Pages:
Author

Topic: NSA hid spying software in hard drive firmware (Read 6153 times)

sr. member
Activity: 381
Merit: 251
February 21, 2015, 10:45:08 PM
#69
how to wipe it out of the firmware ?
full member
Activity: 182
Merit: 123
"PLEASE SCULPT YOUR SHIT BEFORE THROWING. Thank U"

we all know that all the us media serve the actual admin, as such this admin as attacked repeatedly the nsa, q: in which camp is the NSA? that would be insane China+Japan+Russia+NSA vs the rest... lol. I love asymmetrical warfare Grin.

but it would a pleasure be to see the nsa stay in the other camp, as I told what ever, any ways.

edit: my sincere apologize to all the Russian Services assuring the protection of eddy the rogue. the nsa is fully in bed with the masson to enslave the world. they haven't show me a single proof of their will to work for a more peaceful world. let's hash them. one day their algos, when they will reach consciousness will kill them all anyway. traitors, like the rest of the usmiic. fuck you all. never have helped, only enslaved, or faked it to try to manipulate, but against the path it was futile since the beginning.

Long live those that assure a secure Russian Federation against those subhumans, be aware, they are as vicious as it can be made by humans, ie nothing dangerous for the FALLEN ONES, our toy boys, sold souls so easy to play with.

legendary
Activity: 3108
Merit: 1359
Scary. But i wonder how this is possible since each hard disk manufacturer had their own proprietary hard drives' source code which mean they have to gain access one by one to insert the program.

They dump, reverse analyse and patch it , NSA have the so far the best reverse/hacker, they do not need source !


Ahaha, it was expectable that real maidummie should be a lamer as well.

You'll be surprised but I don't need a source to add new section into executable module. Nobody needs that.

Now you're free to continue coal transportation... C'mon, is there any limit for your dumbness? I've lost count of absurd statements which you did. Cheesy Cheesy
full member
Activity: 182
Merit: 123
"PLEASE SCULPT YOUR SHIT BEFORE THROWING. Thank U"
lol... soon we can expect new sanctions on Kaspersky Lab from both the United States and the European Union. Most probably, they will put Eugene Kaspersky in the blacklist as well.  Grin

I like your sense of humors Cheesy, but if mr Kaspersky shares is daughter it will be good as it never happened Cheesy.
legendary
Activity: 3766
Merit: 1217
lol... soon we can expect new sanctions on Kaspersky Lab from both the United States and the European Union. Most probably, they will put Eugene Kaspersky in the blacklist as well.  Grin
full member
Activity: 182
Merit: 123
"PLEASE SCULPT YOUR SHIT BEFORE THROWING. Thank U"
Scary. But i wonder how this is possible since each hard disk manufacturer had their own proprietary hard drives' source code which mean they have to gain access one by one to insert the program.

They dump, reverse analyse and patch it , NSA have the so far the best reverse/hacker, they do not need source !



bahh bahh... nice words... not paid?
AGD
legendary
Activity: 2070
Merit: 1164
Keeper of the Private Key
The US has control of the internet, communications satellites, and everything else we use to communicate electronically

Even more: most, if not all of the high end technology and cryptography, hard- and software is controlled by the US. Not because the US scientists are inventing more than ones from other countries, but because for centuries they were smart in detecting new promising technology and inventions worldwide. They took things serious, when all the other countries were sleeping. Who visited Gavin Andresen, because they wanted to know about this "Bitcoins"? Russians? Chinese? Germany? No! It was the US. If there is something new, they will want to know about it. If it is either helpful or a thread for the national security, they will take it over with the necessary force.
legendary
Activity: 1110
Merit: 1000
Scary. But i wonder how this is possible since each hard disk manufacturer had their own proprietary hard drives' source code which mean they have to gain access one by one to insert the program.

They dump, reverse analyse and patch it , NSA have the so far the best reverse/hacker, they do not need source !

hero member
Activity: 994
Merit: 500
The US has control of the internet, communications satellites, and everything else we use to communicate electronically
sr. member
Activity: 364
Merit: 250
It might be worth mentioning that the story, at least at this point, is that the altered hard drive firmware is not being installed on drives before they leave the factory.  The story is that the altered firmware is later installed on targeted computers, sometimes by individually-prepared installation CDs, and sometimes by NSAs Office of Tailored Access Operations.  

