EEVblog Electronics Community Forum

General => General Chat => Topic started by: funkyant on October 04, 2018, 12:02:12 pm

Title: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: funkyant on October 04, 2018, 12:02:12 pm
https://www.bloomberg.com/news/features/2018-10-04/the-big-hack-how-china-used-a-tiny-chip-to-infiltrate-america-s-top-companies (https://www.bloomberg.com/news/features/2018-10-04/the-big-hack-how-china-used-a-tiny-chip-to-infiltrate-america-s-top-companies)
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: bd139 on October 04, 2018, 12:59:19 pm
I don't buy this.

1. The attack is terribly easy to identify once in place.
2. This is the least cost effective way of doing an attack. Custom silicon, target modification, infiltration are stupidly expensive compared to other vectors like firmware and post-manufacturing implants.
3. Just the supply chain and quantity of humans involved for these implant devices is huge and it's difficult to compartmentalise that number of people.
4. It requires extreme knowledge of the target design and ability to modify it so there is a huge infiltration identification risk.
5. Evidence is permanently left lying around after it is identified. No national entity would get away with being that brazen.

I'm calling either bullshit, propaganda or CYA here until I see a proper design analysis.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: funkyant on October 04, 2018, 01:16:09 pm
It shouldn't be too hard for somebody to get their hands on one of the allegedly affected boards. There's millions of them.

Hopefully we hear something a bit more in depth/ reliable/ technical soon.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: MK14 on October 04, 2018, 01:17:44 pm
It shouldn't be too hard for somebody to get their hands on one of the allegedly affected boards. There's millions of them.

Hopefully we hear something a bit more in depth/ reliable/ technical soon.

There are plausible rumors that the story is false.
To avoid starting a political discussion, I have left out the details, as to why.
I managed to carefully edit in some details, but have left out the stronger political stuff.

https://www.theinquirer.net/inquirer/news/3063945/chinese-spies-reportedly-used-microchips-to-infiltrate-apple-and-amazon (https://www.theinquirer.net/inquirer/news/3063945/chinese-spies-reportedly-used-microchips-to-infiltrate-apple-and-amazon)

Quote
Both Amazon and Apple strongly refute Bloomberg's report.

I.e. They seem to be saying the story is NOT true.

Quote
However, Bloomberg's sources are adamant. "The companies' denials are countered by six current and former senior national security officials, who—in conversations that began during the Obama administration and continued under the Trump administration—detailed the discovery of the chips and the government's investigation." µ
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: bd139 on October 04, 2018, 01:24:34 pm
Indeed. Ears peeled to see where this goes.

Honestly this is could even be posturing for a "friendly" attack being discovered. If you look at any supermicro boards they have proudly stamped on it "designed in USA" so either the design was modified after shipping, which design validation should pick up on production sampling, or it was modified at source of this is true which could be any actor in theory.

We may never know.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: MK14 on October 04, 2018, 01:44:42 pm
This also seems to say that the story is not true.
I.e. That both Apple and Amazon, deny that the story is true.

https://www.scmp.com/tech/enterprises/article/2167032/apple-amazon-deny-report-chinese-use-tiny-chips-hack-their-networks (https://www.scmp.com/tech/enterprises/article/2167032/apple-amazon-deny-report-chinese-use-tiny-chips-hack-their-networks)

Quote
Apple, Amazon deny report on Chinese use of tiny chips to hack into their networks
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: NivagSwerdna on October 04, 2018, 01:46:42 pm
Not convinced.  Looks like some RF conditioning added during final fab,... more inductance they expected on memory traces?

Need some X-ray evidence of the device.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: Cerebus on October 04, 2018, 02:04:02 pm
I don't buy this.

1. The attack is terribly easy to identify once in place.
2. This is the least cost effective way of doing an attack. Custom silicon, target modification, infiltration are stupidly expensive compared to other vectors like firmware and post-manufacturing implants.
3. Just the supply chain and quantity of humans involved for these implant devices is huge and it's difficult to compartmentalise that number of people.
4. It requires extreme knowledge of the target design and ability to modify it so there is a huge infiltration identification risk.
5. Evidence is permanently left lying around after it is identified. No national entity would get away with being that brazen.

I'm calling either bullshit, propaganda or CYA here until I see a proper design analysis.

6. The story comes out of Bloomberg, an organisation famed for their in-depth investigative journalism, especially in the technology field, not.

Like you, I'm deeply sceptical until I see this from a reputable tech savvy person or organization who has been able to reproduce the findings first hand and properly documents them in a way that is reproducible by other third parties.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: wraper on October 04, 2018, 02:07:08 pm
2. This is the least cost effective way of doing an attack. Custom silicon, target modification, infiltration are stupidly expensive compared to other vectors like firmware and post-manufacturing implants.
Tampering with firmware is way easier to detect. And it's not that expensive compared to gains you can get, especially if you are Chinese government.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: bd139 on October 04, 2018, 02:10:17 pm
Tampering with firmware is way easier to detect. And it's not that expensive, especially if you are Chinese government.

Not really. All you need is access to the signing key and method which is a single simple attack vector (rubber hose).

Hell I've been entrusted to many "signing keys" and "master passwords" before and had to explain to large financial companies that no it's not ok shipping your EV keys on an unencrypted laptop one of your junior developers lugs to and from work on a tube.

Firmware tampering's only defence is competence and there isn't a lot of that around in the human race and I suspect most of it works at Apple or somewhere where they pay is better.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: NiHaoMike on October 04, 2018, 02:11:58 pm
I'd imagine it would be way easier to replace one of the chips with a "tampered" version than to design what they are calling a tiny spy chip.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: bd139 on October 04, 2018, 02:15:08 pm
Yes like the large Chinese Aspeed SoC IC on the board :)
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: wraper on October 04, 2018, 02:17:49 pm
Tampering with firmware is way easier to detect. And it's not that expensive, especially if you are Chinese government.

Not really. All you need is access to the signing key and method which is a single simple attack vector (rubber hose).

Hell I've been entrusted to many "signing keys" and "master passwords" before and had to explain to large financial companies that no it's not ok shipping your EV keys on an unencrypted laptop one of your junior developers lugs to and from work on a tube.

Firmware tampering's only defence is competence and there isn't a lot of that around in the human race and I suspect most of it works at Apple or somewhere where they pay is better.
If servers are going to be used by secret agencies, you can be pretty sure they'll check the firmware. Moreover they also receive source code from suppliers. These are not home PCs FFS.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: bd139 on October 04, 2018, 02:22:21 pm
I worked in defence sector IT security for a few years and was cleared.

No.

They don’t check the firmware and 99% of hardware is commodity even on classified stuff. And on top of that even with escrow and shared source you don’t get everything. For example on windows shared source you don’t get the cryptographic service providers even if your company makes stark industries look like a Hasbro.

Edit: also don’t assume the competent people work in defence sector. They’re all in finance, like me, where the $$$ is.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: CJay on October 04, 2018, 02:37:13 pm
Tampering with firmware is way easier to detect. And it's not that expensive, especially if you are Chinese government.

Not really. All you need is access to the signing key and method which is a single simple attack vector (rubber hose).

Hell I've been entrusted to many "signing keys" and "master passwords" before and had to explain to large financial companies that no it's not ok shipping your EV keys on an unencrypted laptop one of your junior developers lugs to and from work on a tube.

Firmware tampering's only defence is competence and there isn't a lot of that around in the human race and I suspect most of it works at Apple or somewhere where they pay is better.

Indeed, I've had a similar conversation with womeone this morning who considered it OK to have an unencrypted laptop with his unencrypted secure certificate and keys on the desktop.

So far I've been very nice to him and just deleted the files then requested he encrypts the machine before he leaves the building

If I dont see it registered as encrypting/encrypted by close of business then I'll delete his machine from the network, lock his account, revoke his keys and certificate then report him to Infosec who won't be as nice to him.

Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: VintageTekFan on October 04, 2018, 03:11:35 pm
The timeline would fit for when DELL started including signed firmwares and encryption in their BIOSs and hardware. https://www.infoworld.com/article/3029728/security/dell-bios-verification-extends-security-focus.html (https://www.infoworld.com/article/3029728/security/dell-bios-verification-extends-security-focus.html)
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: Dave3 on October 04, 2018, 03:13:49 pm
It is difficult to "disprove" the Bloomberg article and I assume it is directionally correct for now, without evidence to the contrary.

Apple, Amazon, etal. may be ordered by government to deny attack or not comment at all. The government may provide precise wording the companies may disclose. Those corporate "comments" should be dismissed outright.

Bloomberg runs ultra-high end, ultra secure, trading systems for the largest global banks and investment managers, so the "journalists" will have access to top-tier engineers in-house.

From a profit perspective, Bloomberg risks quite a lot of future Chinese banking business with this article so I can't understand how the bean counters allowed this article to be published.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: Bud on October 04, 2018, 04:00:00 pm
Or it is the other way around, government telling Bloomberg what to say.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: mikeselectricstuff on October 04, 2018, 04:41:41 pm
That article reeks of bullshit and FUD to me.
Unfortunately written by someone who doesn't understand the tech, losing any details that might be informative.
Something inline with SPI flash is about the only thing I can guess based on the sparse info there, maybe even just disabling any write protection.
 
 
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: T3sl4co1l on October 04, 2018, 05:13:03 pm
I don't buy this.

1. The attack is terribly easy to identify once in place.
2. This is the least cost effective way of doing an attack. Custom silicon, target modification, infiltration are stupidly expensive compared to other vectors like firmware and post-manufacturing implants.
3. Just the supply chain and quantity of humans involved for these implant devices is huge and it's difficult to compartmentalise that number of people.
4. It requires extreme knowledge of the target design and ability to modify it so there is a huge infiltration identification risk.
5. Evidence is permanently left lying around after it is identified. No national entity would get away with being that brazen.

I'm calling either bullshit, propaganda or CYA here until I see a proper design analysis.

All your points suggest someone knew; the article says the CIA knew since 2014.  Presumably it wasn't hard to find information around the design, fab and distribution of these chips, just as you suggest.

The article also notes that they wouldn't be wise to release a public statement about the hazard.  The difference between Chinese and US intel: the former can control whatever they want, through direct intimidation, network filtering and so on; the latter can only monitor and covertly plant.

Tim
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: BravoV on October 04, 2018, 05:20:14 pm
Its all for the quick bucks from the short sale on the affected companies stocks. Like the Trump did on Amazon, easy money.  :-DD
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: Red Squirrel on October 04, 2018, 05:25:10 pm
Yikes I have several supermicro servers at home.  :o   looks like they only went after the blade servers though?  I might be safe.  Then again if it's not China putting backdoors, it's the US, via Intel chips.  Seems everything is backdoored now. 
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: Cerebus on October 04, 2018, 05:27:20 pm
Let's apply Ockham here. Which is more likely:

1) China try a high cost, high probability of detection, low probability of success, exploit of limited applicability.

2) In a political climate of 'post truth' someone who wants to provoke a trade war with China 'leaks' propaganda. Everybody else (FBI, DNI, Apple, Amazon etc.) who ought to know about it denies that there is any veracity to it, including people who have the clout to tell the truth and damn anyone who tries to shut them up.

In the absence of verifiable evidence of this exploit, I think Ockham tends towards (2).
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: ajb on October 04, 2018, 05:29:12 pm
Hacakaday pointed out something interesting:

Quote from: https://hackaday.com/2018/10/04/malicious-component-found-on-server-motherboards-supplied-to-numerous-companies/
Hackaday spoke with Joe FitzPatrick (a well known hardware security guru who was quoted in the Bloomberg article). He finds this reported attack as a very believable approach to compromising servers. His take on the BMC is that it’s usually an ARM processor running an ancient version of Linux that has control over the major parts of the server. Any known vulnerability in the BMC would be an attack surface for the custom chip.

If that's the case, then perhaps there is a vulnerability that could be exploited by only changing a few bytes of data in, say, external flash.  The malicious part then simply needs to be able to watch for the appropriate addresses to be read, and insert its doctored data onto the data lines.  That could easily be done in a small device that straddles an SPI interface.  However, I would expect that it would be a lot simpler to substitute a malicious flash IC, which would allow you to have plenty of extra storage and processing to carry out more sophisticated (and updateable!) attacks, and wouldn't require modifying the board layout.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: bd139 on October 04, 2018, 05:39:21 pm
Let's apply Ockham here. Which is more likely:

1) China try a high cost, high probability of detection, low probability of success, exploit of limited applicability.

2) In a political climate of 'post truth' someone who wants to provoke a trade war with China 'leaks' propaganda. Everybody else (FBI, DNI, Apple, Amazon etc.) who ought to know about it denies that there is any veracity to it, including people who have the clout to tell the truth and damn anyone who tries to shut them up.

In the absence of verifiable evidence of this exploit, I think Ockham tends towards (2).

I’m heading in the same direction on that line of thought. The Chinese aren’t idiots.

In fact I’d go as far as to say the only likely vector here is an infiltration into Supermicro themselves from a US based actor (three letter agency) and that’s only if there is some credible evidence that this isn’t horse dung. This might just be finger pointing for plausible deniability in the future.

Hell perhaps there is nothing yet but when they do find something it will be China’s fault by default then.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: CJay on October 04, 2018, 05:47:20 pm
Its all for the quick bucks from the short sale on the affected companies stocks. Like the Trump did on Amazon, easy money.  :-DD

Not convinced, yes Supermicro's shares will take a hit and people will make money but longer term?

Supermicro might feel they need to bring manufacturing back to the US, consider it a 'warning' to fruity high tech companies perhaps?

As for US intelligence only being able to monitor and covertly plant, yeah... I'm sure they've never illegally intimidated anyone or run black ops or anything underhand and oh look, there's a unicorn feeding the Kraken that lives in my garden pond.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: bd139 on October 04, 2018, 05:54:22 pm
Yep: https://arstechnica.com/tech-policy/2014/05/photos-of-an-nsa-upgrade-factory-show-cisco-router-getting-implant/
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: BravoV on October 04, 2018, 06:05:32 pm
Its all for the quick bucks from the short sale on the affected companies stocks. Like the Trump did on Amazon, easy money.  :-DD

Not convinced, yes Supermicro's shares will take a hit and people will make money but longer term?

Sure, its not for everyone, otherwise everyone will get bloody rich.  >:D

What long term ? Especially one probably can make few millions dollars in few hours like when Amazon lost it's value in billion in overnight by Trump's single tweet.  :-DD
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: ajb on October 04, 2018, 06:06:41 pm
Yep: https://arstechnica.com/tech-policy/2014/05/photos-of-an-nsa-upgrade-factory-show-cisco-router-getting-implant/

Although that shows the loading of compromised firmware rather than modifying the hardware.  It's also interesting to note that the NSA intercepted packages bound for specific end users, whereas the approach described in the Bloomberg article is inherently indiscriminate; anyone who gets a particular model/production run is potentially compromised.  Not making a moral judgement, it's just interesting to see the difference in approach.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: bd139 on October 04, 2018, 06:22:28 pm
Yes exactly. Much easier!
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: Mr. Scram on October 04, 2018, 06:33:41 pm
Although that shows the loading of compromised firmware rather than modifying the hardware.  It's also interesting to note that the NSA intercepted packages bound for specific end users, whereas the approach described in the Bloomberg article is inherently indiscriminate; anyone who gets a particular model/production run is potentially compromised.  Not making a moral judgement, it's just interesting to see the difference in approach.
Intercepting specific packages in the US is much easier for the NSA.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: mikeselectricstuff on October 04, 2018, 06:35:33 pm
Amazon AWS say it's bullshit
https://aws.amazon.com/blogs/security/setting-the-record-straight-on-bloomberg-businessweeks-erroneous-article/
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: BravoV on October 04, 2018, 06:45:10 pm
So where is the porn of the affected hardwares ?

Sure anyone these days will jump on this just to get click count as its commodity stuffs that can easily sourced ?  :-//
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: Mr. Scram on October 04, 2018, 06:46:13 pm
Amazon AWS say it's bullshit
https://aws.amazon.com/blogs/security/setting-the-record-straight-on-bloomberg-businessweeks-erroneous-article/
All the players involved deny, which under the current legislation unfortunately tell us exactly nothing.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: mtdoc on October 04, 2018, 06:50:14 pm
Let's apply Ockham here. Which is more likely:

1) China try a high cost, high probability of detection, low probability of success, exploit of limited applicability.

2) In a political climate of 'post truth' someone who wants to provoke a trade war with China 'leaks' propaganda. Everybody else (FBI, DNI, Apple, Amazon etc.) who ought to know about it denies that there is any veracity to it, including people who have the clout to tell the truth and damn anyone who tries to shut them up.

In the absence of verifiable evidence of this exploit, I think Ockham tends towards (2).

Yes.

I read this Bloomberg piece early this morning and it immediately raised several red flags (no pun intended).

It's reassuring to see those with more technical expertise also find it suspicious. As others have noted, the attack as described by Bloomberg would require multiple points of  compromise in the supply chain and there are much easier modes of attack.

If you put in context of recent geopolitical developments, it makes much more sense that Bloomberg is wittingly or unwittingly being used as a propaganda arm for the government. 

Now that the Mueller investigation is winding down and despite lots of accusations (including some meaningless indictments), no proof of Russian collusion or meaningful interference in the 2016 election has been provided.  That and the fact that Putin has not been taking the bait in Syria means it will be difficult to maintain the Russian boogeyman narrative for much longer.

On the other hand recent conflicts in the South China Sea (https://edition.cnn.com/2018/10/03/politics/us-navy-show-of-force-china/index.html) and VP Mike Pence's aggressive anti-China speech  (https://abcnews.go.com/US/vice-president-mike-pence-warns-china-stand/story?id=58282875) this morning means that there is likely a concerted effort underway to shift the focus of the populaces animus towards China.

We live in interesting and dangerous times.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: BravoV on October 04, 2018, 06:53:06 pm
We live in interesting and dangerous times.

Indeed, and reminds me of the Napoleon Bonaparte's quote on China.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: Bud on October 04, 2018, 07:09:12 pm
Yes, the article published at the right time, makes you think.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: aqarwaen on October 04, 2018, 07:48:19 pm
can i ask question?what would happen if someone tried remove that chip from board?would it brick full board?
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: floobydust on October 04, 2018, 08:02:35 pm
Read the Bloomberg article... at the manufacturing level, PCB design was altered to add an MCU packaged as an EMI filter.
On other servers, the MCU was embedded in the PCB's internal layers.
The IC seemed to be an extension of the server bootloader, so it would download an app from china.

I wouldn't call this anything other than a sophisticated hardware back-door for servers.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: bd139 on October 04, 2018, 08:03:42 pm
I call it unicorn shit until I've seen it and smelled it.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: eas on October 04, 2018, 08:10:35 pm
Now that the Mueller investigation is winding down and despite lots of accusations (including some meaningless indictments), no proof of Russian collusion or meaningful interference in the 2016 election has been provided.

There is absolutely no evidence it is raining outside, if you ignore all the evidence that it is raining outside (ground is wet, clouds in sky, droplets of water moving from sky to ground), dismiss the evidence with absurd counter explanations (sure, its wet, but you spit when you talk) and/or simply define raining as "big rocks, floating from the earth to the moon."
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: thm_w on October 04, 2018, 08:16:57 pm
2. This is the least cost effective way of doing an attack. Custom silicon, target modification, infiltration are stupidly expensive compared to other vectors like firmware and post-manufacturing implants.

How is it custom silicon, it could be an off the shelf micro in a custom package (which wouldn't be very expensive).

can i ask question?what would happen if someone tried remove that chip from board?would it brick full board?

Most likely it would be sitting a bus of some sort, so should not cause any problems if removed. But no way to know for sure.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: bd139 on October 04, 2018, 08:30:44 pm
2. This is the least cost effective way of doing an attack. Custom silicon, target modification, infiltration are stupidly expensive compared to other vectors like firmware and post-manufacturing implants.

How is it custom silicon, it could be an off the shelf micro in a custom package (which wouldn't be very expensive).

It's not going to be just a micro. It would have to have a compatible bus interface as well or arbitration of it talks to something else.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: floobydust on October 04, 2018, 08:31:12 pm
I call it unicorn shit until I've seen it and smelled it.
Try reverse logic then.

How would this "American propaganda" about the chinese Supermicro server backdoor benefit the USA?

They're hooped, they can't make these servers or the IC's used anyhow. The technology left the USA long ago.
If making fake news to "bring it back home" as Trump does, seems silly because it would take many years.

“You end up with a classic Satan’s bargain,” a former U.S. official told Bloomberg. “You can have less supply than you want and guarantee it’s secure, or you can have the supply you need, but there will be risk. Every organization has accepted the second proposition.”
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: bd139 on October 04, 2018, 08:38:14 pm
Unicorn shit was aimed at the technology being discovered actually used.

I agree with your point entirely. It's not unlikely.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: chris_leyson on October 04, 2018, 09:28:59 pm
Having some difficultly believing this, I think it's more fake news rather than reality.
It's alleged that processors are embedded in packages that look like EMI filters. It's technically feasable but where do these processors get their power from ? If they didn't have to drive anything then they can harvest a tiny amount of power from the signal lines, and even with the most exotic capacitor dielectric on the planet you're only going to store a few mJ and you're not going to be able to write many bits with a few mJ.
If it's case where one or two manufacturers have been compromised then they can do anything they like to the board including changes to the copper. If you can change the copper then you can provide power to the "EMI filter" and now you can write as many data bits as you want. Who puts EMI filters on a data bus anyway, unless it's going off board.
It's ironic that they are allegedly inside EMI filters, now they are filtering the data. It sounds more like science fiction than science fact.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: borjam on October 04, 2018, 09:43:19 pm
It's not going to be just a micro. It would have to have a compatible bus interface as well or arbitration of it talks to something else.
I could believe something related to the BMC/IPMI/console access stuff. After all they even share Ethernet controllers with the mainboard. Arbitration
there would be simpler.

But what Bloomberg describes is, as you said, unicorns. Forcing the OS to do what? Which OS after all? BIOS, EFI and all that crap is not running when a proper OS is in execution.

Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: mtdoc on October 04, 2018, 09:59:06 pm
How would this "American propaganda" about the chinese Supermicro server backdoor benefit the USA?

To gain support for any war (cold or hot) you need the populace to believe that the "enemy" is threatening you.   Why not baffle them with mysterious electronics jargon and a magical chip "the size of a grain of rice" that allows them to spy on us. (Almost as good as the omnipotent Russian hackers and social media trolls)

Geopolitics 101 - same as it ever was.  There needs to be more than just a trade war to justify military spending.

A new cold war with China is in the making. (https://www.nytimes.com/2018/09/19/us/politics/trump-china-trade-war.html)
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: coppercone2 on October 04, 2018, 10:12:46 pm
china tries to recruit spies on linkedin. enough said
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: wraper on October 04, 2018, 10:23:05 pm
But what Bloomberg describes is, as you said, unicorns. Forcing the OS to do what? Which OS after all? BIOS, EFI and all that crap is not running when a proper OS is in execution.
Then read this  :palm: https://www.zdnet.com/article/minix-intels-hidden-in-chip-operating-system/ (https://www.zdnet.com/article/minix-intels-hidden-in-chip-operating-system/)

Quote
MINIX also has access to your passwords. It can also reimage your computer's firmware even if it's powered off. Let me repeat that. If your computer is "off" but still plugged in, MINIX can still potentially change your computer's fundamental settings.
Quote
How? MINIX can do all this because it runs at a fundamentally lower level.
x86-based computers run their software at different privilege levels or "rings". Your programs run at ring three, and they have the least access to the hardware. The lower the number your program runs at, the more access they have to the hardware. Rings two and one don't tend to be used. Operating systems run on ring zero. Bare-metal hypervisors, such as Xen, run on ring -1. Unified Extensible Firmware Interface (UEFI) runs on ring -2. MINIX? It runs on ring -3.

You can't see it. You can't control it. It's just humming away there, running your computer. The result, according to Minnich is "there are big giant holes that people can drive exploits through." He continued, "Are you scared yet? If you're not scared yet, maybe I didn't explain it very well, because I sure am scared."
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: floobydust on October 04, 2018, 10:23:16 pm
I find it believable for the PLA military to add a little IC for a backdoor.

Intel Management Engine is in all their server chipsets, used on Supermicro blades. The PCB artwork was modified and a part "added" according to the press out there.
Example, for the C600 (https://www.intel.com/content/www/us/en/products/chipsets/server-chipsets.html?page=2) series server chipsets, the ME F/W is loaded from SPI flash. Six-pins (EMI filter package ) are enough for an MCU with SPI to communicate with the chipset or main CPU's and inject a Trojan.
Or maybe the chinese simply added an SPI flash IC.

Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: bd139 on October 04, 2018, 10:29:03 pm
But again two questions;

1. Why? There are much easier attack vectors.
2. Who? Supermicro stuff is designed in USA. Do they not do design validation on production runs and sampling?
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: mtdoc on October 04, 2018, 10:29:49 pm
But what Bloomberg describes is, as you said, unicorns. Forcing the OS to do what? Which OS after all? BIOS, EFI and all that crap is not running when a proper OS is in execution.
Then read this  :palm: https://www.zdnet.com/article/minix-intels-hidden-in-chip-operating-system/ (https://www.zdnet.com/article/minix-intels-hidden-in-chip-operating-system/)

Quote
MINIX also has access to your passwords. It can also reimage your computer's firmware even if it's powered off. Let me repeat that. If your computer is "off" but still plugged in, MINIX can still potentially change your computer's fundamental settings.

But doesn't this support the idea that there are easier ways to do this than add a new chip to a motherboard?  Wouldn't altering or cloning/replacing an existing chip be easier and require fewer potential points of detection in the supply chain?

I don't doubt the Chinese are motivated and capable to do such spying (as are Western intelligence agencies) but the nature and timing of this report seems awfully suspicious.  Another possibility is that this has been known for sometime but the report has been sat on, awaiting the proper geopolitical timing.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: wraper on October 04, 2018, 10:34:29 pm
But again two questions;

1. Why? There are much easier attack vectors.
2. Who? Supermicro stuff is designed in USA. Do they not do design validation on production runs and sampling?
I dunno if it's real or not but there are good reasons to do it. They cannot plant hacked firmware on a few devices for particular customer. They cannot intercept a few packages for particular customer and do it NSA style. If they do this in wide scale hoping it gets somewhere where they need, hacked firmware won't do. Too wide exposure and someone will find it. With such approach it needs to be something extremely difficult to find.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: floobydust on October 04, 2018, 10:38:29 pm
"The majority of its workforce in San Jose is Taiwanese or Chinese"
The PCB assembler, was supplied modified PCB's and stuffed on the extra one little tiny part.

I can't think of a better or easier way to surreptitiously get a trojan into servers across the world.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: bd139 on October 04, 2018, 10:40:41 pm
But again two questions;

1. Why? There are much easier attack vectors.
2. Who? Supermicro stuff is designed in USA. Do they not do design validation on production runs and sampling?
I dunno if it's real or not but there are good reasons to do it. They cannot plant hacked firmware on a few devices for particular customer. They cannot intercept a few packages for particular customer and do it NSA style. If they do this in wide scale hoping it gets somewhere where they need, hacked firmware won't do. Too wide exposure and someone will find it. With such approach it needs to be something extremely difficult to find.

That’s why software is the place to do it.

I suggest people read the following:

1. https://www.archive.ece.cmu.edu/~ganger/712.fall02/papers/p761-thompson.pdf (https://www.archive.ece.cmu.edu/~ganger/712.fall02/papers/p761-thompson.pdf)
2. https://www.theregister.co.uk/2010/12/15/openbsd_backdoor_claim/ (https://www.theregister.co.uk/2010/12/15/openbsd_backdoor_claim/)

Successful attacks leave no evidence and are plausibly deniable. Hardware is a massive steaming chunk of curly evidence.

"The majority of its workforce in San Jose is Taiwanese or Chinese"
The PCB assembler, was supplied modified PCB's and stuffed on the extra one little tiny part.

I can't think of a better or easier way to surreptitiously get a trojan into servers across the world.


Software.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: Halcyon on October 04, 2018, 10:44:38 pm
But again two questions;

1. Why? There are much easier attack vectors.
2. Who? Supermicro stuff is designed in USA. Do they not do design validation on production runs and sampling?
I dunno if it's real or not but there are good reasons to do it. They cannot plant hacked firmware on a few devices for particular customer. They cannot intercept a few packages for particular customer and do it NSA style. If they do this in wide scale hoping it gets somewhere where they need, hacked firmware won't do. Too wide exposure and someone will find it. With such approach it needs to be something extremely difficult to find.

That’s why software is the place to do it.

I suggest people read the following:

1. https://www.archive.ece.cmu.edu/~ganger/712.fall02/papers/p761-thompson.pdf (https://www.archive.ece.cmu.edu/~ganger/712.fall02/papers/p761-thompson.pdf)
2. https://www.theregister.co.uk/2010/12/15/openbsd_backdoor_claim/ (https://www.theregister.co.uk/2010/12/15/openbsd_backdoor_claim/)

Successful attacks leave no evidence and are plausibly deniable. Hardware is a massive steaming chunk of curly evidence.

"The majority of its workforce in San Jose is Taiwanese or Chinese"
The PCB assembler, was supplied modified PCB's and stuffed on the extra one little tiny part.

I can't think of a better or easier way to surreptitiously get a trojan into servers across the world.


Software.

+1 software, absolutely.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: wraper on October 04, 2018, 10:48:36 pm
Software.
You can relatively easily find that software/firmware was altered. If it's a tiny innocent looking EMI filter, sleeping until comes time to do it's dirty job, it's way more difficult to figure it out.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: bd139 on October 04, 2018, 10:52:12 pm
Can you tell a malicious alteration from non malicious code?

Hell no. We’ve had auditors walk straight over stuff we threw in to trip them up and we’re not experts in that sort of thing (well not intentionally  :-DD)

There’s no formal verification of the code. If they can get a massive amount of people in a supply chain then they have the funds and resources to get a software plant or take over a company network. And you can do it without leaving a speck of evidence. An actual tangible device is a smoking gun of immense scale and a point of analysis.

Look at the recent BA MageCart hack as an example.

There is no logic.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: wraper on October 04, 2018, 10:56:16 pm
Can you tell a malicious alteration from non malicious code?

Hell no. We’ve had auditors walk straight over stuff we threw in to trip them up and we’re not experts in that sort of thing (well not intentionally  :-DD)
You can simply start verifying if data matches to what is supposed to be there. If something is off, it's a signal for further investigation.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: Halcyon on October 04, 2018, 10:58:59 pm
Can you tell a malicious alteration from non malicious code?

Hell no. We’ve had auditors walk straight over stuff we threw in to trip them up and we’re not experts in that sort of thing

Hash values would be a quick and easy start.

If your auditors can't manage a basic thing like that, maybe you should reconsider who audits your gear.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: Rick Law on October 04, 2018, 11:02:20 pm
china tries to recruit spies on linkedin. enough said

Everyone spies on everyone else.  Sometimes we forget, developed nation spy on each other too.  Remember when France spies was bugging Air France first-class for business/industrial info?See [1]  So, I would not be too surprised by or being too "holier than thou" with China being in the spy game.

That said, perhaps we may be too preoccupied with spying.  I wonder could it be some copy-protection/detection like some of the useless bits of circuit put into an IC just to detect if this is fake manufactured by others.


(For those who missed the news back then...)
[1] "Les unsporting gits! French spies BUGGED Concorde passengers", The Register, 2015

"Ed Wallace, director of incident response and advanced threats at security consultancy MWR Infosecurity, pointed us towards forgotten reports that French spies routinely bugged first-class passengers flying with Air France – including Concorde passengers – back in the 1990s.

The idea was that business people relaxing on a long trip, and perhaps enjoying a drink or two, might discuss all manner of commercially sensitive information, oblivious to the possibility of eavesdropping. The motive was economic espionage rather than national security or anti-terrorism."

Quoted from:
https://www.theregister.co.uk/2015/06/09/french_spied_concorde_passengers/ (https://www.theregister.co.uk/2015/06/09/french_spied_concorde_passengers/)
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: bd139 on October 04, 2018, 11:06:07 pm
Can you tell a malicious alteration from non malicious code?

Hell no. We’ve had auditors walk straight over stuff we threw in to trip them up and we’re not experts in that sort of thing (well not intentionally  :-DD)
You can simply start verifying if data matches to what is supposed to be there. If something is off, it's a signal for further investigation.

That is formal verification. You can’t retrospectively use this to apply security. You have to build it in from the start. You can’t start with a sieve and fill all the holes with cement.

Can you tell a malicious alteration from non malicious code?

Hell no. We’ve had auditors walk straight over stuff we threw in to trip them up and we’re not experts in that sort of thing

Hash values would be a quick and easy start.

If your auditors can't manage a basic thing like that, maybe you should reconsider who audits your gear.

Hashing is performed on the build output. Hashing also requires the hashes to be stored. The attack vectors are still valid at source level. And bypassing hash verification and even changing the hashes are viable target attacks. In fact they are some of the easiest. Look up “goto fail” for a fine example of a suitably obscure cock up that stopped validation.

Multiple auditors for reference. It was not identified because it’s is subtle, requires extremely large knowledge of the problem domain, and a specific code path to be executed. An external auditor or internal auditor would need to be a domain expert with several years experience to do it.

We joke that When your mid level dev turns up with a model s Tesla then you need to read all his commits in the last year again.

This is my bread and butter. I get paid to deal with this. You need to come up with some better responses. Sorry. People really do not understand secure programming models.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: TimNJ on October 04, 2018, 11:08:41 pm
So, if Supermicro is an American company and designed the board in the US (and/or the US team has acceaa to the manufacturing files), shouldn’t they be able to confirm that chip U1xx was not part of the design but appears on the manufactured product?
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: mtdoc on October 04, 2018, 11:33:11 pm
Some interesting, informed discussion of the technical aspects of this story in this Twitter thread (https://twitter.com/securelyfitz/status/1047987429360033792).
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: ogden on October 04, 2018, 11:43:48 pm
That article reeks of bullshit and FUD to me.
Unfortunately written by someone who doesn't understand the tech, losing any details that might be informative.
Something inline with SPI flash is about the only thing I can guess based on the sparse info there, maybe even just disabling any write protection.

Though one detail was mentioned: "The illicit chips could do all this because they were connected to the baseboard management controller".  I find it plausible that they attacked WPCM450 (https://www.supermicro.com/manuals/other/Embedded_BMC_IPMI.pdf) and did it by putting their spy chip on SMBus.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: Cerebus on October 04, 2018, 11:49:35 pm
How would this "American propaganda" about the chinese Supermicro server backdoor benefit the USA?

To gain support for any war (cold or hot) you need the populace to believe that the "enemy" is threatening you.   Why not baffle them with mysterious electronics jargon and a magical chip "the size of a grain of rice" that allows them to spy on us. (Almost as good as the omnipotent Russian hackers and social media trolls)

Geopolitics 101 - same as it ever was.  There needs to be more than just a trade war to justify military spending.

A new cold war with China is in the making. (https://www.nytimes.com/2018/09/19/us/politics/trump-china-trade-war.html)

I'll let a better man than me speak:

Quote from: General Dwight D. Eisenhower, speaking as the 34th president of the USA
    A vital element in keeping the peace is our military establishment. Our arms must be mighty, ready for instant action, so that no potential aggressor may be tempted to risk his own destruction...

    This conjunction of an immense military establishment and a large arms industry is new in the American experience. The total influence—economic, political, even spiritual—is felt in every city, every statehouse, every office of the federal government. We recognize the imperative need for this development. Yet we must not fail to comprehend its grave implications. Our toil, resources and livelihood are all involved; so is the very structure of our society. In the councils of government, we must guard against the acquisition of unwarranted influence, whether sought or unsought, by the military–industrial complex. The potential for the disastrous rise of misplaced power exists, and will persist. We must never let the weight of this combination endanger our liberties or democratic processes. We should take nothing for granted. Only an alert and knowledgeable citizenry can compel the proper meshing of the huge industrial and military machinery of defense with our peaceful methods and goals so that security and liberty may prosper together. [emphasis added]

Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: Cerebus on October 05, 2018, 12:00:48 am
Software.
You can relatively easily find that software/firmware was altered. If it's a tiny innocent looking EMI filter, sleeping until comes time to do it's dirty job, it's way more difficult to figure it out.

You've not read Thompson's paper have you? If you had you would know you were talking out of your hat.

Quote from: Ken Thompson
The moral is obvious. You can't trust code that you did not totally create yourself. (Especially code from companies that employ people like me.) No amount of source-level verification or scrutiny will protect you from using untrusted code.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: xaxaxa on October 05, 2018, 12:03:58 am
time to buy supermicro stock?  :D
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: JoeO on October 05, 2018, 12:18:05 am
I would be surprised if the Chinese were NOT doing this type of activities.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: EEVblog on October 05, 2018, 02:21:45 am
Doing this SuperMicro motherboard implant as a component retrofit (chip disguised as a decoupler or ESD protection or whatever) without it being obvious (cuts/bodge wires)
seems quite implausible.

Factory design engineered?
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: EEVblog on October 05, 2018, 02:31:55 am
One other way to do it would be by the PCB supplier modifying the gerbers to add the part. But then the assembler has to be in on it too.

Supermicro are probably being gagged with a fear of losing contracts or whatever, as it would be easy for them to come out and prove it wasn't in their design and layout, and that's it was some manufacturing  chain interdiction.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: TimNJ on October 05, 2018, 02:48:08 am
Doing this SuperMicro motherboard implant as a component retrofit (chip disguised as a decoupler or ESD protection or whatever) without it being obvious (cuts/bodge wires)
seems quite implausible.

Factory design engineered?

Kind of my main point of confusion. Sure, you can make a custom chip to harvest data off some I2C-esque bus. But, the board was (presumably) not designed to accommodate this extra chip to start with...so how'd they get it on there? You can't just stick a chip on a board willy-nilly...obviously..

The photo they showed (assuming that's really it) looked like a directional coupler. Something like this one: https://product.tdk.com/info/en/products/rf/rf/coupler/index.html

Is it possible that Supermicro had made accommodations for a directional coupler (or whatever it is), and then decided not to populate it? Even if that's true, couplers are passive parts; There shouldn't be a power supply connection.

Or, perhaps, the board was modified at the PCB manufacturer/assembly house. I suppose they could have went in, modified the Gerbers, and added one more part to the PnP list...But if that's the case, then Supermicro should be able to come out and say "Hey that PCB layout was never approved by us!". But they haven't said that.

Or Supermicro is directly colluding with China.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: TimNJ on October 05, 2018, 02:48:55 am
One other way to do it would be by the PCB supplier modifying the gerbers to add the part. But then the assembler has to be in on it too.

Supermicro are probably being gagged with a fear of losing contracts or whatever, as it would be easy for them to come out and prove it wasn't in their design and layout, and that's it was some manufacturing  chain interdiction.

Exactly my thoughts.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: JustMeHere on October 05, 2018, 03:02:19 am
I would have my SSL handshake hide data in the session setup.  You would not be easily able to detect it.  When the system does an online BIOS update, send the data. 

For example the N position in the prime number is actually byte data.  Have N change every time.


Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: Red Squirrel on October 05, 2018, 03:14:22 am
Has anyone with Supermicro hardware been able to locate this chip?  What happens if you just desolder it?
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: mtdoc on October 05, 2018, 03:33:18 am
Has anyone with Supermicro hardware been able to locate this chip?  What happens if you just desolder it?

That will be the key to confirming or debunking this story. Someone is going to have to come forward with one of these chips found on their hardware and have it subjected to public analysis to convince me this it is real.  If anyone out there finds one, send it to Dave or Mike or Shahriar for analysis.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: EEVblog on October 05, 2018, 03:39:13 am
Has anyone with Supermicro hardware been able to locate this chip?  What happens if you just desolder it?

I have a SuperMicro server motherboard, but even if it did have the chip (unlikely I guess unless it's widespead across all models) with little to go on it would be hard to identify.

https://www.supermicro.com/products/motherboard/xeon/c600/x9dai.cfm (https://www.supermicro.com/products/motherboard/xeon/c600/x9dai.cfm)
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: EEVblog on October 05, 2018, 03:52:56 am
The major parties have responded:
https://www.bloomberg.com/news/articles/2018-10-04/the-big-hack-amazon-apple-supermicro-and-beijing-respond (https://www.bloomberg.com/news/articles/2018-10-04/the-big-hack-amazon-apple-supermicro-and-beijing-respond)

Bloomberg got it wrong? Or CIA cover-up?  8)
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: FrankBuss on October 05, 2018, 04:01:00 am
The major parties have responded:
https://www.bloomberg.com/news/articles/2018-10-04/the-big-hack-amazon-apple-supermicro-and-beijing-respond (https://www.bloomberg.com/news/articles/2018-10-04/the-big-hack-amazon-apple-supermicro-and-beijing-respond)

Bloomberg got it wrong? Or CIA cover-up?  8)

Interesting to note, that China’s Ministry of Foreign Affairs didn't deny it, if it didn't get lost in translation.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: David Hess on October 05, 2018, 04:12:12 am
None of the companies involved are going to want to publicly admit this happened.

What I read is that Supermicro contracts out board production and due to production limitations, production may be further contracted out which is where the compromised boards were produced.

