Ask Slashdot: How Does One Verify Hard Drive Firmware? 324
An anonymous reader writes: In light of recent revelations from Kaspersky Labs about the Equation Group and persistent hard drive malware, I was curious about how easy it might be to verify my own system's drives to see if they were infected. I have no real reason to think they would be, but I was dismayed by the total lack of tools to independently verify such a thing. For instance, Seagate's firmware download pages provide files with no external hash, something Linux distributions do for all of their packages. Neither do they seem to provide a utility to read off the current firmware from a drive and verify its integrity.
Are there any utilities to do such a thing? Why don't these companies provide verification software to users? Has anyone compiled and posted a public list of known-good firmware hashes for the major hard drive vendors and models? This seems to be a critical hole in PC security. I did contact Seagate support asking for hashes of their latest firmware; I got a response stating, "...If you download the firmware directly from our website there is no risk on the file be tampered with." (Their phrasing, not mine.) Methinks somebody hasn't been keeping up with world events lately.
Are there any utilities to do such a thing? Why don't these companies provide verification software to users? Has anyone compiled and posted a public list of known-good firmware hashes for the major hard drive vendors and models? This seems to be a critical hole in PC security. I did contact Seagate support asking for hashes of their latest firmware; I got a response stating, "...If you download the firmware directly from our website there is no risk on the file be tampered with." (Their phrasing, not mine.) Methinks somebody hasn't been keeping up with world events lately.
how ? (Score:5, Insightful)
This is pointless without JTAG hardware to directly access the flash memory.
Normal users would read/update the firmware through the existing firmware, so if that's been tampered with there's no way you can be sure.
Re:how ? (Score:5, Insightful)
And how many lay people even know what JTAG is?
You, the individual, can't hope to keep up with organizations that can out-spend you hundreds to thousands of times in terms both man-hours and money. How can you even know if the code you download off the manufacturers' web sites hasn't been tainted during production? Your only hope is to stay below their radar, or have enough trusted people around you or time on your hands to personally go through the code and verify it. I'm betting, even in their mom's basement, hardly anyone has time for that.
Re:how ? (Score:4, Insightful)
And how many lay people even know what JTAG is?
This doesn't matter as much as you think. If people who know what JTAG is each verify a few random devices they have access to and find nothing then we know that the majority of devices are okay. The whole general infrastructure is more or less sound. On the other hand if they find a few examples, then there will be proof that there's a problem and there can be a serious attempt to replace everything because there's a real demonstrated problem.
Re: (Score:3)
How can you even know if the code you download off the manufacturers' web sites hasn't been tainted during production?
You can't, but you can be quite sure that the manufacturer will take serious measures to make sure this doesn't happen. This protection against tampering to compromise computers just piggybacks on more general protections to keep firmware sound, such as tests to make sure there are no bugs in the firmware that cause data loss, and that software published on the web site is the software the company intends to publish.
This for the simple reason that one mistake here may result in bankruptcy, as people may los
Re: (Score:2)
Re: (Score:3)
Copying some data is quite different from replacing data, and far easier to do unnoticed. The NSA copied existing SIM encryption keys; they did not attempt to replace them with their own keys or so.
It is pretty hard to detect an intrusion, access to data, and copying of that data. Especially if the attacker gets access through an authorised account by getting their hands on someone's login credentials.
It is much easier to detect the replacement of data: this can be done with e.g. automated cryptographic che
Re: (Score:2)
Re:how ? (Score:4, Interesting)
You can't, but you can be quite sure that the manufacturer will take serious measures to make sure this doesn't happen.
I worked for HP when every computer re-imaged in their repair shop was sent out with a virus. Other makers have essentially recalled new PCs for the same thing. I can't give cites, because it's covered up. 10x the budget of the repair department was spent to hide the problem. To convince people it can't happen. Must trust the chain of trust. Even when it's broken.
Re:how ? (Score:4, Funny)
As many already pointed out: you can not trust the firmware image provided by the drive itself, for the simple reason that you have to talk to the very firmware you try to verify, and which may be compromised.
