Author Topic: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.  (Read 35992 times)

0 Members and 1 Guest are viewing this topic.

Offline blueskull

  • Supporter
  • ****
  • Posts: 13652
  • Country: cn
  • Power Electronics Guy
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #200 on: October 07, 2018, 11:31:20 pm »
I wonder how many people have already gone to town on their motherboards, removing this component, only to realise it was actually required for the machine to boot.

Your machine doesn't need a balun to boot. You may lose WiFi/BT, but 99% of the machines use RF cards instead of built-in RF, so who cares?
 

Online bd139

  • Super Contributor
  • ***
  • Posts: 14909
  • Country: gb
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #201 on: October 07, 2018, 11:43:53 pm »
Also this was targeting servers. Servers have no RF capable parts on.

Actually I don’t have any  Supermicro ones available to me but after scanning tens of high res motherboard pictures there’s nothing that looks even remotely like a balun on any server motherboards. There’s decoupling, power conversion, protection, identifiable ICs, transistors/MOSFETs/diodes, connectors and bugger all else. anything with enough pins is identifiable.
 
The following users thanked this post: tooki

Offline BravoV

  • Super Contributor
  • ***
  • Posts: 6780
  • Country: 00
  • +++ ATH1
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #202 on: October 07, 2018, 11:50:08 pm »
C'mon, how hard is that, to de-solder that suspected component, put it side by side with a genuine one under the microscope, start to sand both layer by layer exposing it's internal while comparing ?  :palm:
« Last Edit: October 07, 2018, 11:51:49 pm by BravoV »
 

Offline mtdoc

  • Super Contributor
  • ***
  • Posts: 3581
  • Country: us
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #203 on: October 07, 2018, 11:58:30 pm »
Why would they cover for China when Trump seeks justification for his trade measures?
Well, that is a motive for making up a story like this though. Wouldn't be the first time Trump comes up with "alternative facts" to suit his interests.

This is not a Trump thing (and I'm no Trump fan).

This has been going of at least since the 1950s in the US (and other countries).  See Operation Mocking Bird
 

Offline BravoV

  • Super Contributor
  • ***
  • Posts: 6780
  • Country: 00
  • +++ ATH1
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #204 on: October 08, 2018, 12:09:03 am »
Why would they cover for China when Trump seeks justification for his trade measures?
Well, that is a motive for making up a story like this though. Wouldn't be the first time Trump comes up with "alternative facts" to suit his interests.

This is not a Trump thing (and I'm no Trump fan).

This has been going of at least since the 1950s in the US (and other countries).  See Operation Mocking Bird

If this is true for bad mouthing China, the question is why they had to sacrifice "American" companies ?

They could just make & publicize it without mentioning specific company names.  :-//

Offline BravoV

  • Super Contributor
  • ***
  • Posts: 6780
  • Country: 00
  • +++ ATH1
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #205 on: October 08, 2018, 12:19:53 am »
-> https://www.reuters.com/article/us-china-cyber-apple/apple-tells-congress-it-found-no-signs-of-hacking-attack-idUSKCN1MH0YQ

Quote ...

"Bloomberg said on Friday it stood by its story, which was based on 17 anonymous sources. Some allegations were based on fewer accounts or even a single unnamed source, Apple noted in its letter."


Offline mtdoc

  • Super Contributor
  • ***
  • Posts: 3581
  • Country: us
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #206 on: October 08, 2018, 12:23:53 am »
Why would they cover for China when Trump seeks justification for his trade measures?
Well, that is a motive for making up a story like this though. Wouldn't be the first time Trump comes up with "alternative facts" to suit his interests.

This is not a Trump thing (and I'm no Trump fan).

This has been going of at least since the 1950s in the US (and other countries).  See Operation Mocking Bird

If this is true for bad mouthing China, the question is why they had to sacrifice "American" companies ?

They could just make & publicize it without mentioning specific company names.  :-//

They didn't bad mouth American companies. They of course had to mention which companies products were involved or the accusation would have no teeth at all.  They also had to report those companies responses.

Unless a neutral 3rd party analysis of the hardware is done and confirms the report - it will be clear this was just a propaganda piece.  Nevertheless, it will have succeeded in planting more anti-China feelings in the populace and help support the new Cold War.

No one will remember that the original report was never confirmed. No company other than perhaps relatively small Supermicro will have been negatively affected.  But the anti-China sentiment will have been seeded. Mission accomplished.

It's no different than the "Russia hacking" hysteria. No one will notice that there were never any actual prosecutions of Russian hackers, yet the anti-Russia sentiment will remain.  This is how propaganda works.
« Last Edit: October 08, 2018, 12:26:37 am by mtdoc »
 

Offline blueskull

  • Supporter
  • ****
  • Posts: 13652
  • Country: cn
  • Power Electronics Guy
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #207 on: October 08, 2018, 12:31:44 am »
If this is true for bad mouthing China, the question is why they had to sacrifice "American" companies ?

