Spying software embedded inside all hard drive manufacturer's drives

ZENemy said:
" when people have endured many abuses for a long time, it is their duty to overthrow the government and set up a better one."


We are way past this point, this is just more evidence. Lets take all of these cases and stand together, refuse to pay and use this as our reasoning. The gov is completely gone and we cannot get it back with "the right guy in place"
Click to expand...

This one speaks the truth.
 
ZENemy said:
" when people have endured many abuses for a long time, it is their duty to overthrow the government and set up a better one."


We are way past this point, this is just more evidence. Lets take all of these cases and stand together, refuse to pay and use this as our reasoning. The gov is completely gone and we cannot get it back with "the right guy in place"
Click to expand...

YESSS!

I think concentrating in a small town or county would be an effective way to get this overthrow going.
 
helmuth_hubener said:
YESSS!

I think concentrating in a small town or county would be an effective way to get this overthrow going.
Click to expand...

Sounds like a good way to get drone striked. There is no way I'm completely isolating myself with like-minded folk. All it would take is for one person to snap, and that's the end of it.
 
CPUd said:
Yeah, I always crush the platters when I'm done with a disk. Also, there is at least 1 EEPROM on the circuit board I pull off.

This applies to electronics in general. Especially cordless phones, cause your call history is stored in these:

jY5AVk5.jpg
Click to expand...


An EPROM usually must be removed from the device for erasing and programming, whereas EEPROMs can be programmed. Why wouldn't the industry use EPROMS (that cannot be erased) for firmware?

This is a really stupid question (sorry), but if you do a chkdsk and you have no bad sectors, would that prove you are not infected with the malware?
 
charrob said:
An EPROM usually must be removed from the device for erasing and programming, whereas EEPROMs can be programmed. Why wouldn't the industry use EPROMS (that cannot be erased) for firmware?

This is a really stupid question (sorry), but if you do a chkdsk and you have no bad sectors, would that prove you are not infected with the malware?
Click to expand...

No, chkdsk has no idea what kind of programs your hard drive has, at best, whether the data is readable and useable. Chcdsk is not a malware detection program
 
Guess the safest method would be a live cd, and boot like that I suppose, and then use a usb stick (If those aren't compromised as well) for storage. Behind 5 firewalls, and 10 proxies, using encryption, and write your messages in a code you and the receiver created for typing messages.

Not to hard.
 
  • Like
Reactions: PRB
RonPaulIsGreat said:
Guess the safest method would be a live cd, and boot like that I suppose, and then use a usb stick (If those aren't compromised as well) for storage. Behind 5 firewalls, and 10 proxies, using encryption, and write your messages in a code you and the receiver created for typing messages.

Not to hard.
Click to expand...

Yeah, been there, it only adds about $100 to your electric bill and slows your internet speed down to dial up. Sure as hell beats living in a cave or Amish off the grid.
 
PRB said:
No, chkdsk has no idea what kind of programs your hard drive has, at best, whether the data is readable and useable. Chcdsk is not a malware detection program
Click to expand...

I don't understand. tangent4ronpaul wrote that: The malicious firmware created a secret storage vault [on your harddrive]. cpu'd wrote that: the secret storage vault would be incorrectly labelled a bad sector by the software because it was unable to read or write to it.

So if the firmware creates what the OS thinks is a bad sector, and chkdsk checks for bad sectors, why wouldn't a successful running of chkdsk (that shows you have no bad sectors) prove your firmware is not infected by this malware?
 
charrob said:
I don't understand. tangent4ronpaul wrote that: The malicious firmware created a secret storage vault [on your harddrive]. cpu'd wrote that: the secret storage vault would be incorrectly labelled a bad sector by the software because it was unable to read or write to it.

So if the firmware creates what the OS thinks is a bad sector, and chkdsk checks for bad sectors, why wouldn't a successful running of chkdsk (that shows you have no bad sectors) prove your firmware is not infected by this malware?
Click to expand...

Ok, so you have some context, let me explain.

Lack of evidence is not evidence of lacking.

This may be true for THIS particular malware that creates bad sectors, so yes, chkdsk may be helpful to detect THIS malware, but not likely any other malware that doesn't create secret vaults or bad sectors. My guess is that, chkdsk is so rarely done these days they count on people not catching them, and it's almost never used for malware detection. So yes, you're right, sorry I misunderstood your question.
 
I don't have the knowledge and I'm too old to acquire it, but if I ever have the money, I'm going to launch a computer engineering academy for libertarians to dismantle/neutralize as much of this stuff as possible, at least on personal devices.
 
limequat said:
The report says that the NSA used this to spy on countries like Iran and China, especially government officials and diplomats.
I don't think we can say conclusively that they are using this within the US.

Take a cue from Ed Snowden: Always use an airgapped (offline) computer for sensitive stuff. It doesn't matter what spyware is on it...if it's not connected to a network, nobody can get to it.
Click to expand...