This attack has been discussed in trade articles along with compromised firmware and compromised masks.  It is less expensive and easier to accomplish than a compromised mask but easier to detect.  Someone was bound to try it and I am surprised it took this long.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: MK14 on October 05, 2018, 04:15:14 am
This story, seems to be rapidly getting more and more complicated.

https://www.theregister.co.uk/2018/10/04/supermicro_bloomberg/?page=1 (https://www.theregister.co.uk/2018/10/04/supermicro_bloomberg/?page=1)

If the story turns out to be substantially true. I would be annoyed that we didn't hear about it in 2015. So potentially three years worth of data could have been compromised.

I still agree that the story is probably not really true and/or an exaggeration. As others, have pointed out in this thread.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: TimNJ on October 05, 2018, 04:15:49 am
Has anyone with Supermicro hardware been able to locate this chip?  What happens if you just desolder it?

That will be the key to confirming or debunking this story. Someone is going to have to come forward with one of these chips found on their hardware and have it subjected to public analysis to convince me this it is real.  If anyone out there finds one, send it to Dave or Mike or Shahriar for analysis.

There are hi-res pictures on Twitter of the exact board with no suspicious/malicious chip installed. It's possible that only server boards headed to Apple, AWS, et al. got the special treatment. I'm sure an order from Apple warrants a standalone production run.

Boards purchased by every day people/smaller players might not have it, so there might not be proof unless one of the (supposedly) 30 companies steps forward.

Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: donotdespisethesnake on October 05, 2018, 06:48:11 am
I think the story is bullshit. Possibly someone has decided to stitch up Bloomberg with a "fake news" story.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: bd139 on October 05, 2018, 06:54:33 am
Well I woke up this morning to three emails from a company having a total panic about this. Their IT guys only read the news on the way home from work, ate dinner, thought about it, then had a paddy at about midnight.

They don’t even have any Supermicro boxes.

I think the source and mission here has been very effective. Awaiting US political comment.

Also Bloomberg has puked out an opinion piece as well to stir discussion with a suitably facepalm title: https://www.bloomberg.com/view/articles/2018-10-04/computer-spies-hacked-reality (https://www.bloomberg.com/view/articles/2018-10-04/computer-spies-hacked-reality)

Today is going to be interesting for me. Not.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: Zucca on October 05, 2018, 07:10:03 am
My italian grandma knew nothing about PC or cyber EE security.
She used to say: "Il diavolo fa le pentole ma non i coperchi".

http://smilingeggplant.blogspot.com/2010/05/italian-proverbs-il-diavolo-fa-le.html (http://smilingeggplant.blogspot.com/2010/05/italian-proverbs-il-diavolo-fa-le.html)

So if you doing something dishonest stop it, it's better for you and for the others.

(http://2.bp.blogspot.com/_ei2z7PAy32Q/S_8XoD8Az3I/AAAAAAAACNU/Xzwi7bNCl-E/s200/Devil-1.JPG)
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: borjam on October 05, 2018, 10:28:51 am
I think the source and mission here has been very effective. Awaiting US political comment.
I'm tending to agree with you. Doing the mental experiment of trying to pull that trick myself it gets more incredible by the minute. If that was possible it would be mostly limited to the IMPI/remote administration stuff. And with a properly filtered/isolated network it's unlikely that the machines could call home.

Unless, of course, plenty of infrastructure was already compromised years ago allowing for some invisible covert channel communications to take place.

In which case, anyway, it would be limited to extremely low bandwidth stuff suitable at most for critical infrastructure mapping (where did these servers manufactured in plant A or B go?) or even a kill switch. I am sure all of us have fantasized about a Pearl Harbor attack using embedded kill switches. I still doubt they would really achieve a "total" impact, so the risk of retaliation would be too high. And anyway how would the Chinese sustain their industry without us buying the stuff?

Quote
Also Bloomberg has puked out an opinion piece as well to stir discussion with a suitably facepalm title: https://www.bloomberg.com/view/articles/2018-10-04/computer-spies-hacked-reality (https://www.bloomberg.com/view/articles/2018-10-04/computer-spies-hacked-reality)

I really dispute some of the claims in this opinion piece. There are plenty of people with OS internals knowledge. It's blatantly obvious that both Apple and Amazon employ capable staff because, well, Apple is an OS vendor and Amazon has done a lof of development for their cloud services. Moreover, if you tinker with OS internals *and* drivers you need some level of hardware knowledge. There's the minor detail that Apple designs and manufactures hardware and I guess Amazon has custom designs as well.

And with the complexity of current hardware, just stare at a component and you will make it crash. Adding stuff?   :palm:

Of course I wouldn't rule out a really stupid real world feasibility test by actually compromising a bunch of servers. But still...

And yes, I know of that old Minix OS running inside some CPUs. But, does that thing really have access to the Ethernet interface while an OS driver is operating? Only during system boot before the OS is loaded?
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: srce on October 05, 2018, 11:17:25 am
That article reeks of bullshit and FUD to me.
Unfortunately written by someone who doesn't understand the tech, losing any details that might be informative.
Something inline with SPI flash is about the only thing I can guess based on the sparse info there, maybe even just disabling any write protection.

Though one detail was mentioned: "The illicit chips could do all this because they were connected to the baseboard management controller".  I find it plausible that they attacked WPCM450 (https://www.supermicro.com/manuals/other/Embedded_BMC_IPMI.pdf) and did it by putting their spy chip on SMBus.
It certainly seems feasible (even if it didn't actually happen). The IPMI architecutre provides access to both the NIC + system memory. I don't see why you couldn't have something on either the I2C or SPI busses monitoring / modifying data.

Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: funkyant on October 05, 2018, 11:25:28 am
Let's apply Ockham here. Which is more likely:

1) China try a high cost, high probability of detection, low probability of success, exploit of limited applicability.

2) In a political climate of 'post truth' someone who wants to provoke a trade war with China 'leaks' propaganda. Everybody else (FBI, DNI, Apple, Amazon etc.) who ought to know about it denies that there is any veracity to it, including people who have the clout to tell the truth and damn anyone who tries to shut them up.

In the absence of verifiable evidence of this exploit, I think Ockham tends towards (2).

The interesting thing about Occam's Razor is that it's only ever introduced into an argument when there is no evidence.

I tend to agree with others here. This is probably fake news. But we can only guess until we know more facts.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: BravoV on October 05, 2018, 12:08:59 pm
But we can only guess until we know more facts.

No guessing needed, hard fact and fact only, its not that hard, especially in this community.

Watch how big names were mentioned deliberately, instead down to earth exposure of the hardware porn, or fragments of codes that are the culprits.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: MK14 on October 05, 2018, 12:26:35 pm
I'm not sure that this "story", adds up, in my mind.

Because the journalist(s), who released the "story", seem to be claiming, the main evidence comes from Amazon, Apple and SuperMicro.
Yet, Amazon, Apple and SuperMicro all strongly claim the story is nonsense.

The journalist(s), explanation of why, Amazon, Apple and SuperMicro all deny the story, is because (they are hinting), the US Trump Administration has gagged them.

But, if the US Trump Administration has gagged them, why have the journalist(s), been allowed to release the story.

tl;dr
This story sounds very fishy and doesn't seem to add up.

I get, very suspicious of the US Trump Administration. Especially as regards, honesty and integrity.

Recently, Trump has been VERY aggressive against China, at the UN and with Trumps massive trade war with China.
This makes me very suspicious the story is false (or exaggerated or something).

Where is the real evidence (i.e. hardware) ?
Let's see these spy chips and let independent organisation(s), investigate them and publish the results.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: BravoV on October 05, 2018, 01:08:24 pm
This story sounds very fishy and doesn't seem to add up.

I get, very suspicious of the US Trump Administration. Especially as regards, honesty and integrity.

Recently, Trump has been VERY aggressive against China, at the UN and with Trumps massive trade war with China.
This makes me very suspicious the story is false (or exaggerated or something).

Where is the real evidence (i.e. hardware) ?
Let's see these spy chips and let independent organisation(s), investigate them and publish the results.

One word ... S-400.

(https://upload.wikimedia.org/wikipedia/commons/d/dd/S-400_Triumf.jpg)

Fact and fact only ..

- Turkey, look what happened recently, when they were bullied using currency weapon.

- India, its just matter of time, news similar like this one pops out like popcorn say on topics like Indian IT business used by Westerner, Indian people that work as top officials at large technology companies and etc, if India keeps the "naughtiness" like keep pursuing this kind of activities -> HERE (https://edition.cnn.com/2018/10/05/asia/india-s400-deal-intl/index.html) or HERE (https://www.cnbc.com/2018/10/05/india-wants-to-buy-russian-missiles-to-counter-china-influence.html) ...  :-DD

- China , its obvious, and with the recent addition for S-400 delivered by Russia, its just like pouring fuel in the fire ..  >:D

.. so on.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: MK14 on October 05, 2018, 01:28:23 pm
- China , its obvious, and with the recent addition for S-400 delivered by Russia, its just like pouring fuel in the fire ..  >:D

.. so on.

If what you seem to be hinting/thinking/suggesting, is right. Then we are moving to a partly (as it has probably be done, lots of times before), new era, where the US (Trump Administration), creates bogus fake-news. Just to hurt countries/companies/individuals which it dislikes and/or wants to penalize.

If that is the case, it is sad times ahead.

The old saying, goes something like "The first casualty of war is the TRUTH".
Hopefully, we are just talking about "COLD" wars.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: Mr. Scram on October 05, 2018, 01:28:34 pm
The plot thickens. Apparently an ftp server of Supermicro got hacked a while back and served infected firmware. This was the reason Apple stopped working with Supermicro, according to Apple. Reports are that they initially denied any of this happening back then. Maybe their gag order ran out after a while?

https://www.macrumors.com/2017/02/23/apple-ends-relationship-with-super-micro/ (https://www.macrumors.com/2017/02/23/apple-ends-relationship-with-super-micro/)
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: Mr. Scram on October 05, 2018, 01:29:55 pm
If what you seem to be hinting/thinking/suggesting, is right. Then we are moving to a partly (as it has probably be done, lots of times before), new era, where the US (Trump Administration), creates bogus fake-news. Just to hurt countries/companies/individuals which it dislikes and/or wants to hurt.

If that is the case, it is sad times ahead.

The old saying, goes something like "The first casualty of war is the TRUTH".
I think many countries in the recent and more distant past have done this. It's nothing new.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: MK14 on October 05, 2018, 01:36:41 pm
I think many countries in the recent and more distant past have done this. It's nothing new.

Yes, that is true.
But in the case of many countries, such as the UK.
It is only in times of actual war (e.g. world war 2), or when they are at war with another country. That the hypothetical department of misinformation, comes rolling into action.

But I agree, that political systems, including the UK. Seem to sometimes come up with "stories", to apparently manipulate things. Such as Brexit and the EU.
The "stories", are usually basically true. But the timing and creation/release of the story at just the **right/**wrong time, seems to be more than just a coincidence!

**=right time for the political party, initiating the news, and wrong time for the people the news is about.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: BravoV on October 05, 2018, 01:43:18 pm
- China , its obvious, and with the recent addition for S-400 delivered by Russia, its just like pouring fuel in the fire ..  >:D

.. so on.

If what you seem to be hinting/thinking/suggesting, is right. Then we are moving to a partly (as it has probably be done, lots of times before), new era, where the US (Trump Administration), creates bogus fake-news. Just to hurt countries/companies/individuals which it dislikes and/or wants to penalize.

If that is the case, it is sad times ahead.

The old saying, goes something like "The first casualty of war is the TRUTH".
Hopefully, we are just talking about "COLD" wars.

As I don't have crystal ball, gut feeling telling me this time, the "new era" is emerging, and will be shaped totally as different animal, from what we've seen/experienced in the past at the previous cold war.

All my kids are grown ups, just my 2 cents, for those with young kids, interesting time ahead, think & plan wisely what are you planning for them if you care & love them.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: bd139 on October 05, 2018, 01:45:18 pm
I think many countries in the recent and more distant past have done this. It's nothing new.

Yes, that is true.
But in the case of many countries, such as the UK.
It is only in times of actual war (e.g. world war 2), or when they are at war with another country. That the hypothetical department of misinformation, comes rolling into action.

But I agree, that political systems, including the UK. Seem to sometimes come up with "stories", to apparently manipulate things. Such as Brexit and the EU.
The "stories", are usually basically true. But the timing and creation/release of the story at just the **right/**wrong time, seems to be more than just a coincidence!

**=right time for the political party, initiating the news, and wrong time for the people the news is about.

Actually it's more complicated than this.

Tell a lie out loud in a sector where people are easily misled (tabloids), print an apology / rebuttal in small print somewhere else down the line.

People still remember the initial story.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: madires on October 05, 2018, 01:50:18 pm
My take on this is that Amazon and the others deny the existence of a spy chip because it would harm their cloud business (under the assumption the spy chip is real). Who would use compromised servers? It would be a disaster, worse than Meltdown and Spectre.

Is there a spy chip? To be able to extract valuable data you would need access to the CPU and/or RAM. That requires a large chip with a lot of bus lines. Too obvious! Tapping the onboard Ethernet? 10GBase-whatever makes that hard too. What about the integrated remote management? It's low speed, but no sane person would connect the management ports to the Internet. The most likely approach is to modify the UEFI, i.e. adding the spy tool and starting it before the OS gets loaded (requires also some tweaking of SecureBoot).
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: MK14 on October 05, 2018, 01:52:14 pm
Actually it's more complicated than this.

Tell a lie out loud in a sector where people are easily misled (tabloids), print an apology / rebuttal in small print somewhere else down the line.

People still remember the initial story.

Good point.

I think there is no way, this story can be retracted now. However much it is proven to be false (assuming it is false).

The seeds of doubt, in the integrity/security of computer systems, and security risks of getting stuff made in China and/or Chinese electronic components. Has already been put into peoples minds.

Because of the way technical stories like this propagate. I imagine the general public will soon think it applies to ALL PCs, and even tablets and mobile phones.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: VK3DRB on October 05, 2018, 01:53:14 pm
Whether it is true or not about the fake capacitor, we all know Chinese communist government is the world's biggest crime syndicate.

For a start, the free world needs to confiscate all foreign properties, securities and loot smuggled abroad by the members and the families of the Central Committee of the Chinese Communist Party. The billions of dollars can be used to help pay some of the damage to western companies caused by China's rampant and shameless IP theft. 
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: TimNJ on October 05, 2018, 02:01:53 pm
The plot thickens. Apparently an ftp server of Supermicro got hacked a while back and served infected firmware. This was the reason Apple stopped working with Supermicro, according to Apple. Reports are that they initially denied any of this happening back then. Maybe their gag order ran out after a while?

https://www.macrumors.com/2017/02/23/apple-ends-relationship-with-super-micro/ (https://www.macrumors.com/2017/02/23/apple-ends-relationship-with-super-micro/)

Really? Drop an entire vendor because one lab machine had infected firmware? And then deny that there was a security incident? And then come back and admit that they did find bad firmware?

I don't think we can really trust Apple at this point. If true, they'll deny this to the grave.

When you discover a security breach, why tell your shareholders when you can also not tell your shareholders?
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: bd139 on October 05, 2018, 02:10:21 pm
Whether it is true or not about the fake capacitor, we all know Chinese communist government is the world's biggest crime syndicate.

For a start, the free world needs to confiscate all foreign properties, securities and loot smuggled abroad by the members and the families of the Central Committee of the Chinese Communist Party. The billions of dollars can be used to help pay some of the damage to western companies caused by China's rampant and shameless IP theft. 

Let's not blanket blame China here yet or start pointing fingers. Chinese universities are pretty much shitting on the West at the moment on new developments so I'm not sure that's even realistic.

There's a whole list of reasons here to not point fingers yet: https://en.wikipedia.org/wiki/Global_surveillance_disclosures_(2013%E2%80%93present) (https://en.wikipedia.org/wiki/Global_surveillance_disclosures_(2013%E2%80%93present))



The plot thickens. Apparently an ftp server of Supermicro got hacked a while back and served infected firmware. This was the reason Apple stopped working with Supermicro, according to Apple. Reports are that they initially denied any of this happening back then. Maybe their gag order ran out after a while?

https://www.macrumors.com/2017/02/23/apple-ends-relationship-with-super-micro/ (https://www.macrumors.com/2017/02/23/apple-ends-relationship-with-super-micro/)

Really? Drop an entire vendor because one lab machine had infected firmware? And then deny that there was a security incident? And then come back and admit that they did find bad firmware?

I don't think we can really trust Apple at this point. If true, they'll deny this to the grave.

When you discover a security breach, why tell your shareholders when you can also not tell your shareholders?

Apple have done that numerous times. They got a better deal elsewhere and used that as leverage to get out of the current one.

Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: TimNJ on October 05, 2018, 02:15:33 pm
The plot thickens. Apparently an ftp server of Supermicro got hacked a while back and served infected firmware. This was the reason Apple stopped working with Supermicro, according to Apple. Reports are that they initially denied any of this happening back then. Maybe their gag order ran out after a while?

https://www.macrumors.com/2017/02/23/apple-ends-relationship-with-super-micro/ (https://www.macrumors.com/2017/02/23/apple-ends-relationship-with-super-micro/)

Really? Drop an entire vendor because one lab machine had infected firmware? And then deny that there was a security incident? And then come back and admit that they did find bad firmware?

I don't think we can really trust Apple at this point. If true, they'll deny this to the grave.

When you discover a security breach, why tell your shareholders when you can also not tell your shareholders?

Apple have done that numerous times. They got a better deal elsewhere and used that as leverage to get out of the current one.



They have used a security "concern" to get out of a contract with a vendor (even if it wasn't that big of a deal)? Maybe.

Still don't give me warm and fuzzies that they lied about it.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: BravoV on October 05, 2018, 02:18:35 pm
I guess someone at UK National Cyber Security Centre pissed off with Trump ...  :-DD

https://www.cnbc.com/2018/10/05/uk-cyber-security-agency-backs-apple-amazon-china-hack-denials.html (https://www.cnbc.com/2018/10/05/uk-cyber-security-agency-backs-apple-amazon-china-hack-denials.html)
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: Bud on October 05, 2018, 02:22:27 pm
In the Thermal Imaging sub forum a complete compromise of the E4 camera security was achieved by modifying just 1 bit of a cpu instruction code. So things may be possible to achieve with a clever approach instead of a dumb one and you may not need access to the full cpu or ram bus, just to a part of it.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: Bud on October 05, 2018, 02:31:26 pm
I guess someone at UK National Cyber Security Centre pissed off with Trump ...  :-DD

https://www.cnbc.com/2018/10/05/uk-cyber-security-agency-backs-apple-amazon-china-hack-denials.html (https://www.cnbc.com/2018/10/05/uk-cyber-security-agency-backs-apple-amazon-china-hack-denials.html)

So how come they have become so sure about having no doubt that fast ?
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: bd139 on October 05, 2018, 02:41:50 pm
I guess someone at UK National Cyber Security Centre pissed off with Trump ...  :-DD

https://www.cnbc.com/2018/10/05/uk-cyber-security-agency-backs-apple-amazon-china-hack-denials.html (https://www.cnbc.com/2018/10/05/uk-cyber-security-agency-backs-apple-amazon-china-hack-denials.html)

So how come they have become so sure about having no doubt that fast ?

Five eyes.

NCSC is part of GCHQ.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: BravoV on October 05, 2018, 02:48:37 pm
I guess someone at UK National Cyber Security Centre pissed off with Trump ...  :-DD

https://www.cnbc.com/2018/10/05/uk-cyber-security-agency-backs-apple-amazon-china-hack-denials.html (https://www.cnbc.com/2018/10/05/uk-cyber-security-agency-backs-apple-amazon-china-hack-denials.html)

So how come they have become so sure about having no doubt that fast ?

I dunno  :-// .. maybe ... just maybe they're not as competence as Bloomberg's reporter ? Maybe ...  >:D

But this new message is clear, UK already took side.

Now, what interesting ahead is, if .. again, a big IF .. later, they come out again to reverse that statement, than that means someone at GCHQ got f**ked real hard, probably caused by a phone call made from Washington to Downing street 10.  :-DD
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: Stray Electron on October 05, 2018, 03:04:24 pm
I guess someone at UK National Cyber Security Centre pissed off with Trump ...  :-DD

https://www.cnbc.com/2018/10/05/uk-cyber-security-agency-backs-apple-amazon-china-hack-denials.html (https://www.cnbc.com/2018/10/05/uk-cyber-security-agency-backs-apple-amazon-china-hack-denials.html)

30 "Unnamed sources".  Yeah, I'm sure that we can trust that report.  <sarcasm off>
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: BravoV on October 05, 2018, 03:12:07 pm
I guess someone at UK National Cyber Security Centre pissed off with Trump ...  :-DD

https://www.cnbc.com/2018/10/05/uk-cyber-security-agency-backs-apple-amazon-china-hack-denials.html (https://www.cnbc.com/2018/10/05/uk-cyber-security-agency-backs-apple-amazon-china-hack-denials.html)

30 "Unnamed sources".  Yeah, I'm sure that we can trust that report.  <sarcasm off>

C'mon, its not that hard.

The source -> https://www.reuters.com/article/us-china-cyber-britain/uk-cyber-security-agency-backs-apple-amazon-china-hack-denials-idUSKCN1MF1DN (https://www.reuters.com/article/us-china-cyber-britain/uk-cyber-security-agency-backs-apple-amazon-china-hack-denials-idUSKCN1MF1DN)

Reporting by Guy Faulconbridge and Mark Hosenball; editing by Sarah Young

Put the CNBC as its more familiar for Northern America audiences, instead of Reuters.  :P
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: Bud on October 05, 2018, 03:32:40 pm
In the Thermal Imaging sub forum a complete compromise of the E4 camera security was achieved by modifying just 1 bit of a cpu instruction code.
ARM's conditional execution bit?

No
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: Bud on October 05, 2018, 03:39:30 pm
Let Apple and Amazon to testify before Congress. This seems to be America's favorite show this season,
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: BravoV on October 05, 2018, 03:56:07 pm
Let Apple and Amazon to testify before Congress. This seems to be America's favorite show this season,

Its a norm, even in the land of pure capitalism heaven, you just can not grow too big or too rich, even legit. Pure total submission and down with your knee is mandatory, hence what happened to big corporations, Microsoft experienced this too in the past, or will get bullied & grilled until they're fully surrendered.

Nope, money flow handsomely alone to gov and house of representative creatures is not enough.  >:D

Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: blueskull on October 05, 2018, 04:07:05 pm
The billions of dollars can be used to help pay some of the damage to western companies caused by China's rampant and shameless IP theft.

And also your loss of employment insurance, if that's what you mean.

China is getting more and more innovative, as can be seen from history.

In the 1990s, China blatantly cloned entire designs.

In the 2000s, China cloned part of the designs and costed-down the designs by modifications.

In the 2010s, most Chinese designs are patent infringing, but the engineering is more or less independent.

China will keep stealing patents for many more years, but engineering will be more or less independent.

China doesn't care about right or wrong, China only cares about power.

Being able to engineer is a power to technological independence. Being able to invent is not.

China needs technological independence, as that frees China from potential sanction from the west.

That is the ultimate free pass to dictatorship. The only thing that prevents Chinese government from physically suppressing its unrest people and its separatism states is the fear of being sanctioned by the west.

What China wants is not really that much. All we want is the west to leave us alone as long as we don't touch a NATO country.

And the west just will not. China will never be peaceful until the west stops policing near China.

China wouldn't have to clone western technology, China wouldn't have to manipulate currency, and China wouldn't have to be a political enemy of the west, as long as the west gets their fuck out of Chinese politics.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: donotdespisethesnake on October 05, 2018, 04:55:32 pm
Whether it is true or not about the fake capacitor, we all know Chinese communist government is the world's biggest crime syndicate.

For a start, the free world needs to confiscate all foreign properties, securities and loot smuggled abroad by the members and the families of the Central Committee of the Chinese Communist Party. The billions of dollars can be used to help pay some of the damage to western companies caused by China's rampant and shameless IP theft.

 :-DD

"I don't care about the truth, I have swallowed the anti-Chinese propaganda hook, line and sinker!"
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: blueskull on October 05, 2018, 06:05:42 pm
They're stealing IPs ?  >:D

Like everyone else, you know. Who the F (smaller players only) has ever paid for SD license for using a damn card in a design? Who the F has ever paid for what is literally abandoned WiFi patents? And who the F hasn't used FFMpeg or one of its frontends in their life as a tech person?
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: mnementh on October 05, 2018, 07:08:20 pm
The more interesting part of this diversion, to me at least....

With it going on, where are all the smart, tech-savvy people NOT paying attention?

All the preparations for a midterm election just weeks away that will literally define this nation's fundamental agenda for generations to come.

Not only does it create a diversion, but also it casts yet another potential external scapegoat into the center arena for inevitable compromised electoral outcomes, of course distracting us from the incumbent congressional corruption anybody with a whit of sense knows has been at fault all along.

mnem
Cassandra can suck it.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: ajb on October 05, 2018, 07:18:44 pm
There are hi-res pictures on Twitter of the exact board with no suspicious/malicious chip installed. It's possible that only server boards headed to Apple, AWS, et al. got the special treatment. I'm sure an order from Apple warrants a standalone production run.
Well, if you take the Bloomberg article at face value, virtually every chip components is potentially malicious.  Without any information on the nature of the exploit, you can't even really narrow it down that far, other than making educated guesses.  Even if you decap and analyze every single IC, and carefully inspect every chip component, and completely tear apart the PCB to look for embedded components, at best you could prove that the particular specimen was not compromised, but who knows how many different units from how many different production runs and design variants are out there.  So if the article *is* FUD or propaganda, being so difficult to definitively disprove is certainly an advantage. 

Ars Technica's article (https://arstechnica.com/tech-policy/2018/10/bloomberg-stands-by-chinese-chip-story-as-apple-amazon-ratchet-up-denials/) on the topic points out that Apple and Amazon's rebuttals are interesting in how strong and unambiguous they are.  The government could legally compel them not to reveal information about what Bloomberg's reported, but generally could not legally compel them to lie about it.  So if they were under some order not to report such information, you'd expect evasion rather than outright and strenuous denial.  Which isn't to say that they aren't outright lying, but it doesn't appear very likely.

What China wants is not really that much. All we want is the west to leave us alone as long as we don't touch a NATO country.

And the west just will not. China will never be peaceful until the west stops policing near China.

I don't know about other western countries, but the US has treaty obligations in the region.  Korea and Japan in particular have in interest in checking China's military and economic influence, and strong military/economic ties with the US.  Balance of power is practically a natural law of geopolitics.  Regardless of your opinion on North Korea, maritime territorial disputes, or any of the other hot buttons in the area, it's hardly as simple as saying the west just needs to get out of China's way.  I'm also not sure that other countries in the region would be so happy about seeing a less restrained China. . .
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: blueskull on October 05, 2018, 09:26:21 pm
I don't know about other western countries, but the US has treaty obligations in the region.

I'm not talking about Japan and Korea. I was talking about domestic social unrest.

In China, the government, not the people, owns he land. It's not like EU where if you want to "brexit", you can exit.

If the west stay out of human right issues of China and stop sanctioning China for suppressing separatists, China will not need to be excluded from ITAR list, and then China will not have to clone all western technologies if we have a steady, political-free supply of them.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: apis on October 06, 2018, 12:06:19 am
It's been on the major news stations in Scandinavia now, and they spin it as if it's true, although they mention
that apple and amazon denies it.

In China, the government, not the people, owns he land.
Actually, that is the same everywhere; only governments "owns" territory. Control is a perhaps a better word than own. Usually through military means, but sometimes also because of tradition. Each country have different rules of how they then divide the rights to use that land among their citizens though. If you "own" some property in e.g. Sweden or the USA, you are really just sort of leasing it; you have a contract with the government giving you a monopoly on using some part of the territory in certain ways, e.g. for farming or for mining or building a house, but there are limits to what you can do with it.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: Red Squirrel on October 06, 2018, 12:58:40 am
Yeah sadly even in north america the government really owns/controls the land.  You can buy land you own it in the legal sense, but if the government or a corporation wants it, they get it.  They can also tell you what you're not allowed to do on it etc.  It's actually BS.   Though there are unorganized townships where you tend to have more freedom with the land you buy.  It's my dream to eventually live in one.   Would be great to be able to build anything without needing permits etc.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: VK3DRB on October 06, 2018, 01:23:33 am
The billions of dollars can be used to help pay some of the damage to western companies caused by China's rampant and shameless IP theft.
In the 1990s, China blatantly cloned entire designs....
China doesn't care about right or wrong, China only cares about power....

That is the ultimate free pass to dictatorship. The only thing that prevents Chinese government from physically suppressing its unrest people and its separatism states is the fear of being sanctioned by the west.


Disgree.... not the 1990's... now. There are exact copies of creative patented or copyrighted work by Australian companies and individuals which thieving pirates sell stuff blatantly around the world. IP theft is rampant. Not "copy watch" of the 1990's, but entire designs of high value items where you cannot tell the difference.

This might surprise you... http://www.techguide.com.au/news/the-worlds-greatest-technologies-that-were-invented-in-australia/ (http://www.techguide.com.au/news/the-worlds-greatest-technologies-that-were-invented-in-australia/)
Not bad for a free country of between 8 and 25 million people in a remote part of the world, compared to China with 1.4 billion people.

I agree the Chinese communist government cares only about power. Because ultimately it is a tool for the princelings and their privileged families to save face and accumulate massive amounts of money. That is why they are terrified of democracy.

http://www.abc.net.au/radio/programs/worldtoday/is-china-stealing-intellectual-property/10302836 (http://www.abc.net.au/radio/programs/worldtoday/is-china-stealing-intellectual-property/10302836)
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: blueskull on October 06, 2018, 01:42:45 am
Disgree.... not the 1990's... now. There are exact copies of creative patented or copyrighted work by Australian companies and individuals which thieving pirates sell stuff blatantly around the world. IP theft is rampant. Not "copy watch" of the 1990's, but entire designs of high value items where you cannot tell the difference.

Weird. I don't see any of them. Examples please.

Let's make it clear. Since we are talking illegal blatant direct clones that hit the market, those don't count:
1. Cloning of ideas and patents don't count. Only cloning of actual reduction to practice counts.
2. Mimicking a genuine hardware device to illegally use the original software doesn't count.
3. Cloning under a license or a circumvented or successfully attacked IP (copyright under DMCA exemptions, patents with nullified claims, etc.) doesn't count.
4. Cloning at a small scale (mom and dad shop, personal projects or industrial products that're only intended to be used in-house, not to be sold) or for special purposes (government actions for defensive, governmental or policing applications) doesn't count.
5. Genuine development using pirate software/firmware o cloned tools doesn't count.

This might surprise you... http://www.techguide.com.au/news/the-worlds-greatest-technologies-that-were-invented-in-australia/ (http://www.techguide.com.au/news/the-worlds-greatest-technologies-that-were-invented-in-australia/)

Not surprised. I knew WiFi is invented by AU government researchers.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: blueskull on October 06, 2018, 01:49:01 am
I agree the Chinese communist government cares only about power.

I bet you've never lived in China. Chinese government is corrupted as hell, but many Chinese people are way more corrupted.
Everyone in China, if has some sort of power, is corrupted. At least the government is being supervised and has to obey the law, at least to certain extent.

Farmers sell poisonous food to urban citizens, doctors prescribe unnecessary lab tests for making some cut, teachers give special attentions to students with rich dads, and the list goes on.
I bet if there is any power, even if just a little bit, that can change other people's living quality by just a tiny margin, the power will be monetized

Now in such a context, Chinese government is fairly clean, compared with the F*ed up society.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: VK3DRB on October 06, 2018, 04:03:21 am
I agree the Chinese communist government cares only about power.

I bet you've never lived in China. Chinese government is corrupted as hell, but many Chinese people are way more corrupted.
Everyone in China, if has some sort of power, is corrupted. At least the government is being supervised and has to obey the law, at least to certain extent.

Farmers sell poisonous food to urban citizens, doctors prescribe unnecessary lab tests for making some cut, teachers give special attentions to students with rich dads, and the list goes on.
I bet if there is any power, even if just a little bit, that can change other people's living quality by just a tiny margin, the power will be monetized

Now in such a context, Chinese government is fairly clean, compared with the F*ed up society.

I spent a few months in Tianjin in 1980's and 90's. In fact, I set up the first computer manufacturing line in all of China. No I have not lived there long term, but I know what goes on and witnessed some odd things shall we say. The most decent people I met were engineers over there... they were not the type to be corrupt, and they were great to work with.

You want corrupt? The HSBC bank is the bank of choice for Mexican drug cartels for money laundering and currency smuggling. I know someone who told me he smuggled a very large sum of money into Australia from China under full support, knowledge and guidance from HSBC. The problem is HSBC is "too big to fail", and no-one has the guts or integrity to bring them to account; not even the US or the Chinese government. The US govt only gave HSBC a small slap on the wrist for them knowingly profiteering from Mexican drug cartel drug trafficking. And yet if a poor man from the hood sells some crack on the streets, he gets 20 years prison - if the cops don't shoot him first.

I think one of the big problems in China is money is a god over there, called Mammon. A very shallow belief system indeed.

Entrepreneurial, or just plain greedy?... http://www.abc.net.au/news/2018-04-26/daigou-chinese-personal-shopping-$1-billion-industry/9671012 (http://www.abc.net.au/news/2018-04-26/daigou-chinese-personal-shopping-$1-billion-industry/9671012)
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: blueskull on October 06, 2018, 04:23:03 am
Entrepreneurial, or just plain greedy?... http://www.abc.net.au/news/2018-04-26/daigou-chinese-personal-shopping-$1-billion-industry/9671012 (http://www.abc.net.au/news/2018-04-26/daigou-chinese-personal-shopping-$1-billion-industry/9671012)

If you think that's worst, then you are wrong. If it's within the boarder of China, those Daigou people will buy all stocks, even without orders, to bump up the price and sell them back to the people needing them the most.

Remember those people buying new iPhones and dump them on eBay for 2x the price? That happens in China, on foods, concert tickets, even hospital appointment tickets.

Remember the slogan of the capitalization of China? "Regardless white cat or black cat, the can that catches mice is the good cat".
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: ajb on October 06, 2018, 04:45:22 am
If the west stay out of human right issues of China and stop sanctioning China for suppressing separatists, China will not need to be excluded from ITAR list, and then China will not have to clone all western technologies if we have a steady, political-free supply of them.


Drifting pretty far off topic here, but that's not what ITAR is about.  ITAR is about technology and materials with military value, nothing to do with human rights.  In fact, AFAICT there are no active US sanctions against China or Chinese entities for human rights reasons, although such actions have been discussed as a result of China's treatment of Uyghers (and if what's been reported about that doesn't count as "physically suppressing", I'm not sure what does, short of actual ethnic cleansing).  Aside from ITAR, there are blanket export restrictions on China for nuclear, chemical, and biological weapons controls, national security, and regional stability reasons (but similar controls are also in place for most countries, including many allies of the US, although not as severe) and I did find references to active sanctions on Chinese entities and individuals relating to Iran, North Korea, and trafficking in arms and narcotics.  For better or for worse, it's hard to gather support for human rights-based sanctions.  Maybe something will happen soon, but most people in the US are much more concerned with problems closer to home at the moment.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: blueskull on October 06, 2018, 04:59:05 am
In fact, AFAICT there are no active US sanctions against China or Chinese entities for human rights reasons

Depending on how do you define human right issues. My definition is everything that suppresses people from expressing their willing, is, including wanting to form their own government.

Under that umbrella, conflicts in Xinjiang, Tibet, Hong Kong and Taiwan are all considered to be human right violation.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: funkyant on October 06, 2018, 08:37:10 am
Off topic, but also kind of on topic:

https://www.businessinsider.es/boeing-may-have-used-firm-to-plant-anti-spacex-oped-2018-10?r=US&IR=T (https://www.businessinsider.es/boeing-may-have-used-firm-to-plant-anti-spacex-oped-2018-10?r=US&IR=T)
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: VK3DRB on October 06, 2018, 08:54:54 am
When I say computer, I meant 8086 based PC.

In the 1980's, Hong Kong was THE place for pirated computers and software, especially at the Golden Centre in the aptly named Sham Shui Po. Most of the boards came from sweatshops in Hong Kong and Taiwan, not the PRC. The "rotten Apples" were even assembled in Hong Kong. These were almost always "build-to-order", often while you wait, often using a chair or the floor as a workbench. ESD protection did not even register with these people. The Golden Centre in Hong Kong also was the world's biggest piracy centre for commercial software, according to The Bulletin Magazine in 1986. The place had been raided by the HK cops several times, but after a short stint in jail the the crooks were soon peddling their wares again.
 
Dick Smith's System 80, a cheaper "clone" to the Tandy TRS-80, was made in Hong Kong in 1979 by a company called EACA, which was involved in crime.

China was just getting out of the Maoist dark ages in 1979 after the dictator died in 1976. There is no way they could go from an impoverished third world peasant-based country to making anything remotely resembling quality electronics within 3 years.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: bd139 on October 06, 2018, 10:31:51 am
My father used to import clone computer stuff made in the late 1970s into the UK so manufacturing was definitely going on before that. China wasn’t quite as believed - parts of it had been sold out for manufacturing. Then he started importing PC clones and memory into Europe. Ironically he had a bigger production outfit than Dell at the time. I spent most of my years in the 1980s living in an import warehouse basically and being booth gremlin at CeBit.

This exposure is what made me want to be an EE and do silicon design. Ended up in software. Doh.

Stuff from HK/China wasn’t cloned at all and wasn’t crap. This was new stuff totally in house. The only thing they did was use the compatible ISA interface. A lot of the early clone market was developed in the US as well (think Tseng Labs etc) and they set up an OEM chain in HK/Taiwan and subcontracted out to new factories in China mainland.

It’s quite frankly scary how fast they ramped up production.

Someone there says jump and the answer is *boing*.

Someone here says jump and the answer is “persuade me to jump” then after two weeks they fuck off and find somewhere that doesn’t make them jump as high then shitpost on glassdoor.

Shit doesn’t get cloned. The APIs and interfaces do for compatibility but what’s inside is original. And we only have ourselves to blame. West can’t compete now because it’s lazy, bureaucratic and inefficient.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: Benta on October 06, 2018, 12:40:25 pm
Wow, so many conspiracy hypotheses here. The one thing that surprises me is, that from all the knowledgeable people here, not one has stumbled on the most plausible explanation.

It has been mentioned a couple of times that it is a very small, low pin count device.

That screams to me: PCB-RFID tag.

This is nothing unusual, a lot of companies place RFID tags on their PCBs and have done so for years as a replacement for bar codes.

It's for production tracking, inventory control, warranty tracking, product authenticity etc. Upside compared to bar codes is, you can read the tag without opening the box.

Here's an example: https://www.mouser.com/pdfdocs/magicstrap_application_guide.PDF (https://www.mouser.com/pdfdocs/magicstrap_application_guide.PDF)

It's got nothing to do with backdoors or spying.

Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: bd139 on October 06, 2018, 12:50:48 pm
RFID tag needs an antenna and those aren’t particularly small or easy to hide in a multi layer board. Go have a look at some example of PCB rfid tag antennas.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: Benta on October 06, 2018, 12:54:13 pm
I know exactly what an RFID antenna looks like, and it's nothing more than a slot in a ground plane. You go look.

Edit: See here: https://www.nxp.com/docs/en/application-note/AN171530.pdf (https://www.nxp.com/docs/en/application-note/AN171530.pdf)
Go to chapter 5 (page 28).

Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: chris_leyson on October 06, 2018, 03:31:27 pm
Murata "Magicstrap" is one example and they do tags with an integrated antenna 1.25 x 1.25 x 0.55mm package 10mm range. https://www.murata.com/en-eu/products/rfid/rfid/uhf (https://www.murata.com/en-eu/products/rfid/rfid/uhf). Nothing new here.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: Cerebus on October 06, 2018, 03:40:50 pm
Wow, so many conspiracy hypotheses here. The one thing that surprises me is, that from all the knowledgeable people here, not one has stumbled on the most plausible explanation.

It has been mentioned a couple of times that it is a very small, low pin count device.

That screams to me: PCB-RFID tag.

This is nothing unusual, a lot of companies place RFID tags on their PCBs and have done so for years as a replacement for bar codes.

It's for production tracking, inventory control, warranty tracking, product authenticity etc. Upside compared to bar codes is, you can read the tag without opening the box.

Here's an example: https://www.mouser.com/pdfdocs/magicstrap_application_guide.PDF (https://www.mouser.com/pdfdocs/magicstrap_application_guide.PDF)

It's got nothing to do with backdoors or spying.

Bit of a red herring frankly. The context is not one where someone has pointed at a component on a board that they, but not an expert, are incapable of identifying. The allegation claims a years long investigation by, among others, the FBI, who are quite capable of popping into MIT or Stanford or Intel or On Semi and saying "tell us what this component is and what it does". I don't think Bloomberg are going to turn around and go "Aw shucks! Is that what it was? If only we'd asked some random bloke on the eevblog forum what it was instead of going off half cocked".
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: Benta on October 06, 2018, 03:49:05 pm
Sorry, but "half cocked" is what the Bloomberg article is. Allegations, allegations and not one hard fact. The article shows pictures of a miniscule 6-pin device, which is completely in line with an RFID chip and a ground plane slot antenna. It could even have been embedded during PCB manufacturing before assembly. This is in line with manufacturing tracking.
A 6-pin device as "back door"? No way, José.




Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: MT on October 06, 2018, 04:15:14 pm
China go full fascistic according to ABC Australia
https://www.youtube.com/watch?v=eViswN602_k (https://www.youtube.com/watch?v=eViswN602_k)
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: wraper on October 06, 2018, 04:16:59 pm
A 6-pin device as "back door"? No way, José.
2 power pins and 2-3 data pins are more than enough to compromise the system.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: JimRemington on October 06, 2018, 04:20:37 pm
https://arstechnica.com/tech-policy/2018/10/bloomberg-stands-by-chinese-chip-story-as-apple-amazon-ratchet-up-denials/

Quote
Luckily, we're likely to know the answer one way or the other in the coming days. If the Bloomberg story is true, there are thousands of compromised motherboards out there, and companies will be scouring their data centers for them. People have already identified the specific circuit board featured in the graphic at the top of the Bloomberg article, though it's not clear if this is a real photograph or a Bloomberg-made mockup. If the story is accurate, sooner or later someone will produce a compromised board and do a public teardown.

Sounds like a great job for Dave!
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: Cerebus on October 06, 2018, 04:22:44 pm
Sorry, but "half cocked" is what the Bloomberg article is. Allegations, allegations and not one hard fact. The article shows pictures of a miniscule 6-pin device, which is completely in line with an RFID chip and a ground plane slot antenna. It could even have been embedded during PCB manufacturing before assembly. This is in line with manufacturing tracking.
A 6-pin device as "back door"? No way, José.

No dispute that it's half-cocked, I'm just disputing that you've found the magic that everybody else missed.

This is not about the ability to recognise a component from first instance, this is about politics, propaganda, misinformation tactics and possibly share price manipulation. The very length and depth of the Bloomberg article's claims make it clear that this is more than mere "tech ignorant journo makes a cock up". That scale suggests deliberation, a very real conspiracy to mislead (even if that misleading is only about the various sources ability and accuracy), or (improbably) the most perfect synchronicity of journalistic and official incompetence that has ever been produced by happenstance.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: radioactive on October 06, 2018, 04:23:41 pm
I think the image of the part in that article looks like a common RF balun.  Would have to see proof otherwise to believe anything else.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: chris_leyson on October 06, 2018, 04:26:22 pm
@Benta. Sorry, should have read your post, the Magicstrap RFID chips are pretty cool but nothing to do with the Bloomberg article. Smallest microprocessor I can buy is ATtiny in 2x2x0.6mm package and there is no reason why you can't embed that either. The die size probably limits the packaging but you've got a fair amount of metal to plate onto so an ATtiny would be one example of something relatively easy to embed into a PCB.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: bd139 on October 06, 2018, 04:33:19 pm
Has anyone read the eSPI manual from Intel?

https://www.intel.com/content/dam/support/us/en/documents/software/chipset-software/327432-004_espi_base_specification_rev1.0_cb.pdf (https://www.intel.com/content/dam/support/us/en/documents/software/chipset-software/327432-004_espi_base_specification_rev1.0_cb.pdf)

Each device is bussed with clock, io, independent chip select. Also it’s not multi master and is fanned out over the board so to modify the protocol you’d need to intercept rather than tap. That means twice as many pins as a tap. Also it’s a channeled protocol. On top of that the slaves can initiate transactions so you’d have to be aware of the state of the system to stop bus collisions.

This seems a whole load of faff when there’s a whole bunch of firmware floating around on the boards you can futz with.

And as I have said before the entire thing would leave tangible evidence on the board which is quite frankly fucking stupid as you can probably through comparison trace the encapsulation and/or the silicon back to the originating country.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: apis on October 06, 2018, 05:34:22 pm
Would have thought it would be easy enough to re-encapsulate chips with added components or make custom versions of chips already on the board. You could then just replace the original parts with your modified parts, would be much harder to discover. But hey, whatever works works.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: IanMacdonald on October 06, 2018, 05:39:29 pm
There is a product called Computrace LoJack which is in the BIOS, but injects DLLs into the system32 folder of any installed copy of Windows when run. Ostensibly this is so a stolen computer can be traced. It's done like this because the DLLs can do a lot more things than the limited BIOS code. Like, phone home. I wouldn't be surprised if the supermicro bug worked the same way. So yes, this is certainly feasible.

People have been hammered with propaganda to the effect that HTTPS protects them whilst on the Internet. In fact, the protection it provides is minimal. The problem is that this kind of hard-sell of one rather limited security product creates a false sense of security, which leads to other more prevalent threats being overlooked.

https://iwrconsultancy.co.uk/blog/https (https://iwrconsultancy.co.uk/blog/https)
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: bd139 on October 06, 2018, 05:46:14 pm
I disagree. HTTPS, more correctly HTTP over TLS, is just one part of the security model. At each end you have vendors providing software that have an interest in making sure they don’t look like shit. HTTPS protects you between those security boundaries.

That’s unrelated to this discussion entirely however.

The biggest threat is the competence of the programmers at each end and the user doing something stupid.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: floobydust on October 06, 2018, 06:42:11 pm
We don't know the truth yet. It's kind of simmering, like when a big turd is going to hit the fan. Somebody is grossly wrong and the Internet is divided.

No comment from the FBI, CIA and NSA. Amazon and Apple deny it.

Bloomberg claims 17 people are confirming the H/W mods:
"The companies’ denials are countered by six current and former senior national security officials who... detailed the discovery of the chips... One of those officials and two people inside AWS provided extensive information on how the attack played out at Elemental and Amazon; the official and one of the insiders also described Amazon’s cooperation with the government investigation. In addition to the three Apple insiders, four of the six U.S. officials confirmed that Apple was a victim. In all, 17 people confirmed the manipulation of Supermicro’s hardware and other elements of the attacks. The sources were granted anonymity because of the sensitive, and in some cases classified, nature of the information."

I think the problem is these servers are heavily used, beyond the early clients Amazon and Apple.
So other big companies would be compromised, perhaps Facebook (again), Google, banks, DoD etc.

Second, why not add the back door to cellphones? I have to wonder if the iPhone didn't get "the treatment", hence Apple's denial.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: BravoV on October 06, 2018, 06:50:51 pm
(https://cdn.shopify.com/s/files/1/0969/9128/products/Classic_TV_Poster_-_X_Files_-_Mulder_-_I_Want_To_Believe_d8463576-83a1-47c7-bd5d-eae6bae46d14.jpg?v=1528435847)

versus

(http://widgets.bestmoodle.net/images/provpost/puddingeating.jpg)

 :-DD
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: BravoV on October 06, 2018, 06:53:26 pm
Bloomberg claims .....

What Bloomberg trying to say is actually pretty simple..

 "Trust us on what we claimed, ask no more, just trust us ... "
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: Mr. Scram on October 07, 2018, 12:07:04 am
What Bloomberg trying to say is actually pretty simple..

 "Trust us on what we claimed, ask no more, just trust us ... "
While true, it's historically been a rather reputable source. That's why many people take the stories quite seriously.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: T3sl4co1l on October 07, 2018, 01:46:05 am
The amount of denial in this thread is... concerning.

Why do so many people find this unbelievable?  Many have given reasons, but none of them hold water.

Just because you can't imagine it's possible, doesn't mean it's impossible.

Alternate motives?  Maybe.  Just because that is also possible, doesn't mean it's probable, let alone guaranteed.

The reluctance to confirm sources is also obvious.  It would perhaps be nice if they collaborated with a few other journalists to better check the sources against each other and confirm things.  But even between very well trusted papers, that's a very dangerous thing to do.  More likely, we will see independent confirmation, and yes, teardowns including analysis of the chip in question will be very interesting indeed to see.

So instead of jumping to conclusions, why don't you chill out, and think on it for a moment, and realize that multiple things are possible, not just knee-jerk reactions?...

Anyway, "our boys" have had these kinds of attacks for decades.  As have our allies and enemies, to varying degrees of capability, at various times.  It is completely normal and possible, even moreso with modern technology (like the Management Engine attack vector).  The only thing distinctive about this is probably the scale at which it has been done (potentially millions of compromised units).

Tim
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: FrankBuss on October 07, 2018, 01:57:37 am
So anyone who wants to buy a  Supermicro server boards and search the chip? Looks like they are getting cheaper at the moment at eBay :-DD
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: Cerebus on October 07, 2018, 02:17:04 am
Tim, I don't think anybody is disputing the technical possibility just the quality and/or accuracy of the reporting.

What is in question is the lousy reporting which contains nothing more than handwaving on the level of technical evidence - if we'd seen one decapsulated chip with some decent microphotographs and an analysis from someone technically competent we might be somewhere else. In fact the nearest we have to evidence is "our sources tell us" with no way to corroborate this and most of the places where those sources work denying the story in pretty unambiguous terms, terms devoid of the phrasing normally associated with lawyer drafted statements that are technically true while being in fact a pack of lies.

Never before have I seen as significant a news report as this one that is as thin on evidence where a significant part of the evidence is of the kind that could be easily documented. They appear to have boards and chips, at least they have reproduced photographs that purport to be the parts and they've been running the investigation for a long time - so why no proper analysis. Add the strange political climate at the moment and the realpolitik that might go with a planted anti-china story and it would be remiss to be anything but sceptical on all fronts.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: T3sl4co1l on October 07, 2018, 03:14:39 am
Equally easily explained -- they are a business publication.  If they have the technical details, it wouldn't do most of their readers any good.  Just insult them and make them feel dumb for not understanding things.  (If, say, Ars were breaking this story, I would expect them to share some technical info, and be suspicious if they didn't.)

This is very normal for, say, academic journalism.  The technical aspects have to be simplified for a less technical reader.  They often get it wrong, of course...  So, that leaves it to us (as technical readers) to read between the lines and guess what they're actually talking about.  Which is just as unreliable.  It would be so much nicer to just have the info straight, but alas...

And yes, that includes the possibility that there's nothing at all about it.  It could be that their sources didn't provide such details -- whether for the same reason (the journalists probably wouldn't know what to do with it), or because they don't have any at all.

Oh, one thing by the way, if this were unsupported -- if there were no actual facts here -- this would be defamation, and they'd be sued pretty damn quick for all the millions of dollars this is worth.  Bloomberg knows this as well as Supermicro and everyone else.  You can bet your ass they're denying publicly, and investigating internally, until they figure out some possible strategy that doesn't leave them completely destitute!

Tim
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: Cerebus on October 07, 2018, 03:55:53 am
Equally easily explained -- they are a business publication.  If they have the technical details, it wouldn't do most of their readers any good.  Just insult them and make them feel dumb for not understanding things.  (If, say, Ars were breaking this story, I would expect them to share some technical info, and be suspicious if they didn't.)

Back in the days of print journalism, this is exactly where the editor would have put:

    [sidebar from Dr. Expert goes here "What we found under the microscope"]

A sidebar lets you provide detail that the general reader will want to skip, but that allows you to "show your workings" so that people know you're not handwaving or hoodwinking them. This is especially necessary in this case given the gravity of the accusations. Moreover, business readers aren't insulted by being presented technical details in a sidebar - business people don't expect to understand all the technical details, they have people for that "John, read this article and tell me if the technical side makes sense to you". 

Here I'm speaking as an ex-section editor of a business computer magazine. I wouldn't have put a story one tenth as volatile as this on the page without putting enough in print to make my case lawyer proof. Providing all the facts, as far as you can, may make a difference between a case for slander of goods* and no case to answer. In fact in defamation cases sometimes the most damaging thing you can do is to make accusations without producing your proof at the same time. At the very least it leads to legal bills and court appearances where, if you'd made a good case in print already, the plaintiff's lawyers would have said "don't bother".

Quote
...
Oh, one thing by the way, if this were unsupported -- if there were no actual facts here -- this would be defamation, and they'd be sued pretty damn quick for all the millions of dollars this is worth. 

Yes, and on the case made publicly so far by Bloomberg I expect that some of the accused companies' shareholder's lawyers have been quite busy this weekend. Moreover, if this gets to court on any defamation actions Bloomberg can be ordered to reveal their sources if that is the nub of their claims. That will irreparably damage their trustworthiness to future possible sources and could have been avoided if they'd made out a better, more plausible case in print.

*Trust me, I've been threatened with this plenty of times. Never had to settle or go to court though.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: David Hess on October 07, 2018, 04:52:46 am
Disgree.... not the 1990's... now. There are exact copies of creative patented or copyrighted work by Australian companies and individuals which thieving pirates sell stuff blatantly around the world. IP theft is rampant. Not "copy watch" of the 1990's, but entire designs of high value items where you cannot tell the difference.

Weird. I don't see any of them. Examples please.

Let's make it clear. Since we are talking illegal blatant direct clones that hit the market, those don't count:
1. Cloning of ideas and patents don't count. Only cloning of actual reduction to practice counts.
2. Mimicking a genuine hardware device to illegally use the original software doesn't count.
3. Cloning under a license or a circumvented or successfully attacked IP (copyright under DMCA exemptions, patents with nullified claims, etc.) doesn't count.
4. Cloning at a small scale (mom and dad shop, personal projects or industrial products that're only intended to be used in-house, not to be sold) or for special purposes (government actions for defensive, governmental or policing applications) doesn't count.
5. Genuine development using pirate software/firmware o cloned tools doesn't count.

What about cloning an entire company (https://www.nytimes.com/2006/05/01/technology/01pirate.html)?

The other common type of cloning is when the production factory runs an extra undocumented shift.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: BravoV on October 07, 2018, 05:03:40 am
So anyone who wants to buy a  Supermicro server boards and search the chip? Looks like they are getting cheaper at the moment at eBay :-DD

These special Supermicro products are surely sold exclusively to Amazon & Apple only, hence there is no proof, or very hard to get. Hence, you have to understand the reluctance to release the details by Bloomberg, riding their reputation, all you need is to trust Bloomberg and believe.

Hey, where is your patriotism anyway ?  >:D

<spin dr. mode:OFF>

 :-DD
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: blueskull on October 07, 2018, 05:23:39 am
Disgree.... not the 1990's... now. There are exact copies of creative patented or copyrighted work by Australian companies and individuals which thieving pirates sell stuff blatantly around the world. IP theft is rampant. Not "copy watch" of the 1990's, but entire designs of high value items where you cannot tell the difference.

Weird. I don't see any of them. Examples please.

Let's make it clear. Since we are talking illegal blatant direct clones that hit the market, those don't count:
1. Cloning of ideas and patents don't count. Only cloning of actual reduction to practice counts.
2. Mimicking a genuine hardware device to illegally use the original software doesn't count.
3. Cloning under a license or a circumvented or successfully attacked IP (copyright under DMCA exemptions, patents with nullified claims, etc.) doesn't count.
4. Cloning at a small scale (mom and dad shop, personal projects or industrial products that're only intended to be used in-house, not to be sold) or for special purposes (government actions for defensive, governmental or policing applications) doesn't count.
5. Genuine development using pirate software/firmware o cloned tools doesn't count.

What about cloning an entire company (https://www.nytimes.com/2006/05/01/technology/01pirate.html)?

The other common type of cloning is when the production factory runs an extra undocumented shift.

Wow, great eye opener. Textbook MitM.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: helius on October 07, 2018, 05:47:17 am
I have purchased "ghost shift" products in the past. Some typical signs are 1.) the box and manual of the product do not carry the vendor's name, address, or logo, but the vendor logo is silkscreened onto the device itself; 2.) the manual appears to be a crudely laid-up Xerox copy of an existing document; 3.) the presence of China-market testing and recycling marks. The actual quality of the product may be the same, but you obviously should not expect vendor support.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: chris_leyson on October 07, 2018, 05:48:34 am
Quote
What about cloning an entire company?
Or stealing an entire company

Company C, the Chinese company, owes Company A £600,000 and makes lame excuses for not paying. Company A embarks on a huge project, hires a lot more staff and borrows £250,000 from Company K. Meanwhile Chinese director of Company C buys shares in Company A. becomes a board member of Company A and still owes Company A.
New Chinese board member buys out directors of Company A, forms new Company B and transfers assets to new Company B. Chinese director of Company A winds up company A but keeps Company B going under a similar name. Company K are not happy. Directors wife becomes sole director and owner of company B. Company B ceases trading a year later. Company C owns all of the interlectual property of Company A and probably any left over stock from Company B. True story.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: a59d1 on October 07, 2018, 06:10:32 am
The billions of dollars can be used to help pay some of the damage to western companies caused by China's rampant and shameless IP theft.

And also your loss of employment insurance, if that's what you mean.

China is getting more and more innovative, as can be seen from history.

In the 1990s, China blatantly cloned entire designs.

In the 2000s, China cloned part of the designs and costed-down the designs by modifications.

In the 2010s, most Chinese designs are patent infringing, but the engineering is more or less independent.

China will keep stealing patents for many more years, but engineering will be more or less independent.

China doesn't care about right or wrong, China only cares about power.

Being able to engineer is a power to technological independence. Being able to invent is not.

China needs technological independence, as that frees China from potential sanction from the west.

That is the ultimate free pass to dictatorship. The only thing that prevents Chinese government from physically suppressing its unrest people and its separatism states is the fear of being sanctioned by the west.

What China wants is not really that much. All we want is the west to leave us alone as long as we don't touch a NATO country.

And the west just will not. China will never be peaceful until the west stops policing near China.

China wouldn't have to clone western technology, China wouldn't have to manipulate currency, and China wouldn't have to be a political enemy of the west, as long as the west gets their fuck out of Chinese politics.

Is your license plate still SIGSEGV, comrade?
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: T3sl4co1l on October 07, 2018, 06:16:48 am
Back in the days of print journalism, this is exactly where the editor would have put:

    [sidebar from Dr. Expert goes here "What we found under the microscope"]

A sidebar lets you provide detail that the general reader will want to skip, but that allows you to "show your workings" so that people know you're not handwaving or hoodwinking them. This is especially necessary in this case given the gravity of the accusations. Moreover, business readers aren't insulted by being presented technical details in a sidebar - business people don't expect to understand all the technical details, they have people for that "John, read this article and tell me if the technical side makes sense to you".

Yes, that would've done perfectly!


Quote
Here I'm speaking as an ex-section editor of a business computer magazine. I wouldn't have put a story one tenth as volatile as this on the page without putting enough in print to make my case lawyer proof. Providing all the facts, as far as you can, may make a difference between a case for slander of goods* and no case to answer. In fact in defamation cases sometimes the most damaging thing you can do is to make accusations without producing your proof at the same time. At the very least it leads to legal bills and court appearances where, if you'd made a good case in print already, the plaintiff's lawyers would have said "don't bother".

Good point!

Tim
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: BravoV on October 07, 2018, 06:33:52 am
The U.S. Department of Homeland Security says no reason to doubt firms' China hack denials (https://www.reuters.com/article/us-china-cyber-dhs/dhs-says-no-reason-to-doubt-firms-china-hack-denials-idUSKCN1MH00Y)
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: Mr. Scram on October 07, 2018, 06:35:37 am
We can only assume Bloomberg understands this better than any of us. They aren't exactly amateurs and have extensive experience in the business world, which isn't exactly an amateurish or forgiving environment.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: BravoV on October 07, 2018, 06:38:15 am
We can only assume Bloomberg understands this better than any of us. They aren't exactly amateurs and have extensive experience in the business world, which isn't exactly an amateurish or forgiving environment.

Agree, and this means Bloomberg's reporter knows better than US DHS and UK NCSC, interesting time indeed.

I have a gut feeling few fellas here starting to doubt on who the f**k is Reuters and it's reputation, say compared to Bloomberg, and probably Fox News fans too.  ;)
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: ogden on October 07, 2018, 06:52:10 am
We can only assume Bloomberg understands this better than any of us. They aren't exactly amateurs and have extensive experience in the business world, which isn't exactly an amateurish or forgiving environment.

Agree, and this means Bloomberg's reporter knows better than US DHS and UK NCSC, interesting time indeed.

Counterintelligence is responsibility of CIA, not DHS or FBI. If this is true story, it can have "top secret" seal for decades. Other option is just stock fraud or (unlikely) dumb defamation. We will see soon because investors are very unhappy - shares plunged 50%.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: BravoV on October 07, 2018, 07:05:02 am
Other option is just stock fraud or (unlikely) dumb defamation. We will see soon because investors are very unhappy - shares plunged 50%.

Don't rule out other option, which is a direct & straight intervention from an ignorance and short sighted white house staff, bypassing gov 3 characters agencies, and under heavy pressure that had been instructed ordered to think of how to kill two birds with one stone, which are the disobedience big corporations "and" China.  >:D

We've seen this in the past (example -> HERE (https://www.reuters.com/article/us-amazon-com-stocks/amazon-sheds-52-billion-in-market-value-after-report-on-trump-threat-idUSKBN1H42HG)), how the potus interfered at low level, cronyist must made lots of money for short selling Amazon, prolly made hundreds of millions overnight, its legal anyway.  :-DD
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: BravoV on October 07, 2018, 07:33:45 am
Counterintelligence is responsibility of CIA, not DHS or FBI.

Nope, just fyi, CIA is illegal to operate domestically in US.

And this matter brought out by Bloomberg, is a domestic issue which legally should be handled by FBI and DHS.

For example counterintelligence like capturing foreign spy "inside US" is under FBI jurisdiction & power, not CIA, only outside US border.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: donotdespisethesnake on October 07, 2018, 08:30:01 am
We can only assume Bloomberg understands this better than any of us. They aren't exactly amateurs and have extensive experience in the business world, which isn't exactly an amateurish or forgiving environment.

That's so naive and gullible, it's almost touching. I suppose the fact that Bloomberg reporters get a bonus related to how much their stories affect the market would not affect your faith  :-DD
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: bd139 on October 07, 2018, 08:41:11 am
Indeed. Bloomberg are an aggregator service. Accuracy depends on what they are aggregating and their fact checking. They haven’t had a particularly good rating in that department. Compared to Reuters at least they are more the equivalent of a tabloid aggregator.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: Mr. Scram on October 07, 2018, 09:11:53 am
That's so naive and gullible, it's almost touching. I suppose the fact that Bloomberg reporters get a bonus related to how much their stories affect the market would not affect your faith  :-DD
You seem to have invented some kind of faith and subsequently attributed it to me. Interesting. Do elaborate.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: wraper on October 07, 2018, 09:18:53 am
Counterintelligence is responsibility of CIA, not DHS or FBI.

Nope, just fyi, CIA is illegal to operate domestically in US.

And this matter brought out by Bloomberg, is a domestic issue which legally should be handled by FBI and DHS.

For example counterintelligence like capturing foreign spy "inside US" is under FBI jurisdiction & power, not CIA, only outside US border.
One peace of nonsense you wrote here. CIA often exceeds what they are allowed to do, however they can operate legally within US. Just imagine how what you wrote would work in practice. They look after some spies who are outside US, those spies contact other spies within US. Nope, we cannot investigate those  :palm:.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: mikeselectricstuff on October 07, 2018, 10:24:03 am
We don't know the truth yet. It's kind of simmering, like when a big turd is going to hit the fan. Somebody is grossly wrong and the Internet is divided.

No comment from the FBI, CIA and NSA. Amazon and Apple deny it.

Bloomberg claims 17 people are confirming the H/W mods:
but not one single plausible photo.
If this was real, there would be pictures.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: madires on October 07, 2018, 10:41:02 am
DHS says no reason to doubt firms' China hack denials: https://www.reuters.com/article/us-china-cyber-dhs/dhs-says-no-reason-to-doubt-firms-china-hack-denials-idUSKCN1MH00Y (https://www.reuters.com/article/us-china-cyber-dhs/dhs-says-no-reason-to-doubt-firms-china-hack-denials-idUSKCN1MH00Y)
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: donotdespisethesnake on October 07, 2018, 12:22:59 pm
DHS says no reason to doubt firms' China hack denials: https://www.reuters.com/article/us-china-cyber-dhs/dhs-says-no-reason-to-doubt-firms-china-hack-denials-idUSKCN1MH00Y (https://www.reuters.com/article/us-china-cyber-dhs/dhs-says-no-reason-to-doubt-firms-china-hack-denials-idUSKCN1MH00Y)

I think that nails it dead, Bloomberg's story is fake news. Reminds me of https://en.wikipedia.org/wiki/Hitler_Diaries (https://en.wikipedia.org/wiki/Hitler_Diaries)

Now we know the story is bogus, the question is how Bloomberg managed to make such a huge cock-up. Unquestioning conservative blogs are already using it as justification to increase the "war" with China, so maybe that provides the answer.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: BravoV on October 07, 2018, 01:47:25 pm
Now we know the story is bogus, the question is how Bloomberg managed to make such a huge cock-up. Unquestioning conservative blogs are already using it as justification to increase the "war" with China, so maybe that provides the answer.

Not that simple, China is just collateral damage which is inline with the current US political agenda at the international scenes.

Meanwhile at local/domestic affair, this is happening ...

https://www.washingtonpost.com/business/capitalbusiness/pentagon-doubles-down-on-single-cloud-strategy-for-10-billion-contract/2018/08/05/352cfee8-972b-11e8-810c-5fa705927d54_story.html?noredirect=on (https://www.washingtonpost.com/business/capitalbusiness/pentagon-doubles-down-on-single-cloud-strategy-for-10-billion-contract/2018/08/05/352cfee8-972b-11e8-810c-5fa705927d54_story.html?noredirect=on)

https://www.bloomberg.com/news/articles/2018-07-26/pentagon-goes-with-winner-take-all-10-billion-cloud-contract (https://www.bloomberg.com/news/articles/2018-07-26/pentagon-goes-with-winner-take-all-10-billion-cloud-contract)

https://www.washingtonpost.com/business/2018/08/07/oracle-challenges-pentagons-multibillion-dollar-cloud-computing-contract-before-bids-are-even-submitted/ (https://www.washingtonpost.com/business/2018/08/07/oracle-challenges-pentagons-multibillion-dollar-cloud-computing-contract-before-bids-are-even-submitted/)

https://www.bloomberg.com/news/articles/2018-06-26/amazon-foes-in-pentagon-cloud-deal-are-said-to-include-sap-csra (https://www.bloomberg.com/news/articles/2018-06-26/amazon-foes-in-pentagon-cloud-deal-are-said-to-include-sap-csra)


... + senates hearing for big companies ...
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: Cerebus on October 07, 2018, 02:29:13 pm
Agree, and this means Bloomberg's reporter knows better than US DHS and UK NCSC, interesting time indeed.

Counterintelligence is responsibility of CIA, not DHS or FBI. If this is true story, it can have "top secret" seal for decades. Other option is just stock fraud or (unlikely) dumb defamation. We will see soon because investors are very unhappy - shares plunged 50%.

Literally wrong on every fact.

Quote from: https://www.fbi.gov/investigate/counterintelligence
The FBI is the lead agency for exposing, preventing, and investigating intelligence activities on U.S. soil, ...

Quote from: https://www.dhs.gov/office-intelligence-and-analysis
Foster a fully synchronized, cohesive enterprise that integrates intelligence into operational functions and drives action through Mission Centers to mitigate all threats to the Homeland including-Counterintelligence, Counterterrorism, Cyber, Economic Security, and Transnational Organized Crime.

Quote from: https://www.britannica.com/topic/Central-Intelligence-Agency
In 1947 Congress passed the National Security Act, which created the National Security Council (NSC) and, under its direction, the CIA. ..., the CIA was forbidden by law (the National Security Act) from conducting intelligence and counterintelligence operations on domestic soil.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: Cerebus on October 07, 2018, 02:49:52 pm
One peace of nonsense you wrote here. CIA often exceeds what they are allowed to do, however they can operate legally within US. Just imagine how what you wrote would work in practice. They look after some spies who are outside US, those spies contact other spies within US. Nope, we cannot investigate those  :palm:.

Let's repeat that again:

Quote from: https://www.britannica.com/topic/Central-Intelligence-Agency
In 1947 Congress passed the National Security Act, which created the National Security Council (NSC) and, under its direction, the CIA. ..., the CIA was forbidden by law (the National Security Act) from conducting intelligence and counterintelligence operations on domestic soil.

If it's on US soil it's the FBI's jurisdiction. If the CIA discover something overseas with a domestic link they have to get the FBI to handle that end of it - just as if, say, the Sûreté uncover a crime in Paris with a London link and have to involve the Metropolitan Police [of London] because they have no legal powers in London. The CIA case is more extreme because they are explicitly forbidden by law from acting domestically, not just lacking legal powers to do so.

So who was writing a "peace[sic] of nonsense"?  :palm: Y'all might want to check your facts before implying someone else is a fool.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: David Hess on October 07, 2018, 02:55:34 pm
I have purchased "ghost shift" products in the past. Some typical signs are 1.) the box and manual of the product do not carry the vendor's name, address, or logo, but the vendor logo is silkscreened onto the device itself; 2.) the manual appears to be a crudely laid-up Xerox copy of an existing document; 3.) the presence of China-market testing and recycling marks. The actual quality of the product may be the same, but you obviously should not expect vendor support.

In many cases this is discovered when the real company receives customer service requests for identical products which they have no record of producing.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: wraper on October 07, 2018, 02:59:30 pm
I have purchased "ghost shift" products in the past. Some typical signs are 1.) the box and manual of the product do not carry the vendor's name, address, or logo, but the vendor logo is silkscreened onto the device itself; 2.) the manual appears to be a crudely laid-up Xerox copy of an existing document; 3.) the presence of China-market testing and recycling marks. The actual quality of the product may be the same, but you obviously should not expect vendor support.
What you described in 99% of cases is counterfeit, not ghost shift. Also when you order from China, often they throw away original box. So it also could be a product for Chinese market which originally came with Chinese manual.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: BravoV on October 07, 2018, 03:17:25 pm
So who was writing a "peace[sic] of nonsense"?  :palm: Y'all might want to check your facts before implying someone else is a fool.

You have to realize after seeing this thread grows into so many pages which is a proof and sign, that even one that had been experienced, worked and trained in logical thinking regime at engineering field, doesn't mean one can see thru clearly in this kind of matter, which is pretty simple and straightforward.

This thread grows because posters are divided majorly into two camps only, as I stated previously, which are "want to believe" camp vs "the pudding" camp.  :-DD
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: Cerebus on October 07, 2018, 03:31:05 pm
This thread grows because posters are divided majorly into two camps only, as I stated previously, which are "want to believe" camp vs "the pudding" camp.  :-DD

I think there's a third camp that agree with Tim (T3sl4co1l) that it's technically feasible, but that the reporting is suspect, both from a quality of journalism point of view and a geopolitical/realpolitik point of view. That's certainly where I'd place myself.

There's a fog around this, I don't think it will clear anytime soon, and trying to penetrate into the fog by logical deduction is difficult, but that doesn't mean it shouldn't be attempted. Misinformation and contributed "factoids" that are plain wrong don't help.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: Cerebus on October 07, 2018, 04:05:10 pm

What about cloning an entire company (https://www.nytimes.com/2006/05/01/technology/01pirate.html)?

The other common type of cloning is when the production factory runs an extra undocumented shift.

Wow, great eye opener. Textbook MitM.

Indeed. For those who didn't follow the link, some counterfeiters set up a whole organization so that the factories in China and Taiwan producing the counterfeits didn't know that they were. They thought that they were legitimately contract manufacturing for NEC.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: apis on October 07, 2018, 05:13:36 pm
DHS says no reason to doubt firms' China hack denials: https://www.reuters.com/article/us-china-cyber-dhs/dhs-says-no-reason-to-doubt-firms-china-hack-denials-idUSKCN1MH00Y (https://www.reuters.com/article/us-china-cyber-dhs/dhs-says-no-reason-to-doubt-firms-china-hack-denials-idUSKCN1MH00Y)

I think that nails it dead, Bloomberg's story is fake news.
I wouldn't dismiss it completely just because of that. Historically it's been pretty common for different government intelligence agencies not knowing what the others are doing, and the us intelligence branch of government is absolutely enormous as far as I know (which admittedly isn't much).
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: Marco on October 07, 2018, 06:31:09 pm
I just don't see an angle for the US government to want to cover this up at the moment. They have no problem declaring the embassy incidents attacks even in the absence of physical evidence (no trauma showed up on MRI for most of the affected persons, the diagnosis is purely based on symptoms). Why would they cover for China when Trump seeks justification for his trade measures? The presumed attack is relatively low tech all things considered so it's not like revealing the evidence would matter in that respect.

The companies I can kind of understand, they have commercial interests in China ... but even then Apple is extremely image conscious, blatantly lying seems very unlikely when actual evidence could pop up from way too many sources if this were true.

PS. if people in intelligence agencies are purposely keeping this information from the White House they better pray Trump is gone before they get found out.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: ogden on October 07, 2018, 06:45:44 pm
Counterintelligence is responsibility of CIA, not DHS or FBI. If this is true story, it can have "top secret" seal for decades. Other option is just stock fraud or (unlikely) dumb defamation. We will see soon because investors are very unhappy - shares plunged 50%.

Literally wrong on every fact.

Thank you for clarifying that DHS does Counterintelligence on US soil. Info you provided does not say anything about FBI Counterintelligence operations. So I can count only one fact I was wrong, maybe two, not every fact as you say.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: apis on October 07, 2018, 06:58:22 pm
Why would they cover for China when Trump seeks justification for his trade measures?
Well, that is a motive for making up a story like this though. Wouldn't be the first time Trump comes up with "alternative facts" to suit his interests.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: Cerebus on October 07, 2018, 07:23:32 pm
Counterintelligence is responsibility of CIA, not DHS or FBI. If this is true story, it can have "top secret" seal for decades. Other option is just stock fraud or (unlikely) dumb defamation. We will see soon because investors are very unhappy - shares plunged 50%.

Literally wrong on every fact.

Thank you for clarifying that DHS does Counterintelligence on US soil. Info you provided does not say anything about FBI Counterintelligence operations. So I can count only one fact I was wrong, maybe two, not every fact as you say.

Go and read it again, do a text search within the message if you have to for counterintelligence. All three points you made about the FBI, CIA and DHS in relation to counterintelligence are refuted from authoritative sources.

This is exactly what I was talking about the other day, you make wrong statements on a subject that you are ill-informed on. Then you quibble when someone corrects you, deliberately ignoring anything that doesn't suit your case, often shifting the goalposts in the process. Eventually you reach the point where you start making rude remarks about the character, intelligence or educational attainment of the person who corrected you - except this time if you do it you will be hoist by your own petard.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: ogden on October 07, 2018, 07:42:12 pm
Go and read it again, do a text search within the message if you have to for counterintelligence. All three points you made about the FBI, CIA and DHS in relation to counterintelligence are refuted from authoritative sources.

Go and read my post again, show where I said "on domestic soil". Those suspect factories planting chips were located in the US or am I missing something?

Quote
Eventually you reach the point where you start making rude remarks about the character, intelligence or educational attainment of the person who corrected you

You are stepping over the line here. Let's continue in PM and check our records of you versus me insulting others, with CC: moderator.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: Marco on October 07, 2018, 07:53:10 pm
Well, that is a motive for making up a story like this though. Wouldn't be the first time Trump comes up with "alternative facts" to suit his interests.
I don't think think Trump could tell the NSA to activate 18 deep cover moles inside US companies to trick Bloomberg.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: Cerebus on October 07, 2018, 08:02:49 pm
Go and read it again, do a text search within the message if you have to for counterintelligence. All three points you made about the FBI, CIA and DHS in relation to counterintelligence are refuted from authoritative sources.

Go and read my post again, show where I said "on domestic soil". Those suspect factories planting chips were located in the US or am I missing something?

And there the moving of goalposts starts ...

Quote
Quote
Eventually you reach the point where you start making rude remarks about the character, intelligence or educational attainment of the person who corrected you

You are stepping over the line here. Let's continue in PM and check our records of you versus me insulting others, with CC: moderator.

No. These arguments you seek out might amuse you, but they annoy me (and I suspect others too) the very last thing I am going to do is give you carte blanche to annoy me in PMs too. Why don't you give it rest, he said wearily.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: apis on October 07, 2018, 08:21:28 pm
Well, that is a motive for making up a story like this though. Wouldn't be the first time Trump comes up with "alternative facts" to suit his interests.
I don't think think Trump could tell the NSA to activate 18 deep cover moles inside US companies to trick Bloomberg.
It would only take one, not particularly deep cover, mole in Bloomberg.
(Maybe just a phone-call to the director: "hey, it's POTUS/CIA/<initialism>, we'd like you to run this story for us." :))
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: Mr. Scram on October 07, 2018, 09:02:38 pm
I think that nails it dead, Bloomberg's story is fake news. Reminds me of https://en.wikipedia.org/wiki/Hitler_Diaries (https://en.wikipedia.org/wiki/Hitler_Diaries)

Now we know the story is bogus, the question is how Bloomberg managed to make such a huge cock-up. Unquestioning conservative blogs are already using it as justification to increase the "war" with China, so maybe that provides the answer.
With the track record the various agencies have, why would this "nail the story dead"? If there's something like a gag order the DHS isn't going to spill the beans. It does put the pressure on Bloomberg to come up with something more tangible, although a more suspicious mind might wonder whether they'd be allowed to produce such proof at this point in time. It's obviously also nearly impossible to disprove the story.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: floobydust on October 07, 2018, 09:06:51 pm
Here's the only Bloomberg pic, and we can all smell the bullshit in a 3-pin package...

Why sit on this for over 3 years? The government probe started in 2015 with Amazon's discovery, supposedly.
Aww poor businesses, banks that still have a back door to a foreign hostile that is still open? Who cares about the DoD, Navy ships, drones, government agencies infiltrated.  :palm:
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: daqq on October 07, 2018, 09:14:05 pm
Quote
Here's the only Bloomberg pic, and we can all smell the bullshit in a 3-pin package...
Er, no, there were other pics of said park, see initial post link. It looks like a 6 pin package, very similar to a balun:

http://www.farnell.com/datasheets/2580617.pdf?_ga=2.1792241.1799087673.1538946562-1417168484.1514813103 (http://www.farnell.com/datasheets/2580617.pdf?_ga=2.1792241.1799087673.1538946562-1417168484.1514813103)

I can see such a device hooked up to some SPI bus that talks to an SPI memory, pretending to be the memory... or any number of other possibilities.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: cdev on October 07, 2018, 11:04:28 pm
I'd like to know a lot more about what is supposed to be in that very generic looking tiny part.

It looks just like some small RF transformers and low pass filters that I have. I think they were made by either TDK or Murata.


Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: Mr. Scram on October 07, 2018, 11:08:33 pm
I'd like to know a lot more about what is supposed to be in that very generic looking tiny part.

It looks just like some small RF transformers and low pass filters that I have. I think they were made by either TDK or Murata.
Wasn't that the point, that it looked like a mundane and innocuous part?
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: Halcyon on October 07, 2018, 11:29:07 pm
I wonder how many people have already gone to town on their motherboards, removing this component, only to realise it was actually required for the machine to boot.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: blueskull on October 07, 2018, 11:31:20 pm
I wonder how many people have already gone to town on their motherboards, removing this component, only to realise it was actually required for the machine to boot.

Your machine doesn't need a balun to boot. You may lose WiFi/BT, but 99% of the machines use RF cards instead of built-in RF, so who cares?
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: bd139 on October 07, 2018, 11:43:53 pm
Also this was targeting servers. Servers have no RF capable parts on.

Actually I don’t have any  Supermicro ones available to me but after scanning tens of high res motherboard pictures there’s nothing that looks even remotely like a balun on any server motherboards. There’s decoupling, power conversion, protection, identifiable ICs, transistors/MOSFETs/diodes, connectors and bugger all else. anything with enough pins is identifiable.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: BravoV on October 07, 2018, 11:50:08 pm
C'mon, how hard is that, to de-solder that suspected component, put it side by side with a genuine one under the microscope, start to sand both layer by layer exposing it's internal while comparing ?  :palm:
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: mtdoc on October 07, 2018, 11:58:30 pm
Why would they cover for China when Trump seeks justification for his trade measures?
Well, that is a motive for making up a story like this though. Wouldn't be the first time Trump comes up with "alternative facts" to suit his interests.

This is not a Trump thing (and I'm no Trump fan).

This has been going of at least since the 1950s in the US (and other countries).  See Operation Mocking Bird (https://en.wikipedia.org/wiki/Operation_Mockingbird)
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: BravoV on October 08, 2018, 12:09:03 am
Why would they cover for China when Trump seeks justification for his trade measures?
Well, that is a motive for making up a story like this though. Wouldn't be the first time Trump comes up with "alternative facts" to suit his interests.

This is not a Trump thing (and I'm no Trump fan).

This has been going of at least since the 1950s in the US (and other countries).  See Operation Mocking Bird (https://en.wikipedia.org/wiki/Operation_Mockingbird)

If this is true for bad mouthing China, the question is why they had to sacrifice "American" companies ?

They could just make & publicize it without mentioning specific company names.  :-//
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: BravoV on October 08, 2018, 12:19:53 am
-> https://www.reuters.com/article/us-china-cyber-apple/apple-tells-congress-it-found-no-signs-of-hacking-attack-idUSKCN1MH0YQ (https://www.reuters.com/article/us-china-cyber-apple/apple-tells-congress-it-found-no-signs-of-hacking-attack-idUSKCN1MH0YQ)

Quote ...

