Author Topic: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.  (Read 35403 times)

0 Members and 2 Guests are viewing this topic.

Offline CJay

  • Super Contributor
  • ***
  • Posts: 3547
  • Country: gb
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #25 on: October 04, 2018, 05:47:20 pm »
Its all for the quick bucks from the short sale on the affected companies stocks. Like the Trump did on Amazon, easy money.  :-DD

Not convinced, yes Supermicro's shares will take a hit and people will make money but longer term?

Supermicro might feel they need to bring manufacturing back to the US, consider it a 'warning' to fruity high tech companies perhaps?

As for US intelligence only being able to monitor and covertly plant, yeah... I'm sure they've never illegally intimidated anyone or run black ops or anything underhand and oh look, there's a unicorn feeding the Kraken that lives in my garden pond.
 


Offline BravoV

  • Super Contributor
  • ***
  • Posts: 6767
  • Country: 00
  • +++ ATH1
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #27 on: October 04, 2018, 06:05:32 pm »
Its all for the quick bucks from the short sale on the affected companies stocks. Like the Trump did on Amazon, easy money.  :-DD

Not convinced, yes Supermicro's shares will take a hit and people will make money but longer term?

Sure, its not for everyone, otherwise everyone will get bloody rich.  >:D

What long term ? Especially one probably can make few millions dollars in few hours like when Amazon lost it's value in billion in overnight by Trump's single tweet.  :-DD

Offline ajb

  • Super Contributor
  • ***
  • Posts: 1770
  • Country: us
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #28 on: October 04, 2018, 06:06:41 pm »
Yep: https://arstechnica.com/tech-policy/2014/05/photos-of-an-nsa-upgrade-factory-show-cisco-router-getting-implant/

Although that shows the loading of compromised firmware rather than modifying the hardware.  It's also interesting to note that the NSA intercepted packages bound for specific end users, whereas the approach described in the Bloomberg article is inherently indiscriminate; anyone who gets a particular model/production run is potentially compromised.  Not making a moral judgement, it's just interesting to see the difference in approach.
 

Offline bd139

  • Super Contributor
  • ***
  • Posts: 14600
  • Country: gb
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #29 on: October 04, 2018, 06:22:28 pm »
Yes exactly. Much easier!
 

Online Mr. Scram

  • Super Contributor
  • ***
  • Posts: 9094
  • Country: 00
  • Display aficionado
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #30 on: October 04, 2018, 06:33:41 pm »
Although that shows the loading of compromised firmware rather than modifying the hardware.  It's also interesting to note that the NSA intercepted packages bound for specific end users, whereas the approach described in the Bloomberg article is inherently indiscriminate; anyone who gets a particular model/production run is potentially compromised.  Not making a moral judgement, it's just interesting to see the difference in approach.
Intercepting specific packages in the US is much easier for the NSA.
 

Offline mikeselectricstuff

  • Super Contributor
  • ***
  • Posts: 12124
  • Country: gb
    • Mike's Electric Stuff
Youtube channel:Taking wierd stuff apart. Very apart.
Mike's Electric Stuff: High voltage, vintage electronics etc.
Day Job: Mostly LEDs
 
The following users thanked this post: bd139

Offline BravoV

  • Super Contributor
  • ***
  • Posts: 6767
  • Country: 00
  • +++ ATH1
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #32 on: October 04, 2018, 06:45:10 pm »
So where is the porn of the affected hardwares ?

Sure anyone these days will jump on this just to get click count as its commodity stuffs that can easily sourced ?  :-//

Online Mr. Scram

  • Super Contributor
  • ***
  • Posts: 9094
  • Country: 00
  • Display aficionado
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #33 on: October 04, 2018, 06:46:13 pm »
Amazon AWS say it's bullshit
https://aws.amazon.com/blogs/security/setting-the-record-straight-on-bloomberg-businessweeks-erroneous-article/
All the players involved deny, which under the current legislation unfortunately tell us exactly nothing.
 

Offline mtdoc

  • Super Contributor
  • ***
  • Posts: 3581
  • Country: us
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #34 on: October 04, 2018, 06:50:14 pm »
Let's apply Ockham here. Which is more likely:

1) China try a high cost, high probability of detection, low probability of success, exploit of limited applicability.

2) In a political climate of 'post truth' someone who wants to provoke a trade war with China 'leaks' propaganda. Everybody else (FBI, DNI, Apple, Amazon etc.) who ought to know about it denies that there is any veracity to it, including people who have the clout to tell the truth and damn anyone who tries to shut them up.

In the absence of verifiable evidence of this exploit, I think Ockham tends towards (2).

Yes.

I read this Bloomberg piece early this morning and it immediately raised several red flags (no pun intended).

