Got a Western Digital, Seagate or Toshiba hard drive? Da NSA owns you!

K

Kiopa_Matt

Banned
May 13, 2011
5,216
52
0
Russian researchers expose breakthrough U.S. spying program | Reuters

The U.S. National Security Agency has figured out how to hide spying software deep within hard drives made by Western Digital, Seagate, Toshiba and other top manufacturers, giving the agency the means to eavesdrop on the majority of the world's computers, according to cyber researchers and former operatives.
Click to expand...

And the source is Reuters, which is about as credible as you can get.
 


We have more privacy with writing a letter and mailing it than writing one on our laptops -_- wtf is wrong with the world today.
 
"and other top manufacturers"

try and find an hdd not manufactured by them
 
Yeah, apparently tapping the submarine cables, and stealing virtually 100% of all internet traffic wasn't enough. They need to back door every hard drive on the planet too.

Cunts.
 
AdamC said:
"and other top manufacturers"

try and find an hdd not manufactured by them
Click to expand...

As the article pointed out, IBM, Samsung, Toshiba, Hitachi, etc. And if they also mean SSDs, then you can add about another dozen major manufacturers to the list, like Intel, Crucial, Kingston, Corsair, Plextor, Sandisk, OCZ... the list goes on and on.
 
Here's a pretty in-depth article about the nature of the exploits for anyone interested.

The malicious firmware created a secret storage vault that survived military-grade disk wiping and reformatting, making sensitive data stolen from victims available even after reformatting the drive and reinstalling the operating system. The firmware also provided programming interfaces that other code in Equation Group's sprawling malware library could access. Once a hard drive was compromised, the infection was impossible to detect or remove.
Click to expand...

....

GrayFish is the crowning achievement of the Equation Group. The malware platform is so complex that Kaspersky researchers still understand only a fraction of its capabilities and inner workings. Key to the sophistication of GrayFish is its bootkit, which allows it to take extraordinarily granular control of the machines it infects.

"This allows it to control the launching of Windows at each stage," Kaspersky's written report explained. "In fact, after infection, the computer is not run by itself anymore: it is GrayFish that runs it step by step, making the necessary changes on the fly."
Click to expand...


I feel safer already.
 
  • Like
Reactions: GerardWon
Fatbat said:
As the article pointed out, IBM, Samsung, Toshiba, Hitachi, etc. And if they also mean SSDs, then you can add about another dozen major manufacturers to the list, like Intel, Crucial, Kingston, Corsair, Plextor, Sandisk, OCZ... the list goes on and on.
Click to expand...

They are all owned or involved with the top 3

800px-Diagram_of_Hard_Disk_Drive_Manufacturer_Consolidation.svg.png
 
I think again you are reading what you want to read and not what's actually written. read this again slowly "The U.S. National Security Agency has figured out how to hide spying software deep within hard drives made by Western Digital, Seagate, Toshiba and other top manufacturers, giving the agency the means to eavesdrop on the majority of the world's computers, according to cyber researchers and former operatives.".

This is not saying that the NSA has actually done this on every computer in the world, so the statements "Got a Western Digital, Seagate or Toshiba hard drive? Da NSA owns you!" and "They need to back door every hard drive on the planet too." are more of your paranoid delusions.
 
nickster said:
I think again you are reading what you want to read and not what's actually written. read this again slowly "The U.S. National Security Agency has figured out how to hide spying software deep within hard drives made by Western Digital, Seagate, Toshiba and other top manufacturers, giving the agency the means to eavesdrop on the majority of the world's computers, according to cyber researchers and former operatives.".

This is not saying that the NSA has actually done this on every computer in the world, so the statements "Got a Western Digital, Seagate or Toshiba hard drive? Da NSA owns you!" and "They need to back door every hard drive on the planet too." are more of your paranoid delusions.
Click to expand...

Nickster is right. The NSA uses interdictions (intercepting the mail from legitimate senders) in order to plant the malware on specific targets only. Once the payload is dropped, Grayfish reflashes the hard drive's firmware with its bootkit malware.

From the article posted by Unarmed Gunman:

One of the most intriguing elements of Equation Group is its suspected use of interdiction to infect targets. Besides speaking to the group's organization and advanced capabilities, such interceptions demonstrate the lengths to which the group will go to infect people of interest. The CD from the 2009 Houston conference—which Kaspersky declined to identify, except to say it was related to science—tried to use the autorun.inf mechanism in Windows to install malware dubbed DoubleFantasy. Kaspersky knows that conference organizers did send attendees a disc, and the company knows the identity of at least one conference participant who received a maliciously modified one, but company researchers provided few other details and don't know precisely how the malicious content wound up on the disc.
Click to expand...

The FBI also uses interdictions plant malware on persons of interest, though unlike the NSA they need to go through the motions of obtaining court approval from a conventional federal court.
 
^^ Nickster, are you seriously rationalizing their actions?

As phrench implied, if any of us ever tried to pull something like this even on 0.005% of a magnitude, we'd be thrown in a cell for 10+ years. Yet, I'm supposed to feel it's ok if the government does it? I'm sorry, but if the govts wanted my trust, they shouldn't have pulled stunts like tapping the submarine cables.
 