I wouldn't be so sure about that airgapped computer...

http://arstechnica.com/security/201...erious-mac-and-pc-malware-that-jumps-airgaps/
 
willwash said:
I don't have the knowledge and I'm too old to acquire it, but if I ever have the money, I'm going to launch a computer engineering academy for libertarians to dismantle/neutralize as much of this stuff as possible, at least on personal devices.
Click to expand...

that's pretty much what bitcoin and cryptoanarchy is about.
 
willwash said:
I don't have the knowledge and I'm too old to acquire it, but if I ever have the money, I'm going to launch a computer engineering academy for libertarians to dismantle/neutralize as much of this stuff as possible, at least on personal devices.
Click to expand...

If its connected to the interwebs, it's compromised. That's all your academy needs to teach! And hammers; big hammers and how to swing!
 
PRB said:
Ok, so you have some context, let me explain.

Lack of evidence is not evidence of lacking.

This may be true for THIS particular malware that creates bad sectors, so yes, chkdsk may be helpful to detect THIS malware, but not likely any other malware that doesn't create secret vaults or bad sectors. My guess is that, chkdsk is so rarely done these days they count on people not catching them, and it's almost never used for malware detection. So yes, you're right, sorry I misunderstood your question.
Click to expand...

Thanks.

So malware affecting your OS can be detected and fixed by anti-virus software. Malware affecting your drivers should be able to be detected and fixed by anti-virus software (and if not, easily downloaded from the vendor's website). But anti-virus software doesn't look at firmware I guess. And that's where the problem is? And if true, what would be the disadvantage of using nonprogrammable eproms for their firmware as a solution to stop malware from infecting firmware?
 
charrob said:
Thanks.

So malware affecting your OS can be detected and fixed by anti-virus software. Malware affecting your drivers should be able to be detected and fixed by anti-virus software (and if not, easily downloaded from the vendor's website). But anti-virus software doesn't look at firmware I guess. And that's where the problem is? And if true, what would be the disadvantage of using nonprogrammable eproms for their firmware as a solution to stop malware from infecting firmware?
Click to expand...

Actually, good question, I don't know if anti-virus software looks at firmware
 
....wondering if the timing of this HDD spying release is related to Obama's executive order on 'cybersecurity information sharing'.

http://www.nbcnews.com/tech/securit...der-cybersecurity-information-sharing-n305796

Obama closed the speech by signing the executive order, which the White House previewed in a briefing to reporters on Thursday. The order is a "framework," the White House said, that aims to:

Push for the development of "Information Sharing and Analysis Organizations," (ISAOs), that will serve as the central point for collaboration between private and federal entities
Develop standards for those ISAOs
Clarify the Department of Homeland Security's authority to work with ISAOs
Streamline the access private companies have to classified cyber-threat information
Ensure that information sharing will include strong protections for privacy and civil liberties

The Obama administration has steadily ratcheted up its focus on cybersecurity over the past year. On Tuesday, the White House announced the creation of a Cyber Threat Intelligence Integration Center that will collect threat information and disseminate analysis.
Click to expand...
 
brandon said:
Fascinating stuff. I only started reading it but it seems like Kapersky just released a shit load of info on a variety of different malware exploits from some ultra sophisticated attack group they dubbed "Equation group." They didn't come out and say it, but strongly implied that the equation group is the NSA. Hopefully further Snowden leaks will corroborate this.
Click to expand...

Kaspersky being located in Russia, leads me to ponder if perhaps Snowden helped them discover some of this information/gave them some hints as to what to look for....
 
devil21 said:
....wondering if the timing of this HDD spying release is related to Obama's executive order on 'cybersecurity information sharing'.

http://www.nbcnews.com/tech/securit...der-cybersecurity-information-sharing-n305796
Click to expand...

It slightly misses the mark. TPTB do not care if a law exists or not to justify their actions. They pass laws after the fact. The laws they pass are merely an illusion that TPTB can be reigned in with Rules and Laws. They can not. They will do exactly as they wish, regardless if it violates any Rights or Laws, but the one thing they are not ready to violate yet is the existence of the Illusions they cast.
 
You must log in or register to reply here.

Similar threads

E
Israeli spyware used to target phones of journalists and activists
Replies
17
Views
3K
NorthCarolinaLiberty
NorthCarolinaLiberty
Brian4Liberty
Nghia Hoang Pho, former NSA employee, pleads guilty to retaining top-secret intelligence
Replies
2
Views
434
Swordsmyth
Swordsmyth
Marenco
Social Media and Social Control: How Silicon Valley Serves the US State Department
Replies
0
Views
4K
Marenco
Marenco
PAF
RPI - CrowdStrikeOut: Mueller’s Own Report Undercuts Its Core Russia-Meddling Claims
Replies
0
Views
258
PAF
PAF
timosman
Acid flashback: CIA’s mind-control experiment reverberates 40 years after hearings
Replies
7
Views
904
Working Poor
Working Poor
Back
Top