Got Malware? New Threat Can't Be Removed Without Breaking Hard Drive
- Thread starter Fanghawk
- Start date
Not likely, to be honest your typical Cyberpunk scenario from decades to go is positively utopian compared to where we are going. Most Cyberpunk fiction was based on the idea that businesses would become so powerful that they would wind up replacing or otherwise directly subverting all the global governments. A lot of it was based on the "Japanacorp" takeovers of the 1980s, which is why so many of the classic works have a heavy involvement of the Japanese and cultural trappings. That said typically this gets into concepts like how corporations would convince governments to allow citizens to sell their votes, meaning the corporations would wind up buying your vote in exchange for corporate welfare or as a requirement of employment with the corporation. This means the corporations, not political parties, would be what determined who held power, with whatever corporation has the most money and benefits to hand out to serfs being able to cast the most votes and thus control nations. Typically these ideas involve Japan starting the fire by subverting the US government, but US and European companies fighting back and then doing the same thing to Asian countries, and the forced democratization of China and Russia ultimately forcing them into the same basic game. In some Cyberpunk concepts you have a "Corporate Council" that acts as a sort of UN to prevent territorial disputes from getting out of control. The "punk" aspects of this kind of thing usually come about from people caught in the cracks of the system rebelling 1980s style, in some cases there being very big cracks when the powers that be conspire to limit citizenships so they can fix the power structure by not having new votes coming into the system, or risking that increasingly larger generations of people might not sell their votes and could potentially organize and present a threat. Of course this is just one basic type of ideas, there are many.Michael Tabbut said:
I think on a lot of levels this kind of speculative fiction made enough people aware of the basic idea (turning corps into stock villains in record time) that most of the pitfalls have been averted. The problem is that this has left us with a regular structure of nations balanced over a powder keg, and a world where very little can be done by anyone. See in a Cyberpunk concept things are actually pretty decent for most of humanity oddly enough, as your average "prole" lives in a corporate enclave and has corporations advancing science while finding new and innovative ways to keep their serfs happy and passive. It mostly sucks if your one of the people rebelling against that system or who fell through the cracks without citizenship or whatever. Your typical protagonist or PC in an RPG being someone who usually jumps into the cracks intentionally to sell their services as a highly paid mercenary and then gets into crap in the various shadow wars people usually don't see. In the current environment governments seem mostly concerned about suppressing technology as much as they can, and generally don't give a crap about anyone, in Cyberpunk the Corporations had to buy your votes to wield power, in reality it doesn't work that directly and you don't generally ever see any benefit from anything you do.
We lack, and will probably never have the way things work now, any kind of consumer neural interface technology for computers. Something like augementive cyberware is something the governments would never even consider allowing on the market. Heck most places won't even let you have a primitive jet pack or personal Gyrocopter. As amusing as hackers might be, at the end of the day the internet is primitive enough where the most they can do is harass people and slow them down when it comes to the big issues. To resolve anything you actually need to put boots on the ground and actually do something, and given the reluctance to do that, it means that no matter what hackers do, nations that are intent on say developing WMD are probably going to succeed.
All sarcasm aside, at the end of the day I think we will neither wind up doomed like "1984" or "Cyberpunk Fiction" but rather wind up in a miserable dystopia far worse than any of them, without even the creativity those visions showed.
Enjoy your false sense of security. Linux security is basicly security through obscurity which really isn't security at all, just a reflection of the fact that the majority of people writing dubious code can't be bothered to target you.47_Ronin said:
Anyway, I'm surprised it's possible to get at the firmware of a hard drive. Not unless you have access to the manufacturing facilities.
I've researched data recovery a little (pretty hard to do, because the people that know anything about it are very secretive), and as far as I can tell, you typically can't just access the firmware of a hard drive directly.
With at least some models to mess with it at all you have to connect through a data bus seperate from the primary data bus which doesn't usually have anything connected to it while the drive is in regular use.
That said, this special interface can do very low level alterations to the drive logic, but... Still...
The USB hack scares me more though. That was demonstrated as a working model by 'white hat' hackers, but even so, it's existence is truly terrifying.
Similar to this issue, they demonstrated that's it's possible to infect the USB plug and play firmware. Once a usb device of any kind is infected, it automatically infects the firmware of any computer it's plugged into through the plug and play code that is essential to the core functioning of USB.
An infected computer then rewrites the firmware of every USB device connected to it, and so on...
And you can't do anything about this, because although you could 'fix' the firmware on infected computers, the nature of the exploit means you cannot prevent re-infection. There is no way of rewriting the firmware in a way that would prevent this issue, because it would cripple a basic function of USB...
Leaving all USB devices permanently vulnerable to this exploit...
No examples in the wild, but...
Anyway, security flaws can be pretty scary if you think about them...
How/Why is this a new thing?
If I know anything about IT related stuff, everything is easy but there is just a fuckton of easy stuff you need to know if you want to understand anything. Why has nobody bothered making malware hook into the firmware before? Surely if its possible at all it can't be that hard.
On another note. When is the movie coming out? I expect abandoned buildings, car chases, explosions, attractive 20-25 year old vigilante hackers being endlessly pursued by a pair of attractive male and female cops that have a chemistry not seen since breaking bad all ending in a final showdown of the last remaining hacker about to blow up every bit of networked hardware in existence against a cop with a broken leg crawling to her gun in order to avenge her critically wounded partner.
