Modern hard drives have backdoored firmware

It's like you want the iljewminati to break into your house and kill your dog.

...

So, does this matter for external or secondary drives? Of course, if your boot drive is fucked, it can then access your other drives, but ignore that for now (I.e. would you just have to replace your boot drive?)

Any SATA drive not done over USB2 can DMA any of your memory and fuck with it

I believe that answers that, yes, if the boot drive is fucked, the rest is as well. However, if I replace just the boot drive, will the rest be fine? (is the malware executing dependent on it being on the boot drive?)

The NSA have two options:

Neither is pragmatic nor preferable to targeted deployment.

Any drive connected through the standard ways can DMA your memory

I'm unaware of the reason behind it. I question if most BIOSes actually do load HDD fw into system memory or not, because it sounds execessive. It could be a UEFI thing but don't quote me on this, do your own research

How much memory do you think these embedded firmwares have? The potential backdoors will be tiny holes, not whole rootkits.

You make it sound like the NSA has not been caught over and over again doing things like this.

Its not like them getting caught putting backdoors in something would be a big deal. It would make the news for a day and then be forgotten.

They literally had a optical prisms inside major ISP locations, the companies just cooperate, not like this would be any different.

Real question, how do you have all this shit (backdoors in firmware, harddrives, etc.), but still have government leaks, CP, espionage, etc.?
Shit, the second something goes to court, why wouldn't they just grab your harddrive/flashdrive and just use their backdoors to find stuff? That is to say, I don't get why there are cases where people have to force a suspect to grant access to a device when everything is backdoored already.
tl;dr if the NSA has all this shit, how are there any crimes at all?

Most drug dealers use text messages and facebook messenger. If there was a will for them to be captured they would. There is simply no will.

Only case where these things will be employed are against actors that are a threat to the state.

This isn't the same as hijacking a connection. This is Equation Group code, STUXNET tier code, written by the best of the best. You don't just dump that into every fw accross the board.

In my opinion, two reasons.
Firstly - the NSA doesn't know what to do with all this shit, most likely. What the fuck are you going to do with all this junk data clogging your systems and slowing your queries? I bet the NSA themselves wonder day-to-day why they store all the metadata for every call John T. Arminsen has made to Amazon customer support.
Secondly, they're not doing all this shit to the extremes the propaganda would have you believe. They're obviously not backdooring every CPU, or every HDD, or every x. That's insane, and it's likely really hard to actually achieve against a well prepared target. What they're doing is spreading FUD that juuuust fits in the realm of suspension of disbelief. They're downloading anything unencrypted through any server they can access, though. And they're storing encrypted data from targets of interest, too, for future reference.

The experts at Kaspersky think otherwise

If this is true, how would the NSA go about exfiltrating the data, unless every step of the route is backdoored or comprimised in some way?

Hard drives have DMA access to your RAM. If you can arbitrary edit a computers memory you can make it do whatever you want.

a) No, that isn't true
b) How do they exfiltrate the data without being caught, dumbass. Also see:

...

They don't just randomlly exfiltrate all hard drive data all the time are you retarded?

You would not even notice if you were targeted and they started leaking the contents of your drive. Its not like you are inspecting wireshark for every little fucking thing your computer does.

As long as they dont target too many people no one will ever notice exfiltration.

And yes DMA access lets you make the computer execute arbitrary code.

Only while they are on and functional fucktard you still have to use data recovery tech when someone shreds their drive. Totally different while the drive is functional and connected to your machine.

The assembly to make the kernel send data over the network is less than a kilobyte. Code to search for a key in memory would not take much space either.

I don't understand why HDD firmware has to be loaded onto the PC memory during boot.

So you can read and write to the drive

Just nip it in the bud fam

I don't understand why those kinds of instructions need to be updated for an HDD. Mechanically speaking, the HDD only works one way, it doesn't have many ways of doing what it does. Thus the instructions to I/O to the HDD ought to be hard coded into a hard circuit. Is the instructions for controlling the HDD so sophisticated that it is necessary to keep those instructions in flashable firmware?

So I'm golden if I've got a Toshiba?

Do I listen to the NSA who puts backdoors in hard drive firmware or Kaspersky who puts backdoors in antivirus software?

