Researchers expose NSA spying program

[UM-Bot]

A security software firm has revealed that spyware has been hidden within the firmware of hard drives.

According to researchers at Kaspersky Lab, a security firm based in Moscow which produces anti-virus software, the NSA has developed an effective new way to install spyware on to computers in countries all over the world by embedding it in to the firmware of popular big brand hard drives.

Read More: http://www.unexplained-mysteries.com/news/278164/researchers-expose-nsa-spying-program

[Shiloh17]

How many other countries have an NSA?

[rashore]

How many other countries have an NSA?

As in intelligence agencies? Dozens of countries- over 100 countries if online information is right.

[Astra.]

More paranomia? ....

[paperdyer]

I wonder if the hard drives were Windows-based or Macs or some other operating system or just a mixture. I wonder why firewalls or network monitoring software didn't catch the outgoing traffic?

[Dark_Grey]

"Western Digital, Seagate and Micron said they had no knowledge of these spying programs. Toshiba and Samsung declined to comment. IBM did not respond to requests for comment"

Ok so that narrows it down to Toshiba, Samsung and IBM which is a relief as I'm a fan of Western Digital.

[gailforce]

see this is why i don't like computers... this website is bad example

Edited February 17, 2015 by gailforce

[questionmark]

I wonder if the hard drives were Windows-based or Macs or some other operating system or just a mixture. I wonder why firewalls or network monitoring software didn't catch the outgoing traffic?

Given that both Macs and Window machines now use the same chipset and CPU you can write an application on assembler level that will run on both... no big problem.

[+OverSword]

If you're a (so called) conspiracy theorist you read about this being buried in the firmware of your hard drive years ago. This isn't new news IMO.

[Dark_Grey]

If you're a (so called) conspiracy theorist you read about this being buried in the firmware of your hard drive years ago. This isn't new news IMO.

As with just about every NSA expose, one has to assume that they have had this particular program in place for a few years.

[spartan max2]

Err no fan of the NSA. But I'm not trusting firms out of Moscow Russia at this point in time

Edited February 17, 2015 by spartan max2

[travelnjones]

Kapersky is as credible as norton and mcaffee

[Gumball]

Kapersky is as credible as norton and mcaffee

McAfee? Are you sure?

[SHaYap]

'No knowledge' means just that ... not knowing ... it does not mean it is not 'there' ~ and its not just hardware ... it is both software and hardware ~

`

[Raptor Witness]

Edward Snowden was their plague.

[Abaddonire]

Kapersky is as credible as norton and mcaffee

As is always the rule, what was once the best of software inevitably evolves into bloatware.

Anyway, this is the first CT I have ever seen that is at least even vaguely possible. Impractical, of course, but possible.

[RoofGardener]

This is an OLD hoax.

No disk manufacturer would risk doing this; they would be instantly bankrupted. Nobody would every buy their disks again.

[Abaddonire]

This is an OLD hoax.

No disk manufacturer would risk doing this; they would be instantly bankrupted. Nobody would every buy their disks again.

A far more likely scenario is that Western Digital and Seagate re-invigorated the old rumour. Even if they didn't, bet their sales go up on foot of their denial.

[DONTEATUS]

Yeah ! its all a mute case and a hoax, So get out and buy a copy of "Buggerware" it backs up all your data,and piggy-backs it to all the porn sites,then It sends it forward to the Local NSA opperitive ! Then He gets fired !

[Occult1]

That's why we need more open-source hardware.

''Open source hardware is hardware whose design is made publicly available so that anyone can study, modify, distribute, make, and sell the design or hardware based on that design. The hardware’s source, the design from which it is made, is available in the preferred format for making modifications to it. Ideally, open source hardware uses readily-available components and materials, standard processes, open infrastructure, unrestricted content, and open-source design tools to maximize the ability of individuals to make and use hardware. Open source hardware gives people the freedom to control their technology while sharing knowledge and encouraging commerce through the open exchange of designs.''

Source: http://www.oshwa.org/definition/ and https://en.wikipedia...source_hardware

No disk manufacturer would risk doing this; they would be instantly bankrupted. Nobody would every buy their disks again.

Risk doing what? They probably had no choice. The NSA can do pretty much whatever it wants when it comes to espionage. It can force by Law any US-based tech compagny to install a backdoor in it's software. Since nobody but the company has access to the proprietary source code, no one will even notice it.

