Spying programs on PCs

I find this a little funny:

"There is zero chance that someone could rewrite the [hard drive] operating system using public information," Raiu said.
Click to expand...

There are people who dedicate their lives to tearing systems down, analysing pin output - even painstakingly logging and figuring out signalling, debugging, etc. etc. and being able to completely understand and hack/rewrite/modify stuff like that without ever having access to the original source and only public information to go on.

EDIT: Added to which these days most HDDs are using off the shelf chips and basic firmware with relatively minor modification by the HDD/SSD manufacturer.
 
Last edited:
Meh now they know about it they will find a way of detecting it. However it would most likely require trashing the drive and buying a new one.

Its also unlikely you'd be enough interest to warrant such spying techniques.


The one that interested me was the air gap breaching tech. That was impressive.
 
Charlie Miller demonstrated this at pwn2own a few years back. Only he was doing it on a Macbook and the battery firmware. Makes it almost impossible to "cleanse" your machine unless you have a clue what you're doing. You can erase the HDD as many times as you want, if the firmware has been compromised it'll remain there.

Edit: Also, http://en.wikipedia.org/wiki/NSA_ANT_catalog
 
Last edited:
I could be completely wrong but a simple way to detect if there's an issue would be to create a hash of the drives firmware. Firmware released from the manufacturer would have a single hash per instance of firmware/drive. Any changes would change the hash therefore at least you know there's something there that shouldn't be(even if you cant read it).

Another option being hardware based when you know you have a clean drive would be to de-solder the jumper that allows write functions on the EPROM so you could only update when you reattach the jumper. Would stop any malicious code writing to the chip (at least I think thats possible).
 
So according to the article hard drive manufacturers are either in cahoots with the NSA or the NSA are hacking them and blaming China etc.

If it's the latter I would hope there'll be a rush by manufacturers to release hard drives with read only rom or a read only mode like Mynight suggested.
 
Last edited:
wasnt there something called bluepill a few years back? I cant recall exactly what it did but I remember being impressed. Probally nothing special now.

It was something like a tiny hidden hard drive partition that was pretty hard to find from a end user perspective allowing all sorts of backdoor access.
 
I think I'll just play a game of Angry... I mean Spying Birds :-)

spyingbirds_zps13396340.png
 
old news, RAT programs have been out for years and years wouldn't surprise me if one was made by the US govt. Would surprise me if it was truly undetectable nothing is made that good.
 
holymonk said:
Doesn't steam spy on you too
Click to expand...

You enter a contract to use their services, which means they might collect certain data (which you agreed to when you clicked "ok/accept/whatever" like most things you sign up for, including this very forum). If steam was collecting information on everyone on earth for no other reason than "eh, it might come in handy in future" the similarity analogy might work.
 
I sort of expect all governments to attempt to do this and all other governments to discover their attempts and to reverse them. It's like a constant push-pull.
 
You must log in or register to reply here.
Back
Top Bottom