• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.
  • The forums have been upgraded with support for dark mode. By default it will follow the setting on your system/browser. You may override it by scrolling to the end of the page and clicking the gears icon.

NSA Hides Spying Backdoors into Hard Drive Firmware

This thread is getting way too politcal.

The fact that anyone who read the article would understand this is spyware that infects firmware, and not firmware that is loaded from the factorys would shut a lot of people up. This is almost certainly only an issue if you have been directly targeted for say, enriching uranium. No one has to worry about their porn stash. Technically speaking (as we should on tech powerup), the fact that the major brands have aparently leaked their firmware source should be more disturbing than the idea of the infection itself.
 
Last edited:
R-T-B said:
This thread is getting way too politcal.

The fact that anyone who read the article would understand this is spyware that infects firmware, and not firmware that is loaded from the factorys would shut a lot of people up. This is almost certainly only an issue if you have been directly targeted for say, enriching uranium. No one has to worry about their porn stash. Technically speaking (as we should on tech powerup), the fact that the major brands have aparently leaked their firmware source should be more disturbing than the idea of the infection itself.
Click to expand...
Sorry, I disagree. Not with the political thing, or the factory, but the rest. I think it's naive to think that the NSA would have such a tool on their hands, and not do their best to get it installed on as many drives as they could, in order to have it "just in case" that big case they're working on, or that "WMD", or whatever, stalls on them, this gives them another backdoor to get more information.
 
Ahhzz said:
Sorry, I disagree. Not with the political thing, or the factory, but the rest. I think it's naive to think that the NSA would have such a tool on their hands, and not do their best to get it installed on as many drives as they could, in order to have it "just in case" that big case they're working on, or that "WMD", or whatever, stalls on them, this gives them another backdoor to get more information.
Click to expand...

You honestly think they'd be deploying spyware to citizens of their own country just to reflash their HD?

Risk vs reward anaylsis: This would've come to light way sooner if they did that. No. They aren't that stupid.
 
R-T-B said:
You honestly think they'd be deploying spyware to citizens of their own country just to reflash their HD?

Risk vs reward anaylsis: This would've come to light way sooner if they did that. No. They aren't that stupid.
Click to expand...
I guess we'll have to agree to disagree, because I think they are that arrogant. The mass quantity of projects that the Snowden papers reveal, prove that.
 
They maybe want that, but as I said, I think we would've heard about it sooner if it were true.

We'll have to wait for a detection tool to find out for sure.
 
I have this theory that crypto currency mining is a means for the NSA to use peoples computing power, hashing, to sort all the data they take, the payout is a front to make it seem legitimate.
 
Caring1 said:
I have this conspiracy theory that crypto currency mining is a means for the NSA to use peoples computing power, hashing, to sort all the data they take, the payout is a front to make it seem legitimate.
Click to expand...
:p
 
Caring1 said:
I have this theory that crypto currency mining is a means for the NSA to use peoples computing power, hashing, to sort all the data they take, the payout is a front to make it seem legitimate.
Click to expand...

Considering all cryptos are based on open source code and hash systems, really unlikely.

The blockchain does hold some interesting data when anaylzed. None of it is anything other than a mild curiosity however.
 
Aquinus said:
So let me ask you all this. What does it matter if the firmware has a "backdoor" when any device attached to the drive has full access to its contents. Considering the firmware can't do any communication outside of the hard drive itself, it's safe to assume that this doesn't enable anyone to simply read data. From a development and hardware perspective, I really think is another example of how people let stupid ideas run a muck. Firmware can't even edit main memory, forget sending data over a network to tell the NSA something.

Any fear in this is dumb because it's probably a simple a hard drive feature that some paranoid lunatic fancies as a NSA conspiracy. I suspect that most people need to calm down and need to understand how things work before getting their panties in a bunch about something that doesn't even give anyone access to the computer itself. To call this a "backdoor" is laughable to say the least and from a security standpoint doesn't concern me in any way, shape, or form.

It honestly saddens me that this even made it to TPU. What the hell is this, FOX News?
Click to expand...

https://securelist.com/files/2015/02/Equation_group_questions_and_answers.pdf, I've posted this before but I dunno if anyone noticed.

Yes, focusing only on the HDD firmware stuff is scaremongering (LOL), but the entirety of the thing is very interesting. I can't understand why anyone wouln't be interested, this is James Bond stuff!
 
R-T-B said:
It also could infect a BIOS based MBR by simply intercepting MBR calls, similar to old floppy disk viruses, and reload itself via this means as a bootkit of sorts.
Click to expand...

Yeah, this occurted to me later. Depending on cleverness, it could replace the MBR or an entire DLL if sufficiently clever.
 
Kaspersky says it found PCs in 30 countries with one or more of the spying programs, with the most infections seen in Iran, followed by Russia, Pakistan, Afghanistan, China, Mali, Syria, Yemen and Algeria.
Click to expand...
It would be universal if Seagate/Western Digital knew about it. More likely, NSA acquired the firmware code from them (knowingly or not), injected the backdoor into it, and used an exploit to gain access to the system and change the firmware. They can then remove the obvious malware and do the rest subversively.

All of those countries on the list are of particular CIA/NSA interest. North Korea would probably be on the list too but they don't use Kaspersky.


R-T-B said:
Technically speaking (as we should on tech powerup), the fact that the major brands have aparently leaked their firmware source should be more disturbing than the idea of the infection itself.
Click to expand...
I highly doubt it was deliberate. If Seagate/Western Digital knew what the NSA was up to, they'd sue the NSA for IP theft and most likely win.


Remember: the NSA successfully sabotaged Iran's centrifuges; 'nuff said.
 