"Bloomberg said on Friday it stood by its story, which was based on 17 anonymous sources. Some allegations were based on fewer accounts or even a single unnamed source, Apple noted in its letter."

Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: mtdoc on October 08, 2018, 12:23:53 am
Why would they cover for China when Trump seeks justification for his trade measures?
Well, that is a motive for making up a story like this though. Wouldn't be the first time Trump comes up with "alternative facts" to suit his interests.

This is not a Trump thing (and I'm no Trump fan).

This has been going of at least since the 1950s in the US (and other countries).  See Operation Mocking Bird (https://en.wikipedia.org/wiki/Operation_Mockingbird)

If this is true for bad mouthing China, the question is why they had to sacrifice "American" companies ?

They could just make & publicize it without mentioning specific company names.  :-//

They didn't bad mouth American companies. They of course had to mention which companies products were involved or the accusation would have no teeth at all.  They also had to report those companies responses.

Unless a neutral 3rd party analysis of the hardware is done and confirms the report - it will be clear this was just a propaganda piece.  Nevertheless, it will have succeeded in planting more anti-China feelings in the populace and help support the new Cold War.

No one will remember that the original report was never confirmed. No company other than perhaps relatively small Supermicro will have been negatively affected.  But the anti-China sentiment will have been seeded. Mission accomplished.

It's no different than the "Russia hacking" hysteria. No one will notice that there were never any actual prosecutions of Russian hackers, yet the anti-Russia sentiment will remain.  This is how propaganda works.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: blueskull on October 08, 2018, 12:31:44 am
If this is true for bad mouthing China, the question is why they had to sacrifice "American" companies ?

What if this put up job is to manipulate Apple and Amazon (with stock price influence by stockholder confidence through media coverage) to shift from buying Made in China gears to Made in US gears?
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: Marco on October 08, 2018, 12:46:21 am
This is not a Trump thing (and I'm no Trump fan).

This has been going of at least since the 1950s in the US (and other countries).  See Operation Mocking Bird (https://en.wikipedia.org/wiki/Operation_Mockingbird)
The problem is the level of conspiracy necessary to keep evidence from any of the companies and from government from leaking if Bloomberg's report was true. Unless there's a mountain of National Security Letters out there keeping everyone involved living in fear I just don't see how it can be. That mountain of NSLs would mean it either goes to the top/Trump or the security agencies are playing traitor and keeping Trump out of the loop. Trump has no reason to keep this secret if he knows about it.

It's easier to just assume Bloomberg cobbled together a conspiracy theory from misleading information (intentionally spread or not) and subsequently asking some useful idiots leading questions.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: cdev on October 08, 2018, 12:51:27 am
That chip looks a lot like a six legged version of what I call PCB resident 'feed through' caps.. I dont know the technical name for them. They are kind of an RFI filter.

They are basically bypass caps with two legs. (although they might also incorporate ferrite materials) (these bypass caps only have three terminals, the ones at the ends are the DC path and the two on the sides at the middle are the ground that has the RF bypassed to it.)

 They are kind of a 2D, semi-planar version of the old feed through caps that penetrate a case wall.

They have the same function. There- using a lower quality part might reduce the effectiveness of RFI bypassing.

Which might be all that was required.

In order to enable some back-channel attacks (which could then only be pursued from near the machine physically) all that likely needs to be done is sabotage formerly effective RFI suppression methods.

Making it so a nearby listener might be able to extract enough information to break whatever encryption keys was being used.

This attack would only work if the attacker was within a few meters, most likely. So basically they would have to have access to the data center the servos were in.

Although I have no idea how it fits in, liberalizing services is proposed to double (probably many times more than that, just imagine how much will be saved on wages, money which is now 'wasted' to rent extraction. (/sarcasm)

The hype proposes that business profits globally could be increased many fold by increasing efficiency, which increasingly means moving jobs to the digital economy.

One of the main questions is where will the trade rules require that servers and the actual information be located?

One of the biggest roadblocks to making businesses so very much much much more efficient and reducing costs to the bone (and an eventual shakeout within which most of those businesses get absorbed into others) is who gets to say where the important information thats stored on servers will be.

Can governments - despite their commitments to trade liberalization, think of some excuse to hold it back (and presumably steer that business to well connected insiders in their own country, even though some other provider of the service may be cheaper)

A business like Amazon's 2nd biggest asset after their brand name is their technology, which they (probably) want to keep close to their vests. (I would expect them to!) However, agreements between countries commit countries to switch from in house provision of services to low bidders, biding in an international competition.

Could the country whose information is at issue - or the country whose flag of convenience a corporation flies require some parts be inside their physical country and control, even when its not national security related?

(National security is basically the only area that gets a free pass to remain under individual nation's control)

I have no idea what they are arguing these days. But you can bet it isnt good for the little guy, whose business will likely be put under extreme pressure by global competition, if there is any money to be made in it.

This kind of 'incident' real or not, may be part of the arguments in some way. Countries are jockeying for position in this huge shift and people like us can only guess at their long term strategies.





Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: blueskull on October 08, 2018, 01:00:09 am
That chip looks a lot like what I call "PCB resident feed through caps.. They are the 2D version of the old feed throughs that penetrated a case wall.

In order to enable some back-channel attacks (which could then only be pursued from near the machine physically) all that likely needs to be done is sabotage formerly effective RFI suppression methods.

This attack would only work if the attacker was within a few meters, most likely.

That's an RF balun. I've never heard of any beadcaps looking like that.
And it's not going to work in a few meters. More like a few centimeters, and it must be in the chassis.
If so, why don't the attacker just pull the drive out?

FYI, Intel has thought of this before, so modern Xeon chips with ECC use scrambling. Anything from and to the RAM (top GHz-range EMI source in a computer) is scrambled by CPU.

Also, Bloomberg said it's alleged to be an IC developed by Chinese military. That's not an IC to my eyes. That's clearly made of fired ceramics, and no common silicon IC can survive after being fired at ceramic firing temperature.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: cdev on October 08, 2018, 01:34:14 am
MMIC is the term they use. And its a broad term that encompasses a great many kinds of devices.

They use ceramics because of the favorable dielectric properties.

It really is a black art.   

Note I am not even going to try to weigh in on how feasible it is.


Also, it may have little to do with China per se.

In other words, it may just be an argument to slow down the pace of the race to the bottom.

Countries are competing with one another for investment, to prop up currencies - Claiming they have to do it because of the global nature of capital. Democracy they say is just too unpredictable for companies and investors.

One explanation I thought was good was "How Far Will International Economic
Integration Go?" by Dani Rodrik

I think we're cutting off our own noses to spite our face.

By committing so aggressively to trade liberalization (which hasnt ended, its not just in the past), the US may have put itself in a very unpleasant situation because the rate of progress in labor saving technologies has been so very much faster than any of the politicians or economists ever even remotely imagined. And its getting even faster very rapidly.

A race to the bottom is a game that nobody wins.

Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: blueskull on October 08, 2018, 01:44:43 am
the US may have put itself in a very unpleasant situation because the rate of progress in labor saving technologies has been much faster than any of the politicians or economists ever even remotely imagined.

Please, stay within the topic.

And just so you know, for thousands of years, technology, religion and military were and are working for the top of the society pyramid.

If globalization doesn't kill the lower end of human spectrum, automation will, or wars will, or fill _in_the_blank will.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: daqq on October 08, 2018, 05:28:12 am
Quote
Also this was targeting servers. Servers have no RF capable parts on.
Please note that the part I linked was just an example of a part that looks similarly. There are also SMD EMC filters that look the same. See:

https://product.tdk.com/info/en/products/emc/emc/3tf/catalog.html

Specific series:

https://product.tdk.com/info/en/catalog/datasheets/3tf_commercial_signal_mem2012sc_en.pdf

And MURATA IIRC has something very similar.

Now, if I'd seen this on a server board sitting among other parts I do not think that I would be terribly surprised.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: Bud on October 08, 2018, 05:43:15 am
Also this was targeting servers. Servers have no RF capable parts on.

RF balun does not mean the part radiates. RF Baluns are high frequency devices are routinely used to convert signal between balanced and unbalanced circuits, such as single ended to differential line. Digital circuits can utilize RF baluns for clock conditioning for example.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: Mr. Scram on October 08, 2018, 06:43:47 am
Why are you all assuming an implant chip is what it looks like? You'd obviously disguise an implant device as something innocuous, or at least attempt to make it less obvious. Otherwise you could just stick a GSM board on there and call it quits.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: VK3DRB on October 08, 2018, 10:17:28 am
Entrepreneurial, or just plain greedy?... http://www.abc.net.au/news/2018-04-26/daigou-chinese-personal-shopping-$1-billion-industry/9671012 (http://www.abc.net.au/news/2018-04-26/daigou-chinese-personal-shopping-$1-billion-industry/9671012)

If you think that's worst, then you are wrong. If it's within the boarder of China, those Daigou people will buy all stocks, even without orders, to bump up the price and sell them back to the people needing them the most...


Sounds like greedy housing developers, most of whom use money from the PRC.

In this city of Melbourne it is illegal to buy tickets to the famous Grand Final football game and scalp the tickets on eBay at inflated prices. Same with concerts. They buy blocks of Justin Bieber tickets selling them to 14 year old teeny boppers at crossly inflated prices, which our govt has made illegal (not Bieber unfortunately, but ticket scalping). Our culture condemns ticket scalpers but praises the "entrepreneurs" scalping houses... Scalping tickets?>:D, but scalping houses? :-+.  In the US the rich are looked on with admiration, but those who dare question inequality are called socialist scum. How dare anyone suggest the super rich are taxed more to give to the poor.... they must be commies.

As one famous US presidential adviser said: The trickle down effect is rubbish. A billionaire might only buy 2 pairs of jeans a year. But if he shared some of his wealth to 10,000 poor people to get them out of poverty, the demand is now 20,000 pairs. Inequality also leads to economic stagnation.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: madires on October 08, 2018, 11:56:32 am
Please don't take Bloomberg's image too seriously. Media often uses images in the sense of "something looking similar" and I doubt that Bloomberg has the spy chip. Here's another interesting comment from a well known journalist: https://krebsonsecurity.com/2018/10/supply-chain-security-is-the-whole-enchilada-but-whos-willing-to-pay-for-it/. He mentions a Chinese chip built into Internet-enabled printers for sending a copy of everything printed home. That was more than a decade ago.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: NiHaoMike on October 08, 2018, 12:33:23 pm
He mentions a Chinese chip built into Internet-enabled printers for sending a copy of everything printed home. That was more than a decade ago.
It would be interesting to troll them by hacking the printer to not actually print (save on paper), then keep sending it thousands of pages of what look like a one time pad.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: ajb on October 08, 2018, 05:24:21 pm
The Register has a good overview of thestory and the issues of competing credibility here:

https://www.theregister.co.uk/2018/10/04/supermicro_bloomberg/?page=1 (https://www.theregister.co.uk/2018/10/04/supermicro_bloomberg/?page=1)
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: Cerebus on October 08, 2018, 05:32:04 pm
That article is a few days old now, and may have missed more recent developments.

(And if the author, Mr. McCarthy's, previous output is anything to judge by, the point too. Let's say that he's not at the top of my list of reliable authors, he completely mangled an article on IP networking the other week.)
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: bd139 on October 08, 2018, 06:36:05 pm
The Register is basically the same as The Sun and The Daily Mail here. But with less tits. Other than the editor.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: Cerebus on October 08, 2018, 06:59:44 pm
The Register is basically the same as The Sun and The Daily Mail here. But with less tits. Other than the editor.

Oh no, el Reg is much more fun. I used to know both of the founders, worked with one of them. They were both the kind of men you had "drinking stories" about that you could dine out on.  :) Mike, no longer there, had a justified reputation for digging out stories that others couldn't - possibly by giving his sources liver failure in a single evening. John, still a director there, is known for single-handedly keeping the publicans of Bloomsbury in gainful employment - IT journalism's Jeffrey Bernard.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: bd139 on October 08, 2018, 07:28:10 pm
Yes Mike disappeared off to start the Inquirer. Surprised he's still alive. Surprised any of them. I don't know them personally but have heard the stories by proxy of someone who indeed was one of their sources many years ago. He now lives in Thailand away from it all as I think he pissed off so many people to the point he was unemployable in the UK and Europe.

Edit: I made the mistake of employing him  :-DD (fortunately we had nothing to leak)
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: mnementh on October 08, 2018, 07:51:43 pm
Jeezus... you two come along and the IQ in here increases 50 points...

mnem
And then I come along and...  :palm:
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: coppercone2 on October 08, 2018, 08:44:36 pm
Well I would not be surprised if some alphabet agency, ordered by executive order, confiscated all this crap and or was aware of this crap and thats why apple/big dogs stopped doing business with these people. the whole trade war could have been planned way in advanced.

If you admit to compromise all sorts of foreign companies not on US soil could benefit greatly and massive amounts of US infrastructure could be considered compromised. If intelligence was able to figure out what the Chinese were doing we could do damage control and play geopolitical and economic games using these things, i.e. controlled leaks.

Given how focused the american goverment is on economic growth I don't really think they would just flip out, they have to plan something out to limit economic damage (cuz now we are in a three superpower world, not only USSR/USA), so if our economy falls the Russians and other people can get stronger.

It's often the case when taps and other bugs are discovered they are left in place and used to misguide the enemy.

I expect that this whole thing is a complete and utter cluster fuck by our standards. I think that there might be secret services doing counter stock market manipulation using knowledge of stuff like this. 

Also the DHS is new by intelligence standards and they don't have the same connections as the CIA/OSA that has been around for a long time now, so they don't know fuck.

If it was used for counterintelligence purposes, identical boards could have been made in CIA run facilities to replace compromised boards with some kind of filter or protection diode or whatever too, then reinstalled, with the surveillance chips removed when no longer useful. This could be used to cover up machiavelian stock market manipulation, which favors the growth and protection to companies that are more vital to the US economy then companies which were naturally more successful (kind of like load balancing, the successful companies that can tolerate the hit got hit, while the weaker or more important ones for reputation were protected to have a overall less effect on the US economy).  A few businesses suffering on the stock market or losing IP is alot better then some big one going down, causing big unemployment, leading to the expensive retrofit of otherwise high quality infrastructure and military stuff.

The existence of communist china, with its great focus on economic growth by any means necessary, could have lead to this reaction, be it necessary or out of a sense of justice or pride. Since many businesses could be seen as doing Machiavellian things (like operating out of low tax areas to avoid paying the US government) they could be seen as pawns to manipulate with little moral qualm from someone that considers themselves a patriot that wants to protect their own country and sees those companies as having a hostile or 'i dont give a fuck about anything but my business' mentality. Eventually when you try to make money by any means necessary some patriots are going to get pissed off when your logically fucking the country you live in in a legal way. If you make a 'psychological profile' of a company you can kind of determine its various levels of allegiance to values, stock holders, employees, country of origin and its owners. A focus on pure economy is easily seen as sociopathic, so you don't really have much of a concern for its well being?

Someone setting up massive factories in china, allowing communist party members into its nerve centers and running out other loyal American businesses is not really seen as that much of a friendly citizen, especially if their trying to avoid paying taxes.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: bd139 on October 08, 2018, 09:05:16 pm
The trade war is pretty shallow. All it takes is a nose through some modern history books to see where we’re being nudged.

Or not because national governments are incredibly weak and vulnerable the moment they deployed technology unaware it can and is being used against them until it’s too late.

Another empire falls. Then you find our Firefly was right and you’ll be speaking English but insulting each other in Cantonese :)
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: Bud on October 08, 2018, 09:18:52 pm
and running out other loyal American businesses is not really seen as that much of a friendly citizen, especially if their trying to avoid paying taxes.

I am pretty sure US requires you to report income regardless of where the business is located and you still get taxed.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: coppercone2 on October 08, 2018, 09:20:51 pm
and running out other loyal American businesses is not really seen as that much of a friendly citizen, especially if their trying to avoid paying taxes.

I am pretty sure US requires you to report income regardless of where the business is located and you still get taxed.

https://itep.org/fact-sheet-apple-and-tax-avoidance/
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: apis on October 08, 2018, 09:26:11 pm
Then you find our Firefly was right and you’ll be speaking English but insulting each other in Cantonese :)
Technically they were all supposed to speak as much Chinese as English (if not more), but for obvious reasons they were mainly speaking English but kept insults in Chinese as a way of getting around the US censorship.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: bd139 on October 08, 2018, 09:33:51 pm
That makes sense  :-+
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: Cerebus on October 08, 2018, 09:37:54 pm
Another empire falls. Then you find our Firefly was right and you’ll be speaking English but insulting each other in Cantonese :)

Only a 杘頭 would think that.  :)
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: tooki on October 08, 2018, 10:00:38 pm
Also this was targeting servers. Servers have no RF capable parts on.

Actually I don’t have any  Supermicro ones available to me but after scanning tens of high res motherboard pictures there’s nothing that looks even remotely like a balun on any server motherboards. There’s decoupling, power conversion, protection, identifiable ICs, transistors/MOSFETs/diodes, connectors and bugger all else. anything with enough pins is identifiable.
^^^ this. I've been saying this since I read the article.

If you were going to camouflage a chip to covertly install it on a server mobo, you'd masquerade it as a component normally found on a server mobo! You would't make it look like an RF component, which has no place on a server board!!   :palm: |O :-DD

There are so many issues with this alleged infiltration that I'm surprised anyone with half an ounce of technical savvy is giving it a second thought. There are just too many layers of too many organizations that you'd have to infiltrate in tandem, to maintain version control throughout design, manufacturing, and testing. It defies belief.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: wraper on October 08, 2018, 10:13:15 pm
Also this was targeting servers. Servers have no RF capable parts on.

Actually I don’t have any  Supermicro ones available to me but after scanning tens of high res motherboard pictures there’s nothing that looks even remotely like a balun on any server motherboards. There’s decoupling, power conversion, protection, identifiable ICs, transistors/MOSFETs/diodes, connectors and bugger all else. anything with enough pins is identifiable.
^^^ this. I've been saying this since I read the article.

If you were going to camouflage a chip to covertly install it on a server mobo, you'd masquerade it as a component normally found on a server mobo! You would't make it look like an RF component, which has no place on a server board!!   :palm: |O :-DD

There are so many issues with this alleged infiltration that I'm surprised anyone with half an ounce of technical savvy is giving it a second thought. There are just too many layers of too many organizations that you'd have to infiltrate in tandem, to maintain version control throughout design, manufacturing, and testing. It defies belief.
FWIW there are also EMI filters in similar package https://media.digikey.com/pdf/Data%20Sheets/Murata%20PDFs/NFA31C_Series(1206%20Size).pdf (https://media.digikey.com/pdf/Data%20Sheets/Murata%20PDFs/NFA31C_Series(1206%20Size).pdf)
As I said earlier, I dunno if this story has any truth in it. I just consider it technically feasible. IIRC article called rogue component disguised as "filter". Picture probably is just something they googled as filter.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: cdev on October 08, 2018, 10:30:30 pm
What a mess. And I don't see this getting any better soon, either.

Time to go back to reading books and spending time with real people instead of on the Internet.

The Register has a good overview of thestory and the issues of competing credibility here:

https://www.theregister.co.uk/2018/10/04/supermicro_bloomberg/?page=1 (https://www.theregister.co.uk/2018/10/04/supermicro_bloomberg/?page=1)
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: donotdespisethesnake on October 08, 2018, 11:10:01 pm
It seems that all the "on the record" commentators are denying the story, and the only people "confirming" it are Bloomberg's anonymous sources. Bloomberg are not providing a shred of evidence, nor even evidence that they have seen any evidence....

However, Bloomberg can just the story sit there, whoever is behind it presumably achieved their mission (shorts, alphabet, POTUS etc), no one can prove Bloomberg's "scoop" is fake. Win win basically.

Well, the Russians meddled with US elections, annexed a country, murdered people in the UK, downed a whole airliner over Ukraine, and they basically get away with it. So spreading a little FUD about China is pretty small beer really.

It's kind of like the computer game sequel to "Cold War I", with new player factions.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: bd139 on October 08, 2018, 11:20:42 pm
I think you may have just nailed it there.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: blueskull on October 09, 2018, 12:27:09 am
It's kind of like the computer game sequel to "Cold War I", with new player factions.

Seems like the cold war won't be cold for long. Let's see, will WW3 break out on Nov. 6th?
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: tooki on October 09, 2018, 01:00:16 am
FWIW there are also EMI filters in similar package https://media.digikey.com/pdf/Data%20Sheets/Murata%20PDFs/NFA31C_Series(1206%20Size).pdf (https://media.digikey.com/pdf/Data%20Sheets/Murata%20PDFs/NFA31C_Series(1206%20Size).pdf)
As I said earlier, I dunno if this story has any truth in it. I just consider it technically feasible. IIRC article called rogue component disguised as "filter". Picture probably is just something they googled as filter.
They specifically said “signal conditioning coupler”, which a bit of googling showed to be RF devices.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: cdev on October 09, 2018, 02:47:58 am
They may simply be fancy feed through caps, i.e. bypass caps.. "fancy" name for which is now filter. (Maybe there is an inductor, i.e. spiral structure in there along with the capacitance.)

Also, we're forgetting that with multinational public companies, they have a legal obligation to treat all countries the same. If they install a back door for one, they have to do it for all of them.

They are not allowed to discriminate on any basis other than money.

Whichever countries are their bigge$t customers come first.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: Mr. Scram on October 09, 2018, 03:16:45 am
Jeezus... you two come along and the IQ in here increases 50 points...

mnem
And then I come along and...  :palm:
That's about 25 points each.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: Mr. Scram on October 09, 2018, 03:25:19 am
They may simply be fancy feed through caps, i.e. bypass caps.. "fancy" name for which is now filter. (Maybe there is an inductor, i.e. spiral structure in there along with the capacitance.)

Also, we're forgetting that with multinational public companies, they have a legal obligation to treat all countries the same. If they install a back door for one, they have to do it for all of them.

They are not allowed to discriminate on any basis other than money.

Whichever countries are their bigge$t customers come first.
According to who do they have that obligation? A company is to obey the law, in whichever form it locally comes up to and including gag orders and active cooperation.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: mnementh on October 09, 2018, 05:26:46 am
Jeezus... you two come along and the IQ in here increases 50 points...

mnem
And then I come along and...  :palm:
That's about 25 points each.
Not exactly; IQ is by definition an average scale, as well as being weighted median. To make such a shift indicates a huge disparity between the groups in question. It was a deliberate play on a phrase recently popularized by Sherlock, "Don't talk out loud, you lower the IQ of the whole street."

To wit, there is a lot of egregiously dumb shit flying around this thread.

mnem
*Anything I put here would not improve on silence*
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: technix on October 09, 2018, 06:11:03 am
Here is the thing: the best way on a server motherboard to hide a backdoor here is to ship the ASPEED chip with a compromised firmware. Putting suspicion on those small components seem to make no sense to me. The ASPEED chip has an internal bootloader for its ARM9 or ARM11 processor, through abusing this with just software any code can be hidden.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: Mr. Scram on October 09, 2018, 06:30:01 am
Not exactly; IQ is by definition an average scale, as well as being weighted median. To make such a shift indicates a huge disparity between the groups in question. It was a deliberate play on a phrase recently popularized by Sherlock, "Don't talk out loud, you lower the IQ of the whole street."

To wit, there is a lot of egregiously dumb shit flying around this thread.

mnem
*Anything I put here would not improve on silence*
https://www.youtube.com/watch?v=acI12jO0HSQ (https://www.youtube.com/watch?v=acI12jO0HSQ)
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: bd139 on October 09, 2018, 07:09:56 am
Here is the thing: the best way on a server motherboard to hide a backdoor here is to ship the ASPEED chip with a compromised firmware. Putting suspicion on those small components seem to make no sense to me. The ASPEED chip has an internal bootloader for its ARM9 or ARM11 processor, through abusing this with just software any code can be hidden.

Exactly that. I mentioned that earlier.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: Cerebus on October 09, 2018, 10:29:01 am
Jeezus... you two come along and the IQ in here increases 50 points...

mnem
And then I come along and...  :palm:
That's about 25 points each.

I think you're being generous.  :)
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: Cerebus on October 09, 2018, 10:33:35 am
They may simply be fancy feed through caps, i.e. bypass caps.. "fancy" name for which is now filter. (Maybe there is an inductor, i.e. spiral structure in there along with the capacitance.)

Also, we're forgetting that with multinational public companies, they have a legal obligation to treat all countries the same. If they install a back door for one, they have to do it for all of them.

They are not allowed to discriminate on any basis other than money.

Whichever countries are their bigge$t customers come first.
According to who do they have that obligation? A company is to obey the law, in whichever form it locally comes up to and including gag orders and active cooperation.

He's joking. Actually, I thought it was quite wry.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: bd139 on October 09, 2018, 11:06:13 am
https://www.documentcloud.org/documents/4995755-Apple-Bloomberg-Congressional-Letter.html (https://www.documentcloud.org/documents/4995755-Apple-Bloomberg-Congressional-Letter.html)
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: Mr. Scram on October 09, 2018, 11:21:30 am
He's joking. Actually, I thought it was quite wry.
Poe's Law and all.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: Mr. Scram on October 09, 2018, 11:22:50 am
https://www.documentcloud.org/documents/4995755-Apple-Bloomberg-Congressional-Letter.html (https://www.documentcloud.org/documents/4995755-Apple-Bloomberg-Congressional-Letter.html)
This is an "Is true!" and "Nu-uh!" on international level. Did Bloomberg ever follow up on their initial claims?
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: bd139 on October 09, 2018, 11:27:36 am
No they posted an opinion piece then slithered off.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: technix on October 09, 2018, 11:57:45 am
Why do I sense some smear happening on that opinion piece? Too bad the sources are obscured, otherwise a deeper research can reveal some peculiarities and interesting tidbits.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: bd139 on October 09, 2018, 12:00:12 pm
The sources aren't as obscured as they hoped.

https://risky.biz/RB517_feature/
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: coppercone2 on October 09, 2018, 12:01:17 pm
I honestly don't know about the minimum size, but a procedure might be when accepting this shit into high security facilities to download and checksum all the firmwares before use with code the company provided.

The chip might have a reciever or some other trick circuit in it to use the SPI line as a antenna, so a van drives around and activates it after its installed. It's really small though. I don't know if you could some how highjack the memory of another non-essential component on the PCB to act as a memory for the parasite chip or something like that (how would you tap into the CS line?).. it could passively turn on every once in a while to listen for some kind of radio signal to trigger it. I don't know how you would get a long time delay in a chip like that without some kind of external trigger, you can't put a big RC in there or something because its tiny.

The reasoning being that motherboards have a ton of crap thats often not used (audio driver on a server motherboard) that is possibly connected to the same SPI chain, so you could then download the memory from the chip being flashed, write it into another chip that acts as a data storage.. but how? The idea being kind of like the bus driver in the mafia mystery murder games.

Does anyone have a block diagram of the motherboards driver chain IC's etc?
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: Cerebus on October 09, 2018, 12:03:32 pm
I've just read the Apple letter to the congressional Committee on Commerce, Science and Transportation (bd139 has the link above).

I've read a lot of "non-denial denials" over the years, and I think I know how to spot one now. The Apple letter has none of the characteristics of a "non-denial denial", it lacks the over-specific denials, weasel words or tone that characterises them. It sounds like a honest denial that should be taken at face value.

Although this whole issue is still in a fog, it's increasingly looking like the Bloomberg story is a pile of steaming manure.

Bloomberg have a reputation to maintain - ultimately in the serious news business it's all you have. So it is not in Bloomberg's interests to create a 9 days wonder story in the way a piece-of-arsewipe tabloid might to sell a few extra copies - "Major IT Suppliers Compromised by Spies" is not "Kim Kardashian's Cosmetic Surgeon Says Left Buttock is Fake". You can bet that with a story of this significance and apparent long research time, that layers of Bloomberg's management and lawyers would have been over the story before it got the green light to publish. So I think we can discount that Bloomberg deliberately created a fake story out of thin air.

So if we accept Apple's denials and (tentatively?) those of the other named parties and discount the possibility that Bloomberg deliberately fabricated this, that just leaves malicious action on the part of a third party in planting the story with Bloomberg. Claims that some shadowy US government department or the US political apparatus ordered Bloomberg to publish this are not credible. Bloomberg has both good enough lawyers and enough ability to expose such a thing publicly by publishing, that it would be both legally and politically unthinkable. That just leaves an organisation with enough manpower and experience to run an operation designed to get Bloomberg to believe the story - which surely means the intelligence/espionage apparatus of some state level actor or similar. If we accept that, the next question has to be the old one, cui bono, who benefits?

Answering that question takes us down the rabbit hole of conspiracy theory. Not the Chinese, obviously. The French? I wouldn't put it past them, just for spite. The British? No real benefit to them. The "deep state" or someone trying to implicate the "deep state"? The illuminati? The tri-lateral commission? Scientology? Like I said, rabbit hole.

Realistic answers might include: Russia - detracts from the various investigations into their interference into US politics, plus they hate China. Domestic political groups - stir up righteous patriotic fervour with mid-terms coming (against: maybe rather too competent an operation for political rabble rousing). Israel - again, mid-terms, electing right wing pro-israeli candidates might make a little sense but not very much, but the Israelis have demonstrated in the past that they are prepared to do stupidly destructive things to gain a little advantage for themselves so it's not completely beyond reason. Any other sensibly plausible actors?

Edited to add: I'm dismissing straight cock-up theory because of the huge number of sources and the layers of approval that (at least in theory) this ought to have gone through at Bloomberg. If I'm wrong, then the level of journalistic competence shown is less than I could manage if I was simultaneously the most drunk I have ever been, with both hands tied behind my back, with an eyepatch on and just after someone's shot me in the left leg.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: coppercone2 on October 09, 2018, 12:11:04 pm
i would like to see block diagrams of the circuits proposed for some kind of time delay code injection and schematics of the mother board, that way a spec for the spy chip could be developed to see if its feasible from a integration standpoint based on the routing and feasible based on die size etc to see what technologies would need to be used

also it can be some kind of simple impedance chip designed to severely fuck with the EMI performance of the device, act as a mixer, cause a severe reflection or otherwise change the PCB to make it more susceptible to a TEMPEST attack, like most NSA bugs. Maybe it can disclose a encryption key from far away some how or lower the PCB suceptance.

I
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: mnementh on October 09, 2018, 12:19:35 pm
The best "opinions" I've seen on this so far (from multiple sources) boil down to:

"I'd be surprised if this weren't happening by now."

"They pwned the hardware side ages ago. Why eff around with someone else's software?"

"Don't try to teach your grandmother how to cook cabbage."

"They couldn't find their arse with both hands and a seeing eye dog."

"Trust noone."

mnem
"Holy mother of god and all her wacky nephews..."
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: BrianHG on October 09, 2018, 01:27:22 pm
To me, this boils down to (ad don't forget we are talking about today's connected world)
1: The time and expense to affect only a bunch of networked servers, only a few of which might be use in the right place to get at what you want.
2: Spend money to develop an all software Zero Day back door hack which works online and get access to any online connected hardware you might want access to, not limited to specifically sold hardware installed at random location out of your control.

Now, with the Chinese government behind all of this, and their resources, 'today', will they bother with #1, or #2.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: madires on October 09, 2018, 01:33:35 pm
The chip might have a reciever or some other trick circuit in it to use the SPI line as a antenna, so a van drives around and activates it after its installed. It's really small though.

The mainboard is in a metal box called server. Multiple servers are in a metal rack (some might have a glass door) and there are tons of racks in a data center. Not very RF friendly.

The current idea of the spy chip modifying the linux firmware (stored in a flash chip) for the BMC on the fly is not very convincing. It would be easier to modify the firmware directly. A firmware update would render both methods useless and no sane network design would allow the management port to access the Internet. A spy chip would leave physical evidence of tampering behind. I'd be more concerned about Meltdown, Spectre and Foreshadow.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: BravoV on October 09, 2018, 01:40:09 pm
https://www.documentcloud.org/documents/4995755-Apple-Bloomberg-Congressional-Letter.html (https://www.documentcloud.org/documents/4995755-Apple-Bloomberg-Congressional-Letter.html)

Really curious what will happened to Amazon, when it comes to it's turn to face Congress on this matter.  >:D
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: coppercone2 on October 09, 2018, 01:49:43 pm
The chip might have a reciever or some other trick circuit in it to use the SPI line as a antenna, so a van drives around and activates it after its installed. It's really small though.

The mainboard is in a metal box called server. Multiple servers are in a metal rack (some might have a glass door) and there are tons of racks are in a data center. Not very RF friendly.

The current idea of the spy chip modifying the linux firmware (stored in a flash chip) for the BMC on the fly is not very convincing. It would be easier to modify the firmware directly. A firmware update would render both methods useless and no sane network design would allow the management port to access the Internet. A spy chip would leave physical evidence of tampering behind. I'd be more concerned about Meltdown, Spectre and Foreshadow.

How do you know the whole thing wont be susceptible if someone hits the building with a multi kilowatt burst of RF at close range from a directional antenna in a van? Or even have someone on foot do it with a special pack.. its not THAT hard to break into unsecured areas of a data center, I heard ridiculous stories from old penetration testers doing the darnest things to get inside a building. They can probobly get into the same hallway as the main access door with medium effort... getting into the room might be hard though.

It sounds ridiculous but someone can make billions of dollars doing this kind of shit.. technologies that seem absurd are cheap and economical to these people.

I notice that people in this thread have this idea that the attack needs to be considered a 'long term investment'. It could just be a heist.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: bd139 on October 09, 2018, 01:55:29 pm
LOL you've never been in a DC have you?

Even the shit ones have better security than the best MoD sites I've been on.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: coppercone2 on October 09, 2018, 01:56:39 pm
LOL you've never been in a DC have you?

Even the shit ones have better security than the best MoD sites I've been on.

I worked near a high security area. Secured for reasons unknown and theories many. (I heard it was something like Die Hard 4 but I also heard a few other strange theories about it).  I also heard it was armed to the teeth with all sorts of military weapons.

Also keep in mind TEMPEST guidelines are mainly prevent emissions of secure information, not one way signals to trigger a sensitive circuit.. but for re-radiaton I think the installation would need to be other wise compromised by bad technicians or design.
So long you don't show up there at night it was actually pretty tame. At night they would investigate EVERYTHING. Unmarked cars too. Was basically told if I went in front of the building at night I might end up with problems.

During a day you could get close though. Also they did not have provisions as far as I know for weird shit like drones, people on some kind of flying vehicles (big quad etc) or other absurd ideas.

Even a military base will only inspect some % of incoming cars because of time delays. Unless its under lock down.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: mtdoc on October 09, 2018, 03:41:39 pm
Realistic answers might include: Russia - detracts from the various investigations into their interference into US politics, plus they hate China. Domestic political groups - stir up righteous patriotic fervour with mid-terms coming (against: maybe rather too competent an operation for political rabble rousing). Israel - again, mid-terms, electing right wing pro-israeli candidates might make a little sense but not very much, but the Israelis have demonstrated in the past that they are prepared to do stupidly destructive things to gain a little advantage for themselves so it's not completely beyond reason. Any other sensibly plausible actors?

Any other plausible actors?  Duh - yes - the USA/Western corporate/ MIC/"deep state" which has a decided motive - that is to drum up support for a new cold war with China. For anyone paying attention to the non-tech geopolitical world it is obvious that this is going down. Mike Pence the Vice F'ing President of the USA just gave a speech that basically said as much.   I was just a week ago  (before this story broke) listening to an interview with a Hong Kong based (American) well regarded macroeconomic  guru who pointed out that there is a concerted effort to question the China based supply chain.

Please don't try to tie this in to the anti - Russia hysteria.  I'm surprised to see that so many here have been duped into believing the mainstream media narrative about Russia (and no, there has been no actual evidence presented of their "hacking" the US election - just accusations, allegations, and indictments (another form of allegations) - with no public available evidence - just intelligence agency claims and Robert "Iraq has WMDs" Muellers assertions).

Again - the CIA has a long history of employing operatives in major media outlets to create a narrative and further a political agenda. This is not tin foil hat stuff, but well documented historical fact.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: bd139 on October 09, 2018, 04:21:15 pm
No just the caught red handed murder of British citizens and the massive moderation battles against Russian troll farms on Reddit and mainstream media sites etc (yes that is actually happening because the moment they hellban Russian netblocks it goes DEAD). But this is not an us and them thing. Everyone is universally being a dick by trying to make the other person look like a dick. This is covering up for being a little tiny irritating dick and trying to avoid pissing off the dicks that live in the country. And some people are being really big dicks. Massive dicks. Massive orange dicks. So much so that it ends in a dick waving contest. Lots of dicks. That's it.

Geopolitics isn't really anything to do with this thread though.

Neither is dicks.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: mtdoc on October 09, 2018, 04:29:25 pm
Massive dicks. Massive orange dicks. So much so that it ends in a dick waving contest. Lots of dicks. That's it.

Geopolitics isn't really anything to do with this thread though.

Neither is dicks.

LOL, yes lots of dicks on the world geopolitical stage.  Perhaps figuratively large ones but literally.....(My hands are not small!). 

In any case, I would argue that it has everything to do with geopolitics, corporate power, money and the integrity of the current supply chain.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: bd139 on October 09, 2018, 04:32:50 pm
Citation for my last comment for reference. Someone had enough of their shit: https://themoscowtimes.com/news/infamous-st-petersburg-troll-farm-set-on-fire-63130

Massive dicks. Massive orange dicks. So much so that it ends in a dick waving contest. Lots of dicks. That's it.

Geopolitics isn't really anything to do with this thread though.

Neither is dicks.

LOL, yes lots of dicks on the world geopolitical stage.  Perhaps figuratively large ones but literally.....(My hands are not small!). 

In any case, I would argue that it has everything to do with geopolitics, corporate power, money and the integrity of the current supply chain.

I think we should start with credibility. If it turns into geopolitics once we've established credibility then fine. But we haven't established credibility. There is one source and the source has been figuratively kicked in the face repeatedly over the last few days because they are silent on it and have put forward no sources. Even self-proclaimed sources said they got it wrong and extrapolated.

So probability and credibility before blame.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: mnementh on October 09, 2018, 05:02:49 pm
Credibility is simple: China is where they make ALL our shit. A factory there SOMEWHERE is not only the likeliest vector for such a broad-based attack, it is by far the only sensible vector.

It is not a question of IF... it is a question of WHEN this or something functionally equivalent will happen.

Most of the players involved have a long history of diversionary tactics; it is not beyond any of them to deliberately set this entire scenario in motion to either distract from, or to desensitize the public in preparation for the inevitable public discovery of a known similar threat.

This "outrage after outrage" sensory bludgeoning tactic is how in just a few short decades we went from being a semi-civilized nation as depicted in The West Wing to real-life Idiocracy with spam-sucking trailer trash in the White House leading the nation down the road to Nuclear War and all you ever hear about is the lowest 10% cheering him on.  :palm:

mnem
The road to Hell is paved with sociopathic Cheetos. And oil.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: mtdoc on October 09, 2018, 05:05:38 pm
Citation for my last comment for reference. Someone had enough of their shit: https://themoscowtimes.com/news/infamous-st-petersburg-troll-farm-set-on-fire-63130

No argument that troll farms exist. USA intelligent agencies have their own as well. Countries efforts to influence other countries populaces opinions is an age old tradition. Before the internet it was the "voice of America" and foreign equivalents, before radio it was solely via print media.

But troll farms are a much different than the allegations and Russia hysteria claims that have been repeated ad nauseam in the US media since the 2016 election.  Too many in this country seem psychologically unwilling to look at the internal issues that gave us our orange idiot in chief and are quick to buy convenient blame on "outsiders"  Ah, such is  human nature I suppose.

Quote
I think we should start with credibility. If it turns into geopolitics once we've established credibility then fine. But we haven't established credibility. There is one source and the source has been figuratively kicked in the face repeatedly over the last few days because they are silent on it and have put forward no sources. Even self-proclaimed sources said they got it wrong and extrapolated.

So probability and credibility before blame.

I agree. Credibility is key.  It seems to me as a non-expert electronics hobbyist, that if this hardware hack exists, providing physical evidence for evaluation by neutral 3rd parties should not be hard. If no such hardware is forthcoming, the lack of credibility will be confirmed.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: TimNJ on October 09, 2018, 05:42:15 pm
https://www.bloomberg.com/news/articles/2018-10-09/new-evidence-of-hacked-supermicro-hardware-found-in-u-s-telecom (https://www.bloomberg.com/news/articles/2018-10-09/new-evidence-of-hacked-supermicro-hardware-found-in-u-s-telecom)

I dunno still sounds like "We heard from someone, somewhere, that something happened."
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: bd139 on October 09, 2018, 05:46:10 pm
Yep. Shit or get off the pot.

I want to see evidence and analysis published.

Also I have never once heard of Yossi Appleboum or CyberSeal and I'm mostly in that sector.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: bd139 on October 09, 2018, 05:50:25 pm
Interesting picture posted elsewhere...

(https://i.imgur.com/9xaussj.jpg)
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: Mr. Scram on October 09, 2018, 05:56:35 pm
Interesting picture posted elsewhere...

(https://i.imgur.com/9xaussj.jpg)
One problem with the story seems to be that many people don't seem to understand what is actually possible. Even many people here, and that this was possible years ago now.