I actually want to do this, but with an underground datacenter instead of a dome.

so how about have your hdd only store OS/boot info?
and most of data on external usb drive?
or how about using only external usb drive and booting from it? is this the solution? won't performance be bad (access time) because of USB2.0?

the same reason why police won't use GSM triangulation to find a robber who stole your umbrella or bicycle - if they used that against everyone, people and criminals would now about it, and if they knew about it, they would protect against it (like not having cellphone with them when doing crimes)
so the NSA keeps the strongest backdoors (like hdd firmware backdoor) only for strong targets, and not against drug dealers, CP watchers etc, otherwise everyone would know about this backdoor and never store dangerous files on PC connected to the internet or other PC.

also second reason is, NSA have limited budget and people, so they use automatic software to find people that access specific things, store specific files, like bomb/terror related etc, and when software detects that then some NSA agent does manual check on that person. Because of that, some people can pass through the software that detects dangerous people, as it's not perfect because it's keyword and hash based.

or just use usb->sata adapter with standard hdd

Why exactly do you think that would help

poor consumer dont even know that they have zero privacy

it's ok they would not care anyway

so it's possible to have PC without any SATA hdd and just have USB hdd and boot from it?
Is it the solution for backdoors and DMA?
Can SATA hdd with sata->usb adapter be used?

yes
no
yes

also

but will hibernation work when using USB drive as main drive?

why not? USB2 doesn't allow DMA, right?

hey, but, what if backdoored firmware, instead of sending your boot partition/data, will first send it's malware/keylogger and then the true boot data?

Hibernation is shit, especially on not-windows. But you can try it?
No, but you have many other devices with DMA, like your wlan chip that probably needs proprietary firmware.
What we need is libre hardware with a libre IOMMU that contains the cancer.
This is just one possible attack, a built-in evil maid.

Old news.

Yes.

Ok, anyone have a solution? A not backdoored OS, a not backdoored HDD, and a not backdoored motherboard/CPU. This is probably a QTDDTOT, but still. Oh, and I guess a not backdoored monitor/keyboard, cause I guess those pieces of shit at least have the capacity to log your screen/keystrokes. Is it that plan 9 thing?

...

Hibernation is shit on linux, because linux is shit. I use hibernation on Windows and it's perfect, (almost) everything works and my current session is few months old. I never shutdown Windows, it gets clean boot only if I get electricity loss at home or if I want to change hardware inside.

I cannot try because I don't have usb external drive or sata->usb adapter

Even if, it's still good to have less devices with DMA than more. How about USB wlan sticks? But they need some drivers installed and drivers have DMA...

why not?

yes but it won't happen. I need some solution right now

yeah but not everyone uses Intel ME-enabled cpu. For them, the more backdoors the better.

Hibernation was fucked up in Vista and up for some weird reason - if the partition where bootmgr sits isn't active, it won't hibernate. All the while any NT5 OS happily hibernates and resumes regardless of what partition is active.

So you never update your Windows, nor do any system config changes which require a reboot (it surely isn't fucking Windows 9x which required a reboot for every other little changed setting, but still)?

KYS LARPer

But what if I use free/open source firmware? I'm not forced to use their pozzed formware now am I? Help a brainlet out

no
I'm not forced to use their pozzed formware now am I?
yes

Open source is a double-edged sword. Firstly, it's much easier for one person to hide a needle in a publicly accessible haystack than for a thousand people to find it. Secondly, everyone can look through open source code to find exploitable flaws, not necessarily with the intent to publish their findings and/or patching any problems found.

yes, updates and entire update system is a backdoor. they can inject and change any code of your operating system, implement new backdoors etc

and that is? I never need to reboot when changing system configuration

It says "Windows" and not "Windows 10", dumbass

Then show me open source modern HDD and CPU firmware

this. open source is fundamentally flawed and insecure, it's NSA dream. alphabet agencies love open source
the real problems for agencies were proprietary software like TrueCrypt, as they couldn't put their backdoors there
and SystemD was designed and created by the CIA

Any Windows is pozzed, even Windows 98 was pozzed.

If you run Windows you're a cuck, full stop.

any GNU/SystemD is 10 times more pozzed than old Windows

OLD NEWS
I can't believe phone posters are getting this lazy. and at the same time worked up to shit up this dead board.
Geez

All Windows is 1000 times more pozzed than Systemd.

Systemd is open sores
Redhat monopolizing the linux desktop is concerning but everything they release is publicly audited on a large scale

Auditing isn't a panacea, as demonstrated by the OpenSSL heartbleed bug that left most servers vulnerable for several years before someone caught on. And even then, LibreSSL became necessary because the OpenSSL committee refused to admit to and fix their problems.

Necessary, perhaps. Sufficient? The OpenBSD devs can't even fix all of the bugs in their own kernel.

See the 34c3 talk "Are all BSDs created equally?"

Auditing doesn't imply perfection.If you want perfection, you're only going to get that with formally verified algorithms and implementation. What public auditing does is that everybody is allowed to see all the warts - both the good guys and the bad guys alike. This is a good thing as it becomes more likely for the good guy to to spot the bugs leading to the eventual improvement of the bug.

Auditing systemd is not good enough. OpenBSD did it right by ripping all dubious and outdated stuff, so the code then becomes clearer. Redhat does the opposite: make systemd bigger, more things become dependent on it, make it so nobody has a chance to understand all of its implications. You don't have to be Terry Davis to understand this, but anyone who likes systemd is trully a fool.

