Re: [Trisquel-users] Spying software hidden deep within hard drives made by Western Digital, Seagate, Toshiba and other top manufacturers
Heather: How does it make you feel that posters here hate DARPA, the military, the NSA, the USA, etc? They hate your father. They may hate all of your family. Is it not like biting the hand that feeds one? What have you done for me lately type think, etc? What do you think should happen to these people? What would happen to them if you were the ruler, if there were no limits placed upon you as ruler?
Re: [Trisquel-users] Spying software hidden deep within hard drives made by Western Digital, Seagate, Toshiba and other top manufacturers
What would happen to them if you were the ruler, if there were no limits placed upon you as ruler? They'd be subjects to a monarch, namely me?
Re: [Trisquel-users] Spying software hidden deep within hard drives made by Western Digital, Seagate, Toshiba and other top manufacturers
davidnotcoulthard said: What would happen to them if you were the ruler, if there were no limits placed upon you as ruler? They'd be subjects to a monarch, namely me? If you was a dictator or some crazy religious cult trying to annihilate and decimated our friends, family and constitutional rights our way of life, then someone in a remote location probably will go the length to snipe you. Either with social network, politically or just decommission your existence from this planet!
Re: [Trisquel-users] Spying software hidden deep within hard drives made by Western Digital, Seagate, Toshiba and other top manufacturers
chaosesqueteam said Heather: How does it make you feel that posters here hate DARPA, the military, the NSA, the USA, etc? They hate your father. They may hate all of your family. Is it not like biting the hand that feeds one? What have you done for me lately type think, etc? What do you think should happen to these people? What would happen to them if you were the ruler, if there were no limits placed upon you as ruler? What are you trying to day?-
Re: [Trisquel-users] Spying software hidden deep within hard drives made by Western Digital, Seagate, Toshiba and other top manufacturers
On 06.03.2015 19:33, davidvarg...@mac.com wrote: lead Kaspersky researcher Costin Raiu said in an interview. I find it useful to know that the director of research of Kaspersky is Romanian working from the Bucharest office and available for interviews. Fundația Ceata can also contact him for an interview to raise awareness on privacy. Thanks!
Re: [Trisquel-users] Spying software hidden deep within hard drives made by Western Digital, Seagate, Toshiba and other top manufacturers
more updates from the Electronic Frontier Foundation Russian Researchers Uncover Sophisticated NSA Malware Defending your rights in the digital world February 19, 2015 | By Eva Galperin and Cooper Quintin Russian Researchers Uncover Sophisticated NSA Malware Over the weekend Russian IT security vendor Kaspersky Lab released a report about a new family of malware dubbed The Equation Family. The software appears, from Kaspersky's description, to be some of the most advanced malware ever seen. It is composed of several different pieces of software, which Kaspersky Lab reports work together and have been infecting computer users around the world for over a decade. It appears that specific techniques and exploits developed by the Equation Group were later used by the authors of Stuxnet, Flame, and Regin. The report alleges that the malware has significant commonalities with other programs that have been attributed to Western intelligence agencies; Reuters subsequently released an article about the report in which an anonymous former NSA employee claims that the malware was directly developed by the NSA. Among the most interesting and advanced features of the malware is its ability to compromise and rewrite hard drive firmware. Reprogramming the hard drive itself in this way is a deeper level of compromise than infecting an operating system, and can let the malware re-install itself from a hidden sector of the hard drive even if the drive is securely wiped and reformatted and the OS is reinstalled from scratch. Conventional wisdom about reinstalling operating systems in response to suspected infections may therefore not be enough for the victims of attacks like Equation's. Antivirus companies regularly try to improve their products by doing malware research—trying to find and analyze new malicious software in the wild. They are in a very good position to see the entire landscape of malicious software and attacks, which today increasingly includes government-sponsored malware. Some observers found it significant that Kaspersky—a Russian firm—was the only company to release a report about the Equation Group, Kaspersky's shorthand name for the anonymous authors of the malware. Many antivirus companies are based in, or have important business interests in, countries that develop government malware, such as the Five Eyes (the U.S., United Kingdom, Australia, New Zealand, and Canada), and these companies may come under pressure to conceal government malware. Having antivirus companies, security companies, and malware researchers in a variety of different jurisdictions is valuable in that they can collaborate on their research and resist this sort of pressure. The hard drive firmware capabilities of the Equation Group malware and code names that are described in the report match up closely with NSA capabilities and code names previously disclosed in Der Spiegel. That lends credibility to the hypothesis that Equation Group is part of or affiliated with the NSA, which would mark one of the first times that programs or capabilities exposed by journalists were specifically found in the wild. This is a very exciting development; it will be interesting to see if researchers continue to succeed in publicly documenting samples of other nation-state malware and attack tools whose existence has been reported or conjectured. The report also mentions that the Equation Group used several different 0-day exploits to spread their malware. Some of these exploits were later used by Stuxnet. One of the exploits used was originally used in the 2009 Aurora attack; it was later repurposed by the Equation Group to be used against government officials in Afghanistan. This raises some interesting questions—is the NSA stockpiling 0-day vulnerabilities? Is it doing any reporting of 0-days to the affected companies? How does NSA decide whether or for how long to stockpile such knowledge? EFF filed a lawsuit last year demanding that the NSA answer these questions. Another important question was promptly raised in the press: given that the Equation Group's software can infect a broad range of hard drives, replacing their firmware with maliciously customized versions, did the hard drive companies collaborate with governments to develop this firmware? Based on the information we have now, it's hard to draw a reliable conclusion one way or the other. A Kaspersky researcher claimed that there is “no way that hard drive firmware could be reverse engineered using public information.” Yet at least two published projects from years past have demonstrated otherwise: a team of researchers in 2013 created a full-fledged hard drive firmware backdoor akin to that used by Equation Group, using only publicly available information and reverse engineering; and that same year an individual researcher achieved a comparable level of
