Author Topic: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.  (Read 35357 times)

0 Members and 1 Guest are viewing this topic.


Online bd139

  • Super Contributor
  • ***
  • Posts: 14577
  • Country: gb
I don't buy this.

1. The attack is terribly easy to identify once in place.
2. This is the least cost effective way of doing an attack. Custom silicon, target modification, infiltration are stupidly expensive compared to other vectors like firmware and post-manufacturing implants.
3. Just the supply chain and quantity of humans involved for these implant devices is huge and it's difficult to compartmentalise that number of people.
4. It requires extreme knowledge of the target design and ability to modify it so there is a huge infiltration identification risk.
5. Evidence is permanently left lying around after it is identified. No national entity would get away with being that brazen.

I'm calling either bullshit, propaganda or CYA here until I see a proper design analysis.
 
The following users thanked this post: tooki, tsman, a59d1

Offline funkyant

  • Supporter
  • ****
  • Posts: 125
  • Country: au
    • YouTube Channel
It shouldn't be too hard for somebody to get their hands on one of the allegedly affected boards. There's millions of them.

Hopefully we hear something a bit more in depth/ reliable/ technical soon.
 

Offline MK14

  • Super Contributor
  • ***
  • Posts: 2355
  • Country: gb
It shouldn't be too hard for somebody to get their hands on one of the allegedly affected boards. There's millions of them.

Hopefully we hear something a bit more in depth/ reliable/ technical soon.

There are plausible rumors that the story is false.
To avoid starting a political discussion, I have left out the details, as to why.
I managed to carefully edit in some details, but have left out the stronger political stuff.

https://www.theinquirer.net/inquirer/news/3063945/chinese-spies-reportedly-used-microchips-to-infiltrate-apple-and-amazon

Quote
Both Amazon and Apple strongly refute Bloomberg's report.

I.e. They seem to be saying the story is NOT true.

Quote
However, Bloomberg's sources are adamant. "The companies' denials are countered by six current and former senior national security officials, who—in conversations that began during the Obama administration and continued under the Trump administration—detailed the discovery of the chips and the government's investigation." µ
« Last Edit: October 04, 2018, 01:28:16 pm by MK14 »
 

Online bd139

  • Super Contributor
  • ***
  • Posts: 14577
  • Country: gb
Indeed. Ears peeled to see where this goes.

Honestly this is could even be posturing for a "friendly" attack being discovered. If you look at any supermicro boards they have proudly stamped on it "designed in USA" so either the design was modified after shipping, which design validation should pick up on production sampling, or it was modified at source of this is true which could be any actor in theory.

We may never know.
 

Offline MK14

  • Super Contributor
  • ***
  • Posts: 2355
  • Country: gb
This also seems to say that the story is not true.
I.e. That both Apple and Amazon, deny that the story is true.

https://www.scmp.com/tech/enterprises/article/2167032/apple-amazon-deny-report-chinese-use-tiny-chips-hack-their-networks

Quote
Apple, Amazon deny report on Chinese use of tiny chips to hack into their networks
 
The following users thanked this post: bd139, tsman

Offline NivagSwerdna

  • Super Contributor
  • ***
  • Posts: 2005
  • Country: gb
Not convinced.  Looks like some RF conditioning added during final fab,... more inductance they expected on memory traces?

Need some X-ray evidence of the device.
 

Online Cerebus

  • Super Contributor
  • ***
  • Posts: 4699
  • Country: gb
I don't buy this.

1. The attack is terribly easy to identify once in place.
2. This is the least cost effective way of doing an attack. Custom silicon, target modification, infiltration are stupidly expensive compared to other vectors like firmware and post-manufacturing implants.
3. Just the supply chain and quantity of humans involved for these implant devices is huge and it's difficult to compartmentalise that number of people.
4. It requires extreme knowledge of the target design and ability to modify it so there is a huge infiltration identification risk.
5. Evidence is permanently left lying around after it is identified. No national entity would get away with being that brazen.

I'm calling either bullshit, propaganda or CYA here until I see a proper design analysis.

6. The story comes out of Bloomberg, an organisation famed for their in-depth investigative journalism, especially in the technology field, not.

Like you, I'm deeply sceptical until I see this from a reputable tech savvy person or organization who has been able to reproduce the findings first hand and properly documents them in a way that is reproducible by other third parties.
Anybody got a syringe I can use to squeeze the magic smoke back into this?
 
The following users thanked this post: tooki, newbrain

Online wraper

  • Supporter
  • ****
  • Posts: 11345
  • Country: lv
2. This is the least cost effective way of doing an attack. Custom silicon, target modification, infiltration are stupidly expensive compared to other vectors like firmware and post-manufacturing implants.
Tampering with firmware is way easier to detect. And it's not that expensive compared to gains you can get, especially if you are Chinese government.
 

Online bd139

  • Super Contributor
  • ***
  • Posts: 14577
  • Country: gb
Tampering with firmware is way easier to detect. And it's not that expensive, especially if you are Chinese government.

Not really. All you need is access to the signing key and method which is a single simple attack vector (rubber hose).

Hell I've been entrusted to many "signing keys" and "master passwords" before and had to explain to large financial companies that no it's not ok shipping your EV keys on an unencrypted laptop one of your junior developers lugs to and from work on a tube.

Firmware tampering's only defence is competence and there isn't a lot of that around in the human race and I suspect most of it works at Apple or somewhere where they pay is better.
 

Offline NiHaoMike

  • Super Contributor
  • ***
  • Posts: 6092
  • Country: us
  • "Don't turn it on - Take it apart!"
    • Facebook Page
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #10 on: October 04, 2018, 02:11:58 pm »
I'd imagine it would be way easier to replace one of the chips with a "tampered" version than to design what they are calling a tiny spy chip.
Cryptocurrency has taught me to love math and at the same time be baffled by it.

Cryptocurrency lesson 0: Altcoins and Bitcoin are not the same thing.
 

Online bd139

  • Super Contributor
  • ***
  • Posts: 14577
  • Country: gb
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #11 on: October 04, 2018, 02:15:08 pm »
Yes like the large Chinese Aspeed SoC IC on the board :)
 

Online wraper

  • Supporter
  • ****
  • Posts: 11345
  • Country: lv
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #12 on: October 04, 2018, 02:17:49 pm »
Tampering with firmware is way easier to detect. And it's not that expensive, especially if you are Chinese government.

Not really. All you need is access to the signing key and method which is a single simple attack vector (rubber hose).

Hell I've been entrusted to many "signing keys" and "master passwords" before and had to explain to large financial companies that no it's not ok shipping your EV keys on an unencrypted laptop one of your junior developers lugs to and from work on a tube.

Firmware tampering's only defence is competence and there isn't a lot of that around in the human race and I suspect most of it works at Apple or somewhere where they pay is better.
If servers are going to be used by secret agencies, you can be pretty sure they'll check the firmware. Moreover they also receive source code from suppliers. These are not home PCs FFS.
 

Online bd139

  • Super Contributor
  • ***
  • Posts: 14577
  • Country: gb
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #13 on: October 04, 2018, 02:22:21 pm »
I worked in defence sector IT security for a few years and was cleared.

No.

They don’t check the firmware and 99% of hardware is commodity even on classified stuff. And on top of that even with escrow and shared source you don’t get everything. For example on windows shared source you don’t get the cryptographic service providers even if your company makes stark industries look like a Hasbro.

Edit: also don’t assume the competent people work in defence sector. They’re all in finance, like me, where the $$$ is.
« Last Edit: October 04, 2018, 02:24:08 pm by bd139 »
 
The following users thanked this post: rx8pilot, newbrain, NivagSwerdna, MK14, a59d1

Offline CJay

  • Super Contributor
  • ***
  • Posts: 3547
  • Country: gb
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #14 on: October 04, 2018, 02:37:13 pm »
Tampering with firmware is way easier to detect. And it's not that expensive, especially if you are Chinese government.

Not really. All you need is access to the signing key and method which is a single simple attack vector (rubber hose).

Hell I've been entrusted to many "signing keys" and "master passwords" before and had to explain to large financial companies that no it's not ok shipping your EV keys on an unencrypted laptop one of your junior developers lugs to and from work on a tube.

Firmware tampering's only defence is competence and there isn't a lot of that around in the human race and I suspect most of it works at Apple or somewhere where they pay is better.

Indeed, I've had a similar conversation with womeone this morning who considered it OK to have an unencrypted laptop with his unencrypted secure certificate and keys on the desktop.

So far I've been very nice to him and just deleted the files then requested he encrypts the machine before he leaves the building

If I dont see it registered as encrypting/encrypted by close of business then I'll delete his machine from the network, lock his account, revoke his keys and certificate then report him to Infosec who won't be as nice to him.

 

Offline VintageTekFan

  • Regular Contributor
  • *
  • Posts: 80
  • Country: us
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #15 on: October 04, 2018, 03:11:35 pm »
The timeline would fit for when DELL started including signed firmwares and encryption in their BIOSs and hardware. https://www.infoworld.com/article/3029728/security/dell-bios-verification-extends-security-focus.html
The three laws of thermodynamics:
1. You can't win.
2. You can't even break even.
3. You can't get out of the game.
 

Offline Dave3

  • Contributor
  • Posts: 35
  • Country: au
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #16 on: October 04, 2018, 03:13:49 pm »
It is difficult to "disprove" the Bloomberg article and I assume it is directionally correct for now, without evidence to the contrary.

Apple, Amazon, etal. may be ordered by government to deny attack or not comment at all. The government may provide precise wording the companies may disclose. Those corporate "comments" should be dismissed outright.

Bloomberg runs ultra-high end, ultra secure, trading systems for the largest global banks and investment managers, so the "journalists" will have access to top-tier engineers in-house.

From a profit perspective, Bloomberg risks quite a lot of future Chinese banking business with this article so I can't understand how the bean counters allowed this article to be published.
 

Offline Bud

  • Super Contributor
  • ***
  • Posts: 4038
  • Country: ca
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #17 on: October 04, 2018, 04:00:00 pm »
Or it is the other way around, government telling Bloomberg what to say.
Facebook-free life and Rigol-free shack.
 
The following users thanked this post: all_repair, bd139

Offline mikeselectricstuff

  • Super Contributor
  • ***
  • Posts: 12123
  • Country: gb
    • Mike's Electric Stuff
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #18 on: October 04, 2018, 04:41:41 pm »
That article reeks of bullshit and FUD to me.
Unfortunately written by someone who doesn't understand the tech, losing any details that might be informative.
Something inline with SPI flash is about the only thing I can guess based on the sparse info there, maybe even just disabling any write protection.
 
 
Youtube channel:Taking wierd stuff apart. Very apart.
Mike's Electric Stuff: High voltage, vintage electronics etc.
Day Job: Mostly LEDs
 
The following users thanked this post: amyk, all_repair, tooki, CJay, BrianHG, bd139, tsman, a59d1

Offline T3sl4co1l

  • Super Contributor
  • ***
  • Posts: 15000
  • Country: us
  • Expert, Analog Electronics, PCB Layout, EMC
    • Seven Transistor Labs
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #19 on: October 04, 2018, 05:13:03 pm »
I don't buy this.

1. The attack is terribly easy to identify once in place.
2. This is the least cost effective way of doing an attack. Custom silicon, target modification, infiltration are stupidly expensive compared to other vectors like firmware and post-manufacturing implants.
3. Just the supply chain and quantity of humans involved for these implant devices is huge and it's difficult to compartmentalise that number of people.
4. It requires extreme knowledge of the target design and ability to modify it so there is a huge infiltration identification risk.
5. Evidence is permanently left lying around after it is identified. No national entity would get away with being that brazen.

I'm calling either bullshit, propaganda or CYA here until I see a proper design analysis.

All your points suggest someone knew; the article says the CIA knew since 2014.  Presumably it wasn't hard to find information around the design, fab and distribution of these chips, just as you suggest.

The article also notes that they wouldn't be wise to release a public statement about the hazard.  The difference between Chinese and US intel: the former can control whatever they want, through direct intimidation, network filtering and so on; the latter can only monitor and covertly plant.

Tim
Seven Transistor Labs, LLC
Electronic design, from concept to prototype.
Bringing a project to life?  Send me a message!
 

Online BravoV

  • Super Contributor
  • ***
  • Posts: 6767
  • Country: 00
  • +++ ATH1
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #20 on: October 04, 2018, 05:20:14 pm »
Its all for the quick bucks from the short sale on the affected companies stocks. Like the Trump did on Amazon, easy money.  :-DD

Offline Red Squirrel

  • Super Contributor
  • ***
  • Posts: 2452
  • Country: ca
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #21 on: October 04, 2018, 05:25:10 pm »
Yikes I have several supermicro servers at home.  :o   looks like they only went after the blade servers though?  I might be safe.  Then again if it's not China putting backdoors, it's the US, via Intel chips.  Seems everything is backdoored now. 
« Last Edit: October 04, 2018, 05:27:07 pm by Red Squirrel »
 

Online Cerebus

  • Super Contributor
  • ***
  • Posts: 4699
  • Country: gb
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #22 on: October 04, 2018, 05:27:20 pm »
Let's apply Ockham here. Which is more likely:

1) China try a high cost, high probability of detection, low probability of success, exploit of limited applicability.

2) In a political climate of 'post truth' someone who wants to provoke a trade war with China 'leaks' propaganda. Everybody else (FBI, DNI, Apple, Amazon etc.) who ought to know about it denies that there is any veracity to it, including people who have the clout to tell the truth and damn anyone who tries to shut them up.

In the absence of verifiable evidence of this exploit, I think Ockham tends towards (2).
Anybody got a syringe I can use to squeeze the magic smoke back into this?
 
The following users thanked this post: tooki

Offline ajb

  • Super Contributor
  • ***
  • Posts: 1770
  • Country: us
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #23 on: October 04, 2018, 05:29:12 pm »
Hacakaday pointed out something interesting:

Hackaday spoke with Joe FitzPatrick (a well known hardware security guru who was quoted in the Bloomberg article). He finds this reported attack as a very believable approach to compromising servers. His take on the BMC is that it’s usually an ARM processor running an ancient version of Linux that has control over the major parts of the server. Any known vulnerability in the BMC would be an attack surface for the custom chip.

If that's the case, then perhaps there is a vulnerability that could be exploited by only changing a few bytes of data in, say, external flash.  The malicious part then simply needs to be able to watch for the appropriate addresses to be read, and insert its doctored data onto the data lines.  That could easily be done in a small device that straddles an SPI interface.  However, I would expect that it would be a lot simpler to substitute a malicious flash IC, which would allow you to have plenty of extra storage and processing to carry out more sophisticated (and updateable!) attacks, and wouldn't require modifying the board layout.
 

Online bd139

  • Super Contributor
  • ***
  • Posts: 14577
  • Country: gb
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #24 on: October 04, 2018, 05:39:21 pm »
Let's apply Ockham here. Which is more likely:

1) China try a high cost, high probability of detection, low probability of success, exploit of limited applicability.

2) In a political climate of 'post truth' someone who wants to provoke a trade war with China 'leaks' propaganda. Everybody else (FBI, DNI, Apple, Amazon etc.) who ought to know about it denies that there is any veracity to it, including people who have the clout to tell the truth and damn anyone who tries to shut them up.

In the absence of verifiable evidence of this exploit, I think Ockham tends towards (2).

I’m heading in the same direction on that line of thought. The Chinese aren’t idiots.

In fact I’d go as far as to say the only likely vector here is an infiltration into Supermicro themselves from a US based actor (three letter agency) and that’s only if there is some credible evidence that this isn’t horse dung. This might just be finger pointing for plausible deniability in the future.

Hell perhaps there is nothing yet but when they do find something it will be China’s fault by default then.
« Last Edit: October 04, 2018, 05:41:32 pm by bd139 »
 

Offline CJay

  • Super Contributor
  • ***
  • Posts: 3547
  • Country: gb
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #25 on: October 04, 2018, 05:47:20 pm »
Its all for the quick bucks from the short sale on the affected companies stocks. Like the Trump did on Amazon, easy money.  :-DD

Not convinced, yes Supermicro's shares will take a hit and people will make money but longer term?

Supermicro might feel they need to bring manufacturing back to the US, consider it a 'warning' to fruity high tech companies perhaps?

As for US intelligence only being able to monitor and covertly plant, yeah... I'm sure they've never illegally intimidated anyone or run black ops or anything underhand and oh look, there's a unicorn feeding the Kraken that lives in my garden pond.
 


Online BravoV

  • Super Contributor
  • ***
  • Posts: 6767
  • Country: 00
  • +++ ATH1
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #27 on: October 04, 2018, 06:05:32 pm »
Its all for the quick bucks from the short sale on the affected companies stocks. Like the Trump did on Amazon, easy money.  :-DD

Not convinced, yes Supermicro's shares will take a hit and people will make money but longer term?

Sure, its not for everyone, otherwise everyone will get bloody rich.  >:D

What long term ? Especially one probably can make few millions dollars in few hours like when Amazon lost it's value in billion in overnight by Trump's single tweet.  :-DD

Offline ajb

  • Super Contributor
  • ***
  • Posts: 1770
  • Country: us
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #28 on: October 04, 2018, 06:06:41 pm »
Yep: https://arstechnica.com/tech-policy/2014/05/photos-of-an-nsa-upgrade-factory-show-cisco-router-getting-implant/

Although that shows the loading of compromised firmware rather than modifying the hardware.  It's also interesting to note that the NSA intercepted packages bound for specific end users, whereas the approach described in the Bloomberg article is inherently indiscriminate; anyone who gets a particular model/production run is potentially compromised.  Not making a moral judgement, it's just interesting to see the difference in approach.
 

Online bd139

  • Super Contributor
  • ***
  • Posts: 14577
  • Country: gb
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #29 on: October 04, 2018, 06:22:28 pm »
Yes exactly. Much easier!
 

Offline Mr. Scram

  • Super Contributor
  • ***
  • Posts: 9063
  • Country: 00
  • Display aficionado
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #30 on: October 04, 2018, 06:33:41 pm »
Although that shows the loading of compromised firmware rather than modifying the hardware.  It's also interesting to note that the NSA intercepted packages bound for specific end users, whereas the approach described in the Bloomberg article is inherently indiscriminate; anyone who gets a particular model/production run is potentially compromised.  Not making a moral judgement, it's just interesting to see the difference in approach.
Intercepting specific packages in the US is much easier for the NSA.
 

Offline mikeselectricstuff

  • Super Contributor
  • ***
  • Posts: 12123
  • Country: gb
    • Mike's Electric Stuff
Youtube channel:Taking wierd stuff apart. Very apart.
Mike's Electric Stuff: High voltage, vintage electronics etc.
Day Job: Mostly LEDs
 
The following users thanked this post: bd139

Online BravoV

  • Super Contributor
  • ***
  • Posts: 6767
  • Country: 00
  • +++ ATH1
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #32 on: October 04, 2018, 06:45:10 pm »
So where is the porn of the affected hardwares ?

