• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

NSA Hides Spying Backdoors into Hard Drive Firmware

Joined
Oct 22, 2014
Messages
14,163 (3.82/day)
Location
Sunshine Coast
System Name H7 Flow 2024
Processor AMD 5800X3D
Motherboard Asus X570 Tough Gaming
Cooling Custom liquid
Memory 32 GB DDR4
Video Card(s) Intel ARC A750
Storage Crucial P5 Plus 2TB.
Display(s) AOC 24" Freesync 1m.s. 75Hz
Mouse Lenovo
Keyboard Eweadn Mechanical
Software W11 Pro 64 bit
if you're not doing anything wrong or illegal then what's the problem?
Chip, chip, chipping away ..... at your freedom
 

Frick

Fishfaced Nincompoop
Joined
Feb 27, 2006
Messages
19,663 (2.86/day)
Location
Piteå
System Name Black MC in Tokyo
Processor Ryzen 5 7600
Motherboard MSI X670E Gaming Plus Wifi
Cooling Be Quiet! Pure Rock 2
Memory 2 x 16GB Corsair Vengeance
Video Card(s) XFX 6950XT Speedster MERC 319
Storage Kingston KC3000 1TB | WD Black SN750 2TB |WD Blue 1TB x 2 | Toshiba P300 2TB | Seagate Expansion 8TB
Display(s) Samsung U32J590U 4K + BenQ GL2450HT 1080p
Case Fractal Design Define R4
Audio Device(s) Plantronics 5220, Nektar SE61 keyboard
Power Supply Corsair RM850x v3
Mouse Logitech G602
Keyboard Dell SK3205
Software Windows 11 Pro
Benchmark Scores Rimworld 4K ready!
This isn't the blanket spying stuff the NSA does.
 
Joined
Dec 31, 2008
Messages
559 (0.10/day)
Location
Romania
System Name OptimusFine
Processor AMD Ryzen 7 5800x
Motherboard MSI B550 Tomahawk
Cooling Noctua NH-D15 / 2x NF-S12A-PWM Chromax
Memory Corsair Vengeance LPX CL15 3000mhz 32gb
Video Card(s) Gigabyte RTX 3080 12GB Gaming OC
Storage Samsung M.2 SSD 960 Evo 250GB / 2 Crucial SSD MX500 2TB & 1 1TB / Seagate 2TB Hdd / Toshiba 2Tb Hdd
Display(s) Alienware AW3423DW, ASUS ROG PG279Q
Case Cooler Master H500M
Audio Device(s) Steelseries Arctis 7+ / Logitech Z533
Power Supply Corsair RM850X
Mouse Logitech G502 Lightspeed
Keyboard Corsair Strafe RGB
VR HMD Oculus Rift
Software Windows 11 Pro 64-bit
Don't get any freedom anyway it's all a façade. They can gladly look at my holiday photos and see what games I'm playing on Steam!
I think that someone with that kind of access to your computer could just simply plant incriminating evidence to anything. What if it stated "Criminal/terrorist organization hides spying backdoors into harddrive firmware", would you be more alarmed then?
 
Joined
Feb 5, 2015
Messages
27 (0.01/day)
I think that someone with that kind of access to your computer could just simply plant incriminating evidence to anything. What if it stated "Criminal/terrorist organization hides spying backdoors into harddrive firmware", would you be more alarmed then?

There's too much scaremongering. Still I'm only one out of billions of computers, I think I'll take my chances with my holiday snaps!
 
Joined
Dec 31, 2008
Messages
559 (0.10/day)
Location
Romania
System Name OptimusFine
Processor AMD Ryzen 7 5800x
Motherboard MSI B550 Tomahawk
Cooling Noctua NH-D15 / 2x NF-S12A-PWM Chromax
Memory Corsair Vengeance LPX CL15 3000mhz 32gb
Video Card(s) Gigabyte RTX 3080 12GB Gaming OC
Storage Samsung M.2 SSD 960 Evo 250GB / 2 Crucial SSD MX500 2TB & 1 1TB / Seagate 2TB Hdd / Toshiba 2Tb Hdd
Display(s) Alienware AW3423DW, ASUS ROG PG279Q
Case Cooler Master H500M
Audio Device(s) Steelseries Arctis 7+ / Logitech Z533
Power Supply Corsair RM850X
Mouse Logitech G502 Lightspeed
Keyboard Corsair Strafe RGB
VR HMD Oculus Rift
Software Windows 11 Pro 64-bit
There's too much scaremongering. Still I'm only one out of billions of computers, I think I'll take my chances with my holiday snaps!
Couldn't agree more on that, but it's still wrong on every level.
 
