|
|
|
|
|
|
by tryp
4134 days ago
|
|
|
>Why can't the HDD vendors publish a md5/sha1 hash of the firmware so we know what the value should be? Because the only way to actually verify the hash of the firmware is to connect to the drive's controller outside of the firmware's control with something like JTAG or a direct dump of the flash. Otherwise, the PC would send a command to ask the HD firmware what it's own hash is. The compromised HD firmware can then simply respond with a published vendor hash. |
|
|