The article said it was necessary to have physical access to the hard drive to recover the data if the target machine was kept off the Net for security reasons. It seems obvious that's how the data has to be recovered in that case. The malware was also able to steal encrypted data--if the user used something like Truecrypt on an uninfected drive, there was absolutely no chance of anyone getting anything off it, no matter if they had the hardware and worked on it for a million years.tomazzi wrote:I didn't said that - I've said, that the attacker needs physical access to victim's infrastructure/hardware to steal the hdd *after* the data is collected.stevepusser wrote:...
Why do you think it's that difficult to infect HDD firmware? Security researchers don't see anything impossible about malware doing that
...
So, although HDD can be infected / re-programmed just like any other system, it would be plainly stupid to do this - just like breaking open door.
I thought it was obvious...
Regards.
....................
However, since a HDD firmware infected machine is essentially "pwned", if it is connected to the Net, nothing prevents the data being extracted through that connection.
The Iranian centrifuge controllers were also kept off the Net to prevent this type of thing, but were still infected with Stuxnet from a flash drive, accidentally or otherwise. But that malware was designed to damage the centrifuges, not extract data.
Re: the moon landings. Nasa also had to send up secret manned missions to deposit the laser reflector, fake LEM lander stages, lunar rovers, footprints, etc., so they could appear in moon satellite images, too. BTW, please don't tell me you are going by the "flag waves when there's no air" or "there's no stars visible in the photos" type of "problems", are you?
I started to watch the video, and was first convinced by the use of ALL CAPS (SCIENTIFICALLY IMPOSSIBLE), but then the description brought up the hoary old crap about the Van Allen Belts, so forget it: http://www.ibtimes.co.uk/debunking-myth ... ax-1457501
But this is veering way off topic now.
Funny how the Russians never brought up the hoax argument, even when they had the most incentive, isn't it?