Joined
Feb 5, 2015
Messages
27 (0.01/day)
Couldn't agree more on that, but it's still wrong on every level.

yes it's definitely wrong, I think I'm going to put pictures of my ass in amongst all of my holiday pictures as a message to anyone looking at them! kiss my ass!
 
Joined
Mar 27, 2011
Messages
68 (0.01/day)
Location
Ukraine
System Name Avalon
Processor Intel® Core™ i7-3770K @ 1C: 42x, 2C: 41x, 3C: 40x, 4C: 39x (scalped, Coollaboratory Liquid Pro)
Motherboard ASUS P8Z77-V
Cooling Thermalright HR-02 Macho Rev. A (B&W Edition) @ Passive
Memory 2x SK Hynix HMT451U6MFR8C-PB @ 2400 11-13-12-27 CR1 1.575 V
Video Card(s) Intel® HD Graphics 4000
Storage SSD: OCZ Vertex 4 128 GB; RAID0: 2x WDC WD10JPVT
Display(s) SΛMSUNG S27A550
Case Cooler Master CM 690 II Advanced White
Power Supply Seasonic X-460 FANLESS
Software Windows 7 SP1 64-bit
hard drive firmware isn't loading into system RAM, it's run only at drive.
 
Joined
Aug 30, 2006
Messages
7,223 (1.08/day)
System Name ICE-QUAD // ICE-CRUNCH
Processor Q6600 // 2x Xeon 5472
Memory 2GB DDR // 8GB FB-DIMM
Video Card(s) HD3850-AGP // FireGL 3400
Display(s) 2 x Samsung 204Ts = 3200x1200
Audio Device(s) Audigy 2
Software Windows Server 2003 R2 as a Workstation now migrated to W10 with regrets.
Thanks for this news article. Interesting. Informed. Warned.
 

Fx

Joined
Oct 31, 2008
Messages
1,332 (0.23/day)
Location
Portland, OR
Processor Ryzen 2600x
Motherboard ASUS ROG Strix X470-F Gaming
Cooling Noctua
Memory G.SKILL Flare X Series 16GB DDR4 3466
Video Card(s) EVGA 980ti FTW
Storage (OS)Samsung 950 Pro (512GB), (Data) WD Reds
Display(s) 24" Dell UltraSharp U2412M
Case Fractal Design Define R5
Audio Device(s) Sennheiser GAME ONE
Power Supply EVGA SuperNOVA 650 P2
Mouse Mionix Castor
Keyboard Deck Hassium Pro
Software Windows 10 Pro x64
This is in violation of the US Constitution which is the supreme law.

Thank you for this profound post. The NSA is out of control and information exposing its practices is always welcome.
 
Joined
Sep 3, 2010
Messages
3,539 (0.68/day)
Location
Netherlands
System Name ap201 | Odroid N2+ | NUC
Processor AMD Ryzen 5 3600 | Amlogic S922X | Intel Core i5-7260
Motherboard Gigabyte B550M DS3H |Odroid N2+ | NUC Board 7
Cooling Inter-Tech Argus SU-200, 3x Arctic P12 case fans | stock heatsink + fan | stock HSF
Memory Gskill Aegis DDR4 32GB | 4 GB DDR4 | 16 GB DDR4
Video Card(s) Sapphire Pulse RX 6600 (8GB) | Arm Mali G52 | Iris Plus 640
Storage SK Hynix 240GB, Sam. 840 + 850 EVO (2x (250 GB)| Samsung 850 Evo 500GB | WD Green 240 GB
Display(s) AOC G2260VWQ6 | LG 24MT57D |
Case Asus Prime 201 | Stock case (black version) | Stock case
Audio Device(s) integrated
Power Supply BeQuiet! Pure Power 11 400W | 12v barrel jack | 19V laptop brick (Asus)
Mouse Logitech G500 |Steelseries Rival 300 | no-name ergo mouse
Keyboard Qpad MK-50 (Cherry MX brown)| Blaze Keyboard
Software Windows 10, EndeavourOS | Gentoo Linux | EndeavourOS
hard drive firmware isn't loading into system RAM, it's run only at drive.
Yeah, the controller board inside the drive needs that stuff. The PC/server could care less about that low level material.
 

