some light reading on the topic of HD firmware backdoors:

On Tue, Feb 17, 2015 at 9:28 AM, Russell Senior
<> wrote:
>>>>>> "Michael" == Michael Rasmussen <> writes:
> Michael> Or so reports Kaspersky.
> Michael> 
> One thing the articles about this problem keep saying and which doesn't
> make complete sense is that "this infection is immune to removal".
> There is a method to get the infection into spare sectors and into
> firmware, which seems to me to mean that there *is* a way to see those
> raw sectors and/or firmware in a such a way as to a) see what's there;
> and b) remodify the firmware.
> It might be that if you are dependent on the firmware to inspect or
> replace the firmware, then the infected firmware could just lie to you
> in order to hide itself.  In which case, these devices really need to
> have some offline way of inspecting their flash sufficient to generate
> dumps and checksums to verify they are running what you think they are
> running.
> What tools currently exist on linux to inspect the hard disk firmware?
> I recall updating some hard disk firmware (several years ago), but
> perhaps using a vendor supplied freedos-based software kit.
> --
> Russell Senior, President
> _______________________________________________
> PLUG mailing list
PLUG mailing list

Reply via email to