All without saying this story actually checks out.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: bd139 on October 09, 2018, 05:59:27 pm
It's possible but unlikely which is the thing. Look at the unit cost of that implant for the NSA. There's an Aspeed SoC on the server boards with an ARM core. Why the hell not just go for the firmware for that? Perhaps that is what happened and Bloomberg are just dumbasses (likey as the reporting is terrible so far).

There's just no logic in any of this.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: mtdoc on October 09, 2018, 06:02:21 pm
https://www.bloomberg.com/news/articles/2018-10-09/new-evidence-of-hacked-supermicro-hardware-found-in-u-s-telecom (https://www.bloomberg.com/news/articles/2018-10-09/new-evidence-of-hacked-supermicro-hardware-found-in-u-s-telecom)

I dunno still sounds like "We heard from someone, somewhere, that something happened."

Yes. From the linked article:

"Appleboum said his concern is that there are countless points in the supply chain in China where manipulations can be introduced, and deducing them can in many cases be impossible. “That's the problem with the Chinese supply chain,” he said."

Bingo.

Yep. Shit or get off the pot.

I want to see evidence and analysis published.

And it needs to be more than just a one off example. If this is real, there will be multiple examples of the suspect chip being found in the wild.   After all, I would not put it past the intelligence agencies supplying one of their own chips (such as the one you linked) and having it held up as evidence.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: Mr. Scram on October 09, 2018, 06:09:53 pm
It's possible but unlikely which is the thing. Look at the unit cost of that implant for the NSA. There's an Aspeed SoC on the server boards with an ARM core. Why the hell not just go for the firmware for that? Perhaps that is what happened and Bloomberg are just dumbasses (likey as the reporting is terrible so far).

There's just no logic in any of this.
I'm not disagreeing with that, I'm just saying that people reach what's possible the right conclusion for the wrong reasons. They dismiss the possibilty because they don't consider it technologically viable. We have fairly convincing proof similar technology exists and may very well have been deployed. It's just questionable whether that happened here.

Even after having a good portion of the technological portfoilio of the NSA publicly available, people still gravely underestimate the capabilities of these organisations.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: mtdoc on October 09, 2018, 06:24:49 pm
It's worth noting that the NSA chip in bd's post is much, much larger  than the "grain of rice" sized chip claimed in the Bloomberg article.  Of course that published NSA chip data is several years old now - so no doubt similar tech could be smaller now - but "grain of rice sized"?. Dunno.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: Mr. Scram on October 09, 2018, 06:29:16 pm
It's worth noting that the NSA chip in bd's post is much, much larger  than the "grain of rice" sized chip claimed in the Bloomberg article.  Of course that published NSA chip data is several years old now - so no doubt similar tech could be smaller now - but "grain of rice sized"?. Dunno.
You could argue about that. As you say, the information we have is dated at this point and the budget is ridiculous. But I too simply don't know.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: mtdoc on October 09, 2018, 06:35:30 pm
It's worth noting that the NSA chip in bd's post is much, much larger  than the "grain of rice" sized chip claimed in the Bloomberg article.  Of course that published NSA chip data is several years old now - so no doubt similar tech could be smaller now - but "grain of rice sized"?. Dunno.
You could argue about that. As you say, the information we have is dated at this point and the budget is ridiculous. But I too simply don't know.

And then we just come back to the point that even if it is possible, is that the smartest  way to achieve the goal?  Why such an easily detectable and traceable tactic? If you're China, why jeopardize the technology supply chain that is the keystone to your economic power?
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: Mr. Scram on October 09, 2018, 06:51:23 pm
And then we just come back to the point that even if it is possible, is that the smartest  way to achieve the goal?  Why such an easily detectable and traceable tactic? If you're China, why jeopardize the technology supply chain that is the keystone to your economic power?
If the technology is real, we still don't know whether it's actually China.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: floobydust on October 09, 2018, 06:53:31 pm
Today another vague update from Bloomberg: https://www.bloomberg.com/news/articles/2018-10-09/new-evidence-of-hacked-supermicro-hardware-found-in-u-s-telecom (https://www.bloomberg.com/news/articles/2018-10-09/new-evidence-of-hacked-supermicro-hardware-found-in-u-s-telecom)

"... A major U.S. telecommunications company discovered manipulated hardware from Super Micro Computer Inc. in its network and removed it in August {2018}"
No mention of the actual telecom carrier, other than AT&T and Verizon saying it's not a problem for them.

"... manipulated Ethernet connector" which is metal instead of plastic, for heatsinking the chip inside.

This is saying the H/W trojan is at the Ethernet PHY ?
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: tooki on October 09, 2018, 06:57:28 pm
One problem with the story seems to be that many people don't seem to understand what is actually possible. Even many people here, and that this was possible years ago now.

All without saying this story actually checks out.
I don’t think anyone has claimed the technology isn’t available. What is not credible is the many layers of corporate bureaucracy that would have to be penetrated to alter so many corporate divisions simultaneously. For crying out loud, change management is hard in the best of times. Infiltrating that so that you can change the schematic, the PCB, the testing jigs and test routines, and the validation processes back at the home office in USA for the production samples that are pulled for spot testing? That simply does not sound possible to pull off. Such changes are hard enough when they’re legitimate; doing them covertly just defied credibility.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: ajb on October 09, 2018, 06:59:10 pm
Thinking about it some more, there are actually some solid benefits to using a hardware implant rather than compromising the firmware or, say, a flash IC. 

It's conceivable that there's some exploit that requires a fairly minimal modification of the firmware binary, and that the location of that modification is easily recognized within the binary by its surroundings.  As long as that specific area of the binary was not changed (which could be unlikely unless that specific area of the codebase was changed), then the malicious device could be capable of compromising any new firmware version, even if the targeted area appears somewhere else within the binary.  Not unlike the infamous Ken Thompson hack (http://wiki.c2.com/?TheKenThompsonHack).  Even pulling the flash from the board and dumping it externally wouldn't reveal anything amiss.  You'd have to directly sniff the traffic between the embedded controller and the interloper to capture the change to the binary, and even then it's conceivable that the interloper has some sort of context awareness to help avoid detection (not unlike the VW firmware that could detect emissions testing).

Also, somewhat ironically, the fact that almost everyone here is saying that it makes so much more sense to compromise the firmware or one of the existing ICs on the board is something of an argument for NOT doing it either of those ways--after all, it's exactly what anyone would expect!  It would be far sneakier to make a fake passive component that pwns the board because that's such a ridiculous idea that no one would ever bother to do that sort of thing, right?  Just like no one would try to cram a network traffic siphon with a built-in RF transceiver inside of a network jack. . . .

I also think a lot of people are overestimating how easily an extra component or two would be detected.  I mean, I sure as hell wouldn't notice an extra couple of passives on one of my boards between finished a design and receiving the assembled thing, and my boards aren't nearly as complex as a server motherboard.  Plus you would have teams of people working on those things, and no one person is going to know the entire board like the back of their hand.  They're only going to start comparing the finished board to the assembly drawings if something doesn't work, and even then the discrepancy won't be caught if that work is happening at the contractor that installed the malicious parts in the first place.  It all depends on how much of the work Super Micro is farming out, but I imagine that they have their design process down to such a science that it's very rare they have to do component-level debugging.

Of course without more information it's impossible to tell if these benefits likely outweighed the difficulty of implementing the exploit in the way that Bloomberg describes, but still, it's all plausible through a certain lens, which is what makes it so intriguing.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: Mr. Scram on October 09, 2018, 07:03:18 pm
I don’t think anyone has claimed the technology isn’t available. What is not credible is the many layers of corporate bureaucracy that would have to be penetrated to alter so many corporate divisions simultaneously. For crying out loud, change management is hard in the best of times. Infiltrating that so that you can change the schematic, the PCB, the testing jigs and test routines, and the validation processes back at the home office in USA for the production samples that are pulled for spot testing? That simply does not sound possible to pull off. Such changes are hard enough when they’re legitimate; doing them covertly just defied credibility.
Many people seem incredulous for technological reasons, at least that's my impression. They may be right, but for the wrong reasons.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: ajb on October 09, 2018, 07:12:00 pm
I don’t think anyone has claimed the technology isn’t available. What is not credible is the many layers of corporate bureaucracy that would have to be penetrated to alter so many corporate divisions simultaneously. For crying out loud, change management is hard in the best of times. Infiltrating that so that you can change the schematic, the PCB, the testing jigs and test routines, and the validation processes back at the home office in USA for the production samples that are pulled for spot testing? That simply does not sound possible to pull off. Such changes are hard enough when they’re legitimate; doing them covertly just defied credibility.

The article claims that this happened on boards that SuperMicro contract out, so that means you only have to compromise that narrow bottleneck where the two companies communicate.  Say you compromise Super Micro's account manager at the subcontractor: He passes you SuperMicro's design package, you tweak it, and send it back, and he passes it on to engineering for validation, DFM review, and eventual production as if it came directly from his customer--and in fact, he very likely has an email from his contact at Super Micro saying "sorry, that design package wasn't the latest revision, please use this new one instead", because surely anyone who would commission such an exploit knows how to spoof emails.  Easy peasy.  In fact, since this purportedly happened at subcontractors to subcontractors, you have a further level of insulation, and excuse for delays in communication and misunderstandings that give you some leeway to operate. 
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: technix on October 09, 2018, 07:29:26 pm
Thinking about it some more, there are actually some solid benefits to using a hardware implant rather than compromising the firmware or, say, a flash IC. 

It's conceivable that there's some exploit that requires a fairly minimal modification of the firmware binary, and that the location of that modification is easily recognized within the binary by its surroundings.  As long as that specific area of the binary was not changed (which could be unlikely unless that specific area of the codebase was changed), then the malicious device could be capable of compromising any new firmware version, even if the targeted area appears somewhere else within the binary.  Not unlike the infamous Ken Thompson hack (http://wiki.c2.com/?TheKenThompsonHack).  Even pulling the flash from the board and dumping it externally wouldn't reveal anything amiss.  You'd have to directly sniff the traffic between the embedded controller and the interloper to capture the change to the binary, and even then it's conceivable that the interloper has some sort of context awareness to help avoid detection (not unlike the VW firmware that could detect emissions testing).

Also, somewhat ironically, the fact that almost everyone here is saying that it makes so much more sense to compromise the firmware or one of the existing ICs on the board is something of an argument for NOT doing it either of those ways--after all, it's exactly what anyone would expect!  It would be far sneakier to make a fake passive component that pwns the board because that's such a ridiculous idea that no one would ever bother to do that sort of thing, right?  Just like no one would try to cram a network traffic siphon with a built-in RF transceiver inside of a network jack. . . .

I also think a lot of people are overestimating how easily an extra component or two would be detected.  I mean, I sure as hell wouldn't notice an extra couple of passives on one of my boards between finished a design and receiving the assembled thing, and my boards aren't nearly as complex as a server motherboard.  Plus you would have teams of people working on those things, and no one person is going to know the entire board like the back of their hand.  They're only going to start comparing the finished board to the assembly drawings if something doesn't work, and even then the discrepancy won't be caught if that work is happening at the contractor that installed the malicious parts in the first place.  It all depends on how much of the work Super Micro is farming out, but I imagine that they have their design process down to such a science that it's very rare they have to do component-level debugging.

Of course without more information it's impossible to tell if these benefits likely outweighed the difficulty of implementing the exploit in the way that Bloomberg describes, but still, it's all plausible through a certain lens, which is what makes it so intriguing.
IMO I doubt the practicality of cramming that much processing power and RF frontend in a chip of that size.

I have a different theory then: the compromised chip is still the ASPEED one for its processing power, convenient access to host memory (over PCIe) and networking (over IPMI, or heaven forbid a network port shared with the host server since ASPEED actually support that as advertised,) but there is indeed a fake passive involved. The fake passive would be connected to the ASPEED chip using one of its serial debug pins to inject code. For a uncompromised board the ASPEED chip is properly set in production mode with, say, a TEST pin tied to ground. For a compromised board a resistor is omitted (or the solder pad being removed or covered before soldering - you get the gist, just leave it floating) so the ASPEED chip boot with production test enabled, and that fake component happen to sit on a serial debug line that can inject code. If you take the ASPEED chip off the board to inspect it would function as normal, the firmware would reveal nothing, and installing a new ASPEED chip does not result in the attack vector go away. This requires just one ASPEED engineer leaking the specs of the production testing pins, some reverse engineer on the public firmware binary, and one manufacturing employee subverted.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: coppercone2 on October 09, 2018, 08:18:30 pm
a fast TDR should go fucking bonkers on a cable implant.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: TimNJ on October 09, 2018, 08:19:05 pm
It's worth noting that the NSA chip in bd's post is much, much larger  than the "grain of rice" sized chip claimed in the Bloomberg article.  Of course that published NSA chip data is several years old now - so no doubt similar tech could be smaller now - but "grain of rice sized"?. Dunno.
You could argue about that. As you say, the information we have is dated at this point and the budget is ridiculous. But I too simply don't know.

And then we just come back to the point that even if it is possible, is that the smartest  way to achieve the goal?  Why such an easily detectable and traceable tactic? If you're China, why jeopardize the technology supply chain that is the keystone to your economic power?

I suppose whether or not its hardware or software, it’s still a supply chain infiltration, since someone in the supply chain would have to install malicious firmware/software. That said, it does seemdifferent in some way.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: tooki on October 09, 2018, 09:52:22 pm
I don’t think anyone has claimed the technology isn’t available. What is not credible is the many layers of corporate bureaucracy that would have to be penetrated to alter so many corporate divisions simultaneously. For crying out loud, change management is hard in the best of times. Infiltrating that so that you can change the schematic, the PCB, the testing jigs and test routines, and the validation processes back at the home office in USA for the production samples that are pulled for spot testing? That simply does not sound possible to pull off. Such changes are hard enough when they’re legitimate; doing them covertly just defied credibility.

The article claims that this happened on boards that SuperMicro contract out, so that means you only have to compromise that narrow bottleneck where the two companies communicate.  Say you compromise Super Micro's account manager at the subcontractor: He passes you SuperMicro's design package, you tweak it, and send it back, and he passes it on to engineering for validation, DFM review, and eventual production as if it came directly from his customer--and in fact, he very likely has an email from his contact at Super Micro saying "sorry, that design package wasn't the latest revision, please use this new one instead", because surely anyone who would commission such an exploit knows how to spoof emails.  Easy peasy.  In fact, since this purportedly happened at subcontractors to subcontractors, you have a further level of insulation, and excuse for delays in communication and misunderstandings that give you some leeway to operate.
But as I said, testing and verification doesn’t stop there. Do you think the client (such as SuperMicro) of a contract manufacturer doesn’t look at production samples taken periodically? Do you think they don’t regularly visit their contract manufacturers’ facilities, especially during ramp-up of a new product?

As I said, too many layers of corporate bureaucracy you’d have to penetrate. And not even all within one company...
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: Bud on October 10, 2018, 12:44:32 am
"Appleboum said his concern is that there are countless points in the supply chain in China where manipulations can be introduced, and deducing them can in many cases be impossible. “That's the problem with the Chinese supply chain,” he said."

Bingo

I d trust a single Israeli Armi intelligence officer more than all 3 letter agencies all together
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: coppercone2 on October 10, 2018, 03:20:44 am
if a company has a hiccup in design and some guys can figure out how to make money then stuff is just gonna be shipped regardless sometimes. weird schematics mysteriously show up in public folders 2 months later.

you might get a production document and some stuff but the same set of eyes won't be looking at it. adherence to ISO etc varies sometimes. it gets interpreted differently sometimes when there are pressures. every place is like that...

you need a neurotic guy to notice that kind of shit. good company will have some redundant engineer thats not too interested and not too advanced but pays attention. WHo here actually keeps mental track of things like BOM document changes etc? I did sometimes but usually I just fired up what was on the computer and trusted the servers and coworkers to notify me, the place was too busy to investigate everything. You get 5 revs in 2 weeks  that are flipping some component around... that can over ride something like a database notification filter easily. Yea that part has been here for 5 revs, someone has probobly looked at it (but its just a buncha revs trying to make something fit mechanically by someone in a hurry because of production problems.

It's hard enough to keep coordinated WITHOUT being paranoid about intrusion/hackers.. no one tells you that it turns out one of your side duties is fighting chinese spies.

I don't think companies are too focused on state level security in general with investor pressures for profit.

show me a company thats not run like Fury 161 LOL
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: bitseeker on October 10, 2018, 06:48:27 pm
The sources aren't as obscured as they hoped.

https://risky.biz/RB517_feature/

Joe sheds some very interesting light on the original Bloomberg story...
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: Benta on October 10, 2018, 08:10:28 pm
I still say it's an RFID tag (UHF with slot antenna) for production and product tracking. No mere, no less.

Bloomberg is completely out on a limb here.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: chris_leyson on October 10, 2018, 08:30:40 pm
Totally agree, if there is a chip buried in the SuperMicro board it's most likely going to be an RFID tag. After listening to Joe Fitzpatrick's interview, which does indeed shed an interesting light on things, I'm begining to wonder if there ever was a hacked SuperMicro board in the first place.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: bitseeker on October 10, 2018, 08:49:03 pm
That interview certainly makes it sound like the journalist who interviewed him was just looking for anything to make a sensational story.  :-//
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: Mr. Scram on October 10, 2018, 08:56:36 pm
That interview certainly makes it sound like the journalist who interviewed him was just looking for anything to make a sensational story.  :-//
Standard practice for journalists, you mean? There are people out there that try to write solid stories, but it's practically impossible to shield yourself from the pressure having to sell and of dwindling numbers.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: bitseeker on October 10, 2018, 09:02:37 pm
Yes, unfortunately.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: Cerebus on October 10, 2018, 09:43:44 pm
That interview certainly makes it sound like the journalist who interviewed him was just looking for anything to make a sensational story.  :-//
Standard practice for journalists, you mean? There are people out there that try to write solid stories, but it's practically impossible to shield yourself from the pressure having to sell and of dwindling numbers.

To be fair to some journalists, and to some journals, there are journalists who will steadfastly refuse pressure to do anything but a proper job, and there are journals that work hard to create and keep a culture that resists the kind of pressures that you're describing. Although I'll grant that in many places ethics are noted more in the breach than the observance thereof, they do still exist in some places and people thankfully.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: Mr. Scram on October 10, 2018, 09:57:10 pm
To be fair to some journalists, and to some journals, there are journalists who will steadfastly refuse pressure to do anything but a proper job, and there are journals that work hard to create and keep a culture that resists the kind of pressures that you're describing. Although I'll grant that in many places ethics are noted more in the breach than the observance thereof, they do still exist in some places and people thankfully.
Absolutely. There are a lot of people who write with a passion and many initiatives to encourage good journalism have sprung up. Unfortunately, many pay the price and nobody seems isolated from the realities of the market. Too few people seem to realise a properly functioning society hinges upon quality journalism, even if the latter is democratised by social media.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: donotdespisethesnake on October 10, 2018, 09:57:33 pm
So Bloomberg's follow up is "Ok, so you didn't believe our story about unicorns. But Leprechauns, amiright?"

Normally when faced with a scoop of this magnitude all the other news outlets are racing around trying to tap their own sources, in this case no one has come up with anything.

I wouldn't be surprised if Sacha Baron Cohen is revealed to have played all 17 anonymous sources...
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: MK14 on October 10, 2018, 10:13:48 pm
Apparently, Bloomberg is run by Aliens.
Yes, real life Aliens!

There is 100% conclusive photographic proof. As seen by my 17 anonymous sources.
They include 100% trustworthy ones, such as the Trump Administration.

If you challenge the validity of it. I will tell you another story, about aliens found in another organisation. This time backed up by 30 anonymous sources.

tl;dr
Photographs or it didn't happen.
I want to see the evidence, the witnesses (information sources) to come forward and to have a so called "hardware hacked" server. Investigated by proper independent security organisation(s).

What we have so far, is a number of published, strong, very believable denials, from the very sources that Bloomberg, themselves, provided (Apple, Amazon and Super-Micro).

tl;dr
Photographs/Witnesses or it is (assumed to be) fake news until proven otherwise.

Even the UK GCHQ (and at least another big source) seems to have published information, indicating that the story is false news.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: Halcyon on October 10, 2018, 10:25:47 pm
I still say it's an RFID tag (UHF with slot antenna) for production and product tracking. No mere, no less.

Bloomberg is completely out on a limb here.

Don't worry, I'm sure it won't be long until Bloomberg breaks the "news" about encrypted Motorola two-way radios used by Government agencies having "secret" chips embedded into their volume/power knobs (https://www.rfidjournal.com/articles/view?11706).

(They are used for inventory/asset tracking.)
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: coppercone2 on October 10, 2018, 10:34:42 pm
why do only some boards have it then, and why was it not immediately elaborated on by the project manager?

If they use an inventory system in their company using RF then it would be widely known in the company.. did this company not take a financial hit immediately ?where is the PR?

response to a serious international scandal accusation takes more then a week? seriously?
that could be solved with 10 seconds on a telephone.

i call bullshit. and wired to a SPI line? come on. Companies stock prices dropping drastically, fucking senators demanding inquires and someones gonna try to chalk it up to a inventory control system that took a week to explain?
seriously??
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: mnementh on October 11, 2018, 01:10:21 am
https://youtu.be/-l5tpY6SXMc

Here's your typical Congressional hearing on ANYTHING higher tech than an incandescent light bulb...  :palm:

mnem
You know the concept of "The Marching Chinese"... we live in the age of "The Marching Morons".
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: FrankBuss on October 12, 2018, 06:19:33 pm
The security of the  Supermicro boards is really bad, like buffer overflow in the web interface of the boards, which allows to get root access, and storing the administrator password in plaintext. So it wouldn't make sense to implant a chip to do things you can do with a webbrowser without the chip. Details here:

https://arstechnica.com/information-technology/2018/10/supermicro-boards-were-so-bug-ridden-why-would-hackers-ever-need-implants/
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: bd139 on October 12, 2018, 06:42:50 pm
LOL that’s pretty terrible. Makes me feel slightly better about HPE now and that’s saying something.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: mnementh on October 12, 2018, 10:37:16 pm
You have no idea how many animated gifs/flash of Carly Fiorina's horrible demise in one fashion or another were circulating when I was an ASP. I remember one serious conversation about how if someone successfully ordered a retailiatory nuclear strike on her home town of Austin, it would wipe out San Antonio (where I lived at the time) as well.  ::)

The counterargument was that it would also take out the Dell campus, so twofer and good riddance.  :-DD

mnem
"I feel... cold as a razor blade... tight as a tourniquet... dry as a funeral drum..."
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: Halcyon on October 12, 2018, 10:39:44 pm
The security of the  Supermicro boards is really bad, like buffer overflow in the web interface of the boards, which allows to get root access, and storing the administrator password in plaintext. So it wouldn't make sense to implant a chip to do things you can do with a webbrowser without the chip. Details here:

https://arstechnica.com/information-technology/2018/10/supermicro-boards-were-so-bug-ridden-why-would-hackers-ever-need-implants/

I have to say I don't agree with that statement or the article in the slightest. I've used Supermicro boards since the mid 1990's and they are pretty rock solid.

According to mitre.org (which I trust a lot more than some article on Ars Technica). There are 7 vulnerabilities listed for Supermicro boards, 6 of them are from 2013 and mostly relate to buffer overflows in the IPMI interface and another vulnerability discovered in 2018. All of the reported vulnerabilities have been resolved by Supermicro through BIOS updates.

Vulnerabilities and exploits occur even in the best products that money can buy. If you search for vulnerabilities in HP products, you'll get over 3400 results that cover just about every one of their product categories. Same with Cisco (3869 results), Dell (138 results), IBM (4038 results) and even Cray (4 results).

If you're one of these silly individuals who think that firmware and software updates don't apply to you, then you should have no business in IT. For the rest of us, I think picking on a company with a relatively small number of old vulnerabilities is a bit rich.

Until I discover evidence to the contrary, there is nothing wrong with using Supermicro boards, even in high-security or sensitive applications.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: ruffy91 on October 12, 2018, 10:57:34 pm
There are recent issues with Dell iDRAC and HPE iLO where remote code execution and authentication bypass are possible.

Also all Intel CPU have the ME which is running minix with tons of vulnerabilities exploitable over the network. (there were 2 or 3 critical vulnerabilities per year in the ME for the last few years.)
So you not even have to target a specific server manufacturer when Intel delivers the backdoors for all server manufacturers..
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: LapTop006 on October 13, 2018, 04:19:58 am
Pretty much all the management boards are terrible security-wise. There is hope on the horizon, a bunch of folk I know are working on the OpenBMC project which has a hope of being better.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: tooki on October 13, 2018, 08:47:56 pm
The security of the  Supermicro boards is really bad, like buffer overflow in the web interface of the boards, which allows to get root access, and storing the administrator password in plaintext. So it wouldn't make sense to implant a chip to do things you can do with a webbrowser without the chip. Details here:

https://arstechnica.com/information-technology/2018/10/supermicro-boards-were-so-bug-ridden-why-would-hackers-ever-need-implants/
Yep. As the guy at the end of the article says: yes, it’s technically possible. But it’s not plausible.

But of course conspiracy theorists are never bothered by such arguments. To them, the allure of being knowers of the “truth” outweighs any arguments in favor of an alternative explanation, no matter how much more sensible the alternative is.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: mnementh on October 14, 2018, 04:47:09 am
The same exact thing can be said of all you would-be "Amazing Randis" debunkers out there; the desire to "Know better" than others makes you overlook obvious shit that just doesn't add up.

I'm not saying that I believe Bloomberg's story is 100% biblical truth, anymore than I believe the Bible in the same way. But CLEARLY there was SOMETHING going on, that people in a position to know felt was important enough to take the chance on telling such a convoluted story and bothered to provide enough corroborating evidence that a well-respected journalist and the paper he worked for felt it was worth bringing to our attention.

The way in which the denials were presented are what makes me call "shenanigans..." like the kid caught with crumbs leading all the way to his bedroom taking umbrage and denying that he'd raided the cookie jar, then coming down to the living room 15 minutes later with some utter BS story about what happened to the cookies.

The problem with the arguments against lie squarely in misapplication of Occam's Razor; lazy things that we are, we tend to abbreviate everything, even philosophical constructs.

Occam's Razor states that The simplest solution which answers all relevant questions is most likely the correct one. Therein lies the rub; we almost ALWAYS forget that most CRUCIAL part of the Razor, and attempt to simplify EVERYTHING by discarding facts which defy our preferred simple answer.  :palm:

2 simple facts...

1) Chinese manufacturers pwn!!! our supply chain. To them, altering hardware in a malicious manner is no harder, probably easier, actually, than hacking someone else's code... and much easier to keep the machine itself and those operating it from discovering the mod in normal operation, where FW and SW are CONSTANTLY being reviewed and scrutinized and upgraded.

A person would have to BOTH have intimate knowledge of an entire motherboard design (which really, only they have once they've been through revision a time or six) AND be on the lookout for a component that doesn't belong.

It is a matter of WHEN, not IF this will happen.

why do only some boards have it then, and why was it not immediately elaborated on by the project manager?

If they use an inventory system in their company using RF then it would be widely known in the company.. did this company not take a financial hit immediately ?where is the PR?

response to a serious international scandal accusation takes more then a week? seriously?
that could be solved with 10 seconds on a telephone.

i call bullshit. and wired to a SPI line? come on. Companies stock prices dropping drastically, fucking senators demanding inquires and someones gonna try to chalk it up to a inventory control system that took a week to explain?
seriously??

2)coppercone's argument above is dead on...

It took them a week to come up with this weak-ass story? Companies losing tens of points, Congress shitting bricks, all over what would have been common knowledge to anyone in the supply chain?

mnem
"Allright Beatrice, there was no alien. The flash of light you saw in the sky was not a UFO; swamp gas from a weather balloon was trapped in a thermal pocket and refracted the light from Venus..."
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: MK14 on October 14, 2018, 05:24:37 am
"shenanigans..."

Pictures or it didn't happen.
Evidence NOT conspiracy theories.

Examples:
He looks guilty...
He's a man, so he must've done it...
There is NO evidence, so they must be guilty, as they hid the evidence...
The Police would never investigate them in the first place, if they had nothing to do with the crime...
Etc etc.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: mnementh on October 14, 2018, 05:57:21 am
*Yaaawwwwnnnn*

Same old tautology... "There's nothing to see here, because I said there's nothing to see here."

Good luck widdat when they come for you.  ::)

mnem
    "First they came for the Communists, and I did not speak out —
         Because I was not a Communist.

    Then they came for the trade unionists, and I did not speak out —
         Because I was not a trade unionist.

    Then they came for the Jews, and I did not speak out —
         Because I was not a Jew.

    Then they came for me - and there was no one left to speak for me." ~ One of several version of "First They Came..." attributed to Martin Niemöller
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: MK14 on October 14, 2018, 06:05:20 am
*Yaaawwwwnnnn*

Same old tautology... "There's nothing to see here, because I said there's nothing to see here."

Sorry, I can't reply to you at the moment.

I heard a noise outside, and I'm investigating.
I can't go too far (or I'll fall off the edge of the flat Earth), be eaten by BigFoot, who is an Alien, From another time-zone. I can't injure him, because they will come back as a Ghost, and haunt me.
Also, it is NOT politically correct for me to criticize, BigFoot, because they are a minority.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: technix on October 14, 2018, 06:21:14 am
欲加之罪,何患无辞。
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: MK14 on October 14, 2018, 06:31:00 am
欲加之罪,何患无辞。

Quote
one can always trump up a charge against sb Give a dog a bad name, then hang

Some people think that the Trump (administration), may have trump-ed up the accusations. Because of the US/China trade war.

But Bloomberg News, seems to have spent a very long time, creating/researching the news story (apparently confirmed by some of the denial reports, from Apple, Amazon and Super-Micro). Which would tend to mean the Trump administration had nothing to do with it.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: mnementh on October 14, 2018, 06:38:22 am
*Yaaawwwwnnnn*

Same old tautology... "There's nothing to see here, because I said there's nothing to see here."

Sorry, I can't reply to you at the moment.

I heard a noise outside, and I'm investigating.
I can't go too far (or I'll fall off the edge of the flat Earth), be eaten by BigFoot, who is an Alien, From another time-zone. I can't injure him, because they will come back as a Ghost, and haunt me.
Also, it is NOT politically correct for me to criticize, BigFoot, because they are a minority.

Yes, your argument is precisely THAT infantile. Glad you understand this; now perhaps you could actually come up with something that demonstrates independent thought rather than simply parroting the same old "Fake news" mantra over and over again and attempting to marginalize those who actually bother to think.

It is that logic which allows all evil in the world to go first uninvestigated, then undiscussed, then allowed to prosper.

mnem
"All that is required for evil to flourish is that good men do nothing."
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: MK14 on October 14, 2018, 06:46:04 am
Yes, your argument is precisely THAT infantile. Glad you understand this; now perhaps you could actually come up with something that demonstrates actual independent thought rather than simply parroting the same old "Fake news" mantra over and over again and attempting to marginalize those who actually bother to think.

It is that logic which allows all evil in the world to go first uninvestigated, then undiscussed, then allowed to prosper.

mnem
"All that is required for evil to flourish is that good men do nothing."

I'm the official court judge, presiding over this case. Judge Mr MK 14!.

The defendant, Mr China, is accused of Stealing secret information.

Mr Bloomberg, has testified, that three people were robbed of their information. Mr Apple, Mr Amazon and Mr Super-Micro.

On testifying to the court, Mr Apple, Mr Amazon and Mr Super-Micro, all swear on oath that the robberies (of the data), NEVER took place.

No pictures of the said robberies (Tiny Sot-23 devices and suchlike), have been submitted as evidence.

The stolen data items (affected Servers), have not been submitted to the court as evidence.

My Verdict. NOT GUILTY (or certainly NOT PROVEN by the evidence submitted and made available so far).
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: mnementh on October 14, 2018, 06:51:43 am
....and now you've gone recursive; just another way of repeating the same exact tautology:  "There's nothing to see here, because I said there's nothing to see here."

Good luck widdat.   ::)

mnem
"Good night, and may your god go with you."  ~ Dave Allen
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: bd139 on October 14, 2018, 06:56:29 am
There is nothing to see at the moment. Extraordinary claims require at least some evidence. It’s all words and farts.

Anyway a relevant anecdote for you. I spoke to someone yesterday who has about 1500 Supermicro boxes in production. They have inbound/outbound IDS systems and the management VLAN has no outbound. No attempt has been made by anything in the management VLAN to call home.

Windows however, and I’m quoting here “hammers the fucking shit out of the firewall even though we turn all the switches off”.

I think we’re prioritising risk vectors incorrectly here.

Personally I’m more worried about the nasty American monopoliser’s vampiric tendency and addiction to telemetry and activation data. Imagine the GDPR hell if some of that data contains PII one day due to a bug like the .Net core CLR telemetry logger logging command lines fully...
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: mnementh on October 14, 2018, 07:29:00 am
I already answered this; my point is, and always has been, that there is something here... maybe not exactly what was first presented, but clearly something.

Dismissing it entirely because those who have reason and ability to cover up what exactly it is have done so successfully under the weakest of cover stories is exactly no less ignorant than Uncle Filbert and his Sasquatch picnic story.

It is in fact a worse kind of ignorance; the willful kind that permits a white trash racist, rapist, misogynist, pathological liar career deadbeat sociopathic felon to squat in the White House and there's jack shit We The People can do about it.

Just because there's lots of common mundane threats in everyday life doesn't mean we can stop looking for the outrageous threats when we know they're not only probable, but inevitable.

mnem
"Eternal vigilance is the price of Freedom."
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: bd139 on October 14, 2018, 07:32:15 am
We’re certainly not dismissing it but at the moment it looks improbable until evidence suggests otherwise.

Answering every what if without evidence isn’t productive which is the problem. File it in the “keep an ear open for more info” drawer.

Can you just shoot him? You’ve done it before  :-DD (I joke but...)
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: donotdespisethesnake on October 14, 2018, 08:10:23 am
I already answered this; my point is, and always has been, that there is something here... maybe not exactly what was first presented, but clearly something.

There is NOTHING here. It's bullshit concocted by reporters who get a bonus for moving markets.

What it does show it how easily you can dangle a little bit of propaganda and many people will believe it. Fake news is being used by all sides.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: Cerebus on October 14, 2018, 11:25:08 am
Can you just shoot him? You’ve done it before  :-DD (I joke but...)

I just knew that pram on the grassy knoll looked suspicious.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: bd139 on October 14, 2018, 12:04:18 pm
Shhhhhhhhhhhh  :-DD
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: mnementh on October 14, 2018, 03:40:01 pm
[...] a white trash racist, rapist, misogynist, pathological liar career deadbeat sociopathic felon to squat in the White House and there's jack shit We The People can do about it [...]

Get over it, that's how democracy works *********************** >:D We The People are the ones who put him there.

(And don't do like bd139 says)

No, We the People did NOT. He was installed in the White House against the will of the American People by a cabal of ultra-wealthy sociopaths intent on completing their hostile corporate takeover of our sovereign nation.

DON'T EVER FORGET THAT. Don't ever stop fighting it.

Unless by "We put him there" you mean by policy of inaction, wherein we didn't immediately march en masse on Washington with torches and pitchforks... then of course you are correct.  :palm:

We’re certainly not dismissing it but at the moment it looks improbable until evidence suggests otherwise.

Answering every what if without evidence isn’t productive which is the problem. File it in the “keep an ear open for more info” drawer.

Can you just shoot him? You’ve done it before  :-DD (I joke but...)

I fear it will come to some point where his own party is forced to do just that in self-defense; in the same way some animals eat their young.

And bringing it back to the original topic again: I agree in principle... we need to keep investigating this and the likelihood that it is just the tip of the iceberg, rather than the current ADD/Bipolar pendulum swing of "going thermal" one minute and completely ignoring it the next.

That "muddle ground" is all I'm asking for; yet some folks seem unwilling to even concede THAT.  :palm:

I have no doubt that in the next few years, some "shockingly similar widespread IT infrastructure compromise" will be discovered, and substantiated in incontrovertible fashion, and those who warned that "it isn't over" will yet again be proven right.  Just like we warned with CISCO.

mnem
Fucking Cassandra, man...
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: MK14 on October 14, 2018, 04:10:01 pm
No, We the People did NOT. He was installed in the White House against the will of the American People by a cabal of ultra-wealthy.................
.........

That is why, I believe (and I don't think, I'm alone), that evidence based, scientific/mathematical methods, are important.

Rather than just simply believing whatever, floats randomly into peoples heads, and whatever they "feel", is the reality. Completely ignoring the facts, science, logic and sometimes even the truth.

You may have noticed, from some of my previous posts, that I am NOT 100% entirely happy with Trump. (Possibly TINY understatement, here).

But, I have encountered, real life people who support him.

So unless there is rigorous proof, that his election, is a fraud. E.g. Russian fiddling.

He was at least, genuinely and fairly elected to be the president.

Anyway, we are straying badly off-topic, and turning this into a political (anti-Trump) thread.
We should be discussing the possible hardware hacked servers here, and NOT Trump.
Otherwise the thread could get locked, as has many others, before this one.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: Marco on October 14, 2018, 04:17:14 pm
1) Chinese manufacturers pwn!!! our supply chain. To them, altering hardware in a malicious manner is no harder, probably easier, actually, than hacking someone else's code... and much easier to keep the machine itself and those operating it from discovering the mod in normal operation, where FW and SW are CONSTANTLY being reviewed and scrutinized and upgraded.

It's very expensive to get caught, that it's easy is besides the point.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: mnementh on October 14, 2018, 04:28:28 pm
No, We the People did NOT. He was installed in the White House against the will of the American People by a cabal of ultra-wealthy.................
.........

That is why, I believe (and I don't think, I'm alone), that evidence based, scientific/mathematical methods, are important.

Rather than just simply believing whatever, floats randomly into peoples heads, and whatever they "feel", is the reality. Completely ignoring the facts, science, logic and sometimes even the truth.

You may have noticed, from some of my previous posts, that I am NOT 100% entirely happy with Trump. (Possibly TINY understatement, here).

But, I have encountered, real life people who support him.

So unless there is rigorous proof, that his election, is a fraud. E.g. Russian fiddling.

He was at least, genuinely and fairly elected to be the president.

Anyway, we are straying badly off-topic, and turning this into a political (anti-Trump) thread.
We should be discussing the possible hardware hacked servers here, and NOT Trump.
Otherwise the thread could get locked, as has many others, before this one.

And now you're in the third iteration of the SAM EXACT argument.   "Willfully ignorant" of what is plainly visible all around you is NOT scientific method.

I already brought my own conversation into balance with the topic at hand; yet you conveniently ignore the bulk of my post to make the "Anti-Trump" argument yourself, using that to obfuscate your own childish unwillingness to admit this still bears further investigation.

The more you talk, the more you prove my point: some folks simply WILL NOT learn from the past, but insist on ignoring he lessons of history. Willfully. Adamantly. Ignorant.

mnem
 :palm:



Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: MK14 on October 14, 2018, 04:45:42 pm
......................childish unwillingness to admit this still bears further investigation.

Sure. Investigate it further, and produce actual evidence, that the server(s), have been hardware hacked, and investigate (if hacking evidence has been found), by whom (Chinese ?).

(But if you are still talking about Trump, it is getting TOO off-topic, so I've stopped).
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: mnementh on October 14, 2018, 05:15:33 pm
Nope. That comment was in passing, as I just said; not the primary message.

That investigation is supposed to be the entire point of this thread; discussing how what has been presented is valid, vs how it isn't... but what has happened here is that a very small, very vocal minority are demanding that there is nothing here to discuss and we should all just stop talking about it.

That is the antithesis of DISCUSSION.

If you want to not talk about it, then fine, don't. Nobody is making you come in here, to a thread devoted to this discussion, and read it. If you don't like the discussion, then don't participate.

(https://imgs.xkcd.com/comics/data_pipeline.png)

Much of IT is just THIS... and we're now in approximately the third generation where any "professional" in any way involved with IT is fighting a constant battle against letting THAT be the product that ships, and we've all been forced to learn very quickly, by way of simple self-preservation, to NOT look too closely at anything outside our own very specific SOW.

That intimate knowledge, within my own very small portion of what is known as "IT" as a global phenomenon, fills me with terror any time I actually think about it. Knowing that there are lots of folks who know my specialty better than I, and knowing that there are so many other aspects of IT as a whole which rely on the other specialties to work properly, yet those specialties are every bit as much a kludge as my own is daunting... yet still we continue to blunder forward into every new day as if the house of cards made of houses of cards will never fall.

Maybe, just maybe... now is a good time to at least try shoring things up a little, instead of continuing to promote the current race to the bottom, which tactic we've already seen fail spectacularly numerous times in just the last few years.

mnem
Just a suggestion.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: bd139 on October 14, 2018, 05:38:24 pm
Indeed. On numerous occasions I have considered digging myself a nuclear bunker and hiding in it. There is some pretty scary shit out there in the wild.

This rant always sticks with me: https://www.stilldrinking.org/programming-sucks (https://www.stilldrinking.org/programming-sucks)

To back up my initial point, the internet is literally hanging by a thread most days. It’s lucky it even works. One router or BGP hijack away from end game. I’ve seen a company lose two days trade due to a router being fucked two hops away.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: mnementh on October 14, 2018, 06:11:12 pm
Indeed. On numerous occasions I have considered digging myself a nuclear bunker and hiding in it. There is some pretty scary shit out there in the wild.

