It looks like you're using an Ad Blocker.
Please white-list or disable AboveTopSecret.com in your ad-blocking tool.
Thank you.
Some features of ATS will be disabled while you continue to use an ad-blocker.
Moscow-Based Security Firm Reveals What May Be The Biggest NSA "Backdoor Exploit" Ever
page: 3share:
originally posted by: SkepticOverlord
originally posted by: Phage
So...virtually every hard drive has this backdoor hardwired into it?
Yes, that's what Kaspersky is saying.
Scary as hell.
Yeah, it`s horrible.
Now I can understand as to why everyone on the hacker conferences has tape over the cameras/microphones of their laptops. I would bet your mobile phone is also not safe to have laying around in your house while sitting close by and having a conversation.
a reply to: BornAgainAlien
You're right, they're not! Ed Snowden insisted that Greenwald et al place their phones in fridges/freezers to prevent the possibility of covert video/audio.
Pretty much any camera/mic with a connection to an exchange, satellite or server can be activated to record. Or so the story goes.
I would bet your mobile phone is also not safe to have laying around in your house while sitting close by and having a conversation.
You're right, they're not! Ed Snowden insisted that Greenwald et al place their phones in fridges/freezers to prevent the possibility of covert video/audio.
Pretty much any camera/mic with a connection to an exchange, satellite or server can be activated to record. Or so the story goes.
a reply to: Blackmarketeer
Hahaha...EXACTLY
Now, do you really believe your PC needs to "update" nearly every other day?
Hahaha...EXACTLY
a reply to: Kandinsky
This a great piece on it...
And we thought technology was going to make our lives better, but the way they use it, we are being imprisoned and will live our lives locked up.
I had to think about the beginning of Half Life 2 and how it feels to be in such a environment, we are already in what was been shown there, only in HF2 it`s a bit more visible.
Look from 1:58 minutes and on for about 10 minutes (or a bit longer)...
This a great piece on it...
If you haven’t figured it out yet, we’re all criminals. This is the creepy, calculating yet diabolical genius of the American police state: the very technology we hailed as revolutionary and liberating has become our prison, jailer, probation officer, Big Brother and Father Knows Best all rolled into one.
Source
And we thought technology was going to make our lives better, but the way they use it, we are being imprisoned and will live our lives locked up.
I had to think about the beginning of Half Life 2 and how it feels to be in such a environment, we are already in what was been shown there, only in HF2 it`s a bit more visible.
Look from 1:58 minutes and on for about 10 minutes (or a bit longer)...
a reply to: mOjOm
You're absolutely right.
This 'treason' is known in the 'business-world' for quite some time now. At the very latest since the Snowden-leaks in June 2013.
I guess this IS a new dimension though.
Fact is, German firms like KMW are spending billions of €uros already for prevention against industrial espionage from our friends in the U.S., aswell as China btw.
The NSA is by no means just protecting US national security, but they are guilty of industrial espionage.
*I bet Heinrich Himmler is drooling in his grave.
The NSA is truly more sinister than his Gestapo and the socialist Stasi combined.
You're absolutely right.
This 'treason' is known in the 'business-world' for quite some time now. At the very latest since the Snowden-leaks in June 2013.
I guess this IS a new dimension though.
Fact is, German firms like KMW are spending billions of €uros already for prevention against industrial espionage from our friends in the U.S., aswell as China btw.
The NSA is by no means just protecting US national security, but they are guilty of industrial espionage.
*I bet Heinrich Himmler is drooling in his grave.
The NSA is truly more sinister than his Gestapo and the socialist Stasi combined.
edit on 17-2-2015 by ColCurious because: (no reason
given)
originally posted by: SkepticOverlord
This is as bad as it gets.
As the MPUs on the drives became more capable and the drive storage media more and more dense, it becomes possible to actually hide fairly complex code for the MPU on the drive itself in hidden tracks. So it can have a little OS and some fairly large chunks of code.
Large enough for the on-drive MPU to be able, say, to inspect your drive's file structure. Most of them will be something pretty straightforward like NTFS or FAT. So now the little MPU can spend all that free time sitting there poring through your executables and OS files and inserting extras.
That *might* take some collusion by the drive manufacturers, but maybe not, if you had the basics of a way to allocate some undocumented space and load a little RTOS to it in the drive code, then some outside program could actually load the thing on the user's system.
originally posted by: Ridhya
a reply to: Bedlam
My hd's almost full, I was looking for a ssd, but would it be more secure to find some old hd? Or are they all compromised, and we're all just bent over already?
The first time I heard about this being looked at, when they had just come out with IDEs they had evaluated the feasibility of it. At the time, they were using 8051s, which were a bit lame but usable. I haven't followed HD onboard electronics, I would assume a lot of them are 32 bit ARMs these days. I could go look.
BIRUSes were already being tried by then, too.
eta: however, as pointed out upthread, they can't go after EVERYTHING. So they target machines in appropriate locales. You would most likely never have any interaction with them. If you are really worried about it, never connect the machine to the net. It's what WE do. What's not connected can't be inspected.
edit on 17-2-2015 by Bedlam because: (no reason given)
a reply to: RedmoonMWC
How would you securely share important files between hard drives then?
