It looks like you're using an Ad Blocker.

Please white-list or disable AboveTopSecret.com in your ad-blocking tool.

Thank you.

 

Some features of ATS will be disabled while you continue to use an ad-blocker.

 

Moscow-Based Security Firm Reveals What May Be The Biggest NSA "Backdoor Exploit" Ever

page: 2
58
<< 1    3  4  5 >>

log in

join
share:

posted on Feb, 17 2015 @ 12:04 AM
link   

originally posted by: Phage
So...virtually every hard drive has this backdoor hardwired into it?

Yes, that's what Kaspersky is saying.

Scary as hell.



posted on Feb, 17 2015 @ 02:32 AM
link   
Wow, the US sure is getting ballsy with its activities. Go big or go home, I guess, but man is that underhanded.
More than ever im sure its *New World* Order, referring to it stemming from north america...


a reply to: Bedlam
My hd's almost full, I was looking for a ssd, but would it be more secure to find some old hd? Or are they all compromised, and we're all just bent over already?



posted on Feb, 17 2015 @ 02:52 AM
link   
Beyond the fact that this is a privacy violation and basically just a F*cked up move by the NSA on a moral level and so forth there is another very real world problem with this kind of government sponsored hacking which is that it undermines any and all cyber security companies out there.

Just think about the implications this has to the business world. Basically it makes any kind of cyber security company, banking industry, technology industry, etc. pretty much any and all companies that exist compromised.

By doing stuff like this in secret the NSA is single handedly disrupting every business and institution that uses computers and requires their information to be private and secure. It even makes the security companies other companies hire to secure their data pointless. Not to mention the fact that it makes all the manufactures that help them also liable as well.

It's treason in the business world.



posted on Feb, 17 2015 @ 03:02 AM
link   
a reply to: BornAgainAlien

The Snowden leaks should have caused significant diplomatic outrage and have instead fizzled out.

There are ongoing Parliamentary Hearings into the apparent intrusions by Washington and NSA into German national security issues. ironically, the proceedings are being delayed by German's own intelligence service, the BND. They're refusing to provide documents to the Hearings and the UK's GCHQ has released a '[url=http://www.telegraph.co.uk/news/worldnews/europe/germany/11392943/Britain-threatens-to-stop-sharing-intelligence-with-Germany.html]warning[/url ]' that it will cease to cooperate with Germany's Intelligence agencies in the future if they do.

You're thinking, 'What does any of this have to do with hacked hard-drives?!'

I think it shows that various Intelligence agencies are putting their own interests above elected representatives, the electorate and Congressional/Parliamentary scrutiny.

The NSA may well have injected code that renders most hard-drives wide-open and this news will have an impact. It could make consumers and businesses distrust products manufactured in the US. Nevertheless, in itself, it's just one more revelation that won't lead to changes. The justification for infecting anyone's hard-drives or storing all the data on everyone else has been made and there's no change in sight. Snowden's big reveal has been met by collective shrugs and business-as-usual.

We look at the hard-drive news and 'the Equation Group' and forget they are part of something much greater. We see 'NSA' in the story and forget that they have the leading-man role in a cast that includes the UK, Australia, Canada and New Zealand (5 Eyes).

The Germans are an example of what can happen if allied nations express resentment at being snooped on - it's not to be tolerated. Diplomatic media apologies are for show and, in reality, they are threatened with 'non-cooperation' through the back-channels. The wholesale infection of HDs looks bad, but silencing dissenting partners is much worse. Let's not forget that Germany is a free society and an ally of ours. When friendly nations aren't able to stand against intrusive surveillance, it highlights the stark irrelevance of we as individuals.

As I said, I think the HDs are just a small example of a surveillance state steamrolling over everything for its own interests.



posted on Feb, 17 2015 @ 03:04 AM
link   
The file is apparently called nls_933w.dll and vectors are compromised websites (terrorist ones allegedly) and media such as CD's.

www.theregister.co.uk...



posted on Feb, 17 2015 @ 03:06 AM
link   
The advisory that the news stories are based on its here securelist.com...



posted on Feb, 17 2015 @ 03:10 AM
link   
Most if not all hard drives can have their firmware modified or updated. So it is not necessary to infect them at the factory, this accounts for why only some groups in some countries have high infection rates - implying that a lot are not infected.



posted on Feb, 17 2015 @ 03:19 AM
link   
I'm real not surprised at all. There used to be a bios virus that spread through AOL and java back in the mid to late 90s that would turn the CPU fan to the lowest setting or off completely causing boards to burn before there was any real failsafe's for temperature on home PCs. Now imagine this.... There is firmware for nearly every component on a computer right? There is also firmware for your phone regardless of how old. There is the radio firm ware (connection to the towers, handling calls and texts), network firmware (for data devices), blue tooth, wifi, camera, speaker, etc etc. Firmware as well. In all actuality a cell phone is the single most private, unprotected, easiest accessible gateway to a person's life. You don't need to use the FCC to track them pinging towers or hope you can get a GPS loc on them. All you need is a little progressing skill, a short way high frequency transmitter that could fit in your pocket and 5 minutes somewhere relatively close to their phone and you could flash all of firmware to give you complete access to everything the phone is capable of right over the air.



posted on Feb, 17 2015 @ 03:27 AM
link   

originally posted by: Elton

I was pondering South Africa's inclusion in it, and suddenly I realised, it's part of BRICS! Must be a bigger threat to US hegemony than I thought.


a reply to: mOjOm
It's treason in the non-business world, too!



posted on Feb, 17 2015 @ 03:32 AM
link   
a reply to: Ridhya

Have some countries been excluded from testing, or have some not had any infections in any significant number?



posted on Feb, 17 2015 @ 03:34 AM
link   
a reply to: scghst1

Something else along these same lines is that this kind of thing is only just beginning and the NSA know this and are way ahead of the game already. Already we are starting to see more and more of "The Internet of Things" happening and not far off just about everything will have some kind of cloud service hooked into it. You're TV, Car, Fridge, Phone, etc. even your wife's favorite vibrator is going to be part of "The Internet of Things". Don't even think I'm kidding about that last one either because you know I'm right.

