Tuesday, February 17th 2015
NSA Hides Spying Backdoors into Hard Drive Firmware
Russian cyber-security company Kaspersky Labs exposed a breakthrough U.S. spying program, which taps into one of the most widely proliferated PC components - hard drives. With the last 5 years seeing the number of hard drive manufacturing nations reduce from three (Korean Samsung, Japanese Hitachi and Toshiba, and American Seagate and WD) to one (American Seagate or WD), swallowing-up or partnering with Japanese and Korean businesses as US-based subsidiaries or spin-offs such as HGST, a shadow of suspicion has been cast on Seagate and WD.
According to Kaspersky, American cyber-surveillance agency, the NSA, is taking advantage of the centralization of hard-drive manufacturing to the US, by making WD and Seagate embed its spying back-doors straight into the hard-drive firmware, which lets the agency directly access raw data, agnostic of partition method (low-level format), file-system (high-level format), operating system, or even user access-level. Kaspersky says it found PCs in 30 countries with one or more of the spying programs, with the most infections seen in Iran, followed by Russia, Pakistan, Afghanistan, China, Mali, Syria, Yemen and Algeria.
Kaspersky claims that the HDD firmware backdoors are already being used to spy on foreign governments, military organizations, telecom companies, banks, nuclear researchers, the media, and Islamic activities. Kaspersky declined to name the company which designed the malware, but said that it has close ties to the development of Stuxnet, the cyber-weapon used by NSA to destabilize Iran's uranium-enrichment facilities.
Kaspersky claims that the new backdoor is perfect in design. Each time you turn your PC on, the system BIOS loads the firmware of all hardware components onto the system memory, even before the OS is booted. This is when the malware activates, gaining access to critical OS components, probably including network access and file-system. This makes HDD firmware the second most valuable real-estate for hackers, after system BIOS.
Both WD and Seagate denied sharing the source-code of their HDD firmware with any government agency, and maintained that their HDD firmware is designed to prevent tampering or reverse-engineering. Former NSA operatives stated that it's fairly easy for the agency to obtain source-code of critical software. This includes asking directly and posing as a software developer. The government can seek source-code of hard drive firmware by simply telling a manufacturer that it needs to inspect the code to make sure it's clean, before it can buy PCs running their hard-drives.
What is, however, surprising is how "tampered" HDD firmware made it to mass-production. Seagate and WD have manufacturing facilities in countries like Thailand and China, located in high-security zones to prevent intellectual property theft or sabotage. We can't imagine tampered firmware making it to production drives without the companies' collaboration.
Source:
Reuters via Yahoo
According to Kaspersky, American cyber-surveillance agency, the NSA, is taking advantage of the centralization of hard-drive manufacturing to the US, by making WD and Seagate embed its spying back-doors straight into the hard-drive firmware, which lets the agency directly access raw data, agnostic of partition method (low-level format), file-system (high-level format), operating system, or even user access-level. Kaspersky says it found PCs in 30 countries with one or more of the spying programs, with the most infections seen in Iran, followed by Russia, Pakistan, Afghanistan, China, Mali, Syria, Yemen and Algeria.
Kaspersky claims that the new backdoor is perfect in design. Each time you turn your PC on, the system BIOS loads the firmware of all hardware components onto the system memory, even before the OS is booted. This is when the malware activates, gaining access to critical OS components, probably including network access and file-system. This makes HDD firmware the second most valuable real-estate for hackers, after system BIOS.
Both WD and Seagate denied sharing the source-code of their HDD firmware with any government agency, and maintained that their HDD firmware is designed to prevent tampering or reverse-engineering. Former NSA operatives stated that it's fairly easy for the agency to obtain source-code of critical software. This includes asking directly and posing as a software developer. The government can seek source-code of hard drive firmware by simply telling a manufacturer that it needs to inspect the code to make sure it's clean, before it can buy PCs running their hard-drives.
What is, however, surprising is how "tampered" HDD firmware made it to mass-production. Seagate and WD have manufacturing facilities in countries like Thailand and China, located in high-security zones to prevent intellectual property theft or sabotage. We can't imagine tampered firmware making it to production drives without the companies' collaboration.
134 Comments on NSA Hides Spying Backdoors into Hard Drive Firmware
I mean the guy said that he had papers indicating algorithms such as AES have backdoors. That would be mindblowing if true. And he decides to risk it all to leak that Verizon is wiretapping for the government? Yeah right, the guy is a publicity nut... and at this point I think anything he says is probably a load of BS.
Why wouldn't he leak that first? That's the big, disturbing stuff afterall. I think it's because he never actually had those details. He's making shit up at this point, IMO.
You used the phrase "campaign of fear" but those words fit both the "terrorists" and the government. You'd have to disambiguate that phrase because it is literally interchangeable.Watch the Brian Williams interview with Snowden. He was in Russia because he was on flights from Honolulu to Hong Kong, to Moscow on his way to Ecuador. The reason why he didn't take a more direct route is because all flights heading East from Hawaii end up in the USA where he could have been caught by US officials. He had no intention to stay in Moscow but by the time he arrived in Moscow, it was already announced to the world that he's a wanted man. Any further flights would have likely landed him in prison. His only option to remain free was to seek asylum in Russia which Putin granted.
