NSA has direct access to tech giants' systems for user data, secret files reveal

Discussion in 'privacy general' started by Dermot7, Jun 6, 2013.

  1. hawki

    hawki Registered Member

    Joined:
    Dec 17, 2008
    Posts:
    5,631
    Location:
    DC Metro Area
  2. lotuseclat79

    lotuseclat79 Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    5,390
    According to this article The Only Way You Can Delete This NSA Malware Is to Smash Your Hard Drive to Bits as evidenced by its title, has anyone considered the tactic of reflashing the drive's firmware with a pristine up-to-date firmware and preventing its firmware code from being reflashed? That would seem to be the only way to prevent this kind of attack.

    What are your thoughts on this approach? Certainly, it must be possible unless the NSA would have a way of locking down the firmware from being reflashed - do you think that they have such a technique?

    -- Tom
     
  3. RockLobster

    RockLobster Registered Member

    Joined:
    Nov 8, 2007
    Posts:
    1,812
    I read a discussion thread on the Sysinternals site the other night about these types of rootkits.
    http://forum.sysinternals.com/gpu-based-paravirtualization-rootkit-all-os-vulne_topic26706.html
    If the guy is correct it is a lot worse than just hard drive firmware, after reading it all I could say was wow.
     
  4. Veeshush

    Veeshush Registered Member

    Joined:
    Mar 16, 2014
    Posts:
    643
    That's also what I thought, however the danger is that most people aren't going to invest the absurdly tedious amount of time to keep watch on their devices' firmware 24/7, so it'd be hard. Then also, once infected by such a thing, well, damage has been done. Bout the only thing you could do at that point is send the samples to anti-virus companies, the EFF and the web.

    RockLobster, I'll have to read through that. Sounds interesting.


    Again, I stand by my possible solution that we need to have physical switches or jumpers on ALL devices to prevent firmware flashing. If they could put such a thing on floppy disks, why couldn't they add it to other devices? Just a simple jumper or switch. https://en.wikipedia.org/wiki/Write_protection
     
  5. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    9,252
    Zaddach et al. (2014) Implementation and Implications of a Stealth Hard-Drive Backdoor
    http://www.s3.eurecom.fr/docs/acsac13_zaddach.pdf
     
  6. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    9,252
  7. RockLobster

    RockLobster Registered Member

    Joined:
    Nov 8, 2007
    Posts:
    1,812
    I think we need tools to examine the firmware on our devices, if we could do this we could hash the firmware code and compare it to known good ones. Might be an idea for an open source project it could be like a scanner.
     
    Last edited: Feb 23, 2015
  8. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,979
  9. 142395

    142395 Guest

    Although it raises privacy concern, I have to say it's a right and natural decision for the intelligence agency.
     
  10. deBoetie

    deBoetie Registered Member

    Joined:
    Aug 7, 2013
    Posts:
    1,832
    Location:
    UK
    It could be IF you had reasonable evidence that the huge amounts of money and opportunity costs were actually going to be effective at achieving the stated objective (as opposed to the known scope creep of criminalising everyone, and allowing those involved to empire build and get power and money for themselves.) The evidence does NOT point in that direction, the useful, actionable intelligence is from people who understand the situation, speak the languages, and put in the hard work to track people down using human judgement rather than machine algorithms and data mining.

    AND IF you properly assessed the collateral damage (not only to privacy either) - this is never done when these programs are being proposed.

    AND IF you trusted the people and organisations involved. Despite their track record.

    Good luck with that.
     
  11. 142395

    142395 Guest

    I'm not saying about its legitimacy or validity. I know the report about NSA couldn't offer any valid evidence that their surveillance stopped terrorism.

    Whatever people want or hope, intelligence agency won't disappear. It's just as much hard as achieving perpetual complete peace. If your country didn't put and devote large money on intelligence, sorry your country will be left behind in international competition in long run.

    Until recently, major objective for U.S intelligence agency was economical war since end of the Cold War. There have been some evidence that they actually spied on other country, especially corporation. In the Cold War, they played quite a big role, not only direct operatives against communist but it's well known that their cultural strategy largely affected each side's literature. I know my country also did these tho much smaller extent. From an autobiography of a pre-agent of my country's agancy, I'm almost sure that those operatives made some sense to protect national security and national economy, tho he also made much of criticisms.