If all the firmware down to the microchips in the USB drives can be infected, it would be impossible to know if you havent infected your new machine with birus spyware that updates itself each time it indirectly reconnects to your networked computer through the USB stick.
How would you securely share important files between hard drives then?
If all the firmware down to the microchips in the USB drives can be infected, it would be impossible to know if you havent infected your new machine with birus spyware that updates itself each time it indirectly reconnects to your networked computer through the USB stick.
edit on 17 2 15
by funkadeliaaaa because: (no reason given)
edit on 17 2 15 by funkadeliaaaa because: (no reason given)
originally posted by: SkepticOverlord
Most likely through NSA employees or assets in sensitive positions at hard drive manufacturers.
I'd do it at the test facility. They load test code in the blank drive, and (at least it used to work this way) the stand has a write head that comes in from the side and writes the initial track and sector marks. You could load the secret info on the hidden track at that time, and add in your non-spec MCU firmware.
Or, and this sort of depends on how WD et al do their MCU design, you could add in the firmware and a few extra instructions at the chip design level and just not tell them about it. They'd test the thing and it would seem fine, to them.
a reply to: Bedlam
Very good info thanks for sharing.
Do you mean to say the microcode downloaded could be faked as in emulated with the right birus?
Very good info thanks for sharing.
The BIOS for the machine can also do something along those lines, a bit more indirectly. And the processor itself gets a download of microcode the contents of which only a handful of people are familiar with. It's encrypted and you get it as a bin file you have to include in the BIOS. Maybe it's microcode. Maybe it's something else - you'll never know.
.
Do you mean to say the microcode downloaded could be faked as in emulated with the right birus?
edit on 17 2 15 by funkadeliaaaa because: (no reason given)
edit on 17 2 15 by funkadeliaaaa because: (no reason
given)
originally posted by: funkadeliaaaa
Do you mean to say the microcode downloaded could be faked as in emulated with the right birus?
Well, you have no idea what's in there. None at all. You get a .bin file with the processor update microcode in there and it's merged into the BIOS. It's loaded into the CPU at boot time.
I've got no clue specifically what it does. We have "red" document status with Intel, which gives you access on a need-to-know basis about undisclosed/secret/trade secret info on parts. We do classified BIOS development for small run computer systems, and need to know that sort of thing, and WE couldn't find out. We got told by our upstream sponsoring agency "hey, we certify this bin file with signature such and so" and that was that. We're told it's updates to increase the efficiency of some instructions, or to fix some that are "broken" or that you can add new instructions in future that way.
So the question is, while that microcode might be nothing more than updates on how to do string moves and the like, it could also contain some nifty instructions that would allow the CPU to do pesky non-secure things, or code to cause it to do so. Or, if you were the NSA, you might be able to rewrite an otherwise clean set of microcode to allow you to do awfully non-secure things you mightn't be able to in a sane CPU, just by modifying the BIOS.
a reply to: SkepticOverlord
Uh Skeptic
"As bad as it gets" I honestly expected you to provide some sort of complex excuse for NSA or whoever did all this
There is hope for you yet son
Uh Skeptic
"As bad as it gets" I honestly expected you to provide some sort of complex excuse for NSA or whoever did all this
There is hope for you yet son
originally posted by: Agit8dChop
I guess this is the leak the NSA has been bracing for...
(rubs chin) It may or may not blow up. It's sort of tech-y. Most people may not understand the ramifications of it.
There are WAY better things to get really pissed off about that they haven't launched into prime time yet. I can think of two off-hand NSA is doing/can do and either would be a really big pile of dog #. (we need a ROFL emoticon)
originally posted by: Phage
a reply to: SkepticOverlord
So...virtually every hard drive has this backdoor hardwired into it?
They leave the shop with it? That would have to be the case, right?
Yes.
Where it really becomes problematic is if we're capable of using this backdoor, you have to assume other nations are as well, so the NSA's actions in giving themselves access to all of this hardware, has effectively also given this access to our enemies as well.
Hey gang you are only scratching the surface on the use of firmware. Give this a thought if this device gives outside access to the hardware whats
stopping them from hijacking other portions of the PC's firmware? The PC now becomes completely infected concealed within itself. Remember to
exchange info it still needs access to the rest of the world. That might require other sneaky moves to get around data monitors within the PC but if
you control it internally there is no reason to expect it can't hide that from the system as well.
While we are at it what stops any portion of the firmware within our phones from having the same built in back-doors? Unless a single entity is in control of the whole device firmware design and implementation from beginning to end any other firmware within the device might be a source.
I had a neighbor within the defense industry that was required to turn off and place his phone within a RF secure box before going into work. So it's possible that other actors and countries already have this access.
If paranoia is you wish this could drive you daft. Hold on the ride gets bumpy from here.
While we are at it what stops any portion of the firmware within our phones from having the same built in back-doors? Unless a single entity is in control of the whole device firmware design and implementation from beginning to end any other firmware within the device might be a source.
I had a neighbor within the defense industry that was required to turn off and place his phone within a RF secure box before going into work. So it's possible that other actors and countries already have this access.