Sure anyone these days will jump on this just to get click count as its commodity stuffs that can easily sourced ?  :-//

Offline Mr. Scram

  • Super Contributor
  • ***
  • Posts: 9063
  • Country: 00
  • Display aficionado
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #33 on: October 04, 2018, 06:46:13 pm »
Amazon AWS say it's bullshit
https://aws.amazon.com/blogs/security/setting-the-record-straight-on-bloomberg-businessweeks-erroneous-article/
All the players involved deny, which under the current legislation unfortunately tell us exactly nothing.
 

Offline mtdoc

  • Super Contributor
  • ***
  • Posts: 3581
  • Country: us
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #34 on: October 04, 2018, 06:50:14 pm »
Let's apply Ockham here. Which is more likely:

1) China try a high cost, high probability of detection, low probability of success, exploit of limited applicability.

2) In a political climate of 'post truth' someone who wants to provoke a trade war with China 'leaks' propaganda. Everybody else (FBI, DNI, Apple, Amazon etc.) who ought to know about it denies that there is any veracity to it, including people who have the clout to tell the truth and damn anyone who tries to shut them up.

In the absence of verifiable evidence of this exploit, I think Ockham tends towards (2).

Yes.

I read this Bloomberg piece early this morning and it immediately raised several red flags (no pun intended).

It's reassuring to see those with more technical expertise also find it suspicious. As others have noted, the attack as described by Bloomberg would require multiple points of  compromise in the supply chain and there are much easier modes of attack.

If you put in context of recent geopolitical developments, it makes much more sense that Bloomberg is wittingly or unwittingly being used as a propaganda arm for the government. 

Now that the Mueller investigation is winding down and despite lots of accusations (including some meaningless indictments), no proof of Russian collusion or meaningful interference in the 2016 election has been provided.  That and the fact that Putin has not been taking the bait in Syria means it will be difficult to maintain the Russian boogeyman narrative for much longer.

On the other hand recent conflicts in the South China Sea and VP Mike Pence's aggressive anti-China speech this morning means that there is likely a concerted effort underway to shift the focus of the populaces animus towards China.

We live in interesting and dangerous times.
 
The following users thanked this post: all_repair, tooki, bd139

Online BravoV

  • Super Contributor
  • ***
  • Posts: 6767
  • Country: 00
  • +++ ATH1
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #35 on: October 04, 2018, 06:53:06 pm »
We live in interesting and dangerous times.

Indeed, and reminds me of the Napoleon Bonaparte's quote on China.

Offline Bud

  • Super Contributor
  • ***
  • Posts: 4038
  • Country: ca
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #36 on: October 04, 2018, 07:09:12 pm »
Yes, the article published at the right time, makes you think.
Facebook-free life and Rigol-free shack.
 

Offline aqarwaen

  • Regular Contributor
  • *
  • Posts: 51
  • Country: us
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #37 on: October 04, 2018, 07:48:19 pm »
can i ask question?what would happen if someone tried remove that chip from board?would it brick full board?
 

Offline floobydust

  • Super Contributor
  • ***
  • Posts: 3447
  • Country: ca
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #38 on: October 04, 2018, 08:02:35 pm »
Read the Bloomberg article... at the manufacturing level, PCB design was altered to add an MCU packaged as an EMI filter.
On other servers, the MCU was embedded in the PCB's internal layers.
The IC seemed to be an extension of the server bootloader, so it would download an app from china.

I wouldn't call this anything other than a sophisticated hardware back-door for servers.
 

Online bd139

  • Super Contributor
  • ***
  • Posts: 14577
  • Country: gb
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #39 on: October 04, 2018, 08:03:42 pm »
I call it unicorn shit until I've seen it and smelled it.
 
The following users thanked this post: Zucca, tooki

Offline eas

  • Frequent Contributor
  • **
  • Posts: 601
  • Country: us
    • Tech Obsessed
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #40 on: October 04, 2018, 08:10:35 pm »
Now that the Mueller investigation is winding down and despite lots of accusations (including some meaningless indictments), no proof of Russian collusion or meaningful interference in the 2016 election has been provided.

There is absolutely no evidence it is raining outside, if you ignore all the evidence that it is raining outside (ground is wet, clouds in sky, droplets of water moving from sky to ground), dismiss the evidence with absurd counter explanations (sure, its wet, but you spit when you talk) and/or simply define raining as "big rocks, floating from the earth to the moon."
« Last Edit: October 04, 2018, 08:13:04 pm by eas »
 

Offline thm_w

  • Super Contributor
  • ***
  • Posts: 2059
  • Country: ca
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #41 on: October 04, 2018, 08:16:57 pm »
2. This is the least cost effective way of doing an attack. Custom silicon, target modification, infiltration are stupidly expensive compared to other vectors like firmware and post-manufacturing implants.

How is it custom silicon, it could be an off the shelf micro in a custom package (which wouldn't be very expensive).

can i ask question?what would happen if someone tried remove that chip from board?would it brick full board?

Most likely it would be sitting a bus of some sort, so should not cause any problems if removed. But no way to know for sure.
 

Online bd139

  • Super Contributor
  • ***
  • Posts: 14577
  • Country: gb
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #42 on: October 04, 2018, 08:30:44 pm »
2. This is the least cost effective way of doing an attack. Custom silicon, target modification, infiltration are stupidly expensive compared to other vectors like firmware and post-manufacturing implants.

How is it custom silicon, it could be an off the shelf micro in a custom package (which wouldn't be very expensive).

It's not going to be just a micro. It would have to have a compatible bus interface as well or arbitration of it talks to something else.
 

Offline floobydust

  • Super Contributor
  • ***
  • Posts: 3447
  • Country: ca
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #43 on: October 04, 2018, 08:31:12 pm »
I call it unicorn shit until I've seen it and smelled it.
Try reverse logic then.

How would this "American propaganda" about the chinese Supermicro server backdoor benefit the USA?

They're hooped, they can't make these servers or the IC's used anyhow. The technology left the USA long ago.
If making fake news to "bring it back home" as Trump does, seems silly because it would take many years.

“You end up with a classic Satan’s bargain,” a former U.S. official told Bloomberg. “You can have less supply than you want and guarantee it’s secure, or you can have the supply you need, but there will be risk. Every organization has accepted the second proposition.”
 

Online bd139

  • Super Contributor
  • ***
  • Posts: 14577
  • Country: gb
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #44 on: October 04, 2018, 08:38:14 pm »
Unicorn shit was aimed at the technology being discovered actually used.

I agree with your point entirely. It's not unlikely.
 

Online chris_leyson

  • Super Contributor
  • ***
  • Posts: 1399
  • Country: wales
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #45 on: October 04, 2018, 09:28:59 pm »
Having some difficultly believing this, I think it's more fake news rather than reality.
It's alleged that processors are embedded in packages that look like EMI filters. It's technically feasable but where do these processors get their power from ? If they didn't have to drive anything then they can harvest a tiny amount of power from the signal lines, and even with the most exotic capacitor dielectric on the planet you're only going to store a few mJ and you're not going to be able to write many bits with a few mJ.
If it's case where one or two manufacturers have been compromised then they can do anything they like to the board including changes to the copper. If you can change the copper then you can provide power to the "EMI filter" and now you can write as many data bits as you want. Who puts EMI filters on a data bus anyway, unless it's going off board.
It's ironic that they are allegedly inside EMI filters, now they are filtering the data. It sounds more like science fiction than science fact.
 
The following users thanked this post: tooki

Offline borjam

  • Supporter
  • ****
  • Posts: 786
  • Country: es
  • EA2EKH
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #46 on: October 04, 2018, 09:43:19 pm »
It's not going to be just a micro. It would have to have a compatible bus interface as well or arbitration of it talks to something else.
I could believe something related to the BMC/IPMI/console access stuff. After all they even share Ethernet controllers with the mainboard. Arbitration
there would be simpler.

But what Bloomberg describes is, as you said, unicorns. Forcing the OS to do what? Which OS after all? BIOS, EFI and all that crap is not running when a proper OS is in execution.

 

Offline mtdoc

  • Super Contributor
  • ***
  • Posts: 3581
  • Country: us
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #47 on: October 04, 2018, 09:59:06 pm »
How would this "American propaganda" about the chinese Supermicro server backdoor benefit the USA?

To gain support for any war (cold or hot) you need the populace to believe that the "enemy" is threatening you.   Why not baffle them with mysterious electronics jargon and a magical chip "the size of a grain of rice" that allows them to spy on us. (Almost as good as the omnipotent Russian hackers and social media trolls)

Geopolitics 101 - same as it ever was.  There needs to be more than just a trade war to justify military spending.

A new cold war with China is in the making.
 

Offline coppercone2

  • Super Contributor
  • ***
  • Posts: 3827
  • Country: us
  • $
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #48 on: October 04, 2018, 10:12:46 pm »
china tries to recruit spies on linkedin. enough said
 

Online wraper

  • Supporter
  • ****
  • Posts: 11345
  • Country: lv
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #49 on: October 04, 2018, 10:23:05 pm »
But what Bloomberg describes is, as you said, unicorns. Forcing the OS to do what? Which OS after all? BIOS, EFI and all that crap is not running when a proper OS is in execution.
Then read this  :palm: https://www.zdnet.com/article/minix-intels-hidden-in-chip-operating-system/

Quote
MINIX also has access to your passwords. It can also reimage your computer's firmware even if it's powered off. Let me repeat that. If your computer is "off" but still plugged in, MINIX can still potentially change your computer's fundamental settings.
Quote
How? MINIX can do all this because it runs at a fundamentally lower level.
x86-based computers run their software at different privilege levels or "rings". Your programs run at ring three, and they have the least access to the hardware. The lower the number your program runs at, the more access they have to the hardware. Rings two and one don't tend to be used. Operating systems run on ring zero. Bare-metal hypervisors, such as Xen, run on ring -1. Unified Extensible Firmware Interface (UEFI) runs on ring -2. MINIX? It runs on ring -3.

You can't see it. You can't control it. It's just humming away there, running your computer. The result, according to Minnich is "there are big giant holes that people can drive exploits through." He continued, "Are you scared yet? If you're not scared yet, maybe I didn't explain it very well, because I sure am scared."
« Last Edit: October 04, 2018, 10:25:58 pm by wraper »
 

Offline floobydust

  • Super Contributor
  • ***
  • Posts: 3447
  • Country: ca
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #50 on: October 04, 2018, 10:23:16 pm »
I find it believable for the PLA military to add a little IC for a backdoor.

Intel Management Engine is in all their server chipsets, used on Supermicro blades. The PCB artwork was modified and a part "added" according to the press out there.
Example, for the C600 series server chipsets, the ME F/W is loaded from SPI flash. Six-pins (EMI filter package ) are enough for an MCU with SPI to communicate with the chipset or main CPU's and inject a Trojan.
Or maybe the chinese simply added an SPI flash IC.

 

Online bd139

  • Super Contributor
  • ***
  • Posts: 14577
  • Country: gb
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #51 on: October 04, 2018, 10:29:03 pm »
But again two questions;

1. Why? There are much easier attack vectors.
2. Who? Supermicro stuff is designed in USA. Do they not do design validation on production runs and sampling?
 
The following users thanked this post: tooki

Offline mtdoc

  • Super Contributor
  • ***
  • Posts: 3581
  • Country: us
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #52 on: October 04, 2018, 10:29:49 pm »
But what Bloomberg describes is, as you said, unicorns. Forcing the OS to do what? Which OS after all? BIOS, EFI and all that crap is not running when a proper OS is in execution.
Then read this  :palm: https://www.zdnet.com/article/minix-intels-hidden-in-chip-operating-system/

Quote
MINIX also has access to your passwords. It can also reimage your computer's firmware even if it's powered off. Let me repeat that. If your computer is "off" but still plugged in, MINIX can still potentially change your computer's fundamental settings.

But doesn't this support the idea that there are easier ways to do this than add a new chip to a motherboard?  Wouldn't altering or cloning/replacing an existing chip be easier and require fewer potential points of detection in the supply chain?

I don't doubt the Chinese are motivated and capable to do such spying (as are Western intelligence agencies) but the nature and timing of this report seems awfully suspicious.  Another possibility is that this has been known for sometime but the report has been sat on, awaiting the proper geopolitical timing.
 

Online wraper

  • Supporter
  • ****
  • Posts: 11345
  • Country: lv
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #53 on: October 04, 2018, 10:34:29 pm »
But again two questions;

1. Why? There are much easier attack vectors.
2. Who? Supermicro stuff is designed in USA. Do they not do design validation on production runs and sampling?
I dunno if it's real or not but there are good reasons to do it. They cannot plant hacked firmware on a few devices for particular customer. They cannot intercept a few packages for particular customer and do it NSA style. If they do this in wide scale hoping it gets somewhere where they need, hacked firmware won't do. Too wide exposure and someone will find it. With such approach it needs to be something extremely difficult to find.
 

Offline floobydust

  • Super Contributor
  • ***
  • Posts: 3447
  • Country: ca
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #54 on: October 04, 2018, 10:38:29 pm »
"The majority of its workforce in San Jose is Taiwanese or Chinese"
The PCB assembler, was supplied modified PCB's and stuffed on the extra one little tiny part.

I can't think of a better or easier way to surreptitiously get a trojan into servers across the world.
 

Online bd139

  • Super Contributor
  • ***
  • Posts: 14577
  • Country: gb
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #55 on: October 04, 2018, 10:40:41 pm »
But again two questions;

1. Why? There are much easier attack vectors.
2. Who? Supermicro stuff is designed in USA. Do they not do design validation on production runs and sampling?
I dunno if it's real or not but there are good reasons to do it. They cannot plant hacked firmware on a few devices for particular customer. They cannot intercept a few packages for particular customer and do it NSA style. If they do this in wide scale hoping it gets somewhere where they need, hacked firmware won't do. Too wide exposure and someone will find it. With such approach it needs to be something extremely difficult to find.

That’s why software is the place to do it.

I suggest people read the following:

1. https://www.archive.ece.cmu.edu/~ganger/712.fall02/papers/p761-thompson.pdf
2. https://www.theregister.co.uk/2010/12/15/openbsd_backdoor_claim/

Successful attacks leave no evidence and are plausibly deniable. Hardware is a massive steaming chunk of curly evidence.

"The majority of its workforce in San Jose is Taiwanese or Chinese"
The PCB assembler, was supplied modified PCB's and stuffed on the extra one little tiny part.

I can't think of a better or easier way to surreptitiously get a trojan into servers across the world.


Software.
 
The following users thanked this post: tooki

Offline Halcyon

  • Super Contributor
  • ***
  • Posts: 3912
  • Country: au
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #56 on: October 04, 2018, 10:44:38 pm »
But again two questions;

1. Why? There are much easier attack vectors.
2. Who? Supermicro stuff is designed in USA. Do they not do design validation on production runs and sampling?
I dunno if it's real or not but there are good reasons to do it. They cannot plant hacked firmware on a few devices for particular customer. They cannot intercept a few packages for particular customer and do it NSA style. If they do this in wide scale hoping it gets somewhere where they need, hacked firmware won't do. Too wide exposure and someone will find it. With such approach it needs to be something extremely difficult to find.

That’s why software is the place to do it.

I suggest people read the following:

1. https://www.archive.ece.cmu.edu/~ganger/712.fall02/papers/p761-thompson.pdf
2. https://www.theregister.co.uk/2010/12/15/openbsd_backdoor_claim/

Successful attacks leave no evidence and are plausibly deniable. Hardware is a massive steaming chunk of curly evidence.

"The majority of its workforce in San Jose is Taiwanese or Chinese"
The PCB assembler, was supplied modified PCB's and stuffed on the extra one little tiny part.

I can't think of a better or easier way to surreptitiously get a trojan into servers across the world.


Software.

+1 software, absolutely.
 
The following users thanked this post: tooki

Online wraper

  • Supporter
  • ****
  • Posts: 11345
  • Country: lv
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #57 on: October 04, 2018, 10:48:36 pm »
Software.
You can relatively easily find that software/firmware was altered. If it's a tiny innocent looking EMI filter, sleeping until comes time to do it's dirty job, it's way more difficult to figure it out.
 

Online bd139

  • Super Contributor
  • ***
  • Posts: 14577
  • Country: gb
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #58 on: October 04, 2018, 10:52:12 pm »
Can you tell a malicious alteration from non malicious code?

Hell no. We’ve had auditors walk straight over stuff we threw in to trip them up and we’re not experts in that sort of thing (well not intentionally  :-DD)

There’s no formal verification of the code. If they can get a massive amount of people in a supply chain then they have the funds and resources to get a software plant or take over a company network. And you can do it without leaving a speck of evidence. An actual tangible device is a smoking gun of immense scale and a point of analysis.

Look at the recent BA MageCart hack as an example.

There is no logic.
« Last Edit: October 04, 2018, 10:55:35 pm by bd139 »
 
The following users thanked this post: tooki

Online wraper

  • Supporter
  • ****
  • Posts: 11345
  • Country: lv
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #59 on: October 04, 2018, 10:56:16 pm »
Can you tell a malicious alteration from non malicious code?

Hell no. We’ve had auditors walk straight over stuff we threw in to trip them up and we’re not experts in that sort of thing (well not intentionally  :-DD)
You can simply start verifying if data matches to what is supposed to be there. If something is off, it's a signal for further investigation.
 

Offline Halcyon

  • Super Contributor
  • ***
  • Posts: 3912
  • Country: au
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #60 on: October 04, 2018, 10:58:59 pm »
Can you tell a malicious alteration from non malicious code?

Hell no. We’ve had auditors walk straight over stuff we threw in to trip them up and we’re not experts in that sort of thing

Hash values would be a quick and easy start.

If your auditors can't manage a basic thing like that, maybe you should reconsider who audits your gear.
 

Offline Rick Law

  • Super Contributor
  • ***
  • Posts: 2786
  • Country: us
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #61 on: October 04, 2018, 11:02:20 pm »
china tries to recruit spies on linkedin. enough said

Everyone spies on everyone else.  Sometimes we forget, developed nation spy on each other too.  Remember when France spies was bugging Air France first-class for business/industrial info?See [1]  So, I would not be too surprised by or being too "holier than thou" with China being in the spy game.

That said, perhaps we may be too preoccupied with spying.  I wonder could it be some copy-protection/detection like some of the useless bits of circuit put into an IC just to detect if this is fake manufactured by others.


(For those who missed the news back then...)
[1] "Les unsporting gits! French spies BUGGED Concorde passengers", The Register, 2015

"Ed Wallace, director of incident response and advanced threats at security consultancy MWR Infosecurity, pointed us towards forgotten reports that French spies routinely bugged first-class passengers flying with Air France – including Concorde passengers – back in the 1990s.

The idea was that business people relaxing on a long trip, and perhaps enjoying a drink or two, might discuss all manner of commercially sensitive information, oblivious to the possibility of eavesdropping. The motive was economic espionage rather than national security or anti-terrorism."

