News Kaspersky outs hard drive infecting malware

scary stuff!

 

All your bytes are belong to us.

 

That's it, I'm going back to punch cards.

 

I'm not feeling too well (man flu) so perhaps I just didn't read the article properly...but where does it say what this malware actually does, apart from simply store itself surreptitiously on a drive? I mean..to what end?

It's a bit like a mouse taking residence in my house. If it's just chilling out, and watching the world go by...fair enough..but if it starts eating my cheese, or changing the locks, well then I'm gonna have a problem with it. What does this malware actually DO?

 

There's a more indepth article on ars about it.

snippit:

 

Was anyone else expecting to see something like this...?

"you're all running infected hardware, so click on this link to replace your HDD firmware with these totally legitimate versions. Honest."

 

Honestly. yes i was.

Information has always been a highly prized commodity that governments have fought hard to both attain and keep secret, information is power and the internet had the potential to change that balance of power away from governments with their vast resources and money to us mere mortals.
No longer do you need to invest vast resources into building machines that enable you to know what is happening on the other side of the world, to eves drop on what your enemy is saying and doing, or to keep your secrets from falling into the wrong hands.

The Internet had, and maybe still does have the potential to shift that control of information into the hands of everyday people, to give people the power to question what their governments tell them, to give them the information advantage, the power of narratives.

Governments will stop at nothing (imho) to regain that information advantage, to regain the power of narratives.

/rant

 

Maybe them Kingston drives everyones been avoiding because of the bait and switch arent so bad after all.

As said though this seems to be extremely rare. I just wonder if there is a more common version.

 

Now your talking, that's more like it.
This needs to happen more with all of us......ask questions, defy convention, don't be fobbed off.

The biggest worry for me, is that the people who we (the general public) may believe to be in a position to offer some kind of help to change this Government/Corporation mutual fornication, appear to be quite content to hide in the shadows and keep their mouths shut.

I am not surprised they are afraid, after all who in their right minds would take on the corporate mafia and its minions?

Telecommunication Giants, Media & Entertainment moguls, Global Bankers, Trade and Industry affiliates, Pharmaceutical Industries, Insurance Companies, GCHQ, NSA and Government are all just playing with our lives to suit there own twisted agendas, regardless of any risk, or conscience, it appears even killing us is not frowned upon.

We are so f*****!

Have a nice day.

 

How difficult would it be for ssd and Hdd manufacturers to include a jumper that prevents unauthorised FW overwrites? It's very rare that the FW even needs updating.

As for USB sticks, again, how many times does the FW need updating? Why not simply sell sticks that can't be reprogrammed by stealth?

 

Exploit - a software tool designed to take advantage of a flaw in a computer system, typically for malicious purposes such as installing malware.

 

From Ars technica's more detailed write-up.

That could be made impossible with a physical jumper that a user has to change the position of to enable FW flash write access. It'd make flashing a drive slightly more inconvenient.

As for encrypted files sitting hidden in the registry with other encrypted data. That's for MS.