Re: [Trisquel-users] Spying software hidden deep within hard drives made by Western Digital, Seagate, Toshiba and other top manufacturers
updates (Reuters) - The U.S. National Security Agency has figured out how to hide spying software deep within hard drives made by Western Digital, Seagate, Toshiba and other top manufacturers, giving the agency the means to eavesdrop on the majority of the world's computers, according to cyber researchers and former operatives. That long-sought and closely guarded ability was part of a cluster of spying programs discovered by Kaspersky Lab, the Moscow-based security software maker that has exposed a series of Western cyberespionage operations. Kaspersky said it found personal computers in 30 countries infected with one or more of the spying programs, with the most infections seen in Iran, followed by Russia, Pakistan, Afghanistan, China, Mali, Syria, Yemen and Algeria. The targets included government and military institutions, telecommunication companies, banks, energy companies, nuclear researchers, media, and Islamic activists, Kaspersky said. (reut.rs/1L5knm0) The firm declined to publicly name the country behind the spying campaign, but said it was closely linked to Stuxnet, the NSA-led cyberweapon that was used to attack Iran's uranium enrichment facility. The NSA is the agency responsible for gathering electronic intelligence on behalf of the United States. A former NSA employee told Reuters that Kaspersky's analysis was correct, and that people still in the intelligence agency valued these spying programs as highly as Stuxnet. Another former intelligence operative confirmed that the NSA had developed the prized technique of concealing spyware in hard drives, but said he did not know which spy efforts relied on it. NSA spokeswoman Vanee Vines declined to comment. Kaspersky published the technical details of its research on Monday, which should help infected institutions detect the spying programs, some of which trace back as far as 2001. The disclosure could further hurt the NSA's surveillance abilities, already damaged by massive leaks by former contractor Edward Snowden. Snowden's revelations have hurt the United States' relations with some allies and slowed the sales of U.S. technology products abroad. The exposure of these new spying tools could lead to greater backlash against Western technology, particularly in countries such as China, which is already drafting regulations that would require most bank technology suppliers to proffer copies of their software code for inspection. Peter Swire, one of five members of U.S. President Barack Obama's Review Group on Intelligence and Communications Technology, said the Kaspersky report showed that it is essential for the country to consider the possible impact on trade and diplomatic relations before deciding to use its knowledge of software flaws for intelligence gathering. There can be serious negative effects on other U.S. interests, Swire said. TECHNOLOGICAL BREAKTHROUGH According to Kaspersky, the spies made a technological breakthrough by figuring out how to lodge malicious software in the obscure code called firmware that launches every time a computer is turned on. Disk drive firmware is viewed by spies and cybersecurity experts as the second-most valuable real estate on a PC for a hacker, second only to the BIOS code invoked automatically as a computer boots up. The hardware will be able to infect the computer over and over, lead Kaspersky researcher Costin Raiu said in an interview. Though the leaders of the still-active espionage campaign could have taken control of thousands of PCs, giving them the ability to steal files or eavesdrop on anything they wanted, the spies were selective and only established full remote control over machines belonging to the most desirable foreign targets, according to Raiu. He said Kaspersky found only a few especially high-value computers with the hard-drive infections. Kaspersky's reconstructions of the spying programs show that they could work in disk drives sold by more than a dozen companies, comprising essentially the entire market. They include Western Digital Corp, Seagate Technology Plc, Toshiba Corp, IBM, Micron Technology Inc and Samsung Electronics Co Ltd. Western Digital, Seagate and Micron said they had no knowledge of these spying programs. Toshiba and Samsung declined to comment. IBM did not respond to requests for comment. GETTING THE SOURCE CODE Raiu said the authors of the spying programs must have had access to the proprietary source code that directs the actions of the hard drives. That code can serve as a roadmap to vulnerabilities, allowing those who study it to launch attacks much more easily. There is zero chance that someone could rewrite the [hard drive] operating system using public information, Raiu said. Concerns about access to source code flared after a series of high-profile cyberattacks on Google Inc and other U.S. companies in 2009
Re: [Trisquel-users] Spying software hidden deep within hard drives made by Western Digital, Seagate, Toshiba and other top manufacturers
old news but it is real. SPIEGEL ONLINE 12/29/2013 09:19 AM Shopping for Spy Gear Catalog Advertises NSA Toolbox By Jacob Appelbaum, Judith Horchert and Christian Stöcker After years of speculation that electronics can be accessed by intelligence agencies through a back door, an internal NSA catalog reveals that such methods already exist for numerous end-user devices. Editor's note: This article accompanies our main feature story on the NSA's Tailored Access Operations unit. You can read it here. When it comes to modern firewalls for corporate computer networks, the world's second largest network equipment manufacturer doesn't skimp on praising its own work. According to Juniper Networks' online PR copy, the company's products are ideal for protecting large companies and computing centers from unwanted access from outside. They claim the performance of the company's special computers is unmatched and their firewalls are the best-in-class. Despite these assurances, though, there is one attacker none of these products can fend off -- the United