Quoted from:
https://www.theregister.co.uk/2015/06/09/french_spied_concorde_passengers/
 

Online bd139

  • Super Contributor
  • ***
  • Posts: 14577
  • Country: gb
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #62 on: October 04, 2018, 11:06:07 pm »
Can you tell a malicious alteration from non malicious code?

Hell no. We’ve had auditors walk straight over stuff we threw in to trip them up and we’re not experts in that sort of thing (well not intentionally  :-DD)
You can simply start verifying if data matches to what is supposed to be there. If something is off, it's a signal for further investigation.

That is formal verification. You can’t retrospectively use this to apply security. You have to build it in from the start. You can’t start with a sieve and fill all the holes with cement.

Can you tell a malicious alteration from non malicious code?

Hell no. We’ve had auditors walk straight over stuff we threw in to trip them up and we’re not experts in that sort of thing

Hash values would be a quick and easy start.

If your auditors can't manage a basic thing like that, maybe you should reconsider who audits your gear.

Hashing is performed on the build output. Hashing also requires the hashes to be stored. The attack vectors are still valid at source level. And bypassing hash verification and even changing the hashes are viable target attacks. In fact they are some of the easiest. Look up “goto fail” for a fine example of a suitably obscure cock up that stopped validation.

Multiple auditors for reference. It was not identified because it’s is subtle, requires extremely large knowledge of the problem domain, and a specific code path to be executed. An external auditor or internal auditor would need to be a domain expert with several years experience to do it.

We joke that When your mid level dev turns up with a model s Tesla then you need to read all his commits in the last year again.

This is my bread and butter. I get paid to deal with this. You need to come up with some better responses. Sorry. People really do not understand secure programming models.
« Last Edit: October 04, 2018, 11:09:13 pm by bd139 »
 
The following users thanked this post: PointyOintment, tooki

Offline TimNJ

  • Frequent Contributor
  • **
  • Posts: 839
  • Country: us
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #63 on: October 04, 2018, 11:08:41 pm »
So, if Supermicro is an American company and designed the board in the US (and/or the US team has acceaa to the manufacturing files), shouldn’t they be able to confirm that chip U1xx was not part of the design but appears on the manufactured product?
 
The following users thanked this post: tooki

Offline mtdoc

  • Super Contributor
  • ***
  • Posts: 3581
  • Country: us
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #64 on: October 04, 2018, 11:33:11 pm »
Some interesting, informed discussion of the technical aspects of this story in this Twitter thread.
 

Offline ogden

  • Super Contributor
  • ***
  • Posts: 3166
  • Country: lv
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #65 on: October 04, 2018, 11:43:48 pm »
That article reeks of bullshit and FUD to me.
Unfortunately written by someone who doesn't understand the tech, losing any details that might be informative.
Something inline with SPI flash is about the only thing I can guess based on the sparse info there, maybe even just disabling any write protection.

Though one detail was mentioned: "The illicit chips could do all this because they were connected to the baseboard management controller".  I find it plausible that they attacked WPCM450 and did it by putting their spy chip on SMBus.
 

Online Cerebus

  • Super Contributor
  • ***
  • Posts: 4699
  • Country: gb
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #66 on: October 04, 2018, 11:49:35 pm »
How would this "American propaganda" about the chinese Supermicro server backdoor benefit the USA?

To gain support for any war (cold or hot) you need the populace to believe that the "enemy" is threatening you.   Why not baffle them with mysterious electronics jargon and a magical chip "the size of a grain of rice" that allows them to spy on us. (Almost as good as the omnipotent Russian hackers and social media trolls)

Geopolitics 101 - same as it ever was.  There needs to be more than just a trade war to justify military spending.

A new cold war with China is in the making.

I'll let a better man than me speak:

Quote from: General Dwight D. Eisenhower, speaking as the 34th president of the USA
    A vital element in keeping the peace is our military establishment. Our arms must be mighty, ready for instant action, so that no potential aggressor may be tempted to risk his own destruction...

    This conjunction of an immense military establishment and a large arms industry is new in the American experience. The total influence—economic, political, even spiritual—is felt in every city, every statehouse, every office of the federal government. We recognize the imperative need for this development. Yet we must not fail to comprehend its grave implications. Our toil, resources and livelihood are all involved; so is the very structure of our society. In the councils of government, we must guard against the acquisition of unwarranted influence, whether sought or unsought, by the military–industrial complex. The potential for the disastrous rise of misplaced power exists, and will persist. We must never let the weight of this combination endanger our liberties or democratic processes. We should take nothing for granted. Only an alert and knowledgeable citizenry can compel the proper meshing of the huge industrial and military machinery of defense with our peaceful methods and goals so that security and liberty may prosper together. [emphasis added]

Anybody got a syringe I can use to squeeze the magic smoke back into this?
 
The following users thanked this post: mtdoc

Online Cerebus

  • Super Contributor
  • ***
  • Posts: 4699
  • Country: gb
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #67 on: October 05, 2018, 12:00:48 am »
Software.
You can relatively easily find that software/firmware was altered. If it's a tiny innocent looking EMI filter, sleeping until comes time to do it's dirty job, it's way more difficult to figure it out.

You've not read Thompson's paper have you? If you had you would know you were talking out of your hat.

Quote from: Ken Thompson
The moral is obvious. You can't trust code that you did not totally create yourself. (Especially code from companies that employ people like me.) No amount of source-level verification or scrutiny will protect you from using untrusted code.
Anybody got a syringe I can use to squeeze the magic smoke back into this?
 
The following users thanked this post: bd139

Offline xaxaxa

  • Regular Contributor
  • *
  • Posts: 248
  • Country: ca
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #68 on: October 05, 2018, 12:03:58 am »
time to buy supermicro stock?  :D
 
The following users thanked this post: tooki

Offline JoeO

  • Frequent Contributor
  • **
  • Posts: 525
  • Country: us
  • I admit to being deplorable
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #69 on: October 05, 2018, 12:18:05 am »
I would be surprised if the Chinese were NOT doing this type of activities.
The day Al Gore was born there were 7,000 polar bears on Earth.
Today, only 26,000 remain.
 

Offline EEVblog

  • Administrator
  • *****
  • Posts: 31232
  • Country: au
    • EEVblog
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #70 on: October 05, 2018, 02:21:45 am »
Doing this SuperMicro motherboard implant as a component retrofit (chip disguised as a decoupler or ESD protection or whatever) without it being obvious (cuts/bodge wires)
seems quite implausible.

Factory design engineered?
 
The following users thanked this post: tooki

Offline EEVblog

  • Administrator
  • *****
  • Posts: 31232
  • Country: au
    • EEVblog
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #71 on: October 05, 2018, 02:31:55 am »
One other way to do it would be by the PCB supplier modifying the gerbers to add the part. But then the assembler has to be in on it too.

Supermicro are probably being gagged with a fear of losing contracts or whatever, as it would be easy for them to come out and prove it wasn't in their design and layout, and that's it was some manufacturing  chain interdiction.
 

Offline TimNJ

  • Frequent Contributor
  • **
  • Posts: 839
  • Country: us
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #72 on: October 05, 2018, 02:48:08 am »
Doing this SuperMicro motherboard implant as a component retrofit (chip disguised as a decoupler or ESD protection or whatever) without it being obvious (cuts/bodge wires)
seems quite implausible.

Factory design engineered?

Kind of my main point of confusion. Sure, you can make a custom chip to harvest data off some I2C-esque bus. But, the board was (presumably) not designed to accommodate this extra chip to start with...so how'd they get it on there? You can't just stick a chip on a board willy-nilly...obviously..

The photo they showed (assuming that's really it) looked like a directional coupler. Something like this one: https://product.tdk.com/info/en/products/rf/rf/coupler/index.html

Is it possible that Supermicro had made accommodations for a directional coupler (or whatever it is), and then decided not to populate it? Even if that's true, couplers are passive parts; There shouldn't be a power supply connection.

Or, perhaps, the board was modified at the PCB manufacturer/assembly house. I suppose they could have went in, modified the Gerbers, and added one more part to the PnP list...But if that's the case, then Supermicro should be able to come out and say "Hey that PCB layout was never approved by us!". But they haven't said that.

Or Supermicro is directly colluding with China.
 

Offline TimNJ

  • Frequent Contributor
  • **
  • Posts: 839
  • Country: us
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #73 on: October 05, 2018, 02:48:55 am »
One other way to do it would be by the PCB supplier modifying the gerbers to add the part. But then the assembler has to be in on it too.

Supermicro are probably being gagged with a fear of losing contracts or whatever, as it would be easy for them to come out and prove it wasn't in their design and layout, and that's it was some manufacturing  chain interdiction.

Exactly my thoughts.
 

Offline JustMeHere

  • Regular Contributor
  • *
  • Posts: 249
  • Country: us
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #74 on: October 05, 2018, 03:02:19 am »
I would have my SSL handshake hide data in the session setup.  You would not be easily able to detect it.  When the system does an online BIOS update, send the data. 

For example the N position in the prime number is actually byte data.  Have N change every time.


 

Offline Red Squirrel

  • Super Contributor
  • ***
  • Posts: 2452
  • Country: ca
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #75 on: October 05, 2018, 03:14:22 am »
Has anyone with Supermicro hardware been able to locate this chip?  What happens if you just desolder it?
 

Offline mtdoc

  • Super Contributor
  • ***
  • Posts: 3581
  • Country: us
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #76 on: October 05, 2018, 03:33:18 am »
Has anyone with Supermicro hardware been able to locate this chip?  What happens if you just desolder it?

That will be the key to confirming or debunking this story. Someone is going to have to come forward with one of these chips found on their hardware and have it subjected to public analysis to convince me this it is real.  If anyone out there finds one, send it to Dave or Mike or Shahriar for analysis.
 

Offline EEVblog

  • Administrator
  • *****
  • Posts: 31232
  • Country: au
    • EEVblog
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #77 on: October 05, 2018, 03:39:13 am »
Has anyone with Supermicro hardware been able to locate this chip?  What happens if you just desolder it?

I have a SuperMicro server motherboard, but even if it did have the chip (unlikely I guess unless it's widespead across all models) with little to go on it would be hard to identify.

https://www.supermicro.com/products/motherboard/xeon/c600/x9dai.cfm
« Last Edit: October 05, 2018, 03:41:30 am by EEVblog »
 

Offline EEVblog

  • Administrator
  • *****
  • Posts: 31232
  • Country: au
    • EEVblog
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #78 on: October 05, 2018, 03:52:56 am »
The major parties have responded:
https://www.bloomberg.com/news/articles/2018-10-04/the-big-hack-amazon-apple-supermicro-and-beijing-respond

Bloomberg got it wrong? Or CIA cover-up?  8)
 

Offline FrankBuss

  • Supporter
  • ****
  • Posts: 2314
  • Country: de
    • Frank Buss
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #79 on: October 05, 2018, 04:01:00 am »
The major parties have responded:
https://www.bloomberg.com/news/articles/2018-10-04/the-big-hack-amazon-apple-supermicro-and-beijing-respond

Bloomberg got it wrong? Or CIA cover-up?  8)

Interesting to note, that China’s Ministry of Foreign Affairs didn't deny it, if it didn't get lost in translation.
So Long, and Thanks for All the Fish
Electronics, hiking, retro-computing, electronic music etc.: https://www.youtube.com/c/FrankBussProgrammer
 

Offline David Hess

  • Super Contributor
  • ***
  • Posts: 10930
  • Country: us
  • DavidH
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #80 on: October 05, 2018, 04:12:12 am »
None of the companies involved are going to want to publicly admit this happened.

What I read is that Supermicro contracts out board production and due to production limitations, production may be further contracted out which is where the compromised boards were produced.

This attack has been discussed in trade articles along with compromised firmware and compromised masks.  It is less expensive and easier to accomplish than a compromised mask but easier to detect.  Someone was bound to try it and I am surprised it took this long.
 

Offline MK14

  • Super Contributor
  • ***
  • Posts: 2355
  • Country: gb
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #81 on: October 05, 2018, 04:15:14 am »
This story, seems to be rapidly getting more and more complicated.

https://www.theregister.co.uk/2018/10/04/supermicro_bloomberg/?page=1

If the story turns out to be substantially true. I would be annoyed that we didn't hear about it in 2015. So potentially three years worth of data could have been compromised.

I still agree that the story is probably not really true and/or an exaggeration. As others, have pointed out in this thread.
 

Offline TimNJ

  • Frequent Contributor
  • **
  • Posts: 839
  • Country: us
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #82 on: October 05, 2018, 04:15:49 am »
Has anyone with Supermicro hardware been able to locate this chip?  What happens if you just desolder it?

That will be the key to confirming or debunking this story. Someone is going to have to come forward with one of these chips found on their hardware and have it subjected to public analysis to convince me this it is real.  If anyone out there finds one, send it to Dave or Mike or Shahriar for analysis.

There are hi-res pictures on Twitter of the exact board with no suspicious/malicious chip installed. It's possible that only server boards headed to Apple, AWS, et al. got the special treatment. I'm sure an order from Apple warrants a standalone production run.

Boards purchased by every day people/smaller players might not have it, so there might not be proof unless one of the (supposedly) 30 companies steps forward.

« Last Edit: October 05, 2018, 04:20:09 am by TimNJ »
 

Offline donotdespisethesnake

  • Super Contributor
  • ***
  • Posts: 1088
  • Country: gb
  • Embedded stuff
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #83 on: October 05, 2018, 06:48:11 am »
I think the story is bullshit. Possibly someone has decided to stitch up Bloomberg with a "fake news" story.
Bob
"All you said is just a bunch of opinions."
 

Online bd139

  • Super Contributor
  • ***
  • Posts: 14577
  • Country: gb
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #84 on: October 05, 2018, 06:54:33 am »
Well I woke up this morning to three emails from a company having a total panic about this. Their IT guys only read the news on the way home from work, ate dinner, thought about it, then had a paddy at about midnight.

They don’t even have any Supermicro boxes.

I think the source and mission here has been very effective. Awaiting US political comment.

Also Bloomberg has puked out an opinion piece as well to stir discussion with a suitably facepalm title: https://www.bloomberg.com/view/articles/2018-10-04/computer-spies-hacked-reality

Today is going to be interesting for me. Not.
« Last Edit: October 05, 2018, 06:56:13 am by bd139 »
 

Online Zucca

  • Supporter
  • ****
  • Posts: 2580
  • Country: it
  • EE meid in Itali
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #85 on: October 05, 2018, 07:10:03 am »
My italian grandma knew nothing about PC or cyber EE security.
She used to say: "Il diavolo fa le pentole ma non i coperchi".

http://smilingeggplant.blogspot.com/2010/05/italian-proverbs-il-diavolo-fa-le.html

So if you doing something dishonest stop it, it's better for you and for the others.

Can't know what you don't love. St. Augustine
Can't love what you don't know. Zucca
 

Offline borjam

  • Supporter
  • ****
  • Posts: 786
  • Country: es
  • EA2EKH
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #86 on: October 05, 2018, 10:28:51 am »
I think the source and mission here has been very effective. Awaiting US political comment.
I'm tending to agree with you. Doing the mental experiment of trying to pull that trick myself it gets more incredible by the minute. If that was possible it would be mostly limited to the IMPI/remote administration stuff. And with a properly filtered/isolated network it's unlikely that the machines could call home.

Unless, of course, plenty of infrastructure was already compromised years ago allowing for some invisible covert channel communications to take place.

In which case, anyway, it would be limited to extremely low bandwidth stuff suitable at most for critical infrastructure mapping (where did these servers manufactured in plant A or B go?) or even a kill switch. I am sure all of us have fantasized about a Pearl Harbor attack using embedded kill switches. I still doubt they would really achieve a "total" impact, so the risk of retaliation would be too high. And anyway how would the Chinese sustain their industry without us buying the stuff?

Quote
Also Bloomberg has puked out an opinion piece as well to stir discussion with a suitably facepalm title: https://www.bloomberg.com/view/articles/2018-10-04/computer-spies-hacked-reality

I really dispute some of the claims in this opinion piece. There are plenty of people with OS internals knowledge. It's blatantly obvious that both Apple and Amazon employ capable staff because, well, Apple is an OS vendor and Amazon has done a lof of development for their cloud services. Moreover, if you tinker with OS internals *and* drivers you need some level of hardware knowledge. There's the minor detail that Apple designs and manufactures hardware and I guess Amazon has custom designs as well.

And with the complexity of current hardware, just stare at a component and you will make it crash. Adding stuff?   :palm:

Of course I wouldn't rule out a really stupid real world feasibility test by actually compromising a bunch of servers. But still...

And yes, I know of that old Minix OS running inside some CPUs. But, does that thing really have access to the Ethernet interface while an OS driver is operating? Only during system boot before the OS is loaded?
 

Online srce

  • Regular Contributor
  • *
  • Posts: 132
  • Country: gb
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #87 on: October 05, 2018, 11:17:25 am »
That article reeks of bullshit and FUD to me.
Unfortunately written by someone who doesn't understand the tech, losing any details that might be informative.
Something inline with SPI flash is about the only thing I can guess based on the sparse info there, maybe even just disabling any write protection.

Though one detail was mentioned: "The illicit chips could do all this because they were connected to the baseboard management controller".  I find it plausible that they attacked WPCM450 and did it by putting their spy chip on SMBus.
It certainly seems feasible (even if it didn't actually happen). The IPMI architecutre provides access to both the NIC + system memory. I don't see why you couldn't have something on either the I2C or SPI busses monitoring / modifying data.

 

Offline funkyant

  • Supporter
  • ****
  • Posts: 125
  • Country: au
    • YouTube Channel
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #88 on: October 05, 2018, 11:25:28 am »
Let's apply Ockham here. Which is more likely:

1) China try a high cost, high probability of detection, low probability of success, exploit of limited applicability.

2) In a political climate of 'post truth' someone who wants to provoke a trade war with China 'leaks' propaganda. Everybody else (FBI, DNI, Apple, Amazon etc.) who ought to know about it denies that there is any veracity to it, including people who have the clout to tell the truth and damn anyone who tries to shut them up.

In the absence of verifiable evidence of this exploit, I think Ockham tends towards (2).

The interesting thing about Occam's Razor is that it's only ever introduced into an argument when there is no evidence.

I tend to agree with others here. This is probably fake news. But we can only guess until we know more facts.
 

Online BravoV

  • Super Contributor
  • ***
  • Posts: 6767
  • Country: 00
  • +++ ATH1
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #89 on: October 05, 2018, 12:08:59 pm »
But we can only guess until we know more facts.

No guessing needed, hard fact and fact only, its not that hard, especially in this community.

Watch how big names were mentioned deliberately, instead down to earth exposure of the hardware porn, or fragments of codes that are the culprits.

Offline MK14

  • Super Contributor
  • ***
  • Posts: 2355
  • Country: gb
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #90 on: October 05, 2018, 12:26:35 pm »
I'm not sure that this "story", adds up, in my mind.

Because the journalist(s), who released the "story", seem to be claiming, the main evidence comes from Amazon, Apple and SuperMicro.
Yet, Amazon, Apple and SuperMicro all strongly claim the story is nonsense.