Think of the kid calling "are there any monsters under the bed?", and the monster under the bed answering "no!".
Re: (Score:2)
Re: (Score:2)
You, the individual, can't hope to keep up with organizations that can out-spend you hundreds to thousands of times in terms both man-hours and money. How can you even know if the code you download off the manufacturers' web sites hasn't been tainted during production? Your only hope is to stay below their radar, or have enough trusted people around you or time on your hands to personally go through the code and verify it. I'm betting, even in their mom's basement, hardly anyone has time for that.
This. We have reached the point where electronic security for most individuals is simply not possible. The problem is that it's "hard," and most people that aren't security professionals (and even some that are) will never understand how things like encryption, asymmetric keys, etc. work. Which means that in order to secure themselves, they HAVE TO trust someone to take care of those details for them. But any company these days essentially has to be assumed to be under the control of a government, or will i
Re: (Score:2)
I'm betting, even in their mom's basement, hardly anyone has time for that.
Time and money are fungible in this case (buy equipment, hire an expert). Rich corporations have time and money to do this. "The People" most certainly do not. Plutocracy managed.
Re: (Score:2, Informative)
Re: (Score:2)
Re: (Score:2)
Sure, if there's a competitive reason to do so.
After all, they do the same for power/data/audio connectors too. (or at least they did.. *cough*nokia*cough* )
Re: (Score:2)
Sure, if there's a competitive reason to do so.
There isn't one. If somebody REALLY wanted to rip off the firmware, they'd just unsolder the chip and buy a matching reader for about $50 from digikey. The skills required to do it aren't terribly difficult, and in fact it requires less skill to pull that off than it does to read from a jtag port.
Any EE worth a shit would be well aware of that, and wouldn't bother disabling the jtag for that reason; if anything they'd prefer to leave it intact to facilitate troubleshooting RMA'ed parts so that they are chea
Re: (Score:2, Informative)
Second, you don't typically "disable" the JTAG interface on a released device -- what you do is set some "lock bits" or equivalent in the MCU, so the firmware cannot be read. No need to disable JTAG for that.
But sure, go on demonstrating how little you know about the matter... AC after all.
row:how ? (Score:3)
Nuke it from orbit. It's the only way to be sure.
Re:how ? (Score:5, Interesting)
Of course, reading the memory from the computer you booted the hard drive from means you are potentially running a compromised machine if the hard drive is compromised.
But if you booted a different, known-good machine, then mounted the hard drive in question as a secondary drive, it seems feasible you should be able to read and verify the firmware.
Seagate's response here seems ridiculously out of touch, and I can only hope that their posture on this will adapt quickly as the news and newfound scrutiny of the hard drive firmware layer trickle through the organization's practices.
Re:how ? (Score:5, Informative)
No. The hard drive itself is a computer and is compromised. It doesn't matter if you boot off of it or connect it later. You can't trust anything coming out of the main interface.
Many hard drives have a secondary TTL level serial port that you can use to load new firmware on a bricked drive. It's possible that the serial connection is wired in such a way to be safe from corrupt firmware. So it might be possible to recover a compromised hard drive that way, but I wouldn't trust it without a lot more information about the serial port and how it works than is publicly available.
Re: (Score:3)
But if you booted a different, known-good machine, then mounted the hard drive in question as a secondary drive, it seems feasible you should be able to read and verify the firmware.
No, you would be going through the processor on the HDD, that is running the supposedly compromised firmware. There would be nothing to stop it from lying to you about updating itself. Firmware malware would most likely be implemented as a stub that checks for a special key like "NSA_1234", and otherwise jumps to the "real" firmware, so there would be no way to test for its presence without knowing the key. They only way to be sure, would be to write directly to the flash via the JTAG port.
Moving the HDD
Re:how ? (Score:4, Interesting)
Off hand I can already think of a technique I myself have deployed (not written by me) when hacking DirecTV smart cards, or what I know Xbox 360 mod chip users do: Use "stealthing" code that presents the data that is SUPPOSED to be there when asked by any existing commands that are used to read the firmware contents, but otherwise the hacked code is what gets executed during normal running operation.
