According to security researchers, the NSA can reprogram your hard drive firmware. And you can't do a thing about it.
Yes, Kaspersky again. Far-fetched or sky-falling?
In IT Blogwatch, bloggers sit quietly and don tinfoil headgear. Not to mention: Vic Perrin is in control…
Your humble blogwatcher curated these bloggy bits for your entertainment.
Jeremy Kirk is enterprising:
The tools, exploits and malware used by the group...have strong similarities with NSA techniques. ... Countries hit...include Iran, Russia, Pakistan, Afghanistan, India and China. Targets...included the military, telecommunications...and Islamic scholars.
Equation’s hard disk drive malware...reprograms the hard drive’s firmware, creating hidden sectors...that can only be accessed through a secret API. MORE
Danny Yadron and Don Clark have good news and bad:
On the one hand, the report...appears to reaffirm that U.S. spies can hack into just about anything...even if the target reinstalls every piece of consumer software. On the other hand, the rest of the world now knows where to look.
The report is an unusually detailed look at an apparently American computer espionage operation. ... Kaspersky described the attackers as the most advanced it had ever encountered. MORE
Careful with that blog, Eugene:
One sunny day in 2009, Grzegorz Brzęczyszczykiewicz [flew to] Houston to attend a prestigious international scientific conference. ... Sometime later...the organizers sent all the participants a CDROM. ... He had just became the victim of an almost omnipotent cyberespionage organization.
It is not known when the Equation group began their ascent. [Perhaps] for almost two decades. [And] they have interacted with...the Stuxnet and Flame groups; always from a position of superiority. MORE
So Cory Doctorow bounces in and out again:
[The] group has committed a string of daring, cutting-edge information attacks.
Kaspersky does not quite say that Equation work for the NSA, but they have produced a wealth of evidence linking the group to the US spy agency. MORE
And Dan Goodin stands in awe and mystery:
[It] rewrote the hard-drive firmware...a never-before-seen engineering marvel that worked on 12 drive categories from manufacturers including Western Digital, Maxtor, Samsung, IBM, Micron, Toshiba, and Seagate.
[It] created a secret storage vault that survived military-grade disk wiping and reformatting. MORE
Meanwhile, Norman Bauman is no fan of the NSA's tactic of keeping secret vulnerabilities:
So everyone should just leave their doors wide open so the cops never have to break a door down to nab a crook? Yeah, right.
The best way to improve cybersecurity is to fix all the exploitable holes. ... But instead...they've left them vulnerable because they're too lazy to...get individual warrants. MORE
Vic Perrin is in control
You have been reading IT Blogwatch by Richi Jennings, who curates the best bloggy bits, finest forums, and weirdest websites… so you don't have to. Catch the key commentary from around the Web every morning. Hatemail may be directed to @RiCHi or email@example.com. Opinions expressed may not represent those of Computerworld. Ask your doctor before reading. Your mileage may vary. E&OE.