Last edited:
of interest is to say the least.. despite what conspiracy theorist would have you think the cia and nsa are mostly good people that save lives of innocent people.
just like any police station.. there is probably at least one cop that you could call dirty but when it comes down to it that cop would save your life from a real criminal.
I'm a united states citizen and I love my country and thank god I dont live in russia or the middle east. I cant count on all my finger and toes all the people in my family alone that have served in the military and worked for various government organizations. I would be in the military myself but I cant because I have crohns disease.

what is new about this? nothing at all.. they do what they do and you have nothing to worry about if your not breaking laws.
if countries want to scared about american made technology and not buy it so what.. no awesome Intel cpu's for you then.
we could use our industry and jobs back anyway... some of the stuff we get from other parts of the world is serious crap that we dont need at all.

yup load up the manufacturing lines with the lowest quality stuff we got since this order is going to the united states even though they will come in guns blazing for us if we ever ask for help.
 
"Laws." CIA and NSA both specialize in foreign intelligence where the only "law" is "don't get caught." What they're doing was rubber stamped by a court that shouldn't even exist. NSA chief was even caught lying to the legislature, under oath, which authors laws. Nothing came of it. NSA especially operates above the law which is why Snowden felt morally obligated to expose some of the questionable programs.

Let me paraphrase: "you have nothing to worry about if" if you're an obedient government pawn. Step out of line and they know more about you than you know about yourself. Information is power.
 
And even if you got nothing to hide, if you become a threat, they'll make something up about you and pass it off as fact that they can't validate due to "national security"

It's a scary world we live in and people saying things like "if you've got nothing to hide, why worry?" really need to think about what they are endorsing.

But now *I* am getting too political... :P
 
xfia said:
despite what conspiracy theorist would have you think the cia and nsa are mostly good people that save lives of innocent people...you have nothing to worry about if your not breaking law.
Click to expand...

No one is worried about *them*. The problem is that the are accumulating information that will be incredibly dangerous in the wrong hands. Those are the guys I don't trust.

Believe it or not nearly everyone thinks they are doing good. Doesn't matter what it is. And the propaganda apparently works great to divide people along ideological lines that make no sense. How do you think the Nazis came to being, and every other similar regime? Atrocities are committed by "good" people just doing their job and following the herd. It's easy to believe it's right and good when most everyone around you is doing the same thing. Demonize a group and then pile on. And the few who protest are traitors, cowards, terrorists. Which makes it that much easier to decide to go along. Not many are willing to risk their lives for a principal... particularly when doing so would be futile.

None of the totalitarian regimes in the past had anything like the kind of information the NSA is accumulating. Add to that the drone and robotic advances that will soon make it easy for a handful of people under the auspices of the government to wield incredible power over a large population.

The guys who founded this country were well aware of the dangers of power. This is power like the world has never seen before and should be illegal according to our constitution... but for some reason it's allowed.
 
I know what you guys are saying and I cant even really disagree but what is just as real is fear and what it does to you and those around you
there is a campaign of fear and it will render us all weak and powerless if we let it

if you like rock music and some food for thought.. tool showed me many things about what we all really are
 
xfia said:
there is a campaign of fear and it will render us all weak and powerless if we let it
Click to expand...

Sounds like you are in denial. As in "I don't want to be bothered by this, so I'm going to pretend everything is ok".

Fear is exactly how this whole thing is sold. Be very afraid of what the "terrorists" will do. Save us Big Brother! We have nothing to hide... we trust you... we *love* you!
 
Soooo Kapersky Antivirus: yay or nay?
 
Norton, still the resource hog or it got better? Don't think so... :D
 
Prima.Vera said:
Norton, still the resource hog or it got better? Don't think so... :D
Click to expand...

It did get better. That doesn't mean it's good. Kinda like upgrading from shit to urine, both stink one is just easier to cleanup.
 
Fx said:
This is in violation of the US Constitution which is the supreme law.

Thank you for this profound post. The NSA is out of control and information exposing its practices is always welcome.
Click to expand...

From what has been said the infected drives are in foreign countries in use by non US citizens. No constitutional protection then.
 
Prima.Vera said:
Norton, still the resource hog or it got better? Don't think so... :D
Click to expand...
It did get better, and is often on sale, so many of our clients use it. However, no single point of protection is effective today, much less guaranteed. Grab the A/V of your choice (NIS/Mcaffe/Vipre/KAV/etc) and add a subscription to MBAM. I think they've run out of lifetime licenses, but even so, a good investment, I think.
 
FordGT90Concept said:
NSA especially operates above the law which is why Snowden felt morally obligated to expose some of the questionable programs.
Click to expand...
Snowden? Rats out the US govt. because he's all concerned with rights and freedom. Then runs to Russia and hangs with his bud Putin because he's a defender of freedom and justice. lol Snowden is a bloody traitor! He sold out to the Russians. Why is it so hard to connect the dots? There's only 2 dots. He steals top secret info and goes to Russia. The righteous indignation was nothing more than a smoke screen to cover up he's a spy and a traitor.
 
Relayer said:
Snowden? Rats out the US govt. because he's all concerned with rights and freedom. Then runs to Russia and hangs with his bud Putin because he's a defender of freedom and justice. lol Snowden is a bloody traitor! He sold out to the Russians. Why is it so hard to connect the dots? There's only 2 dots. He steals top secret info and goes to Russia. The righteous indignation was nothing more than a smoke screen to cover up he's a spy and a traitor.
Click to expand...
.......

yeah.... the NSA is all above-board...
https://firstlook.org/theintercept/2015/02/19/great-sim-heist/
 

Attachments

  • search.jpg
    search.jpg
    3.3 KB · Views: 518
You must log in or register to reply here.
Back
Top