@tns1 wrote:
As a minimum, I should be able to take a pure flash storage device and plug it into a clean PC and run some program that will verify that flash device has factory firmware (or the OS could do this automatically).
If you can think of a way to do this, you’ll become a very rich man. Plenty of companies and governments would love to license that invention. I’ve been hacking Sandisk hardware for 10 years and I’m not worried that this is going to happen anytime soon though 
@tns1 wrote:
How can you design a flash stick that has some of the security features I mentioned? Take a trip back to the 90’s and understand that most firmware sat in ROM, PROM, or UV-EPROM. To change it you needed to pull chips.
This is the best you can do, and some drives do work this way with the firmware burned into the chip at the factory. Unfortunately figuring out which do is very hard, and you still don’t know that any given unit really does have unwritable ROM without opening it, since chips could easily be swapped for a batch (maliciously or otherwise).