It wouldn't surprise me if whoever wrote this went to such lengths to add this kind of feature to their firmware. I mean look how excruciatingly feature packed stuxnet was.
Re:how ? (Score:4, Informative)
No... no, you're missing it. The firmware isn't some magical OS. The firmware runs whenever it's connected. Not only when its booted from. Do you know what firmware is?
The firmware handles all requests. So clearly, you are requesting data from something that's tampered with, to see if it's tampered with. It's entirely possible that to make their firmware harder to catch, the firmware would only give you the "false" previous firmware data as you talk to it. Given the complexity of all of their groups viruses we've seen so far, and the fact they compress their payloads, this is not far fetched at all.
I mean, have you ever even used a microcontroller before? How do you think data gets off your hard drive?
Re: (Score:3)
I used to write hard drive firmware.
Here's what I would do: pull the controller board off a drive. Write a piece of software that emulates the physical drive to take it out of the equation.
You have to find a way to read the firmware. If you have to desolder a chop ad read it that's ok. Do this to many drives and eventually you'l find one of these that isn't like the other.
Now figure out what it's doing.
The firmware on those drives is not in the slightest bit complicated it's actually very straightforward.
Ol
Almost impossible (Score:2)
Firmware is usually not signed. Furthermore, I am not even sure that most drives support reading the firmware. Overwriting with a "fresh" firmware might also be impossible, since I assume it happens through vendor extensions of said firmware. A malicious version could be able to thus protect itself.
In the end, such an elaborate scheme is probably directed towards very high value targets. I don't think this is the kind of trojan that runs out in the wild. I could be mistaken, though.
Like you, I do wish it be
Re:Almost impossible (Score:5, Insightful)
In the end, such an elaborate scheme is probably directed towards very high value targets. I don't think this is the kind of trojan that runs out in the wild. I could be mistaken, though.
Millions of people doing on-line banking are a high value target. The investment to design a trojan only needs to be done once.
Re: (Score:2)
Yes we could concoct an elaborate scheme involving some deep firmware hacks on people's harddrive which is highly hardware dependent.
Or you could just send the people a phishing email.
I know which I would be doing if I were going after the millions of dumb users out there.
Re: (Score:2)
Ebanking often depends on two-factor authentication. Furthermore, this is exactly the kind of situation that would rapidly generate enormous publicity. Do you think that people losing thousands or millions are not going to notice? A firmware trojan in that situation would be very short-lived. Everything is possible, of course, but I would be more inclined to think industrial espionage or three-letter agencies, where this kind of "weapon" is likely to be used with discretion and over a long time.
Not considered a real risk - at least, until now. (Score:2)
Most likely there are no such tools as no-one thought it could be a vector of infection. Just like the BIOS; which used to be a non-reprogrammable ROM chip. I for one didn't know current hard drives even had firmware that can be replaced by the user, let alone that it may be a potential attack vector for malware.
Depending on how hard it is to read the installed firmware from a hard drive (is this even possible in the first place?) it shouldn't be too hard to write a tool that can read the firmware, and calc
How it's done: Link to SpritesMods.com article. (Score:5, Informative)
Re: (Score:3)
That's a great article. So to answer the question in the summary, the way to verify your firmware is:
Buy an identical replacement drive
Use the vendor tool to install the same firmware version
Use the tool described in the article to read the firmware from each drive over JTAG
Compare the two copies to see if the suspect drive has been modified.
Re: (Score:2)
I don't think I quite believe you and last time I checked I needed quite a server farm to (reliably) produce one collision in a meaningful amount of time.
Hashes not useful (Score:5, Informative)
Seagate is correct. Putting a hash on the website doesn't improve security at all because anyone who can change the download can also change the web page containing the hash.
The fact that this practice is widespread in the Linux world originates from the usage of insecure FTP mirrors run by volunteer admins. There it's possible for a mirror to get hacked independently of the origin web page. A company like Seagate doesn't rely on volunteers at universities to distribute their binaries so the technique is pointless.
