Question on risk of getting malware, rootkit or backdoor when buy USB, HDD, SSD, Motherboard

Dear colleagues,

I am new to the topic of cyber security, however i am aware from various experts in cyber security that in recent year different governments or CIA for example have cooperation with manufacturers and they might pre-install various backdoors on USB, HDD, SDD. Is it myth?

If not, is there any method how to erase completely any potential threat?

For example, i want to buy X USB stick with 256gb, super-fast speed, can it have backdoor in it?

Yes hardware is, without doubt, a target at any point where they can get their hands on it. It even has a name. Interdiction.

Example; https://www.theguardian.com/books/2014/may/12/glenn-greenwald-nsa-tampers-us-internet-routers-snowden

Open source hardware tries to solve this problem. We cover all this on the course.

It depends on what the threat is as to if you can erase it. If its a modified firmware, you may be able to flash it. But really this is an extremely hard threat type to counter.

Dear Nathan,

Is the any particular advice from you on how to choose open-source hardware (example with link will be great). Which hardware has the maximum risk of being modified?

There really isn’t much out there.

Thank you so much Nathan!

Would you be using this for yourself if you need maximum anonimity or it is matter of paranoia. For example i use HP laptop for different works and i need to keep max anonimity. Should i change my laptop? It would be quite interesting to hear which model you personally use. Thank you in advance for answer!

I wish to have very quick USB with Debian OS (preferably 3.1 USB). Could you please advice any model that for sure will not have any “surprise” inside?

I don’t have a large need for anonymity. Actually, I’m a public figure with large social media presence. So for me I need to be public for my business.

I have a mac book pro top spec
Other PCs with Debian/Qubes
Servers and VMs

I don’t have any special insight on what USB devices are not fiddled with. But buy it anonymously in the first instance.

The reason of such question is high interest from Government of Russia to watch absolutely everything including journalists and in some cases SSD can play vital role if it is not secure from the beginning

It would not be fun to have Russia as an adversary :worried:!

1 Like