The journalist(s), explanation of why, Amazon, Apple and SuperMicro all deny the story, is because (they are hinting), the US Trump Administration has gagged them.

But, if the US Trump Administration has gagged them, why have the journalist(s), been allowed to release the story.

tl;dr
This story sounds very fishy and doesn't seem to add up.

I get, very suspicious of the US Trump Administration. Especially as regards, honesty and integrity.

Recently, Trump has been VERY aggressive against China, at the UN and with Trumps massive trade war with China.
This makes me very suspicious the story is false (or exaggerated or something).

Where is the real evidence (i.e. hardware) ?
Let's see these spy chips and let independent organisation(s), investigate them and publish the results.
 

Online BravoV

  • Super Contributor
  • ***
  • Posts: 6767
  • Country: 00
  • +++ ATH1
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #91 on: October 05, 2018, 01:08:24 pm »
This story sounds very fishy and doesn't seem to add up.

I get, very suspicious of the US Trump Administration. Especially as regards, honesty and integrity.

Recently, Trump has been VERY aggressive against China, at the UN and with Trumps massive trade war with China.
This makes me very suspicious the story is false (or exaggerated or something).

Where is the real evidence (i.e. hardware) ?
Let's see these spy chips and let independent organisation(s), investigate them and publish the results.

One word ... S-400.



Fact and fact only ..

- Turkey, look what happened recently, when they were bullied using currency weapon.

- India, its just matter of time, news similar like this one pops out like popcorn say on topics like Indian IT business used by Westerner, Indian people that work as top officials at large technology companies and etc, if India keeps the "naughtiness" like keep pursuing this kind of activities -> HERE or HERE ...  :-DD

- China , its obvious, and with the recent addition for S-400 delivered by Russia, its just like pouring fuel in the fire ..  >:D

.. so on.
« Last Edit: October 05, 2018, 01:12:14 pm by BravoV »
 
The following users thanked this post: MK14

Offline MK14

  • Super Contributor
  • ***
  • Posts: 2355
  • Country: gb
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #92 on: October 05, 2018, 01:28:23 pm »
- China , its obvious, and with the recent addition for S-400 delivered by Russia, its just like pouring fuel in the fire ..  >:D

.. so on.

If what you seem to be hinting/thinking/suggesting, is right. Then we are moving to a partly (as it has probably be done, lots of times before), new era, where the US (Trump Administration), creates bogus fake-news. Just to hurt countries/companies/individuals which it dislikes and/or wants to penalize.

If that is the case, it is sad times ahead.

The old saying, goes something like "The first casualty of war is the TRUTH".
Hopefully, we are just talking about "COLD" wars.
« Last Edit: October 05, 2018, 01:31:27 pm by MK14 »
 

Offline Mr. Scram

  • Super Contributor
  • ***
  • Posts: 9063
  • Country: 00
  • Display aficionado
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #93 on: October 05, 2018, 01:28:34 pm »
The plot thickens. Apparently an ftp server of Supermicro got hacked a while back and served infected firmware. This was the reason Apple stopped working with Supermicro, according to Apple. Reports are that they initially denied any of this happening back then. Maybe their gag order ran out after a while?

https://www.macrumors.com/2017/02/23/apple-ends-relationship-with-super-micro/
 

Offline Mr. Scram

  • Super Contributor
  • ***
  • Posts: 9063
  • Country: 00
  • Display aficionado
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #94 on: October 05, 2018, 01:29:55 pm »
If what you seem to be hinting/thinking/suggesting, is right. Then we are moving to a partly (as it has probably be done, lots of times before), new era, where the US (Trump Administration), creates bogus fake-news. Just to hurt countries/companies/individuals which it dislikes and/or wants to hurt.

If that is the case, it is sad times ahead.

The old saying, goes something like "The first casualty of war is the TRUTH".
I think many countries in the recent and more distant past have done this. It's nothing new.
 
The following users thanked this post: mtdoc, MK14

Offline MK14

  • Super Contributor
  • ***
  • Posts: 2355
  • Country: gb
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #95 on: October 05, 2018, 01:36:41 pm »
I think many countries in the recent and more distant past have done this. It's nothing new.

Yes, that is true.
But in the case of many countries, such as the UK.
It is only in times of actual war (e.g. world war 2), or when they are at war with another country. That the hypothetical department of misinformation, comes rolling into action.

But I agree, that political systems, including the UK. Seem to sometimes come up with "stories", to apparently manipulate things. Such as Brexit and the EU.
The "stories", are usually basically true. But the timing and creation/release of the story at just the **right/**wrong time, seems to be more than just a coincidence!

**=right time for the political party, initiating the news, and wrong time for the people the news is about.
« Last Edit: October 05, 2018, 01:43:27 pm by MK14 »
 

Online BravoV

  • Super Contributor
  • ***
  • Posts: 6767
  • Country: 00
  • +++ ATH1
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #96 on: October 05, 2018, 01:43:18 pm »
- China , its obvious, and with the recent addition for S-400 delivered by Russia, its just like pouring fuel in the fire ..  >:D

.. so on.

If what you seem to be hinting/thinking/suggesting, is right. Then we are moving to a partly (as it has probably be done, lots of times before), new era, where the US (Trump Administration), creates bogus fake-news. Just to hurt countries/companies/individuals which it dislikes and/or wants to penalize.

If that is the case, it is sad times ahead.

The old saying, goes something like "The first casualty of war is the TRUTH".
Hopefully, we are just talking about "COLD" wars.

As I don't have crystal ball, gut feeling telling me this time, the "new era" is emerging, and will be shaped totally as different animal, from what we've seen/experienced in the past at the previous cold war.

All my kids are grown ups, just my 2 cents, for those with young kids, interesting time ahead, think & plan wisely what are you planning for them if you care & love them.
 
The following users thanked this post: MK14

Online bd139

  • Super Contributor
  • ***
  • Posts: 14577
  • Country: gb
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #97 on: October 05, 2018, 01:45:18 pm »
I think many countries in the recent and more distant past have done this. It's nothing new.

Yes, that is true.
But in the case of many countries, such as the UK.
It is only in times of actual war (e.g. world war 2), or when they are at war with another country. That the hypothetical department of misinformation, comes rolling into action.

But I agree, that political systems, including the UK. Seem to sometimes come up with "stories", to apparently manipulate things. Such as Brexit and the EU.
The "stories", are usually basically true. But the timing and creation/release of the story at just the **right/**wrong time, seems to be more than just a coincidence!

**=right time for the political party, initiating the news, and wrong time for the people the news is about.

Actually it's more complicated than this.

Tell a lie out loud in a sector where people are easily misled (tabloids), print an apology / rebuttal in small print somewhere else down the line.

People still remember the initial story.
 
The following users thanked this post: MK14

Online madires

  • Super Contributor
  • ***
  • Posts: 5110
  • Country: de
  • A qualified hobbyist ;)
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #98 on: October 05, 2018, 01:50:18 pm »
My take on this is that Amazon and the others deny the existence of a spy chip because it would harm their cloud business (under the assumption the spy chip is real). Who would use compromised servers? It would be a disaster, worse than Meltdown and Spectre.

Is there a spy chip? To be able to extract valuable data you would need access to the CPU and/or RAM. That requires a large chip with a lot of bus lines. Too obvious! Tapping the onboard Ethernet? 10GBase-whatever makes that hard too. What about the integrated remote management? It's low speed, but no sane person would connect the management ports to the Internet. The most likely approach is to modify the UEFI, i.e. adding the spy tool and starting it before the OS gets loaded (requires also some tweaking of SecureBoot).
 

Offline MK14

  • Super Contributor
  • ***
  • Posts: 2355
  • Country: gb
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #99 on: October 05, 2018, 01:52:14 pm »
Actually it's more complicated than this.

Tell a lie out loud in a sector where people are easily misled (tabloids), print an apology / rebuttal in small print somewhere else down the line.

People still remember the initial story.

Good point.

I think there is no way, this story can be retracted now. However much it is proven to be false (assuming it is false).

The seeds of doubt, in the integrity/security of computer systems, and security risks of getting stuff made in China and/or Chinese electronic components. Has already been put into peoples minds.

Because of the way technical stories like this propagate. I imagine the general public will soon think it applies to ALL PCs, and even tablets and mobile phones.
 

Online VK3DRB

  • Super Contributor
  • ***
  • Posts: 1710
  • Country: au
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #100 on: October 05, 2018, 01:53:14 pm »
Whether it is true or not about the fake capacitor, we all know Chinese communist government is the world's biggest crime syndicate.

For a start, the free world needs to confiscate all foreign properties, securities and loot smuggled abroad by the members and the families of the Central Committee of the Chinese Communist Party. The billions of dollars can be used to help pay some of the damage to western companies caused by China's rampant and shameless IP theft. 
 

Offline TimNJ

  • Frequent Contributor
  • **
  • Posts: 839
  • Country: us
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #101 on: October 05, 2018, 02:01:53 pm »
The plot thickens. Apparently an ftp server of Supermicro got hacked a while back and served infected firmware. This was the reason Apple stopped working with Supermicro, according to Apple. Reports are that they initially denied any of this happening back then. Maybe their gag order ran out after a while?

https://www.macrumors.com/2017/02/23/apple-ends-relationship-with-super-micro/

Really? Drop an entire vendor because one lab machine had infected firmware? And then deny that there was a security incident? And then come back and admit that they did find bad firmware?

I don't think we can really trust Apple at this point. If true, they'll deny this to the grave.

When you discover a security breach, why tell your shareholders when you can also not tell your shareholders?
 

Online bd139

  • Super Contributor
  • ***
  • Posts: 14577
  • Country: gb
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #102 on: October 05, 2018, 02:10:21 pm »
Whether it is true or not about the fake capacitor, we all know Chinese communist government is the world's biggest crime syndicate.

For a start, the free world needs to confiscate all foreign properties, securities and loot smuggled abroad by the members and the families of the Central Committee of the Chinese Communist Party. The billions of dollars can be used to help pay some of the damage to western companies caused by China's rampant and shameless IP theft. 

Let's not blanket blame China here yet or start pointing fingers. Chinese universities are pretty much shitting on the West at the moment on new developments so I'm not sure that's even realistic.

There's a whole list of reasons here to not point fingers yet: https://en.wikipedia.org/wiki/Global_surveillance_disclosures_(2013%E2%80%93present)



The plot thickens. Apparently an ftp server of Supermicro got hacked a while back and served infected firmware. This was the reason Apple stopped working with Supermicro, according to Apple. Reports are that they initially denied any of this happening back then. Maybe their gag order ran out after a while?

https://www.macrumors.com/2017/02/23/apple-ends-relationship-with-super-micro/

Really? Drop an entire vendor because one lab machine had infected firmware? And then deny that there was a security incident? And then come back and admit that they did find bad firmware?

I don't think we can really trust Apple at this point. If true, they'll deny this to the grave.

When you discover a security breach, why tell your shareholders when you can also not tell your shareholders?

Apple have done that numerous times. They got a better deal elsewhere and used that as leverage to get out of the current one.

 

Offline TimNJ

  • Frequent Contributor
  • **
  • Posts: 839
  • Country: us
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #103 on: October 05, 2018, 02:15:33 pm »
The plot thickens. Apparently an ftp server of Supermicro got hacked a while back and served infected firmware. This was the reason Apple stopped working with Supermicro, according to Apple. Reports are that they initially denied any of this happening back then. Maybe their gag order ran out after a while?

https://www.macrumors.com/2017/02/23/apple-ends-relationship-with-super-micro/

Really? Drop an entire vendor because one lab machine had infected firmware? And then deny that there was a security incident? And then come back and admit that they did find bad firmware?

I don't think we can really trust Apple at this point. If true, they'll deny this to the grave.

When you discover a security breach, why tell your shareholders when you can also not tell your shareholders?

Apple have done that numerous times. They got a better deal elsewhere and used that as leverage to get out of the current one.



They have used a security "concern" to get out of a contract with a vendor (even if it wasn't that big of a deal)? Maybe.

Still don't give me warm and fuzzies that they lied about it.
 

Online BravoV

  • Super Contributor
  • ***
  • Posts: 6767
  • Country: 00
  • +++ ATH1
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #104 on: October 05, 2018, 02:18:35 pm »
I guess someone at UK National Cyber Security Centre pissed off with Trump ...  :-DD

https://www.cnbc.com/2018/10/05/uk-cyber-security-agency-backs-apple-amazon-china-hack-denials.html
 
The following users thanked this post: MK14, bd139

Offline Bud

  • Super Contributor
  • ***
  • Posts: 4038
  • Country: ca
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #105 on: October 05, 2018, 02:22:27 pm »
In the Thermal Imaging sub forum a complete compromise of the E4 camera security was achieved by modifying just 1 bit of a cpu instruction code. So things may be possible to achieve with a clever approach instead of a dumb one and you may not need access to the full cpu or ram bus, just to a part of it.
Facebook-free life and Rigol-free shack.
 

Offline Bud

  • Super Contributor
  • ***
  • Posts: 4038
  • Country: ca
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #106 on: October 05, 2018, 02:31:26 pm »
I guess someone at UK National Cyber Security Centre pissed off with Trump ...  :-DD

https://www.cnbc.com/2018/10/05/uk-cyber-security-agency-backs-apple-amazon-china-hack-denials.html

So how come they have become so sure about having no doubt that fast ?
Facebook-free life and Rigol-free shack.
 

Online bd139

  • Super Contributor
  • ***
  • Posts: 14577
  • Country: gb
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #107 on: October 05, 2018, 02:41:50 pm »
I guess someone at UK National Cyber Security Centre pissed off with Trump ...  :-DD

https://www.cnbc.com/2018/10/05/uk-cyber-security-agency-backs-apple-amazon-china-hack-denials.html

So how come they have become so sure about having no doubt that fast ?

Five eyes.

NCSC is part of GCHQ.
 

Online BravoV

  • Super Contributor
  • ***
  • Posts: 6767
  • Country: 00
  • +++ ATH1
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #108 on: October 05, 2018, 02:48:37 pm »
I guess someone at UK National Cyber Security Centre pissed off with Trump ...  :-DD

https://www.cnbc.com/2018/10/05/uk-cyber-security-agency-backs-apple-amazon-china-hack-denials.html

So how come they have become so sure about having no doubt that fast ?

I dunno  :-// .. maybe ... just maybe they're not as competence as Bloomberg's reporter ? Maybe ...  >:D

But this new message is clear, UK already took side.

Now, what interesting ahead is, if .. again, a big IF .. later, they come out again to reverse that statement, than that means someone at GCHQ got f**ked real hard, probably caused by a phone call made from Washington to Downing street 10.  :-DD

Offline Stray Electron

  • Frequent Contributor
  • **
  • Posts: 963
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #109 on: October 05, 2018, 03:04:24 pm »
I guess someone at UK National Cyber Security Centre pissed off with Trump ...  :-DD

https://www.cnbc.com/2018/10/05/uk-cyber-security-agency-backs-apple-amazon-china-hack-denials.html

30 "Unnamed sources".  Yeah, I'm sure that we can trust that report.  <sarcasm off>
 
The following users thanked this post: tooki

Online BravoV

  • Super Contributor
  • ***
  • Posts: 6767
  • Country: 00
  • +++ ATH1
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #110 on: October 05, 2018, 03:12:07 pm »
I guess someone at UK National Cyber Security Centre pissed off with Trump ...  :-DD

https://www.cnbc.com/2018/10/05/uk-cyber-security-agency-backs-apple-amazon-china-hack-denials.html

30 "Unnamed sources".  Yeah, I'm sure that we can trust that report.  <sarcasm off>

C'mon, its not that hard.

The source -> https://www.reuters.com/article/us-china-cyber-britain/uk-cyber-security-agency-backs-apple-amazon-china-hack-denials-idUSKCN1MF1DN

Reporting by Guy Faulconbridge and Mark Hosenball; editing by Sarah Young

Put the CNBC as its more familiar for Northern America audiences, instead of Reuters.  :P
« Last Edit: October 05, 2018, 03:13:53 pm by BravoV »
 

Offline Bud

  • Super Contributor
  • ***
  • Posts: 4038
  • Country: ca
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #111 on: October 05, 2018, 03:32:40 pm »
In the Thermal Imaging sub forum a complete compromise of the E4 camera security was achieved by modifying just 1 bit of a cpu instruction code.
ARM's conditional execution bit?

No
Facebook-free life and Rigol-free shack.
 

Offline Bud

  • Super Contributor
  • ***
  • Posts: 4038
  • Country: ca
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #112 on: October 05, 2018, 03:39:30 pm »
Let Apple and Amazon to testify before Congress. This seems to be America's favorite show this season,
Facebook-free life and Rigol-free shack.
 

Online BravoV

  • Super Contributor
  • ***
  • Posts: 6767
  • Country: 00
  • +++ ATH1
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #113 on: October 05, 2018, 03:56:07 pm »
Let Apple and Amazon to testify before Congress. This seems to be America's favorite show this season,

Its a norm, even in the land of pure capitalism heaven, you just can not grow too big or too rich, even legit. Pure total submission and down with your knee is mandatory, hence what happened to big corporations, Microsoft experienced this too in the past, or will get bullied & grilled until they're fully surrendered.

Nope, money flow handsomely alone to gov and house of representative creatures is not enough.  >:D


Online blueskull

  • Supporter
  • ****
  • Posts: 13537
  • Country: cn
  • Power Electronics Guy
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #114 on: October 05, 2018, 04:07:05 pm »
The billions of dollars can be used to help pay some of the damage to western companies caused by China's rampant and shameless IP theft.

And also your loss of employment insurance, if that's what you mean.

China is getting more and more innovative, as can be seen from history.

In the 1990s, China blatantly cloned entire designs.

In the 2000s, China cloned part of the designs and costed-down the designs by modifications.

In the 2010s, most Chinese designs are patent infringing, but the engineering is more or less independent.

China will keep stealing patents for many more years, but engineering will be more or less independent.

China doesn't care about right or wrong, China only cares about power.

Being able to engineer is a power to technological independence. Being able to invent is not.

China needs technological independence, as that frees China from potential sanction from the west.

That is the ultimate free pass to dictatorship. The only thing that prevents Chinese government from physically suppressing its unrest people and its separatism states is the fear of being sanctioned by the west.

What China wants is not really that much. All we want is the west to leave us alone as long as we don't touch a NATO country.

And the west just will not. China will never be peaceful until the west stops policing near China.

China wouldn't have to clone western technology, China wouldn't have to manipulate currency, and China wouldn't have to be a political enemy of the west, as long as the west gets their fuck out of Chinese politics.
 
The following users thanked this post: bd139

Offline donotdespisethesnake

  • Super Contributor
  • ***
  • Posts: 1088
  • Country: gb
  • Embedded stuff
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #115 on: October 05, 2018, 04:55:32 pm »
Whether it is true or not about the fake capacitor, we all know Chinese communist government is the world's biggest crime syndicate.

