On Wed, Sep 11, 2013 at 2:56 PM, Geoff Steckel <g...@oat.com> wrote: > Disk drives are (presumably) trivial to take over. They have firmware > and mechanisms to > use alternate physical blocks for a given logical block. >
You're absolutely correct, and this is not theoretical: (page navigation is in the links on the right): http://spritesmods.com/?art=hddhack&page=1 His proof-of-concept (for a remotely-compromised HD on a web server) involves requesting a URL with a trigger string in it. When the URL gets written to the web server's log file, the HD firmware sees this and arms itself. Now, when /etc/shadow is next read, the firmware adds a hidden account to it. -David
