Whilst going full libreboot and modding a QX9300 into a T500, slow hdd storage is painful too a price to remain full libre. We know for a fact, that all Sandforce controllers and basically every product from WD and Seagate are backdoored. You can isolate it using USB 2.0, but it's too slow.
Non Western Sata SSDs it is then. All chink government PCs use Renice and/or Runcore SSDs, since the chinks wrote their own controller and built it themselves backdoor free. I have seen those two recommended often.
Anyone got experience or with those? Any other suggestions?
Also saw a IT-Security Blog doing a great explanation in detail, can't find it right now.
Michael Baker
I don't. The choice is between a Highly Likely backdoored, supported by evidence western drive and a drive that may or may-not have backdoors eastern one.
If I had the choice, I would rather give my data to China instead of the NSA.
Alexander Nelson
That's like picking between AIDS and HIV, you'll still fucking die
Let's say I'm Russian. What is worse, NSA or China? Or it doesn't matter? (Now that the Russian puppet was made your president, will it mean that NSA shares all data with FSB or what?)
That's quite a ways off from harddrives having ARM based micro controllers, which can run linux being installed on every storage device, with proofs from Intel ME running programs which can read out your RAM on even less capable ARM micro processors.
Benjamin Martin
Best way to protect against harmful firmware in your drives is to: This doesn't nessairly protect you, but heavily reduces risk of less sophisticated attacks like cacheing or altering files in transfer. This ensurses that the drive has not tampered with your kernel, which is one rout it could take to get net access. If you use full disk encryption including your /boot partition, this might not be nessary. If you don't use libreboot/coreboot and just configure grub on mbr/efi to check signatures then it's not really protecting much, as the kernel and keys are both being read from the drive, though it might be worth doing since it's easy and might thwart some simple scripted attacks that didn't accout for signed images. If you have a TPM and use UEFI booting you could sign the grub efi image and enable secureboot, which should prevent the drive from altering the signature file, thus being effectivly like libreboot/coreboot in regard to signed kernels. UEFI is it's own can of worms in regard to security though, and some question the integrity of TPMs. This will prevent the drive from getting direct memmory access (and thus net access, access to encryption keys, access to pretty much what ever it wants)
If you do all of these it still isn't perfect, but it prevents the drive from preforming more trivial exploits and from getting access to system memmory or a network stack. Thus redusing the risk to fairly sophisticated, probobly targeted attacks that require physical access to recover data from.
Luis Hill
I don't think it matters honestly, especially since Russia puppet states have been in short supply since the collapse of the soviet union. Unless ruskies are the real juden.
Camden Peterson
Why though.
Noah Phillips
Russia has always been under juden control since 1917
What a revelation, it's not like there's groups of non-whites notorious for their Jew removal lust or anything. How many Zig Forums Amerimutt images do you have left before you give up anyway?
Julian Green
Oh, you know very little about harddrives.
There's been a Whole-Disk encryption feature in ATA drives, 'ATA Security', and later on, SED, since forever. The TLAs have had the facilities to re-engineer the drive's firmware so that the ATA password and the like was stored in normally inaccessible areas of disk, making it an easy job to thwart Teh Commies or Teh Druglords. Quantum were accessed in ?2001 of installing trojaned firmware at the factory on the behest of the CIA.
Hey, remember when China was selling to Russia consumer electronics (irons and microwaves and such) with actual botnet inside? archive.fo/6u3oo
Also considering how China and Russia share tips on how to censor the internet, although China probably just wants to sell their DPI hardware to be honest, I'd prefer to take my chances with NSA.
Liam Martinez
I'd just like to interject for a moment. AIDS isn't a disease unto itself, but rather one of the symptoms of HIV.
Why? I would rather give it to the NSA, because they probably won't sell it to everyone. ofc, they could sell it to foreign governments, some random company could sell it to anyone who has the money. And I think NSA would store my data securely, unlike some random company.
Tyler Rogers
that's the joke
Liam Mitchell
Are we advocating now for how the NSA is keeping our data save and secure? What even is this.
Asher Morales
You might be overthinking it. Thing aren't really that bad! Think of all those great cloud services provided to you by Google and others. How would you do backups without them? If a meteor hit your house, all your data would be gone!!!!!!!!!!!!!!11111111 xDDDDD