For a start, the free world needs to confiscate all foreign properties, securities and loot smuggled abroad by the members and the families of the Central Committee of the Chinese Communist Party. The billions of dollars can be used to help pay some of the damage to western companies caused by China's rampant and shameless IP theft.

 :-DD

"I don't care about the truth, I have swallowed the anti-Chinese propaganda hook, line and sinker!"
Bob
"All you said is just a bunch of opinions."
 
The following users thanked this post: mtdoc, blueskull, newbrain, bd139

Online blueskull

  • Supporter
  • ****
  • Posts: 13537
  • Country: cn
  • Power Electronics Guy
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #116 on: October 05, 2018, 06:05:42 pm »
They're stealing IPs ?  >:D

Like everyone else, you know. Who the F (smaller players only) has ever paid for SD license for using a damn card in a design? Who the F has ever paid for what is literally abandoned WiFi patents? And who the F hasn't used FFMpeg or one of its frontends in their life as a tech person?
 
The following users thanked this post: xaxaxa

Offline mnementh

  • Super Contributor
  • ***
  • Posts: 7118
  • Country: ca
  • *Escaping The Suck*
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #117 on: October 05, 2018, 07:08:20 pm »
The more interesting part of this diversion, to me at least....

With it going on, where are all the smart, tech-savvy people NOT paying attention?

All the preparations for a midterm election just weeks away that will literally define this nation's fundamental agenda for generations to come.

Not only does it create a diversion, but also it casts yet another potential external scapegoat into the center arena for inevitable compromised electoral outcomes, of course distracting us from the incumbent congressional corruption anybody with a whit of sense knows has been at fault all along.

mnem
Cassandra can suck it.
 
The following users thanked this post: MK14

Offline ajb

  • Super Contributor
  • ***
  • Posts: 1770
  • Country: us
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #118 on: October 05, 2018, 07:18:44 pm »
There are hi-res pictures on Twitter of the exact board with no suspicious/malicious chip installed. It's possible that only server boards headed to Apple, AWS, et al. got the special treatment. I'm sure an order from Apple warrants a standalone production run.
Well, if you take the Bloomberg article at face value, virtually every chip components is potentially malicious.  Without any information on the nature of the exploit, you can't even really narrow it down that far, other than making educated guesses.  Even if you decap and analyze every single IC, and carefully inspect every chip component, and completely tear apart the PCB to look for embedded components, at best you could prove that the particular specimen was not compromised, but who knows how many different units from how many different production runs and design variants are out there.  So if the article *is* FUD or propaganda, being so difficult to definitively disprove is certainly an advantage. 

Ars Technica's article on the topic points out that Apple and Amazon's rebuttals are interesting in how strong and unambiguous they are.  The government could legally compel them not to reveal information about what Bloomberg's reported, but generally could not legally compel them to lie about it.  So if they were under some order not to report such information, you'd expect evasion rather than outright and strenuous denial.  Which isn't to say that they aren't outright lying, but it doesn't appear very likely.

What China wants is not really that much. All we want is the west to leave us alone as long as we don't touch a NATO country.

And the west just will not. China will never be peaceful until the west stops policing near China.

I don't know about other western countries, but the US has treaty obligations in the region.  Korea and Japan in particular have in interest in checking China's military and economic influence, and strong military/economic ties with the US.  Balance of power is practically a natural law of geopolitics.  Regardless of your opinion on North Korea, maritime territorial disputes, or any of the other hot buttons in the area, it's hardly as simple as saying the west just needs to get out of China's way.  I'm also not sure that other countries in the region would be so happy about seeing a less restrained China. . .
« Last Edit: October 05, 2018, 07:23:32 pm by ajb »
 
The following users thanked this post: PointyOintment, MK14

Online blueskull

  • Supporter
  • ****
  • Posts: 13537
  • Country: cn
  • Power Electronics Guy
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #119 on: October 05, 2018, 09:26:21 pm »
I don't know about other western countries, but the US has treaty obligations in the region.

I'm not talking about Japan and Korea. I was talking about domestic social unrest.

In China, the government, not the people, owns he land. It's not like EU where if you want to "brexit", you can exit.

If the west stay out of human right issues of China and stop sanctioning China for suppressing separatists, China will not need to be excluded from ITAR list, and then China will not have to clone all western technologies if we have a steady, political-free supply of them.
 

Offline apis

  • Super Contributor
  • ***
  • Posts: 1668
  • Country: se
  • Hobbyist
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #120 on: October 06, 2018, 12:06:19 am »
It's been on the major news stations in Scandinavia now, and they spin it as if it's true, although they mention
that apple and amazon denies it.

In China, the government, not the people, owns he land.
Actually, that is the same everywhere; only governments "owns" territory. Control is a perhaps a better word than own. Usually through military means, but sometimes also because of tradition. Each country have different rules of how they then divide the rights to use that land among their citizens though. If you "own" some property in e.g. Sweden or the USA, you are really just sort of leasing it; you have a contract with the government giving you a monopoly on using some part of the territory in certain ways, e.g. for farming or for mining or building a house, but there are limits to what you can do with it.
 

Offline Red Squirrel

  • Super Contributor
  • ***
  • Posts: 2452
  • Country: ca
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #121 on: October 06, 2018, 12:58:40 am »
Yeah sadly even in north america the government really owns/controls the land.  You can buy land you own it in the legal sense, but if the government or a corporation wants it, they get it.  They can also tell you what you're not allowed to do on it etc.  It's actually BS.   Though there are unorganized townships where you tend to have more freedom with the land you buy.  It's my dream to eventually live in one.   Would be great to be able to build anything without needing permits etc.
 

Online VK3DRB

  • Super Contributor
  • ***
  • Posts: 1710
  • Country: au
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #122 on: October 06, 2018, 01:23:33 am »
The billions of dollars can be used to help pay some of the damage to western companies caused by China's rampant and shameless IP theft.
In the 1990s, China blatantly cloned entire designs....
China doesn't care about right or wrong, China only cares about power....

That is the ultimate free pass to dictatorship. The only thing that prevents Chinese government from physically suppressing its unrest people and its separatism states is the fear of being sanctioned by the west.


Disgree.... not the 1990's... now. There are exact copies of creative patented or copyrighted work by Australian companies and individuals which thieving pirates sell stuff blatantly around the world. IP theft is rampant. Not "copy watch" of the 1990's, but entire designs of high value items where you cannot tell the difference.

This might surprise you... http://www.techguide.com.au/news/the-worlds-greatest-technologies-that-were-invented-in-australia/
Not bad for a free country of between 8 and 25 million people in a remote part of the world, compared to China with 1.4 billion people.

I agree the Chinese communist government cares only about power. Because ultimately it is a tool for the princelings and their privileged families to save face and accumulate massive amounts of money. That is why they are terrified of democracy.

http://www.abc.net.au/radio/programs/worldtoday/is-china-stealing-intellectual-property/10302836
 

Online blueskull

  • Supporter
  • ****
  • Posts: 13537
  • Country: cn
  • Power Electronics Guy
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #123 on: October 06, 2018, 01:42:45 am »
Disgree.... not the 1990's... now. There are exact copies of creative patented or copyrighted work by Australian companies and individuals which thieving pirates sell stuff blatantly around the world. IP theft is rampant. Not "copy watch" of the 1990's, but entire designs of high value items where you cannot tell the difference.

Weird. I don't see any of them. Examples please.

Let's make it clear. Since we are talking illegal blatant direct clones that hit the market, those don't count:
1. Cloning of ideas and patents don't count. Only cloning of actual reduction to practice counts.
2. Mimicking a genuine hardware device to illegally use the original software doesn't count.
3. Cloning under a license or a circumvented or successfully attacked IP (copyright under DMCA exemptions, patents with nullified claims, etc.) doesn't count.
4. Cloning at a small scale (mom and dad shop, personal projects or industrial products that're only intended to be used in-house, not to be sold) or for special purposes (government actions for defensive, governmental or policing applications) doesn't count.
5. Genuine development using pirate software/firmware o cloned tools doesn't count.

This might surprise you... http://www.techguide.com.au/news/the-worlds-greatest-technologies-that-were-invented-in-australia/

Not surprised. I knew WiFi is invented by AU government researchers.
 

Online blueskull

  • Supporter
  • ****
  • Posts: 13537
  • Country: cn
  • Power Electronics Guy
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #124 on: October 06, 2018, 01:49:01 am »
I agree the Chinese communist government cares only about power.

I bet you've never lived in China. Chinese government is corrupted as hell, but many Chinese people are way more corrupted.
Everyone in China, if has some sort of power, is corrupted. At least the government is being supervised and has to obey the law, at least to certain extent.

Farmers sell poisonous food to urban citizens, doctors prescribe unnecessary lab tests for making some cut, teachers give special attentions to students with rich dads, and the list goes on.
I bet if there is any power, even if just a little bit, that can change other people's living quality by just a tiny margin, the power will be monetized

Now in such a context, Chinese government is fairly clean, compared with the F*ed up society.
 

Online VK3DRB

  • Super Contributor
  • ***
  • Posts: 1710
  • Country: au
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #125 on: October 06, 2018, 04:03:21 am »
I agree the Chinese communist government cares only about power.

I bet you've never lived in China. Chinese government is corrupted as hell, but many Chinese people are way more corrupted.
Everyone in China, if has some sort of power, is corrupted. At least the government is being supervised and has to obey the law, at least to certain extent.

Farmers sell poisonous food to urban citizens, doctors prescribe unnecessary lab tests for making some cut, teachers give special attentions to students with rich dads, and the list goes on.
I bet if there is any power, even if just a little bit, that can change other people's living quality by just a tiny margin, the power will be monetized

Now in such a context, Chinese government is fairly clean, compared with the F*ed up society.

I spent a few months in Tianjin in 1980's and 90's. In fact, I set up the first computer manufacturing line in all of China. No I have not lived there long term, but I know what goes on and witnessed some odd things shall we say. The most decent people I met were engineers over there... they were not the type to be corrupt, and they were great to work with.

You want corrupt? The HSBC bank is the bank of choice for Mexican drug cartels for money laundering and currency smuggling. I know someone who told me he smuggled a very large sum of money into Australia from China under full support, knowledge and guidance from HSBC. The problem is HSBC is "too big to fail", and no-one has the guts or integrity to bring them to account; not even the US or the Chinese government. The US govt only gave HSBC a small slap on the wrist for them knowingly profiteering from Mexican drug cartel drug trafficking. And yet if a poor man from the hood sells some crack on the streets, he gets 20 years prison - if the cops don't shoot him first.

I think one of the big problems in China is money is a god over there, called Mammon. A very shallow belief system indeed.

Entrepreneurial, or just plain greedy?... http://www.abc.net.au/news/2018-04-26/daigou-chinese-personal-shopping-$1-billion-industry/9671012
 

Online blueskull

  • Supporter
  • ****
  • Posts: 13537
  • Country: cn
  • Power Electronics Guy
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #126 on: October 06, 2018, 04:23:03 am »
Entrepreneurial, or just plain greedy?... http://www.abc.net.au/news/2018-04-26/daigou-chinese-personal-shopping-$1-billion-industry/9671012

If you think that's worst, then you are wrong. If it's within the boarder of China, those Daigou people will buy all stocks, even without orders, to bump up the price and sell them back to the people needing them the most.

Remember those people buying new iPhones and dump them on eBay for 2x the price? That happens in China, on foods, concert tickets, even hospital appointment tickets.

Remember the slogan of the capitalization of China? "Regardless white cat or black cat, the can that catches mice is the good cat".
 

Offline ajb

  • Super Contributor
  • ***
  • Posts: 1770
  • Country: us
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #127 on: October 06, 2018, 04:45:22 am »
If the west stay out of human right issues of China and stop sanctioning China for suppressing separatists, China will not need to be excluded from ITAR list, and then China will not have to clone all western technologies if we have a steady, political-free supply of them.


Drifting pretty far off topic here, but that's not what ITAR is about.  ITAR is about technology and materials with military value, nothing to do with human rights.  In fact, AFAICT there are no active US sanctions against China or Chinese entities for human rights reasons, although such actions have been discussed as a result of China's treatment of Uyghers (and if what's been reported about that doesn't count as "physically suppressing", I'm not sure what does, short of actual ethnic cleansing).  Aside from ITAR, there are blanket export restrictions on China for nuclear, chemical, and biological weapons controls, national security, and regional stability reasons (but similar controls are also in place for most countries, including many allies of the US, although not as severe) and I did find references to active sanctions on Chinese entities and individuals relating to Iran, North Korea, and trafficking in arms and narcotics.  For better or for worse, it's hard to gather support for human rights-based sanctions.  Maybe something will happen soon, but most people in the US are much more concerned with problems closer to home at the moment.
 

Online blueskull

  • Supporter
  • ****
  • Posts: 13537
  • Country: cn
  • Power Electronics Guy
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #128 on: October 06, 2018, 04:59:05 am »
In fact, AFAICT there are no active US sanctions against China or Chinese entities for human rights reasons

Depending on how do you define human right issues. My definition is everything that suppresses people from expressing their willing, is, including wanting to form their own government.

Under that umbrella, conflicts in Xinjiang, Tibet, Hong Kong and Taiwan are all considered to be human right violation.
 

Offline funkyant

  • Supporter
  • ****
  • Posts: 125
  • Country: au
    • YouTube Channel
 
The following users thanked this post: bd139

Online VK3DRB

  • Super Contributor
  • ***
  • Posts: 1710
  • Country: au
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #130 on: October 06, 2018, 08:54:54 am »
When I say computer, I meant 8086 based PC.

In the 1980's, Hong Kong was THE place for pirated computers and software, especially at the Golden Centre in the aptly named Sham Shui Po. Most of the boards came from sweatshops in Hong Kong and Taiwan, not the PRC. The "rotten Apples" were even assembled in Hong Kong. These were almost always "build-to-order", often while you wait, often using a chair or the floor as a workbench. ESD protection did not even register with these people. The Golden Centre in Hong Kong also was the world's biggest piracy centre for commercial software, according to The Bulletin Magazine in 1986. The place had been raided by the HK cops several times, but after a short stint in jail the the crooks were soon peddling their wares again.
 
Dick Smith's System 80, a cheaper "clone" to the Tandy TRS-80, was made in Hong Kong in 1979 by a company called EACA, which was involved in crime.

China was just getting out of the Maoist dark ages in 1979 after the dictator died in 1976. There is no way they could go from an impoverished third world peasant-based country to making anything remotely resembling quality electronics within 3 years.
 

Online bd139

  • Super Contributor
  • ***
  • Posts: 14577
  • Country: gb
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #131 on: October 06, 2018, 10:31:51 am »
My father used to import clone computer stuff made in the late 1970s into the UK so manufacturing was definitely going on before that. China wasn’t quite as believed - parts of it had been sold out for manufacturing. Then he started importing PC clones and memory into Europe. Ironically he had a bigger production outfit than Dell at the time. I spent most of my years in the 1980s living in an import warehouse basically and being booth gremlin at CeBit.

This exposure is what made me want to be an EE and do silicon design. Ended up in software. Doh.

Stuff from HK/China wasn’t cloned at all and wasn’t crap. This was new stuff totally in house. The only thing they did was use the compatible ISA interface. A lot of the early clone market was developed in the US as well (think Tseng Labs etc) and they set up an OEM chain in HK/Taiwan and subcontracted out to new factories in China mainland.

It’s quite frankly scary how fast they ramped up production.

Someone there says jump and the answer is *boing*.

Someone here says jump and the answer is “persuade me to jump” then after two weeks they fuck off and find somewhere that doesn’t make them jump as high then shitpost on glassdoor.

Shit doesn’t get cloned. The APIs and interfaces do for compatibility but what’s inside is original. And we only have ourselves to blame. West can’t compete now because it’s lazy, bureaucratic and inefficient.
« Last Edit: October 06, 2018, 10:33:47 am by bd139 »
 
The following users thanked this post: GeorgeOfTheJungle

Offline Benta

  • Super Contributor
  • ***
  • Posts: 2264
  • Country: de
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #132 on: October 06, 2018, 12:40:25 pm »
Wow, so many conspiracy hypotheses here. The one thing that surprises me is, that from all the knowledgeable people here, not one has stumbled on the most plausible explanation.

It has been mentioned a couple of times that it is a very small, low pin count device.

That screams to me: PCB-RFID tag.

This is nothing unusual, a lot of companies place RFID tags on their PCBs and have done so for years as a replacement for bar codes.

It's for production tracking, inventory control, warranty tracking, product authenticity etc. Upside compared to bar codes is, you can read the tag without opening the box.

Here's an example: https://www.mouser.com/pdfdocs/magicstrap_application_guide.PDF

It's got nothing to do with backdoors or spying.

 
The following users thanked this post: tooki

Online bd139

  • Super Contributor
  • ***
  • Posts: 14577
  • Country: gb
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #133 on: October 06, 2018, 12:50:48 pm »
RFID tag needs an antenna and those aren’t particularly small or easy to hide in a multi layer board. Go have a look at some example of PCB rfid tag antennas.
 

Offline Benta

  • Super Contributor
  • ***
  • Posts: 2264
  • Country: de
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #134 on: October 06, 2018, 12:54:13 pm »
I know exactly what an RFID antenna looks like, and it's nothing more than a slot in a ground plane. You go look.

Edit: See here: https://www.nxp.com/docs/en/application-note/AN171530.pdf
Go to chapter 5 (page 28).

« Last Edit: October 06, 2018, 01:00:27 pm by Benta »
 

Online chris_leyson

  • Super Contributor
  • ***
  • Posts: 1399
  • Country: wales
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #135 on: October 06, 2018, 03:31:27 pm »
Murata "Magicstrap" is one example and they do tags with an integrated antenna 1.25 x 1.25 x 0.55mm package 10mm range. https://www.murata.com/en-eu/products/rfid/rfid/uhf. Nothing new here.
 

Online Cerebus

  • Super Contributor
  • ***
  • Posts: 4699
  • Country: gb
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #136 on: October 06, 2018, 03:40:50 pm »
Wow, so many conspiracy hypotheses here. The one thing that surprises me is, that from all the knowledgeable people here, not one has stumbled on the most plausible explanation.

It has been mentioned a couple of times that it is a very small, low pin count device.

That screams to me: PCB-RFID tag.

This is nothing unusual, a lot of companies place RFID tags on their PCBs and have done so for years as a replacement for bar codes.

It's for production tracking, inventory control, warranty tracking, product authenticity etc. Upside compared to bar codes is, you can read the tag without opening the box.

Here's an example: https://www.mouser.com/pdfdocs/magicstrap_application_guide.PDF

It's got nothing to do with backdoors or spying.

Bit of a red herring frankly. The context is not one where someone has pointed at a component on a board that they, but not an expert, are incapable of identifying. The allegation claims a years long investigation by, among others, the FBI, who are quite capable of popping into MIT or Stanford or Intel or On Semi and saying "tell us what this component is and what it does". I don't think Bloomberg are going to turn around and go "Aw shucks! Is that what it was? If only we'd asked some random bloke on the eevblog forum what it was instead of going off half cocked".
Anybody got a syringe I can use to squeeze the magic smoke back into this?
 