    The thing is, situation is changing rapidly, and their old methods were not quite effective any more, OTOH too many survellance didn't fruit much as nobody can correctly process, relate, and integrate such too big data. They're surely struggling to keep up these shift, I don't know their direction is right but at least CIA which was mostly for HUMINT only to gain and integrate some SIGINT capability is necessary. HUMINT is still quite important even in current technology era, but obviously their old methods have limitations.

    Again, I'm not talking about if those surveillance is good or not, the fact is regardless of if it is good, there's little hope that those activity, agency, and budget for them disappear. I also do not say protest or criticism is not needed, just saying we can't remove them from on earth or from your country. Ofc we should raise our voice and pursue as much as transparency, regulation, and human right including privacy. This is why we have international law to restrict what is allowed on war even knowing it is not always respected.
     
    Last edited by a moderator: Feb 24, 2015
  12. RockLobster

    RockLobster Registered Member

    Joined:
    Nov 8, 2007
    Posts:
    1,812
    Yes some people doubted it but I believe that thread was started before the Snowdon leaks, I feel sure it would have been taken more seriously had it been afterwards. Did you read the proof of concept paper someone posted a link to it in that thread, it seems entirely plausible to me, especially when you consider the hidden processing power and memory of the average gaming gpu ?
    I mentioned an idea for hashing the firmware then it struck me, why don't we do that to all the executables on our PC's instead of using lame definition file based scanners when we know a real adversary will not be using "known" malware. If we built a database of the hashes all known executable files and built a scanner to hash each file on our own computer and compare it to that database, we would have a anti malware scanner that would recognize any file that had been modified by a malware. The scan might take longer but what the hell at least we would know it is definitely going to find malware infection if there is one plus it would tell us exactly which files are affected. I really think the anti malware companies have failed us and we need a new approach.
     
    Last edited: Feb 24, 2015
  13. lotuseclat79

    lotuseclat79 Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    5,390
  14. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,979
    @ RockLobster

    Yes, that thread was started well before the Snowdon leaks ! It wasn't the only one on there, or here either, also well before the Snowdon leaks
     
  15. 142395

    142395 Guest

  16. lotuseclat79

    lotuseclat79 Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    5,390
    How To Sabotage Encryption Software (And Not Get Caught).

    Surreptitiously Weakening Cryptographic Systems (Download).

    Chose the format (pdf or txt) and left-click on the Download button

    -- Tom
     
  17. lotuseclat79

    lotuseclat79 Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    5,390
    Are Your Devices Hardwired For Betrayal?.

    -- Tom
     
  18. Veeshush

    Veeshush Registered Member

    Joined:
    Mar 16, 2014
    Posts:
    643
    Last edited by a moderator: Mar 4, 2015
  19. 142395

    142395 Guest

    Great reading!
    I wonder if there's other way to implement hidden constant trick in anything other than random generation algorithm. I have to admit my knowledge don't reach that degree.
     
  20. emmjay

    emmjay Registered Member

    Joined:
    Jan 26, 2010
    Posts:
    1,413
    Location:
    Triassic
    Quote from the link: Firmware is not just limited to your computer either. There is firmware in most electronic devices that we use: cellphones, car components, printers, digital cameras, TVs, routers, etc., all contain firmware.

    Can only image the cost to consumers if this malware were to hit smart TVs and cars. PC manufacturers will not replace your PC if you install a firmware upgrade that bricks your device, because the warranty only covers the physical hardware, and not the software or firmware. If malware infects the firmware, I would expect manufacturers to take the same stand. Car mechanics rely on pre-designed diagnostics to determine computer related problems in a car, but I doubt if they can determine if malware has infected the firmware. If the malware has bricked the computer, replacement cost would be pretty high and the replaced system would have the same vulnerability.
     
  21. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    9,252
  22. Dermot7

    Dermot7 Registered Member

    Joined:
    Dec 20, 2009
    Posts:
    3,411
    Location:
    Surrey, England.
    Documents Shine Light on Shadowy New Zealand Surveillance Base - The Intercept
     
  23. Dermot7

    Dermot7 Registered Member

    Joined:
    Dec 20, 2009
    Posts:
    3,411
    Location:
    Surrey, England.
    iSpy: The CIA Campaign to Steal Apple's Secrets
     
  24. deBoetie

    deBoetie Registered Member

    Joined:
    Aug 7, 2013
    Posts:
    1,832
    Location:
    UK
  25. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    Until such a time as the governments consent to having a real and open debate instead of hiding behind national security, exaggerated threats of terrorism, etc, and accept responsibility for their actions, actions that declare all people as potential enemies and terrorists, the revelations and the discussions of countermeasures will continue.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.