States' National Security Agency. Specialists at the intelligence organization succeeded years ago in penetrating the company's digital firewalls. A document viewed by SPIEGEL resembling a product catalog reveals that an NSA division called ANT has burrowed its way into nearly all the security architecture made by the major players in the industry -- including American global market leader Cisco and its Chinese competitor Huawei, but also producers of mass-market goods, such as US computer-maker Dell. A 50-Page Catalog These NSA agents, who specialize in secret back doors, are able to keep an eye on all levels of our digital lives -- from computing centers to individual computers, and from laptops to mobile phones. For nearly every lock, ANT seems to have a key in its toolbox. And no matter what walls companies erect, the NSA's specialists seem already to have gotten past them. This, at least, is the impression gained from flipping through the 50-page document. The list reads like a mail-order catalog, one from which other NSA employees can order technologies from the ANT division for tapping their targets' data. The catalog even lists the prices for these electronic break-in tools, with costs ranging from free to $250,000. In the case of Juniper, the name of this particular digital lock pick is FEEDTROUGH. This malware burrows into Juniper firewalls and makes it possible to smuggle other NSA programs into mainframe computers. Thanks to FEEDTROUGH, these implants can, by design, even survive across reboots and software upgrades. In this way, US government spies can secure themselves a permanent presence in computer networks. The catalog states that FEEDTROUGH has been deployed on many target platforms. Master Carpenters The specialists at ANT, which presumably stands for Advanced or Access Network Technology, could be described as master carpenters for the NSA's department for Tailored Access Operations (TAO). In cases where TAO's usual hacking and data-skimming methods don't suffice, ANT workers step in with their special tools, penetrating networking equipment, monitoring mobile phones and computers and diverting or even modifying data. Such implants, as they are referred to in NSA parlance, have played a considerable role in the intelligence agency's ability to establish a global covert network that operates alongside the Internet. Some of the equipment available is quite inexpensive. A rigged monitor cable that allows TAO personnel to see what is displayed on the targeted monitor, for example, is available for just $30. But an active GSM base station -- a tool that makes it possible to mimic a mobile phone tower and thus monitor cell phones -- costs a full $40,000. Computer bugging devices disguised as normal USB plugs, capable of sending and receiving data via radio undetected, are available in packs of 50 for over $1 million. 'Persistence' The ANT division doesn't just manufacture surveillance hardware. It also develops software for special tasks. The ANT developers have a clear preference for planting their malicious code in so-called BIOS, software located on a computer's motherboard that is the first thing to load when a computer is turned on. This has a number of valuable advantages: an infected PC or server appears to be functioning normally, so the infection remains invisible to virus protection and other security programs. And even if the hard drive of an infected computer has been completely erased and a new operating system is installed, the ANT malware can continue to function and ensures that new spyware can once again be loaded onto what is presumed to be a clean computer. The ANT developers call this Persistence and believe this approach has provided them with the possibility of permanent access. Another
Re: [Trisquel-users] Spying software hidden deep within hard drives made by Western Digital, Seagate, Toshiba and other top manufacturers
So until the OpenSSD people finish their work, what can we do about this? What can be done to stop these things until then?
Re: [Trisquel-users] Spying software hidden deep within hard drives made by Western Digital, Seagate, Toshiba and other top manufacturers
northernarcher Excellent question! Stay libre, be libre, eat libre, have sex with protection, respect the law. know your constitutional laws and what they stand for. Read libre, breath libre and run libre. I will tell you tomorrow, right know I'm beat!!
Re: [Trisquel-users] Spying software hidden deep within hard drives made by Western Digital, Seagate, Toshiba and other top manufacturers
Very interesting to say: Todays modern computing software programs that are available or sold are use for forensic tools. Knowing this, I'm assuming they could be re-engineer. Example of hard drive forensic tools. EnCase Portable The Sleuth Kit Informer http://www.sleuthkit.org/informer/sleuthkit-informer-20.txt http://www.sleuthkit.org/informer http://sleuthkit.sourceforge.net/informer File System Forensic Analysis Hiding Data in Hard-Drive’s Service Areas http://www.recover.co.il/SA-cover/SA-cover.pdf http://www.vidstrom.net/stools/taft/ TAFT is an ATA (IDE) forensics tool that communicates directly with the ATA controller. It can retrieve various information about a hard disk, as well as look at and change the HPA and DCO settings. HDD Guru http://hddguru.com/ Hidden Disk Areas: HPA and DCO https://utica.edu/academic/institutes/ecii/publications/articles/EFE36584-D13F-2962-67BEB146864A2671.pdf Device configuration overlay https://en.wikipedia.org/wiki/Device_configuration_overlay\ Device configuration overlay (DCO) is a hidden area on many of today’s hard disk drives (HDDs). Usually when information is stored in either the DCO or host protected area (HPA), it is not accessible by the BIOS, OS, or the user. However, certain tools can be used to modify the HPA or DCO. The system uses the IDENTIFY_DEVICE command to determine the supported features of a given hard drive, but the DCO can report to this command that supported features are nonexistent or that the drive is smaller than it actually is. To determine the actual size and features of a disk, the DEVICE_CONFIGURATION_IDENTIFY command is used, and the output of this command can be compared to the output of IDENTIFY_DEVICE to see if a DCO is present on a given hard drive. Most major tools will remove the DCO in order to fully image a hard drive, using the DEVICE_CONFIGURATION_RESET command. This permanently alters the disk, unlike with the Host Protected Area (HPA), which can be temporarily removed for a power cycle https://en.wikipedia.org/wiki/Host_protected_area Host protected area From Wikipedia, the free encyclopedia The host protected area (also referred to as hidden protected area[1]) is an area of a hard drive that is not normally visible to an operating system (OS).
