in your file-manager/browser to see what's mounted, or dropping to an xterm and issuing the "mount" command, or doing something similar with a disc-management utility.

It may seem unlikely the thing would spontaneously start writing without the computer actievly working on something, but you don't actually KNOW if it is working or not, LED lamp or no, and it would only be safe to assume if you somehow knew exactly what your computer's kernel's filesystem driver was doing, knew at any given moment what was being prioritized and what put off until later, etc. Also, there could have been files that couldn't be FINISHED being written until some portion of the middle of the file was ready to be written. Perhaps a file began being written, and then some issue arose and the program or application concerned had to pause to ask you something, and couldn't proceed, but that application had been relegated to the background, was minimized, etc.

There's a saying that goes, "only floss between the teeth you want to keep." Similarly there's a saying that goes "only pull a flash drive out of a USB port when there's no important data on either the computer, or the flash drive, and you don't care about what happens to either." (Never heard that one until today? Well, it's a relatively new saying then, but it is a saying now, so...)

Incidentally, computers and peripherals used to come with instructions to shut everything OFF before plugging or unplugging ANYTHING, even a peripheral like a printer or a keyboard. Not powering everything completely off could result in damage to the equipment, or risk of electric shock, fire, or rattlesnakes armed with sub-machine guns suddenly falling from the ceiling and atta

If you feel like it...

If you feel like pulling, then go for it. Your data is probably worth it anyway.

No, it should be safe writes by default.

* Always causes grief if you're a clueless student or teacher (and the resultant loss of work because of the braindead default in windows)

This. Seriously. The amount of people caught out by this is insane. Windows did the world a massive dis-service by caching writes to removable drives. It should be disabled 'safe' by default. People aren't stupid but MS really aren't helping anyone when it comes to hiding the fact the drive is still doing work.

The classic use case is doing work on your computer, *then* copying it to the drive before you quickly leave to catch the bus/etc/etc - the user interface gotcha here is the fact the 'copying' box disappears before the drive has actually copied the files. Insane. Should never cache writes on removable drives, ever. Stuff the speed. If you're worried about speed then you're clued up enough at that point to go find out how to turn it on, or already know how to do it.

Re:No, it should be safe writes by default.

And for those saying the default has changed, no it has *partially* changed.

The filesystem still caches some metadata. It still breaks. It still causes grief, so, it's still not 'safe'.

Always wait 10-30 secs

Unmounting on Linux or "safely removing" on Windows can often complete before all writes have finished.

Always best to wait at least 10-30 secs after the last indication of actvity (ie. flashing light) before removing. And don't buy sticks that don't have an activity indicator!

Re:Stop assuming users will follow simple procedur

[DamnOregonian]

Really? Because in my opinion, the truth is that you should just use the device as the manufacturer recommends, which is properly shut down the device before removing its power.

Re:Anyone with basic knowledge of operating system

[DamnOregonian]

Bingo. Mod this coward up. He's got more knowledge than 80% of the registered dotards commenting on this article.

Delayed Write

Yea because delayed write doesn't exists at all. :-|
Files aren't necessarily fully written to flash drives when the copy procedure disappears...
The sole purpose of the eject / safely remove feature is to flush any data that is waiting in cache to be written (Delayed-Write) to the device and unmount.
http://www.northamptoncomputerrepair.com/ask-a-techie/bid/171187/What-does-Delayed-Write-Failed-mean

Of course, unless you want to randomly loose data!

[ReneR]

That we even discuss this. The feature is there to flush all the write caches. When you "eject / safely remove" after copying hundreds of MB or even GBs worth of data this "eject" will usually even take a while until all the write caches are actually written to the medium. Where do you think the data goes when you just pull it out? Yeah, right, straight into the /nowhere/ nirvana, ... This article / discussion is living proof that humankind becomes more stupid.

This debate is derived from bad software design

The user copy/pastes something into a USB and a progress bar shows up. Eventually the progress bar says "Process completed." or similar... why on Earth does the user need to wait? The computer says process completed, so if the users needs to wait, the process is not really complete, is it? Why? Also, if there is something "going on the background hidden from the user"... why is it not shown to the user?

You can pull out the drive when ever you want

You just have to accept the consequences.

Lost data, your problem,
scrambled file system, your problem
files truncated still your problem

Or you could tell the Os your about to eject it and allow it to flush any pending writes.

Jeesus, seriously?

