Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Speculation
Re: Wall Observer BTC/USD - Bitcoin price movement tracking & discussion
by
bitserve
on 28/02/2020, 01:09:11 UTC
Quote from: jbreher on February 28, 2020, 12:23:32 AM
Quote from: bitserve on February 27, 2020, 04:12:51 PM
Quote from: jbreher on February 27, 2020, 04:00:41 AM
Indeed, I’ve shipped devices that provided canned boot sector data before - not as an exploit, but because the operating environment needed such in order to function. Of course, that was a ‘from the factory’ thing, not a field exploit.

Yeah, that's exactly what THEY wanted you to believe Tongue

Just kidding. Or maybe not... Was that "canned boot" somehow easily replaceable with a different one afterwards? Ie: the canned boot residing in another area of the HD which could be updated or using a custom tool? Or just reusing all the developed firmware, replacing the "canned boot" and generating the payloaded firmware?

Well, the canonical example would be to package a disk with a 'paddle card' protocol converter which sits between the drive and the system's SCSI | ATA | Fibre Channel | 1553 | Ethernet | InfiniBand | whatever bus. The canned boot sector would be resident in the FW of the paddle card. Used for things such as allowing contemporary HDDs to be used as boot devices on legacy systems built before the dawn of large HDDs.

Yeah, well, THAT doesn't look like it would be so easily repurposed for malicious intents. But anyways, the point stands, not only it is theoretically possible but also psycodad has provided some links that would suggest it being exploited in the wild.. even if rare and requiring the exceptional talents and resources of the Equation Group (the malwaretech PoC was not even close).