All of you knew that it could only get worse:
Kaspersky malware probers have uncovered a new 'operating system-like' platform that [they claim] was developed and used by the National Security Agency (NSA) in its Equation spying arsenal. The EquationDrug or Equestre platform is used to deploy [an estimated] 116 plug-in modules to target computers that can siphon data and spy on victims. So far, only 30 modules have been identified.
"It's important to note that EquationDrug is not just a trojan, but a full espionage platform, which includes a framework for conducting cyber-espionage activities by deploying specific modules on the machines of selected victims," Kaspersky researchers say in a report.
The article goes on to explain that Kaspersky further believes that the software is part of the "NSA's campaign to infect hard disk firmware". There is considerably more detail in the article.
I think I am going to get my old manual typewriter out of the garage, get a new ribbon, use U.S. Mail instead of e-mail, and buy more ink for my fountain pens.
(Score: 2) by kaszz on Monday March 16 2015, @02:45PM
If the malware inside the harddisk controller inside the drive doesn't have any influence of the data sent to and from the host it will essentially be toast. And of course no key should be stored on the drive. So when the malware alter the data transferred from the platter to the host, decryption will sense bad checksum and alert the operator. Or even correct it on the fly..
The next step is to prevent the computer from accessing the harddrive controller in a malicious way so it can't be infected either.