What if this put up job is to manipulate Apple and Amazon (with stock price influence by stockholder confidence through media coverage) to shift from buying Made in China gears to Made in US gears?
 

Online Marco

  • Super Contributor
  • ***
  • Posts: 4752
  • Country: nl
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #208 on: October 08, 2018, 12:46:21 am »
This is not a Trump thing (and I'm no Trump fan).

This has been going of at least since the 1950s in the US (and other countries).  See Operation Mocking Bird
The problem is the level of conspiracy necessary to keep evidence from any of the companies and from government from leaking if Bloomberg's report was true. Unless there's a mountain of National Security Letters out there keeping everyone involved living in fear I just don't see how it can be. That mountain of NSLs would mean it either goes to the top/Trump or the security agencies are playing traitor and keeping Trump out of the loop. Trump has no reason to keep this secret if he knows about it.

It's easier to just assume Bloomberg cobbled together a conspiracy theory from misleading information (intentionally spread or not) and subsequently asking some useful idiots leading questions.
 

Offline cdev

  • Super Contributor
  • ***
  • Posts: 5445
  • Country: 00
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #209 on: October 08, 2018, 12:51:27 am »
That chip looks a lot like a six legged version of what I call PCB resident 'feed through' caps.. I dont know the technical name for them. They are kind of an RFI filter.

They are basically bypass caps with two legs. (although they might also incorporate ferrite materials) (these bypass caps only have three terminals, the ones at the ends are the DC path and the two on the sides at the middle are the ground that has the RF bypassed to it.)

 They are kind of a 2D, semi-planar version of the old feed through caps that penetrate a case wall.

They have the same function. There- using a lower quality part might reduce the effectiveness of RFI bypassing.

Which might be all that was required.

In order to enable some back-channel attacks (which could then only be pursued from near the machine physically) all that likely needs to be done is sabotage formerly effective RFI suppression methods.

Making it so a nearby listener might be able to extract enough information to break whatever encryption keys was being used.

This attack would only work if the attacker was within a few meters, most likely. So basically they would have to have access to the data center the servos were in.

Although I have no idea how it fits in, liberalizing services is proposed to double (probably many times more than that, just imagine how much will be saved on wages, money which is now 'wasted' to rent extraction. (/sarcasm)

The hype proposes that business profits globally could be increased many fold by increasing efficiency, which increasingly means moving jobs to the digital economy.

One of the main questions is where will the trade rules require that servers and the actual information be located?

One of the biggest roadblocks to making businesses so very much much much more efficient and reducing costs to the bone (and an eventual shakeout within which most of those businesses get absorbed into others) is who gets to say where the important information thats stored on servers will be.

Can governments - despite their commitments to trade liberalization, think of some excuse to hold it back (and presumably steer that business to well connected insiders in their own country, even though some other provider of the service may be cheaper)

A business like Amazon's 2nd biggest asset after their brand name is their technology, which they (probably) want to keep close to their vests. (I would expect them to!) However, agreements between countries commit countries to switch from in house provision of services to low bidders, biding in an international competition.

Could the country whose information is at issue - or the country whose flag of convenience a corporation flies require some parts be inside their physical country and control, even when its not national security related?

(National security is basically the only area that gets a free pass to remain under individual nation's control)

I have no idea what they are arguing these days. But you can bet it isnt good for the little guy, whose business will likely be put under extreme pressure by global competition, if there is any money to be made in it.

This kind of 'incident' real or not, may be part of the arguments in some way. Countries are jockeying for position in this huge shift and people like us can only guess at their long term strategies.





« Last Edit: October 08, 2018, 01:30:34 am by cdev »
"What the large print giveth, the small print taketh away."
 

Offline blueskull

  • Supporter
  • ****
  • Posts: 13652
  • Country: cn
  • Power Electronics Guy
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #210 on: October 08, 2018, 01:00:09 am »
That chip looks a lot like what I call "PCB resident feed through caps.. They are the 2D version of the old feed throughs that penetrated a case wall.

In order to enable some back-channel attacks (which could then only be pursued from near the machine physically) all that likely needs to be done is sabotage formerly effective RFI suppression methods.

This attack would only work if the attacker was within a few meters, most likely.

That's an RF balun. I've never heard of any beadcaps looking like that.
And it's not going to work in a few meters. More like a few centimeters, and it must be in the chassis.
If so, why don't the attacker just pull the drive out?

FYI, Intel has thought of this before, so modern Xeon chips with ECC use scrambling. Anything from and to the RAM (top GHz-range EMI source in a computer) is scrambled by CPU.

