I’m sure there’s plenty of room to stuff spy tech in a 3rd party external HD. I can imagine it could use the host computer’s network connection to send the data out.
What about RAM? 3rd party RAM and thumb drives?
What are the real security risks? And how are you dealing with them?
We need to be able to backup to external drives, and uses thumb drives to be a viable work machine.
What is the real risks? How are others closing them?
How would the HD get access to the network connection?
I’m thinking that if something like an external HD or any other kind of external “box” that you connect, as long as it does not have any radio functionality inside it, and as long as you have control over the interface used to connect it, then it will never be able to contact the outside world. Am I missing something?
It could still corrupt your data in clever ways, like replacing some of your files with malicious files, but all that would have to be done based on predefined rules programmed into it from the beginning since it cannot communicate with the outside world.
One example of a possible attack I can think of: if you have installed GNU/Linux on a malicious HD, the HD could be setup so that it replaces some well-known and important executable like your “ssh” client, replacing that with a malicious version that sends your login details to the attacker.
Assuming we’re talking laptop / desktop then perhaps the bus that the disk is on has direct access to memory, in which case you could make a very sketchy case that a rogue disk might be able to drive your network controller.
I think the idea is that you are doing host-based encryption (e.g. LUKS etc.) - so that a rogue disk cannot spy on your content at all and any attempt to corrupt data in a controlled way would fail.
That of course only applies to the encrypted partition. You would be relying on something like the Librem Key to provide a guarantee of integrity for the boot partition i.e. rogue disk could corrupt it in a controlled way but not without that being detected and rogue disk could read the entirety of the boot partition but I think there would be little if any private information in the boot partition.
So I think the answers are:
I can imagine that If it had malware in a chipset it could get network control and use the host computer’s network to send out the data.
If it can be done, I suspect it is being done.
China has proven to be less than trustworthy so far.
The question I have is how technically possible is this right now?
Also, my comments above relate more to an internal disk rather than an external disk. You haven’t provided information about the type of interface to the external disk but the following may be helpful: https://security.stackexchange.com/questions/118854/attacks-via-physical-access-to-usb-dma
Your question may be academic though. If verifiable (open) disks don’t exist, what exactly are your choices? Trust or don’t use?
In summary for external disks I would say: always use host-based encryption and limit yourself to USB 3.0 or earlier (2.0 or earlier for the truly paranoid).
It is a good idea to use encryption on external disks anyway, doubly so if the disk is used as a backup - because a removable (portable) disk is at higher risk of growing legs.
To resurrect a 50 year old joke:
Write Only Memory (WOM)!
I guess that is approximately “don’t use”. Along similar lines, TAILS is approximately that.
Untrusted USB devices could try to identify themselves as a keyboard to the host system and input malware into the shell and things like that. I am not sure how well this is prevented by proper udev rules and if there are default udev rules in place on Linux for this purpose.
Look at Bad USB attacks.
I’ve heard that some security sensitive organizations deaktivate USB on their employees computers or even block the USB sockets with glue injected in it.
I personally try not to insert any USB device that I do not own, but that doesn’t protect me from malicious USB devices coming from the supply chain.
If you really care about such attacks, you should consider Qubes OS, which isolates USB devices into a VM (which can even reset every reboot).
One way to prevent untrusted USB devices from causing harm to your computer is to use USBGuard. I learned about that project and the underlying kernel feature some weeks ago and took it into use on my laptop immediately. It instructs kernel to block all unknown usb devices. Or at least that’s the configuration I use with it.