See: http://www.tomsguide...news-17517.html

Edited February 18, 2015 by samus

[Occult1]

Err no fan of the NSA. But I'm not trusting firms out of Moscow Russia at this point in time

I would think that the fact that they are based in Russia gives them the necessery freedom to research about the NSA and it's practices.

Edited February 18, 2015 by samus

[RoofGardener]

......Risk doing what? They probably had no choice. The NSA can do pretty much whatever it wants when it comes to espionage. It can force by Law any US-based tech compagny to install a backdoor in it's software. Since nobody but the company has access to the proprietary source code, no one will even notice it.

See: http://www.tomsguide...news-17517.html

Noooo.... I don't think that is true, Samus. Can you tell me - specifically - which clause of which law permits it to force a US-based software company to modify its products ? I don't think any such law exists.

The NSA can request that "backdoors" be introduced, but no major software manufacturer would submit to such a request. They would suspect - rightly so - that this "secret" would eventually be revealed, at which point their worldwide software sales would dry up overnight.

Bear in mind that Microsoft has more money (in its bank account) than the NSA and FBI's combined annual budget. If its core existence was threatened in this way, it could out-lawyer and out-lobby either or both of those organisations. And the publicity could badly damage the NSA (e.g. the public furore could lead to its budget being slashed).

[toast]

This is an OLD hoax.

No it isnt a hoax or do you think that Costin Raiu, Director of Global Research and Analysis Team at Kaspersky Lab, would give

interviews in relation to the malware and its threats if it would be just a hoax? And, its assumed the malware was designed by the

Equation Group (hackers).

No disk manufacturer would risk doing this; they would be

instantly bankrupted. Nobody would every buy their disks again.

The malware dont get installed at the OEMs of/to the devices, the devices got infected by trojans later on.

[Occult1]

Noooo.... I don't think that is true, Samus. Can you tell me - specifically - which clause of which law permits it to force a US-based software company to modify its products ? I don't think any such law exists.

I did not say ''modify''. Install, implemant or introduce 'backdoors' for espionage or State surveillance purposes would be my choice of words. It's a bit more dfficult for them to do so, since the new Amendment of 2014 but it would be naive to think that they can't find ways to get what they want.

The NSA can request that "backdoors" be introduced, but no major software manufacturer would submit to such a request. They would suspect - rightly so - that this "secret" would eventually be revealed, at which point their worldwide software sales would dry up overnight.

The NSA will first approach a US-based company and ask for voluntarily cooperation. Many of them will agree, without any kind of public knowledge. How can you know? Without third-party analysises of a product's source code, you have to put your trust in the company's hands anyway. You'll have a hard time finding evidence of any such cooperation. Their source code is under proprietary licenses and can't be peer-reviewed.

Then there is the constraining methods. They can issue to companies FISA secret court orders under the Foreign Intellligence Surveillance ACT 1978 Admendement Act of 2008 or send National Security Letters (NSLs) under the Patriot Act which, needless to say, is a very strong persuasion. The existence of such letters can't even be disclosed. Yahoo tried to fight the FISA in court as unconstitutional in 2008 but failed. The truth is, it's much easier for a tech company to handover what is requested and be done with it.

From the New York Times:

The judges disagreed. That left Yahoo two choices: Hand over the data or break the law.

So Yahoo became part of the National Security Agency’s secret Internet surveillance program, Prism, according to leaked N.S.A. documents, as did seven other Internet companies.

[...]

But the decision has had lasting repercussions for the dozens of companies that store troves of their users’ personal information and receive these national security requests — it puts them on notice that they need not even try to test their legality. And despite the murky details, the case offers a glimpse of the push and pull among tech companies and the intelligence and law enforcement agencies that try to tap into the reams of personal data stored on their servers.

Source: http://www.nytimes.c...tw-nytimes&_r=0

Edited February 19, 2015 by samus

[Earl.Of.Trumps]

Edward Snowden was their plague.

If it was not for Snowden, we would have no idea that the NSA has had our cellphones bugged for years.

Think about how much power and influence the NSA has over the cell phone manufacturers when they can get them to agree to make the phones to NSA specification - that is, even when OFF the phone will still transmit voice data and the only way you can stop it is to remove the battery.

So what did the NSA say to these manufacturers, we will ban your phone in the US if you do not comply?

Who actually trusts the NSA KGB West?

And again, who the heck trusts the totalitarian American pols that allow this type of espionage to go on unfettered against innocent civilians, as well as politicians in allied countries?

Sorry, but the US of A has slipped into the dark ages.