Russian researchers expose breakthrough U.S. spying program | Reuters
I don't even know what to say. Assuming this is all true, we must fear the NSA as being the most fearful malware group in the whole world, with access to unrivaled know how and a compelling desire to create the biggest damage possible, eventually directly or indirectly targeting with military grade weaponry the computers of any citizen of the world.
Originally Posted by brewbuck:
Reimplementing a large system in another language to get a 25% performance boost is nonsense. It would be cheaper to just get a computer which is 25% faster.
My guess is that at least China has similar capabilities.Originally Posted by Mario F.
The difference is that China doesn't have an ongoing "war on terror", so it doesn't have to show its hand.
But I agree that it is a bit alarming. At least there doesn't seem to be anything that suggest that they use this indiscriminately yet, they seem to go for only specific targets.
I think that we can assume that NSA would prefer to have every device in the world infected, if they could get away with it though...
"A Professor of Computer Science gave a paper on how he uses Linux to teach his undergraduates about operating systems. Someone in the audience asked why use Linux rather than Plan 9?' and the professor answered:Plan 9 looks like it was written by experts; Linux looks like something my students could aspire to write'."
This thread is very funny, ha.
Isn't firmware read only though? I'm afraid I haven't had much experience with low level hard-drive stuff, the closest was when I had to install an AHCI driver for a laptop. So the technical aspects are a mystery to me. The articles say the NSA (if it was them) had the source code though, so maybe they could exploit some mechanism to update or repair the firmware to get their code in.
Anyway, the NSA has had many allegations of misusing their powers in the past to spy on both citizens and specific members of congress. Although you would think everyone would be wary of having such a powerful agency with so little oversight, there are still those who think this level of intrusion is reasonable for safety.
Even if it was necessary for safety, I would still be opposed to it. If electronic communication is protected under the 4rth amendment, and the 4rth amendment is the declaration of a human right (not just a US persons right), then it follows that people outside of the US are protected as well. Besides, the excuse of "it will only ever happen to someone else!" has always seemed unempathetic to me.
It's not likely the NSA will stop though, so...
"I'm so glad the NSA is watching over me!" (said no one, ever).
What, do I look like a clown?! (oh wait...)
*takes off clown nose*
It was casual Monday at work. :P
Last edited by Alpo; 02-17-2015 at 12:55 AM.
WndProc = (2[b] || !(2[b])) ? SufferNobly : TakeArms;
There are probably some safety mechanism that prevent writing to the firmware, but seeing as firmware is upgradeable these days, it's not as if nothing can write to it. Clearly some programs can, and one need only disassemble these programs to find out how. But I will agree that this is disturbing. We need mechanisms that prompts us to allow if some software does this (kind of like UAC).
We need BIOS that let you lock out the OS from flashing devices. That way you can turn off the protections only for the duration of an update. I mean, when was the last time you updated your HDD firmware?
Hell no. I'm not rebooting when I need to update my firmware.
When last there was an update available. Apparently all "supposed" newer Samsung SSD firmware updates out there don't show up in their Magician application for some reason.I mean, when was the last time you updated your HDD firmware?
But yeah, I've updated the firmware on the drive once.
He said Kaspersky found only a few especially high-value computers with the hard-drive infections.High-value computers are being handed over to a Russian company for analysis?
Seems bizarre.
For the paranoid people like me, the added security would be worth the inconvenience. Considering how rarely anyone needs to update their firmware, it really would be NBD.
But for people like you, you simply leave the BIOS firmware lock off. That's the beauty of optional features.
I'd go with the idea of a open source and non executable firmware. In fact, it's sort of sad that in an age of open architectures, we still somehow let this one slip. We shouldn't be accepting devices with proprietary firmware.
Originally Posted by brewbuck:
Reimplementing a large system in another language to get a 25% performance boost is nonsense. It would be cheaper to just get a computer which is 25% faster.
And then I'm back to today's world where anyone can update the firmware without my knowledge. No, that's why I'm saying I should get a prompt that allows me to ack whether I want it to happen or not every time someone tries to modify the firmware.
A prompt from what? Your compromised OS? A deadbolt on your front door does nothing to protect your jewelry box when the burgler is already in the house.
If the BIOS was smart enough to be able to interrupt the OS and prompt you itself, now that would be cool, but probably way to complicated to ever happen.
I was about to say something on these lines. Software based solutions, particularly those offered by the OS are just going to give a false sense of security. In fact, UAC isn't even a complete solution to user mode malware. Microsoft BitLocker with TPM meanwhile already implements some form of firmware protection. But it's been ineffective with numerous vulnerabilities being revealed over the time.
Well we are sort of moving in that direction. The two NIS reports (1) (2) that resulted in the UEFI standard already implement BIOS controllable firmware protection. But again we are dealing inflammable solutions which end up becoming vulnerable to all sorts of conditions; because of BIOS manufacturers incompetence or hardware manufacturers incompetence.
The thing is, we aren't going to get there with standards and specifications. Because even if a manufacturer follows them to the letter, standards and specifications don't define the protocols and processes in the firmware. They merely speak of a layer of security that invariably is itself vulnerable to the underlying code. Much like a strong door becomes vulnerable if attached to a weak frame.
I think Shuttleworth hits it where it hurts. We need to stop running executable code in firmware. Any executable code can only be processed in the device driver and we need a new firmware architecture to support this. We also need the firmware to become a true part of the open computing architecture. Open sourcing firmware in the current worldwide security scenario isn't a matter of ideology. It's a real necessity that protects us not only from malware, but from government issued spyware.
Originally Posted by brewbuck:
Reimplementing a large system in another language to get a 25% performance boost is nonsense. It would be cheaper to just get a computer which is 25% faster.
Agreed. That would be the cleanest and safest thing to do.
This isn't the answer. A jailed HDD driver running hostile firmware code can still easily infect a host, that, is impossible to prevent.
The only safe solution is for drivers to be designed to not run any code from the device in the first place. i.e., make it impossible to infect firmware. The only reason they do now, is because HDD manufacturers are too lazy to properly design their stuff.
Well, the thing is that by definition a device driver runs executable code. It is a program. There's no way around it. The firmware isn't actually being jailed. You just move your vector out of the hardware and into the device driver where it was always vulnerable in the first place. That is, if the firmware becomes merely the source of declarative code it is no longer an attack vector, much like a text file can't really be an attack vector.
Originally Posted by brewbuck:
Reimplementing a large system in another language to get a 25% performance boost is nonsense. It would be cheaper to just get a computer which is 25% faster.
