the rum soaked fist: internal martial arts forum

[windwalker]

It is not clear how the NSA may have obtained the hard drives' source code. Western Digital spokesman Steve Shattuck said the company "has not provided its source code to government agencies." The other hard drive makers would not say if they had shared their source code with the NSA.

https://www.yahoo.com/tech/s/russian-re ... ector.html

what we can do or did others can also

Concerns about access to source code flared after a series of high-profile cyberattacks on Google Inc and other U.S. companies in 2009 that were blamed on China. Investigators have said they found evidence that the hackers gained access to source code from several big U.S. tech and defense companies.

[Dmitri]

Holy crap!! "Obtaining" the code is one thing; what I can't understand is how the hell did they manage to have the infected code physically end up on the actual hard drives?!

[Steve James]

I certainly believe that they (NSA +about 14 other intel agencies) would want to do this and do it. Look at the countries involved

with the most infections seen in Iran, followed by Russia, Pakistan, Afghanistan, China, Mali, Syria, Yemen and Algeria.

It's called spying Of course, people will want to make sure they're not spied on; so, there'll be a few denials and explanations. But, don't believe that that tv, radio, electronic device made in China is squeaky clean. If their intel techs ain't working on it, they're not doing their jobs.

[Steve James]

Drives have to have i/o in order to read and write. The drive has to know where the free spaces on the disk are, so there is a table that it uses. If the drive is formatted, the table is written and you generally can't touch it. So, if they send out formatted drives, I guess the code could be hidden in the formatting.

Anyway, I didn't finish the whole article, but if this is like STUXNET, then the purpose is to execute a command (at a certain time or under specific circumstances). For ex., allow someone to make the gauges in a nuke reactor show that there is enough water covering the fuel core even when there isn't.

[aamc]

Hmm, I'd like to hear how it works. Different OS's use different types of file systems, does it work on all file systems. On secure systems you have encrypted drives, how does it work with those? How does it install itself and then route to the outside world? Otherwise, what would be the point? I wait to hear the explanations?

[aamc]

Take it back. I don't know enough about the firmware code and how it functions. Still I'm doubtful it would work on all OS

[yeniseri]

FRONTLINE had a great program on the genesis of the 'source code' infecting centrifuges at nuclear facilities in Iran. They (Kaspersky and associates!) found in the code, to wit,centrifuge model and output info then were able to isolate it within the total output and see the details of what happened to cause the failure of Iranian tests samples. This was the after action reports of the event. It was shown sometime last year (2014) on PBS

[chud]

Frontline also had a great 2-episode story called "United States of Secrets" about NSA spying.
It's available on their site to watch for free.

[windwalker]

According to Kaspersky, the spies made a technological breakthrough by figuring out how to lodge malicious software in the obscure code called firmware that launches every time a computer is turned on

https://www.yahoo.com/tech/s/russian-re ... ector.html

Kaspersky's reconstructions of the spying programs show that they could work in disk drives sold by more than a dozen companies, comprising essentially the entire market. They include Western Digital Corp, Seagate Technology Plc, Toshiba Corp, IBM, Micron Technology Inc and Samsung Electronics Co Ltd.

Linux, might be able to do something about this since it comes loaded with the drivers in the kernel. "as I understand it"
disclose er: use win 8 at this time, but really like the linux OS's.

[windwalker]

Kaspersky released the technical details of his research on Monday, which should help infected institutions recognize the spying programs, some of which trace back to 2001.

The revelations could further hurt the NSA’s surveillance capabilities, already damaged by massive leaks by former contractor Edward Snowden. Snowden’s revelations have hurt U.S. relations with some allies and slows down the sale of U.S. technology products abroad.

The release of these new spy tools, which could lead to greater backlash against the Western technology, especially in countries like China, which is already developing rules that would require the most bank-technology supplier to proffer copies of their software code for the inspection.

