Majority of HDD and SSD in the world are firmware infected

Discussion in 'Storage & Backup' started by damn duck, Feb 18, 2015.

  1. damn duck

    damn duck Member

    Joined:
    Jul 23, 2012
    Messages:
    1,563
    Location:
    duck pond
    Well shit. Breaking news from Kaspersky published by Reuters:

    Infect the entire world silently.
    Activate on only the most delicious targets.
    Oh shit the secret got out.
    Everyone hacks each other with built in Godmode hack.

    This is a big deal.
     
  2. Zyklone

    Zyklone Member

    Joined:
    May 1, 2005
    Messages:
    504
    Location:
    Teh Internets
    This is massive news, but sadly will make no waves as no-one could be surprised by this.

    I'm curious as to know how Americans would feel if the Chinese government implemented the same kind of back doors into computer hardware, in order to spy on Americans.

    There seems to be a general acceptance that if NSA is doing it, its probably fine, but if the Chinese were doing it, then it would be completely unacceptable and we should threaten China with sanctions and ban all Chinese products to stop it.
     
  3. davros123

    davros123 Member

    Joined:
    Jun 18, 2008
    Messages:
    2,927
    What's the big deal. If you are not doing anything wrong, who cares?
    It's the Russians that stuffed it for everyone. The NSA was just trying to protect us.

    ;)

    On a more serious note, I wonder how this impacts performance?
     
    Last edited: Feb 18, 2015
  4. aza2001

    aza2001 Member

    Joined:
    Sep 14, 2002
    Messages:
    2,017
    Location:
    Northmead
    I need a new tin foil hat and one for my computer, router, and possibly one for my house now :p
     
  5. power

    power Member

    Joined:
    Apr 20, 2002
    Messages:
    57,124
    Location:
    brisbane
    more on this story here - this is a huge and very well written article.

    http://arstechnica.com/security/201...-nsa-hid-for-14-years-and-were-found-at-last/

    [​IMG]

    [​IMG]

    And this tidbit from the NSA themselves.

     
    Last edited: Feb 18, 2015
  6. OP
    OP
    damn duck

    damn duck Member

    Joined:
    Jul 23, 2012
    Messages:
    1,563
    Location:
    duck pond
    This seems the most telling of how serious an issue this is...
     
  7. BurningFeetMan

    BurningFeetMan Member

    Joined:
    Apr 22, 2003
    Messages:
    8,129
    Location:
    Veg City
    In before hack...
     
  8. aokman

    aokman Member

    Joined:
    Jul 12, 2001
    Messages:
    12,459
    Location:
    Melbourne
    So am I the only person wondering why rewriting HDD firmware isn't disabled by default with a jumper or something...
     
  9. power

    power Member

    Joined:
    Apr 20, 2002
    Messages:
    57,124
    Location:
    brisbane
    probably????
     
  10. lionman

    lionman Member

    Joined:
    Apr 27, 2008
    Messages:
    2,875
    Location:
    Perth,WA,Earth
    Probably because in the event a major issue is uncovered with the firmware that required drives to have the firmware upgraded, manufactures have the much cheaper option of pushing out an update to users directly rather than having to deal with heaps of warranty claims.
     
  11. power

    power Member

    Joined:
    Apr 20, 2002
    Messages:
    57,124
    Location:
    brisbane
    that and it's extremely rare for HDD firmware to require an update.

    2 instances I can think of are the original IBM Deathstars (Hitachi fixed the issue with f/w) and a few SSD's had minor firmware bugs.

    It's just not something you normally need to do.
     
  12. whatdoesthisdo

    whatdoesthisdo Member

    Joined:
    Jan 19, 2011
    Messages:
    7,574
    Location:
    Brisbane
    My ocz ssd drive ain't looking too bad now, hold on I just did a firmware update on it...

    [​IMG]
     
  13. OP
    OP
    damn duck

    damn duck Member

    Joined:
    Jul 23, 2012
    Messages:
    1,563
    Location:
    duck pond
    This is a good write up of the firmware malware

    http://thehackernews.com/2015/02/hard-drive-firmware-hacking.html?m=1
     
  14. digian

    digian Member

    Joined:
    Jan 20, 2003
    Messages:
    413
    I found it interesting that OCZ appeared in the list of drive vendors. Yet few, if any blogs mention that SSD's are affected. Only spinning disks.

    To my knowledge, OCZ only ever made SSD's. Happy to hear otherwise?

    Great idea, I don't mind having to remove a jumper in the rare event that I do need to flash a drive.
     
    Last edited: Feb 19, 2015
  15. rugger

    rugger Member

    Joined:
    Aug 24, 2003
    Messages:
    160
    Panicking is not required.

    I doubt the NSA would infect the entire world.

    Too much risk of having their work found and dissected even sooner.

    Better to only use it against your targets and only sparingly.

    Additionally, a drive by itself cannot easily send data to the internet. A program on the computer can store information covertly on a hacked drive, but the drive itself on a completely otherwise uninfected computer couldn't just up and send data to the NSA.
     
  16. IACSecurity

    IACSecurity Member

    Joined:
    Jul 11, 2008
    Messages:
    750
    Location:
    ork.sg
    on a MORE serious note?... Performance. ahahaha
     
  17. SLATYE

    SLATYE SLATYE, not SLAYTE

    Joined:
    Nov 11, 2002
    Messages:
    26,824
    Location:
    Canberra
    Do drives store the firmware on the platters now, or is it on a separate EEPROM? If it's on an EEPROM, preventing any changes to the firmware should be straightforward (lift the write-enable pin off its pad).

    digian - possibly just because SSD firmwares are horribly complicated compared to HDD firmwares (because they have to do all the wear levelling). It's quite possible that they've only had time to analyse the firmware on a small number of much older, much simpler drives (like the original OCZ ones).

    No doubt the USA will complain when Chinese SSD production starts and everyone buys cheap Chinese SSDs (that are potentially compromised by the Chinese authorities) rather than expensive American/Japanese/Korean drives. I look forward to that day.
     
  18. Dark Orange

    Dark Orange Member

    Joined:
    Nov 22, 2008
    Messages:
    1,692
    According to this article...

     
  19. millsy_c

    millsy_c Member

    Joined:
    Mar 31, 2007
    Messages:
    12,553
    Location:
    Brisbane
    Your title is clickbaiting bullshit hyperbole. The only fact in that article is that they could/can infect the firmware of certain HDD models. Hardly the whole world.

    /out
     
  20. aokman

    aokman Member

    Joined:
    Jul 12, 2001
    Messages:
    12,459
    Location:
    Melbourne
    Still EEPROM so there is no reason why they cant disable the write pin via a jumper etc.
     

Share This Page