Frick

Fishfaced Nincompoop
Joined
Feb 27, 2006
Messages
19,663 (2.86/day)
Location
Piteå
System Name Black MC in Tokyo
Processor Ryzen 5 7600
Motherboard MSI X670E Gaming Plus Wifi
Cooling Be Quiet! Pure Rock 2
Memory 2 x 16GB Corsair Vengeance
Video Card(s) XFX 6950XT Speedster MERC 319
Storage Kingston KC3000 1TB | WD Black SN750 2TB |WD Blue 1TB x 2 | Toshiba P300 2TB | Seagate Expansion 8TB
Display(s) Samsung U32J590U 4K + BenQ GL2450HT 1080p
Case Fractal Design Define R4
Audio Device(s) Plantronics 5220, Nektar SE61 keyboard
Power Supply Corsair RM850x v3
Mouse Logitech G602
Keyboard Dell SK3205
Software Windows 11 Pro
Benchmark Scores Rimworld 4K ready!
This is in violation of the US Constitution which is the supreme law.

Thank you for this profound post. The NSA is out of control and information exposing its practices is always welcome.

You're as likely to be hit with this as with Flame.

And this story is getting stupid. We dont know who the group is, just that they might be affilated with the NSA somehow. And this is just spying, not blanket surveillance.




Yeah, the controller board inside the drive needs that stuff. The PC/server could care less about that low level material.

It's part of a larger thing. It also controls what is booting.

GrayFish is the crowning achievement of the Equation Group. The malware platform is so complex that Kaspersky researchers still understand only a fraction of its capabilities and inner workings. Key to the sophistication of GrayFish is its bootkit, which allows it to take extraordinarily granular control of the machines it infects.

"This allows it to control the launching of Windows at each stage," Kaspersky's written report explained. "In fact, after infection, the computer is not run by itself anymore: it is GrayFish that runs it step by step, making the necessary changes on the fly."
 

qubit

Overclocked quantum bit
Joined
Dec 6, 2007
Messages
17,865 (2.87/day)
Location
Quantum Well UK
System Name Quantumville™
Processor Intel Core i7-2700K @ 4GHz
Motherboard Asus P8Z68-V PRO/GEN3
Cooling Noctua NH-D14
Memory 16GB (2 x 8GB Corsair Vengeance Black DDR3 PC3-12800 C9 1600MHz)
Video Card(s) MSI RTX 2080 SUPER Gaming X Trio
Storage Samsung 850 Pro 256GB | WD Black 4TB | WD Blue 6TB
Display(s) ASUS ROG Strix XG27UQR (4K, 144Hz, G-SYNC compatible) | Asus MG28UQ (4K, 60Hz, FreeSync compatible)
Case Cooler Master HAF 922
Audio Device(s) Creative Sound Blaster X-Fi Fatal1ty PCIe
Power Supply Corsair AX1600i
Mouse Microsoft Intellimouse Pro - Black Shadow
Keyboard Yes
Software Windows 10 Pro 64-bit
This spying so doesn't surprise me. I wonder if those longstanding rumours about backdoors in chipsets are true after all?

Tinfoil hats at the ready everyone!
 
Joined
Jan 25, 2011
Messages
531 (0.10/day)
Location
Inside a mini ITX
System Name ITX Desktop
Processor Core i7 9700K
Motherboard Gigabyte Aorus Pro WiFi Z390
Cooling Arctic esports 34 duo.
Memory Corsair Vengeance LPX 16GB 3000MHz
Video Card(s) Gigabyte GeForce RTX 2070 Gaming OC White PRO
Storage Samsung 970 EVO Plus | Intel SSD 660p
Case NZXT H200
Power Supply Corsair CX Series 750 Watt
I'm scared that they will steal the blueprints of a mach 5 fighter jet I designed..


...in KSP.
 

