Is There a SPY INSIDE yr HDD?

[Virgorising]

What this and the other reports on NSA spying show is that they, the NSA, are using EVERY technique to spy that they can. And, since they can't know which unit is going to terrorists they cover this by spying on everyone. I mean, if they knew a specific HD was going to a terrorist they would also already know where they are and wouldn't need to plant spy software/firmware.

The thing is, even if you were to eliminate government spying on everyone, Google and just about everyone is doing the same thing for commercial reasons. Long ago the government would not have permitted companies to spy on people like they do now, but given the fact that the data collected by Google et al is also available to the NSA and other government agencies, including local police forces, the government has no desire at all to reign in the commercial spying efforts -- in fact, they mandate data retention.

The founding fathers of the USA would be engaged in efforts to begin a second revolution if they were alive today. Sadly, too many here and elsewhere think this is OK.


Brian

Worldclass offering, thanks so much!:thumbsup: Bingo on all counts, starting with the founders are all rotating in their graves; what is unfolding with alacrity abrogates every part of the brilliance they worked so hard, so nobly to put in place for The Collective, not to mention amendments to the Constitution.

Faustian humans abound these days. Makes my tummy hurt. The end never EVER justifies the means. Never EVER.

I got rid of all things Google long ago, when they changed their privacy policy.

I am now looking into anti keylogging apps, just posted asking if they are snake oil or viable?

 

[Burpo]

Much better (detailed) article here..
http://arstechnica.com/security/201...-nsa-hid-for-14-years-and-were-found-at-last/

"The malicious firmware created a secret storage vault that survived military-grade disk wiping and reformatting, making sensitive data stolen from victims available even after reformatting the drive and reinstalling the operating system. The firmware also provided programming interfaces that other code in Equation Group's sprawling malware library could access. Once a hard drive was compromised, the infection was impossible to detect or remove."

 

[Virgorising]

Much better (detailed) article here..
http://arstechnica.com/security/201...-nsa-hid-for-14-years-and-were-found-at-last/

"The malicious firmware created a secret storage vault that survived military-grade disk wiping and reformatting, making sensitive data stolen from victims available even after reformatting the drive and reinstalling the operating system. The firmware also provided programming interfaces that other code in Equation Group's sprawling malware library could access. Once a hard drive was compromised, the infection was impossible to detect or remove."

Thanks, Burpo....

....yes, came upon very similar one late last nite, I just did not post a link. The reality of this is simply head exploding.

Truth is, I have nothing to hide (tho nobody wants their identity stolen)---this desktop isn't even PW protected--- just can't bear feeling this vulnerable re strangers.

Edit: Just that the NSA apparently has no problems obtaining source code whenever/wherever it wants.....is seriously PMSing.

 

[Virgorising]

Relatedly re our PHONES and via Snowden:

https://firstlook.org/theintercept/2015/02/19/great-sim-heist/

 

[Red Squirrel]

The more we read into this the more we realize just how bad this spying issue is. the burning part is that there's really not much that can be done unless you want to go 100% off grid, and even then the drones and satellites that are over all the US use thermal imaging and other tech. They know where every single person is. If they want you for any reason, they WILL find you.

I don't think it's any better here in Canada either. Canada is part of this whole spy stuff too. Here our NSA is called CSIS.

 

[Virgorising]

The more we read into this the more we realize just how bad this spying issue is. the burning part is that there's really not much that can be done unless you want to go 100% off grid, and even then the drones and satellites that are over all the US use thermal imaging and other tech. They know where every single person is. If they want you for any reason, they WILL find you.

I don't think it's any better here in Canada either. Canada is part of this whole spy stuff too. Here our NSA is called CSIS.

You nailed "the burning part" absolutely. Boy, I hate feeling helpless and almost never do.:'(

At least where U live....basic, black letter enlightenment affords national health care. Yes, I know, not at all perfect, but still makes you guys way more civilized than we.

Until someone in my Are they snake oil? thread explains that's what those apps are...right now, I am wanting to believe if I bought and ran a good anti key logger app....I would be safer and might reclaim some semblance of privacy.

 

[denis280]

They always spying on you,The Police made a song about this.Every move you make
Every vow you break
Every smile you fake
Every claim you stake
I'll be watching you.

 

[John Connor]

I think I wouldn't buy a HDD in Iran???

 

[WilliamM2]

I'm trying to think of any information the NSA could get off my hard drive, that the government doesn't already have? Can't think of anything, unless they are stealing credit card numbers.

 

[crashtech]

I don't think the NSA is as big a concern as are black hats using this technology for all sorts of malicious purposes.

 

[nk215]

I have some issue with this news. While I doubt that there are anything in my computers that the gov doesn't know already, I am afraid that the "tools" can be accessed by cyber hacking criminals. Think about the tax return forms, patients records, business partners info etc. If the criminals accessed by work servers and took the information, I can get sued.

 

[ronbo613]

One of my external hard drives has taken my Xbox and mobile phone hostage. It has locked the office door and threatened to kill all electronic devices in the room.

Film at eleven.

 

[Virgorising]

They always spying on you,The Police made a song about this.Every move you make
Every vow you break
Every smile you fake
Every claim you stake
I'll be watching you.

OMG, I forgot how CUTE YOU ARE! (Along with being uberly smart.)

Any second now, I will find the funny in all this. Day after the new Pope gets married.()

 

[Virgorising]

One of my external hard drives has taken my Xbox and mobile phone hostage. It has locked the office door and threatened to kill all electronic devices in the room.

