If true, the program would give the NSA unprecedented access to the world's computers, even when disconnected from the larger web. Viruses stored on a hard drive's firmware are typically activated as soon as a device is plugged in, with no further action required. They're also usually undetectable and survive reformatting, making them difficult to detect and remove. In July, independent researchers discovered a similar exploit targeting USB firmware — dubbed BadUSB — but there was no indication of the bugs being developed and deployed at this scale.
It also raises real questions about device manufacturers' complicity in the program...
