What is the rationale behind safely removing USB media from windows PCs? [duplicate]
Quite often when I'm in a rush, I automatically pull out a USB pendrive or USB cable from an external hard drive from my desktop PC or laptop, without right-clicking on the safely remove icon in the system tray and unplugging via this route. So far nothing untoward has happened every time I have "been in a rush".
What is the rationale behind right clicking on the safely remove icon and can I really lose information on USB media if this is not carried out?
Edit
Is the vunerability of losing such information greatly increased, if the usb media is still flashing at the time of pulling it out of the computer (as opposed to non-flashing)?
Yes it can, it's about what happens if you remove the device when it's in use (reading or writing).
When you plug in a USB drive, you give your PC free rein to write and read data from it; some of which is cached.
Caching occurs by not writing information immediately to the USB device, and instead keeping it in your PC's memory (RAM). If you were to yank the USB drive out of your PC before this information is written, or while its being written, you'll end up with a corrupted file.
However, Windows automatically disables caching on USB devices, unless you specifically say that you want it enabled. For the most part you don't have to click the 'Safely Remove Hardware' button, if you aren't writing or reading anything from the device.
Its there simply as an extra level of security preventing you from destroying your own files.
Doing so causes the files to close "gracefully", preserving data, pointers and file size indicators. When writing to disk the computer doesn't always "flush" a buffer and only part of the data may have been written. Using the proper procedure will assure that the data and pointers are in good shape.
Source
A second reason is that flash drives need to have stable power for ~0.25 seconds after a write command. This is a fundamental physical problem, due random factors some writes may leave a logical 1 bit in a electrical 0.72 state. The fix is easy: just rewrite the bit, perhaps even a few times. Eventually it will stick.
If you're really unlucky, the bit falling over will be in a filesystem table and corrupt e.g. an entire directory.
Few people realize everything that goes on under the hood of a flash drive. Unlike hard drives in which a sector is erased and overwritten in a single step, flash drives can write data to a blank 528-byte page much faster than they can perform an erase cycle. Additionally, since each erase-control circuit would use up a fair amount of silicon, flash chips generally don't have a separate circuit for each page but instead have one per "block", where each block contains hundreds or thousands of pages. This means that every time different data is written to a sector, it will be written to a previously-blank area and the old copy marked somehow as "out-of-date". At some point, the flash will perform a "garbage-collection" cycle where it will identify a block that contains mostly out-of-date pages, copy all pages that aren't out of date from that block to another block which has space, and then erase the block. Because such operations may be very slow, some drives will attempt to, when possible, perform them when nothing else was going on; drives don't tell the computer when they perform such cleanup, because the computer generally won't care. The "gotcha" is that if the computer doesn't let the drive know that it's about to lose power, the drive will have no way of knowing when it's safe to perform such cleanup.
Note that although quality flash drives are designed to ensure that a new copy of data will always be written completely before an old copy is erased, and ensure that they can always figure out which copy of each block should be considered the most current, not all flash-drive designs are perfect. In the absence of any power-fail notification, an algorithm which is designed to be 100% proof against data loss or inconsistency would probably be at least twice as slow as one meeting looser constraints. Adding a hardware power-fail notification which would trip while there was still enough energy to complete one or two flash-write operation would reduce the time penalty, but making power-fail notifications 100% reliable can be tricky, and not all implementations are perfect.
Windows itself tells you that you don’t need to use the Safely Remove Hardware option if you use certain settings – the default settings.
Quick Removal vs. Better Performance
Windows allows you to optimize your USB device for quick removal or improved performance. By default, Windows optimizes USB devices for quick removal. You can access this setting from the device manager – open the Start menu, type Device Manager, and press Enter to launch it.
Expand the Disk drives section in the Device Manager, right-click your device, and select Properties.
Select the Policies tab in the Properties window. You’ll notice that Windows says you can disconnect your USB device safely without using the Safely Remove Hardware notification icon, so this means you can unplug your USB device without ever safely removing it, right? Not so fast.
Data Corruption Danger
The Windows dialog shown above is misleading. If you unplug your USB device while data is being written to it – for example, while you’re moving files to it or while you’re saving a file to it – this can result in data corruption. No matter which option you use, you should ensure that your USB device isn’t in-use before unplugging it – some USB sticks may have lights on them that blink while they’re being used.
However, even if the USB device doesn’t appear to be in-use, it may still be in-use. A program in the background may be writing to the drive – so data corruption could result if you unplugged the drive. If your USB stick doesn’t appear to be in-use, you can probably unplug it without any data corruption occurring – however, to be safe, it’s still a good idea to use the Safely Remove Hardware option. When you eject a device, Windows will tell you when it’s safe to remove – ensuring all programs are done with it. Write Caching
If you select the Better Performance option, Windows will cache data instead of writing it to the USB device immediately. This will improve your device’s performance – however, data corruption is much more likely to occur if you unplug the USB device without using the Safely Remove Hardware option. If caching is enabled, Windows won’t write the data to your USB device immediately – even if the data appears to have been written to the device and all file progress dialogs are closed, the data may just be cached on your system.
When you eject a device, Windows will flush the write cache to the disk, ensuring all necessary changes are made before notifying you when it’s safe to remove the drive. Ultimately, no matter which option you use, you should use the Safely Remove Hardware icon and eject your device before unplugging it. You can also right-click it in the Computer window and select Eject. Windows will tell you when it’s safe to remove the device, eliminating any changes of data corruption.
Note This advice doesn’t just apply to Windows – if you’re using Linux, you should use the Eject option in your file manager before unplugging a USB device, too. The same goes for Mac OS X.
Failing to safely remove your devices causes phantom devices to remain in Windows. This isn't usually an immediate problem, but once you've amassed a few hundred phantom devices things start to go wrong.
EDIT FOR CLARIFICATION: Phantom devices are, in short, devices that have drivers installed but are no longer connected to the USB port. Windows keeps track of devices that have been installed, but because the devices hasn't been "safely removed" the driver is still loaded for that USB port. This can cause a variety of problems ranging from assigning a new drive letter when you plug in your flash drive to causing video games to detect controllers that aren't there. When you safely remove a device from Windows you're not just making sure it isn't writing data anymore, you're telling Windows to unload the driver from that USB port. Unplugging your drive on the fly not only risks data corruption, but also risks creating a phantom device that Windows doesn't really handle well.
By default, Windows doesn't show phantom devices in Device Manager, which is why most people are unfamiliar with the concept. To find these devices manually run Command Prompt as an Administrator and enter set devmgr_show_nonpresent_devices=1
. This will allow Device Manager to show the phantom devices for the current session.
It is quite possible that there are many too many phantom devices to easily remove them all by hand. GhostBuster is a lightweight GUI designed to easily display and remove phantom devices.
Reference: https://windowssecrets.com/newsletter/how-to-prevent-and-remove-phantom-devices/