Author Topic: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.  (Read 35970 times)

0 Members and 1 Guest are viewing this topic.

Offline madires

  • Super Contributor
  • ***
  • Posts: 5231
  • Country: de
  • A qualified hobbyist ;)
 

Online donotdespisethesnake

  • Super Contributor
  • ***
  • Posts: 1104
  • Country: gb
  • Embedded stuff
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #176 on: October 07, 2018, 12:22:59 pm »
DHS says no reason to doubt firms' China hack denials: https://www.reuters.com/article/us-china-cyber-dhs/dhs-says-no-reason-to-doubt-firms-china-hack-denials-idUSKCN1MH00Y

I think that nails it dead, Bloomberg's story is fake news. Reminds me of https://en.wikipedia.org/wiki/Hitler_Diaries

Now we know the story is bogus, the question is how Bloomberg managed to make such a huge cock-up. Unquestioning conservative blogs are already using it as justification to increase the "war" with China, so maybe that provides the answer.
Bob
"All you said is just a bunch of opinions."
 
The following users thanked this post: NiHaoMike, mtdoc, tooki

Offline BravoV

  • Super Contributor
  • ***
  • Posts: 6778
  • Country: 00
  • +++ ATH1
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #177 on: October 07, 2018, 01:47:25 pm »
Now we know the story is bogus, the question is how Bloomberg managed to make such a huge cock-up. Unquestioning conservative blogs are already using it as justification to increase the "war" with China, so maybe that provides the answer.

Not that simple, China is just collateral damage which is inline with the current US political agenda at the international scenes.

Meanwhile at local/domestic affair, this is happening ...

https://www.washingtonpost.com/business/capitalbusiness/pentagon-doubles-down-on-single-cloud-strategy-for-10-billion-contract/2018/08/05/352cfee8-972b-11e8-810c-5fa705927d54_story.html?noredirect=on

https://www.bloomberg.com/news/articles/2018-07-26/pentagon-goes-with-winner-take-all-10-billion-cloud-contract

https://www.washingtonpost.com/business/2018/08/07/oracle-challenges-pentagons-multibillion-dollar-cloud-computing-contract-before-bids-are-even-submitted/

https://www.bloomberg.com/news/articles/2018-06-26/amazon-foes-in-pentagon-cloud-deal-are-said-to-include-sap-csra


... + senates hearing for big companies ...

Offline Cerebus

  • Super Contributor
  • ***
  • Posts: 4850
  • Country: gb
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #178 on: October 07, 2018, 02:29:13 pm »
Agree, and this means Bloomberg's reporter knows better than US DHS and UK NCSC, interesting time indeed.

Counterintelligence is responsibility of CIA, not DHS or FBI. If this is true story, it can have "top secret" seal for decades. Other option is just stock fraud or (unlikely) dumb defamation. We will see soon because investors are very unhappy - shares plunged 50%.

Literally wrong on every fact.

The FBI is the lead agency for exposing, preventing, and investigating intelligence activities on U.S. soil, ...

Foster a fully synchronized, cohesive enterprise that integrates intelligence into operational functions and drives action through Mission Centers to mitigate all threats to the Homeland including-Counterintelligence, Counterterrorism, Cyber, Economic Security, and Transnational Organized Crime.

In 1947 Congress passed the National Security Act, which created the National Security Council (NSC) and, under its direction, the CIA. ..., the CIA was forbidden by law (the National Security Act) from conducting intelligence and counterintelligence operations on domestic soil.
Anybody got a syringe I can use to squeeze the magic smoke back into this?
 
The following users thanked this post: ogden

Offline Cerebus

  • Super Contributor
  • ***
  • Posts: 4850
  • Country: gb
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #179 on: October 07, 2018, 02:49:52 pm »
One peace of nonsense you wrote here. CIA often exceeds what they are allowed to do, however they can operate legally within US. Just imagine how what you wrote would work in practice. They look after some spies who are outside US, those spies contact other spies within US. Nope, we cannot investigate those  :palm:.

Let's repeat that again:

In 1947 Congress passed the National Security Act, which created the National Security Council (NSC) and, under its direction, the CIA. ..., the CIA was forbidden by law (the National Security Act) from conducting intelligence and counterintelligence operations on domestic soil.

If it's on US soil it's the FBI's jurisdiction. If the CIA discover something overseas with a domestic link they have to get the FBI to handle that end of it - just as if, say, the Sûreté uncover a crime in Paris with a London link and have to involve the Metropolitan Police [of London] because they have no legal powers in London. The CIA case is more extreme because they are explicitly forbidden by law from acting domestically, not just lacking legal powers to do so.