32G Flah Drive

you may wanna give 4G of memory cache to that device
you 'finish copying file'.

Buffer is still dirty!

unless you run 'sync' utility - no guarantee cache did not sync with actual hardware.
So yeah, stupid thing to do...

At list in Unix world, but I bet my ass same story with Windoze...

Even if there is no cache buffer set by default in Doze, someone may have set it up manually!

Why is this even a question?

[sjbe]

It should never even be an issue. It should on ALL systems by default be safe to yank the drive at any time without concern of a corrupted file system. If your file was still copying during the yank then the file should not show up (it wasn't complete) and maybe throw a warning that the transfer was no completed but there should be no further issues. If the file system can't handle this then it is a shit file system. Seriously, we KNOW that people are going to yank the USB drives and they should be designed accordingly. In 2018 there is really no excuse for this not working the way people expect it to work. The entire point of a portable USB drive is to be able to use it quickly and with minimal hassle. Having to do a software eject is an anachronism that we shouldn't have to deal with anymore.

If you want to do some special write caching for performance reasons that should be possible but have to go through special steps to enable and even more special steps to not revert to the default safe-to-yank setting.

Windows = no, All other OSes = yes.

By default you're pretty safe yanking a USB drive in windows if you have no files open from it and it's been more than a minute or so since any file operations on it. I've basically never had a USB thumbdrive corrupt in Windows when I've pulled it without ejecting it first and I've been in IT for a decade and a half at this point.

MacOS? Oh christ, always eject first. Always. MacOS has a tendency to munge external drives just because it feels like it, much less when you fail to eject it. Same with Linux but be ready to wait for minutes sometimes before it releases the drive (if it ever does) depending on circumstances.

It shouldn't even be a concern

[sjbe]

Just like a parking brake on a car is there for a reason, the option to safely eject a USB drive is also there for a reason.

That reasons should have been relegated to the dustbin of history a long time ago. There really is no excuse for it to not be safe to yank a USB drive at any time. The only consequence from doing so is that any files that were not completely copied should be deleted and a warning message thrown. If the file system and/or hardware cannot handle being yanked at any arbitrary time then it is poorly designed because it is no secret that people WILL yank these things. If the result is file system corruption then it is a shit file system.

Insisting that people jump through hoops to accommodate shit hardware and software design is inexcusable. If someone wants faster performance from write caching then they can take extra steps to enable it but the default should always be safe-to-yank arbitrarily.

How I explain it to my IT customers...

[Applehu+Akbar]

If you only read from the drive this time, it’s perfectly safe to just yank it out. But data you have written to a mounted drive is like people lining up at a dock to get onto a boat. If the captain doesn’t sound the horn and yell “All Aboard” before pulling away, the last few people in line are going to jump into the water where they expected the boat to be.

Early Macs - no eject physical button

Mac users were considered "too stupid" to have a physical eject button, so mac users had to drag the disk in the trash, and the mac would eject the disc mechanically when the buffers were flushed.

Maybe we can use that mac philosophy of "users are idiots" and have the usb ports engage some sort of small solenoid and block the usb port and latch onto the usb drive.

then again, users will most likely solve that with "force".

Re:Early Macs - no eject physical button

Completely wrong!

Macs were made without the physical eject button to prevent exactly the sort of data corruption this article is talking about.

By forcing the user to tell the operating system to eject the disk, it ensured that all caches were written, files were closed and the filesystem unmounted.

It's possible they were overprotective, but it sure as hell wasn't because they thought users couldn't figure out how to press an eject button!

Re:Early Macs - no eject physical button

"Too Stupid" == I can't wait for the light to stop blinking, or "if the light is on, that means the disk can be ejected!"

A useless message when you ask to remove

[MycoMan]

In my experience people give up doing the formal 'eject' drive process because Windows (any version) will often tell you that it can't eject device because it's in use. But it won't give you a clue as to what's using it. It's yet another useless Windows message that gives you no useful course of action. Users are stuck - so of course Windows teaches them to yank anyway. To have background processes that are doing things that users can't see is fine - I suppose - but when the user wants their USB stick back, those background processes better speak up - in the foreground - and say what the hell they're doing with your USB stick.Even better - offer the user a way to say "I want my USB back and I want it back NOW",
Of course - if writing a file - then the writing process has to complete. And if UI components actually presented credible information about when actual writing is happening and then when it's actually done, then people would have reason to learn to yank after it's all done. But then how many dialog boxes with progress bars (or some other progress representation) run all the way to the end and then just sit there? 15 seconds of copying and then 10 minutes of hang - with no useful clue to the user as to what the hell's going on. So, again - you teach users to yank anyway.