Also, Bloomberg said it's alleged to be an IC developed by Chinese military. That's not an IC to my eyes. That's clearly made of fired ceramics, and no common silicon IC can survive after being fired at ceramic firing temperature.
 

Offline cdev

  • Super Contributor
  • ***
  • Posts: 5445
  • Country: 00
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #211 on: October 08, 2018, 01:34:14 am »
MMIC is the term they use. And its a broad term that encompasses a great many kinds of devices.

They use ceramics because of the favorable dielectric properties.

It really is a black art.   

Note I am not even going to try to weigh in on how feasible it is.


Also, it may have little to do with China per se.

In other words, it may just be an argument to slow down the pace of the race to the bottom.

Countries are competing with one another for investment, to prop up currencies - Claiming they have to do it because of the global nature of capital. Democracy they say is just too unpredictable for companies and investors.

One explanation I thought was good was "How Far Will International Economic
Integration Go?" by Dani Rodrik

I think we're cutting off our own noses to spite our face.

By committing so aggressively to trade liberalization (which hasnt ended, its not just in the past), the US may have put itself in a very unpleasant situation because the rate of progress in labor saving technologies has been so very much faster than any of the politicians or economists ever even remotely imagined. And its getting even faster very rapidly.

A race to the bottom is a game that nobody wins.

« Last Edit: October 08, 2018, 02:06:16 am by cdev »
"What the large print giveth, the small print taketh away."
 

Offline blueskull

  • Supporter
  • ****
  • Posts: 13652
  • Country: cn
  • Power Electronics Guy
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #212 on: October 08, 2018, 01:44:43 am »
the US may have put itself in a very unpleasant situation because the rate of progress in labor saving technologies has been much faster than any of the politicians or economists ever even remotely imagined.

Please, stay within the topic.

And just so you know, for thousands of years, technology, religion and military were and are working for the top of the society pyramid.

If globalization doesn't kill the lower end of human spectrum, automation will, or wars will, or fill _in_the_blank will.
 

Offline daqq

  • Super Contributor
  • ***
  • Posts: 1792
  • Country: sk
    • My site
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #213 on: October 08, 2018, 05:28:12 am »
Quote
Also this was targeting servers. Servers have no RF capable parts on.
Please note that the part I linked was just an example of a part that looks similarly. There are also SMD EMC filters that look the same. See:

https://product.tdk.com/info/en/products/emc/emc/3tf/catalog.html

Specific series:

https://product.tdk.com/info/en/catalog/datasheets/3tf_commercial_signal_mem2012sc_en.pdf

And MURATA IIRC has something very similar.

Now, if I'd seen this on a server board sitting among other parts I do not think that I would be terribly surprised.
Believe it or not, pointy haired people do exist!
+++Divide By Cucumber Error. Please Reinstall Universe And Reboot +++
 

Online Bud

  • Super Contributor
  • ***
  • Posts: 4134
  • Country: ca
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #214 on: October 08, 2018, 05:43:15 am »
Also this was targeting servers. Servers have no RF capable parts on.

RF balun does not mean the part radiates. RF Baluns are high frequency devices are routinely used to convert signal between balanced and unbalanced circuits, such as single ended to differential line. Digital circuits can utilize RF baluns for clock conditioning for example.
Facebook-free life and Rigol-free shack.
 

Offline Mr. Scram

  • Super Contributor
  • ***
  • Posts: 9218
  • Country: 00
  • Display aficionado
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #215 on: October 08, 2018, 06:43:47 am »
Why are you all assuming an implant chip is what it looks like? You'd obviously disguise an implant device as something innocuous, or at least attempt to make it less obvious. Otherwise you could just stick a GSM board on there and call it quits.
 

Offline VK3DRB

  • Super Contributor
  • ***
  • Posts: 1735
  • Country: au
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #216 on: October 08, 2018, 10:17:28 am »
Entrepreneurial, or just plain greedy?... http://www.abc.net.au/news/2018-04-26/daigou-chinese-personal-shopping-$1-billion-industry/9671012

If you think that's worst, then you are wrong. If it's within the boarder of China, those Daigou people will buy all stocks, even without orders, to bump up the price and sell them back to the people needing them the most...


Sounds like greedy housing developers, most of whom use money from the PRC.

In this city of Melbourne it is illegal to buy tickets to the famous Grand Final football game and scalp the tickets on eBay at inflated prices. Same with concerts. They buy blocks of Justin Bieber tickets selling them to 14 year old teeny boppers at crossly inflated prices, which our govt has made illegal (not Bieber unfortunately, but ticket scalping). Our culture condemns ticket scalpers but praises the "entrepreneurs" scalping houses... Scalping tickets?>:D, but scalping houses? :-+.  In the US the rich are looked on with admiration, but those who dare question inequality are called socialist scum. How dare anyone suggest the super rich are taxed more to give to the poor.... they must be commies.