So who was writing a "peace[sic] of nonsense"?  :palm: Y'all might want to check your facts before implying someone else is a fool.
Anybody got a syringe I can use to squeeze the magic smoke back into this?
 
The following users thanked this post: ogden

Offline David Hess

  • Super Contributor
  • ***
  • Posts: 11173
  • Country: us
  • DavidH
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #180 on: October 07, 2018, 02:55:34 pm »
I have purchased "ghost shift" products in the past. Some typical signs are 1.) the box and manual of the product do not carry the vendor's name, address, or logo, but the vendor logo is silkscreened onto the device itself; 2.) the manual appears to be a crudely laid-up Xerox copy of an existing document; 3.) the presence of China-market testing and recycling marks. The actual quality of the product may be the same, but you obviously should not expect vendor support.

In many cases this is discovered when the real company receives customer service requests for identical products which they have no record of producing.
 
The following users thanked this post: tooki

Offline wraper

  • Supporter
  • ****
  • Posts: 11493
  • Country: lv
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #181 on: October 07, 2018, 02:59:30 pm »
I have purchased "ghost shift" products in the past. Some typical signs are 1.) the box and manual of the product do not carry the vendor's name, address, or logo, but the vendor logo is silkscreened onto the device itself; 2.) the manual appears to be a crudely laid-up Xerox copy of an existing document; 3.) the presence of China-market testing and recycling marks. The actual quality of the product may be the same, but you obviously should not expect vendor support.
What you described in 99% of cases is counterfeit, not ghost shift. Also when you order from China, often they throw away original box. So it also could be a product for Chinese market which originally came with Chinese manual.
« Last Edit: October 07, 2018, 03:04:21 pm by wraper »
 

Offline BravoV

  • Super Contributor
  • ***
  • Posts: 6778
  • Country: 00
  • +++ ATH1
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #182 on: October 07, 2018, 03:17:25 pm »
So who was writing a "peace[sic] of nonsense"?  :palm: Y'all might want to check your facts before implying someone else is a fool.

You have to realize after seeing this thread grows into so many pages which is a proof and sign, that even one that had been experienced, worked and trained in logical thinking regime at engineering field, doesn't mean one can see thru clearly in this kind of matter, which is pretty simple and straightforward.

This thread grows because posters are divided majorly into two camps only, as I stated previously, which are "want to believe" camp vs "the pudding" camp.  :-DD

Offline Cerebus

  • Super Contributor
  • ***
  • Posts: 4850
  • Country: gb
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #183 on: October 07, 2018, 03:31:05 pm »
This thread grows because posters are divided majorly into two camps only, as I stated previously, which are "want to believe" camp vs "the pudding" camp.  :-DD

I think there's a third camp that agree with Tim (T3sl4co1l) that it's technically feasible, but that the reporting is suspect, both from a quality of journalism point of view and a geopolitical/realpolitik point of view. That's certainly where I'd place myself.

There's a fog around this, I don't think it will clear anytime soon, and trying to penetrate into the fog by logical deduction is difficult, but that doesn't mean it shouldn't be attempted. Misinformation and contributed "factoids" that are plain wrong don't help.
Anybody got a syringe I can use to squeeze the magic smoke back into this?
 
The following users thanked this post: mtdoc, wraper, tooki, ogden

Offline Cerebus

  • Super Contributor
  • ***
  • Posts: 4850
  • Country: gb
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #184 on: October 07, 2018, 04:05:10 pm »

What about cloning an entire company?

The other common type of cloning is when the production factory runs an extra undocumented shift.

Wow, great eye opener. Textbook MitM.

Indeed. For those who didn't follow the link, some counterfeiters set up a whole organization so that the factories in China and Taiwan producing the counterfeits didn't know that they were. They thought that they were legitimately contract manufacturing for NEC.
Anybody got a syringe I can use to squeeze the magic smoke back into this?
 
The following users thanked this post: tooki, ogden

Offline apis

  • Super Contributor
  • ***
  • Posts: 1667
  • Country: se
  • Hobbyist
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #185 on: October 07, 2018, 05:13:36 pm »
DHS says no reason to doubt firms' China hack denials: https://www.reuters.com/article/us-china-cyber-dhs/dhs-says-no-reason-to-doubt-firms-china-hack-denials-idUSKCN1MH00Y

I think that nails it dead, Bloomberg's story is fake news.
I wouldn't dismiss it completely just because of that. Historically it's been pretty common for different government intelligence agencies not knowing what the others are doing, and the us intelligence branch of government is absolutely enormous as far as I know (which admittedly isn't much).
 