Re: [Trisquel-users] Spying software hidden deep within hard drives made by Western Digital, Seagate, Toshiba and other top manufacturers
http://www.wired.com/2015/02/nsa-firmware-hacking/ ANOTHER ARTICLE How the NSA’s Firmware Hacking Works and Why It’s So Unsettling By Kim Zetter 02.22.15 One of the most shocking parts of the recently discovered spying network Equation Group is its mysterious module designed to reprogram or reflash a computer hard drive’s firmware with malicious code. The Kaspersky researchers who uncovered this said its ability to subvert hard drive firmware—the guts of any computer—“surpasses anything else” they had ever seen. The hacking tool, believed to be a product of the NSA, is significant because subverting the firmware gives the attackers God-like control of the system in a way that is stealthy and persistent even through software updates. The module, named “nls_933w.dll”, is the first of its kind found in the wild and is used with both the EquationDrug and GrayFish spy platforms Kaspersky uncovered. It also has another capability: to create invisible storage space on the hard drive to hide data stolen from the system so the attackers can retrieve it later. This lets spies like the Equation Group bypass disk encryption by secreting documents they want to seize in areas that don’t get encrypted. Kaspersky has so far uncovered 500 victims of the Equation Group, but only five of these had the firmware-flashing module on their systems. The flasher module is likely reserved for significant systems that present special surveillance challenges. Costin Raiu, director of Kaspersky’s Global Research and Analysis Team, believes these are high-value computers that are not connected to the internet and are protected with disk encryption. Here’s what we know about the firmware-flashing module. How It Works Hard drive disks have a controller, essentially a mini-computer, that includes a memory chip or flash ROM where the firmware code for operating the hard drive resides. When a machine is infected with EquationDrug or GrayFish, the firmware flasher module gets deposited onto the system and reaches out to a command server to obtain payload code that it then flashes to the firmware, replacing the existing firmware with a malicious one. The researchers uncovered two versions of the flasher module: one that appears to have been compiled in 2010 and is used with EquatinoDrug and one with a 2013 compilation date that is used with GrayFish. The Trojanized firmware lets attackers stay on the system even through software updates. If a victim, thinking his or her computer is infected, wipes the computer’s operating system and reinstalls it to eliminate any malicious code, the malicious firmware code remains untouched. It can then reach out to the command server to restore all of the other malicious components that got wiped from the system. Even if the firmware itself is updated with a new vendor release, the malicious firmware code may still persist because some firmware updates replace only parts of the firmware, meaning the malicious portions may not get overwritten with the update. The only solution for victims is to trash their hard drive and start over with a new one. The attack works because firmware was never designed with security in mind. Hard disk makers don’t cryptographically sign the firmware they install on drives the way software vendors do. Nor do hard drive disk designs have authentication built in to check for signed firmware. This makes it possible for someone to change the firmware. And firmware is the perfect place to conceal malware because antivirus scanners don’t examine it. There’s also no easy way for users to read the firmware and manually check if it’s been altered. The firmware flasher module can reprogram the firmware of more than a dozen different hard drive brands, including IBM, Seagate, Western Digital, and Toshiba. “You know how much effort it takes to land just one firmware for a hard drive? You need to know specifications, the CPU, the architecture of the firmware, how it works,” Raiu says. The Kaspersky researchers have called it “an astonishing technical accomplishment and is testament to the group’s abilities.” Once the firmware is replaced with the Trojanized version, the flasher module creates an API that can communicate with other malicious modules on the system and also access hidden sectors of the disk where the attackers want to conceal data they intend to steal. They hide this data in the so-called service area of the hard drive disk where the hard disk stores data needed for its internal operation. Hidden Storage Is the Holy Grail The revelation that the firmware hack helps store data the attackers want to steal didn’t get much play when the story broke last week, but it’s the most significant part of the hack. It also raises a number of questions about how exactly the attackers are pulling this off. Without an actual copy of the firmware
Re: [Trisquel-users] Spying software hidden deep within hard drives made by Western Digital, Seagate, Toshiba and other top manufacturers
I think that free modern computers will be available to us. It will simply be a matter of other nations producing and selling their own hardware. Eventually, if US tech companies continue along this path they will probably lose all foreign customers.
Re: [Trisquel-users] Spying software hidden deep within hard drives made by Western Digital, Seagate, Toshiba and other top manufacturers
The 80s were the decade of the Apple ][, the IBM PC, the Atari 400/800, and the Commodore Vic 20. Dial up modems at 300/1200/2400 baud and eventually faster. Single line BBS systems.
Re: [Trisquel-users] Spying software hidden deep within hard drives made by Western Digital, Seagate, Toshiba and other top manufacturers
it was a bit of a joke but i think any HDD made when the internet was in wide use has a chance of having spy-ware your best option would be a cdrom drive made in the early 1990's if your a political activist or whistle-blower then it would be a good idea to not go online at all and if you do then use a program like tor and use a early 1990's cd drive to boot to a libre os that you compiled yourself on a offline machine with a libreboot bios that you complied yourself on a offline machine then for extra security you would want a diffrent isp and router than the one at your house so if they can get through tor they wont trace it back to you but if your just a normal computer user then we have to make the best of what we have and keep working towards a computer with compleatly libre everything HDD firmware and all
Re: [Trisquel-users] Spying software hidden deep within hard drives made by Western Digital, Seagate, Toshiba and other top manufacturers
if your a normal user then yes but if your are a whistle blower in the nsa for example its very very important you don’t get caught but if your just a normal user then a x60 with libreboot is good
Re: [Trisquel-users] Spying software hidden deep within hard drives made by Western Digital, Seagate, Toshiba and other top manufacturers
To lower the paranoia I would say an X60/200 with tails would cut it :)
Re: [Trisquel-users] Spying software hidden deep within hard drives made by Western Digital, Seagate, Toshiba and other top manufacturers
A tad off-topic by now but going back to 1.5Mb(or, God forbid, .7Mb) floppies is a bit.mad, isn't it? An old 20 GB IDE HDD would make a bit more sense, for example. Or do those spy as well? :)
Re: [Trisquel-users] Spying software hidden deep within hard drives made by Western Digital, Seagate, Toshiba and other top manufacturers
I've read the pdf jodiendo - you are right. All of these are compatible with windwblowz. Although there is some evidence they've been cracking mac and I-bads also. Here an extract from the reading that is somehow emblematic of windfrownz security.. To bypass modern OS security mechanisms that block the execution of untrusted code in kernel mode, GrayFish exploits several legitimate drivers, including one from the CloneCD program. This driver (ElbyCDIO.sys) contains a vulnerability which GrayFish exploits to achieve kernel-level code execution. Despite the fact that the vulnerability was discovered in 2009, the digital signature has not yet been revoked.