During the middle part of the last decade, the special unit (TAO) succeeded in gaining access to 258 targets in 89 countries -- nearly everywhere in the world. In 2010, it conducted 279 operations worldwide.

According to details in Washington's current budget plan for the US intelligence services, around 85,000 computers worldwide are projected to be infiltrated by the NSA specialists by the end of this year. By far the majority of these "implants" are conducted by TAO teams via the Internet.
http://www.spiegel.de/international/world/the-nsa-uses-powerful-toolbox-in-effort-to-spy-on-global-networks-a-940969-druck.html

That changes the scale of the whole story quite drastically. Media love to alarm people as they will gladly read such stories. There is of course an immediate question popping up: what if someone used that kind of weapon against the 'average Joe' and for what reason?
I wouldn't be surprised if the 'average person' were targeted by some program similar to this. They already are targeted by a number of other NSA spying programs so I don't see why this would be any different
full member
Activity: 182
Merit: 123
"PLEASE SCULPT YOUR SHIT BEFORE THROWING. Thank U"

If somebody would work with secret data while his system doesn't match those requirements, he'll get few years in the jail for simply doing that. Roll Eyes


I hope so, otherwise it would allow a plausible deniability way for the traitors... and who does want to see the Motherland fall in the Hands of the controllers of America (biden, his son, or the worst they hide under praise and glory).
legendary
Activity: 3108
Merit: 1359
The U.S. National Security Agency has figured out how to hide spying software deep within hard drives made by Western Digital, Seagate, Toshiba and other top manufacturers, giving the agency the means to eavesdrop on the majority of the world's computers, according to cyber researchers and former operatives.

STORY: http://www.cbc.ca/news/technology/nsa-hid-spying-software-in-hard-drive-firmware-report-says-1.2959252

KASPERSKY super technical PDF REPORT: http://25zbkz3k00wn2tp5092n6di7b5k.wpengine.netdna-cdn.com/files/2015/02/Equation_group_questions_and_answers.pdf


Kaspersky said it found personal computers in 30 countries infected with one or more of the spying programs, with the most infections seen in Iran, followed by Russia, Pakistan, Afghanistan, China, Mali, Syria, Yemen and Algeria. (Kaspersky Lab/Reuters)
This feature will be helpful only if it's targeted against the regular user, because any government has a special policy for ssecret/private information. If we're talking about Russia then there are serious requirements to hardware and software if you wish to work with sensitive data, such as secret documentation. Here are some of those requirements:

  • FSB approved SATA/SAS controller with runtime encryption and separate flash memory for the boot loader, kernel image and device drivers. 1;
  • Approved operation system2;
  • All system modules should be digitally signed, it's prohibited to execute any unsigned software;
  • Isolated network or no networking at all;
  • Mandatory access control (MAC) for file system and database records.

If somebody would work with secret data while his system doesn't match those requirements, he'll get few years in the jail for simply doing that. Roll Eyes

1. I.e. so-called APMDZ aka "hardware-software module for trusted boot", our company provides Maxim-M1 for that purpose.
2. Current preference is our debian-based Linux distro, AstraLinux SE. It's currently used by the most of government institutions to work with sensitive data.
full member
Activity: 182
Merit: 123
"PLEASE SCULPT YOUR SHIT BEFORE THROWING. Thank U"
That changes the scale of the whole story quite drastically. Media love to alarm people as they will gladly read such stories. There is of course an immediate question popping up: what if someone used that kind of weapon against the 'average Joe' and for what reason?
ukie boy they fucking don't care of average joe, they want his wife and his daughter... the rest is pure BS, they are primates.
BitMos, just read my post again. I wrote that such story sells very well in the media, as people tend to think 'what if they used it against my computer?' Of course they don't care about the average Joe like you or me (as of today), but who knows if one day you become important guy, you may want to check your hard drive.