And it will be called "Gun Code"
If I know anything about IT related stuff, everything is easy but there is just a fuckton of easy stuff you need to know if you want to understand anything. Why has nobody bothered making malware hook into the firmware before? Surely if its possible at all it can't be that hard.
On another note. When is the movie coming out? I expect abandoned buildings, car chases, explosions, attractive 20-25 year old vigilante hackers being endlessly pursued by a pair of attractive male and female cops that have a chemistry not seen since breaking bad all ending in a final showdown of the last remaining hacker about to blow up every bit of networked hardware in existence against a cop with a broken leg crawling to her gun in order to avenge her critically wounded partner.
And it will be called "Gun Code"
There's a lot of blogspam and midding-level articles about this, but if you'd like one of the better researched ones that don't require an in-depth knowledge of info-sec technology, then check out Ars Technica's: http://arstechnica.com/security/2015/02/how-omnipotent-hackers-tied-to-the-nsa-hid-for-14-years-and-were-found-at-last/
Its pretty much exactly what you think: This is almost certainly the work of the NSA's TAO division, likely acting in concert with Israeli agents on some operations (ie Flame, Stuxnet etc.. ). The Snowden revelations provide confirmation of som codenames for particular tools observed by Kaspersky, such as IRATEMONK which describes the firmware-resident backdoor nearly exactly: https://www.schneier.com/blog/archives/2014/01/iratemonk_nsa_e.html
Its pretty much exactly what you think: This is almost certainly the work of the NSA's TAO division, likely acting in concert with Israeli agents on some operations (ie Flame, Stuxnet etc.. ). The Snowden revelations provide confirmation of som codenames for particular tools observed by Kaspersky, such as IRATEMONK which describes the firmware-resident backdoor nearly exactly: https://www.schneier.com/blog/archives/2014/01/iratemonk_nsa_e.html
This is anything but easy.Trippy Turtle said:
This is the kind of stuff that requires access to secret source code, which basically requires you to either have actual physical spies infiltrating the manufacturing facilities or secret courts ordering you receive that code and issuing a gag order to the companies who have to hand it over.
Long story short, doing something like this requires a significant chunk of money.
That is the only way how such thing could worktruckspond said:
But wasn't such software supposed to be hard coded?
At least I assumed that basic hardware controlling software was hard coded into said hardware.
Because only other alternative is that it is hardware issue.
And then we have REAL problem.
You cant be serious. The linux kernel has more security holes than a Swiss cheese.47_Ronin said:
http://www.cvedetails.com/vulnerability-list/vendor_id-33/product_id-47/cvssscoremin-7/cvssscoremax-7.99/Linux-Linux-Kernel.html
Only reason this isnt a bigger consumer problem is because nobody uses linux to begin with.
Probably meaning that the firmware for the disk drive should be "read only". But you run into problems with that if the hardware ends up with a problem that can only be solved by a firmware update- which happened to a certain line of Seagate drives in 2009.TomWiley said:
Well it looks like Steve Gibson will have a new project when he finishes SpinRite 7 (6 is still the best, most effective, and wallet friendly data recovery tool on the planet.) It could be that he might just make the removal of the malware a function of SpinRite in the future, since it works at the most basic levels of the HDD/SSD. But things like this remind me of the need to back on GRC and start listening to the Security Now! podcast on a regular basis.
I'm rather confident that this isn't from a Government, or the Illuminati(a conspiracy theorist favorite.) Independent hacker sources are so much more advanced than Governments tend to be and a lot of hackers like these work in the software industry. The fact that we just discovered these makes me wonder how many more like them there are like these people? How many more malware sources like these have we not discovered?
The low level can actually be surprisingly dangerous, even tiny amounts of code can make surprisingly massive changes.
I'm rather confident that this isn't from a Government, or the Illuminati(a conspiracy theorist favorite.) Independent hacker sources are so much more advanced than Governments tend to be and a lot of hackers like these work in the software industry. The fact that we just discovered these makes me wonder how many more like them there are like these people? How many more malware sources like these have we not discovered?
You're only partly correct. The other side is that Linux is constantly worked on by people all over the place, mostly volunteers, who constantly update the security features, and plug back doors.CrystalShadow said:
The thing is that firmware can be flashed with updates and such. You can go and flash your Bios firmware today if there is an update available for it.CrystalShadow said:
Most of the people who say they know anything about data recovery are generally full of it. Since even a good deal of professional recovery places use SpinRite. That being said you can access firmware generally fairly easily if you know what you're doing.CrystalShadow said:
The low level can actually be surprisingly dangerous, even tiny amounts of code can make surprisingly massive changes.
They can be, but knowing basic ways to keep your self secure can really help. One of which is blocking java script, not trying to incur mod wrath here, just stating a security fact.CrystalShadow said:
Considering how good these guys are and the main targets...
I'm going to go out on a limb here and guess "CIA" or "Whoever the Israeli government gives Cyber attack jobs to" is the mastermind.
I'm going to go out on a limb here and guess "CIA" or "Whoever the Israeli government gives Cyber attack jobs to" is the mastermind.
I know this was supposed to scare me, but I'm pretty sure they won't give a shit about me, so I don't have to worry. If this was a troll group, I might have been scared, but they seem to only target things reported in the news as an international threat.
Now if 4chan somehow figured that shit out, I would be piss scared.
Now if 4chan somehow figured that shit out, I would be piss scared.