According to Kaspersky, the spies from a technological breakthrough by figuring out how to lodge malicious software dark code called firmware, starts every time, when a computer is turned on. Hard drive firmware is seen by spies and cybersecurity experts as the second-most valuable real estate on the PC for hackers, second only to the BIOS code is automatically invoked, such as a computer boots up.

“The hardware will be able to infect the computer, over and over,” run Kaspersky researcher Costin Raiu, said in an interview.

Although the leaders of the still active espionage campaign have taken control of thousands of PCs, giving them the opportunity to steal files or listen to, what they wanted, the spies were selectively and only established full remote control of the machines are the most popular foreign destinations, after Raiu. He said Kaspersky only found a couple of particularly high quality computers with the hard-drive-infections.

Kaspersky reconstructions of the spying programs show that they could work hard disks sold more than a dozen companies, consisting essentially of the entire market. They belong to Western Digital Corp., Seagate Technology Plc, Toshiba Corp., IBM, Micron Technology Inc and Samsung Electronics Co Ltd

Western Digital, Seagate and Micron said they had no knowledge of these spying programs. Toshiba and Samsung declined to comment. IBM does not respond to requests for comment

http://market-robots.com/blog/2015/02/1 ... m-reuters/

wow

[Dmitri]

I guess the code could be hidden in the formatting

I would think it's in the controllers' ROM, which is where the "firmware" resides AFAIK.

Technical details are of somewhat less interest to me than the logistics of actually delivering the malicious code to the hardware. THAT'S the part I don't get. They would have to either hook it in during manufacturing process, or hack into the "firmware upgrade" processes. Both of which requires very tight integration with the companies mentioned, and that's a HUGE deal IMHO. That would mean that NSA is directly involved in the process of manufacturing and/or update process for those companies' related departments. My brain is refusing to embrace/accept that idea.

[Steve James]

Right, the rom chip, but who manufactures them? If it were me, I agree that it would be in a firmware upgrade.

But, it all dependd on its purpose. Is it a trojan, an exploit that allows someone to take control, a worm to infect/corrupt data, a data miner, etc.

As you say, if it's the chip, and the companies use the same or similar, it wouldn't be impossible to code them with something malicious. But, we will probably find out whether all the major manufacturers cooperated with the NSA or were hacked.

It would also be interesting to know how they know it was the NSA.

[Steve James]

If you bought a Lenovo pc or laptop in the last year, read this.
http://www.pcworld.com/article/2886278/ ... k.nl_today

[windwalker]

If you bought a Lenovo pc or laptop in the last year, read this.
http://www.pcworld.com/article/2886278/ ... k.nl_today

good catch

I think some of the same complaints could be made against google, apple ect.
one of the reasons I try not to buy phones while in China.
cant be sure of whats loaded on them.

China Wants To Replace Microsoft, Apple, And Android Software By October

Read more: http://www.businessinsider.com/china-wa ... z3SFhBXfag

Who knows, linux may have a chance yet.

[windwalker]

Right, the rom chip, but who manufactures them? If it were me, I agree that it would be in a firmware upgrade.

But, it all dependd on its purpose. Is it a trojan, an exploit that allows someone to take control, a worm to infect/corrupt data, a data miner, etc.

As you say, if it's the chip, and the companies use the same or similar, it wouldn't be impossible to code them with something malicious. But, we will probably find out whether all the major manufacturers cooperated with the NSA or were hacked.

It would also be interesting to know how they know it was the NSA.

The US National Security Agency (NSA) and Great Britain’s Government Communications Headquarters (GCHQ) hacked into the world's largest SIM card manufacturer, stealing encryption information, according to documents released by whistle-blower Edward Snowden and reported by The Intercept Thursday.

This gave the agencies the ability to secretly monitor a large portion of the world’s cellular communications, including both voice and data, according to The Intercept report, “The Great SIM heist.”

This latest revelation comes on the heels of a new report by Russian research firm Kaspersky Lab, which says the US has found a way to hide spyware in almost any hard drive built by the world’s top computer manufacturers.

https://www.yahoo.com/tech/s/edward-sno ... 13766.html

ya just never know