A tool to verify the firmware is poetically impossible to write. What code on the drive would provide the firmware in response to a tool query? Oh right ..... the firmware itself. To make it work you need an unflashable boot loader that acts as a root of trust and was designed to do this from the start. But such a thing is basically pointless unless you're trying to detect firmware reflashing malware and that's something that only cropped up as a threat very recently. So I doubt any hard disk has it.
BTW call a spade a spade. Equation Group == NSA TAO
Re: (Score:2)
Re:Hashes not useful (Score:4, Interesting)
What they need to do is put a bootloader in there that can't be read or modified, and then sign the firmware binary with the bootloader's key.
Re: (Score:2)
Re: (Score:2)
At this point, they could simply ship their public key in print and sign all present and future versions.
Re: (Score:3)
Won't work. See the modification of Cisco hardware intercepted between manufacture and delivery.
Open-source the whole stack. Require access to reflash the firmware securely by independent means.
Previously I would have thought this a pipedream, but with China looking to deny access to its markets to insecure equipment, I'm hopeful that this will happen.
Re: (Score:3)
If something in your computer is compromised, you are f*cked. At defcon they demonstrated the ability to infect multiple hardware devices on the PCI bus, so even if you manage to get rid of the malware from one device, it was still spreading from the rest.
Re: (Score:2)
Won't work. No one is actually looking for esoteric bugs in complex code that can lead to an attack. See: glibc.
The firmware image on the device does not have to let you reflash it. It can happily report "success!" while doing nothing. It can also re-infect the new image - the device is powered, so the existing firmware can be running. Additionally, you're assuming this "independent reflasher" is itself secu
Re: (Score:2)
Why does the firmware on the drive have to report it's actual hash? The malware could easily respond with a "known good" hash.
You reading the firmware and calculating your own hash? Why does the malware have to respond with the firmware that is actually running? Again, respond with a "known good" firmware image, and go on your merry way.
Re: (Score:2)
Seagate is correct. Putting a hash on the website doesn't improve security at all because anyone who can change the download can also change the web page containing the hash.
Which is why I always laugh my ass off at all these people who use PGP to sign things and put a hash on the same website you download it from ... look you can verify this file you downloaded from the website hasn't changed because theres no way anyone would be smart enough to update the hash as well!
And that my friends is why PGP is effectively useless in the real world unless you physically exchange keys securely.
Hashes can be useful. (Score:2)
Which is why I always laugh my ass off at all these people who use PGP to sign things and put a hash on the same website you download it from ... look you can verify this file you downloaded from the website hasn't changed because theres no way anyone would be smart enough to update the hash as well!
That's why you SIGN the hash. Then only the public key needs to be published by a different route.
And it doesn't HURT to publish it on the web site as well: Then someone tampering by substituting a different p
Re: (Score:2)
Seagate is correct. Putting a hash on the website doesn't improve security at all because anyone who can change the download can also change the web page containing the hash.
While I agree just slapping a hashtag on a webpage doesn't necessarily improve security, it doesn't follow that it can't.
Security is a holistic property; it's a property of a system as a whole. An important part of that is detecting when you've been hacked and knowing in advance what you're going to do. There are many scenarios under which publishing the hash codes of downloads improves security, but that *always* depends on people doing certain things, many of which can be automated on the vendor end.
Re:Hashes not useful (Score:4, Informative)
Seagate is correct. Putting a hash on the website doesn't improve security at all because anyone who can change the download can also change the web page containing the hash. ... A company like Seagate doesn't rely on volunteers at universities to distribute their binaries so the technique is pointless.
There are many possible attacks. A hash on a website is not invulnerable to a rogue employee at Seagate (or one "just following orders").