Ahhzz

Super Moderator
Staff member
Joined
Feb 27, 2008
Messages
8,994 (1.46/day)
System Name OrangeHaze / Silence
Processor i7-13700KF / i5-10400 /
Motherboard ROG STRIX Z690-E / MSI Z490 A-Pro Motherboard
Cooling Corsair H75 / TT ToughAir 510
Memory 64Gb GSkill Trident Z5 / 32GB Team Dark Za 3600
Video Card(s) Palit GeForce RTX 2070 / Sapphire R9 290 Vapor-X 4Gb
Storage Hynix Plat P41 2Tb\Samsung MZVL21 1Tb / Samsung 980 Pro 1Tb
Display(s) 22" Dell Wide/24" Asus
Case Lian Li PC-101 ATX custom mod / Antec Lanboy Air Black & Blue
Audio Device(s) SB Audigy 7.1
Power Supply Corsair Enthusiast TX750
Mouse Logitech G502 Lightspeed Wireless / Logitech G502 Proteus Spectrum
Keyboard K68 RGB — CHERRY® MX Red
Software Win10 Pro \ RIP:Win 7 Ult 64 bit
Last edited:
Joined
Jun 18, 2010
Messages
2,338 (0.44/day)
Processor Intel i7 970 // Intel i7 2600K
Motherboard Asus Rampage III Formula // Asus P8P67 Deluxe
Cooling Zalman CNPS9900MaxB // Zalman CNPS11X
Memory GSkill 2133 12GB // Corsair V 2400 32GB
Video Card(s) ASUS GTX1080 // MSI GTX1070
Storage Samsung 870EVO // Samsung 840P
Display(s) HP w2207h
Case CoolerMaster Stacker 830se // Lian Li PC-9F
Audio Device(s) onboard
Power Supply Seasonic X 850w Gold // EVGA 850w G2
Mouse Logitech G502SE HERO, G9
Keyboard Dell
Software W10 Pro 22H2
This spying so doesn't surprise me. I wonder if those longstanding rumours about backdoors in chipsets are true after all?

Tinfoil hats at the ready everyone!

Pen and paper will escape / elude their scrutiny!
 

qubit

Overclocked quantum bit
Joined
Dec 6, 2007
Messages
17,865 (2.87/day)
Location
Quantum Well UK
System Name Quantumville™
Processor Intel Core i7-2700K @ 4GHz
Motherboard Asus P8Z68-V PRO/GEN3
Cooling Noctua NH-D14
Memory 16GB (2 x 8GB Corsair Vengeance Black DDR3 PC3-12800 C9 1600MHz)
Video Card(s) MSI RTX 2080 SUPER Gaming X Trio
Storage Samsung 850 Pro 256GB | WD Black 4TB | WD Blue 6TB
Display(s) ASUS ROG Strix XG27UQR (4K, 144Hz, G-SYNC compatible) | Asus MG28UQ (4K, 60Hz, FreeSync compatible)
Case Cooler Master HAF 922
Audio Device(s) Creative Sound Blaster X-Fi Fatal1ty PCIe
Power Supply Corsair AX1600i
Mouse Microsoft Intellimouse Pro - Black Shadow
Keyboard Yes
Software Windows 10 Pro 64-bit
if you're not doing anything wrong or illegal then what's the problem?
This is an age old strawman argument that's been debunked many times.

It's a question that's usually asked by those who want to spy on and control the people and is an absolute favourite among tinpot dictators.
 
  • Like
Reactions: Fx
Joined
Jan 2, 2015
Messages
1,099 (0.30/day)
Processor FX6350@4.2ghz-i54670k@4ghz
Video Card(s) HD7850-R9290
guess i will be a strawman too then..
hard drives are not secure :eek: not like anything about windows or the internet in general is anyway.. only way your data is actually safe is to unplug the ethernet cable..
government agencies seriously don't care what you do as long as its not illegal plus there is no way for them to manually spy on everyone..
it goes pretty deep if your hard drive is being remotely checked out and you have already been flagged..
 
Joined
May 25, 2013
Messages
739 (0.17/day)
Location
Kolkata, India
System Name barely hangin on...
Processor Intel I5 4670K @stock
Motherboard Asus H81m-cs (nothing else available now)
Cooling CM Hyper 212X (in push-pull)
Memory 16GB Corsair Vengeance Dual Channel 1866MHz
Video Card(s) Asus RX 580 4GB Dual
Storage WD Blue 1TB, WD Black 2TB, Samsung 850 Evo 250GB
Display(s) Acer KG241QP 144Hz
Case Cooler Master CM 690 III (Transparent side panel) - illuminated with NZXT HUE RGB
Audio Device(s) FiiO E10K>Boom 3D>ATH M50/Samson SR850/HD599SE
Power Supply Corsair RM 850
Mouse Redragon M901 PERDITION 16400 DPI Laser Gaming Mouse
Keyboard HyperX Alloy FPS Mechanical Gaming Keyboard (Cherry MX Brown)
Software 7-64bit MBR, 10-64bit UEFI (Not Multi-boot), VBox guests...
Is there any way to know if my hard drive's firmware is infected?
 