The data he had was disseminated before he left Hawaii. He carried no data out of the country so there was nothing Russia could get from him other than talk. Snowden, being a trained spy, knew they wouldn't do anything to him because whatever he said couldn't be collaborated with proof; hence, why they leave each other alone. I'm sure Putin is pleased with what has already transpired though because it certainly gave the USA a black eye.
Snowden's account makes sense in every way.
Sounds like spy work to me. Someone who works for them? Yeah, spy. Call it what you like.
It really sounds like you just want to talk downabout anything that puts our government in a bad light, and attempt to discredit statements to the contrary. Which branch of the government do you work for, again?
Back on Topic, Bruce Schneier had a short write up on his site, and references the Ars Technica article, which does have some interesting detail, especially this section
As for which branch of government I work in, it's the unemployed one. :p I won't deny I have a background in college cryptography (though I failed to finish my degree, it's a long story). But my knowledge is why I find everything Snowden related (save the verifiable Verizon report) laughable. It doesn't add up. I don't like the NSA or administration's policies. I do laugh at Snowden every chance I get though because the evidence justifies it.
For the record, I'm the kind of person the NSA likely keeps tabs on, not the other way around. I openly criticize our government and have a background in skills that could be used to disrupt their monitoring programs. The fact that you accuse me of being a government agent for thinking different than you is frankly, grasping at straws.
As for the spy comment, Snowden strikes me more as a datasorting nerd (god knows USA needs a lot of SQL people to manage that data). I guess you could call him a spy, but I think the KGB cold-war type "spies" could crack him pretty fast... and possibly did.
If you guys think him moving to Russia shows he has any integrity rather than the opposite I don't know what to say. He's supposed to be concerned with individual rights but seeks asylum in Russia? How does that make sense to anyone? He took secrets and went to Russia. He's a defector not Robin Hood.
www.motherjones.com/politics/2013/08/mesh-internet-privacy-nsa-isp
How to Keep the NSA Out of Your Computer
He fled because the Obama administration gave him no option to stay. The Obama administration has an established track record of this. Daniel Ellsberg, whom leaked the Pentagon Papers, praised Snowden and scolded the administration. This is the most anti-whistleblower administration in recent memory and it presents itself in many ways from the fouled implementation of Obamacare to the firing of over 900 people from the Veteran's Affairs. People simply won't talk about problems on record which effectively means journalists can't report on it.
www.newsmax.com/Newsfront/charlie-hebdo-survivor-obama/2015/01/25/id/620634/I agree. He could have ignored the many violations of the constitution and the laws of this country and not violated the espionage act. He could have chosen to not report what shady deals his government has made to get around the letter of the law. He could have chosen to ignore the bullying tactics the NSA and other government agencies have used to force businesses to ignore personal liberties and freedoms guaranteed under the constitution, with promises of protection, like when Bush had a law passed that protected the Telecom agencies from lawsuits from the shit they pulled after 9/11. He could have chosen to just quit or keep doing the shit-job he was doing, and stayed at home, comfy with his life, his girl, his family. But he didn't. He chose to bring those things to light. And he's sitting in a bully's backyard, hoping the bigger bully doesn't strike a deal with his bully.
I'm actually with you on the "running to Russia". He didn't have much choice but to settle in Russia. It was a case of a bad or a worse situation. I just don't see his reveals following the initial report as even remotely credible. I think he's trying to look important to the KGB right now more than anything.
And yes, I do respect him for calling the government out. I just wish the government itself offered more ways to do this within it's own system. In an ideal world, you wouldn't have to run like that just to tell people about some wrongdoings. But we don't live in an ideal world.
:respect:
Snowden's goal in life was to join US special forces but during training, he broke his legs (halo jump if memory serves). This spelled the end of his special forces ambitions so he went into intelligence instead (CIA, then NSA, if memory serves). So there's three reasons the KGB doesn't want him:
1) He is American, not Russian. His loyalties are in doubt.
2) He suffered a major injury that makes him unfit for deployment.
3) He doesn't speak Russian. He may have learned a few words by now but he is in no way fluent or even passable.
Snowden deliberately did not do many press interviews in the year after the data was leaked. The reason for this is because he wanted the government's behavior to be the showcase and not him. He wanted the press to do the investigative research on the programs and tell the story because he didn't want to be the story.
For the record though, I never said he should have ignored anything. Those are your words somehow claiming that's what I meant.
If you are connected to the internet...you are vulnerable! There are backdoors you've never(until just now probably) even heard of! If they want in, they'll get in! And there's nothing you can do about it! Don't pretend like they won't/can't!!!
"They" = Hackers of any/all types or persuasions.
Enlarged font = +10
They = +15