If paranoia is you wish this could drive you daft. Hold on the ride gets bumpy from here.
I thought I would add this research paper about the Equation Group to this discussion:
EQUATION GROUP: QUESTIONS AND
ANSWERS This is 4MB 44 pages PDF file type. Lots of relevant information in it.
edit on 02pm2015-02-17T23:49:59-06:0011492America/Chicago49228 by machineintelligence because: word spacing
a reply to: staple
It was not me but i remember that too.
I cant find the thread or post? but I wondered this years ago, I remember specifically posting whether computers had a backdoor or key that the government might have that would gain them access to your computer. And I remember being shot down for the idea and certain members saying that it was impossible to do. 11 years on….
Right from the start they would never allow the internet to be free. They would have sat down and speculated on all the possible eventualities, then using the vast knowledge they have from history and the great minds they have on their payroll, would have worked on the best solutions.
Kind of takes the personal out of personal computing doesn't it.
It was not me but i remember that too.
I cant find the thread or post? but I wondered this years ago, I remember specifically posting whether computers had a backdoor or key that the government might have that would gain them access to your computer. And I remember being shot down for the idea and certain members saying that it was impossible to do. 11 years on….
Right from the start they would never allow the internet to be free. They would have sat down and speculated on all the possible eventualities, then using the vast knowledge they have from history and the great minds they have on their payroll, would have worked on the best solutions.
Kind of takes the personal out of personal computing doesn't it.
a reply to: kode
Certainly does take the personal out of PCs! I am already aware of the vast spying that goes on with GCHQ/NSA, it turns my insides. But I always thought if I used a computer that has never been conneted to the internet, they can't spy on me.
Shock, horror, now they can. And have been since 2008.
Disgusted.
But people will do nothing, shrug and say "But I've nothing to hide" and carry on with their monitored lives.
Certainly does take the personal out of PCs! I am already aware of the vast spying that goes on with GCHQ/NSA, it turns my insides. But I always thought if I used a computer that has never been conneted to the internet, they can't spy on me.
Shock, horror, now they can. And have been since 2008.
Disgusted.
But people will do nothing, shrug and say "But I've nothing to hide" and carry on with their monitored lives.
new topics
-
Bobiverse
Fantasy & Science Fiction: 1 hours ago -
Florida man's trip overseas ends in shock over $143,000 T-Mobile phone bill
Social Issues and Civil Unrest: 1 hours ago -
Former Labour minister Frank Field dies aged 81
People: 3 hours ago -
SETI chief says US has no evidence for alien technology. 'And we never have'
Aliens and UFOs: 5 hours ago -
This is our Story
General Entertainment: 7 hours ago -
President BIDEN Vows to Make Americans Pay More Federal Taxes in 2025 - Political Suicide.
2024 Elections: 10 hours ago -
Ode to Artemis
General Chit Chat: 10 hours ago
top topics
-
President BIDEN Vows to Make Americans Pay More Federal Taxes in 2025 - Political Suicide.
2024 Elections: 10 hours ago, 14 flags -
Should Biden Replace Harris With AOC On the 2024 Democrat Ticket?
2024 Elections: 16 hours ago, 6 flags -
One Flame Throwing Robot Dog for Christmas Please!
Weaponry: 14 hours ago, 6 flags -
Don't take advantage of people just because it seems easy it will backfire
Rant: 14 hours ago, 4 flags -
Ditching physical money
History: 14 hours ago, 4 flags -
SETI chief says US has no evidence for alien technology. 'And we never have'
Aliens and UFOs: 5 hours ago, 4 flags -
Ode to Artemis
General Chit Chat: 10 hours ago, 3 flags -
Former Labour minister Frank Field dies aged 81
People: 3 hours ago, 3 flags -
VirginOfGrand says hello
Introductions: 15 hours ago, 2 flags -
This is our Story
General Entertainment: 7 hours ago, 2 flags
active topics
-
So this is what Hamas considers 'freedom fighting' ...
War On Terrorism • 255 • : network dude -
SETI chief says US has no evidence for alien technology. 'And we never have'
Aliens and UFOs • 22 • : Ophiuchus1 -
Police clash with St George’s Day protesters at central London rally
Social Issues and Civil Unrest • 43 • : SprocketUK -
Mood Music Part VI
Music • 3097 • : TheWoker -
President BIDEN Vows to Make Americans Pay More Federal Taxes in 2025 - Political Suicide.
2024 Elections • 42 • : network dude -
Post A Funny (T&C Friendly) Pic Part IV: The LOL awakens!
General Chit Chat • 7132 • : watchitburn -
"We're All Hamas" Heard at Columbia University Protests
Social Issues and Civil Unrest • 271 • : TzarChasm -
University student disciplined after saying veganism is wrong and gender fluidity is stupid
Education and Media • 45 • : TzarChasm -
Florida man's trip overseas ends in shock over $143,000 T-Mobile phone bill
Social Issues and Civil Unrest • 1 • : budzprime69 -
Don't take advantage of people just because it seems easy it will backfire
Rant • 7 • : confuzedcitizen