is it better to have your main data HDD as internal or external drive?
is it better to connect it with SATA, PATA, USB2.0? which doesn't have DMA (Direct Memory Access)?
how to install open source firmware on my botnet HDD?
microwave your whole system after drilling holes in it, finish off with a sledge hammer as you transfer it to the dump (note: not the dumpster outside your abode or whatever, go to the fucking dump)
okay let's get real though, extern HDs are slow as shit because they have to pass through USB 2.0
Even if you have USB 3.0 (which means your fucking computer is probably pozzed as shit unless you spent a shiton of money on it) it's slow as shit
just leave the fucking outer cover off then pull the HD when you think the glowers are gonna come get you for whistle blowing in minetest
encrypt it too
>how to install open source firmware on my botnet HDD?
You can't. At the moment there's no open firmware for HDDs, only for one SSD model.
>better to have your main data HDD as internal or external drive?
Internal.
>is it better to connect it with SATA, PATA, USB2.0?
SATA.
>>9308 That is too slow. You want to have have all your drives FDE'd and have a shortcut for overwriting the LUKS header with /dev/random. Provided you have modern harddrives a single pass will be enough.
>>9312 Only newer computers have USB 3.0.
Newer computers as a rule don't have coreboot support or any kind of libre firmware.
Only one I can think of is the Talos II Secure Workstation, which costs a shiton of money.
Thus if you have USB 3.0 and didn't spend a shiton of money, your computer is pozzed.
>>9306 USB 2.0 doesn't even need to be pozzed. every implementation is made by complete retards who cant go 5 seconds without introducing a stack smasing vuln (IN NON-PERF-CRITICAL CODE!!!)
>>9305 >buy some archival blue rays
how do you download files to blue rays?
how do you store swap on blue rays?
how do you store temp files on blue rays?
>okay let's get real though, extern HDs are slow as shit because they have to pass through USB 2.0
how is that slow? USB 2.0 has theoretical 60MB/s which is fast. or did you mean the access time and tiny file performance will be much worse than ATA/SATA HDD? can you back that up with some data and evidence?
>Even if you have USB 3.0
do not have, but there are PCI cards for USB 3.0
>it's slow as shit
why
>just leave the fucking outer cover off then pull the HD when you think the glowers are gonna come get you for whistle blowing in minetest
I was thinking of even improved method. You pull out the real disk, then you put some fake one that will be pretending to be real. the real one you hide in some smart way
so the glowniggs take the PC and are happy, but they take it with fake disk inside
>encrypt it too
already encrypted. I am asking more about how to prevent HDD firmware from accessing system memory
>>9308 >make a tiny linux varient thats only purpose is to dd if=/dev/zero any other connected drives
why would I destroy the data?
>>9310 >You can't. At the moment there's no open firmware for HDDs, only for one SSD model.
why linux/coreboot/trannyboot niggs won't make it? HDD is not a spaceship, shouldn't be hard
>>9319 >Newer computers as a rule don't have coreboot support or any kind of libre firmware.
and they have strong hardware backdoors like Management Engine
We're not here to spoonfeed you a solution to your imaginary threat model. Make realistic questions and we'll answer them seriously.
>HDD firmware from accessing system memory
That's not a threat for non-DMA interfaces. It is 'possible' for the firmware to record your decrypting passphrase in it's internal EPROM (and then be physically extracted by someone using a cable), but it will not modify your encrypted files (encryption is done before it gets written to the storage media). These are all theoretical, no PoC was yet made.
>>9337 >Ask them. Coreboot is meant to be a BIOS replacement. Not a universal firmware for whatever you attach to your PCB.
what's the point of open source BIOS for motherboard if your other devices will have backdoored BIOS and hardware?
>That's not a threat for non-DMA interfaces.
which interfaces are DMA, which aren't? USB 1.1, USB 2.0, USB 3.0, ATA, SATA, SCSI?
>It is 'possible' for the firmware to record your decrypting passphrase in it's internal EPROM (and then be physically extracted by someone using a cable), but it will not modify your encrypted files (encryption is done before it gets written to the storage media).
if HDD firmware can read password and store locally, then encryption is broken. how to prevent this?
>>9335 You can get USB3.0 PCIe adapters. There are a few boards that support coreboot that you could plug one of those into. The main problem nowadays with x86, are the CPU vulnerabilities, so even if you have fixed firmware, it sounds like some of the CPUs won't be.
>>9372 >For a hard drive it is slow, and will bottleneck your performance.
what kind of performance? sequential transfer, access time and small files? show data
>>9378 >You can get USB3.0 PCIe adapters.
but is there any advantage of USB3.0 over SATA? like if sata allow DMA but USB3.0 not?
>The main problem nowadays with x86, are the CPU vulnerabilities, so even if you have fixed firmware, it sounds like some of the CPUs won't be.
the biggest vulnerability is ME and PSP. don't have them. meltdown is also easy to avoid. only spectre is hard to avoid, but it's smaller vulnerability
>It is 'possible' for the firmware to record your decrypting passphrase in it's internal EPROM (and then be physically extracted by someone using a cable), but it will not modify your encrypted files (encryption is done before it gets written to the storage media).
>>9414 >A very unlikely to be used security hole
why would reading encryption password be unlikely used?
it is similar to how Apple and other phones record your GPS coordinates all the time and store it in local file, so when police takes your phone they can read where you moved, even if you had no cellular connection
is it better to connect it with SATA, PATA, USB2.0? which doesn't have DMA (Direct Memory Access)?
how to install open source firmware on my botnet HDD?