Offline Benta

  • Super Contributor
  • ***
  • Posts: 2264
  • Country: de
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #137 on: October 06, 2018, 03:49:05 pm »
Sorry, but "half cocked" is what the Bloomberg article is. Allegations, allegations and not one hard fact. The article shows pictures of a miniscule 6-pin device, which is completely in line with an RFID chip and a ground plane slot antenna. It could even have been embedded during PCB manufacturing before assembly. This is in line with manufacturing tracking.
A 6-pin device as "back door"? No way, José.




« Last Edit: October 06, 2018, 03:55:42 pm by Benta »
 
The following users thanked this post: tooki

Offline MT

  • Super Contributor
  • ***
  • Posts: 1290
  • Country: cn
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #138 on: October 06, 2018, 04:15:14 pm »
China go full fascistic according to ABC Australia
 

Online wraper

  • Supporter
  • ****
  • Posts: 11345
  • Country: lv
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #139 on: October 06, 2018, 04:16:59 pm »
A 6-pin device as "back door"? No way, José.
2 power pins and 2-3 data pins are more than enough to compromise the system.
 

Offline JimRemington

  • Regular Contributor
  • *
  • Posts: 173
  • Country: us
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #140 on: October 06, 2018, 04:20:37 pm »
https://arstechnica.com/tech-policy/2018/10/bloomberg-stands-by-chinese-chip-story-as-apple-amazon-ratchet-up-denials/

Quote
Luckily, we're likely to know the answer one way or the other in the coming days. If the Bloomberg story is true, there are thousands of compromised motherboards out there, and companies will be scouring their data centers for them. People have already identified the specific circuit board featured in the graphic at the top of the Bloomberg article, though it's not clear if this is a real photograph or a Bloomberg-made mockup. If the story is accurate, sooner or later someone will produce a compromised board and do a public teardown.

Sounds like a great job for Dave!
 

Online Cerebus

  • Super Contributor
  • ***
  • Posts: 4699
  • Country: gb
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #141 on: October 06, 2018, 04:22:44 pm »
Sorry, but "half cocked" is what the Bloomberg article is. Allegations, allegations and not one hard fact. The article shows pictures of a miniscule 6-pin device, which is completely in line with an RFID chip and a ground plane slot antenna. It could even have been embedded during PCB manufacturing before assembly. This is in line with manufacturing tracking.
A 6-pin device as "back door"? No way, José.

No dispute that it's half-cocked, I'm just disputing that you've found the magic that everybody else missed.

This is not about the ability to recognise a component from first instance, this is about politics, propaganda, misinformation tactics and possibly share price manipulation. The very length and depth of the Bloomberg article's claims make it clear that this is more than mere "tech ignorant journo makes a cock up". That scale suggests deliberation, a very real conspiracy to mislead (even if that misleading is only about the various sources ability and accuracy), or (improbably) the most perfect synchronicity of journalistic and official incompetence that has ever been produced by happenstance.
Anybody got a syringe I can use to squeeze the magic smoke back into this?
 

Offline radioactive

  • Regular Contributor
  • *
  • Posts: 176
  • Country: us
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #142 on: October 06, 2018, 04:23:41 pm »
I think the image of the part in that article looks like a common RF balun.  Would have to see proof otherwise to believe anything else.
 
The following users thanked this post: tooki

Online chris_leyson

  • Super Contributor
  • ***
  • Posts: 1399
  • Country: wales
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #143 on: October 06, 2018, 04:26:22 pm »
@Benta. Sorry, should have read your post, the Magicstrap RFID chips are pretty cool but nothing to do with the Bloomberg article. Smallest microprocessor I can buy is ATtiny in 2x2x0.6mm package and there is no reason why you can't embed that either. The die size probably limits the packaging but you've got a fair amount of metal to plate onto so an ATtiny would be one example of something relatively easy to embed into a PCB.
 

Online bd139

  • Super Contributor
  • ***
  • Posts: 14577
  • Country: gb
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #144 on: October 06, 2018, 04:33:19 pm »
Has anyone read the eSPI manual from Intel?

https://www.intel.com/content/dam/support/us/en/documents/software/chipset-software/327432-004_espi_base_specification_rev1.0_cb.pdf

Each device is bussed with clock, io, independent chip select. Also it’s not multi master and is fanned out over the board so to modify the protocol you’d need to intercept rather than tap. That means twice as many pins as a tap. Also it’s a channeled protocol. On top of that the slaves can initiate transactions so you’d have to be aware of the state of the system to stop bus collisions.

This seems a whole load of faff when there’s a whole bunch of firmware floating around on the boards you can futz with.

And as I have said before the entire thing would leave tangible evidence on the board which is quite frankly fucking stupid as you can probably through comparison trace the encapsulation and/or the silicon back to the originating country.
 

Offline apis

  • Super Contributor
  • ***
  • Posts: 1668
  • Country: se
  • Hobbyist
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #145 on: October 06, 2018, 05:34:22 pm »
Would have thought it would be easy enough to re-encapsulate chips with added components or make custom versions of chips already on the board. You could then just replace the original parts with your modified parts, would be much harder to discover. But hey, whatever works works.
 

Offline IanMacdonald

  • Frequent Contributor
  • **
  • Posts: 944
  • Country: gb
    • IWR Consultancy
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #146 on: October 06, 2018, 05:39:29 pm »
There is a product called Computrace LoJack which is in the BIOS, but injects DLLs into the system32 folder of any installed copy of Windows when run. Ostensibly this is so a stolen computer can be traced. It's done like this because the DLLs can do a lot more things than the limited BIOS code. Like, phone home. I wouldn't be surprised if the supermicro bug worked the same way. So yes, this is certainly feasible.

People have been hammered with propaganda to the effect that HTTPS protects them whilst on the Internet. In fact, the protection it provides is minimal. The problem is that this kind of hard-sell of one rather limited security product creates a false sense of security, which leads to other more prevalent threats being overlooked.

https://iwrconsultancy.co.uk/blog/https
 

Online bd139

  • Super Contributor
  • ***
  • Posts: 14577
  • Country: gb
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #147 on: October 06, 2018, 05:46:14 pm »
I disagree. HTTPS, more correctly HTTP over TLS, is just one part of the security model. At each end you have vendors providing software that have an interest in making sure they don’t look like shit. HTTPS protects you between those security boundaries.

That’s unrelated to this discussion entirely however.

The biggest threat is the competence of the programmers at each end and the user doing something stupid.
 

Offline floobydust

  • Super Contributor
  • ***
  • Posts: 3447
  • Country: ca
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #148 on: October 06, 2018, 06:42:11 pm »
We don't know the truth yet. It's kind of simmering, like when a big turd is going to hit the fan. Somebody is grossly wrong and the Internet is divided.

No comment from the FBI, CIA and NSA. Amazon and Apple deny it.

Bloomberg claims 17 people are confirming the H/W mods:
"The companies’ denials are countered by six current and former senior national security officials who... detailed the discovery of the chips... One of those officials and two people inside AWS provided extensive information on how the attack played out at Elemental and Amazon; the official and one of the insiders also described Amazon’s cooperation with the government investigation. In addition to the three Apple insiders, four of the six U.S. officials confirmed that Apple was a victim. In all, 17 people confirmed the manipulation of Supermicro’s hardware and other elements of the attacks. The sources were granted anonymity because of the sensitive, and in some cases classified, nature of the information."

I think the problem is these servers are heavily used, beyond the early clients Amazon and Apple.
So other big companies would be compromised, perhaps Facebook (again), Google, banks, DoD etc.

Second, why not add the back door to cellphones? I have to wonder if the iPhone didn't get "the treatment", hence Apple's denial.
 

Online BravoV

  • Super Contributor
  • ***
  • Posts: 6767
  • Country: 00
  • +++ ATH1
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #149 on: October 06, 2018, 06:50:51 pm »


versus


 :-DD

Online BravoV

  • Super Contributor
  • ***
  • Posts: 6767
  • Country: 00
  • +++ ATH1
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #150 on: October 06, 2018, 06:53:26 pm »
Bloomberg claims .....

What Bloomberg trying to say is actually pretty simple..

 "Trust us on what we claimed, ask no more, just trust us ... "
 
The following users thanked this post: tooki

Offline Mr. Scram

  • Super Contributor
  • ***
  • Posts: 9063
  • Country: 00
  • Display aficionado
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #151 on: October 07, 2018, 12:07:04 am »
What Bloomberg trying to say is actually pretty simple..

 "Trust us on what we claimed, ask no more, just trust us ... "
While true, it's historically been a rather reputable source. That's why many people take the stories quite seriously.
 

Offline T3sl4co1l

  • Super Contributor
  • ***
  • Posts: 15000
  • Country: us
  • Expert, Analog Electronics, PCB Layout, EMC
    • Seven Transistor Labs
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #152 on: October 07, 2018, 01:46:05 am »
The amount of denial in this thread is... concerning.

Why do so many people find this unbelievable?  Many have given reasons, but none of them hold water.

Just because you can't imagine it's possible, doesn't mean it's impossible.

Alternate motives?  Maybe.  Just because that is also possible, doesn't mean it's probable, let alone guaranteed.

The reluctance to confirm sources is also obvious.  It would perhaps be nice if they collaborated with a few other journalists to better check the sources against each other and confirm things.  But even between very well trusted papers, that's a very dangerous thing to do.  More likely, we will see independent confirmation, and yes, teardowns including analysis of the chip in question will be very interesting indeed to see.

So instead of jumping to conclusions, why don't you chill out, and think on it for a moment, and realize that multiple things are possible, not just knee-jerk reactions?...

Anyway, "our boys" have had these kinds of attacks for decades.  As have our allies and enemies, to varying degrees of capability, at various times.  It is completely normal and possible, even moreso with modern technology (like the Management Engine attack vector).  The only thing distinctive about this is probably the scale at which it has been done (potentially millions of compromised units).

Tim
Seven Transistor Labs, LLC
Electronic design, from concept to prototype.
Bringing a project to life?  Send me a message!
 
The following users thanked this post: wraper, JoeO, apis

Offline FrankBuss

  • Supporter
  • ****
  • Posts: 2314
  • Country: de
    • Frank Buss
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #153 on: October 07, 2018, 01:57:37 am »
So anyone who wants to buy a  Supermicro server boards and search the chip? Looks like they are getting cheaper at the moment at eBay :-DD
So Long, and Thanks for All the Fish
Electronics, hiking, retro-computing, electronic music etc.: https://www.youtube.com/c/FrankBussProgrammer
 

Online Cerebus

  • Super Contributor
  • ***
  • Posts: 4699
  • Country: gb
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #154 on: October 07, 2018, 02:17:04 am »
Tim, I don't think anybody is disputing the technical possibility just the quality and/or accuracy of the reporting.

What is in question is the lousy reporting which contains nothing more than handwaving on the level of technical evidence - if we'd seen one decapsulated chip with some decent microphotographs and an analysis from someone technically competent we might be somewhere else. In fact the nearest we have to evidence is "our sources tell us" with no way to corroborate this and most of the places where those sources work denying the story in pretty unambiguous terms, terms devoid of the phrasing normally associated with lawyer drafted statements that are technically true while being in fact a pack of lies.

Never before have I seen as significant a news report as this one that is as thin on evidence where a significant part of the evidence is of the kind that could be easily documented. They appear to have boards and chips, at least they have reproduced photographs that purport to be the parts and they've been running the investigation for a long time - so why no proper analysis. Add the strange political climate at the moment and the realpolitik that might go with a planted anti-china story and it would be remiss to be anything but sceptical on all fronts.
Anybody got a syringe I can use to squeeze the magic smoke back into this?
 
The following users thanked this post: mtdoc, ajb, Kean, tooki

Offline T3sl4co1l

  • Super Contributor
  • ***
  • Posts: 15000
  • Country: us
  • Expert, Analog Electronics, PCB Layout, EMC
    • Seven Transistor Labs
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #155 on: October 07, 2018, 03:14:39 am »
Equally easily explained -- they are a business publication.  If they have the technical details, it wouldn't do most of their readers any good.  Just insult them and make them feel dumb for not understanding things.  (If, say, Ars were breaking this story, I would expect them to share some technical info, and be suspicious if they didn't.)

This is very normal for, say, academic journalism.  The technical aspects have to be simplified for a less technical reader.  They often get it wrong, of course...  So, that leaves it to us (as technical readers) to read between the lines and guess what they're actually talking about.  Which is just as unreliable.  It would be so much nicer to just have the info straight, but alas...

And yes, that includes the possibility that there's nothing at all about it.  It could be that their sources didn't provide such details -- whether for the same reason (the journalists probably wouldn't know what to do with it), or because they don't have any at all.

Oh, one thing by the way, if this were unsupported -- if there were no actual facts here -- this would be defamation, and they'd be sued pretty damn quick for all the millions of dollars this is worth.  Bloomberg knows this as well as Supermicro and everyone else.  You can bet your ass they're denying publicly, and investigating internally, until they figure out some possible strategy that doesn't leave them completely destitute!

Tim
Seven Transistor Labs, LLC
Electronic design, from concept to prototype.
Bringing a project to life?  Send me a message!
 

Online Cerebus

  • Super Contributor
  • ***
  • Posts: 4699
  • Country: gb
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #156 on: October 07, 2018, 03:55:53 am »
Equally easily explained -- they are a business publication.  If they have the technical details, it wouldn't do most of their readers any good.  Just insult them and make them feel dumb for not understanding things.  (If, say, Ars were breaking this story, I would expect them to share some technical info, and be suspicious if they didn't.)

Back in the days of print journalism, this is exactly where the editor would have put:

    [sidebar from Dr. Expert goes here "What we found under the microscope"]

A sidebar lets you provide detail that the general reader will want to skip, but that allows you to "show your workings" so that people know you're not handwaving or hoodwinking them. This is especially necessary in this case given the gravity of the accusations. Moreover, business readers aren't insulted by being presented technical details in a sidebar - business people don't expect to understand all the technical details, they have people for that "John, read this article and tell me if the technical side makes sense to you". 

Here I'm speaking as an ex-section editor of a business computer magazine. I wouldn't have put a story one tenth as volatile as this on the page without putting enough in print to make my case lawyer proof. Providing all the facts, as far as you can, may make a difference between a case for slander of goods* and no case to answer. In fact in defamation cases sometimes the most damaging thing you can do is to make accusations without producing your proof at the same time. At the very least it leads to legal bills and court appearances where, if you'd made a good case in print already, the plaintiff's lawyers would have said "don't bother".

Quote
...
Oh, one thing by the way, if this were unsupported -- if there were no actual facts here -- this would be defamation, and they'd be sued pretty damn quick for all the millions of dollars this is worth. 

Yes, and on the case made publicly so far by Bloomberg I expect that some of the accused companies' shareholder's lawyers have been quite busy this weekend. Moreover, if this gets to court on any defamation actions Bloomberg can be ordered to reveal their sources if that is the nub of their claims. That will irreparably damage their trustworthiness to future possible sources and could have been avoided if they'd made out a better, more plausible case in print.

*Trust me, I've been threatened with this plenty of times. Never had to settle or go to court though.
« Last Edit: October 07, 2018, 03:57:25 am by Cerebus »
Anybody got a syringe I can use to squeeze the magic smoke back into this?
 
The following users thanked this post: Kean, T3sl4co1l, tooki

Offline David Hess

  • Super Contributor
  • ***
  • Posts: 10930
  • Country: us
  • DavidH
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #157 on: October 07, 2018, 04:52:46 am »
Disgree.... not the 1990's... now. There are exact copies of creative patented or copyrighted work by Australian companies and individuals which thieving pirates sell stuff blatantly around the world. IP theft is rampant. Not "copy watch" of the 1990's, but entire designs of high value items where you cannot tell the difference.

Weird. I don't see any of them. Examples please.

Let's make it clear. Since we are talking illegal blatant direct clones that hit the market, those don't count:
1. Cloning of ideas and patents don't count. Only cloning of actual reduction to practice counts.
2. Mimicking a genuine hardware device to illegally use the original software doesn't count.
3. Cloning under a license or a circumvented or successfully attacked IP (copyright under DMCA exemptions, patents with nullified claims, etc.) doesn't count.
4. Cloning at a small scale (mom and dad shop, personal projects or industrial products that're only intended to be used in-house, not to be sold) or for special purposes (government actions for defensive, governmental or policing applications) doesn't count.
5. Genuine development using pirate software/firmware o cloned tools doesn't count.

What about cloning an entire company?

The other common type of cloning is when the production factory runs an extra undocumented shift.
 

Online BravoV

  • Super Contributor
  • ***
  • Posts: 6767
  • Country: 00
  • +++ ATH1
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #158 on: October 07, 2018, 05:03:40 am »
So anyone who wants to buy a  Supermicro server boards and search the chip? Looks like they are getting cheaper at the moment at eBay :-DD

These special Supermicro products are surely sold exclusively to Amazon & Apple only, hence there is no proof, or very hard to get. Hence, you have to understand the reluctance to release the details by Bloomberg, riding their reputation, all you need is to trust Bloomberg and believe.

Hey, where is your patriotism anyway ?  >:D

<spin dr. mode:OFF>

 :-DD

Online blueskull

  • Supporter
  • ****
  • Posts: 13537
  • Country: cn
  • Power Electronics Guy
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #159 on: October 07, 2018, 05:23:39 am »
Disgree.... not the 1990's... now. There are exact copies of creative patented or copyrighted work by Australian companies and individuals which thieving pirates sell stuff blatantly around the world. IP theft is rampant. Not "copy watch" of the 1990's, but entire designs of high value items where you cannot tell the difference.

Weird. I don't see any of them. Examples please.

Let's make it clear. Since we are talking illegal blatant direct clones that hit the market, those don't count:
1. Cloning of ideas and patents don't count. Only cloning of actual reduction to practice counts.
2. Mimicking a genuine hardware device to illegally use the original software doesn't count.
3. Cloning under a license or a circumvented or successfully attacked IP (copyright under DMCA exemptions, patents with nullified claims, etc.) doesn't count.
4. Cloning at a small scale (mom and dad shop, personal projects or industrial products that're only intended to be used in-house, not to be sold) or for special purposes (government actions for defensive, governmental or policing applications) doesn't count.
5. Genuine development using pirate software/firmware o cloned tools doesn't count.

What about cloning an entire company?

The other common type of cloning is when the production factory runs an extra undocumented shift.

Wow, great eye opener. Textbook MitM.
 

Offline helius

  • Super Contributor
  • ***
  • Posts: 2949
  • Country: us
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #160 on: October 07, 2018, 05:47:17 am »
I have purchased "ghost shift" products in the past. Some typical signs are 1.) the box and manual of the product do not carry the vendor's name, address, or logo, but the vendor logo is silkscreened onto the device itself; 2.) the manual appears to be a crudely laid-up Xerox copy of an existing document; 3.) the presence of China-market testing and recycling marks. The actual quality of the product may be the same, but you obviously should not expect vendor support.
 

