I was reading the following article, and then watched an awesome video of somebody reverse engineering the firmware on their hard-drive by utilising the JTAG debugging interface and “diagnostic serial port” to dump and disassemble the firmware, modifying it and then uploading the changed firmware to demonstrate how an attacker could create a persistent backdoor that could survive OS re-installation.
I suggest that you watch the entire presentation as it’s very informative and scary 🙂
Hard disks: More than just block devices
Some very interesting security enhancements could also be created. One idea that I would like to share with you would be if you were to add a file-system driver into the firmware and then added file-system auditing, to keep a checksum of certain files/inodes using a fast hashing algorithm optimised for the ARM architecture wrote to a sector on the disk outside of the OS. Of course you’d need to write the driver in ARM assembly and need the additional space to be able to update the firmware.
Other spin-offs from this research could be better data recovery and performance enhancements.