Do people who rip on systemd not understand that there are already other units that can be used instead?
Look at runit, upstart, openrc, or Shepherd

I wonder if CD, DVD, or more concerning, Bluray drives and backup disks have malicious proprietary firmware? Most are just USB 2.0 still

hooktube.com/watch?v=I27NX8uTJNY

Hard drive controllers are probably the biggest potential firmware attack vector after ME. One possible solution I've considered is the OpenSSD project: openssd.io

Their development board is expensive and unwieldy, but it uses a common controller chip, so it may be possible to find an off-the-shelf SSD with the same chip and install their open-source firmware. I guess you'd have to make sure that the NAND chips are compatible too, and program the SPI flash directly using a test clip and programmer (Raspberry Pi does the trick). Would probably have to be brand new, as you'd lose wear levelling info.

And that realization alone is just the tip of the iceberg, without even getting into things like obfuscated or underhanded code etc. Saying that open source is inherently secure is like saying that nobody can hide in a publicly accessible but huge forest. If you deploy an army to go out and scrutinize all of the forest, then sure, they'll find him eventually. But there isn't an army constantly scrutinizing each and every nook and cranny of open source.

contractors

Alright so I finally read most of the thread. This is only a spare entry when NSA has the whole drive, but by that time, it doesn't matter that much. Use Qubes if you're worried, but honestly, as long as you aren't running AMT on Windows you should be fine from this specific flaw.

Optical drives mark every disk they burn with their unique serial number so the copies can be tracked back. I'm not sure whether this parameter can be altered in a firmware, but it's a pretty damn old thing.

Dude, that's nothing. I don't want to distribute any of my CDs anyway, they're for me, just like my computer. I just don't want botnet cianigger shit fucking up my computer. It's my fucking computer, nobody else should have access.

Didn't know that. Sounds about as bad as those printer tracking dots.

How can you access that hidden data? If you make an ISO image, only the user data + filesystem metadata will be contained in it. How do you make a "raw" image which includes literally all of the bits which are stored on the physical medium?

A better question is why is this legal. And are there any alternatives. I know Samsung's SSDs also have backdoors of some sort.

this has potential for future but I need solution right now
also I don't need stupid SSD, because SSD are useless shit
I need solution for HDD. right now.

will connecting HDD through USB2.0 instead of SATA solve the problem?

This is the RID (recorder ID) and it's "implementation specific," there is little actual information available about it. It seems that while proprietary burning programs might include this info, and perhaps some burners might include it, there is no real consensus about how it works or even if it does.

The SID (source ID) is imprinted on each blank at the factory and is on every disc, but if you're worried about this being tracked to you then just go to a Wal-Mart two towns over and buy your CDs with cash.

Of course, why would the Cathedral Synagogue want to nap their own businesspeople?

Hadn't heard that one. Where did you?

not at mine tho

And everyone just ignores it and pretends all is well.
I hate fucking normalfags and their apathy.

how about system+programs drive as internal sata
and then DATA on external usb2.0 drive?

how about non-american HDDs, Toshiba?

I surrender.
It's not worth it anymore.
NSA wins

Hard disks are also used on other platforms, so that's why they want to target the disks.
But you can still use USB instead. In fact, some ARM SBCs don't even have a SATA port.

Real security is at the social level.

Real security is just about making it harder for them than it's worth.

Heard about it last year. Can't find the source anymore but their HDD business has been fucked for a long time now:

Toshiba should be fine. As for SSDs: en.wikipedia.org/wiki/List_of_solid-state_drive_manufacturers
Anything that isn't made in US, China, Korea or Taiwan should work. Specifically, Toshiba and the few European companies listed. I'd say vote with your wallet now and start buying Toshiba exclusively.

As for your first question, I'm not sure what you mean. According to Kaspersky it doesn't matter if you store your system or boot loader on a USB, or do whatever, as long as you have a Seagate/WD SATA device connected the device WILL load the back door. So the only option would be boot from a USB and never use hard drives. Unless you can connect them to a USB 2 port. I'm pretty sure DMA is used even if you'd connect the HDD after booting from USB.

1995 called, they want their news back

If he connects the HDD to USB 2 port, everything has to go through the CPU and OS. It'll be slow, but no DMA.
One interesting thing is some ARM SBCs don't have real SATA and instead just have a built-in SATAUSB adapter (so you can connect SATA disk, but it goes through USB), for example: banana-pi.org/m3.html
But Ethernet is another problem area WRT potentially nasty firmware, so you would need to also use USB version of that. Ethernet that's integrated into mobos is PCI, and that of course can use DMA.

A seemingly profound but retarded statement

Except that there are are plenty of things that no matter how much they work they will never get in

Just because almost all CPUs have been Spectre-prone since 1995 doesn't mean that literally everything has been botnet since 1995.

Is resigning oneself to defeatism the reasonable course of action though?