A hash protects against a rouge insertion at the endpoint. Like if your PC is compromised by an attacker and then you pull the hard drive and [assuming there's a way to get a hash from SMART/ATAPI) you can compare the hash of the firmware that the drive is running to the list of published firmwares at the vendor's site. If the attackers are only modifying a small subset of drives, this works fine - they can't also intercept the check to the vendor's site - not unless they've broken TLS and/or have malware on every possible machine.
A tool to verify the firmware is poetically impossible to write. What code on the drive would provide the firmware in response to a tool query? Oh right ..... the firmware itself.
Well, today you can pull the image from JTAG, or so the experts have said (you can verify the firmware directly from memory with a hash if you have moderate funding). There's all sorts of talk about how ATAPI is write-only for firmware because the vendors don't want their competition to get their code and decompile it. This appears to be nonsense, as any other drive vendor already has the debug tools to pull such things from memory, and extracting it from an update isn't that hard - if a 16K DOS update utility can extract it, so can a multi-billion dollar R&D company.
To make it work you need an unflashable boot loader that acts as a root of trust and was designed to do this from the start. But such a thing is basically pointless unless you're trying to detect firmware reflashing malware and that's something that only cropped up as a threat very recently. So I doubt any hard disk has it.
They most certainly do not. So, here we are at today and need a way forward. There are a few ways forward, a fistful of crypto protocols to choose from to ensure future usefulness of hard drives for security applications, and INCITS/SATA-IO ought to be having emergency meetings _right now_ because this (NSA/GCHQ) is a major threat to the industry. The vendors may need to move operations outside of five-eyes to remain commercially viable.
Re: (Score:2)
Why does the malware have to respond with the actual hash of the firmware? Respond with one of the "known good" hashes.
If you're reading the firmware and calculating a hash, the firmware does not have to give you the firmware that is actually runnin
Re: Hashes not useful (Score:2, Interesting)
Even if a hacked firmware isn't calling home, there are many things it can do. A simple example is detecting a read of /etc/shadow and replacing the hash for the root password with a known hash. Pwned.
Pretty pointless (Score:5, Interesting)
I'm still waiting for the first CEO to go to jail for refusing this.
Either it's easy to say "No", or nobody bothers, because "war against terror etc.".
Re:Pretty pointless (Score:5, Interesting)
Obviously the under-reporting of what happened to Joseph Nacchio of Qwest Communications by the corporate media is working.
He refused to cooperate with the NSA because he believed (correctly) that their requests for blanket spying on customers were illegal. Keep in mind this was before Bush signed the law granting telcos retroactive unconstitutional immunity from breaking the law, because every other company apparently cooperated with this. The NSA could have gone to the usually rubber-stampy FISA Court, but apparently they were worried that even that normally useless body would rule against them.
Then Mr. Nacchio got conveniently arrested and charged with "insider trading" and his company got harassed with threats of not getting any more government contracts. He was prevented from bringing up any of the NSA strong arm tactics in his defense because "national security", a concept and government authority I conveniently can't find anywhere in the Constitution of course.
He's out of jail now, fortunately. At the time of course all the national security state types were out trolling that people who believed the NSA would do such things needed tinfoil hats, etc. and now of course thanks to another American hero we know the depths of contempt to which they hold the rule of law and the Constitution.
So one CEO did go to jail for protecting his customers. In fact, with all the dirty dealings, corporate spying, financial misdoings, and basically crashing the US economy in 2008, isn't it funny that the ONLY high profile CEO put in jail of late was somebody trying to do the right thing for average people? Everyone should think long and hard about that.
MOD PARENT UP (Score:2)
MOD PARENT UP
Re: (Score:2)
I guess even if there was a way, the vendor would probably just get a NSL to put the backdoor in himself
NSLs can't do that. The law is quite specific about what an NSL can request. Not only can't it demand pro-active measures like backdoors, NSLs can't even demand the content of communications that the recipient already has. NSLs are limited by law to demanding communications metadata only.
Well, I suppose a letter can be issued that demands anything at all, and companies may choose to comply, but they don't legally have to if the letter specifies more than what is allowed by law.