This rant always sticks with me: https://www.stilldrinking.org/programming-sucks (https://www.stilldrinking.org/programming-sucks)

To back up my initial point, the internet is literally hanging by a thread most days. It’s lucky it even works. One router or BGP hijack away from end game. I’ve seen a company lose two days trade due to a router being fucked two hops away.

I remember that; it was brought to my attention sometime around my last regular 9-to-5 gig. It instantly validated decades of deeply-rooted professional hunches and internal "Spidey-sense" type alarm bells that pretty much never completely go silent; until of course, the day you wake up on the wrong side of the grass.  :palm:

The two bits that really stuck with me... (especially since I was involved in essentially tearing down an entire ISD's network and replacing Cheney-era infrastructure with modern, while trying not to lose phones and printers we couldn't even test) were these:

"...and then all the programmers’ snowflakes get dumped together in some inscrutable shape and somebody leans a Picasso on it because nobody wants to see the cat urine soaking into all your broken snowflakes melting in the light of day. Next week, everybody shovels more snow on it to keep the Picasso from falling over."

Because that essentially described pretty much every bit of HARDWARE and cabling in every MDF/IDF/Bathroom/Janitor's Closet in 14 different campuses we had to gut & restuff in some semblance of order all while working in buildings that had the AC off for the summer in Tejas .  |O

And the other part was this... anybody who's ever tried to coax a PC back to life just long enough to recover some otherwise irretrievable bit of data knows this intimately:

"Why do we tell you to turn it off and on again? Because we don’t have the slightest clue what’s wrong with it, and it’s really easy to induce coma in computers and have their built-in team of automatic doctors try to figure it out for us. The only reason coders’ computers work better than non-coders’ computers is coders know computers are schizophrenic little children with auto-immune diseases and we don’t beat them when they’re bad."

And this part is why I now KNOW I was lucky I never finished my MBA-turned-Network Administration degree:

"...There’s a team at a Google office that hasn’t slept in three days. Somewhere there’s a database programmer surrounded by empty Mountain Dew bottles whose husband thinks she’s dead. And if these people stop, the world burns. Most people don’t even know what sysadmins do, but trust me, if they all took a lunch break at the same time they wouldn’t make it to the deli before you ran out of bullets protecting your canned goods from roving bands of mutants."

mnem
*Over-taxed*
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: MK14 on October 15, 2018, 02:25:15 am
yet you conveniently ignore the bulk of my post to make the

I agree with you. I have been ignoring much of your post(s). You are right.

Let me try and explain why.

When I see dodgy technology, such as "Free energy Wheels/devices/Claims" or ">99.9% energy transmission for powering electronic devices, over distances of several metres, completely wirelessly", etc etc. I get concerned at the claims validity.

Similarly, when people make claims that someone/company/technology is bad/guilty, WITHOUT any real/valid evidence, being presented. I also get similarly concerned.

So, in this case. Because there is apparently no actual evidence being presented. I am concerned with any claims that this "China has hardware hacked some servers", is not provably true at the moment. At least not with the information which has been presented, publicly.

Hence I like to jump in and (hopefully) using proper Engineering, Science, Mathematics and Logical reasoning. Make people realize that the "dodgy technology or whatever", is probably NOT true.
E.g. A water bottle, which rapidly/automatically fills itself with pure drinking water, WITHOUT any source of power, or a wheel which spins round, generating huge amounts of usable (free) electricity/power. Without using any source of fuel/battery etc.

But on the other hand. If you want to discuss things in general. Such as (if I understand the point you are trying to make), IT systems have become so complicated, have so many layers to them and have numerous design compromises/fixes.
That no single person, can fully 100% understand the entire system, from start to finish.

Hence there are inherent dangers of such ways of doing things.

It is worrying, that so much electronics seems to come from China these days. Especially since, China seems to at least slightly, be moving itself on a kind of war footing, with the West, over the last few decades. E.g. The disputed South China Islands (which DON'T seem to even belong to China), which seem to be increasingly militarized by China.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: mnementh on October 15, 2018, 05:23:26 am
Just because this particular flavor of industrial espionage hasn't been proven here doesn't make it NOT valid discussion. You're NOT doing anybody a service by demanding that just because it hasn't been proven here by what we can see that it is not true.

"Absence of proof is NOT proof of absence." There - scientific method. Prove it HASN'T happened. You can't, just like I can't prove it HAS happened.

Stop telling us that it isn't so, when you don't KNOW it isn't so. You BELIEVE it is not so, based on your very narrow view of the scientific method. But THAT is just as much YOUR opinion (as is your opinion of how to apply scientific method) as it is MY opinion (and that of anyone with a reasonably healthy level of cynicism) that if it isn't already happening, it will be happening tomorrow, or the next day.

It is not only probable, it is inevitable, and sooner rather than later. All you have to do is pay attention to human nature and history to know this.

THAT is where YOUR view of the scientific method differs from mine: You use it as an excuse to view the world with blinders on, while I use it to fuel my curiosity.

You say "Lets not talk about what hasn't been proven yet. It doesn't make any sense to waste time on it."

I say "Let's talk about it until it DOES make sense, no matter how ridiculous that conversation may seem. You never know where understanding may come from."

mnem
Most people, on seeing something that doesn't make sense, will pause with a dark expression on their face; be instead the person whose face brightens at the prospect.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: bd139 on October 15, 2018, 06:50:43 am
Even Bloomberg are slowly backtracking https://www.bloomberg.com/news/articles/2018-10-10/nsa-cyber-official-asks-for-first-hand-accounts-of-chip-hacking (https://www.bloomberg.com/news/articles/2018-10-10/nsa-cyber-official-asks-for-first-hand-accounts-of-chip-hacking)

Even NSA doesn’t have samples. I know NSA. NSA get first samples.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: BravoV on October 15, 2018, 06:57:21 am
Wonder if Supermicro lawsuit against Bloomberg on this matter (eg:defamation) can be win easily ?
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: bd139 on October 15, 2018, 07:00:34 am
Very easy. That would force Bloomberg to reveal their sources or pay up. This could be quite a scandal ultimately resulting in Bloomberg being accused of market manipulation.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: MK14 on October 15, 2018, 07:26:16 am
You say "Lets not talk about what hasn't been proven yet. It doesn't make any sense to waste time on it."

I say "Let's talk about it until it DOES make sense, no matter how ridiculous that conversation may seem. You never know where understanding may come from."

I'm happy, for us to have differing opinions and/or ways of doing/thinking about things.
I actually think that if we agreed with each other, 100% on everything, it would probably be a bad thing.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: borjam on October 15, 2018, 08:27:48 am
There is nothing to see at the moment. Extraordinary claims require at least some evidence. It’s all words and farts.
I agree, everything is just too vague.

Quote
Windows however, and I’m quoting here “hammers the fucking shit out of the firewall even though we turn all the switches off”.

I think we’re prioritising risk vectors incorrectly here.
From incidents suffered by customers, you would be surprising at how often an asshole will use the browser on an extremely critical server (such as a NAS management controller) for that quick check of the news or the latest joke. With the additional problem that it's almost as unpatchable a machine as the typical industrial control system and due to its very nature it's extremely rare to even use AV software (not that it's a silver bullet!). The consequences are left as an exercise for the reader...

Quote
Personally I’m more worried about the nasty American monopoliser’s vampiric tendency and addiction to telemetry and activation data. Imagine the GDPR hell if some of that data contains PII one day due to a bug like the .Net core CLR telemetry logger logging command lines fully...
Let's see if GDPR really applies, the latest Facebook crap will be a good test ;)
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: Bicurico on October 15, 2018, 08:38:22 am
The whole newstory is a hoax/fake news in my opinion.

If China wants to spy on servers/computers/laptops/tablets/mobile phones, they could just put the required software hidden inside the firmware of the respective devices, for instance inside the IC managing the ethernet/mobile/wifi communication.

It beats me why someone would imagine China to solder a monitoring IC into an existing motherboard, when it could simply do it by software.

And no, doing it by software, changing the firmware and eventually even signing it again, is certainly not more difficlult than:

- developing a custom IC that is miniature for what it has to do in terms of processing power
- finding a way to connect it to the correct data lines
- finding a way to communicate with the outside world

Sorry, that simply doesn't make any sense!

Regards,
Vitor
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: BravoV on October 15, 2018, 08:42:55 am
Very easy. That would force Bloomberg to reveal their sources or pay up. This could be quite a scandal ultimately resulting in Bloomberg being accused of market manipulation.

As Bloomberg is not that stupid to pull this kind of stunt.

What interesting now is to see if companies like Supermicro will take legal action, ... or maybe not at all, which is expected too.  >:D
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: borjam on October 15, 2018, 08:52:49 am
Very easy. That would force Bloomberg to reveal their sources or pay up. This could be quite a scandal ultimately resulting in Bloomberg being accused of market manipulation.

As Bloomberg is not that stupid to pull this kind of stunt.

What interesting now is to see if companies like Supermicro will take legal action, ... or maybe not at all, which is expected too.  >:D

The thing is, with the strong denials from Apple, Supermicro and Amazon someone could be indicted of market manipulation. Either one of the former or Bloomberg. Ugly situation.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: technix on October 15, 2018, 10:03:22 am
The whole newstory is a hoax/fake news in my opinion.

If China wants to spy on servers/computers/laptops/tablets/mobile phones, they could just put the required software hidden inside the firmware of the respective devices, for instance inside the IC managing the ethernet/mobile/wifi communication.

It beats me why someone would imagine China to solder a monitoring IC into an existing motherboard, when it could simply do it by software.

And no, doing it by software, changing the firmware and eventually even signing it again, is certainly not more difficlult than:

- developing a custom IC that is miniature for what it has to do in terms of processing power
- finding a way to connect it to the correct data lines
- finding a way to communicate with the outside world

Sorry, that simply doesn't make any sense!

Regards,
Vitor
That was kind of my point. That ASPEED chip is in a convenient location for processing power (ARM9 core,) access to system RAM (over PCIe) and access to outside world (through ILO Ethernet or through injecting malware into host RAM.) It is possible that there might be a hack chip, but the hack chip won't work on its own, instead it is located on a production test pin of the ASPEED chip, injecting code into hat chip on the fly. The hack chip is literally nothing more than a microcontroller with a firmware implementing the ASPEED production test protocol and a lot of Flash space for the ARM9 payload.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: Bicurico on October 15, 2018, 10:36:30 am
These kind of chips are known in the console world as "mod chips". They will inject the appropriate data to surpass the protection mechanism.

Still, they do require a lot of computing power to "just" swap a few bits...

I could not imagine a chip as small as the one presented in the news to have enought CPU power and memory to do a useful hack based on as litte as 6(?) pins.

Also, I don't understand how they could implement that chip without having to solder any wires... It would be a miracle to have a point on the board that had the right traces on one spot where you could solder the IC.

Again, it would seem much simpler to just change the firmware or, heck, replace the whole chip they target with a hacked one.

Regards,
Vitor
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: tooki on October 15, 2018, 12:05:35 pm
Just because this particular flavor of industrial espionage hasn't been proven here doesn't make it NOT valid discussion. You're NOT doing anybody a service by demanding that just because it hasn't been proven here by what we can see that it is not true.

"Absence of proof is NOT proof of absence." There - scientific method. Prove it HASN'T happened. You can't, just like I can't prove it HAS happened.

Stop telling us that it isn't so, when you don't KNOW it isn't so. You BELIEVE it is not so, based on your very narrow view of the scientific method. But THAT is just as much YOUR opinion (as is your opinion of how to apply scientific method) as it is MY opinion (and that of anyone with a reasonably healthy level of cynicism) that if it isn't already happening, it will be happening tomorrow, or the next day.

It is not only probable, it is inevitable, and sooner rather than later. All you have to do is pay attention to human nature and history to know this.

THAT is where YOUR view of the scientific method differs from mine: You use it as an excuse to view the world with blinders on, while I use it to fuel my curiosity.

You say "Lets not talk about what hasn't been proven yet. It doesn't make any sense to waste time on it."

I say "Let's talk about it until it DOES make sense, no matter how ridiculous that conversation may seem. You never know where understanding may come from."

mnem
Most people, on seeing something that doesn't make sense, will pause with a dark expression on their face; be instead the person whose face brightens at the prospect.
Blah blah blah… again, nobody here has said it's impossible. We are saying it's improbable and implausible, because a) it doesn't make sense to take this approach, and b) there's no evidence that it happened as described. 

And your conspiracy theorist tone of "you have blinders on, while I'm awoke!" doesn't make you seem more enlightened, it makes you seem like, well, a classic conspiracy theorist, complete with the "I want to believe!" poster on the wall that you stole from Mulder's office.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: tooki on October 15, 2018, 12:12:44 pm
Again, it would seem much simpler to just change the firmware or, heck, replace the whole chip they target with a hacked one.
To me, a much bigger piece of evidence (or rather, absence of evidence!) is that the supposedly affected companies haven't detected any suspicious traffic. Regardless of what method you use to compromise a server board, it has to be able to communicate its findings (or receive instructions) with the outside. And since such a covert chip couldn't possibly send and receive radio transmissions (through layers of metal enclosures and racks and cages) any useful distance at any useful speed, it means the data would have to flow through the NIC, and that's being monitored. Companies now routinely monitor traffic precisely to guard against attacks, so it's not as though one can just quickly send a few hundred packets unnoticed.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: Bud on October 15, 2018, 12:55:18 pm
Yes but do you think Facebook did not monitor their network? Yahoo? Equifax? Data still get siphoned out in Gigabytes, not small packets, with all the possible monitoring in place.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: Cerebus on October 15, 2018, 01:00:00 pm
..., so it's not as though one can just quickly send a few hundred packets unnoticed.

Be aware that in some scenarios it may only be necessary to send a little data, and quite possibly to send it in a leisurely fashion. That leads to the classic covert channel that perhaps leaks a few bits a second by random padding, packet timing, or turning on and off protocol options. If you need to leak a 128 bit key, or a 2048 bit key that's quite doable quite quickly in a covert channel, and intrusion detection systems and traffic monitoring/filtering systems generally will completely miss it. Proving that a system is free of covert channels is one of the classical hard problems of the cryptologist's world.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: CaptCrash on October 15, 2018, 03:12:48 pm
Getting data out of a system via interesting means is also quite humerious/ingenious at times.

I remember an example at a partner company to where I worked where data was transmitted by issuing DNS queries from a compromised system using the DNS infrastructure as a very slow semaphore.

Whist the system had no direct internet access it did have internal DNS servers.  These internal DNS servers after a couple layers of firewalls and various other types of internal security then was able to query external DNS servers.  Data from the compromised system was collected and then transmitted by using internal DNS servers of the site these queries eventually being requested against internet DNS servers.  Unique external host names were queried (across a few domain names with GUID looking host names) with encoded data in the host names.    The data returned in the form of IP addresses allowed for control of the compromised system with some regular dns lookups every several hours.

This was a great example of not needing to transfer data in a fast manner or even directly, rather to utilize existing communications to hide in plan sight.  I'm sure this wouldn't work in all situations, but its also probably going to work in a lot.

After seeing what could be achieved in this situation, my confidence that virus/worm developers can deliver just about any functionally is fairly high, why are people skeptical that similar complexity cannot be delivered via hardware?  I understand that the level of complexity is different but so is the payoff time for doing what ever you are looking to do.

It will be interesting if in a few months Super Micro does or does not sue Bloomberg.  Surely that will answer the question one way or the other.

edited for words  :)
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: FrankBuss on October 15, 2018, 03:40:22 pm
I remember an example at a partner company to where I worked where data was transmitted by issuing DNS queries from a compromised system using the DNS infrastructure as a very slow semaphore.

How was this detected? I guess if you fully control the server, you could monitor the internet traffic and then compare all internet traffic with the installed programs. But if it is something like an Amazon cloud server, you would need to analyze every customer application. So it would be impossible to detect hidden traffic, except by detecting the hidden program itself. This makes it again more plausible to install something in the hardware, which can initiate network traffic outside of the core CPUs itself, because hidden programs with high privilege, which has suspicious network traffic, might be easier to detect. Of course, would be much better to install a modified BMC chip instead of an extra chip, maybe with 2 layers, like running the transferred firmware in the normal layer, but one hidden layer above an additional spy firmware. But would be much more expensive, if they need to change the die for it.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: bd139 on October 15, 2018, 03:57:50 pm
That's easy. You have private DNS, your DNS doesn't forward past the local DNS resolver and you log the NXDOMAIN responses.

All your users go via authenticated proxy (squid) or aren't on the public internet.

You can run the same in AWS. Your instances don't have to be internet facing. Just don't have an NGW on your VPC and VPN yourself into it with a VPN GW.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: mnementh on October 15, 2018, 05:19:13 pm
The whole newstory is a hoax/fake news in my opinion.

If China wants to spy on servers/computers/laptops/tablets/mobile phones, they could just put the required software hidden inside the firmware of the respective devices, for instance inside the IC managing the ethernet/mobile/wifi communication.

It beats me why someone would imagine China to solder a monitoring IC into an existing motherboard, when it could simply do it by software.

And no, doing it by software, changing the firmware and eventually even signing it again, is certainly not more difficlult than:

- developing a custom IC that is miniature for what it has to do in terms of processing power
- finding a way to connect it to the correct data lines
- finding a way to communicate with the outside world

Sorry, that simply doesn't make any sense!

Regards,
Vitor

The reason you say that is because you think like a westerner, where you have to pay a third party to make the hardware. They OWN the foundries where this stuff is forged; for them electronic hardware is as fluid and dynamic as the software used to create it. It is just the CUSTOMER who has to pay for changes, because revision is their stock in trade. ;)

A custom device, completely self-contained from the device it is monitoring, is the obvious choice from a security penetration standpoint, as EVERYTHING software that is supposed to be there has the potential to be reviewed while the device is IN USE.

And the use of such a device instantly allows deniability... it becomes much harder to track down where in the supply chain such a device was added; no way of knowing, or even guessing, whether the device was intercepted and the bug planted after the fact, or if it was contracted by one of the "Five Eyes, etc" groups to be produced in a "special run" of product that supposedly "never existed".

Really... you're thinking like a normal, sane person and attempting to apply LOGIC to the actions of government and enterprise BUREAUCRACY... that is why you can't imagine this. ;)

Just because this particular flavor of industrial espionage hasn't been proven here doesn't make it NOT valid discussion. You're NOT doing anybody a service by demanding that just because it hasn't been proven here by what we can see that it is not true.

"Absence of proof is NOT proof of absence." There - scientific method. Prove it HASN'T happened. You can't, just like I can't prove it HAS happened.

Stop telling us that it isn't so, when you don't KNOW it isn't so. You BELIEVE it is not so, based on your very narrow view of the scientific method. But THAT is just as much YOUR opinion (as is your opinion of how to apply scientific method) as it is MY opinion (and that of anyone with a reasonably healthy level of cynicism) that if it isn't already happening, it will be happening tomorrow, or the next day.

It is not only probable, it is inevitable, and sooner rather than later. All you have to do is pay attention to human nature and history to know this.

THAT is where YOUR view of the scientific method differs from mine: You use it as an excuse to view the world with blinders on, while I use it to fuel my curiosity.

You say "Lets not talk about what hasn't been proven yet. It doesn't make any sense to waste time on it."

I say "Let's talk about it until it DOES make sense, no matter how ridiculous that conversation may seem. You never know where understanding may come from."

mnem
Most people, on seeing something that doesn't make sense, will pause with a dark expression on their face; be instead the person whose face brightens at the prospect.
Blah blah blah… again, nobody here has said it's impossible. We are saying it's improbable and implausible, because a) it doesn't make sense to take this approach, and b) there's no evidence that it happened as described. 

And your conspiracy theorist tone of "you have blinders on, while I'm awoke!" doesn't make you seem more enlightened, it makes you seem like, well, a classic conspiracy theorist, complete with the "I want to believe!" poster on the wall that you stole from Mulder's office.

"Blah, blah, blah..." you said it yourself.

Who is more the fool? The one who considers conspiracy theories and attempts to find the grain of truth behind them, or the one who cavalierly dismisses real evil, corruption and conspiracy going on all around that is so blatant it is happening right out in the open for all to see?

Calling willful ignorance "the scientific method" is just another lie, only it's the lie you tell yourself to have an excuse for that ignorance.

True "scientific method" investigates, records, and DOES NOT PRESUME ANYTHING.

It certainly does not assume that because we haven't proven a thing yet, it isn't so. It is in fact the polar OPPOSITE of that assumption.

mnem
Follow. The. Money.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: borjam on October 15, 2018, 05:32:43 pm
That's easy. You have private DNS, your DNS doesn't forward past the local DNS resolver and you log the NXDOMAIN responses.

All your users go via authenticated proxy (squid) or aren't on the public internet.

You can run the same in AWS. Your instances don't have to be internet facing. Just don't have an NGW on your VPC and VPN yourself into it with a VPN GW.
You can also log DNS activity and check for unusual activity. Like:

- What are the likely domains to be contacted by a given server? For a Windows system microsoft.com makes sense, w4r3zs4nsfr0nt1eres.org.cn doesn't ;)

- Does it contact recently created domains or have the domains been registered for a many years?

- Are the domains it contacts popular in your infrastructure or only a very small bunch of servers (or just one) query them?

- Do queries vary a lot or not?

- Where are the odd domains hosted?

- What is their registrar?

- In case there are web pages associated to those domains, what do they look like?

- Does it make a lot of queries for those odd domains?

etc etc.

Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: technix on October 15, 2018, 05:56:51 pm
These kind of chips are known in the console world as "mod chips". They will inject the appropriate data to surpass the protection mechanism.

Still, they do require a lot of computing power to "just" swap a few bits...

I could not imagine a chip as small as the one presented in the news to have enought CPU power and memory to do a useful hack based on as litte as 6(?) pins.

Also, I don't understand how they could implement that chip without having to solder any wires... It would be a miracle to have a point on the board that had the right traces on one spot where you could solder the IC.

Again, it would seem much simpler to just change the firmware or, heck, replace the whole chip they target with a hacked one.

Regards,
Vitor
This is a lot simpler if the attacker can fab chips. An example attack:

1. The production test pin on the ASPEED chip has internal pull up to 1.2V Vcore. During normal operation this pin is pulled to ground with a 100 ohm pull-down. The pin implements some kind of one-wire serial debugging protocol.
2. The modchip is made on a 28nm node allowing for 48kB mask ROM, 2kB SRAM and a 12MHz low power 1T 8051 core. The nominal 1.2V supply plus a Schottky diode drop allows the direct use of 28nm (even 14nm) process, shrinking the die significantly allowing it to be fit on a 0603 resistor package.
3. The modchip has two terminals, DIO and GND, like those Dallas 1-wire chips commonly do. Through an internal Schottky diode and capacitor the chip can draw power and communicate through that DIO pin.
4. The firmware of the modchip implements the serial debugging protocol, capable of dumping its 32kB payload into the DRAM of the ASPEED chip and launch it.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: Gyro on October 15, 2018, 08:56:59 pm
An article taking a rather more down-to-earth look at the Bloomberg motherboard hacking claim from the ElectronicDesign site...

https://www.electronicdesign.com/embedded-revolution/how-hack-server-motherboard (https://www.electronicdesign.com/embedded-revolution/how-hack-server-motherboard)
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: thm_w on October 15, 2018, 09:36:24 pm
An article taking a rather more down-to-earth look at the Bloomberg motherboard hacking claim from the ElectronicDesign site...

https://www.electronicdesign.com/embedded-revolution/how-hack-server-motherboard (https://www.electronicdesign.com/embedded-revolution/how-hack-server-motherboard)


Quote
There have been more details revealed lately and it appears that the motherboard circuit board did not have to be modified. Likewise, the additional chip may simply be a standard serial memory chip that was added to a location designed for the chip and left unpopulated. This is a common design approach to provide more options. For example, a TPM security chip is often an option for a server motherboard. The chip is simply left out if the motherboard will not provide that option.
...
The hack was supposedly caught, not by observing the changes to the motherboard, but by network traffic that was abnormal. A more sophisticated implementation might delay compromised communication until much later making it much harder to detect.

So the tiny filter package thing may have been completely wrong, which threw a lot of people off.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: tooki on October 15, 2018, 10:09:33 pm
Just because this particular flavor of industrial espionage hasn't been proven here doesn't make it NOT valid discussion. You're NOT doing anybody a service by demanding that just because it hasn't been proven here by what we can see that it is not true.

"Absence of proof is NOT proof of absence." There - scientific method. Prove it HASN'T happened. You can't, just like I can't prove it HAS happened.

Stop telling us that it isn't so, when you don't KNOW it isn't so. You BELIEVE it is not so, based on your very narrow view of the scientific method. But THAT is just as much YOUR opinion (as is your opinion of how to apply scientific method) as it is MY opinion (and that of anyone with a reasonably healthy level of cynicism) that if it isn't already happening, it will be happening tomorrow, or the next day.

It is not only probable, it is inevitable, and sooner rather than later. All you have to do is pay attention to human nature and history to know this.

THAT is where YOUR view of the scientific method differs from mine: You use it as an excuse to view the world with blinders on, while I use it to fuel my curiosity.

You say "Lets not talk about what hasn't been proven yet. It doesn't make any sense to waste time on it."

I say "Let's talk about it until it DOES make sense, no matter how ridiculous that conversation may seem. You never know where understanding may come from."

mnem
Most people, on seeing something that doesn't make sense, will pause with a dark expression on their face; be instead the person whose face brightens at the prospect.
Blah blah blah… again, nobody here has said it's impossible. We are saying it's improbable and implausible, because a) it doesn't make sense to take this approach, and b) there's no evidence that it happened as described. 

And your conspiracy theorist tone of "you have blinders on, while I'm awoke!" doesn't make you seem more enlightened, it makes you seem like, well, a classic conspiracy theorist, complete with the "I want to believe!" poster on the wall that you stole from Mulder's office.

"Blah, blah, blah..." you said it yourself.

Who is more the fool? The one who considers conspiracy theories and attempts to find the grain of truth behind them, or the one who cavalierly dismisses real evil, corruption and conspiracy going on all around that is so blatant it is happening right out in the open for all to see?

Calling willful ignorance "the scientific method" is just another lie, only it's the lie you tell yourself to have an excuse for that ignorance.

True "scientific method" investigates, records, and DOES NOT PRESUME ANYTHING.

It certainly does not assume that because we haven't proven a thing yet, it isn't so. It is in fact the polar OPPOSITE of that assumption.

mnem
Follow. The. Money.
You did not understand my comment. You’re going off on another condescending cuckoo conspiracy theorist “I’m more aware than you!” rant/sermon, and about evil and your idea of “scientific method” and whatnot, and meanwhile you don’t even realize what I did (and didn’t) say.

No need to reply, I’ve added you to my ignore list. I don’t need the temptation of getting into arguments with conspiracy nuts.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: mnementh on October 16, 2018, 02:52:11 am
You did not understand my comment. You’re going off on another condescending cuckoo conspiracy theorist “I’m more aware than you!” rant/sermon, and about evil and your idea of “scientific method” and whatnot, and meanwhile you don’t even realize what I did (and didn’t) say.

No need to reply, I’ve added you to my ignore list. I don’t need the temptation of getting into arguments with conspiracy nuts.
No, I fully understood your comment. I called you out on it. You're the one who resorted to name calling, belittling and personal attacks; I'm just refusing to let you slide on a lie. Call it what you like, but it's still a lie.

Cheers,

mnem
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: Marco on October 16, 2018, 06:19:30 am
So the tiny filter package thing may have been completely wrong, which threw a lot of people off.

Because of the nigh infinite negative number security domains we have below the OS level now, all with their own resident firmware upgrades, you don't need to do anything in the supply chain for this. If it was just a group of hackers (state sponsored or not) abusing flaws in supermicro servers it's suddenly business as usual.

IMO all firmware should be on the HD except tiny open source bootloaders, maybe with an updatable library of public keys for firmware decryption. I don't mind if the manufacturers encrypt their firmware, but stop putting ever more little bits of memory in machines which allow resident exploits (this goes for storage and extension cards as well). We have been at the point for over a decade now where you can throw an exploited machine in the fucking bin, there's too many nooks and crannies where a sophisticated actor can stuff a hook to re-rootkit you.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: bd139 on October 16, 2018, 06:43:38 am
We have open firmware. It is called OpenFirmware/OpenBoot.

Unfortunately most of our infrastructure is built on a house of cards from the late 1970s with hack after hack piled on top of it (x86). This mandates a pile of drunken arse shite to get the hardware aligned with reality so the OS doesn’t vomit when it finally gets to take over from the masturbating monkey in charge of the show.

Really need to bin x86 and start again.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: BravoV on October 16, 2018, 06:50:00 am
We have open firmware. It is called OpenFirmware/OpenBoot.

Unfortunately most of our infrastructure is built on a house of cards from the late 1970s with hack after hack piled on top of it (x86). This mandates a pile of drunken arse shite to get the hardware aligned with reality so the OS doesn’t vomit when it finally gets to take over from the masturbating monkey in charge of the show.

Really need to bin x86 and start again.

Problem is, the nasty part was, is and will be always hardwired in main cpu silicon, how can you clean that ?  :-DD
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: bd139 on October 16, 2018, 07:08:01 am
POWER, SPARC, ARM. Anything but x86.

Give me a 50% performance hit per watt and I’ll still be a happy man. I’ll be able to sleep better at night.

So far we have compromised hardware, critical implementation flaws, bugs galore (check intel core errata), management hardware compromises. The whole thing is a pile of shit and needs to just be burned. When your manuals spread several volumes for a CPU and compiler implementations only use a small subset of that functionality then you’ve built a Rube Goldberg machine of massive proportions. No one can possibly understand this pile of shit.

I was actually speaking to someone a couple of months ago who has a pretty big grasp on security. They have done everything right. So I get asked what should they do next under continuous improvement. I suggested they start looking at other non x86 platforms. This was met with disbelief and derision. I explained the spectre, meltdown, ME stuff and ironically the supply chain (perhaps I was a prophet lol) and there was an “oh shit” moment. This was followed by rapidly sweeping the idea under the rug because they’re semi happy with HPE being their abusive partner.

Everyone has a price and IT industry has Stockholm syndrome.

We have virtually zero hardware diversity in professional computing. This is a massive risk. Heterogeny was the stupidest thing the IT industry ever did.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: borjam on October 16, 2018, 07:10:19 am
We have open firmware. It is called OpenFirmware/OpenBoot.

Unfortunately very very few people can appreciate what that means, used to the "you have .1 seconds to press DEL if you want to configure BIOS shit", or being forced to record a video of the screen in order to see a very critical but brief error message flashing before the BIOS program written by the next idiot clears the screen like some amateuresque BASIC program...

2018 and you still can be forced to shoot a photo of a screen in order to copy stupid BIOS parameters from one machine to the next.

And the EFI machines I have tried are insane. I have IBM servers that take 10 minutes to boot. I even had to erase the BIOS in some LSI SAS cards (not needed anyway, the OS takes care of them) because the braindead EFI implementation choked on them.

Meanwhile I am always missing Sun hardware with Openboot and a serial console that allowed me to capture the whole boot dialog into a file.
 
Quote
Unfortunately most of our infrastructure is built on a house of cards from the late 1970s with hack after hack piled on top of it (x86). This mandates a pile of drunken arse shite to get the hardware aligned with reality so the OS doesn’t vomit when it finally gets to take over from the masturbating monkey in charge of the show.

Really need to bin x86 and start again.

It's amazing how many stupid decisions from the IBM PC are still haunting us.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: bd139 on October 16, 2018, 07:13:14 am
Yes. Stop+A FTW. Being back proper computers!

BTW for those who have never dealt with Sun hardware, OpenBoot was amazing. Totally awesome. And your management interface was a serial concentrator with an AUI interface :)
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: borjam on October 16, 2018, 07:13:24 am
POWER, SPARC, ARM. Anything but x86.
Indeed. As we don't depend on Windows at all it wouldn't be a problem for us. Any tier-1 Linux/FreeBSD capable platform and we would feel right at home.  We still have some 20 year old SPARC machines working, even!

Quote
Everyone has a price and IT industry has Stockholm syndrome.

We have virtually zero hardware diversity in professional computing. This is a massive risk. Heterogeny was the stupidest thing the IT industry ever did.
Yep, we have repeated the Windows mistake in hardware. And from all the choices the crappiest won.

Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: tooki on October 16, 2018, 11:18:46 am
You did not understand my comment. You’re going off on another condescending cuckoo conspiracy theorist “I’m more aware than you!” rant/sermon, and about evil and your idea of “scientific method” and whatnot, and meanwhile you don’t even realize what I did (and didn’t) say.

No need to reply, I’ve added you to my ignore list. I don’t need the temptation of getting into arguments with conspiracy nuts.
No, I fully understood your comment. I called you out on it. You're the one who resorted to name calling, belittling and personal attacks; I'm just refusing to let you slide on a lie. Call it what you like, but it's still a lie.
A lie? I said “it’s not impossible, it’s improbable and implausible”, which is what almost everyone is saying.

That you think that’s a lie (not to mention don’t understand that it does allow for the possibility of the purported exploit being true) only reinforces my opinion that you’re a conceited conspiracy theorist nut job.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: Cerebus on October 16, 2018, 12:58:51 pm
You did not understand my comment. You’re going off on another condescending cuckoo conspiracy theorist “I’m more aware than you!” rant/sermon, and about evil and your idea of “scientific method” and whatnot, and meanwhile you don’t even realize what I did (and didn’t) say.

No need to reply, I’ve added you to my ignore list. I don’t need the temptation of getting into arguments with conspiracy nuts.
No, I fully understood your comment. I called you out on it. You're the one who resorted to name calling, belittling and personal attacks; I'm just refusing to let you slide on a lie. Call it what you like, but it's still a lie.
A lie? I said “it’s not impossible, it’s improbable and implausible”, which is what almost everyone is saying.

That you think that’s a lie (not to mention don’t understand that it does allow for the possibility of the purported exploit being true) only reinforces my opinion that you’re a conceited conspiracy theorist nut job.

I think he means 'lie' in the sense of self-deception, not in the sense of dishonesty.

And please, lighten up on the insulting tone it's uncalled for and unseemly. I count both of you as two of the generally saner and more considered voices on here, most of the time.

Don't make me dust off my collection of gnome/chocolate/cuckoo-clock jokes.  :)
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: mnementh on October 16, 2018, 03:26:22 pm
You did not understand my comment. You’re going off on another condescending cuckoo conspiracy theorist “I’m more aware than you!” rant/sermon, and about evil and your idea of “scientific method” and whatnot, and meanwhile you don’t even realize what I did (and didn’t) say.

No need to reply, I’ve added you to my ignore list. I don’t need the temptation of getting into arguments with conspiracy nuts.
No, I fully understood your comment. I called you out on it. You're the one who resorted to name calling, belittling and personal attacks; I'm just refusing to let you slide on a lie. Call it what you like, but it's still a lie.
A lie? I said “it’s not impossible, it’s improbable and implausible”, which is what almost everyone is saying.

That you think that’s a lie (not to mention don’t understand that it does allow for the possibility of the purported exploit being true) only reinforces my opinion that you’re a conceited conspiracy theorist nut job.

The lie is the one you tell yourself about "scientific method" and assuming that because we haven't proven a thing, it isn't so. Go work with some people who ACTUALLY DO SCIENCE for a living; I have. They'll tell you the same thing I just told you; true scientific method is the polar opposite of assuming ANYTHING.

But hey, feel free to call me names, disparage my intellect, whatever helps you sleep at night. It's obvious you have little more to offer than insult.

Cheers,

mnem
*not before I finish my coffee*
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: mnementh on October 16, 2018, 03:42:07 pm
I think he means 'lie' in the sense of self-deception, not in the sense of dishonesty.

And please, lighten up on the insulting tone it's uncalled for and unseemly. I count both of you as two of the generally saner and more considered voices on here, most of the time.

Don't make me dust off my collection of gnome/chocolate/cuckoo-clock jokes.  :)

Well f***... evidently I managed to click through and not see this before posting my own response. Thanks for reminding us to try and be respectful; that is certainly something in short supply these days.

After reviewing my own response, I still stand by what I've said; while couched in retaliatory tone, I feel it sums up my POV pretty concisely. I said it, I own it.

I'll do better to temper my annoyance in the future; we certainly don't want Cerebus to have to get his conversational cutlery.  ;)

mnem
*Namaste*
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: tooki on October 16, 2018, 05:10:27 pm
You did not understand my comment. You’re going off on another condescending cuckoo conspiracy theorist “I’m more aware than you!” rant/sermon, and about evil and your idea of “scientific method” and whatnot, and meanwhile you don’t even realize what I did (and didn’t) say.

No need to reply, I’ve added you to my ignore list. I don’t need the temptation of getting into arguments with conspiracy nuts.
No, I fully understood your comment. I called you out on it. You're the one who resorted to name calling, belittling and personal attacks; I'm just refusing to let you slide on a lie. Call it what you like, but it's still a lie.
A lie? I said “it’s not impossible, it’s improbable and implausible”, which is what almost everyone is saying.

That you think that’s a lie (not to mention don’t understand that it does allow for the possibility of the purported exploit being true) only reinforces my opinion that you’re a conceited conspiracy theorist nut job.

The lie is the one you tell yourself about "scientific method" and assuming that because we haven't proven a thing, it isn't so. Go work with some people who ACTUALLY DO SCIENCE for a living; I have. They'll tell you the same thing I just told you; true scientific method is the polar opposite of assuming ANYTHING.

But hey, feel free to call me names, disparage my intellect, whatever helps you sleep at night. It's obvious you have little more to offer than insult.

Cheers,

mnem
*not before I finish my coffee*
Dude. Go back and read the thread. You are accusing me of saying things I DID NOT SAY. I think you didn’t realize, in the heat of responding, that I’m not the person who said anything about scientific method or anything!! Next to each post is the username; please go find the posts you responded to regarding scientific method. You’ll find they’re not from me.

So stop painting me as an anti-science nut and condescendingly trying to explain the scientific method to me.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: mnementh on October 16, 2018, 05:52:51 pm
The lie is the one you tell yourself about "scientific method" and assuming that because we haven't proven a thing, it isn't so. Go work with some people who ACTUALLY DO SCIENCE for a living; I have. They'll tell you the same thing I just told you; true scientific method is the polar opposite of assuming ANYTHING.

But hey, feel free to call me names, disparage my intellect, whatever helps you sleep at night. It's obvious you have little more to offer than insult.

Cheers,

mnem
*not before I finish my coffee*
Dude. Go back and read the thread. You are accusing me of saying things I DID NOT SAY. I think you didn’t realize, in the heat of responding, that I’m not the person who said anything about scientific method or anything!! Next to each post is the username; please go find the posts you responded to regarding scientific method. You’ll find they’re not from me.

So stop painting me as an anti-science nut and condescendingly trying to explain the scientific method to me.

YOU are the only one here painting anyone as any kind of nut. Period. Any "nuttiness" you're feeling is either projection or your own creation.

*Goes back and rereads*

A'aight... you didn't say the stuff about "scientific method"; that was MK14. But you DID step into our charlie-foxtrot without warning in support of his POV, and you were willfully personally insulting, while I tried very hard to stick to the philosophical points and keep personal attack out of it.

Sorry, but you earned your inclusion in that response.

Cheers,

mnem
*Lunch-ify*

Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: Cerebus on October 16, 2018, 06:01:34 pm
...But you DID step into our charlie-foxtrot without warning in support of his POV, ...

This joke continued from another topic/thread...

Maxim 54. The best way to win a one-on-one fight is to be the third to arrive.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: bd139 on October 16, 2018, 06:08:23 pm
https://youtu.be/SimMH3Q6zLw

Subtitle: being right on the internet.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: mnementh on October 16, 2018, 06:53:05 pm
...But you DID step into our charlie-foxtrot without warning in support of his POV, ...

This joke continued from another topic/thread...

Maxim 54. The best way to win a one-on-one fight is to be the third to arrive.

*Thankful for the distraction* Context:

(https://www.schlockmercenary.com/strip/3812/0/schlock20101118.jpg)

*Getting on with my life*

mnem
"Maxim 12: A soft answer turneth away wrath. Once wrath is looking the other way, shoot it in the head."
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: Cerebus on October 16, 2018, 07:38:36 pm
If we're going all Schlock Mercenary (https://www.schlockmercenary.com/) let's at least have one germane to the subject under discussion:

(https://www.schlockmercenary.com/strip/884/0/schlock20021112.jpg?v=1443894888372) (https://www.schlockmercenary.com/2002-11-12)

Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: mnementh on October 16, 2018, 09:56:18 pm
Ifni save us...  "MAXIM 53: The intel you've got is never the intel you want." (https://www.schlockmercenary.com/strip/5369/2/schlock20150222c.jpg)

mnem
"Fly, you fools!!!"
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: MK14 on October 17, 2018, 12:46:37 am
that was MK14

WARNING: This entire post is a JOKE. My attempt at humor.

Actually, maybe you have a point with all the conspiracy theories.