The NSA know this and know that when it comes to technology you can't stop the progress of it. So if you can't stop it you control it, all of it, anyway you can. Privacy be damned, laws be damned, it doesn't matter. I am positive that they already know what the future is going to bring and I'd bet my left eye on the fact that they plan and having a backdoor, secret or otherwise, into all of it and they're willing to lie, cheat and kill to make sure they do.
edit on 17-2-2015 by mOjOm because: (no reason given)



posted on Feb, 17 2015 @ 04:10 AM
link   
a reply to: AgentSmith

Hm im not the one to ask that! but it appears the ~40 countries on the picture were tested at least, and sorted by infection rate. I suppose the green countries were either not tested, or had such low infection rates they didnt bother to rank them.



posted on Feb, 17 2015 @ 05:19 AM
link   
Long ago there was a person on this site that was saying the same thing. He also concluded that other components were also compromised such as the RAID controllers and video cards.



posted on Feb, 17 2015 @ 05:25 AM
link   
Knew it.
But finally some disclosure!
Stuxnet was a BIG clue that firmware has always been vulnerable.

Some background on machine code and microcode:


Machine code

Machine code or machine language is a set of instructions executed directly by a computer's central processing unit (CPU). Each instruction performs a very specific task, such as a load, a jump, or an ALU operation on a unit of data in a CPU register or memory. Every program directly executed by a CPU is made up of a series of such instructions.

Numerical machine code (i.e. not assembly code) may be regarded as the lowest-level representation of a compiled and/or assembled computer program or as a primitive and hardware-dependent programming language. While it is possible to write programs directly in numerical machine code, it is tedious and error prone to manage individual bits and calculate numerical addresses and constants manually. It is therefore rarely done today, except for situations that require extreme optimization or debugging.

Relationship to microcode

In some computer architectures, the machine code is implemented by a more fundamental underlying layer of programs called microprograms, providing a common machine language interface across a line or family of different models of computer with widely different underlying dataflows. This is done to facilitate porting of machine language programs between different models. An example of this use is the IBM System/360 family of computers and their successors. With dataflow path widths of 8 bits to 64 bits and beyond, they nevertheless present a common architecture at the machine language level across the entire line.

Using a microcode layer to implement an emulator enables the computer to present the architecture of an entirely different computer.


en.m.wikipedia.org...



posted on Feb, 17 2015 @ 05:43 AM
link   
I guess this is the leak the NSA has been bracing for

Feb 16 -

A yet-to-be identified news outlet is preparing to release top secrets of the US National Security Agency (NSA), adding to the woes of the intelligence wing which is still suffering from the massive leaks by whistle-blower Edward Snowden.


www.ibtimes.co.uk...

Unreal, I wonder how other countries will react? interesting that Moscow based media outlet released this. I'm wondering if the US is scared sh*tless about what Moscow could release in the future.



posted on Feb, 17 2015 @ 05:54 AM
link   
a reply to: Agit8dChop

HA! Adding to their woes? Yeah right!



posted on Feb, 17 2015 @ 06:53 AM
link   
a reply to: BornAgainAlien

Simple solution really.
You want secure data?
Buy a new computer and never, NEVER connect it to the internet or any network.



posted on Feb, 17 2015 @ 07:31 AM
link   
A lot of this was the US response to the 9/11 attacks, which saw a massive growth in intelligence agencies and surveillance. 9/11 was the perfect excuse they needed to push through sweeping changes in intelligence gathering and ramrod through spy programs like this. Now, do you really believe your PC needs to "update" nearly every other day?



posted on Feb, 17 2015 @ 07:31 AM
link   

originally posted by: RedmoonMWC
a reply to: BornAgainAlien

Simple solution really.
You want secure data?
Buy a new computer and never, NEVER connect it to the internet or any network.


. pretty much the truth of the matter. There is and has been specific cases and viruses of firmware since the early 90s. It's never going away, it seems it's only going to get worse. I actually feel pretty crappy to be an Amerikan, compared to the rest of the world, right now. I would really consider buying either low-name or high branded RAID server drives if you want to have any chance of it not already being infected from the ground up.



posted on Feb, 17 2015 @ 07:54 AM
link   

originally posted by: RedmoonMWC
a reply to: BornAgainAlien

Simple solution really.
You want secure data?
Buy a new computer and never, NEVER connect it to the internet or any network.




LOL.

If you want absolute digital security you'd need to DESIGN and MANUFACTURE all of your own parts (right down to the chip architecture level)
Then secure any firmware and chip sets you've made using your own novel cryptographic security system.
Then write your own proprietary control and interface software.
Then manually assemble the system yourself- whilst ensuring no one could physically access whilst you were asleep!

Although the evidence is to the contrary; I wouldn't be surprised if ALL digital security has complex mathematical "solves" built into core elements ( such as the random number generation element) that would enable a well prepared adversary to solve in vastly reduced times.




top topics



 
58
<< 1    3  4  5 >>

log in

join