As one famous US presidential adviser said: The trickle down effect is rubbish. A billionaire might only buy 2 pairs of jeans a year. But if he shared some of his wealth to 10,000 poor people to get them out of poverty, the demand is now 20,000 pairs. Inequality also leads to economic stagnation.
« Last Edit: October 08, 2018, 10:22:18 am by VK3DRB »
 
The following users thanked this post: mtdoc, blueskull

Online madires

  • Super Contributor
  • ***
  • Posts: 5236
  • Country: de
  • A qualified hobbyist ;)
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #217 on: October 08, 2018, 11:56:32 am »
Please don't take Bloomberg's image too seriously. Media often uses images in the sense of "something looking similar" and I doubt that Bloomberg has the spy chip. Here's another interesting comment from a well known journalist: https://krebsonsecurity.com/2018/10/supply-chain-security-is-the-whole-enchilada-but-whos-willing-to-pay-for-it/. He mentions a Chinese chip built into Internet-enabled printers for sending a copy of everything printed home. That was more than a decade ago.
 
The following users thanked this post: thm_w

Offline NiHaoMike

  • Super Contributor
  • ***
  • Posts: 6212
  • Country: us
  • "Don't turn it on - Take it apart!"
    • Facebook Page
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #218 on: October 08, 2018, 12:33:23 pm »
He mentions a Chinese chip built into Internet-enabled printers for sending a copy of everything printed home. That was more than a decade ago.
It would be interesting to troll them by hacking the printer to not actually print (save on paper), then keep sending it thousands of pages of what look like a one time pad.
Cryptocurrency has taught me to love math and at the same time be baffled by it.

Cryptocurrency lesson 0: Altcoins and Bitcoin are not the same thing.
 
The following users thanked this post: PointyOintment

Offline ajb

  • Super Contributor
  • ***
  • Posts: 1771
  • Country: us
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #219 on: October 08, 2018, 05:24:21 pm »
The Register has a good overview of thestory and the issues of competing credibility here:

https://www.theregister.co.uk/2018/10/04/supermicro_bloomberg/?page=1
 

Offline Cerebus

  • Super Contributor
  • ***
  • Posts: 4851
  • Country: gb
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #220 on: October 08, 2018, 05:32:04 pm »
That article is a few days old now, and may have missed more recent developments.

(And if the author, Mr. McCarthy's, previous output is anything to judge by, the point too. Let's say that he's not at the top of my list of reliable authors, he completely mangled an article on IP networking the other week.)
Anybody got a syringe I can use to squeeze the magic smoke back into this?
 

Online bd139

  • Super Contributor
  • ***
  • Posts: 14909
  • Country: gb
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #221 on: October 08, 2018, 06:36:05 pm »
The Register is basically the same as The Sun and The Daily Mail here. But with less tits. Other than the editor.
 

Offline Cerebus

  • Super Contributor
  • ***
  • Posts: 4851
  • Country: gb
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #222 on: October 08, 2018, 06:59:44 pm »
The Register is basically the same as The Sun and The Daily Mail here. But with less tits. Other than the editor.

Oh no, el Reg is much more fun. I used to know both of the founders, worked with one of them. They were both the kind of men you had "drinking stories" about that you could dine out on.  :) Mike, no longer there, had a justified reputation for digging out stories that others couldn't - possibly by giving his sources liver failure in a single evening. John, still a director there, is known for single-handedly keeping the publicans of Bloomsbury in gainful employment - IT journalism's Jeffrey Bernard.
Anybody got a syringe I can use to squeeze the magic smoke back into this?
 

Online bd139

  • Super Contributor
  • ***
  • Posts: 14909
  • Country: gb
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #223 on: October 08, 2018, 07:28:10 pm »
Yes Mike disappeared off to start the Inquirer. Surprised he's still alive. Surprised any of them. I don't know them personally but have heard the stories by proxy of someone who indeed was one of their sources many years ago. He now lives in Thailand away from it all as I think he pissed off so many people to the point he was unemployable in the UK and Europe.

Edit: I made the mistake of employing him  :-DD (fortunately we had nothing to leak)
 

Offline mnementh

  • Super Contributor
  • ***
  • Posts: 7615
  • Country: ca
  • *Escaping The Suck*
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #224 on: October 08, 2018, 07:51:43 pm »
Jeezus... you two come along and the IQ in here increases 50 points...

mnem
And then I come along and...  :palm:
 


Share me

Digg  Facebook  SlashDot  Delicious  Technorati  Twitter  Google  Yahoo
Smf