For your consideration:

Russian researchers expose breakthrough U.S. spying program (by Reuters)

Equation Group: Questions and Aswers (by Kaspersky)

The bottom line is: unless you live in Iran, Russia, Pakistan, or Afghanistan and unless you work in government, telecommunications, diplomacy, research institution, or university it is unlikely that your machine is compromised.

Yea, I've read quite a bit about that the last few days.

In the hard drive firmware it is active before boot and able to grab fs encryption keys as they are used, and is virtually undetectable because drives provide no means of reading the firmware.

It is also not an isolated thing, but apparently the chances of you having one of these drives is pretty good if it is recent manufacture from Seagate, Western Digital, Hitachi, Samsung, Toshiba (most of mine!)... and the list goes on.

Did the manufacturers cooperate? Most will not comment, two I think deny it.

And that is just the harddrive exploit... there are many more. The budget and staff and reach have grown exponentially any hope of legal restraint is just a bad joke - as if law applied to those with power, money and all those private photos of the politicians and judges!

Sleep good, safe in the knowledge that all the bad guys now work for you!

This is outrageous. I wonder how those hard drives got infected in the first place.

If I understood correctly, the spyware loads on the RAM before the OS does, so in that case would any OS running on the infected machines be compromised?

Remember the cresendo of criticism that yahoo, google, ms etc got when it was revealed that the spooks had taps 'directly' into the servers ?
They all got wise of a sudden, denied it up and down, and started implimenting security arrangements for the barn doors that were left wide open in the past.

It is my hope that there will be a similar outcry, which will ( may ) force denials from the HD manufacturers - and if we are lucky then we too can get the tools to audit the drives ourselves. The tools MUST exist but are probably proprietary. Wonder what Stallman and Co. will do now ? Floppies ?

Actually I have a pile of old HD's from before 2009 which I may press back into service ? 100 meg zip drives anyone ?

The report from Equation Group says that this exploit re-programmed drive firmware. Can't they use firmware on 'real' ROMs: unwritable memory? And what keeps it out of any country?

One can use the Seagate utilities to 'update' the firmware on their drives. Firmware being provided by them, and only they really know what it does.
You used to be able to do it on older drives too. In the good old days the drive bios was mapped to C800 I believe.

Nothing. It is probably on every drive, and then they can just dial into you if the feel like fishing !
Much easier, and cost effective too. No more hijacked shipments from suppliers.

I doubt any ROMs actually exist anymore in commercial products.
I recently flashed a custom "ROM" onto my phone ....

I suggested that they offer firmware on old-fashioned unwritable ROMs ('read-only memory') as a security measure. I suppose one would have to pay for upgrades - or do without.

But one can figure it out. A search of the web turned up a German fellow who described his exploit hacking his own drive's firmware.

In the 'good old days' drives didn't have firmware, controllers did (BIOSes for original PCs didn't support hard drives). Sometimes its location was settable, usually with a jumper, not necessarily C800. It was always a 'real' ROM.

Earlier posters said it was limited to specific countries.

Doesn't mean they don't exist, that one can't use one. Put it on a discrete chip in a socket and let purchasers decide for themselves.

Can one could boot from a flashdrive and check one's hard disk firmware? Get a safe copy from the manufacturer's website and re-write the firmware? I assume yes to both.

I still am wondering how that much free space was left on the area in question. That chip has to have the first part of it correct for use in systems. The remaining area isn't very big. It's easy for anyone to go into that memory locations and see what is there and how big it is.

This article shows how to hack a HD :

http://spritesmods.com/?art=hddhack&page=1

From the article at arstechnia http://arstechnica.com/security/2015...found-at-last/
And if you are running linux id say the chances of at least an attempted infection is greater. Simply because linux is known for offering at least the illusion of greater security.

Lets check if I am altready infiltred by the NSA (or others).

My HDD on my laptop (extract of dmesg):
How to see if it is infected?
a) ask a certified non infected firmware to Hitachi? Where?
b) compare the current firmware with the "certified non-infected firmware"? how? is there any software / hardware to do it?

Any information of how to verify a firmware is welcome.

A map of infection rates by country

http://cdn.arstechnica.net/wp-conten...ap-980x613.png

It seems that one can read a hard drive's firmware only by connecting to its jtag port. Writing to it, however, one can do if the manufacturer allows rewriting it, as some do to allow updates. The person worried about his/hers could fetch a valid copy from the manufacturer and write it.

I've just disassembled one of my HDD's. You can also read the firmware directly from the SPI Flash chip on the board, no need for jtag. Then again, since a lot of HDD's come with an external SOIC8 SPI flash chips, I wonder if it is possible to physically write-protect these chips by soldering the WP pin of the chip directly to GND.