Re: (Score:2)
Re: (Score:2)
You are assuming the company would know the legal limits of an NSL. you are assuming the company would care about legal limits. If the NSA agent makes a good case of "Terrorism" then they will likely get what they want.
Of course the company would know the legal limits. They have attorneys.
That they might not care I addressed in the second paragraph.
Re:Pretty pointless (Score:5, Insightful)
I'm still waiting for the first CEO to go to jail for refusing this.
Dude, you're fourteen years behind [wikipedia.org] the news. The technique is not to get you on the "refusing NSA" charge, but any of the other countless criminal acts [amazon.com] you commit every day. This is the primary purpose of a hyper-criminalized environment - so that everybody can be easily bent to the whim of the power structure. See also: charge stacking and the de-facto abolishment of the Sixth Amendment through the plea-bargain process (or, if you're a corporation, the no-plea deal for really efficient fascism [econlib.org].
Re: (Score:2)
But as you say, that was fourteen years ago.
And it was (IMO) partly his fault.
Apple's accounting has been under the microscope for a couple of years, going as far as citing the CEO in front of a Senate hearing. Given the state of Uncle Sam's finances, I guess they would have found something by now.
We need hardware write-protect for firmware (Score:5, Insightful)
We need jumpers or physical switches that prevent firmware stored in flash (whether it be GPU firmware, BIOS, HDD firmware, network card firmware or whatever) from being overwritten unless you specifically flip that switch.
Re: (Score:2)
Amen. A firmware write-protect jumper is the only rational solution. Ideally it goes on the front of the drive so it can reasonably be diddled without pulling drives out of arrays.
Re: (Score:3)
So you would likely flick the switch trusting it was Dell BIOS update yet its a BIOS update carrying spyware.
Yes, the need to have some kind of open bios (coreboot? pretty lumpy process, though) is real, but that doesn't decrease the need for write protect jumpers.
Re: (Score:2)
Yeah, it's not like open source software like glibc was recently found to be vulnerable.....
Re: (Score:2, Interesting)
In the back of my head for several years now I was thinking the same about the operating system.
Total ignorance of the nut and bolts of OS interiors, but put a copy of the OS on a physically protected chip to verify the integrity of the OS. Yes some files do change but they can be handled as exceptions and stored else wise.
Re: (Score:3)
What good will physical switches do if a virus is waiting for you to flip that switch to write-enable so that it can now infect the HDD firmware? Switches would be useful if you never update the firmware. In which case, eliminate the switch and make the firmware permanently read-only. My point is, we need a more secure way to update firmware.
Re:We need hardware write-protect for firmware (Score:5, Informative)
What good will physical switches do if a virus is waiting for you to flip that switch to write-enable so that it can now infect the HDD firmware? Switches would be useful if you never update the firmware. In which case, eliminate the switch and make the firmware permanently read-only. My point is, we need a more secure way to update firmware.
Unless the virus is resident in Bios, (which can also be protected in the same manner), it would be impossible to be infected if you are in a power off state, then enable your switch/jumper, power on, flash your firmware, then disable the switch/jumper after completion before booting into your OS.
In the old floppy days things were pretty much this way. Time to go back.
Re: (Score:3)
This could work. As long as the OS is not started during the update... only an uninfected BIOS running and a flash drive would be involved in updating whatever firmware requires updating.
Also, the BIOS should flag an error and stop booting to OS if any firmware switch is in the write-enable position.
Re: (Score:2)
From what? You saved it to some local storage, where it can be modified. For example, you saved it to your hard disk which you now are attempting to re-flash. But the hard disk was infected. It detects that you ware writing a firmware image to the disk, and injects itself into the new firmware image.
Firmware malware is not a trivial undertaking. So we're talking about extremely extensive effort by people who can develop very sophisticated attacks. You can't expect that th
Re: (Score:2)
Absurd... just how often do we ever need to update our drive firmware? I've never had to in twenty years and as many computers. And given this revelation I never would want to turn off the write-protect for a likely unnecessary update.