Offline Marco

  • Super Contributor
  • ***
  • Posts: 4750
  • Country: nl
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #186 on: October 07, 2018, 06:31:09 pm »
I just don't see an angle for the US government to want to cover this up at the moment. They have no problem declaring the embassy incidents attacks even in the absence of physical evidence (no trauma showed up on MRI for most of the affected persons, the diagnosis is purely based on symptoms). Why would they cover for China when Trump seeks justification for his trade measures? The presumed attack is relatively low tech all things considered so it's not like revealing the evidence would matter in that respect.

The companies I can kind of understand, they have commercial interests in China ... but even then Apple is extremely image conscious, blatantly lying seems very unlikely when actual evidence could pop up from way too many sources if this were true.

PS. if people in intelligence agencies are purposely keeping this information from the White House they better pray Trump is gone before they get found out.
« Last Edit: October 07, 2018, 06:33:45 pm by Marco »
 
The following users thanked this post: tooki

Offline ogden

  • Super Contributor
  • ***
  • !
  • Posts: 3208
  • Country: lv
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #187 on: October 07, 2018, 06:45:44 pm »
Counterintelligence is responsibility of CIA, not DHS or FBI. If this is true story, it can have "top secret" seal for decades. Other option is just stock fraud or (unlikely) dumb defamation. We will see soon because investors are very unhappy - shares plunged 50%.

Literally wrong on every fact.

Thank you for clarifying that DHS does Counterintelligence on US soil. Info you provided does not say anything about FBI Counterintelligence operations. So I can count only one fact I was wrong, maybe two, not every fact as you say.
« Last Edit: October 07, 2018, 06:50:06 pm by ogden »
 

Offline apis

  • Super Contributor
  • ***
  • Posts: 1667
  • Country: se
  • Hobbyist
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #188 on: October 07, 2018, 06:58:22 pm »
Why would they cover for China when Trump seeks justification for his trade measures?
Well, that is a motive for making up a story like this though. Wouldn't be the first time Trump comes up with "alternative facts" to suit his interests.
 

Offline Cerebus

  • Super Contributor
  • ***
  • Posts: 4850
  • Country: gb
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #189 on: October 07, 2018, 07:23:32 pm »
Counterintelligence is responsibility of CIA, not DHS or FBI. If this is true story, it can have "top secret" seal for decades. Other option is just stock fraud or (unlikely) dumb defamation. We will see soon because investors are very unhappy - shares plunged 50%.

Literally wrong on every fact.

Thank you for clarifying that DHS does Counterintelligence on US soil. Info you provided does not say anything about FBI Counterintelligence operations. So I can count only one fact I was wrong, maybe two, not every fact as you say.

Go and read it again, do a text search within the message if you have to for counterintelligence. All three points you made about the FBI, CIA and DHS in relation to counterintelligence are refuted from authoritative sources.

This is exactly what I was talking about the other day, you make wrong statements on a subject that you are ill-informed on. Then you quibble when someone corrects you, deliberately ignoring anything that doesn't suit your case, often shifting the goalposts in the process. Eventually you reach the point where you start making rude remarks about the character, intelligence or educational attainment of the person who corrected you - except this time if you do it you will be hoist by your own petard.
Anybody got a syringe I can use to squeeze the magic smoke back into this?
 
The following users thanked this post: ogden, bd139

Offline ogden

  • Super Contributor
  • ***
  • !
  • Posts: 3208
  • Country: lv
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #190 on: October 07, 2018, 07:42:12 pm »
Go and read it again, do a text search within the message if you have to for counterintelligence. All three points you made about the FBI, CIA and DHS in relation to counterintelligence are refuted from authoritative sources.

Go and read my post again, show where I said "on domestic soil". Those suspect factories planting chips were located in the US or am I missing something?

Quote
Eventually you reach the point where you start making rude remarks about the character, intelligence or educational attainment of the person who corrected you

You are stepping over the line here. Let's continue in PM and check our records of you versus me insulting others, with CC: moderator.
 

Offline Marco

  • Super Contributor
  • ***
  • Posts: 4750
  • Country: nl
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #191 on: October 07, 2018, 07:53:10 pm »
Well, that is a motive for making up a story like this though. Wouldn't be the first time Trump comes up with "alternative facts" to suit his interests.
I don't think think Trump could tell the NSA to activate 18 deep cover moles inside US companies to trick Bloomberg.
 
The following users thanked this post: JoeO, tooki

Offline Cerebus

  • Super Contributor
  • ***
  • Posts: 4850
  • Country: gb
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #192 on: October 07, 2018, 08:02:49 pm »
Go and read it again, do a text search within the message if you have to for counterintelligence. All three points you made about the FBI, CIA and DHS in relation to counterintelligence are refuted from authoritative sources.

Go and read my post again, show where I said "on domestic soil". Those suspect factories planting chips were located in the US or am I missing something?