that's why PLAoC and Russia have no others choices... I know that for American controllers every girls born on earth is a future hole they will fuck (they are worth it remember, they are the chosen ones)... And what do you think the Germans think about a foreign nations having access to all the data of their Nation? ahaha... amerikis, betrayal&deceit incorporated.
uki
legendary
Activity: 1358
Merit: 1000
cryptojunk bag holder
That changes the scale of the whole story quite drastically. Media love to alarm people as they will gladly read such stories. There is of course an immediate question popping up: what if someone used that kind of weapon against the 'average Joe' and for what reason?
ukie boy they fucking don't care of average joe, they want his wife and his daughter... the rest is pure BS, they are primates.
BitMos, just read my post again. I wrote that such story sells very well in the media, as people tend to think 'what if they used it against my computer?' Of course they don't care about the average Joe like you or me (as of today), but who knows if one day you become important guy, you may want to check your hard drive.
full member
Activity: 182
Merit: 123
"PLEASE SCULPT YOUR SHIT BEFORE THROWING. Thank U"
It might be worth mentioning that the story, at least at this point, is that the altered hard drive firmware is not being installed on drives before they leave the factory.  The story is that the altered firmware is later installed on targeted computers, sometimes by individually-prepared installation CDs, and sometimes by NSAs Office of Tailored Access Operations.  

During the middle part of the last decade, the special unit (TAO) succeeded in gaining access to 258 targets in 89 countries -- nearly everywhere in the world. In 2010, it conducted 279 operations worldwide.

According to details in Washington's current budget plan for the US intelligence services, around 85,000 computers worldwide are projected to be infiltrated by the NSA specialists by the end of this year. By far the majority of these "implants" are conducted by TAO teams via the Internet.
http://www.spiegel.de/international/world/the-nsa-uses-powerful-toolbox-in-effort-to-spy-on-global-networks-a-940969-druck.html

That changes the scale of the whole story quite drastically. Media love to alarm people as they will gladly read such stories. There is of course an immediate question popping up: what if someone used that kind of weapon against the 'average Joe' and for what reason?

ukie boy they fucking don't care of average joe, they want his wife and his daughter... the rest is pure BS, they are primates.
uki
legendary
Activity: 1358
Merit: 1000
cryptojunk bag holder
It might be worth mentioning that the story, at least at this point, is that the altered hard drive firmware is not being installed on drives before they leave the factory.  The story is that the altered firmware is later installed on targeted computers, sometimes by individually-prepared installation CDs, and sometimes by NSAs Office of Tailored Access Operations.  

During the middle part of the last decade, the special unit (TAO) succeeded in gaining access to 258 targets in 89 countries -- nearly everywhere in the world. In 2010, it conducted 279 operations worldwide.

According to details in Washington's current budget plan for the US intelligence services, around 85,000 computers worldwide are projected to be infiltrated by the NSA specialists by the end of this year. By far the majority of these "implants" are conducted by TAO teams via the Internet.
http://www.spiegel.de/international/world/the-nsa-uses-powerful-toolbox-in-effort-to-spy-on-global-networks-a-940969-druck.html

That changes the scale of the whole story quite drastically. Media love to alarm people as they will gladly read such stories. There is of course an immediate question popping up: what if someone used that kind of weapon against the 'average Joe' and for what reason?
legendary
Activity: 905
Merit: 1000
It might be worth mentioning that the story, at least at this point, is that the altered hard drive firmware is not being installed on drives before they leave the factory.  The story is that the altered firmware is later installed on targeted computers, sometimes by individually-prepared installation CDs, and sometimes by NSAs Office of Tailored Access Operations.  

During the middle part of the last decade, the special unit (TAO) succeeded in gaining access to 258 targets in 89 countries -- nearly everywhere in the world. In 2010, it conducted 279 operations worldwide.

According to details in Washington's current budget plan for the US intelligence services, around 85,000 computers worldwide are projected to be infiltrated by the NSA specialists by the end of this year. By far the majority of these "implants" are conducted by TAO teams via the Internet.
http://www.spiegel.de/international/world/the-nsa-uses-powerful-toolbox-in-effort-to-spy-on-global-networks-a-940969-druck.html
hero member
Activity: 886
Merit: 1013
What alternatives are available?

I wish the community would be big enough to crowdfund hardware vendors Smiley


EDIT:

http://www.storagenewsletter.com/rubriques/hard-disk-drives/217-companies-hdd-since-1956/

Just get a SSD, problem solved

Reportedly SSDs are affected as well.
tss
hero member
Activity: 742
Merit: 500
CRAP!  they got me!  that's pretty slick though, hardware built in rats, glad it's public now. 

how do i check if my drives are affected?
Pages:
Jump to: