Data recovery and disk repair questions and discussions related to old-fashioned SATA, SAS, SCSI, IDE, MFM hard drives - any type of storage device that has moving parts
February 23rd, 2015, 0:12
I heard/learned about these firmware bots over the Internet a little while ago. I wondered why hdd makers, like Western Digital would allow this to happen and then sell their Hddrives to us. Why? Is this a direct result of pressure(s) from the NSA and further pressure from the Gov? OR, Are you in 'bed' with your suppliers to acquire new ideas/software at our expense? If not, Then WHAT. If you can't rid of them, via a disk formatting; then how do we get rid of them! Would Western Digital have any great ideas, since these hard disk drives are their products, to get rid of a bot? Because I have a WD Caviar Blue HDD(still sealed in its plastic bag) (Model WD3200KSRTL). And I would to install and use it!, but I don't want to risk of ruinning my system, or loose any promising new software inventions. So what HDD maker do we trust?? Lets say, Samsung, Seagate Technologys, Kingston Technologys, Buffalo Technologys, Toshiba, HGST, or even Western Digital?? Who can we trust. If Western Digital has placed a BOT in there HDD products knowingly, what does that tell us about Western Digital's business practices, or for that matter - their Integrity and Honesty. I like using their HDD's, but I just might start looking at other places to spend my computers dollars. Knowing this, it is like a slap in the face by Western Digital. !!!!
I await for a truthful honest answer from Western Digital. Ok.
February 23rd, 2015, 12:44
From my research it's actually a virus which is capable of writing vendor specific ATA commands to be able to write code into the hard drive's service area (hidden area where the drive's firmware is) to be able to embed itself there and later write code which gives the group (suspected to be the NSA) access to the computer.
The data wasn't put there by WD or any other hard drive manufacturer, and they may not have helped or participated in any way. Anyone with basic data recovery equipment like PC-3000 can read/write the firmware code from drives and possibly figure out how to compromise them.
Don't be so quick to blame the people who made the HDD for the issue. It's just a vulnerability that no one ever planned on because it seemed like an impossible amount of work to go through to build a virus capable of this.
I do find it interesting that this all came out not long after Seagate started encrypting access to it's hard drive's service area. I'm wondering if they knew something about it, and thus the changes found in the newer DM drives that no one can work on.... either way they'll likely be soon advertising it as the drive that the NSA can't hack.
February 23rd, 2015, 23:18
data-medics wrote: either way they'll likely be soon advertising it as the drive that the NSA can't hack.
what if they are infecting it THEN encrypting it so no one can figure out it is infected?
bear solace in the general idea that these types of malware are reserved for quite special targets.
if you have a new HD, I think you'll be fine. unless of course you are a world leader in some very interesting to the guys sending out the malware.
I am pretty sure if you had anything remotely interesting to those guys, you wouldn't be posting on here to start with.
I doubt they would be interested in our Linux ISO's or stuff from the Swedish marketplace.
as far as information they might use from our knowledge, well their malware is 100 times more advanced than I know how to do, so I think that's not worth worrying about either.
Powered by phpBB © phpBB Group.