Re: [Trisquel-users] Spying software hidden deep within hard drives made by Western Digital, Seagate, Toshiba and other top manufacturers
Strangely enough, when I bring this topic up the response is as though it's a ridiculous concern. On Fri Feb 20 2015 at 6:34:49 PM a1716...@trbvm.com wrote: Defeated Attitude, Beat Down Much? I have heard this argument multiple times, it seems to be recycled quite often. Do you think winning is impossible? Why strive for something unless you believe it's possible to accomplish? Do you believe fully free modern computers will be available to us? Why support free software? DPR's encryption didn't fail him - he failed at doing it properly. How so? There doesn’t appear to be much information available as to those specifics. You can't honestly make statements like if you know and understand the history of WHY it's done that way. There is a reason these things haven't been done, cost. The computer can do the processing for the harddrive, it needn't be left to the questionable coding skills intent of motiveless third parties, worse third parties with a motive. EPROM is an effective solution; it is merely more expensive. Besides, I don't see how hardware disconnect for peripheral’s writable media wouldn't solve this specific problem. There is a demand for secure technology, especially in the business sector. Anyway, if you want what you're asking for - unplug from the internet, This is an absurd statement, perhaps I shouldn't leave the house for fear of being shot. store data on paper under lock and key in a safe Are state actors unable to open safes? speak to no-one, throw your phone away. I speak to whom I wish. I have thrown away my phone, I could not secure it to my satisfaction, or install a GNU Linux OS+desktop in a secure manner. The design of these devices is intentionally flawed. If you're going to use a computer, make sure it's one that you put together yourself from individual components. If you're going to eat food, make sure it's been grown by you, milled yourself, cooked from individual ingredients, and isn't poisoned. I have verified the security of two of the devices I use, though they are under-powered. I do not use google. From what I've understood by reading the Snowden documents - if your pc is connected to the internet you can be the greatest security expert on the earth and use whatever OS on whatever hardware - if they want to get in your pc they will. I believe this is FUD. They are not god. If this was true hackers wouldn't exist. Snowman obviously wasn't compromised, or his data would have been remote-wiped. Besides, we need to solve these problems. For every measure a countermeasure. Having a spyware on a hard disk or not having it doesn't really matter that much at this point. Sadly. How exactly? Do you mean compromised hardware?
Re: [Trisquel-users] Spying software hidden deep within hard drives made by Western Digital, Seagate, Toshiba and other top manufacturers
The problem is inherent in the fact that we excessively use a machine far too complex to be understood by ourselves or anybody around us (at least as a whole). Some big companies understand *parts* of that machine; they are the only one who do and even they don't understand the machine as a whole. So should we stop using computers? Call me crazy, but my answer is: partially yes. We should stop using computers for really sensitive stuff, maybe we should stop using them as much as we can. I mean, come on! People lived without computers for thousands of years; you want to write something down nobody should ever see but you? Take pen and paper, there you go; problem solved. It's far easier than going crazy about hundreds of components of your computer, fighting a war you can't win. I'm _not_ saying that we should stop fighting for free software and privacy! We deserve both and should try to achieve the best situation we can; I'm just saying that a pc might never be a perfectly private, user respecting machine, no matter how hard we try.
Re: [Trisquel-users] Spying software hidden deep within hard drives made by Western Digital, Seagate, Toshiba and other top manufacturers
Take pen and paper, there you go; problem solved. you could just use a offline computer with no wifi or bluetooth card
Re: [Trisquel-users] Spying software hidden deep within hard drives made by Western Digital, Seagate, Toshiba and other top manufacturers
I don't think that's sufficient. There was a mobile modem implemented in some chip as far as i remember... by intel? don't recall properly.
Re: [Trisquel-users] Spying software hidden deep within hard drives made by Western Digital, Seagate, Toshiba and other top manufacturers
quantumgravity I agree with you only 90 percent of your comments. Why? They designed this poison to be more reliable while using Windows OS and Mac OS not GNU/Linux. The more U read into it, you will discover that they need some kind of software for it to function. In this case Widows and Mac. It it a target malware for a specific IP, region and specific OS only. Read on it. and you will understand the mechanics they are using for years. http://25zbkz3k00wn2tp5092n6di7b5k.wpengine.netdna-cdn.com/files/2015/02/Equation_group_questions_and_answers.pdf
Re: [Trisquel-users] Spying software hidden deep within hard drives made by Western Digital, Seagate, Toshiba and other top manufacturers
thx for the pdf Jodiendolocolocoloco :)
Re: [Trisquel-users] Spying software hidden deep within hard drives made by Western Digital, Seagate, Toshiba and other top manufacturers
defeated attitude? nope. just disgusted by the way of the reality! Read Snowden files. The message is clearly: if you are an interesting target your computer will eventually get cracked by those nsa criminals. Sadly. cheers
Re: [Trisquel-users] Spying software hidden deep within hard drives made by Western Digital, Seagate, Toshiba and other top manufacturers
i guess get a non modem-ed motherboard with no wifi blue-tooth etc and never have it online :(
Re: [Trisquel-users] Spying software hidden deep within hard drives made by Western Digital, Seagate, Toshiba and other top manufacturers
More Information to listen to. http://threatpost.com/massive-decades-long-cyberespionage-framework-uncovered/111080 http://threatpost.com/inside-nls_933w-dll-the-equation-apt-persistence-module/28 Listen to the interview https://threatpost.com/costin-raiu-on-the-equation-group-apt/69 Listen to what he say's about encryption! At least there is a solution... To be well informed, kills the computing paranoia attitude By Jodiendo...
