SoylentNews is people
SoylentNews
All of you knew that it could only get worse:
Kaspersky malware probers have uncovered a new 'operating system-like' platform that [they claim] was developed and used by the National Security Agency (NSA) in its Equation spying arsenal. The EquationDrug or Equestre platform is used to deploy [an estimated] 116 plug-in modules to target computers that can siphon data and spy on victims. So far, only 30 modules have been identified.
"It's important to note that EquationDrug is not just a trojan, but a full espionage platform, which includes a framework for conducting cyber-espionage activities by deploying specific modules on the machines of selected victims," Kaspersky researchers say in a report.
The article goes on to explain that Kaspersky further believes that the software is part of the "NSA's campaign to infect hard disk firmware". There is considerably more detail in the article.
I think I am going to get my old manual typewriter out of the garage, get a new ribbon, use U.S. Mail instead of e-mail, and buy more ink for my fountain pens.
(Score: 3, Insightful) by Gravis on Monday March 16 2015, @04:12PM
there is no need for the average joe to be concerned about an NSA RAT (Remote Administration Tool) ending up on your drive. i've read up on what Kaspersky has found and it seems hdd/ssd firmware hacks are only used for important targets, so for now, you should be more concerned about getting struck by a lightning bolt. unless you are in the middle-east to far-east, there is almost no chance of them going after your computer. the RATs Kaspersky has found are Windows programs, Mac OSX programs and PHP code injections. it seems terrorists are a very windows centric crowd, dont use windows.
what the average joe should be concerned about is the NSA weakening encryption standards and closed source software. closed source software far more likely to have a built-in backdoors, security vulnerabilities and actually be malware. you should however avoid running PHP code on anything because PHP is a security nightmare. scripting in general is a security threat due to the possibility of injecting code but PHP takes the cake. open source doesn't have perfect security but at least with open source you can make a secure system.
(Score: 1, Insightful) by Anonymous Coward on Monday March 16 2015, @05:05PM
> so for now, you should be more concerned about getting struck by a lightning bolt.
But now that the means has been exposed, its going to end up in a rootkit and pretty soon all of us will have to worry about it.
That's the problem with the NSA - the best defense is not a good offense because a good offense teaches all the bad guys how to attack the weakest among us.
Instead of exploiting this, they should have designed a fix for it and given it away to all disk manufacturers.
> unless you are in the middle-east to far-east,
In which case you should be more concerned about getting struck by a drone strike
(Score: 0) by Anonymous Coward on Wednesday March 18 2015, @03:59AM
+1 Insightful
(Score: 3, Insightful) by Anonymous Coward on Monday March 16 2015, @05:48PM
That is a very short sighted reaction you have there...