Film at eleven.

May the cybergod bless U for making me LOL!!!!!!:wub:

Sunday nite, that one will win the Oscar for best Leavening of Misery Offering in all this!

Crazy cute!

 

[Virgorising]

I have some issue with this news. While I doubt that there are anything in my computers that the gov doesn't know already, I am afraid that the "tools" can be accessed by cyber hacking criminals. Think about the tax return forms, patients records, business partners info etc. If the criminals accessed by work servers and took the information, I can get sued.

Of course! That's a nuclear issue in all this! Anyone think some malcontent 14 year old hacker sitting in a basement somewhere is not just as smart as those working at the NSA?

 

[Virgorising]

I don't think the NSA is as big a concern as are black hats using this technology for all sorts of malicious purposes.

EXACTLY!!!!!!!!!!!!!!!!!!!!!!!!!!!!:thumbsup:

 

[Virgorising]

I think I wouldn't buy a HDD in Iran???

LOL

 

[Red Squirrel]

I don't think the NSA is as big a concern as are black hats using this technology for all sorts of malicious purposes.

Hard to decide. Black hats will do fraud and other crimes of that sort and you may lose lot of money out of it. The NSA/government can send you to jail for life if they find something they don't like, which, if they really want to, they will. But either way the fact that these holes are open is a HUGE issue.

Would need to know more details on how it communicates to the outside though so that could be blocked.

 

[ZeroRift]

A few things....

<politics>

I appreciate the value in ones such as yourselves ringing the alarm that our rights are being infringed, our privacy invaded and our independence suppressed. However, on a personal level, I can't help but be cynical.

Yelling about it only gets the attention of those who hold the reins, and does little to gain the attention of the masses.

Unless you're serious about revolution, this is the world we collectively have to live in.

I worked in security for a number of years, and the general rules for gauging security implementations were always based on who was trying to get the data.

The easiest win was always protecting data from the causal black hat. The toughest was always the government.

In general, I assume that:
1) The government will always be able to use fear to manipulate the populace.
2) As long as 1 holds, no one is truly free.

seriously, this does not shock you? Storage Mfgs are in league with them and do this?

The NSA has already been caught opening Amazon boxes to install monitoring equipment in consumer tech as well as mass-unauthroized wiretapping. I'm sure the stuff we don't know is 100x worse. They certainly don't need custom firmware to obtain all kinds of information we think of as private.

So yeah, I think that cynicism is a valid approach to this subject.

Nothing new is being said. Those who already know they are being spied on still know it, and those who are ignorant will continue to be so.

But at least Constitutionally, this is still America.

This is news to me. But, like I said, I'm cynical.

Course, you might email Reuters and mock THAT formidable entity as being ignorant, alarmist. Or, Kaspersky itself!

Alarmism is the subject of this thread. You are, after all, attempting to sound the alarm for the floodwaters in which we drowned in long ago. Again, the cynic in me says that the press is just a tool for enforcing fear through sensationalism.

panem et circenses

</politics>
<tech>
TPM and its ilk have been in development for a while to combat issues such as thsee. Now that BIOS systems are finally on their way out (even from the enterprise) I think that this particular attack vector will shrink over time. Of course, there will always be more elaborate methods to break in, but that's for tomorrow's news to cover.
</tech>
...
</xml>

 

[gdansk]

Of course! That's a nuclear issue in all this! Anyone think some malcontent 14 year old hacker sitting in a basement somewhere is not just as smart as those working at the NSA?

Ha. After seeing a few presentations by some of the guys at the NSA, I'd really hope not. (Seriously, they have public presentations outlining some technologies. Go look them up, some might be online.) A 14-year-old as smart as those guys ought be in college not in some basement. But you don't need to be as smart as the NSA to use the backdoors they worked in. You need some smarts, experience and persistence.

(Anyone advocating revolution should learn a bit or two from history.)

 

[John Connor]

Hell, The NSA doesn't need access to your HDD. They can (maybe) sniff your WIFI traffic with a SIGINT Sat. http://fas.org/spp/military/program/sigint/androart.htm

:awe:

 

[Brian Stirling]

Any backdoor installed to permit access by the NSA/GCHQ/et al is also available to black hat types. We may never know just how the hackers that recently stole more than a billion dollars got in, but you'd have to be a drooling lapdog for government spying to argue these backdoor's will never be used by black hats.

And, as current events point out, the people we worry about, the people these spying tactics are supposed to track, are off the grid and have been for many years. It took a decade to get OBL and only by tracking a human courier. OBL had been in Abbattabad for many years and the NSA had no clue of it. How effective has these spying techniques been in getting Abu Bakr al-Baghdadi?

In the end, the BG's will largely avoid detection by operating in the stone-age -- meanwhile, you and I are being watched -- without warrant!


Brian

 

[Fred B]

Back in 1999 there where issues with the Pentium 3 concerning privacy and the CPU almost got banned from the EU

http://edition.cnn.com/TECH/computing/9911/29/eu.p3.ban.idg/index.html?eref=sitesearch

 

[John Connor]

Back in 1999 there where issues with the Pentium 3 concerning privacy and the CPU almost got banned from the EU

http://edition.cnn.com/TECH/computing/9911/29/eu.p3.ban.idg/index.html?eref=sitesearch

I remember that. Didn't they make an option in BIOS to turn it off?

 

[Fred B]

I remember that. Didn't they make an option in BIOS to turn it off?

Think so yes , it had an option in BIOS to hide CPU serial number :|