And there the moving of goalposts starts ...

Quote
Quote
Eventually you reach the point where you start making rude remarks about the character, intelligence or educational attainment of the person who corrected you

You are stepping over the line here. Let's continue in PM and check our records of you versus me insulting others, with CC: moderator.

No. These arguments you seek out might amuse you, but they annoy me (and I suspect others too) the very last thing I am going to do is give you carte blanche to annoy me in PMs too. Why don't you give it rest, he said wearily.
Anybody got a syringe I can use to squeeze the magic smoke back into this?
 
The following users thanked this post: TopLoser, ogden, bd139

Offline apis

  • Super Contributor
  • ***
  • Posts: 1667
  • Country: se
  • Hobbyist
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #193 on: October 07, 2018, 08:21:28 pm »
Well, that is a motive for making up a story like this though. Wouldn't be the first time Trump comes up with "alternative facts" to suit his interests.
I don't think think Trump could tell the NSA to activate 18 deep cover moles inside US companies to trick Bloomberg.
It would only take one, not particularly deep cover, mole in Bloomberg.
(Maybe just a phone-call to the director: "hey, it's POTUS/CIA/<initialism>, we'd like you to run this story for us." :))
« Last Edit: October 07, 2018, 08:35:06 pm by apis »
 

Offline Mr. Scram

  • Super Contributor
  • ***
  • Posts: 9216
  • Country: 00
  • Display aficionado
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #194 on: October 07, 2018, 09:02:38 pm »
I think that nails it dead, Bloomberg's story is fake news. Reminds me of https://en.wikipedia.org/wiki/Hitler_Diaries

Now we know the story is bogus, the question is how Bloomberg managed to make such a huge cock-up. Unquestioning conservative blogs are already using it as justification to increase the "war" with China, so maybe that provides the answer.
With the track record the various agencies have, why would this "nail the story dead"? If there's something like a gag order the DHS isn't going to spill the beans. It does put the pressure on Bloomberg to come up with something more tangible, although a more suspicious mind might wonder whether they'd be allowed to produce such proof at this point in time. It's obviously also nearly impossible to disprove the story.
 

Offline floobydust

  • Super Contributor
  • ***
  • Posts: 3525
  • Country: ca
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #195 on: October 07, 2018, 09:06:51 pm »
Here's the only Bloomberg pic, and we can all smell the bullshit in a 3-pin package...

Why sit on this for over 3 years? The government probe started in 2015 with Amazon's discovery, supposedly.
Aww poor businesses, banks that still have a back door to a foreign hostile that is still open? Who cares about the DoD, Navy ships, drones, government agencies infiltrated.  :palm:
 
The following users thanked this post: tooki

Offline daqq

  • Super Contributor
  • ***
  • Posts: 1791
  • Country: sk
    • My site
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #196 on: October 07, 2018, 09:14:05 pm »
Quote
Here's the only Bloomberg pic, and we can all smell the bullshit in a 3-pin package...
Er, no, there were other pics of said park, see initial post link. It looks like a 6 pin package, very similar to a balun:

http://www.farnell.com/datasheets/2580617.pdf?_ga=2.1792241.1799087673.1538946562-1417168484.1514813103

I can see such a device hooked up to some SPI bus that talks to an SPI memory, pretending to be the memory... or any number of other possibilities.
Believe it or not, pointy haired people do exist!
+++Divide By Cucumber Error. Please Reinstall Universe And Reboot +++
 
The following users thanked this post: wraper

Offline cdev

  • Super Contributor
  • ***
  • Posts: 5442
  • Country: 00
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #197 on: October 07, 2018, 11:04:28 pm »
I'd like to know a lot more about what is supposed to be in that very generic looking tiny part.

It looks just like some small RF transformers and low pass filters that I have. I think they were made by either TDK or Murata.


"What the large print giveth, the small print taketh away."
 

Offline Mr. Scram

  • Super Contributor
  • ***
  • Posts: 9216
  • Country: 00
  • Display aficionado
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #198 on: October 07, 2018, 11:08:33 pm »
I'd like to know a lot more about what is supposed to be in that very generic looking tiny part.

It looks just like some small RF transformers and low pass filters that I have. I think they were made by either TDK or Murata.
Wasn't that the point, that it looked like a mundane and innocuous part?
 

Offline Halcyon

  • Global Moderator
  • *****
  • Posts: 3950
  • Country: au
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #199 on: October 07, 2018, 11:29:07 pm »
I wonder how many people have already gone to town on their motherboards, removing this component, only to realise it was actually required for the machine to boot.
 
The following users thanked this post: tooki


Share me

Digg  Facebook  SlashDot  Delicious  Technorati  Twitter  Google  Yahoo
Smf