I've been arguing with you the last 2 pages of posts, and I haven't even needed to post anything in this thread, to accomplish it.  :-DD

Also, all these secret, special handshaking messages, with cryptic words/comics/pictures. There seems to be some kind of conversation going on, but my lack of knowledge/interest, in the right circles, means I largely don't understand what you are talking about.

I will assume that you have noticed that the forum server has been hacked by secret Chinese hackers. Hell bent on stopping Dave's EEVblog, from stopping the modern advancing Chinese army of Electronics Experts, from taking over the world.
Hence the secret/hidden messages, and handshakes.

Here's mine:

(https://imgs.xkcd.com/comics/footprints_2x.png)

WARNING: This entire post is a JOKE. My attempt at humor.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: tooki on October 17, 2018, 01:41:59 am
The lie is the one you tell yourself about "scientific method" and assuming that because we haven't proven a thing, it isn't so. Go work with some people who ACTUALLY DO SCIENCE for a living; I have. They'll tell you the same thing I just told you; true scientific method is the polar opposite of assuming ANYTHING.

But hey, feel free to call me names, disparage my intellect, whatever helps you sleep at night. It's obvious you have little more to offer than insult.

Cheers,

mnem
*not before I finish my coffee*
Dude. Go back and read the thread. You are accusing me of saying things I DID NOT SAY. I think you didn’t realize, in the heat of responding, that I’m not the person who said anything about scientific method or anything!! Next to each post is the username; please go find the posts you responded to regarding scientific method. You’ll find they’re not from me.

So stop painting me as an anti-science nut and condescendingly trying to explain the scientific method to me.

YOU are the only one here painting anyone as any kind of nut. Period. Any "nuttiness" you're feeling is either projection or your own creation.

*Goes back and rereads*

A'aight... you didn't say the stuff about "scientific method"; that was MK14. But you DID step into our charlie-foxtrot without warning in support of his POV, and you were willfully personally insulting, while I tried very hard to stick to the philosophical points and keep personal attack out of it.

Sorry, but you earned your inclusion in that response.

Cheers,

mnem
*Lunch-ify*
1. I’m not “painting” you as a nut. You’re doing a jolly good job of that yourself. Your many comments on this thread read like the crazy ramblings on the back (and front, and sides) of a Dr. Bronner’s bottle.
2. This is a public forum. I don’t need your permission (or “prior warning”) to reply to a discussion, never mind one I joined long before. Not that I feel any obligation to receive education on how to work the internet from someone who can’t even follow how a web forum works, and replies to people based on things they did not say.
3. You STILL did not understand my original reply. If you are seeing it as purely support for Mk14’s POV, then you haven’t understood it. My comment neither refuted nor confirmed either side: it simply explained that the Bloomberg story isn’t plausible. I didn’t say it’s impossible, and I didn’t say we should stop studying it!
4. Learn. To. Read. Carefully. You are repeatedly responding to arguments that are simply not there. You cannot interpolate things and then respond to your own interpolations. Just respond to what’s actually there.
5. Oh, you think you haven’t been employing personal attacks? You’ve been using them since long before my first reply to you. That you used them so liberally is why I have not held back with you. You forfeited the right to complain about name calling long ago.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: donotdespisethesnake on October 17, 2018, 01:55:12 am
So now argument in favor of Bloomberg's story comes down to "There must be something out there, I just know it!" conspiracy theories and comic strips.  :-DD

I agree though there should be an investigation. An investigation into how and why Bloomberg perpetrated a huge fraud on the public. Was it investor fraud? Journalistic overreach in pursuit of "scoop of the year"? Getting a fat bonus for moving markets? Got played by some political operatives? It's worth finding out.

In the US the press get carte blanche to print whatever lies they like, you know, "Elvis found on the Moon" etc. No one cares about tabloid stories, but Bloomberg really abuse their position and sully the reputation of serious news outlets with unfounded stories. I guess if every one else is publishing fake news, why shouldn't we...

Even the FBI, who have a policy of never confirming or denying, effectively said "the story is bunk". The NSA guy says we never heard anything about it, some of the sources Bloomberg used have said they were misquoted.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: mnementh on October 17, 2018, 03:00:17 am
that was MK14
Actually, maybe you have a point with all the conspiracy theories.

I've been arguing with you the last 2 pages of posts, and I haven't even needed to post anything in this thread, to accomplish it.  :-DD

Also, all these secret, special handshaking messages, with cryptic words/comics/pictures. There seems to be some kind of conversation going on, but my lack of knowledge/interest, in the right circles, means I largely don't understand what you are talking about.

I will assume that you have noticed that the forum server has been hacked by secret Chinese hackers. Hell bent on stopping Dave's EEVblog, from stopping the modern advancing Chinese army of Electronics Experts, from taking over the world.
Hence the secret/hidden messages, and handshakes.

Here's mine:(https://imgs.xkcd.com/comics/footprints_2x.png)
Oh, FFS... it's like trying to talk philosophy with a rooster.  :palm:

My argument is NOT that this for sure happened... my argument is that SOMETHING happened, and that this is the place to discuss it as if it had happened, even if only theoretically. This is THE PLACE for that kind of tangential discussion; by dint of its title this place has been set aside for such discussion so we aren't bothering the "normal" folk with it. If you don't LIKE that tangential discussion, you can go somewhere ELSE. Or ignore it when the rest of us talk about it.

When those of us who are interested in that discussion have it, we're not having it behind your back, we're simply not expressly including you because you've made it abundantly clear you're not interested.

I'm sorry you felt left out; just as happens at a dinner party in the real world, we were having our own conversation for a moment at the common table. I for one needed the diversion from the incessant nitpicking.    |O

Here, I'll throw you a bone; clearly we have SOME common ground in our appreciation of Randall's sense of humor:

(https://imgs.xkcd.com/comics/duty_calls.png)

There... fairsies?

1. I’m not “painting” you as a nut. You’re doing a jolly good job of that yourself. Your many comments on this thread read like the crazy ramblings on the back (and front, and sides) of a Dr. Bronner’s bottle.
2. This is a public forum. I don’t need your permission (or “prior warning”) to reply to a discussion, never mind one I joined long before. Not that I feel any obligation to receive education on how to work the internet from someone who can’t even follow how a web forum works, and replies to people based on things they did not say.
3. You STILL did not understand my original reply. If you are seeing it as purely support for Mk14’s POV, then you haven’t understood it. My comment neither refuted nor confirmed either side: it simply explained that the Bloomberg story isn’t plausible. I didn’t say it’s impossible, and I didn’t say we should stop studying it!
4. Learn. To. Read. Carefully. You are repeatedly responding to arguments that are simply not there. You cannot interpolate things and then respond to your own interpolations. Just respond to what’s actually there.
5. Oh, you think you haven’t been employing personal attacks? You’ve been using them since long before my first reply to you. That you used them so liberally is why I have not held back with you. You forfeited the right to complain about name calling long ago.

I have enough trouble dealing with the offenses I'm guilty of, and those I've already admitted to and tried to be fair. I refuse to be held responsible for the ones you've imagined. What you're saying amounts to this:

"I didn't shove the stick in the hornets nest, that was another guy. I was just passing by and tripped over it a little. Those hornets have no right to be pissed off at me!" 

You led out of the gate calling me names and speaking in a belittling manner, and you did so while interjecting into a mostly polite disagreement between two other people. Not only that, but you continue to do so, all the while blaming me for your belittling tone.  Get over yourself, man.

You earned that response; suck it up buttercup. <~~~ See that right there? THAT was me being deliberately offensive, because you pissed me off.

And I'm NOT going to apologize for it, because you earned that one too.  ;)


mnem
Wait for it... wait for it...


Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: MK14 on October 17, 2018, 03:11:09 am
it's like trying to talk philosophy with a rooster.  :palm:

SORRY!
I seem to have not explained myself very well.
The entire post, I made, which you are referring to.
Was, and is meant to be a complete JOKE.

Unfortunately, I have messed up, and not made it clear enough.
That is why I put the  :-DD :-DD :-DD in it. (Although, there was only one, and it was only pointing to the first bit, not the entire post).

My fault, I should have realized that it could be misunderstood, that it was HUMOR.

EDIT:
On re-reading my post, just before this one. I can see and understand, why it can be misunderstood. I have put in big warnings, to hopefully avoid such misunderstandings in the future.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: mnementh on October 17, 2018, 03:55:15 am
So now argument in favor of Bloomberg's story comes down to "There must be something out there, I just know it!" conspiracy theories and comic strips.  :-DD

I agree though there should be an investigation. An investigation into how and why Bloomberg perpetrated a huge fraud on the public. Was it investor fraud? Journalistic overreach in pursuit of "scoop of the year"? Getting a fat bonus for moving markets? Got played by some political operatives? It's worth finding out.

In the US the press get carte blanche to print whatever lies they like, you know, "Elvis found on the Moon" etc. No one cares about tabloid stories, but Bloomberg really abuse their position and sully the reputation of serious news outlets with unfounded stories. I guess if every one else is publishing fake news, why shouldn't we...

Even the FBI, who have a policy of never confirming or denying, effectively said "the story is bunk". The NSA guy says we never heard anything about it, some of the sources Bloomberg used have said they were misquoted.

If you look at Bloomberg's history, there is every reason to believe this story is the result of serious journalism. They have a well-earned rep for eschewing tabloid content.

So for the sake of argument, lets say that Bloomberg really has these sources, that they really brought something shocking (real or not) to their attention, and that Bloomberg did in fact commit due diligence in the preparation of this article. They have everything to lose and little to gain by changing to tabloid format this late in the game; the market is already saturated with both tabloid journalism and real evil aplenty.

The questions that come to my mind are... was it a simple "comedy of errors" type chain of misinterpreted data? Was it the result of someone or several someones deliberately misleading them to create the story? Or, and admittedly confidence is not high on this one, but it must be considered, what if the story was all or in part 100% factual and has been successfully whitewashed by one business, government or external faction or another?

My opinion is that it is most likely it is a blend of two or more of the above... and probably a sprinkling of X-Files type joojoo just for flavor. ;)

I think they discovered SOMETHING. I also think that something was damaging to one or more of the enterprise players involved, or that possibly it came very close to something deemed by TPTB to be too close to something REALLY damaging, and that possibly there was some government pressure at play. POSSIBLY.

How the whole story... not just the article, but the story of the story... has unfolded over the last couple weeks just reeks of exactly that kind of ham-fisted circle-jerk media manipulation.

That's all I've got; because that's the only answer that satisfies all the questions I have. It's not much, and yeah, it's pretty conspiracy theory... but the alternative theory that Bloomberg deliberately concocted this whole thing knowing that it would likely destroy them... is actually far more "out there" than any of those theories.

But hey, all I've got to go on is a hunch; based on the fact I've lived long enough and paid attention to have seen just this kind of skullduggery happen over and over and over again.

mnem
Hmmmm... discussion. Yummmm.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: mnementh on October 17, 2018, 04:20:52 am
it's like trying to talk philosophy with a rooster.  :palm:

SORRY!
I seem to have not explained myself very well.
The entire post, I made, which you are referring to.
Was, and is meant to be a complete JOKE.

Unfortunately, I have messed up, and not made it clear enough.
That is why I put the  :-DD :-DD :-DD in it. (Although, there was only one, and it was only pointing to the first bit, not the entire post).

My fault, I should have realized that it could be misunderstood, that it was HUMOR.

EDIT:
On re-reading my post, just before this one. I can see and understand, why it can be misunderstood. I have put in big warnings, to hopefully avoid such misunderstandings in the future.

Nope... I got the humor. I even snortled between clenched teeth at seeing "Footprints" in this context.  ;)

I did, in fact, go back and completely rewrite my response to you in much less aggro tone at realizing the olive branch you offered by means of humor.

I guess my reciprocal olive branch; "Duty Calls" was not taken as intended either. Mea culpa. I'm sorry, it was the best I could manage at the time; I'm not the best at compartmentalizing. I was still just a bit raw, and you repeating the "conspiracy theory" trigger word didn't help.

There's a difference, and I tried to make this point a while back, between trying to understand the grain of truth behind all the crazy conspiracy stuff and swallowing it whole. The way you distill that is by discussion, which was all I was defending, and I was feeling too beleaguered to be that outwardly jovial, I guess.

The truth is that what is really going on in most of American politics and Enterprise and everything intertwined in the two (of which the subject of this thread is just one tiny little aspect) for the last 4 decades reads like a potboiler spy novel; if we presented it as a reality TV show, nobody would watch it.

Maybe my cynicism has reached critical mass, I dunno.

mnem
*Namaste*
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: mikeselectricstuff on October 17, 2018, 06:18:58 am
So now argument in favor of Bloomberg's story comes down to "There must be something out there, I just know it!" conspiracy theories and comic strips.  :-DD

I agree though there should be an investigation. An investigation into how and why Bloomberg perpetrated a huge fraud on the public. Was it investor fraud? Journalistic overreach in pursuit of "scoop of the year"? Getting a fat bonus for moving markets? Got played by some political operatives? It's worth finding out.

In the US the press get carte blanche to print whatever lies they like, you know, "Elvis found on the Moon" etc. No one cares about tabloid stories, but Bloomberg really abuse their position and sully the reputation of serious news outlets with unfounded stories. I guess if every one else is publishing fake news, why shouldn't we...

Even the FBI, who have a policy of never confirming or denying, effectively said "the story is bunk". The NSA guy says we never heard anything about it, some of the sources Bloomberg used have said they were misquoted.

If you look at Bloomberg's history, there is every reason to believe this story is the result of serious journalism. They have a well-earned rep for eschewing tabloid content.

So for the sake of argument, lets say that Bloomberg really has these sources, that they really brought something shocking (real or not) to their attention, and that Bloomberg did in fact commit due diligence in the preparation of this article. They have everything to lose and little to gain by changing to tabloid format this late in the game; the market is already saturated with both tabloid journalism and real evil aplenty.

The questions that come to my mind are... was it a simple "comedy of errors" type chain of misinterpreted data? Was it the result of someone or several someones deliberately misleading them to create the story? Or, and admittedly confidence is not high on this one, but it must be considered, what if the story was all or in part 100% factual and has been successfully whitewashed by one business, government or external faction or another?

My opinion is that it is most likely it is a blend of two or more of the above... and probably a sprinkling of X-Files type joojoo just for flavor. ;)

I think they discovered SOMETHING. I also think that something was damaging to one or more of the enterprise players involved, or that possibly it came very close to something deemed by TPTB to be too close to something REALLY damaging, and that possibly there was some government pressure at play. POSSIBLY.

How the whole story... not just the article, but the story of the story... has unfolded over the last couple weeks just reeks of exactly that kind of ham-fisted circle-jerk media manipulation.

That's all I've got; because that's the only answer that satisfies all the questions I have. It's not much, and yeah, it's pretty conspiracy theory... but the alternative theory that Bloomberg deliberately concocted this whole thing knowing that it would likely destroy them... is actually far more "out there" than any of those theories.

But hey, all I've got to go on is a hunch; based on the fact I've lived long enough and paid attention to have seen just this kind of skullduggery happen over and over and over again.

mnem
Hmmmm... discussion. Yummmm.
How could an organisation as big as Bloomberg be stupid enough to publish without something as basic as a photo of the alleged "implant" ?
If this was real there would be photos. What reason would someone discovering this have to not release a photo ?
Quite literally, "Nothing to see here"
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: MK14 on October 17, 2018, 06:19:30 am
Maybe my cynicism has reached critical mass, I dunno.

I'm sorry if I seem too hostile, when people start mentioning (conspiracy ..) stuff. Some of which, might be right.

But, a silly (conspiracy ..) theory, can be created, in some 60 seconds, while not thinking straight, but it might take experts, many hours, days, weeks or even longer to robustly disprove those theories.
Which are likely to either be ignored or disbelieved by the creator(s) of the (conspiracy ..) theories.
Or they will just carry on, and 60 seconds later, produce even more (conspiracy ..) stuff.

MK14 saying about this:
"Conspiracy theories are like foolish people, who spend seconds starting crazy fires, which take firefighters, days to put out"
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: tooki on October 17, 2018, 06:47:59 am

1. I’m not “painting” you as a nut. You’re doing a jolly good job of that yourself. Your many comments on this thread read like the crazy ramblings on the back (and front, and sides) of a Dr. Bronner’s bottle.
2. This is a public forum. I don’t need your permission (or “prior warning”) to reply to a discussion, never mind one I joined long before. Not that I feel any obligation to receive education on how to work the internet from someone who can’t even follow how a web forum works, and replies to people based on things they did not say.
3. You STILL did not understand my original reply. If you are seeing it as purely support for Mk14’s POV, then you haven’t understood it. My comment neither refuted nor confirmed either side: it simply explained that the Bloomberg story isn’t plausible. I didn’t say it’s impossible, and I didn’t say we should stop studying it!
4. Learn. To. Read. Carefully. You are repeatedly responding to arguments that are simply not there. You cannot interpolate things and then respond to your own interpolations. Just respond to what’s actually there.
5. Oh, you think you haven’t been employing personal attacks? You’ve been using them since long before my first reply to you. That you used them so liberally is why I have not held back with you. You forfeited the right to complain about name calling long ago.

I have enough trouble dealing with the offenses I'm guilty of, and those I've already admitted to and tried to be fair. I refuse to be held responsible for the ones you've imagined. What you're saying amounts to this:

"I didn't shove the stick in the hornets nest, that was another guy. I was just passing by and tripped over it a little. Those hornets have no right to be pissed off at me!" 

You led out of the gate calling me names and speaking in a belittling manner, and you did so while interjecting into a mostly polite disagreement between two other people.
I was a part of this discussion long before you two started going at it. It’s a public forum, it didn’t magically become “your” discussion.

Not only that, but you continue to do so, all the while blaming me for your belittling tone.  Get over yourself, man.
I don’t think you realize how patronizing your tone was long before I addressed you. As far as I’m concerned, you earned that tone and then some. Even more so after you proved that you weren’t even aware of who you were responding to.

You earned that response; suck it up buttercup. <~~~ See that right there? THAT was me being deliberately offensive, because you pissed me off.
Ah yes, “suck it up, buttercup”: the rallying cry of the conservative right when it’s decided “I’m not going to attempt to be polite any more, and with this magic incantation, I can gaslight the recipient into thinking that they’re being oversensitive, rather than acknowledge that I’m wrong.”

And I'm NOT going to apologize for it, because you earned that one too.  ;)
You wouldn’t apologize even if you realized you were wrong.

Of course you’re so convinced that you know the truth and that everyone else is sheeple that you’ll never realize when you’re wrong.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: Cerebus on October 17, 2018, 08:42:06 am
Ah yes, “suck it up, buttercup”: the rallying cry of the conservative right when it’s decided “I’m not going to attempt to be polite any more, and with this magic incantation, I can gaslight the recipient into thinking that they’re being oversensitive, rather than acknowledge that I’m wrong.”

You're so wound up by this that you've forgotten how to judge written evidence, or so it seems. If you'd check back:

It is in fact a worse kind of ignorance; the willful kind that permits a white trash racist, rapist, misogynist, pathological liar career deadbeat sociopathic felon to squat in the White House and there's jack shit We The People can do about it.

is one of the many bits of evidence in this thread that your implicit characterisation of Mnementh* as being on the Right of American politics is woefully off mark.

Really, I suggest you perhaps cool your heels on this topic for a day or two. You've got so heated that you're not thinking straight and being far too prone to shooting first and asking questions later. Go and start a thread where you can have an argument with me about 'merkin being the original and more genuine form of the Queen's** English.



* Apparently Pernish for "Awkward bastard who picks a name that is hard to remember how to spell".
** Elizabeth I's English - perhaps, Elizabeth II's - not on your nellie.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: tooki on October 17, 2018, 08:53:54 am
Oh, I’m not saying that mnementh himself is on the right. It’s just the right that uses that phrase all the time to self-congratulate on being rude and obtuse — in mentioning that, it’s simply to remind that it’s nothing more than gaslighting.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: FrankBuss on October 17, 2018, 10:54:39 am
A video on Computerphile. Nothing new, but the interesting idea that such a chip could be hidden inside the PCB itself between the layers. This would be really difficult to detect, if you don't x-ray the PCBs and carefully examine and compare the images.

https://www.youtube.com/watch?v=eOPLQxGNmHA (https://www.youtube.com/watch?v=eOPLQxGNmHA)
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: mnementh on October 17, 2018, 12:46:54 pm
Maybe my cynicism has reached critical mass, I dunno.

I'm sorry if I seem too hostile, when people start mentioning (conspiracy ..) stuff. Some of which, might be right.

But, a silly (conspiracy ..) theory, can be created, in some 60 seconds, while not thinking straight, but it might take experts, many hours, days, weeks or even longer to robustly disprove those theories.
Which are likely to either be ignored or disbelieved by the creator(s) of the (conspiracy ..) theories.
Or they will just carry on, and 60 seconds later, produce even more (conspiracy ..) stuff.

MK14 saying about this:
"Conspiracy theories are like foolish people, who spend seconds starting crazy fires, which take firefighters, days to put out"

The world around us is full of real conspiracy. Every day we find real evidence of some business, celebrity, or politician (usually more than one) involved in some heinous act and trying to cover it up. It is far more dangerous in this age to think that just because something sounds like a conspiracy theory that it is nuttery than that there is some grain of truth to it. You do so at your own peril.

The question then becomes "just how assache are you willing to put into a specific theory". That of course is always a case by case basis; both the person and the theory involved. I try to give a LITTLE more latitude; but then, I enjoy the occasional mental exercise. And that, BTW, is why I came into this thread specifically devoted to a conspiracy theory.  Again... This is THE PLACE for this kind of discussion. Why would you come in here and NOT expect people to want to discuss conspiracy theories?

Oh, BTW... (Raises hand) REAL firefighter here. (Retired) You wanna have a side conversation about Draeger Pacs and BLEVEs? I'm your guy.  :-+

(SNIP Lots and lots of reiterations of the same exact shit over and over again-mnem)
Quote from: mnementh
And I'm NOT going to apologize for it, because you earned that one too.  ;)
You wouldn’t apologize even if you realized you were wrong.

Of course you’re so convinced that you know the truth and that everyone else is sheeple that you’ll never realize when you’re wrong.

I've already proven that I have no problem apologizing. But you're so busy being right you never bothered to notice. You also still haven't noticed that I deliberately turned your own argument on its head and fed it right back to you several posts ago; hence the...

Quote from: mnementh

mnem
Wait for it... wait for it...

...at the end.

But I know I can be an asshole. I try to temper my judgement of every person I meet with the knowledge that we all... each and every one of us... take our turn being the asshole at one time or another. Sooner or later, it's gonna be my turn, so try not to be too judgemental.

It's inevitable; part of human nature. Eat. Sleep. Try not to be an asshole & sometimes fail, repeat.

I'm sorry I was an asshole. I'm trying really hard NOT to be an asshole now. Can we please just move forward, before Cerebus has to bring out the conversational cutlery? I can already hear the sound of steel against whetstone...

mnem
*Off to work*
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: coppercone2 on October 17, 2018, 12:52:34 pm
i wanna see a pie chart with the contents of this thread explained I don't think I can read it anymore its out of control
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: mnementh on October 17, 2018, 12:56:55 pm
(https://www.eevblog.com/forum/chat/chinese-manufacturer-puts-hardware-backdoor-onto-supermicro-server-boards/?action=dlattach;attach=549887;image)

mnem
yum.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: Marco on October 17, 2018, 02:49:57 pm
A video on Computerphile. Nothing new, but the interesting idea that such a chip could be hidden inside the PCB itself between the layers. This would be really difficult to detect, if you don't x-ray the PCBs and carefully examine and compare the images.

Why bother putting something in between the flash and BMC? Just make your own flash chip instead. Designing the tiny interceptor and hiding it in the PCB is harder than just putting it directly in the flash IC.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: MK14 on October 17, 2018, 03:59:10 pm
MK14 saying about this:
"Conspiracy theories are like foolish people, who spend seconds starting crazy fires, which take firefighters, days to put out"

The world around us is full of real conspiracy. Every day we find real evidence of some business, celebrity, or politician (usually more than one) involved in some heinous act and trying to cover it up. It is far more dangerous in this age to think that just because something sounds like a conspiracy theory that it is nuttery than that there is some grain of truth to it. You do so at your own peril.

The question then becomes "just how assache are you willing to put into a specific theory". That of course is always a case by case basis; both the person and the theory involved. I try to give a LITTLE more latitude; but then, I enjoy the occasional mental exercise. And that, BTW, is why I came into this thread specifically devoted to a conspiracy theory.  Again... This is THE PLACE for this kind of discussion. Why would you come in here and NOT expect people to want to discuss conspiracy theories?

Oh, BTW... (Raises hand) REAL firefighter here. (Retired) You wanna have a side conversation about Draeger Pacs and BLEVEs? I'm your guy.  :-+

Analogy on why conspiracy theories produce way too much noise, and too little signal, to regularly take notice of them:

It's like spending the day, with an excited 4 year old child, running around, downstairs for a while.

They may shout out every 5 minutes:
"The TV is broken"
"They can see a bad man through the window"
"The house across the street is on fire"
"The water tap is broken"

So one could, immediately do the following:
Call the TV repair man to come over
Phone the Police via the emergency number
Phone for the firefighters to come
Phone for a plumber to fix the tap

But there is a big chance, there are no real problems (just like conspiracy theories), because:
They were using the WRONG remote, to try to operate the TV
The "bad man", was just a neighbor, wearing a uniform and going to work
There is a small bonfire in the garden, across the street, NOT a house-fire
The "tap" is fine, it was just turned off too tightly by an Adult, for them to be able to release it
Etc etc

Yes, there is a relatively small chance, that any one of the "issues", the child raises every 5 minutes (approx), is real. But, most of the time, it is just a normal mistake, that children often make.

Conspiracy theories are similar.

E.g. YouTube went down for an hour or two, recently. There were soon conspiracy theories, that the Moon had been struck by a huge object, and so the (implied) Government(s), had got youtube switched off, to stop people noticing from live video feeds of the Moon.

To me, it is obvious that the Moon story is crazy/false. But some people might wait until tonight, go outside, and look up to check the Moon is still there.

There are much more likely explanations, such as that the youtube servers had a software fault(s) or crashed, or even they were hacked. These are sensible possibilities.
But a huge asteroid hitting the moon and/or aliens landing on the Moon, needs huge/big evidence and pictures, or it didn't happen.

So my default behavior, is to treat most conspiracy theories, as if they are FALSE, until there is sufficient evidence, to give them some merit.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: tooki on October 17, 2018, 05:11:46 pm
Analogy on why conspiracy theories produce way too much noise, and too little signal, to regularly take notice of them:

[snip]

So my default behavior, is to treat most conspiracy theories, as if they are FALSE, until there is sufficient evidence, to give them some merit.
:-+ :-+ You hit the nail on the head: signal to noise ratio. Love your analogy!
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: FrankBuss on October 17, 2018, 06:08:35 pm
A video on Computerphile. Nothing new, but the interesting idea that such a chip could be hidden inside the PCB itself between the layers. This would be really difficult to detect, if you don't x-ray the PCBs and carefully examine and compare the images.

Why bother putting something in between the flash and BMC? Just make your own flash chip instead. Designing the tiny interceptor and hiding it in the PCB is harder than just putting it directly in the flash IC.

It would be probably still cheaper to hide a chip inside the PCB than building your own modified flash IC, because you could use an off-the-shelf microcontroller for it.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: mnementh on October 17, 2018, 09:08:25 pm
Analogy on why conspiracy theories produce way too much noise, and too little signal, to regularly take notice of them:

[snip]

So my default behavior, is to treat most conspiracy theories, as if they are FALSE, until there is sufficient evidence, to give them some merit.
:-+ :-+ You hit the nail on the head: signal to noise ratio. Love your analogy!

Great! you agree with each other! Now when you two are done patting each other on the back, could you PLEASE take it SOMEWHERE ELSE BESIDES the thread BASED ON A FUCKING CONSPIRACY THEORY?

In HERE, YOU and your constant bitching about conspiracy theories ARE THE NOISE!!!

mnem
 :palm:
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: MK14 on October 17, 2018, 09:20:24 pm
Analogy on why conspiracy theories produce way too much noise, and too little signal, to regularly take notice of them:

[snip]

So my default behavior, is to treat most conspiracy theories, as if they are FALSE, until there is sufficient evidence, to give them some merit.
:-+ :-+ You hit the nail on the head: signal to noise ratio. Love your analogy!

Thanks!

EDIT:
It is difficult putting a message here, because it will be read by everyone.
But, people who strongly believe in many/all conspiracy theories, (in my experience) tend to also be people, who extremely (impossibly) stubbornly, won't listen to logical/scientific/sensible/evidence. How ever long you patiently spend, trying to explain it to them.
So, don't get annoyed with them. I find they can be nice people, in other respects.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: MK14 on October 17, 2018, 10:00:03 pm
Apparently, a researcher, has done a "sniff test", and hence investigation. On the plausibility/viability, of the possible hardware hack. He explains in nice details, why/how it could work.

The second link, is actually included in the story of the first link.

https://www.theguardian.com/commentisfree/2018/oct/13/tech-giants-us-chinese-spy-chips-bloomberg-supermicro-amazon-apple (https://www.theguardian.com/commentisfree/2018/oct/13/tech-giants-us-chinese-spy-chips-bloomberg-supermicro-amazon-apple)

https://www.lightbluetouchpaper.org/2018/10/05/making-sense-of-the-supermicro-motherboard-attack/ (https://www.lightbluetouchpaper.org/2018/10/05/making-sense-of-the-supermicro-motherboard-attack/)

But, it is very easy to create hypothetical stories about "bad" China.

What we really need is the real evidence. I.e. Server(s) which have been hacked and can be independently verified and/or the attacked/hacked parties to confirm/agree they were attacked.

Otherwise, it just looks like a falsely made up or planted story.
I.e. It would be getting like Russian media, which seems to create a lot of stories, which are maybe possible. But they need evidence to confirm, they are not just figments of the Russian propaganda machine.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: mnementh on October 17, 2018, 10:24:29 pm
Analogy on why conspiracy theories produce way too much noise, and too little signal, to regularly take notice of them:

[snip]

So my default behavior, is to treat most conspiracy theories, as if they are FALSE, until there is sufficient evidence, to give them some merit.
:-+ :-+ You hit the nail on the head: signal to noise ratio. Love your analogy!

Thanks!

EDIT:
It is difficult putting a message here, because it will be read by everyone.
But, people who strongly believe in many/all conspiracy theories, (in my experience) tend to also be people, who extremely (impossibly) stubbornly, won't listen to logical/scientific/sensible/evidence. How ever long you patiently spend, trying to explain it to them.
So, don't get annoyed with them. I find they can be nice people, in other respects.

You do realize that you've just "discovered" a boorishly common analogy that literally dates back to UseNet and the days of dialup, right?   :-DD

I was probably using the term in alt.sci.repair when you lot were in diapers.

mnem
 :popcorn:
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: tooki on October 18, 2018, 12:17:37 am
You do realize that you've just "discovered" a boorishly common analogy that literally dates back to UseNet and the days of dialup, right?   :-DD
SNR or the children? The analogy I was referring to is the involved analogy about children. Obviously SNR is a well established term, that IMHO isn’t reeeeally an analogy anyway.

I was probably using the term in alt.sci.repair when you lot were in diapers.
Technically possible, but not terribly likely, since Usenet is slightly younger than I am, and I was only in diapers for a few short years as a baby. ;)

Of course, even if you are older than me, that has no correlation to wisdom or critical thinking ability. (FYI: a huge part of critical thinking is being able to detect and reject bad science, unreliable sources, etc. Accepting anything and everything as a possibility is NOT an indicator of good critical thinking, quite the contrary. As the saying goes, keep an open mind, but not so open that your brains fall out.)
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: MK14 on October 18, 2018, 12:29:11 am
As the saying goes, keep an open mind, but not so open that your brains fall out.)

That is a very good one.
It's good to keep an open mind, because there could be things going on, beyond, what you are immediately considering.

E.g. You are measuring the temperature, of a suspect, overheating transistor.

Your open mind, needs to notice/realize that the heatsink has fallen off, which is why the transistor's temperature readings have gone so high.

**But not so open, that it wastes time, ignoring the evidence in front of you, and thinks the overheating transistor, is being caused by aliens, from another universe, because they don't want humans to invent transistor technology, and invade their galaxy, in another century.

**Unless, you are an upcoming book/film writer, who is going to come up with the next, star trek/wars, stuff. In which case, please carry on.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: mnementh on October 18, 2018, 12:44:00 am
I said probably, because statistically, it's true. Anyone I talk to on the internet, it's highly probable I've been online since they were in diapers, enough so that the few times it isn't so fall within the statistically insignificant margin of error that would be discarded anyways. Congrats! You made the cut!  :-+

And again... it doesn't matter. THIS is not the place for that crap. Pretty much ANYWHERE ELSE on eevBlog (aside from the few other Conspiracy Theory threads) this is appropriate response... but in here, a thread set aside for us to discuss such wacky shit so we don't bother the normals, it borders on trolling. PARTICULARLY as has been done here, where you guys just WILL NOT LET UP. 

We get it. You think Conspiracy Theories are dumb. You've displayed your intellectual prowess for all to see.

Now move along... nothing to see here. ;)

mnem
 :popcorn:

Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: Mr. Scram on October 18, 2018, 01:39:59 am
Guys, it may be time to roll them back into your pants. We've seen enough and we're not impressed. ;D
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: mnementh on October 18, 2018, 04:51:32 pm
(https://www.eevblog.com/forum/index.php?action=dlattach;topic=142958.0;attach=550784;image), THAT is exactly the point... what I'm saying (when I have a chance) is essentially exactly what George is saying here: QUESTION EVERYTHING.

All I want to do is DISCUSS LIKE ADULTS the conspiracy theory that is the TITLE of this freaking thread, yet I'm getting to spend nearly ZERO time doing that for having to fend off sophomorically pedantic and personal attacks on the very concept of conspiracy theories.  |O   Shockingly, that is not the least bit fun.   >:(

mnem
 :popcorn:
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: cdev on October 19, 2018, 12:35:02 am
Good article on this story from a Cambridge security researcher here: https://www.lightbluetouchpaper.org/2018/10/05/making-sense-of-the-supermicro-motherboard-attack/ (https://www.lightbluetouchpaper.org/2018/10/05/making-sense-of-the-supermicro-motherboard-attack/)







Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: CaptCrash on October 19, 2018, 01:44:14 am
I remember an example at a partner company to where I worked where data was transmitted by issuing DNS queries from a compromised system using the DNS infrastructure as a very slow semaphore.

How was this detected? I guess if you fully control the server, you could monitor the internet traffic and then compare all internet traffic with the installed programs. But if it is something like an Amazon cloud server, you would need to analyze every customer application. So it would be impossible to detect hidden traffic, except by detecting the hidden program itself. This makes it again more plausible to install something in the hardware, which can initiate network traffic outside of the core CPUs itself, because hidden programs with high privilege, which has suspicious network traffic, might be easier to detect. Of course, would be much better to install a modified BMC chip instead of an extra chip, maybe with 2 layers, like running the transferred firmware in the normal layer, but one hidden layer above an additional spy firmware. But would be much more expensive, if they need to change the die for it.

In this case the partners servers were utilizing DNS services in our DMZ environment.
The amount of traffic being reported leaving this DMZ increased and we were troubleshooting what we through was an issue with our servers.  It turned out to be an issue with the partners servers on the other side of a VPN between the sites.
The discovery came about due to testing a new reporting process tracking interzone traffic within our production network.  Luck did play a large part in the discovery.

Working out what the partner servers were doing was due to me explaining to a junior staff member how DNS worked (DNS forwarders and root servers).  As part of this I was demonstrating  how the caching worked for our internal DNS and during the process cleared the cache, to demonstrate.
Up to this point, it just appeared that the partner company was doing regular DNS lookups (unusual to use our services but not unreasonable).  That they were querying external hosts was unusual.
On clearing the DNS cache on our DNS servers, the odd domain and host entries were quickly repopulated and this caught our attention.

From there we started capturing the packets, verified the source of the traffic and the oddity of the destination, contacted the partner and shutdown the partner servers access to our services.

Later on the service was re-enabled to our test infrastructure and full packet captures were collected.

Trying to resolve something like this from a shared cloud resource would be next to impossible.  From a dedicated server, in a cloud environment, the process would be exactly the same.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: mnementh on October 19, 2018, 06:09:53 am
Good article on this story from a Cambridge security researcher here: https://www.lightbluetouchpaper.org/2018/10/05/making-sense-of-the-supermicro-motherboard-attack/ (https://www.lightbluetouchpaper.org/2018/10/05/making-sense-of-the-supermicro-motherboard-attack/)

You see, that's the bit that's always seemed flaky to me, yet this guy is saying it seems okay. Why would you NOT use the same package as belongs there? To connect to that you'll either have to alter the board or put it on a breakout wafer of its own. That odd little part in the middle of an unpopulated footprint for something else actually WOULD look suspicious to me; drop a soic 8/16 chip on there with a phony label and nobody would ever notice it.

I always thought it was just one of those "Stupid cover pics" like when some magazine shows you a picture of a supposed RF "bug" that's nothing more than a microphone element with a diode and a resistor soldered to it.  :palm: That's also why I thought all the argument over the package could support a processor powerful enough, had enough pins, etc was just inane nitpicking.

The ONLY reason I can think of to use that odd tiny package would MAYBE be to go unnoticed by robotic eyes in the QC phases... of course, if you're doing this from within the company, you can just add the soic8/16 to the QC template until after the job is done is and the robot cameras would ignore it unless it was installed wrong.

Of course, the "stupid cover pic" argument also applies to the mainboard depicted; it's also probably something they were easily able to pull together from images off the net, not the specific board in question... so the device package and the place it goes could either or both be just "representations", even though the location shown is suspiciously correct for the purpose claimed.

mnem
 :popcorn:
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: bd139 on October 19, 2018, 06:57:57 am
BTW I’ve spent most of my week trying to get hold of the proposed Supermicro B1DRI blades and I can’t get one anywhere. Thought it might be interesting. Boo hiss. Everyone is using HP or Dell blades and said “why would I buy Supermicro blades?”. Supermicro appears to have the niche of 1U shite pushing boxes and I doubt the bottom end boards are compromised. Doesn’t seem like a valuable target.

I can get hold of other server boards but it’s not worth digging around on one without some sort of positive correlation.

And thus ends my interest in the matter :(
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: FrankBuss on October 19, 2018, 08:43:24 am
BTW I’ve spent most of my week trying to get hold of the proposed Supermicro B1DRI blades and I can’t get one anywhere. Thought it might be interesting. Boo hiss. Everyone is using HP or Dell blades and said “why would I buy Supermicro blades?”. Supermicro appears to have the niche of 1U shite pushing boxes and I doubt the bottom end boards are compromised. Doesn’t seem like a valuable target.

Someone is selling it on eBay, but the whole blade, not just the board:

http://cgi.ebay.de/142875604607 (http://cgi.ebay.de/142875604607)

Might even have a harddisk, the auction text is not clear.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: bd139 on October 19, 2018, 09:22:57 am
Yes to note I am trying to do this for £0  :-DD
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: TimNJ on October 19, 2018, 03:01:36 pm
Macrofab Podcast published this podcast with a very interesting discussion on the state of hardware/supply chain security. Worth a listen!

https://macrofab.com/blog/mep-ep-142-supply-chain-conspiracy-securities/
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: Mr. Scram on October 19, 2018, 03:28:27 pm
Yes to note I am trying to do this for £0  :-DD
I'd be willing to chip in for a board, though absence of a part would prove nothing.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: mnementh on October 19, 2018, 04:23:28 pm
Macrofab Podcast published this podcast with a very interesting discussion on the state of hardware/supply chain security. Worth a listen!

https://macrofab.com/blog/mep-ep-142-supply-chain-conspiracy-securities/

"There's a lot of Kabuki theater of denial going on about this, we just don't know if the story is real. But just look at it this way: Does it really matter if it's real? Because if it hasn't happened yet, how long do we have to wait until it does?"

The terrifying takeaway from this conversation is how bluntly it confirms the most cynical notion that the single major form of IT security employed today still boils down to one form or another of "Security Through Obscurity".  The constant cat & mouse between exploiters and IT security people is really just another aspect of that. Every new level of security we apply is only as good as discovery time to the next exploit.

That's exactly where I was going with this comment:

The reason you say that is because you think like a westerner, where you have to pay a third party to make the hardware. They OWN the foundries where this stuff is forged; for them electronic hardware is as fluid and dynamic as the software used to create it. It is just the CUSTOMER who has to pay for changes, because revision is their stock in trade. ;)

A custom device, completely self-contained from the device it is monitoring, is the obvious choice from a security penetration standpoint, as EVERYTHING software that is supposed to be there has the potential to be reviewed while the device is IN USE.

And the use of such a device instantly allows deniability... it becomes much harder to track down where in the supply chain such a device was added; no way of knowing, or even guessing, whether the device was intercepted and the bug planted after the fact, or if it was contracted by one of the "Five Eyes, etc" groups to be produced in a "special run" of product that supposedly "never existed".

Really... you're thinking like a normal, sane person and attempting to apply LOGIC to the actions of government and enterprise BUREAUCRACY... that is why you can't imagine this. ;)

mnem
Follow. The. Money.