It's reassuring to see those with more technical expertise also find it suspicious. As others have noted, the attack as described by Bloomberg would require multiple points of  compromise in the supply chain and there are much easier modes of attack.

If you put in context of recent geopolitical developments, it makes much more sense that Bloomberg is wittingly or unwittingly being used as a propaganda arm for the government. 

Now that the Mueller investigation is winding down and despite lots of accusations (including some meaningless indictments), no proof of Russian collusion or meaningful interference in the 2016 election has been provided.  That and the fact that Putin has not been taking the bait in Syria means it will be difficult to maintain the Russian boogeyman narrative for much longer.

On the other hand recent conflicts in the South China Sea and VP Mike Pence's aggressive anti-China speech this morning means that there is likely a concerted effort underway to shift the focus of the populaces animus towards China.

We live in interesting and dangerous times.
 
The following users thanked this post: all_repair, tooki, bd139

Offline BravoV

  • Super Contributor
  • ***
  • Posts: 6767
  • Country: 00
  • +++ ATH1
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #35 on: October 04, 2018, 06:53:06 pm »
We live in interesting and dangerous times.

Indeed, and reminds me of the Napoleon Bonaparte's quote on China.

Offline Bud

  • Super Contributor
  • ***
  • Posts: 4039
  • Country: ca
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #36 on: October 04, 2018, 07:09:12 pm »
Yes, the article published at the right time, makes you think.
Facebook-free life and Rigol-free shack.
 

Offline aqarwaen

  • Regular Contributor
  • *
  • Posts: 51
  • Country: us
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #37 on: October 04, 2018, 07:48:19 pm »
can i ask question?what would happen if someone tried remove that chip from board?would it brick full board?
 

Online floobydust

  • Super Contributor
  • ***
  • Posts: 3453
  • Country: ca
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #38 on: October 04, 2018, 08:02:35 pm »
Read the Bloomberg article... at the manufacturing level, PCB design was altered to add an MCU packaged as an EMI filter.
On other servers, the MCU was embedded in the PCB's internal layers.
The IC seemed to be an extension of the server bootloader, so it would download an app from china.

I wouldn't call this anything other than a sophisticated hardware back-door for servers.
 

Offline bd139

  • Super Contributor
  • ***
  • Posts: 14600
  • Country: gb
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #39 on: October 04, 2018, 08:03:42 pm »
I call it unicorn shit until I've seen it and smelled it.
 
The following users thanked this post: Zucca, tooki

Offline eas

  • Frequent Contributor
  • **
  • Posts: 601
  • Country: us
    • Tech Obsessed
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #40 on: October 04, 2018, 08:10:35 pm »
Now that the Mueller investigation is winding down and despite lots of accusations (including some meaningless indictments), no proof of Russian collusion or meaningful interference in the 2016 election has been provided.

There is absolutely no evidence it is raining outside, if you ignore all the evidence that it is raining outside (ground is wet, clouds in sky, droplets of water moving from sky to ground), dismiss the evidence with absurd counter explanations (sure, its wet, but you spit when you talk) and/or simply define raining as "big rocks, floating from the earth to the moon."
« Last Edit: October 04, 2018, 08:13:04 pm by eas »
 

Offline thm_w

  • Super Contributor
  • ***
  • Posts: 2078
  • Country: ca
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #41 on: October 04, 2018, 08:16:57 pm »
2. This is the least cost effective way of doing an attack. Custom silicon, target modification, infiltration are stupidly expensive compared to other vectors like firmware and post-manufacturing implants.

How is it custom silicon, it could be an off the shelf micro in a custom package (which wouldn't be very expensive).

can i ask question?what would happen if someone tried remove that chip from board?would it brick full board?

Most likely it would be sitting a bus of some sort, so should not cause any problems if removed. But no way to know for sure.
 

Offline bd139

  • Super Contributor
  • ***
  • Posts: 14600
  • Country: gb
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #42 on: October 04, 2018, 08:30:44 pm »
2. This is the least cost effective way of doing an attack. Custom silicon, target modification, infiltration are stupidly expensive compared to other vectors like firmware and post-manufacturing implants.

How is it custom silicon, it could be an off the shelf micro in a custom package (which wouldn't be very expensive).

It's not going to be just a micro. It would have to have a compatible bus interface as well or arbitration of it talks to something else.
 

Online floobydust

  • Super Contributor
  • ***
  • Posts: 3453
  • Country: ca
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #43 on: October 04, 2018, 08:31:12 pm »
I call it unicorn shit until I've seen it and smelled it.
Try reverse logic then.

How would this "American propaganda" about the chinese Supermicro server backdoor benefit the USA?