Online chris_leyson

  • Super Contributor
  • ***
  • Posts: 1399
  • Country: wales
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #161 on: October 07, 2018, 05:48:34 am »
Quote
What about cloning an entire company?
Or stealing an entire company

Company C, the Chinese company, owes Company A £600,000 and makes lame excuses for not paying. Company A embarks on a huge project, hires a lot more staff and borrows £250,000 from Company K. Meanwhile Chinese director of Company C buys shares in Company A. becomes a board member of Company A and still owes Company A.
New Chinese board member buys out directors of Company A, forms new Company B and transfers assets to new Company B. Chinese director of Company A winds up company A but keeps Company B going under a similar name. Company K are not happy. Directors wife becomes sole director and owner of company B. Company B ceases trading a year later. Company C owns all of the interlectual property of Company A and probably any left over stock from Company B. True story.
 

Offline a59d1

  • Regular Contributor
  • *
  • Posts: 102
  • Country: us
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #162 on: October 07, 2018, 06:10:32 am »
The billions of dollars can be used to help pay some of the damage to western companies caused by China's rampant and shameless IP theft.

And also your loss of employment insurance, if that's what you mean.

China is getting more and more innovative, as can be seen from history.

In the 1990s, China blatantly cloned entire designs.

In the 2000s, China cloned part of the designs and costed-down the designs by modifications.

In the 2010s, most Chinese designs are patent infringing, but the engineering is more or less independent.

China will keep stealing patents for many more years, but engineering will be more or less independent.

China doesn't care about right or wrong, China only cares about power.

Being able to engineer is a power to technological independence. Being able to invent is not.

China needs technological independence, as that frees China from potential sanction from the west.

That is the ultimate free pass to dictatorship. The only thing that prevents Chinese government from physically suppressing its unrest people and its separatism states is the fear of being sanctioned by the west.

What China wants is not really that much. All we want is the west to leave us alone as long as we don't touch a NATO country.

And the west just will not. China will never be peaceful until the west stops policing near China.

China wouldn't have to clone western technology, China wouldn't have to manipulate currency, and China wouldn't have to be a political enemy of the west, as long as the west gets their fuck out of Chinese politics.

Is your license plate still SIGSEGV, comrade?
 

Offline T3sl4co1l

  • Super Contributor
  • ***
  • Posts: 15000
  • Country: us
  • Expert, Analog Electronics, PCB Layout, EMC
    • Seven Transistor Labs
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #163 on: October 07, 2018, 06:16:48 am »
Back in the days of print journalism, this is exactly where the editor would have put:

    [sidebar from Dr. Expert goes here "What we found under the microscope"]

A sidebar lets you provide detail that the general reader will want to skip, but that allows you to "show your workings" so that people know you're not handwaving or hoodwinking them. This is especially necessary in this case given the gravity of the accusations. Moreover, business readers aren't insulted by being presented technical details in a sidebar - business people don't expect to understand all the technical details, they have people for that "John, read this article and tell me if the technical side makes sense to you".

Yes, that would've done perfectly!


Quote
Here I'm speaking as an ex-section editor of a business computer magazine. I wouldn't have put a story one tenth as volatile as this on the page without putting enough in print to make my case lawyer proof. Providing all the facts, as far as you can, may make a difference between a case for slander of goods* and no case to answer. In fact in defamation cases sometimes the most damaging thing you can do is to make accusations without producing your proof at the same time. At the very least it leads to legal bills and court appearances where, if you'd made a good case in print already, the plaintiff's lawyers would have said "don't bother".

Good point!

Tim
Seven Transistor Labs, LLC
Electronic design, from concept to prototype.
Bringing a project to life?  Send me a message!
 


Offline Mr. Scram

  • Super Contributor
  • ***
  • Posts: 9063
  • Country: 00
  • Display aficionado
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #165 on: October 07, 2018, 06:35:37 am »
We can only assume Bloomberg understands this better than any of us. They aren't exactly amateurs and have extensive experience in the business world, which isn't exactly an amateurish or forgiving environment.
 

Online BravoV

  • Super Contributor
  • ***
  • Posts: 6767
  • Country: 00
  • +++ ATH1
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #166 on: October 07, 2018, 06:38:15 am »
We can only assume Bloomberg understands this better than any of us. They aren't exactly amateurs and have extensive experience in the business world, which isn't exactly an amateurish or forgiving environment.

Agree, and this means Bloomberg's reporter knows better than US DHS and UK NCSC, interesting time indeed.

I have a gut feeling few fellas here starting to doubt on who the f**k is Reuters and it's reputation, say compared to Bloomberg, and probably Fox News fans too.  ;)
« Last Edit: October 07, 2018, 07:18:32 am by BravoV »
 

Offline ogden

  • Super Contributor
  • ***
  • Posts: 3166
  • Country: lv
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #167 on: October 07, 2018, 06:52:10 am »
We can only assume Bloomberg understands this better than any of us. They aren't exactly amateurs and have extensive experience in the business world, which isn't exactly an amateurish or forgiving environment.

Agree, and this means Bloomberg's reporter knows better than US DHS and UK NCSC, interesting time indeed.

Counterintelligence is responsibility of CIA, not DHS or FBI. If this is true story, it can have "top secret" seal for decades. Other option is just stock fraud or (unlikely) dumb defamation. We will see soon because investors are very unhappy - shares plunged 50%.
 

Online BravoV

  • Super Contributor
  • ***
  • Posts: 6767
  • Country: 00
  • +++ ATH1
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #168 on: October 07, 2018, 07:05:02 am »
Other option is just stock fraud or (unlikely) dumb defamation. We will see soon because investors are very unhappy - shares plunged 50%.

Don't rule out other option, which is a direct & straight intervention from an ignorance and short sighted white house staff, bypassing gov 3 characters agencies, and under heavy pressure that had been instructed ordered to think of how to kill two birds with one stone, which are the disobedience big corporations "and" China.  >:D

We've seen this in the past (example -> HERE), how the potus interfered at low level, cronyist must made lots of money for short selling Amazon, prolly made hundreds of millions overnight, its legal anyway.  :-DD
« Last Edit: October 07, 2018, 07:36:46 am by BravoV »
 

Online BravoV

  • Super Contributor
  • ***
  • Posts: 6767
  • Country: 00
  • +++ ATH1
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #169 on: October 07, 2018, 07:33:45 am »
Counterintelligence is responsibility of CIA, not DHS or FBI.

Nope, just fyi, CIA is illegal to operate domestically in US.

And this matter brought out by Bloomberg, is a domestic issue which legally should be handled by FBI and DHS.

For example counterintelligence like capturing foreign spy "inside US" is under FBI jurisdiction & power, not CIA, only outside US border.

Offline donotdespisethesnake

  • Super Contributor
  • ***
  • Posts: 1088
  • Country: gb
  • Embedded stuff
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #170 on: October 07, 2018, 08:30:01 am »
We can only assume Bloomberg understands this better than any of us. They aren't exactly amateurs and have extensive experience in the business world, which isn't exactly an amateurish or forgiving environment.

That's so naive and gullible, it's almost touching. I suppose the fact that Bloomberg reporters get a bonus related to how much their stories affect the market would not affect your faith  :-DD
Bob
"All you said is just a bunch of opinions."
 
The following users thanked this post: tooki

Online bd139

  • Super Contributor
  • ***
  • Posts: 14577
  • Country: gb
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #171 on: October 07, 2018, 08:41:11 am »
Indeed. Bloomberg are an aggregator service. Accuracy depends on what they are aggregating and their fact checking. They haven’t had a particularly good rating in that department. Compared to Reuters at least they are more the equivalent of a tabloid aggregator.
 
The following users thanked this post: tooki

Offline Mr. Scram

  • Super Contributor
  • ***
  • Posts: 9063
  • Country: 00
  • Display aficionado
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #172 on: October 07, 2018, 09:11:53 am »
That's so naive and gullible, it's almost touching. I suppose the fact that Bloomberg reporters get a bonus related to how much their stories affect the market would not affect your faith  :-DD
You seem to have invented some kind of faith and subsequently attributed it to me. Interesting. Do elaborate.
 

Online wraper

  • Supporter
  • ****
  • Posts: 11345
  • Country: lv
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #173 on: October 07, 2018, 09:18:53 am »
Counterintelligence is responsibility of CIA, not DHS or FBI.

Nope, just fyi, CIA is illegal to operate domestically in US.

And this matter brought out by Bloomberg, is a domestic issue which legally should be handled by FBI and DHS.

For example counterintelligence like capturing foreign spy "inside US" is under FBI jurisdiction & power, not CIA, only outside US border.
One peace of nonsense you wrote here. CIA often exceeds what they are allowed to do, however they can operate legally within US. Just imagine how what you wrote would work in practice. They look after some spies who are outside US, those spies contact other spies within US. Nope, we cannot investigate those  :palm:.
 

Offline mikeselectricstuff

  • Super Contributor
  • ***
  • Posts: 12123
  • Country: gb
    • Mike's Electric Stuff
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #174 on: October 07, 2018, 10:24:03 am »
We don't know the truth yet. It's kind of simmering, like when a big turd is going to hit the fan. Somebody is grossly wrong and the Internet is divided.

No comment from the FBI, CIA and NSA. Amazon and Apple deny it.

Bloomberg claims 17 people are confirming the H/W mods:
but not one single plausible photo.
If this was real, there would be pictures.
Youtube channel:Taking wierd stuff apart. Very apart.
Mike's Electric Stuff: High voltage, vintage electronics etc.
Day Job: Mostly LEDs
 
The following users thanked this post: mtdoc, tooki, a59d1

Online madires

  • Super Contributor
  • ***
  • Posts: 5110
  • Country: de
  • A qualified hobbyist ;)
 

Offline donotdespisethesnake

  • Super Contributor
  • ***
  • Posts: 1088
  • Country: gb
  • Embedded stuff
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #176 on: October 07, 2018, 12:22:59 pm »
DHS says no reason to doubt firms' China hack denials: https://www.reuters.com/article/us-china-cyber-dhs/dhs-says-no-reason-to-doubt-firms-china-hack-denials-idUSKCN1MH00Y

I think that nails it dead, Bloomberg's story is fake news. Reminds me of https://en.wikipedia.org/wiki/Hitler_Diaries

Now we know the story is bogus, the question is how Bloomberg managed to make such a huge cock-up. Unquestioning conservative blogs are already using it as justification to increase the "war" with China, so maybe that provides the answer.
Bob
"All you said is just a bunch of opinions."
 
The following users thanked this post: NiHaoMike, mtdoc, tooki

Online BravoV

  • Super Contributor
  • ***
  • Posts: 6767
  • Country: 00
  • +++ ATH1
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #177 on: October 07, 2018, 01:47:25 pm »
Now we know the story is bogus, the question is how Bloomberg managed to make such a huge cock-up. Unquestioning conservative blogs are already using it as justification to increase the "war" with China, so maybe that provides the answer.

Not that simple, China is just collateral damage which is inline with the current US political agenda at the international scenes.

Meanwhile at local/domestic affair, this is happening ...

https://www.washingtonpost.com/business/capitalbusiness/pentagon-doubles-down-on-single-cloud-strategy-for-10-billion-contract/2018/08/05/352cfee8-972b-11e8-810c-5fa705927d54_story.html?noredirect=on

https://www.bloomberg.com/news/articles/2018-07-26/pentagon-goes-with-winner-take-all-10-billion-cloud-contract

https://www.washingtonpost.com/business/2018/08/07/oracle-challenges-pentagons-multibillion-dollar-cloud-computing-contract-before-bids-are-even-submitted/

https://www.bloomberg.com/news/articles/2018-06-26/amazon-foes-in-pentagon-cloud-deal-are-said-to-include-sap-csra


... + senates hearing for big companies ...

Online Cerebus

  • Super Contributor
  • ***
  • Posts: 4699
  • Country: gb
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #178 on: October 07, 2018, 02:29:13 pm »
Agree, and this means Bloomberg's reporter knows better than US DHS and UK NCSC, interesting time indeed.

Counterintelligence is responsibility of CIA, not DHS or FBI. If this is true story, it can have "top secret" seal for decades. Other option is just stock fraud or (unlikely) dumb defamation. We will see soon because investors are very unhappy - shares plunged 50%.

Literally wrong on every fact.

The FBI is the lead agency for exposing, preventing, and investigating intelligence activities on U.S. soil, ...

Foster a fully synchronized, cohesive enterprise that integrates intelligence into operational functions and drives action through Mission Centers to mitigate all threats to the Homeland including-Counterintelligence, Counterterrorism, Cyber, Economic Security, and Transnational Organized Crime.

In 1947 Congress passed the National Security Act, which created the National Security Council (NSC) and, under its direction, the CIA. ..., the CIA was forbidden by law (the National Security Act) from conducting intelligence and counterintelligence operations on domestic soil.
Anybody got a syringe I can use to squeeze the magic smoke back into this?
 
The following users thanked this post: ogden

Online Cerebus

  • Super Contributor
  • ***
  • Posts: 4699
  • Country: gb
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #179 on: October 07, 2018, 02:49:52 pm »
One peace of nonsense you wrote here. CIA often exceeds what they are allowed to do, however they can operate legally within US. Just imagine how what you wrote would work in practice. They look after some spies who are outside US, those spies contact other spies within US. Nope, we cannot investigate those  :palm:.

Let's repeat that again:

In 1947 Congress passed the National Security Act, which created the National Security Council (NSC) and, under its direction, the CIA. ..., the CIA was forbidden by law (the National Security Act) from conducting intelligence and counterintelligence operations on domestic soil.

If it's on US soil it's the FBI's jurisdiction. If the CIA discover something overseas with a domestic link they have to get the FBI to handle that end of it - just as if, say, the Sûreté uncover a crime in Paris with a London link and have to involve the Metropolitan Police [of London] because they have no legal powers in London. The CIA case is more extreme because they are explicitly forbidden by law from acting domestically, not just lacking legal powers to do so.

So who was writing a "peace[sic] of nonsense"?  :palm: Y'all might want to check your facts before implying someone else is a fool.
Anybody got a syringe I can use to squeeze the magic smoke back into this?
 
The following users thanked this post: ogden

Offline David Hess

  • Super Contributor
  • ***
  • Posts: 10930
  • Country: us
  • DavidH
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #180 on: October 07, 2018, 02:55:34 pm »
I have purchased "ghost shift" products in the past. Some typical signs are 1.) the box and manual of the product do not carry the vendor's name, address, or logo, but the vendor logo is silkscreened onto the device itself; 2.) the manual appears to be a crudely laid-up Xerox copy of an existing document; 3.) the presence of China-market testing and recycling marks. The actual quality of the product may be the same, but you obviously should not expect vendor support.

In many cases this is discovered when the real company receives customer service requests for identical products which they have no record of producing.
 
The following users thanked this post: tooki

Online wraper

  • Supporter
  • ****
  • Posts: 11345
  • Country: lv
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #181 on: October 07, 2018, 02:59:30 pm »
I have purchased "ghost shift" products in the past. Some typical signs are 1.) the box and manual of the product do not carry the vendor's name, address, or logo, but the vendor logo is silkscreened onto the device itself; 2.) the manual appears to be a crudely laid-up Xerox copy of an existing document; 3.) the presence of China-market testing and recycling marks. The actual quality of the product may be the same, but you obviously should not expect vendor support.
What you described in 99% of cases is counterfeit, not ghost shift. Also when you order from China, often they throw away original box. So it also could be a product for Chinese market which originally came with Chinese manual.
« Last Edit: October 07, 2018, 03:04:21 pm by wraper »
 

Online BravoV

  • Super Contributor
  • ***
  • Posts: 6767
  • Country: 00
  • +++ ATH1
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #182 on: October 07, 2018, 03:17:25 pm »
So who was writing a "peace[sic] of nonsense"?  :palm: Y'all might want to check your facts before implying someone else is a fool.

You have to realize after seeing this thread grows into so many pages which is a proof and sign, that even one that had been experienced, worked and trained in logical thinking regime at engineering field, doesn't mean one can see thru clearly in this kind of matter, which is pretty simple and straightforward.

This thread grows because posters are divided majorly into two camps only, as I stated previously, which are "want to believe" camp vs "the pudding" camp.  :-DD

Online Cerebus

  • Super Contributor
  • ***
  • Posts: 4699
  • Country: gb
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #183 on: October 07, 2018, 03:31:05 pm »
This thread grows because posters are divided majorly into two camps only, as I stated previously, which are "want to believe" camp vs "the pudding" camp.  :-DD

I think there's a third camp that agree with Tim (T3sl4co1l) that it's technically feasible, but that the reporting is suspect, both from a quality of journalism point of view and a geopolitical/realpolitik point of view. That's certainly where I'd place myself.

There's a fog around this, I don't think it will clear anytime soon, and trying to penetrate into the fog by logical deduction is difficult, but that doesn't mean it shouldn't be attempted. Misinformation and contributed "factoids" that are plain wrong don't help.
Anybody got a syringe I can use to squeeze the magic smoke back into this?
 
The following users thanked this post: mtdoc, wraper, tooki, ogden

Online Cerebus

  • Super Contributor
  • ***
  • Posts: 4699
  • Country: gb
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #184 on: October 07, 2018, 04:05:10 pm »

What about cloning an entire company?

The other common type of cloning is when the production factory runs an extra undocumented shift.

Wow, great eye opener. Textbook MitM.

Indeed. For those who didn't follow the link, some counterfeiters set up a whole organization so that the factories in China and Taiwan producing the counterfeits didn't know that they were. They thought that they were legitimately contract manufacturing for NEC.
Anybody got a syringe I can use to squeeze the magic smoke back into this?
 
The following users thanked this post: tooki, ogden

Offline apis

  • Super Contributor
  • ***
  • Posts: 1668
  • Country: se
  • Hobbyist
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #185 on: October 07, 2018, 05:13:36 pm »
DHS says no reason to doubt firms' China hack denials: https://www.reuters.com/article/us-china-cyber-dhs/dhs-says-no-reason-to-doubt-firms-china-hack-denials-idUSKCN1MH00Y

I think that nails it dead, Bloomberg's story is fake news.
I wouldn't dismiss it completely just because of that. Historically it's been pretty common for different government intelligence agencies not knowing what the others are doing, and the us intelligence branch of government is absolutely enormous as far as I know (which admittedly isn't much).
 

Offline Marco

  • Super Contributor
  • ***
  • Posts: 4699
  • Country: nl
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #186 on: October 07, 2018, 06:31:09 pm »
I just don't see an angle for the US government to want to cover this up at the moment. They have no problem declaring the embassy incidents attacks even in the absence of physical evidence (no trauma showed up on MRI for most of the affected persons, the diagnosis is purely based on symptoms). Why would they cover for China when Trump seeks justification for his trade measures? The presumed attack is relatively low tech all things considered so it's not like revealing the evidence would matter in that respect.

The companies I can kind of understand, they have commercial interests in China ... but even then Apple is extremely image conscious, blatantly lying seems very unlikely when actual evidence could pop up from way too many sources if this were true.