Interesting though that they do address my previous comment about "Why not just drop a phony chip on there that looks like what belongs?" In that either is feasible... the pics could just be "dramatization" of what was really discovered, or equally possible is that it really is just that easy at that stage to move a few traces to allow connection to that little grain of rice.

I hate having my most cynical notions confirmed... or at least "not reasonably disproven". It beats the sh** out of my attempts to maintain a generally hopeful attitude towards human nature.  |O

mnem
 :popcorn:
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: donotdespisethesnake on October 19, 2018, 05:41:02 pm
"I spoke to another conspiracy theorist and he confirmed we are probably/maybe/possibly being visited by aliens, but even if we are not, it must be inevitable, surely?"

 :-DD
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: mnementh on October 19, 2018, 06:21:31 pm
You are conflating two completely different quantum levels of conspiracy theory. Science fiction vs science fact.

The difference here being that we have proven that this exact kind of skullduggery exists, because we've seen similar attacks performed by our own alphabet soup agencies, and concrete proof thereof.

The difference here is not substance, but choice of vector. A COMPLETELY different level of "What If?"

[EDIT]

I was really hoping that these guys, who work directly with the kinds of manufacturing involved, could lay down some meager reassurance that there was some level of  security at this level of production. Of course, they probably don't work with the specific factory in question, so still a case of "Absence of proof ≠ proof of absence"; even as horrifying a picture as they paint of that supply chain in general, it's still POSSIBLE that the particular factory SuperMicro contracted with actually has some reasonable physical security in place.  :palm:

[/EDIT]

Cheers,

mnem
 :popcorn:

Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: BravoV on October 19, 2018, 06:47:21 pm
Apple CEO Tim Cook Is Calling For Bloomberg To Retract Its Chinese Spy Chip Story

https://www.buzzfeednews.com/article/johnpaczkowski/apple-tim-cook-bloomberg-retraction (https://www.buzzfeednews.com/article/johnpaczkowski/apple-tim-cook-bloomberg-retraction)
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: mnementh on October 19, 2018, 06:58:52 pm
Oooohhhh! The Kabuki Theater continues!!!  Do I have time to run down to concessions? I'm all out of popcorn!!!  :-DD

mnem
 :popcorn:
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: bd139 on October 19, 2018, 07:22:32 pm
It’s certainly interesting!

Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: chris_leyson on October 19, 2018, 09:59:03 pm
Not surprised Tim Cook isn't happy about the story, who would be. SuperMicro stock at $14 down from $25. If I was Charles Liang, CEO of SuperMicro, I wouldn't be happy either with a made up story about infiltrated supply chains. From a legal point of view I think Bloomberg are skating a very thin ice just to make news. Allegedly.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: FrankBuss on October 20, 2018, 01:13:57 am
Not surprised Tim Cook isn't happy about the story, who would be. SuperMicro stock at $14 down from $25. If I was Charles Liang, CEO of SuperMicro, I wouldn't be happy either with a made up story about infiltrated supply chains. From a legal point of view I think Bloomberg are skating a very thin ice just to make news. Allegedly.

I wonder why SuperMicro doesn't sue Bloomberg for reputational damage or something. Usually these big companies have big legal departments and sue a lot, just see all the patent lawsuits.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: tooki on October 20, 2018, 01:22:25 am
I wonder why SuperMicro doesn't sue Bloomberg for reputational damage or something. Usually these big companies have big legal departments and sue a lot, just see all the patent lawsuits.
I am sure that SuperMicro has its lawyers drafting up the papers while their QA and engineering (and probably some outside contractors, for neutrality's sake) tear apart hundreds of boards with a microscope and x-ray machines to make sure they are correct. The last thing they want is to sue Bloomberg and it turns out Bloomberg was right. I don't think that's the case, but SuperMicro is going to make damned sure they have a case, and when they do, they're probably not going to approach it gingerly.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: mnementh on October 20, 2018, 04:09:59 am
Yeah, that's what we've said before will be the proof of the pudding... if/when these companies sue Bloomberg.

It may be they're very busy cleaning house and retconning records to be sure there's no chance it's true, and nothing that points, even faintly, towards it being possible... which thought is almost as scary as if it is true.

Time for the 3rd (4th?) Act in our little Kabuki Theater; I hear Kimiko is pregnant!  :-DD

mnem
 :popcorn:
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: Cerebus on October 20, 2018, 08:16:29 am
Time for the 3rd (4th?) Act in our little Kabuki Theater; I hear Kimiko is pregnant!  :-DD

I think you'd be better off characterising it as Noh theatre. Everybody wears masks, there are five one act plays in a programme, with a comedy piece somewhere in the middle.

Given the origins, it's not impossible that the comedy piece could conceivably involve a dwagon.  :)
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: Marco on October 20, 2018, 11:30:26 am
What is the latest law made from the bench (aka jurisprudence) on companies as public figures in the US? If Supermicro has to prove malice it's an uphill battle.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: Cerebus on October 20, 2018, 04:45:29 pm
What is the latest law made from the bench (aka jurisprudence) on companies as public figures in the US? If Supermicro has to prove malice it's an uphill battle.

I think you probably mean precedent, not jurisprudence.

Quote
jurisprudence |ˌdʒʊərɪsˈpruːd(ə)ns|
noun [ mass noun ]
the theory or philosophy of law.

Quote
precedent
noun |ˈprɛsɪd(ə)nt|
an earlier event or action that is regarded as an example or guide to be considered in subsequent similar circumstances: there are substantial precedents for using interactive media in training.
• Law a previous case or legal decision that may be or (binding precedent) must be followed in subsequent similar cases: we hope to set a legal precedent to protect hundreds of miles of green lanes.

What do you mean by "companies as public figures"? It's an odd phrase, and I can think of no particular relevance to defamation law.

Beware with the law of defamation. It is highly variable between jurisdictions both national and, in the case of the US, the jurisdictions of individual States. What law applies may depend very strongly on where the allegations were made, and what States/countries a plaintiff may be legally able to, or may choose to, take action in. Also, although many people think they know what the law is, experience and some formal instruction in defamation law in a previous life as a journalist, tells me that they are often mistaken.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: mnementh on October 20, 2018, 05:15:15 pm
It's a fair question, actually... even if phrased poorly.

As new laws are bought by the involved corporations, the current shift towards sanctioned "corporate personhood" affects all aspects of law.

Sad to say, but the current free-for-all has potential to increase exponentially in complexity and frequency... further distancing the average citizen from anything resembling justice.    :palm:

mnem
*Sigh*



Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: mnementh on October 20, 2018, 05:29:44 pm
Time for the 3rd (4th?) Act in our little Kabuki Theater; I hear Kimiko is pregnant!  :-DD
I think you'd be better off characterising it as Noh theatre. Everybody wears masks, there are five one act plays in a programme, with a comedy piece somewhere in the middle.

Given the origins, it's not impossible that the comedy piece could conceivably involve a dwagon.  :)
Yes, and a favorite theme of said comedy involves said dwagon dying (usually a victim of his own hubris) comically and ironically at the hands of an incompetent or child protagonist.   :palm:
As you might imagine, not my favorite flavor of humor. ;)  However, the rest of your characterization is pretty spot on... including drama twice-distilled to improve its potency. :-DD

mnem
"Dying is easy; now comedy... that's hard."
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: Marco on October 20, 2018, 08:37:11 pm
What do you mean by "companies as public figures"? It's an odd phrase, and I can think of no particular relevance to defamation law.
If the company counts as a public figure they have to prove malice, in this old case (http://californiadefamation.com/uncategorized/important-decision-on-public-figure-status-in-prominent-libel-case/) a company was not deemed one ... but times change and law is hard to google.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: bd139 on October 23, 2018, 08:39:35 am
Interesting read:

https://www.businessinsider.com/bloomberg-reporters-compensation-2013-12?IR=T (https://www.businessinsider.com/bloomberg-reporters-compensation-2013-12?IR=T)
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: BravoV on October 23, 2018, 09:04:29 am
Interesting read:

https://www.businessinsider.com/bloomberg-reporters-compensation-2013-12?IR=T (https://www.businessinsider.com/bloomberg-reporters-compensation-2013-12?IR=T)

As expected, and also "outsider" trading is legit right ?  >:D
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: mnementh on October 23, 2018, 02:25:58 pm
Yes, but this is hardly news!  :-DD

Journalism has ALWAYS functioned this way; whether it's in the contract or the "unspoken law" that "you will break stories or you won't be here long", this has ALWAYS been the way the profession works. J. Jonah Jameson may be a caricature, but he's STILL an amalgam of real people, and there are plenty in the trade who still operate exactly the same way, even if only slightly less blatant about it.

Also: Seriously? Now we're having a shitfit because a "news agency" deliberately used sensationalist language in a headline?   ::)

mnem
"Nothing to see here, move along..."
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: tooki on October 23, 2018, 07:38:54 pm
 :palm: :palm: :palm: |O |O  |O :-DD

Remunerating journalists based on how they move the market is absolutely, positively not normal.

Historically, journalists are either salaried or paid by the piece. (Nowadays, there’s a shift towards unpaid journalism, which is unsustainable.)
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: tooki on October 23, 2018, 07:42:29 pm
And no, it’s not about a “sensationalist” headline. It’s about an entire article whose allegations are likely completely false!!!
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: donotdespisethesnake on October 23, 2018, 08:29:25 pm

Journalism has ALWAYS functioned this way;

Nope, that's total  :bullshit: !

OTOH The media have ALWAYS published false or overblown stories - and Bloomberg have a history of this. Yet strangely, you are desperate to believe your conspiracy theory version than the simpler explanation that Bloomberg published a lemon. Whether the journalists were in search of Scoop of the Year or a fat bonus, we don't know, but we do know there is ZERO, ZILCH, NADA hard evidence for their story.

It's all very well people calling for transparency from SuperMicro, Apple, Amazon, how bout some transparency from Bloomberg.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: mnementh on October 23, 2018, 11:06:00 pm
No, what you just said is total BS. They do NOT have a "History" of this; they have a history of aggressive journalism and usually pissing off powerful people. That is NOT the same as tabloid journalism, not by a long shot.

Actually... I do believe they did publish a lemon... but I don't believe they set out to do so. I believe they found SOMETHING; still not sure what. Now whether the lemon was theirs; simply a matter of not digging deep enough, or was it a handoff from a third party to play them for fools, and why... that's the question.

I don't hold ANYTHING as impossible... I just find it much more likely, in this age of global deceit from all manner of enterprise and government agencies, that they would NOT deliberately choose this form of suicide, but were rather herded in that direction. Up to this point, I certainly trust their history of "journalistic integrity" (a relative term, for sure, especially compared to the journalism heroes of my youth) far more than ANY word that comes from our own government; ESPECIALLY this administration, "The House That Lies Built".

The notion that they deliberately went full tabloid at this late stage of the game is VERY low on my list of likely scenarios for them; there's just no payoff in it for them, only for other people.

Cheers,

mnem
"Good night, and good luck."
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: tooki on October 24, 2018, 10:19:08 am
No, what you just said is total BS. They do NOT have a "History" of this; they have a history of aggressive journalism and usually pissing off powerful people. That is NOT the same as tabloid journalism, not by a long shot.
Ummm, you can be aggressive journalism and piss off powerful people and still be writing a truthful story. (FWIW, my stepdad was a economics journalist who literally made a career of pissing off life insurance companies.)

Actually... I do believe they did publish a lemon... but I don't believe they set out to do so. I believe they found SOMETHING; still not sure what. Now whether the lemon was theirs; simply a matter of not digging deep enough, or was it a handoff from a third party to play them for fools, and why... that's the question.
Well, as an investigative journalist, your job is to find out the truth. Here, regardless of who actually created the suspected untruths, Bloomberg did not discount questionable sources. On the contrary, it appears that Bloomberg stayed the course even as they got more and more indicators that the story was wrong.

I don't hold ANYTHING as impossible... I just find it much more likely, in this age of global deceit from all manner of enterprise and government agencies, that they would NOT deliberately choose this form of suicide, but were rather herded in that direction. Up to this point, I certainly trust their history of "journalistic integrity" (a relative term, for sure, especially compared to the journalism heroes of my youth) far more than ANY word that comes from our own government; ESPECIALLY this administration, "The House That Lies Built".
Believing “ANYTHING” is possible is, well, crazy, and it must be exhausting. Some things are categorically impossible, and others are technically possible but incredibly implausible. Being able to filter out things that aren’t worth investigating is a critical skill, not a deficiency!!!!

Is this administration untrustworthy: absolutely. But that’s neither here nor there, they’re not a significant player in this incident. (However, that Apple is willing to represent to Congress (or whatever government panel it was) that the story is untrue, meaning that they’d be purjuring themselves by lying, is very telling.)

The notion that they deliberately went full tabloid at this late stage of the game is VERY low on my list of likely scenarios for them; there's just no payoff in it for them, only for other people.
Nobody said that it’s necessarily Bloomberg that invented the narrative. Please stop putting words in people’s mouths. What is indisputable is that Bloomberg published the story and has continued defending it. Whether the Bloomberg journalist invented the narrative himself, or was duped by others, is still unknown.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: borjam on October 24, 2018, 10:43:23 am
Actually... I do believe they did publish a lemon... but I don't believe they set out to do so. I believe they found SOMETHING; still not sure what. Now whether the lemon was theirs; simply a matter of not digging deep enough, or was it a handoff from a third party to play them for fools, and why... that's the question.
The question is, what's that "SOMETHING"? I am pretty sure this scenario has been studied thoroughly by interested parties. Surely there have been proofs of concept.

Remember the First Gulf War? There was that news piece about some modified laser printers sold to Iraq set out to disrupt a network. It seems it turned out to be a hoax, but it was feasible at least.

http://vmyths.com/2010/11/28/wwii/ (http://vmyths.com/2010/11/28/wwii/)

https://www.wired.com/2008/05/kill-switch-urb/ (https://www.wired.com/2008/05/kill-switch-urb/)

It's not hard to believe that a laser printer with a MB or two of memory (PostScript printer?) could have been manipulated to perform some trivial DoS attack inside a network. Considering the state of security in 1991...

Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: mnementh on October 24, 2018, 01:36:24 pm
Nobody said that it’s necessarily Bloomberg that invented the narrative. Please stop putting words in people’s mouths. What is indisputable is that Bloomberg published the story and has continued defending it. Whether the Bloomberg journalist invented the narrative himself, or was duped by others, is still unknown.
YOU are the one putting words in people's mouths. You invent arguments I never made, and you post constantly about how wrong I am in those inventions.

I'm sick of your incessant nattering and demeaning tone. You STILL have yet to add anything constructive to the conversation; all your energy here of the last week has been spent tearing ME down rather than the actual subject of the thread. Get a life. It's not all about YOU.  :palm:

mnem
"Never argue with a fool; first they drag you down to their level, then they beat you up with experience."



Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: bd139 on October 24, 2018, 03:25:31 pm
I’ve kept my gunpowder dry here as I want to nail a point home once everyone was getting all pissy.

I’ve actually been part of the bad stuff behind the scenes. I worked on contract to build systems for collecting and aggregating public opinion to see if marketing organisations had shifted it or not. Marketing organisations pay for this service to see if marketing had any real world impact.

They had no marketing customers at all. It was a front. They were all mass media trying to gauge what change their “journalism” was having. This gets fed back into the feedback cycle of “what can we write that sells an ideology” not “how can we report the facts”. In fact there were many people turfed straight into the street for not towing the line. Where does the ideology come from?

This feedback loop starts with a few opaque think tank organisations which have very disparate goals to what we might expect. Look up IEA, taxpayers alliance, Adam Smith institute etc. These are the entry points. Who backs them, we can’t see and don’t know but there are elite political ties to at least two of them. This is just the UK here to note but the same is the case world wide.

Respectable journalism ends up with demotion and occasionally dead journalists as we’ve seen from recent events in Saudi Arabia and Russia. Apart from that it’siterally shite pedalling.

What this whole thing is comes down to a rational analysis which is until there is evidence cited from multiple independent sources (not just the same one aggregated through various agencies which is a convenient way of spreading a good liee) then its horse shit as is everything that comes out of the media mouthpiece.

As far as I’m concerned this is a closed book until someone pulls up with a dead body and some analysis and then only if multiple security researchers who aren’t in the media’s pockets provide evidence to back that up.

This isn’t about feasibility either because the notion of allowing something to be considered without evidence is faith and faith turns irrationality into slavery. And that’s just so fucking wrong and makes us more stupid.

Edit: also Supermicro filed this with SEC: https://www.sec.gov/Archives/edgar/data/1375365/000162828018012712/exhibit991_20181018.htm (https://www.sec.gov/Archives/edgar/data/1375365/000162828018012712/exhibit991_20181018.htm)
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: coppercone2 on October 24, 2018, 07:00:42 pm
this thread needs more information because IMO right now its fermenting
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: bd139 on October 24, 2018, 07:10:24 pm
Is that why everyone is getting drunk and taking pot shots at each other ;)

There’s nothing to add yet. There have been SEC filings and no one has shit on the pot yet. I’m all over this so will post if anything turns up.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: tooki on October 25, 2018, 03:10:08 pm
YOU are the one putting words in people's mouths. You invent arguments I never made, and you post constantly about how wrong I am in those inventions.

I'm sick of your incessant nattering and demeaning tone. You STILL have yet to add anything constructive to the conversation; all your energy here of the last week has been spent tearing ME down rather than the actual subject of the thread. Get a life. It's not all about YOU.  :palm:

mnem
"Never argue with a fool; first they drag you down to their level, then they beat you up with experience."
Oh, by ALL means, show me where I put words in your mouth.

I’ve added plenty to the conversation, including long before you ever posted in this thread. That you don’t see those points as useful is, frankly, of little importance to me. What I refuse to bow down to is your lunatic theory that “everything” (your word!) must be considered. No. I will not concede one millimeter to your conspiracy theory nonsense.

You are correct that it’s not about me. And it never was. You’re the one trying to get everyone to agree to your bizarre, illogical views. Everyone who explains that it’s crazy, you then move the goalpost and gaslight, trying to make US out as the crazy ones. I will not stand idle as you do this.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: cdev on October 25, 2018, 04:05:47 pm
Government labs should be helping solve what happened or if anything happened here.

Government helping the public and industry use technology is something they can do and do successfully, IF they do it professionally. (and in the past they have done this very well, less so now)

They should sponsor research in technologies that may pay off in the future and with complicated issues like security, they should be there to help (not hurt) US manufacturers improve security, and do it in a trustworthy, not with a hidden agenda- and the information they make public should  be reliably accurate and helpful - i.e. scientifically informed and literate, not thought-terminating -

they should publish technical reports that in an intelligent way raise the overall level of knowledge on subjects, and avoid engaging in 'drama'.

When there is a question about something like whether something has 'implants' in it the government labs with all their resources should be employed to dissect, literally, the situation and report on their findings. Thats the kind of thing we pay them to do. And they should make all that information available to the media so people can make their own decision as to what has happened.

Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: bd139 on October 25, 2018, 04:20:49 pm
They do already do that here: https://www.ncsc.gov.uk/ (https://www.ncsc.gov.uk/)

NCSC offer process, hardware and software hardening guidance etc as well as general alerting, threat modelling etc.

NCSC is part of GCHQ here.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: madires on October 27, 2018, 01:58:53 pm
Investigating Implausible Bloomberg Supermicro Stories: https://www.servethehome.com/investigating-implausible-bloomberg-supermicro-stories/ (https://www.servethehome.com/investigating-implausible-bloomberg-supermicro-stories/)
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: Rick Law on November 01, 2018, 12:46:36 am
Latest update from Bloomberg

Article: "Super Micro Tells Lawmakers It Found No Malicious Hardware in Its Products", Bloomberg (news), October 30 2018

In a letter emailed to Senators Marco Rubio, a Florida Republican, and Richard Blumenthal, a Connecticut Democrat, Supermicro disputed Bloomberg reports on hacking of the company’s hardware. The letter, in response to a request for information from the senators, reiterates previous denials.

“We are confident the recent Bloomberg Businessweek stories are wrong,” wrote Perry Hayes, president of Supermicro Netherlands and Supermicro’s senior vice president of investor relations.

Hayes added: “We believe that it is impossible as a practical matter to insert unauthorized malicious chips onto our boards during the manufacturing process.”

Full article here:
https://www.bloomberg.com/news/articles/2018-10-30/super-micro-says-it-found-no-malicious-hardware-in-its-products (https://www.bloomberg.com/news/articles/2018-10-30/super-micro-says-it-found-no-malicious-hardware-in-its-products)
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: David Hess on November 01, 2018, 12:59:05 am
Government labs should be helping solve what happened or if anything happened here.

Government helping the public and industry use technology is something they can do and do successfully, IF they do it professionally. (and in the past they have done this very well, less so now)

They should sponsor research in technologies that may pay off in the future and with complicated issues like security, they should be there to help (not hurt) US manufacturers improve security, and do it in a trustworthy, not with a hidden agenda- and the information they make public should  be reliably accurate and helpful - i.e. scientifically informed and literate, not thought-terminating - they should publish technical reports that in an intelligent way raise the overall level of knowledge on subjects, and avoid engaging in 'drama'.

Are these the same government labs which intercept shipments to add their own backdoor hardware and firmware, pay companies like RSA to implemented backdoored encryption products, and suborn NIST into implemented flawed security standards?

The government poisoned that well starting decades ago if not sooner.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: Halcyon on November 01, 2018, 02:07:48 am
Investigating Implausible Bloomberg Supermicro Stories: https://www.servethehome.com/investigating-implausible-bloomberg-supermicro-stories/ (https://www.servethehome.com/investigating-implausible-bloomberg-supermicro-stories/)

Very well written and perfectly sums up what most of us suspected from the beginning: That this was at best, fake news.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: cdev on November 02, 2018, 03:15:26 am
Actually the government labs I was thinking about are different government labs. Same government, different labs.

Government labs should be helping solve what happened or if anything happened here.

Government helping the public and industry use technology is something they can do and do successfully, IF they do it professionally. (and in the past they have done this very well, less so now)

They should sponsor research in technologies that may pay off in the future and with complicated issues like security, they should be there to help (not hurt) US manufacturers improve security, and do it in a trustworthy, not with a hidden agenda- and the information they make public should  be reliably accurate and helpful - i.e. scientifically informed and literate, not thought-terminating - they should publish technical reports that in an intelligent way raise the overall level of knowledge on subjects, and avoid engaging in 'drama'.

Are these the same government labs which intercept shipments to add their own backdoor hardware and firmware, pay companies like RSA to implemented backdoored encryption products, and suborn NIST into implemented flawed security standards?

The government poisoned that well starting decades ago if not sooner.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: bd139 on November 02, 2018, 08:47:36 am
Lots of paranoia here. Don't forget that any national "gubment" consists of multiple branches that don't always work cohesively with each other. Also don't forget most governments are more worried about external infiltration than internal and a lot of that risk comes from the myriad of little companies that hover round the central turd like flies around shit performing technical services. It's in the government's interest to hand out decent quality guidance and security information and protect the country's interests.

Which is what ours does: https://www.ncsc.gov.uk/guidance (https://www.ncsc.gov.uk/guidance)

Now at the same time, this lot are a subsidiary of the comms spying branch too, but that doesn't mean they're giving out bad advice. Everyone is looking out for that and would call them out on their shit instantly.

If they tried to push encryption they had developed in house I might be a little suspicious but they don't.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: David Hess on November 06, 2018, 09:02:44 am
It's in the government's interest to hand out decent quality guidance and security information and protect the country's interests.

Unfortunately our NSA has abandoned securing our own infrastructure for compromising it.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: mtdoc on December 12, 2018, 04:15:43 am
is australia doing what I think it did?

Yep. But to be fair all the “Five Eyes” countries are in on it. They’re just using Australia as the, ahem, backdoor to introduce the backdoors.

Discussed previously in this thread (https://www.eevblog.com/forum/chat/the-war-on-encryption-the-five-eyes-are-watching-you/msg1801175/#msg1801175)

Ass Access (https://m.youtube.com/watch?v=eW-OMR-iWOE)
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: cdev on December 12, 2018, 04:35:05 am
This all started back in 1995 when they decided they were going to privatize everything everywhere that was already partly commercial, to give investors 'certainty'. (http://members.iinet.net.au/~jenks/GATS_BC2001.html).

Its moving along at a brisk pace.

That goal was inherently in conflict with democracy in a world thats automating.

But of course everything has to look as legitimate as possible.




Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: beanflying on December 12, 2018, 04:51:42 am
is australia doing what I think it did?


Yep. The idiots on the hill rammed flawed legislation to 'protect us from ABC' through on the last sitting day of parliament until February with the 'promise' to review and amend it then. Unless we go to an early election so it the becomes April maybe. All so we can remain 'safe' from unspecified possible threats XYZ in the meanwhile. :palm:

The behavior on let alone the dodgy Bill would have made the cast of Yes Minister blush in the way it was done.

Dutton isn't to be trusted

https://www.youtube.com/watch?v=LAj5TtfjZhk (https://www.youtube.com/watch?v=LAj5TtfjZhk)

Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: bd139 on December 12, 2018, 07:24:19 am
On a positive note all this surveillance crap is self deprecating as it serves only to strengthen the infrastructure and make it more resistant to tampering. They’re digging their own graves.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: beanflying on December 12, 2018, 07:28:35 am
The analogy of tight gun control doesn't stop criminals getting them will I suspect be found here too but it is the potential for abuse that still doesn't make it right. And like gun control absence of any control is a bad thing. This travesty tips the balance to far way to fast without any thought to the downsides.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: bd139 on December 12, 2018, 07:48:10 am
It’s a cat and mouse game as is gun control. There is no endgame, just progress. On the way we learn things.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: cdev on December 12, 2018, 01:47:46 pm
One thing the British press should be warning Brits about (as far as Brexit's dangers) is your independent WTO accession (which you may need to negotiate - with hundreds of countries all having a verto power unless you make concessions to them, from scratch) and its likely impact on the NHS.

But, not a peep in your media. Am I correct?

But, it should be of major concern, because thats what the WTO's main goal is, privatizing all services unless supplied as an exercise of governmental authority, a narrow definition that almost none of them can pass. Because they do not pass the following very narrow two line test.:

Article I:3 of the 1995 GATS agreement states:
"For the purposes of this Agreement...
(b) 'services' includes any service in any sector except services supplied in the
exercise of governmental authority;
(c) 'a service supplied in the exercise of governmental authority' means any service
which is supplied neither on a commercial basis, nor in competition with one or
more service suppliers."


-------

But no discussion in the media at all. (Are people even seeing this?)

Suppression of all of the things people want, and agree upon is likely the goal of these surveillance platforms. Large scale compartmentalization of inconvenient but essential information without which democracy cannot function. Ending of the commons where people exchange opinions that may include thoughts which are not compliant with the corporate agenda to suppress the public services aspects of government and replace them with a corporate simulacra that celebrates inequality and frames the newly broken situation as one people chose when it wasn't/isn't..

A big lie.

Because of the huge job shift, there will be pressure to help the newly poor who in many cases will be people who 'did everything right'.

The positive aspects of governments - the reasons why people had joined together to create them in the first place, are being quietly ended and prevented from re-emerging by back room trade agreements. Internationally. That will be hard to hide. So the infrastructure to do that is whats being done, I suspect. (This is all speculation!)

Here in the US, and in other WTO and PTA, members, FTAs like the little known 'GATS" and pending TiSA put in place a backwards going regulatory ratchet which only allows deregulation.

Its being used to block most of the things that people want out of democracy. Because, as I have had it put to me "Otherwise people would just vote to fix everything".

We should realize that the dysfunction we see everywhere likely isn't merely failure to ever come to any agreement, in the light of this hidden agenda, one should consider the strong possibility that it may be a deliberate tactic to disenfranchise and disgust all voters

Also one aspect of the new infrastructure for surveillance is that it may be intended to become a sort of jobs or welfare program. For insiders. Except they will be placed in a difficult position vis-a-vis having opinions. So, its disenfranchising them.

 Serving an additional employment and corporate welfare and control of insiders function.

Because many of the other decent jobs because of their use of tax money in any form and lack of any national security exemption (making them potentially exempt from globalization rules, unless they are already 'committed' in an agreements "schedule" - which is based on the so called "four modes of supply" - one needs to understand that trade concept to understand these quite convoluted things!) or 'like' services are already being traded across borders.) Professions of all kinds are intended to, basically all the good jobs done by today's middle class, except those done for private companies, (which will be under downward wage pressure as well, for example in the US "Computer and Related Services" or CRS, if those sectors were committed.)

Huge sections of the economy which people are depending on to employ our young people in the future are on the bargaining table. (Or not. Depending on who you trust to be telling you the truth.)

Services, "everything you cannot drop on your foot" may well eventually, irreversibly become precarious labor done by guest workers across international borders, for very low wages, hollowing out the middle class everywhere, in rich and poor sending and receiving countries alike, replacing high skilled practitioners of professions with low paid "would-be" professionals fresh out of colleges (the Mode Four /Movement of Natural Persons provisions focus on the intra-corporate transferee, requiring they be attached to companies and have special skills, but leaving a lot unsaid, especially on wages, they may be basically paying in their less than market rate labor for the foot in the door.

...and making the millionaires who run those body shop companies billionaires off of others hard almost unpaid labor.

I'm just speculating here.

This scheme, flavors of which are seemingly being pushed in multiple trade agreements is a targeted attack on the middle class by corporations and governments, and it has the potential to bring back a sort of modern form of slavery.  So much money is involved that it could well be thought of as a sort of corrupting influence that corrupted politicians and previously honest legislators everywhere it goes.

Which is my understanding exactly what slavery did. And once it starts its very hard to get rid of.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: bd139 on December 12, 2018, 02:09:26 pm
The NHS is heavily privatised already. Most of the major organisations are shell companies / PFI / state run entirely backed with contractors, suppliers and permanent staff. There isn't really much of a public healthcare system, only the top level organisational stuff, property, data and logistics. This has mostly been a positive progression however because the rationale behind it was to make parts of the NHS accountable to someone. A government 100% can't be accountable to itself and you can't realistically sue a government as an individual. If you spin the providers off then you can separate responsibility (hospitals and trusts) and quality (NHS England) which reduces corruption and increases standards (which is actually statistically evident since this restructuring).

Now that doesn't mean that healthcare has a cost or it is a free market, but it does mean that the companies have to be transparent to the government agencies. Prior to this arrangement, quality was unknown, no one was accountable and many many lives were destroyed with no recourse.

I think people forgot the old British public sector energy, postal and transport systems and how absolutely bloody awful they were and how things have improved.

WTO has nothing to do with this either way.
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: cdev on December 12, 2018, 02:45:58 pm
The subsized part of your health insurance scheme will come under pressure. The law of subsidies and countervailing measures in the WTO is different for "pre-existing" "measures" - (basically everything a government 'does' all laws or policies or - any change is a measure- See also the text of the Understanding on Commitments in Financial Services - discussed here in the context of the US - If the UK signed it, remember health insurance is a financial service- So everything that was existing - the free aspect of the NHS insurance, which because its also sold in the UK, was always going to be phased out, (unless it was entirely free, like Canada) you only got to continue doing only as long as it didn't change - will likely come under such extreme pressure only a miracle of public outcry and preparation could prevent. Otherwise it will be you, not the WTO that is forced to change and the cost to indiuvidual Britons will be in the high six figures or low seven figures over each of your lifetimes (as it is here) Or, poor people will be farmed out internationally for care. (Thats what they want but wont say it. They want poor people to leave).

Instead, barring a change in (all of our) our public's understanding of the WTO and its progeny - needed to also understand similar "plurilateral" services agreements, and a concerted effort to prevent this otherwise inevitable outcome,  it will happen and people will blame it on democracy which we will not realize, hasn't existed in a long time. (Instead we have gotten post-hoc rationalization, or political reverse engineering of already-decided outcomes- i.e. manipulation.)

This issue surrounding public services, is a major beef people all around the world have with the WTO and multilateral trading system model, but unless you have some warning of it and that this is coming, you'll likely not realize that.

There is a discussion about these issues and the fact that its the wrong model thats being aspired to, from a British NGO, Save the Children in this publication (https://www.ictsd.org/downloads/2008/08/savethechildren.pdf).

So instead of the WTO needing to change this, exempting all of the public services, for everybody, in the future (a change it needs in order to even aspire to legitimacy) you'll fall into the trap thats likely being set. And then the rest of the world likely will too.

As you're a wealthy country you likely wont be allowed to extensively subsidize health care as you had been in the past, unless you carved it out completely in your schedule before it was drawn up. Which as far as I know was not done in 1995/1998 - I suspect you went the route the US did and tried to commit as much as you could to one way privatization, even knowing that the public would never have voted for it. You could find out by going to the WTO web site and looking up your own country's specific commitments documents. (They have an SC in their titles) from (approximately) 1994-1998, especially. Look up howto read a services schedule as well.



But the poor countries which want the business, they want the patients, which represent themselves as having been told that trade like that is their payback, wont let you do that. (Don't buy in to this North vs. South frame - the real battle is between the oligarchs -who are stealing the planet's entire bright future and all the gains given us by technology- and everybody else) So it has to be called out then and there, but barring any discussion it wont be.

The poor country oligarchs are being quiet now but they will jump into action as soon as the change becomes irreversible.

Whenever a government is paying a portion of the insurance money, its likely to have a expiration date. Because as the 'market' is perfect, it can't be reformed, only countries that deviate from it's pure state must reform. Sounds a bit like a cult, huh? Well it is.
At least it screams cult-like-danger signs to me. (Here is what it is: 'groupthink (https://williamwolff.org/wp-content/uploads/2016/01/griffin-groupthink-challenger.pdf)')

https://www.allysonpollock.com/wp-content/uploads/2013/04/BMJ_2003_Pollock_NewDealWTO.pdf (https://www.allysonpollock.com/wp-content/uploads/2013/04/BMJ_2003_Pollock_NewDealWTO.pdf)

https://www.allysonpollock.com/wp-content/uploads/2013/04/BMJ_2002_Price_ExtendingChoiceNHS.pdf (https://www.allysonpollock.com/wp-content/uploads/2013/04/BMJ_2002_Price_ExtendingChoiceNHS.pdf)

https://www.allysonpollock.com/wp-content/uploads/2013/04/Lancet_2002_Pollock_MarketForces.pdf (https://www.allysonpollock.com/wp-content/uploads/2013/04/Lancet_2002_Pollock_MarketForces.pdf)

https://www.allysonpollock.com/wp-content/uploads/2013/04/Lancet_1999_Price_WTODomesticPolicies.pdf (https://www.allysonpollock.com/wp-content/uploads/2013/04/Lancet_1999_Price_WTODomesticPolicies.pdf)


The NHS is heavily privatised already. Most of the major organisations are shell companies / PFI / state run entirely backed with contractors, suppliers and permanent staff. There isn't really much of a public healthcare system, only the top level organisational stuff, property, data and logistics.

Do you have any idea how much we Americans pay for our health care? Or of how arbitrarily expensive and unpredictable it is, so much so that sick people of all income levels, are rightfully terrified to utilize it?

Don't fall into the mistake of thinking the propaganda about private health care being better is accurate. Its not true. Also, dont be misled into thinking that most (more than half of the wage earners) people can afford it, (it meaning adequate coverage to prevent their being bankrupted by a serious illness) that has not been true here in the US since the 1980s!

 Example of problems (old site) at one well connected HMO (which are now common elsewhere in the US - our healthcare is being aggressively attenuated with the result being millions of people never getting treatment they have been paying for, denial of tests and diagnosis, and a huge increase in so called iatrogenic injury, preventable hospital accidents, now the third highest cause of death in the US. (http://kaiserpapers.org)
This has mostly been a positive progression however because the rationale behind it was to make parts of the NHS accountable to someone.
Privatization does the exact opposite. And the globalization aspect of it is likely to make providers even more unaccountable.
A government 100% can't be accountable to itself and you can't realistically sue a government as an individual. If you spin the providers off then you can separate responsibility (hospitals and trusts) and quality (NHS England) which reduces corruption and increases standards (which is actually statistically evident since this restructuring).

Now that doesn't mean that healthcare has a cost or it is a free market, but it does mean that the companies have to be transparent to the government agencies.

It wont continue because the market issupposed to determine quality. Under the cult ideology its natural for people who pay less to get much less. Its their due for being poor.
Quote
Prior to this arrangement, quality was unknown, no one was accountable and many many lives were destroyed with no recourse.

I think people forgot the old British public sector energy, postal and transport systems and how absolutely bloody awful they were and how things have improved.

WTO has nothing to do with this either way.

I suspect you're reading totally different data than I am, and seeing the issue from a radically different perspective because the alternative to public health care where everybody is in and everybody is in the same system is healthcare for some but not for others. Once you give up the universal healthcare guarantee and let the wealthy buy out of the system, then they no longer are there keeping quality up, also the WTO rules kick in and privatize whats left. You likely don't know how many Americans are dying because they never get health care, or get it only long after they should have.

The statistics are found using the terms "excess deaths" "mortality amendable to improved access to health care" and "mortality amendable to healthcare".

Everything changed in September 1986 when at the Punta Del Este conference in Uruguay 'services' were put on the table in whats represented as a grand compromise to get the Global South nations to play the trading game. But methinks they doth protest too much. It really was all staged. Its a colossal global con job by the biggest con artists in the world, the insiders among insiders, to take the pressure off of them to change in a world where inequality is increasing exponentially.

The oligarchs are joining forces everywhere to gut the voices of democracy which the world needs more now than ever.

The huge effort being put into suppressing the voices and needs of humanity with divide and conquer tactics by putting forward a fake 'rules based system' that only increases inequality is a huge mistake.

Let me bow out of this now. I am sorry for this explanation. But I had to explain what I meant.

This has little if anything to do with backdoors.

There is a good discussion of hardware and software backdoors which I have been meaning to read more of at https://blog.invisiblethings.com (https://blog.invisiblethings.com) and related web sites. The article on stateless laptop hardware in particular I thought was interesting.

I wonder if backdoors may already exist and if so they were likely put there by the top level (chip manufacturing) corporations to service the never ending requests I am sure they likely get from countries of all kinds.

Using open hardware - making and using open hardware may be an important way to slow down this attack on security.

But it may not be enough, witness the never ending security holes and backdoor like software problems which have emerged recently. I suspect that a new layer of hardware beneath the OSs and things which are known may in newer HW be tagging along for the ride.

The disclosures about security holes may just be the tip of an iceberg or not. I don't know.

I certainly am hoping it isn't.

But without knowing the political and economic contexts driving the wagon encircling and ladder up-pulling in high places we have no chance of understanding what may be happening, if indeed anything is happening, to hardware and software.

This context certainly is an important thing to know that isn't known. Because that question boils down to, are we living in real democracies, or not?

Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: bd139 on December 12, 2018, 03:08:49 pm
You do realise we pay for the NHS as well? 98.8% of funding comes from direct taxation. This isn't a subsidy as there is no commoditisation.  NHS costs me personally about £11,000 a year. Worth every penny.

WRT privatisation this is very heavily audited stuff. Not black box health providers like in the US.

Edit: anyway this is totally derailed here now.  From a clearly more reliable source: https://www.reuters.com/article/us-supermicro-chips/super-micro-says-review-found-no-malicious-chips-in-motherboards-idUSKBN1OA12R (https://www.reuters.com/article/us-supermicro-chips/super-micro-says-review-found-no-malicious-chips-in-motherboards-idUSKBN1OA12R)
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: cdev on December 12, 2018, 10:00:09 pm
A couple of years ago I had a long discussion with an NHS accountant who was distraught that the Tory government was dismantling the drug payment arrangements they had for no reason, making it so they had to pay so much more "it will bankrupt the NHS" which is what has happened.

Its intentional, politicians now are corruptible. Which is why some things shouldn't be in their power to change.

And by that I don't mean put out of their reach forever by trade agreements either.  (Which is what we're getting now).
Title: Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
Post by: bd139 on December 12, 2018, 10:28:18 pm
That's a load of old crap though because there is a very big and well known reason. The problem is the backers of the suppliers. Look up Concordia's Liothyronine pricing scandal. 6000% rise in pricing once NHS supply was established with zero production cost increase. Currently it's managed through National Tariff and the reason they are scrapping it is it allows each individual trust to negotiate with the supplier rather than there being one central supply arrangement for a defined period of N years. So trusts can go "fuck you" now and go and buy from Teva.

The real bad guys here are HG Capital and Cinven who are the equity firms behind Concordia. Concordia couldn't have built the supply chain without the investors but the investors are greedy. They expect big returns (gotta buy a new Tesla every year) AND they expect forward development with bigger returns (I want a house on Richmond Hill to go with my Tesla).

Politics is an insignificant little puppet show really compared to the Ferengi bastards running the show behind the scenes.

This brings it back on topic because Bloomberg is one of those classes of companies but with information and propaganda instead of financial balls and chains. Their entire mission is to change markets and they are compensated heavily for doing that. Basically:

Someone wants to make money.
Start equity fund.
Throw investment ball to company.
Pay "shim" company (think Cambridge Analytica) to proxy marketing
Pay news agencies / information companies (Bloomberg / Facebook) to promote things or shit on competitors.
pay data companies (YouGov / Ipsos MORI) etc for analytics.
Feed back what works into step 4.

I've been knee deep in this crap for 15 years now. When I walk away I intend to throw a large hand grenade back in.

Supermicro is basically a victim here.