Kiopa_Matt said:
^^ Nickster, are you seriously rationalizing their actions?

As phrench implied, if any of us ever tried to pull something like this even on 0.005% of a magnitude, we'd be thrown in a cell for 10+ years. Yet, I'm supposed to feel it's ok if the government does it? I'm sorry, but if the govts wanted my trust, they shouldn't have pulled stunts like tapping the submarine cables.
Click to expand...

I don't think Nickster is rationalizing it. He's just stating that not every hard drive is infected with this malware. Only specific targets are infected with it. The article linked by Unarmed Gunman affirms Nickster's statement.

It still sucks, and I hate this extralegal shit since the NSA is totally above the law because it engages in foreign intelligence gathering for the purpose of "national security".
 
nickster said:
I think again you are reading what you want to read and not what's actually written. read this again slowly "The U.S. National Security Agency has figured out how to hide spying software deep within hard drives made by Western Digital, Seagate, Toshiba and other top manufacturers, giving the agency the means to eavesdrop on the majority of the world's computers, according to cyber researchers and former operatives.".

This is not saying that the NSA has actually done this on every computer in the world, so the statements "Got a Western Digital, Seagate or Toshiba hard drive? Da NSA owns you!" and "They need to back door every hard drive on the planet too." are more of your paranoid delusions.
Click to expand...

Must you take everything that is written so literally? Of course every personal computer on the planet isn't compromised. That still doesn't negate the fact that just about every single communication on this planet is being monitored by one or more security agencies, nor does it negate what was actually written in the article...

Kaspersky said it found personal computers in 30 countries infected with one or more of the spying programs...

Kaspersky published the technical details of its research on Monday, which should help infected institutions detect the spying programs, some of which trace back as far as 2001.
Click to expand...

Which says, not only do they know how to do it, they've been doing it a lot, and for a very long time.

Then again, a conspiracy theorist basement dwelling neckbeard living abroad might just be considered a high enough value target to warrant monitoring. You never know what kind of activity might get you on a watch list somewhere. You better be careful Matt!
 
Fatbat said:
Must you take everything that is written so literally? Of course every personal computer on the planet isn't compromised. That still doesn't negate the fact that just about every single communication on this planet is being monitored by one or more security agencies, nor does it negate what was actually written in the article...
Click to expand...

I'm not arguing with the article I am saying that, yet again, Kiopa_Matt is reading things totally wrong and allowing his misinterpretation to back his conspiracy theories and passing this misinformation on to other similarly weak minded individuals.

You say "Of course every personal computer on the planet isn't compromised" because you are looking at it from a rational point of view, however there are A LOT of people (Kiopa included) who cannot distinguish between reality and their own paranoid fantasies.

And Kiopa_Matt, yet again you are doing what people like you always do, which is give spurious material (or spurious interpretation of material) and then when the fallacies are being pointed out you take some strange position and argue against something that hasn't been said at all e.g. "are you seriously rationalising their actions". When did I rationalise their actions? I am just pointing out that those actions are not what you are saying they are.

Do I think someone should be spying on every move we make? No
Do I think someone IS spying on every move we make? No
 
SirKonstantine said:
We have more privacy with writing a letter and mailing it than writing one on our laptops -_- wtf is wrong with the world today.
Click to expand...

Sorry bro but the scanning technology used to sort mail can also read the contents of the envelope as well. There is no such thing as privacy. The question is does it really matter? You actually have more privacy with mass surveliance than a more targeted approach. It's easier to blend in with the noise. But after its all said and done it doesn't make any difference. If the NSA wants you you're fucked no matter what you do.
 
dmnEPC said:
The question is does it really matter? You actually have more privacy with mass surveliance than a more targeted approach. It's easier to blend in with the noise.
Click to expand...

In the UK at least, laws are changing fast. 2 years ago, bondage porn was made illegal in the UK and barely anyone knows about it, I expect most people who watch online porn will watch bondage porn as much as any other.

If, at some point in the future, someone decides to be an activist, a politician, a journalist or some other person of interest, government agencies can go over your online and offline history and potentially use it against you. So, does it matter? I think so! your past can become relevant when you least expect it!
 
AdamC said:
In the UK at least, laws are changing fast. 2 years ago, bondage porn was made illegal in the UK and barely anyone knows about it, I expect most people who watch online porn will watch bondage porn as much as any other.

If, at some point in the future, someone decides to be an activist, a politician, a journalist or some other person of interest, government agencies can go over your online and offline history and potentially use it against you. So, does it matter? I think so! your past can become relevant when you least expect it!
Click to expand...

Nah, the law for online UK based production was just brought in line with existing standards - it's still OK to watch most things, it just can't be made in this country.

Right about the second part though. With the collection services at NSA/GCHQ disposal & the Utah data centre.. :anon.sml:

Hypothetical Q: If encrypted data is incepted and stored, when quantum computing can brute-force current standards, could the hidden data be recovered?
 
You must log in or register to reply here.
Top Bottom