Re: [Trisquel-users] Spying software hidden deep within hard drives made by Western Digital, Seagate, Toshiba and other top manufacturers
SuperTramp83 Read this copy and paste. TLP: White For any inquiries, please contact intelrepo...@kaspersky.com 13. Have you seen any non-Windows malware from the Equation group? All the malware we have collected so far is designed to work on Microsoft’s Windows operating system. However, there are signs that non-Windows malware does exist. For instance, one of the sinkholed CC domains is currently receiving connections from a large pool of victims in China that appear to be Mac OS X computers (based on the user-agent). The malware callbacks are consistent with the DOUBLEFANTASY schema, which normally injects into the system browser (for instance, Internet Explorer on Windows). The callbacks for the suspected Mac OS X versions have the following user agents: • Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_2 ) AppleWebKit/536.26.17 (KHTML, like Gecko) Version/6.0.2 Safari/536.26.17 • Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:21.0 ) Gecko/20100101 Firefox/21.0 • Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_3 ) AppleWebKit/536.28.10 (KHTML, like Gecko) Version/6.0.3 Safari/536.28.10 This leads us to believe that a Mac OS X version of DOUBLEFANTASY also exists. Additionally, we observed that one of the malicious forum injections, in the form of a PHP script, takes special precautions to show a different type of HTML code to Apple iPhone visitors. Unlike other cases, such as visitors from Jordan, which does not get targeted, iPhone visitors are redirected to the exploit server, suggesting the ability to infect iPhones as well
Re: [Trisquel-users] Spying software hidden deep within hard drives made by Western Digital, Seagate, Toshiba and other top manufacturers
Defeated Attitude, Beat Down Much? I have heard this argument multiple times, it seems to be recycled quite often. Do you think winning is impossible? Why strive for something unless you believe it's possible to accomplish? Do you believe fully free modern computers will be available to us? Why support free software? DPR's encryption didn't fail him - he failed at doing it properly. How so? There doesn’t appear to be much information available as to those specifics. You can't honestly make statements like if you know and understand the history of WHY it's done that way. There is a reason these things haven't been done, cost. The computer can do the processing for the harddrive, it needn't be left to the questionable coding skills intent of motiveless third parties, worse third parties with a motive. EPROM is an effective solution; it is merely more expensive. Besides, I don't see how hardware disconnect for peripheral’s writable media wouldn't solve this specific problem. There is a demand for secure technology, especially in the business sector. Anyway, if you want what you're asking for - unplug from the internet, This is an absurd statement, perhaps I shouldn't leave the house for fear of being shot. store data on paper under lock and key in a safe Are state actors unable to open safes? speak to no-one, throw your phone away. I speak to whom I wish. I have thrown away my phone, I could not secure it to my satisfaction, or install a GNU Linux OS+desktop in a secure manner. The design of these devices is intentionally flawed. If you're going to use a computer, make sure it's one that you put together yourself from individual components. If you're going to eat food, make sure it's been grown by you, milled yourself, cooked from individual ingredients, and isn't poisoned. I have verified the security of two of the devices I use, though they are under-powered. I do not use google. From what I've understood by reading the Snowden documents - if your pc is connected to the internet you can be the greatest security expert on the earth and use whatever OS on whatever hardware - if they want to get in your pc they will. I believe this is FUD. They are not god. If this was true hackers wouldn't exist. Snowman obviously wasn't compromised, or his data would have been remote-wiped. Besides, we need to solve these problems. For every measure a countermeasure. Having a spyware on a hard disk or not having it doesn't really matter that much at this point. Sadly. How exactly? Do you mean compromised hardware?
Re: [Trisquel-users] Spying software hidden deep within hard drives made by Western Digital, Seagate, Toshiba and other top manufacturers
i use fast-mail with ice-dove there privacy policy seems good: https://www.fastmail.com/about/privacy.html
Re: [Trisquel-users] Spying software hidden deep within hard drives made by Western Digital, Seagate, Toshiba and other top manufacturers
From what I've understood by reading the Snowden documents - if your pc is connected to the internet you can be the greatest security expert on the earth and use whatever OS on whatever hardware - if they want to get in your pc they will. So.. use free software and secure yourself as you better know and can but don't think you can escape the pigs. Having a spyware on a hard disk or not having it doesn't really matter that much at this point. Sadly.
Re: [Trisquel-users] Spying software hidden deep within hard drives made by Western Digital, Seagate, Toshiba and other top manufacturers
tomluckeywood, noordinaryspider; what makes you think floppy controllers weren't bugged as well? Better pull out that punch tape and do it manually. On Tue Feb 17 2015 at 3:29:49 PM noordinaryspi...@gmail.com wrote: I'm right behind you as usual, tomlukeywood. Wish I hadn't tossed my floppies and taken my PIIs to eWaste. :( I pulled the internal HD from my desktop anyway. Got live TAILS USB stick for looking stuff up. Got external 128 GB SSD with Belenos on it and 250 GB external IDE with Toutatis on it so i can switch back and forth between Gnome-boxes and Aqemu and keep everything that doesn't absolutely need to be connected to the internet right that moment on 4 TB external drives in my closet. It needed to be done and I'm much safer now, but I'm even more of a grumpy old bat than usual so just don't talk to me or I'm going to regret biting your head off when I adjust to this new normal.