Re: (Score:2)
Re: (Score:3)
If you've got HP blade servers and call in with something even as mundane as a hard drive or mezzanine card failure, they will often insist you upgrade the firmware before agreeing "yes the hard drive is fuxxored" and sending the replacement part. Even more ridiculous is depending on the tech they might actually ask you to update the motherboard firmware when a motherboard has failed (Um, yeah.), or the iLO firmware even though it is totally unrelated to the problem (fortunately on HP iLO/LOM updates usuall
Re: (Score:2)
The interesting part about waiting to flip the switch is the "why" part. Why would you flip the switch? To install new firmware of course. Why flash firmware on the HDD? Because you have a problem with the current one.
This results in a few scenarios:
1. The malware is hyper advanced and automatically updates to infect the latest firmware.
2. The malware fails as soon as the user updates the latest firmware.
3. The malware completely overwrites the new firmware with the result that the user may attempt to re-fl
Re: (Score:3)
That's a bit like saying that having a portcullis in the castle gate doesn't help you if the enemy is already inside the walls, which is unquestionably true, but misses the point that having the portcullis makes it harder (although not impossible) for the enemy to do that.
I agree that a more secure way to update firmware, but we have to be realistic in that this would also tend to create new targets for malware writers (e.g. stealing signing keys).
I suspect what we really need is stuff that will occur *outs
Re: (Score:2)
Re: (Score:2)
I've wondered why we don't do the same thing for HDD data. I bought an early SATA-USB 3.0 adapter which turned out to be a forensic tool for law enforcement. There's a jumper on it which can make the HDD read-only.
What if you could set up your website, physically move a jumper to ma
Doable (Score:3)
Simply because attack code doesn't know what output verification code must produce. It either must execute new code (will be busted) or not (will be busted). Putting a full blown interpreter (or some trap mechanism on flash access) will screw timing - again it will be busted.
Re: (Score:3)
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Why? To create the malware, they most likely reverse engineered the old firmware. So they know what verification code they must return.
The solution (Score:2)
should be that firmware is firmware. Please test rudimentary blocks of computing devices before you produce 100 of millions of a series.
I expect the manufacturer actually does something like a read/write test for typical conditions.
I may even accept or wish to get HDs which are one year behind SOTA, if they were not pushed out of the door in whatever shape the SW is due to a marketing deadline.
For such device i happily would pay more, if the "programmable" fuses are set/burnt.
How is a HDD firmware written? (Score:2)
Re: (Score:2)
The firmware is either stored on flash memory, or more recently, on the drive itself. Only a small bootloader is still in flash/rom of the controller
That sounds like a chicken-egg problem. If the drive can access the platters without firmware, what's the point of the firmware then? Or if the 'small bootloader' can actually access the platters, then what does it need to read the 'real thing' from the platters for?
How much CPU power & storage in HDD controller (Score:3)
How much CPU power is in HDD controllers and how big is the flash storage on the controller?
I'm mostly just curious, but I wonder how much "elbow room" there is to do something nefarious like blocking updates or protecting boot sectors without compromising drive performance significantly.
Is there a mechanism for running software on the drive controller -- passing input, getting output, etc?
Re: (Score:3)
Re: (Score:2)
That was fascinating, thanks for the link (and the lost 45 minutes reading about the guy's other genius hacks).
Re:How much CPU power & storage in HDD control (Score:4, Insightful)
Well, if you're the drive controller firmware, storage space is a non-consideration for the most part. You can store stuff on the drive platters. A certain percentage of those are reserved for sector reallocation anyway, so you could use those without anyone really every being the wiser.
Re: (Score:2)
I doubt you need much, really.
All the malware part has to do is to read the rest of the software from disk upon boot, then hide that part of the drive from the OS. This way you could hide a pretty big piece of software on the disk, and with today 500 GB kind of capacities being the norm, the user won't notice unless they look really really carefully at the numbers.
Re: (Score:3)
There is enough flash and ram to run Linux on the controller. I've seen it done at Ruxcon/Breakpoint where the hard drive booted up to the point where it couldn't find a root disk to mount.