They're hooped, they can't make these servers or the IC's used anyhow. The technology left the USA long ago.
If making fake news to "bring it back home" as Trump does, seems silly because it would take many years.

“You end up with a classic Satan’s bargain,” a former U.S. official told Bloomberg. “You can have less supply than you want and guarantee it’s secure, or you can have the supply you need, but there will be risk. Every organization has accepted the second proposition.”
 

Offline bd139

  • Super Contributor
  • ***
  • Posts: 14600
  • Country: gb
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #44 on: October 04, 2018, 08:38:14 pm »
Unicorn shit was aimed at the technology being discovered actually used.

I agree with your point entirely. It's not unlikely.
 

Offline chris_leyson

  • Super Contributor
  • ***
  • Posts: 1400
  • Country: wales
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #45 on: October 04, 2018, 09:28:59 pm »
Having some difficultly believing this, I think it's more fake news rather than reality.
It's alleged that processors are embedded in packages that look like EMI filters. It's technically feasable but where do these processors get their power from ? If they didn't have to drive anything then they can harvest a tiny amount of power from the signal lines, and even with the most exotic capacitor dielectric on the planet you're only going to store a few mJ and you're not going to be able to write many bits with a few mJ.
If it's case where one or two manufacturers have been compromised then they can do anything they like to the board including changes to the copper. If you can change the copper then you can provide power to the "EMI filter" and now you can write as many data bits as you want. Who puts EMI filters on a data bus anyway, unless it's going off board.
It's ironic that they are allegedly inside EMI filters, now they are filtering the data. It sounds more like science fiction than science fact.
 
The following users thanked this post: tooki

Offline borjam

  • Supporter
  • ****
  • Posts: 791
  • Country: es
  • EA2EKH
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #46 on: October 04, 2018, 09:43:19 pm »
It's not going to be just a micro. It would have to have a compatible bus interface as well or arbitration of it talks to something else.
I could believe something related to the BMC/IPMI/console access stuff. After all they even share Ethernet controllers with the mainboard. Arbitration
there would be simpler.

But what Bloomberg describes is, as you said, unicorns. Forcing the OS to do what? Which OS after all? BIOS, EFI and all that crap is not running when a proper OS is in execution.

 

Offline mtdoc

  • Super Contributor
  • ***
  • Posts: 3581
  • Country: us
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #47 on: October 04, 2018, 09:59:06 pm »
How would this "American propaganda" about the chinese Supermicro server backdoor benefit the USA?

To gain support for any war (cold or hot) you need the populace to believe that the "enemy" is threatening you.   Why not baffle them with mysterious electronics jargon and a magical chip "the size of a grain of rice" that allows them to spy on us. (Almost as good as the omnipotent Russian hackers and social media trolls)

Geopolitics 101 - same as it ever was.  There needs to be more than just a trade war to justify military spending.

A new cold war with China is in the making.
 

Offline coppercone2

  • Super Contributor
  • ***
  • Posts: 3831
  • Country: us
  • $
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #48 on: October 04, 2018, 10:12:46 pm »
china tries to recruit spies on linkedin. enough said
 

Online wraper

  • Supporter
  • ****
  • Posts: 11358
  • Country: lv
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #49 on: October 04, 2018, 10:23:05 pm »
But what Bloomberg describes is, as you said, unicorns. Forcing the OS to do what? Which OS after all? BIOS, EFI and all that crap is not running when a proper OS is in execution.
Then read this  :palm: https://www.zdnet.com/article/minix-intels-hidden-in-chip-operating-system/

Quote
MINIX also has access to your passwords. It can also reimage your computer's firmware even if it's powered off. Let me repeat that. If your computer is "off" but still plugged in, MINIX can still potentially change your computer's fundamental settings.
Quote
How? MINIX can do all this because it runs at a fundamentally lower level.
x86-based computers run their software at different privilege levels or "rings". Your programs run at ring three, and they have the least access to the hardware. The lower the number your program runs at, the more access they have to the hardware. Rings two and one don't tend to be used. Operating systems run on ring zero. Bare-metal hypervisors, such as Xen, run on ring -1. Unified Extensible Firmware Interface (UEFI) runs on ring -2. MINIX? It runs on ring -3.

You can't see it. You can't control it. It's just humming away there, running your computer. The result, according to Minnich is "there are big giant holes that people can drive exploits through." He continued, "Are you scared yet? If you're not scared yet, maybe I didn't explain it very well, because I sure am scared."
« Last Edit: October 04, 2018, 10:25:58 pm by wraper »
 


Share me

Digg  Facebook  SlashDot  Delicious  Technorati  Twitter  Google  Yahoo
Smf