Safely accessing an unknown USB drive in Ubuntu/Linux?

On Linux, you can connect any USB device without mounting it. This means no data are either read from or written to the device except for the device identification data.

If you configure the system not to mount connected devices automatically, you will be able to run a dd command and wipe the first 1 MB of data on the device. This way, you will erase all vital information needed for the data on that device to be read and you will create an unreadable brand new unformatted device. The downside of this procedure is that you will never find out whether there are actually any files on the device before you erase that data.

If I were you, I would map a USB port to a virtual machine on Virtualbox for example and read the contents of the stick using that vm. Even if the vm gets infected, you can just delete it. You can run the dd command from the vm too if you want.

sudo dd if=/dev/zero of=/dev/sdX bs=1024 count=1

X is the letter assigned to the USB device.

A live-only Ubuntu or other linux operating system might be infected while running, but nothing will be saved (unless you save something manually to another drive). A live-only system will be untouched after shutdown or reboot.

1. You can boot the computer from a live-only drive (or a virtual machine from an iso file).

2. Check and maybe save the content with standard tools.

3. After checking (and maybe saving), you can wipe the first megabyte (actually mibibyte) with dd if you know what you are doing and are brave.

   sudo dd if=/dev/zero of=/dev/sdX bs=1024 count=1024
   

   But dd is a dangerous tool. A small typing error is enough to wipe the family pictures.

   A safer alternative is to wipe the drive with mkusb-dus according to the following links

   help.ubuntu.com/community/mkusb

   Small 9w iso file with guidus and gparted installed

   It is also possible to restore the drive to a standard storage device automatically.