Re: [Trisquel-users] Spying software hidden deep within hard drives made by Western Digital, Seagate, Toshiba and other top manufacturers
floppy controllers in the 1980's would not have internet spyware as there was no internet i guess the same with HDD's
Re: [Trisquel-users] Spying software hidden deep within hard drives made by Western Digital, Seagate, Toshiba and other top manufacturers
I guess this solves the mystery why windows boots slower and slower ehh?
Re: [Trisquel-users] Spying software hidden deep within hard drives made by Western Digital, Seagate, Toshiba and other top manufacturers
My dad was on the internet in the late 60s or early 70s. There was no Internet Explorer, no eBay, no Amazon, no Facebook, etc. so it certainly wasn't the internet as we know it, but it was used by the defense department of the you ess aye. That's probably more than I should even say; I've got my tinfoil hat on big time today and all of my stuff to take to eWaste boxes spread out all over the floor. Ali, I'm so glad to see your friendly astronaut face back here. I grokk you big time.
Re: [Trisquel-users] Spying software hidden deep within hard drives made by Western Digital, Seagate, Toshiba and other top manufacturers
i was
Re: [Trisquel-users] Spying software hidden deep within hard drives made by Western Digital, Seagate, Toshiba and other top manufacturers
I'm all for ridiculous paranoia and whatnot, but noordinaryspider, why on Earth do you think that was more than should be said? And how is this a conversation that demands tinfoil?? The Internet's history with DARPA and the DOD is well published and well known. I mean ... you realise you're emailing this list from a gmail account, right? Plus there's your ISP ... and then there's the patent trolls. The US government is the last group you should be afraid of. Not that you shouldn't be afraid, just that they kind of fall at the end of the list. On Wed Feb 18 2015 at 12:25:17 PM noordinaryspi...@gmail.com wrote: My dad was on the internet in the late 60s or early 70s. There was no Internet Explorer, no eBay, no Amazon, no Facebook, etc. so it certainly wasn't the internet as we know it, but it was used by the defense department of the you ess aye. That's probably more than I should even say; I've got my tinfoil hat on big time today and all of my stuff to take to eWaste boxes spread out all over the floor. Ali, I'm so glad to see your friendly astronaut face back here. I grokk you big time.
Re: [Trisquel-users] Spying software hidden deep within hard drives made by Western Digital, Seagate, Toshiba and other top manufacturers
This news makes me so crazy Where I run The only solution is to leave the network
Re: [Trisquel-users] Spying software hidden deep within hard drives made by Western Digital, Seagate, Toshiba and other top manufacturers
He may be confusing the internet with the web ...
Re: [Trisquel-users] Spying software hidden deep within hard drives made by Western Digital, Seagate, Toshiba and other top manufacturers
No internet in the 1980's? That's insane. I mean, for something invented in 1965, having a strange decade 15 years later where it doesn't exist is just ... weird. Are you sure about that? Also the floppy statement was a joke in the first place. On Wed Feb 18 2015 at 3:39:48 AM tomlukeyw...@fastmail.co.uk wrote: floppy controllers in the 1980's would not have internet spyware as there was no internet i guess the same with HDD's
Re: [Trisquel-users] Spying software hidden deep within hard drives made by Western Digital, Seagate, Toshiba and other top manufacturers
For this news article and The U.S. National Security Agency actions, I'm wearing my home made Aluminum Foil Deflector Beanie because is a Practical Mind Control Protection against Paranoids. For more info in how is done by The The U.S. National Security Agency, here are additional few links to read about. http://arstechnica.com/security/2015/02/how-omnipotent-hackers-tied-to-the-nsa-hid-for-14-years-and-were-found-at-last/ A deep explanation of how Kapersky did it. Be aware it is a PDF Document. http://25zbkz3k00wn2tp5092n6di7b5k.wpengine.netdna-cdn.com/files/2015/02/Equation_group_questions_and_answers.pdf And if you are about to hit the panic bottom, or bail out with your emergency parachute, make sure you listen to the song Somebody's Watching Me by Rockwell just for your reading valor.