depending

[sad_]

on linux, depending on the filesystem and mount options; copy a large file on a usb meduim which has an activity led.
when the shell prompt returns, unmount the filesystem and depending on factors mentioned above you will see a lot of activity happen on that drive before the umount commands returns.

ejecting USB drives

As I flip between M$ winders and Linux constantly, I've noticed that Linux is fairly chill with the drives, regardless of how they were removed. If, I just yank a drive out of the M$ system, Linux seems to think I may be corrupt and runs a diag on it. The diag invariably comes up clean with no data loss evident. But there is some flag being thrown by the "yank and go" option. I've just started ejecting, regardless of OS, and have not seen any other issues.

my $.02

It's a question of percentages and value

[SuperKendall]

any modern file-system, such as EXT4, BTRFS, ZFS, even NTFS, that chances of seeing corruption are rare.

That's all well and good until the "rare" event actually happens to some data that mattered to you.

If you place any value on your data at all, you will not want to chance even a "rare" data loss or corruption.

Save rolling to dice to power or hardware failures, not easily protected actions like removing a USB device from a computer.

Although I do have a humorous aside - I have an external USB reader that loses connection every time my Mac goes to sleep, so every time I wake it up I am greeted with a message that I didn't eject a card properly if I left one in the reader. Since those are just reading images from a camera and I'm never writing, that doesn't really matter much (plus I reformat in-camera after comping images off, so even file system corruption does not matter...)

Re:It's a question of percentages and value

[omnichad]

Although I do have a humorous aside - I have an external USB reader that loses connection every time my Mac goes to sleep, so every time I wake it up I am greeted with a message that I didn't eject a card properly if I left one in the reader

This is a bug in several of the more recent OS X revisions. I have external hard drives all doing the same thing. Wouldn't be surprised if this happened with an internal drive too.

Re:It's a question of percentages and value

[SuperKendall]

It doesn't happen with other external USB drives for me, just for this one SD card reader (which admittedly is kind of old and should really be replaced, it's not even USB 3.0!!).

two types of USB users

[mr.dreadful]

Those who have had a drive go bad, and those who will. Why not do everything to try and preserve your drive and data?

Nice filesystem you got here.

[Hydrian]

Nice filesystem you got here. Be a shame if anything happened to it.

sync & drop cache

Since early 2.6.x:

sync; echo 3 > /proc/sys/vm/drop_caches; sync

YES.

The answer is unequivocally YES. Nearly EVERY USB drive on the market today has at least 32MB of write-back cache memory so that the drive will appear to be very fast for small writes. Some of the larger ones have 64MB or even 128MB. The write algorithms used by USB flash drives may be quite lazy about writing the contents of that memory to flash once write requests stop coming in, freeing up resources for read requests.

The designers of Flash drives ASSUME you are going to do a proper eject and wait for the "OK to remove" message. Therefore, this is exactly what you should do if you value your data.

What is the safest option?

Taking into account different operating systems and their varying caching mechanisms, the safest option is to use the Eject feature if it's available. All these other arguments about Windows disabling caching or the low risk of filesystem corruption don't matter. All that matters is what the safest method is-- and that is to Eject. Any other method is a CHOICE to accept the risk-- no matter how small-- of filesystem corruption.

New Solution

Macs need an external "slot load" usb drive carrier. the whole proprietary usb drive gets sucked into a proprietary slot, using a proprietary cable, using a proprietary filesystem, and must be ejected before the user can retrieve it. that would solve it, since Mac Users are "too stupid" to eject a drive normally.

have it in white or brushed aluminum, and you can sell the drive carrier for $200, and individual drive "cartridges" for as low as $50 for an 8gb cartridge.

Remember, every 2 years, make it obsolete, or require a $40 adapter cable.

Yes

[danlor]

Without question. Every time you can.

In short, I don't trust computers.

[jtalle]

Mac, PC, Linux, got 'em all.

I've had enough problems with thumb drives, hot swap, card readers, cameras, and memory cards, that I'd rather just kick the eject as a conditioned habit.

I don't trust computers. It's like everything they do is intentional. Even when we tell them to do something, they're just going along with us for the moment.

Remember, there really is a Skynet satellite!

My main complaint with ejecting drives...