Joined
Dec 16, 2014
Messages
421 (0.12/day)
This story holds some truth. NSA has gone too far, these agencies should be shut down and the money that goes to these agencies should be used for helping develop open source software... And HDD manufacturers are also guilty, they can't release firmware source code? You can do that, if user gets ahold of source code he can`t make HDD out of pure air, he still has to buy your HDD. But we all know if source code isn`t released the software is not secure, that is why people choose Linux over Windows Server.
 
Joined
Jan 20, 2014
Messages
299 (0.07/day)
System Name gamingPZ
Processor i7-6700k
Motherboard Asrock Z170M Pro4S
Cooling scythe mugen4
Memory 32GB ddr4 2400mhz crucial ballistix sport lt
Video Card(s) gigabyte GTX 1070 ti
Storage ssd - crucial MX500 1TB
Case silverstone sugo sg10
Power Supply Evga G2 650w
Software win10
I'm pretty sure they don't care .....that you're stalking your ex on facebook after 2 beers
WHAAAT :O... noone has right to know that!! .... I mean - I have never ever done that... fuck - do not read this post - it was hacked .... ok ok, I admit it... but it was 3 beers :D
 
Joined
Jun 18, 2010
Messages
2,338 (0.44/day)
Processor Intel i7 970 // Intel i7 2600K
Motherboard Asus Rampage III Formula // Asus P8P67 Deluxe
Cooling Zalman CNPS9900MaxB // Zalman CNPS11X
Memory GSkill 2133 12GB // Corsair V 2400 32GB
Video Card(s) ASUS GTX1080 // MSI GTX1070
Storage Samsung 870EVO // Samsung 840P
Display(s) HP w2207h
Case CoolerMaster Stacker 830se // Lian Li PC-9F
Audio Device(s) onboard
Power Supply Seasonic X 850w Gold // EVGA 850w G2
Mouse Logitech G502SE HERO, G9
Keyboard Dell
Software W10 Pro 22H2
"I pity the fool"...that doesn't own a typewriter.

What manifesto?
 
Joined
Nov 17, 2011
Messages
298 (0.06/day)
System Name Game Raver
Processor Core i7-770K
Motherboard ASRock Z170A-X1
Cooling Coolermaster AIO
Memory 16gb
Video Card(s) GTX 1060
Storage 1TB Crucial SSD. 4TB Seagate HDD
Display(s) AOC 1080p 144Hz
Case NZXT Phantom 410 /w/ Silverstone FN121P-BL fans
Audio Device(s) ASUS Essence STX
Power Supply Corsair AX760
NSA: A place that tries to reincarnate old ideas.

Such as:

Breaching people's privacy.
Finding people's privacy.
Storing people's privacy.
AND
Telling people they have privacy.

I see democracy is still working for us.
 

Fx

Joined
Oct 31, 2008
Messages
1,332 (0.23/day)
Location
Portland, OR
Processor Ryzen 2600x
Motherboard ASUS ROG Strix X470-F Gaming
Cooling Noctua
Memory G.SKILL Flare X Series 16GB DDR4 3466
Video Card(s) EVGA 980ti FTW
Storage (OS)Samsung 950 Pro (512GB), (Data) WD Reds
Display(s) 24" Dell UltraSharp U2412M
Case Fractal Design Define R5
Audio Device(s) Sennheiser GAME ONE
Power Supply EVGA SuperNOVA 650 P2
Mouse Mionix Castor
Keyboard Deck Hassium Pro
Software Windows 10 Pro x64
"I have nothing to hide," said the fool.

It isn't that you don't have anything to hide; it is that they don't have any right to search your property (either physical or intangible) without a justifiable reason.

Anyone not concerned over their own privacy, and the breach of it, is most stupendously ignorant of history. This is a direct attack on one's privacy; a principle that was important enough to be included as a foundational law (4th Amendment). Men fought and died over the right to protect this aspect of their lives among other things.

Furthermore, surveillance is always used in the control of a population by governments who seek to enact sinister activity. Governments will tell you that they are using their tactics to fight "terrorism", and other such nonsense, but really they are the authors of it or have direct association with many of those groups -- a fact that most people are too lazy to investigate or even care about.

Stories like these drag out a lot of ideas to consider, but unfortunately most readers just read it as a topic of the day instead of really considering consequences, context and the past in order to connect some dots.
 
Top