Re: [Trisquel-users] Spying software hidden deep within hard drives made by Western Digital, Seagate, Toshiba and other top manufacturers
Use public/private key encryption implemented with code written by somebody far smarter than yourself, which you have then audited. Unless you're relying on the harddrive itself to encrypt, the strength is up to You. DPR's encryption didn't fail him - he failed at doing it properly. And you ALL obviously need to learn your history. You can't honestly make statements like Having a tiny OS between you and your data is stupid if you know and understand the history of WHY it's done that way. There are reasons, and your 'obvious' solutions have been done in the past - didn't work out so well. Anyway, if you want what you're asking for - unplug from the internet, store data on paper under lock and key in a safe, speak to no-one, throw your phone away. If you're going to use a computer, make sure it's one that you put together yourself from individual components. I realize this seems like I'm trying to make you sound nuttier than you are ... but ... it's just about even with what you're saying. I'll take this moment again to point out just how many of you (myself included) are using Gmail right now. Because ... google wouldn't spy. Nah. On Wed Feb 18 2015 at 4:09:50 PM a1716...@trbvm.com wrote: Yes, I was going to post this. Judging by some of the dates listed in these articles Kaspersky's knowledge of this goes back years, and much information is redacted, as well as many involved conspirators not named, even though the articles imply such knowledge. Why would Kaspersky be so un-transparent with us? This essentially makes encryption useless. I originally thought the reason DPR's Full Disk Encryption failed him was due to the fact that his laptop was seized while still in operation, and suffered a cold boot attack. In light of this new knowledge perhaps this was not the case. Opening op the code to SSDs (and I would hope it wouldn’t just be SSDs) wouldn't come close to solving the problem. Many other peripherals exist which use the same flash storage switching back to EPROM would be a better idea, it never should have been dropped for the sake of BIOS upgrades. Perhaps a better solution might be to block ALL writes to peripheral storage with a temporary HARDWARE switch allowing write intervals before resetting. I warned everyone about this before. The whole idea of Smart storage and peripherals was a disaster waiting to happen, and now it's being exploited, and has been for years apparently. Having a tiny OS between you and your data is stupid. Your Fingerprint reader has this ability so does your USB controller as well as your CD/DVR/BD drive, also your network card, and GPU; as reported your HD controller does too. Also Western Digital isn't the only distributer who's HDs have been compromised, I believe 20 brands were effected. I think as a community we need to come together to solve this problem. The internet is full of information How to prevent TROJANS (Buzzword) How to remove VIRUSES (Buzzword) but much of this information is useless, and provides no solutions, yet also fails to mention fixes for implants or backdoors at all. Search for Greyfish, and you won't find much. So what should we do about this, go back to using 12345 as a password? http://securelist.com/blog/research/68750/equation-the- death-star-of-malware-galaxy/ http://www.kaspersky.com/about/news/virus/2015/equation-group-the-crown- creator-of-cyber-espionage
Re: [Trisquel-users] Spying software hidden deep within hard drives made by Western Digital, Seagate, Toshiba and other top manufacturers
Yes, I was going to post this. Judging by some of the dates listed in these articles Kaspersky's knowledge of this goes back years, and much information is redacted, as well as many involved conspirators not named, even though the articles imply such knowledge. Why would Kaspersky be so un-transparent with us? This essentially makes encryption useless. I originally thought the reason DPR's Full Disk Encryption failed him was due to the fact that his laptop was seized while still in operation, and suffered a cold boot attack. In light of this new knowledge perhaps this was not the case. Opening op the code to SSDs (and I would hope it wouldn’t just be SSDs) wouldn't come close to solving the problem. Many other peripherals exist which use the same flash storage switching back to EPROM would be a better idea, it never should have been dropped for the sake of BIOS upgrades. Perhaps a better solution might be to block ALL writes to peripheral storage with a temporary HARDWARE switch allowing write intervals before resetting. I warned everyone about this before. The whole idea of Smart storage and peripherals was a disaster waiting to happen, and now it's being exploited, and has been for years apparently. Having a tiny OS between you and your data is stupid. Your Fingerprint reader has this ability so does your USB controller as well as your CD/DVR/BD drive, also your network card, and GPU; as reported your HD controller does too. Also Western Digital isn't the only distributer who's HDs have been compromised, I believe 20 brands were effected. I think as a community we need to come together to solve this problem. The internet is full of information How to prevent TROJANS (Buzzword) How to remove VIRUSES (Buzzword) but much of this information is useless, and provides no solutions, yet also fails to mention fixes for implants or backdoors at all. Search for Greyfish, and you won't find much. So what should we do about this, go back to using 12345 as a password? http://securelist.com/blog/research/68750/equation-the-death-star-of-malware-galaxy/ http://www.kaspersky.com/about/news/virus/2015/equation-group-the-crown-creator-of-cyber-espionage
Re: [Trisquel-users] Spying software hidden deep within hard drives made by Western Digital, Seagate, Toshiba and other top manufacturers
In fact, there is considerable ambiguity Do it take advantage of the functions of the os to spy?? Or everything is built inside There are programs that tells you about the data that passes from your computer Is wraps on the program? There is no answer
Re: [Trisquel-users] Spying software hidden deep within hard drives made by Western Digital, Seagate, Toshiba and other top manufacturers
I'm right behind you as usual, tomlukeywood. Wish I hadn't tossed my floppies and taken my PIIs to eWaste. :( I pulled the internal HD from my desktop anyway. Got live TAILS USB stick for looking stuff up. Got external 128 GB SSD with Belenos on it and 250 GB external IDE with Toutatis on it so i can switch back and forth between Gnome-boxes and Aqemu and keep everything that doesn't absolutely need to be connected to the internet right that moment on 4 TB external drives in my closet. It needed to be done and I'm much safer now, but I'm even more of a grumpy old bat than usual so just don't talk to me or I'm going to regret biting your head off when I adjust to this new normal.
Re: [Trisquel-users] Spying software hidden deep within hard drives made by Western Digital, Seagate, Toshiba and other top manufacturers
Firmware in general is spooky. Unless entirely open. On Tue Feb 17 2015 at 8:54:48 AM tomaszbar...@wp.pl wrote: (Reuters) - The U.S. National Security Agency has figured out how to hide spying software deep within hard drives made by Western Digital, Seagate, Toshiba and other top manufacturers, giving the agency the means to eavesdrop on the majority of the world's computers, according to cyber researchers and former operatives. That long-sought and closely guarded ability was part of a cluster of spying programs discovered by Kaspersky Lab, the Moscow-based security software maker that has exposed a series of Western cyberespionage operations. Read more: http://www.reuters.com/article/2015/02/16/us-usa-cyberspying- idUSKBN0LK1QV20150216 Source: http://www.reuters.com/article/2015/02/16/us-usa-cyberspying- idUSKBN0LK1QV20150216
Re: [Trisquel-users] Spying software hidden deep within hard drives made by Western Digital, Seagate, Toshiba and other top manufacturers
:( i guess ill go back to floppy disks