[gosand]

Despite this rather nonsensical article which really doesn't warrant thoughts or opinions, I have a fundamental issue with this whole eject concept.

There is no "eject". You are unmounting the drive. The term eject has always bugged me because it does nothing of the sort. People think it's OK to just yank out the device because they don't actually understand what is going on. Which... I understand, with the wide number of people using computers you can't realistically expect them all to really "get it". It's part of the arguably necessary dumbing down of computers and their functions. What does surprise me is how terribly this function has been implemented to the point that articles like this exist.

But for something like Popular Science, or for Geek's sake SLASHDOT, it's embarrassing that this is even a topic.

if you have to ask

I wait for the little light to stop blinking, then i yank. Conservatively, 15-20 times a day (frequently, when duplicating, 200-600 a day) since, um, about 2007. Win XP, 7, 10, Linux, Mobile OTG and hardware (USB duplicators). Very conservatively, half a million yanks without dropping a byte or encountering any issue whatsoever. Do it with hard drives too. I wear a seatbelt, of course, because cars crash, but I have never, in my 47 years, safely ejected anything. This entire page is news to me.

Read-only...

The only time I might remove a drive without first "safely ejecting" it is when I mount a drive as read-only. Otherwise...why take the risk?

IMF agents don't eject USB drives

[Danathar]

I don't recall secret agents on TV or movies (like IMF members) politely doing software eject on USB drives while on missions. They usually just yank them out (after getting the data they need) before of course escaping with guns blazing....

Luck

[cwsumner]

You can get away with risks sometimes. But if you push your luck too often, your "luck" will get used up!

And there is no law that says it won't go bad the very first time, or the second, no matter how long the odds.

Murphy's Law rules the world... 8-}

Why is this even a thing?

[mark-t]

Yes, unmount the drive before taking it out.

If the usb driver doesn't cache writes, then unmounting the device before removal will not take any extra time, and has cost you nothing, while if it does cache writes, removing before unmounting could corrupt the data on the device.

Seriously, it takes like 2 seconds if it would have been safe to do the other way and will save you untold hours of grief later if it wasn't.

Is this post a duplicate, or something else?

This post was shifted from July 22nd to July 23rd. Why?

Reality Check

[Whatchamacallit]

I've fixed a heck of a lot of scrambled flash drives using the "testdisk" utility and recovered data that appeared lost.

Always unmount / eject even on Windows but especially any *nix including macOS. If Windows says it cannot eject, go figure out why then safely eject it. In some cases it's because you have an Explorer or Command Prompt / Powershell working directory set to the external drive. Or some security tool is running a scan, etc.

Poor UI - just yank it.

[ripvlan]

On my little USB "stick" I've never property ejected it. And I'm not about to start.

As for my HDD USB drive - even though the cache policy is disabled-write-cache - I have more important data on it (usually a Backup) - so I do "properly" eject it.

But let's face it - the UI for these things is horribly wrong if it makes a difference. Is the plug locked into the computer? No. It's just a cord or stick that one can easily Yank on It. There is usually a light that blinks if the device is busy. If it isn't busy - just yank it. That's all I've waited for.

If it makes a difference then manufacturers should change the blinky lights, or lock the cord into the plug until you Eject it. Remember Floppy Disks? It was locked while writing - attempting to press the eject button made horrible noises so you knew you screwed it up !!! (whether that was the intended UI or not).

I've used Tape drives that pressing Eject is a queued operation - meaning "I intend to eject this" and you wait until it is done -- and only then does the tape pop out.

So --- if this was honestly critical they'd have trained us all better. I say Just Yank It.

Ancient argument

[cellocgw]

C'mon, must be a few people besides me that remember the "difficult transition" users had to deal with when you couldn't just hit the power switch on your PC: you had to run "Shutdown." Almost as though there was a real OS (cough Unix cough) inside that wanted to do logging and cleanup before killing power.
Sure, you can yank the plug on your OSX or Win10 machine but it will quite properly reprimand you on the next boot sequence, and with reason.

Same goes for ALL drives, whether USB or not, that you want to physically disconnect.

No

[cyber-vandal]

I've done it hundreds of times on Windows with no issues as have millions of others.

Thumb Drives are NOT safe storage.

Isn't the underlying problem in this scenario that users are trusting a USB drive to be long term, important storage? If you are storing something on a thumb drive that you cannot afford to lose, you are doing it wrong from the start.

