NSA Hides Spying Backdoors into Hard Drive Firmware

[xorbe]

Bold font = +5
Enlarged font = +10
They = +15

 

[MrGenius]

Spoiler: "Letter to Control about the Big Brother. Tryin' like hard to not blow my cover."

 

[R-T-B]

Hmmm...at least some of my paranoid delusions are, as it turns out, based in reality. Imagine that. So I'll say it again, with confidence this time.

If you are connected to the internet...you are vulnerable! There are backdoors you've never(until just now probably) even heard of! If they want in, they'll get in! And there's nothing you can do about it! Don't pretend like they won't/can't!!!

"They" = Hackers of any/all types or persuasions.

This is why the first lesson in security class is to make the data harder to get at than it's value.

If they want it, yes they can get it. But who wants to spend 10 years looking for an obscure buffer overflow attack to get at your porn library? No one, that's who.

This is precisely why good security is still relevant, even if not impervious to hacking.

 

[FordGT90Concept]

I've read some reveals credited to him in various forums calling everything from AES to SSL into question without much cooreberating evidence. Those are the kind of things I take with a grain of salt, to say the least.

Because all of the material was leaked to the press, not public. They have to authenticate it and purge it of sensitive information (like people) so what does get published ends up very truncated. It is doubtful the documents he leaked will ever go public.

I know sources at The Guardian (US branch) and New York Times both received documents from Snowden. What you've heard about AES/SSL may be true:
http://www.zdnet.com/article/has-the-nsa-broken-ssl-tls-aes/
In short, Snowden didn't spell it out like he did on the data collection programs. He released information mostly from British sources that "vast amounts of encrypted internet data which have up till now been discarded are now exploitable" speaking of the NSA. "Vast" could only mean SSL/AES. It is not known if that includes TLS. Or maybe they were talking about TLS and not AES? We don't know.


Security? Relevant:

Point: 10 years from now, likely all data called "secure" today will be vastly considered insecure. Security is merely an illusion especially where digital is concerned.

 

[GLD]

I think I could make 5 Wiki pages from the spew in this thread.

 

[R-T-B]

Point: 10 years from now, likely all data called "secure" today will be vastly considered insecure.

Indeed. That's pretty much the second lesson in a college security class.

Security is merely an illusion especially where digital is concerned.

True, but that doesn't make it irrelevant or useless. See the "first lesson of security" in my post above.

 

[Haytch]

Sorry for the late post, I didn't notice this article. Ummm, didn't this happen already in 2000, and then again in 2002, 2005, 2007, 2008, 2010 and then 2012 ?

 

[Caring1]

Yes, and they have done it with Routers and Modems too.

 

[qubit]

Yes, and they have done it with Routers and Modems too.

If they've backdoored network cards, CPUs and chipsets then even one of those hardened Linux DIY firewalls such as IPCop won't be secure from them.

I have no evidence either way, but I wouldn't be surprised if there's some revelation about this one day.

 

[Steevo]

It's part of a larger thing. It also controls what is booting.

Nope, the motherboard BIOS controls the boot, Int13 http://en.wikipedia.org/wiki/INT_13H controlled/controls it, when the disk specified as the boot disk, or attached to the specified channel is queried and told to lad the code at the location provided, which is where the operating system, or boot loader reside, and as its loaded the CPU starts to execute the code which once the kernel is up and in system memory, and its threads have loaded their machine configuration and or looked them up from BIOS memory tables, it starts to load the rest of the actual GUI and drivers.


Even on most UEFI systems a small section of the disk for boot it partitioned off as an acceptable boot partition, such as MBR on Windows, that contains the data required to start the actual software boot.

If you are curious get a Hex editor and look at sectors http://en.wikipedia.org/wiki/Boot_sector and depending on how you look at it you can then determine what is being loaded.


But back to drive BIOS, how does it get transferred out of the PC to the NSA? By IP, and the OS and every major and customer hardware manufacturer is allowing this and not letting users see it? Or by some unknown pins even though people test and tweak systems and watch hardware input and output constantly? Or by voodoo magic?


Do I think it is happening? Yep

By the method described? Nope.

Specifically built hack firmware that is being released on machines built for use in some areas where they may not get access to others? Most likely.

Iran wants to buy servers, they have no manufacturing there, but Dell will sell them, and they report to the NSA or whoever about what they are selling, machines get loaded with a motherboard BIOS that allows low level access to the drives that the OS is unaware of, and either copies bits and pieces of the drive contents to a remote server, or causes corruption issues occasionally that they have to send techs in, or drives out and they are copied then.