It is trivial to make firmware that watches for things like /etc/shadow files and returns something else. You can have this code activate by searching for data that would be logged and hunting for the magic key and that is trivial since every system logs to disk.
Secure Boot + Full disk encryption (Score:5, Insightful)
Actually, the much hated Secure Boot (with the shim loader, MOK, and GRUB2), combined with full disk encryption (for example using LUKS), and in filesystem compression (btrfs2) can quite nicely protect you from anything that a malicious firmware in a harddrive could do. The firmware will only ever see encrypted data passing through it, except for when loading the bootloader and the kernel, which will both be cryptographically verified by UEFI. The in-filesystem compression is there to compensate for the compression SSD drives normally do themselves to gain additional speed that will be impossible to do that on encrypted data.
Sure, this basically converts the problem to trusting the main BIOS (UEFI), but that's something you have to solve in any case.
Re: (Score:3)
Of course the UEFI code cannot bypass the drive firmware. From the point of view of secure boot, the boot media is untrusted, and thus it doesn't care whether there is any malicious code in the drive firmware. It simply verifies that anything it loads from there is signed and thus uncompromised. If the bootloader or kernel were tampered with, Secure Boot will refuse to boot.
Important topical idea! (Score:2)
I have long believed that if it was as hard to maintain a car as it is to administer a computer, the world would stay home and read books.
It is the manufacturers' responsibility to ensure that hardware does what it is supposed to, does it correctly, and does ONLY what it is supposed to do. In the coming age of self-driving cars, personal care robotics and so forth, it is inexcusable for the builder to make defective stuff. I suspect we will have to go back to first principles instead of relying on software
"Why don't these companies provide verification" (Score:2)
Because it's never been an issue before.
Seagate HDs (Score:3, Informative)
Re:Seagate HDs (Score:4, Insightful)
FTFY.
Boot from rescue disk, inspect disk and boot proms (Score:2)
Boot from a randomly chosen Linux rescue disk, and check the various proms. You've used the boot rom to boot a CD/DVD, but what you've booted is wildly different from the Windows systems that are the common target, so the attackers will have great difficulty in hiding what they've done from an unfamiliar system.
It's actually easier to hide evil stuff in disk proms, as your only access to them is via routines *in* the disk prom, as one of the other commentators pointed out,
Re: (Score:2)
And those proms are read by the firmware in those proms. Why does the firmware have to respond with what is actually running?
Security by Oscurity (Score:2)
Here is the problem:
Manufacturers guard their intellectual property fiercely, and they guard their proprietary firmware fiercest of all. Thus the API for uploading drive firmware is Write Only (WO). Thus within the existing API and interface there is by design no way to validate the firmware. What that means is that, if you are able to build your own firmware (because you have a copy of the source, obtained deviously) then you can alter it to your own ends and even make it so that the (WO) overwrite API doe
I guess the real question is: (Score:2)
Do you think an infection would be more likely to come from hackers that somehow modified the drive after the manufacturer shipped it, or do you think it is more likely that the NSA (or whoever) already work with the manufacturer?
If the latter, chances are the option with least security risk is to not update it at all, especially if its an older drive.
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
SSDs
Re: (Score:2)
Are these root vectors playing the odds and assuming they'll be installed on an x86 machine running Windows7, so they put that payload in the firmware?
It's not like the firmware has an IP stack.
It doesn't take very many bytes to make one. And your hard drive is communicating over a bus. You'd be surprised what types of communication protocols are recognized over various internal data paths... How do you think those old Ethernet-over-SCSI adapters worked?
Or the malware might cover its tracks. (Score:2)
If you ask the drive to read out the whole flash.
The maybe the firmware would have to go to the platter to get the real image.
Or the malware could regenerate the un-attacked version.
For instance: If it's a patch that loads into an otherwise cleared-to-known-vallue region it can detect that region while reporting flash content and report the cleared value, instead. Add a couple other tiny regions where it saved (or alread knew) the previous contents where it "sank it's hooks" and you can't tell it's there