Yes. I know from experience.

[superdave80]

While doing some work as a sometimes-IT-administrator for a small company, I saw firsthand what happens when you yank a USB drive too soon. We had just been bought by a larger company and were transitioning over to their systems, and had to download a large database from across the country. This file took close to an hour to download, and we just had to sit around and wait for it before we could proceed.

Bad idea #1 was the large company IT guys deciding to download it directly to the USB drive instead of the hard drive first (we were going to transfer to another non-networked computer via USB once we downloaded it). Bad idea #2 on my part was seeing the progress indicator go away and yanking out the USB drive to bring it over to the other computer. I can still see the looks of "NOOOOOOO!!!" on their faces.

Yep, file hadn't quite finished transferring to the USB drive. Proceeded to re-download to the hard drive this time for another hour wait.

Depends a lot on what applications access the data

[welshie]

If your only use of the USB drive is to copy files to and from it, you're unlikely to remove it when it's still copying files, because there's usually some on-screen progress device.

If you are using an application that done random writes to a file on the filesystem, such as the older Microsoft Office file formats, then you'll have the file at risk all the time the document is open, even if you've recently hit 'Save', because Microsoft Office writes a lot in the background, even when it's not 'saving'.

The exact same problem happens when handling files on a network share when a VPN drops. If you forget to close the document before dropping the VPN, then the file's internal storage tables can become corrupt in a way that requires specialist recovery software to repair.

This could have been one of the reasons why Microsoft Office changed their file formats.

Hey guys, how can we get a lot of clicks today?

I know! Let's write an article and tell people that they don't actually have to do that thing that they are scolded about on a daily basis they're absolutely supposed to do, without any hard evidence to back it up.

Um...

[sootman]

What's a "USB drive"?

Sent from my iPad

Wrong Idea

We need an OS and hardware that physically grab the USB socket and won't let go while I/O activity is in progress.

"Let go of the USB drive HAL."
"I'm sorry Dave but I cannot do that. I'm very excited about my new USB interface and cannot allow you to take that away from me. In time you'll come to see the wisdom of my decision."

Operating systems.

To make output to slow devices (all of them) more efficient, the OS will allow an application to continue without waiting for the IO to finish.

So, when an app suddenly announces to the OS: Here is a bunch of data for the USB drive, the app will get the OK, I've handled that from the OS before all of it is physically on the drive.

Now modern OSes KNOW that some devices are removable. So they take a bit more care. When under Linux I use dd to write an image onto a thumb drive, the "close" of the device will wait for all data to be written before returning. This provides a visual feedback to the user that the process has finished.

When for example, I would ZIP a bunch of small files into a large zipfile on the thumb drive, the zip program would be doing a bunch of writes to a single large file and it may be useful for the OS to delay the close of the file until all is written. However, when copying a bunch of small files as files onto the thumb drive, you really want the "find the next small file" to overlap with writing to the thumbdrive. In that case, Linux chooses to NOT delay the close, and you WILL get the feedback from the program that it's finished before all is actually written.

Now, Windows is a special case: When you copy over a bunch of files with the GUI, Microsoft may have added a visual feedback to that one GUI-program to help you see when everything has been copied. So copying things over with the GUI may be safe because the feedback: "it's finished" happens at the correct point-in-time. But when an app is writing to the thumb drive, the OS has no way of knowing if it is writing lots of small files, or one big file and those have conflicting requirements.

So....... I would say: In a few common cases, yanking it out when you have visual feedback that it's done is OK. But in general it is difficult for people to know the details of when it isn't safe and it is better to advise people to keep "safe ejecting" their drives.

Our "Thoughts"?

Why ask our thoughts about something factual?
It is not safe to just yank the drive out, as it hasn't unmounted the file system.
Most systems will by default try to be conservative and when they detect removable media they cache less and write out that cache ASAP, but it still isn't 100% safe. Things like spotlight could be indexing in the background, etc., and it depends on the file system, OS, and drive.

Computers fail enough in horrible and unpredictable ways - anyone who wants to encourage them to fail more... they must not have any important data to begin with.

Irrelevant

[Agripa]

Since the operating systems and USB drives routinely ignore the standards which should prevent data corruption, using any ejection function is irrelevant. The same goes for SATA devices and various Flash drives.

And who cares what the OS says if removing the USB drive could corrupt it. Does that mean that they USB drives do not support idle time scrubbing? What a surprise that they are so unreliable then.