Hard drive firmware

Discussion in 'SSDs & Data Storage' started by SomeGuy133, Aug 30, 2015.

  1. SomeGuy133

    SomeGuy133 2[H]4U

    Messages:
    3,447
    Joined:
    Apr 12, 2015
    How do you update the firmware and ensure it is wiped clean?

    After the recent revelation of a new method of the NSA getting malware or whatever into HDD firmware I want to figure out a way to erase it and reinstall firmware in hopes that the replaced version isn't a tampered one.

    http://www.wired.com/2015/02/nsa-firmware-hacking/
     
  2. CVNet1

    CVNet1 [H]ard|Gawd

    Messages:
    1,029
    Joined:
    Oct 10, 2002
    So you are saying you know your version of firmware is an NSA hacked version?

    As I recall reading about the firmware hack, the NSA firmware hack was accomplished by infecting an existing OS system with a NSA Trojan horse program. The Trojan Horse would send back telemetry on your system and if your system appeared to the NSA to be interesting for some reason, they would proceed to the next step. The next step involved the Trojan Horse program installing a NSA rootkit style program using security vulnerabilities in your OS or computer hardware. The rootkit would send back additional detailed information (files, contents, communications, etc). If the NSA found that information useful or interesting to their purposes, then they would have the rootkit further entrench its hold on compromising the system by downloading additional programs, identifying the computer hardware (to see if hardware vulnerabilities might allow the NSA to further lockdown their hold on the compromised system and safeguard against the user wiping the rootkit and re-formatting. Only on the systems that are deemed high value targets was the NSA known to have pushed a hacked firmware update to the HDD or other firmware dependent component on said system.

    Outside of backing up the firmware on your HDD the moment you physically install it (you would probably need to use a Live CD of some sort that was not internet enabled while the only HDD connected to the computer was the one you wanted to backup the firmware on). I'm not even sure if HDD vendors provide any utilities that would interface with HDD firmware (probably not since they've generally been very secretive and proprietary with the firmware code on their respective HDD's).

    Anyway, after you pull a copy of the firmware from your HDD, burn that copy using the same trusted live-cd boot environment to a 2nd cd disc for safe keeping. Then I guess you might be able to repeat your firmware backup every so often and run a SHA256 checksum comparison of the file burned on the CD from the original backup and the most recent backup to see if any changed occurred to the firmware.

    Thats about all I can think of off the top of my head. I can't see why you would be a significant enough target for the NSA to push one of their most valuable (formerly secret) weapons onto your computer. The more they push that cyber weapon, the higher the likelihood an easy method will be identified to discover the firmware hacking and alert the user / sysadmin. It would only make sense from my perspective to use the weapon sparingly for the purpose of espionage in foreign governments and spying on high level commanders in a known terrorist organization.
     
  3. AlienTech

    AlienTech Limp Gawd

    Messages:
    286
    Joined:
    Sep 30, 2004
    They spy on anyone and everyone. Including industrial spying which you can take advantage off if you cooperate. So on the one hand companies like Google and apple are against spying but on the other hand their market share and innovations are to an extent to advanced knowledge on the competition. Wonder how they got that if they were not actively cooperating. We already know microsoft actively cooperates with them all the while yelling bloody murder they are not. Its been proven multiple time yet they feint innocence. I am sure the way to get hooks into firmware is to get someone who works on such things to cooperate. Would be a simple matter to blackmail some programmer or someone in the chain to add the code before the item is even shipped. Snowden talked about how his colleagues were blackmailing and bribing swiss diplomats and others. Wonder if that is how the IRS got the dirt on the swiss banking cartels.

    When we start thinking in such terms, and knowing how powerful these people are, we have to assume they have hooks far deeper into things than from the outside. I would not be surprised if they have hooks directly in the CPU microcode. You really think they would let a huge company that powerful keep them out? It is not like they have to redesign anything, most of the things are already built in.. All they need to do is give access on how it is done. They broke into darknet, which is not possible from the outside.. would have taken a very long time if they did not compromise a lot of the computers on the network and those running many of those computers are computer savvy people who are careful about security. But they were able to do it anyway.
     
  4. Aesma

    Aesma [H]ard|Gawd

    Messages:
    1,844
    Joined:
    Mar 24, 2010
    If you want good confidentiality, you need at least two computers, with one that is never online. On the online one, do only harmless stuff, and when you need to send your world domination plans to a colleague (made on the offline computer of course), encrypt everything before transferring from the offline to online (using a write-once media).

    The trick is to find an encryption software/cypher that is not itself compromised.

    Meanwhile terrorists don't even bother and communicate using good old messengers.
     
  5. staticlag

    staticlag [H]ard|Gawd

    Messages:
    1,675
    Joined:
    Mar 26, 2010
    Indeed, ultra security is going to be a PC that has no capability of being online.

    But in reality if they want to get you they will wait till you go to work and pose and meter readers, pick your locks and DL your entire PC.
     
  6. SomeGuy133

    SomeGuy133 2[H]4U

    Messages:
    3,447
    Joined:
    Apr 12, 2015
    forget the details but intel's RdRand was compromised and it is hardware level broken. Not sure if it was related to the NIST random number gen that everyone used and was finally learned that the NSA purposely broke it -_-

    https://en.wikipedia.org/wiki/RdRand


    I have no idea if anything is infected. As far as i know its all clean but that doesn't mean shit. It is such a low level vulnerability it is something that must be taken seriously because it completely nullifies any kind of software encryption if the firmware is fucked. That is why I want to figure out a way to protect it. I also don't trust firmware from manufacture. NSA has either intercepted in route or at the factor and reprogrammed firmware and software with NSA approved applications :/ Cisco was bitching night and day about it.

    Thats why i am looking into getting these high security locks. I forget the same but they are unpickable. Only way to beat them is breaking or grinding a key from imprints. What I mean is putting a key in taking it out...looking at the marks and grind blank key down and repeat over and over. It takes about 12-24 hours using that method so it is unlikely no one noticing lol. I used to pick locks for fun with my boss from the DOD who was a lock smith for fun. So i know the ins and outs of picking and whats good and not good,

    Also whoever said software encryption your wrong. The whole issue with this firmware malware is it bypasses any encryption! If your HDD firmware is compromised the entire system is and you can't stop it.
     
  7. CVNet1

    CVNet1 [H]ard|Gawd

    Messages:
    1,029
    Joined:
    Oct 10, 2002
    Well i think I have an ancient IDE ATA33 5.25" drive with 120MB capacity in my closet. I'm fairly certain no one has hacked the firmware on that drive as it was manufactured in 90's.

    I could send it to you for cost, but no guarantees on the Fedex shipment not being intercepted and the firmware compromised in transit. And for that matter, no guarantees the motor will spin the platter after so many years of disuse.