PS. if people in intelligence agencies are purposely keeping this information from the White House they better pray Trump is gone before they get found out.
« Last Edit: October 07, 2018, 06:33:45 pm by Marco »
 
The following users thanked this post: tooki

Offline ogden

  • Super Contributor
  • ***
  • Posts: 3166
  • Country: lv
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #187 on: October 07, 2018, 06:45:44 pm »
Counterintelligence is responsibility of CIA, not DHS or FBI. If this is true story, it can have "top secret" seal for decades. Other option is just stock fraud or (unlikely) dumb defamation. We will see soon because investors are very unhappy - shares plunged 50%.

Literally wrong on every fact.

Thank you for clarifying that DHS does Counterintelligence on US soil. Info you provided does not say anything about FBI Counterintelligence operations. So I can count only one fact I was wrong, maybe two, not every fact as you say.
« Last Edit: October 07, 2018, 06:50:06 pm by ogden »
 

Offline apis

  • Super Contributor
  • ***
  • Posts: 1668
  • Country: se
  • Hobbyist
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #188 on: October 07, 2018, 06:58:22 pm »
Why would they cover for China when Trump seeks justification for his trade measures?
Well, that is a motive for making up a story like this though. Wouldn't be the first time Trump comes up with "alternative facts" to suit his interests.
 

Online Cerebus

  • Super Contributor
  • ***
  • Posts: 4699
  • Country: gb
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #189 on: October 07, 2018, 07:23:32 pm »
Counterintelligence is responsibility of CIA, not DHS or FBI. If this is true story, it can have "top secret" seal for decades. Other option is just stock fraud or (unlikely) dumb defamation. We will see soon because investors are very unhappy - shares plunged 50%.

Literally wrong on every fact.

Thank you for clarifying that DHS does Counterintelligence on US soil. Info you provided does not say anything about FBI Counterintelligence operations. So I can count only one fact I was wrong, maybe two, not every fact as you say.

Go and read it again, do a text search within the message if you have to for counterintelligence. All three points you made about the FBI, CIA and DHS in relation to counterintelligence are refuted from authoritative sources.

This is exactly what I was talking about the other day, you make wrong statements on a subject that you are ill-informed on. Then you quibble when someone corrects you, deliberately ignoring anything that doesn't suit your case, often shifting the goalposts in the process. Eventually you reach the point where you start making rude remarks about the character, intelligence or educational attainment of the person who corrected you - except this time if you do it you will be hoist by your own petard.
Anybody got a syringe I can use to squeeze the magic smoke back into this?
 
The following users thanked this post: ogden, bd139

Offline ogden

  • Super Contributor
  • ***
  • Posts: 3166
  • Country: lv
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #190 on: October 07, 2018, 07:42:12 pm »
Go and read it again, do a text search within the message if you have to for counterintelligence. All three points you made about the FBI, CIA and DHS in relation to counterintelligence are refuted from authoritative sources.

Go and read my post again, show where I said "on domestic soil". Those suspect factories planting chips were located in the US or am I missing something?

Quote
Eventually you reach the point where you start making rude remarks about the character, intelligence or educational attainment of the person who corrected you

You are stepping over the line here. Let's continue in PM and check our records of you versus me insulting others, with CC: moderator.
 

Offline Marco

  • Super Contributor
  • ***
  • Posts: 4699
  • Country: nl
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #191 on: October 07, 2018, 07:53:10 pm »
Well, that is a motive for making up a story like this though. Wouldn't be the first time Trump comes up with "alternative facts" to suit his interests.
I don't think think Trump could tell the NSA to activate 18 deep cover moles inside US companies to trick Bloomberg.
 
The following users thanked this post: JoeO, tooki

Online Cerebus

  • Super Contributor
  • ***
  • Posts: 4699
  • Country: gb
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #192 on: October 07, 2018, 08:02:49 pm »
Go and read it again, do a text search within the message if you have to for counterintelligence. All three points you made about the FBI, CIA and DHS in relation to counterintelligence are refuted from authoritative sources.

Go and read my post again, show where I said "on domestic soil". Those suspect factories planting chips were located in the US or am I missing something?

And there the moving of goalposts starts ...

Quote
Quote
Eventually you reach the point where you start making rude remarks about the character, intelligence or educational attainment of the person who corrected you

You are stepping over the line here. Let's continue in PM and check our records of you versus me insulting others, with CC: moderator.

No. These arguments you seek out might amuse you, but they annoy me (and I suspect others too) the very last thing I am going to do is give you carte blanche to annoy me in PMs too. Why don't you give it rest, he said wearily.
Anybody got a syringe I can use to squeeze the magic smoke back into this?
 
The following users thanked this post: TopLoser, ogden, bd139

Offline apis

  • Super Contributor
  • ***
  • Posts: 1668
  • Country: se
  • Hobbyist
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #193 on: October 07, 2018, 08:21:28 pm »
Well, that is a motive for making up a story like this though. Wouldn't be the first time Trump comes up with "alternative facts" to suit his interests.
I don't think think Trump could tell the NSA to activate 18 deep cover moles inside US companies to trick Bloomberg.
It would only take one, not particularly deep cover, mole in Bloomberg.
(Maybe just a phone-call to the director: "hey, it's POTUS/CIA/<initialism>, we'd like you to run this story for us." :))
« Last Edit: October 07, 2018, 08:35:06 pm by apis »
 

Offline Mr. Scram

  • Super Contributor
  • ***
  • Posts: 9063
  • Country: 00
  • Display aficionado
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #194 on: October 07, 2018, 09:02:38 pm »
I think that nails it dead, Bloomberg's story is fake news. Reminds me of https://en.wikipedia.org/wiki/Hitler_Diaries

Now we know the story is bogus, the question is how Bloomberg managed to make such a huge cock-up. Unquestioning conservative blogs are already using it as justification to increase the "war" with China, so maybe that provides the answer.
With the track record the various agencies have, why would this "nail the story dead"? If there's something like a gag order the DHS isn't going to spill the beans. It does put the pressure on Bloomberg to come up with something more tangible, although a more suspicious mind might wonder whether they'd be allowed to produce such proof at this point in time. It's obviously also nearly impossible to disprove the story.
 

Offline floobydust

  • Super Contributor
  • ***
  • Posts: 3447
  • Country: ca
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #195 on: October 07, 2018, 09:06:51 pm »
Here's the only Bloomberg pic, and we can all smell the bullshit in a 3-pin package...

Why sit on this for over 3 years? The government probe started in 2015 with Amazon's discovery, supposedly.
Aww poor businesses, banks that still have a back door to a foreign hostile that is still open? Who cares about the DoD, Navy ships, drones, government agencies infiltrated.  :palm:
 
The following users thanked this post: tooki

Offline daqq

  • Super Contributor
  • ***
  • Posts: 1765
  • Country: sk
    • My site
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #196 on: October 07, 2018, 09:14:05 pm »
Quote
Here's the only Bloomberg pic, and we can all smell the bullshit in a 3-pin package...
Er, no, there were other pics of said park, see initial post link. It looks like a 6 pin package, very similar to a balun:

http://www.farnell.com/datasheets/2580617.pdf?_ga=2.1792241.1799087673.1538946562-1417168484.1514813103

I can see such a device hooked up to some SPI bus that talks to an SPI memory, pretending to be the memory... or any number of other possibilities.
Believe it or not, pointy haired people do exist!
+++Divide By Cucumber Error. Please Reinstall Universe And Reboot +++
 
The following users thanked this post: wraper

Offline cdev

  • Super Contributor
  • ***
  • Posts: 5338
  • Country: 00
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #197 on: October 07, 2018, 11:04:28 pm »
I'd like to know a lot more about what is supposed to be in that very generic looking tiny part.

It looks just like some small RF transformers and low pass filters that I have. I think they were made by either TDK or Murata.


"What the large print giveth, the small print taketh away."
 

Offline Mr. Scram

  • Super Contributor
  • ***
  • Posts: 9063
  • Country: 00
  • Display aficionado
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #198 on: October 07, 2018, 11:08:33 pm »
I'd like to know a lot more about what is supposed to be in that very generic looking tiny part.

It looks just like some small RF transformers and low pass filters that I have. I think they were made by either TDK or Murata.
Wasn't that the point, that it looked like a mundane and innocuous part?
 

Offline Halcyon

  • Super Contributor
  • ***
  • Posts: 3912
  • Country: au
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #199 on: October 07, 2018, 11:29:07 pm »
I wonder how many people have already gone to town on their motherboards, removing this component, only to realise it was actually required for the machine to boot.
 
The following users thanked this post: tooki

Online blueskull

  • Supporter
  • ****
  • Posts: 13537
  • Country: cn
  • Power Electronics Guy
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #200 on: October 07, 2018, 11:31:20 pm »
I wonder how many people have already gone to town on their motherboards, removing this component, only to realise it was actually required for the machine to boot.

Your machine doesn't need a balun to boot. You may lose WiFi/BT, but 99% of the machines use RF cards instead of built-in RF, so who cares?
 

Online bd139

  • Super Contributor
  • ***
  • Posts: 14577
  • Country: gb
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #201 on: October 07, 2018, 11:43:53 pm »
Also this was targeting servers. Servers have no RF capable parts on.

Actually I don’t have any  Supermicro ones available to me but after scanning tens of high res motherboard pictures there’s nothing that looks even remotely like a balun on any server motherboards. There’s decoupling, power conversion, protection, identifiable ICs, transistors/MOSFETs/diodes, connectors and bugger all else. anything with enough pins is identifiable.
 
The following users thanked this post: tooki

Online BravoV

  • Super Contributor
  • ***
  • Posts: 6767
  • Country: 00
  • +++ ATH1
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #202 on: October 07, 2018, 11:50:08 pm »
C'mon, how hard is that, to de-solder that suspected component, put it side by side with a genuine one under the microscope, start to sand both layer by layer exposing it's internal while comparing ?  :palm:
« Last Edit: October 07, 2018, 11:51:49 pm by BravoV »
 

Offline mtdoc

  • Super Contributor
  • ***
  • Posts: 3581
  • Country: us
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #203 on: October 07, 2018, 11:58:30 pm »
Why would they cover for China when Trump seeks justification for his trade measures?
Well, that is a motive for making up a story like this though. Wouldn't be the first time Trump comes up with "alternative facts" to suit his interests.

This is not a Trump thing (and I'm no Trump fan).

This has been going of at least since the 1950s in the US (and other countries).  See Operation Mocking Bird
 

Online BravoV

  • Super Contributor
  • ***
  • Posts: 6767
  • Country: 00
  • +++ ATH1
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #204 on: October 08, 2018, 12:09:03 am »
Why would they cover for China when Trump seeks justification for his trade measures?
Well, that is a motive for making up a story like this though. Wouldn't be the first time Trump comes up with "alternative facts" to suit his interests.

This is not a Trump thing (and I'm no Trump fan).

This has been going of at least since the 1950s in the US (and other countries).  See Operation Mocking Bird

If this is true for bad mouthing China, the question is why they had to sacrifice "American" companies ?

They could just make & publicize it without mentioning specific company names.  :-//

Online BravoV

  • Super Contributor
  • ***
  • Posts: 6767
  • Country: 00
  • +++ ATH1
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #205 on: October 08, 2018, 12:19:53 am »
-> https://www.reuters.com/article/us-china-cyber-apple/apple-tells-congress-it-found-no-signs-of-hacking-attack-idUSKCN1MH0YQ

Quote ...

"Bloomberg said on Friday it stood by its story, which was based on 17 anonymous sources. Some allegations were based on fewer accounts or even a single unnamed source, Apple noted in its letter."


Offline mtdoc

  • Super Contributor
  • ***
  • Posts: 3581
  • Country: us
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #206 on: October 08, 2018, 12:23:53 am »
Why would they cover for China when Trump seeks justification for his trade measures?
Well, that is a motive for making up a story like this though. Wouldn't be the first time Trump comes up with "alternative facts" to suit his interests.

This is not a Trump thing (and I'm no Trump fan).

This has been going of at least since the 1950s in the US (and other countries).  See Operation Mocking Bird

If this is true for bad mouthing China, the question is why they had to sacrifice "American" companies ?

They could just make & publicize it without mentioning specific company names.  :-//

They didn't bad mouth American companies. They of course had to mention which companies products were involved or the accusation would have no teeth at all.  They also had to report those companies responses.

Unless a neutral 3rd party analysis of the hardware is done and confirms the report - it will be clear this was just a propaganda piece.  Nevertheless, it will have succeeded in planting more anti-China feelings in the populace and help support the new Cold War.

No one will remember that the original report was never confirmed. No company other than perhaps relatively small Supermicro will have been negatively affected.  But the anti-China sentiment will have been seeded. Mission accomplished.

It's no different than the "Russia hacking" hysteria. No one will notice that there were never any actual prosecutions of Russian hackers, yet the anti-Russia sentiment will remain.  This is how propaganda works.
« Last Edit: October 08, 2018, 12:26:37 am by mtdoc »
 

Online blueskull

  • Supporter
  • ****
  • Posts: 13537
  • Country: cn
  • Power Electronics Guy
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #207 on: October 08, 2018, 12:31:44 am »
If this is true for bad mouthing China, the question is why they had to sacrifice "American" companies ?

What if this put up job is to manipulate Apple and Amazon (with stock price influence by stockholder confidence through media coverage) to shift from buying Made in China gears to Made in US gears?
 

Offline Marco

  • Super Contributor
  • ***
  • Posts: 4699
  • Country: nl
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #208 on: October 08, 2018, 12:46:21 am »
This is not a Trump thing (and I'm no Trump fan).

This has been going of at least since the 1950s in the US (and other countries).  See Operation Mocking Bird
The problem is the level of conspiracy necessary to keep evidence from any of the companies and from government from leaking if Bloomberg's report was true. Unless there's a mountain of National Security Letters out there keeping everyone involved living in fear I just don't see how it can be. That mountain of NSLs would mean it either goes to the top/Trump or the security agencies are playing traitor and keeping Trump out of the loop. Trump has no reason to keep this secret if he knows about it.

It's easier to just assume Bloomberg cobbled together a conspiracy theory from misleading information (intentionally spread or not) and subsequently asking some useful idiots leading questions.
 

Offline cdev

  • Super Contributor
  • ***
  • Posts: 5338
  • Country: 00
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #209 on: October 08, 2018, 12:51:27 am »
That chip looks a lot like a six legged version of what I call PCB resident 'feed through' caps.. I dont know the technical name for them. They are kind of an RFI filter.

They are basically bypass caps with two legs. (although they might also incorporate ferrite materials) (these bypass caps only have three terminals, the ones at the ends are the DC path and the two on the sides at the middle are the ground that has the RF bypassed to it.)

 They are kind of a 2D, semi-planar version of the old feed through caps that penetrate a case wall.

They have the same function. There- using a lower quality part might reduce the effectiveness of RFI bypassing.

Which might be all that was required.

In order to enable some back-channel attacks (which could then only be pursued from near the machine physically) all that likely needs to be done is sabotage formerly effective RFI suppression methods.

Making it so a nearby listener might be able to extract enough information to break whatever encryption keys was being used.

This attack would only work if the attacker was within a few meters, most likely. So basically they would have to have access to the data center the servos were in.

Although I have no idea how it fits in, liberalizing services is proposed to double (probably many times more than that, just imagine how much will be saved on wages, money which is now 'wasted' to rent extraction. (/sarcasm)

The hype proposes that business profits globally could be increased many fold by increasing efficiency, which increasingly means moving jobs to the digital economy.

One of the main questions is where will the trade rules require that servers and the actual information be located?

One of the biggest roadblocks to making businesses so very much much much more efficient and reducing costs to the bone (and an eventual shakeout within which most of those businesses get absorbed into others) is who gets to say where the important information thats stored on servers will be.

Can governments - despite their commitments to trade liberalization, think of some excuse to hold it back (and presumably steer that business to well connected insiders in their own country, even though some other provider of the service may be cheaper)

A business like Amazon's 2nd biggest asset after their brand name is their technology, which they (probably) want to keep close to their vests. (I would expect them to!) However, agreements between countries commit countries to switch from in house provision of services to low bidders, biding in an international competition.

Could the country whose information is at issue - or the country whose flag of convenience a corporation flies require some parts be inside their physical country and control, even when its not national security related?

(National security is basically the only area that gets a free pass to remain under individual nation's control)

I have no idea what they are arguing these days. But you can bet it isnt good for the little guy, whose business will likely be put under extreme pressure by global competition, if there is any money to be made in it.

This kind of 'incident' real or not, may be part of the arguments in some way. Countries are jockeying for position in this huge shift and people like us can only guess at their long term strategies.





« Last Edit: October 08, 2018, 01:30:34 am by cdev »
"What the large print giveth, the small print taketh away."
 

Online blueskull

  • Supporter
  • ****
  • Posts: 13537
  • Country: cn
  • Power Electronics Guy
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #210 on: October 08, 2018, 01:00:09 am »
That chip looks a lot like what I call "PCB resident feed through caps.. They are the 2D version of the old feed throughs that penetrated a case wall.

In order to enable some back-channel attacks (which could then only be pursued from near the machine physically) all that likely needs to be done is sabotage formerly effective RFI suppression methods.

This attack would only work if the attacker was within a few meters, most likely.

That's an RF balun. I've never heard of any beadcaps looking like that.
And it's not going to work in a few meters. More like a few centimeters, and it must be in the chassis.
If so, why don't the attacker just pull the drive out?

FYI, Intel has thought of this before, so modern Xeon chips with ECC use scrambling. Anything from and to the RAM (top GHz-range EMI source in a computer) is scrambled by CPU.

Also, Bloomberg said it's alleged to be an IC developed by Chinese military. That's not an IC to my eyes. That's clearly made of fired ceramics, and no common silicon IC can survive after being fired at ceramic firing temperature.
 

Offline cdev

  • Super Contributor
  • ***
  • Posts: 5338
  • Country: 00
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #211 on: October 08, 2018, 01:34:14 am »
MMIC is the term they use. And its a broad term that encompasses a great many kinds of devices.

They use ceramics because of the favorable dielectric properties.

It really is a black art.   

Note I am not even going to try to weigh in on how feasible it is.


Also, it may have little to do with China per se.

In other words, it may just be an argument to slow down the pace of the race to the bottom.

Countries are competing with one another for investment, to prop up currencies - Claiming they have to do it because of the global nature of capital. Democracy they say is just too unpredictable for companies and investors.

One explanation I thought was good was "How Far Will International Economic
Integration Go?" by Dani Rodrik

I think we're cutting off our own noses to spite our face.

By committing so aggressively to trade liberalization (which hasnt ended, its not just in the past), the US may have put itself in a very unpleasant situation because the rate of progress in labor saving technologies has been so very much faster than any of the politicians or economists ever even remotely imagined. And its getting even faster very rapidly.

A race to the bottom is a game that nobody wins.

« Last Edit: October 08, 2018, 02:06:16 am by cdev »
"What the large print giveth, the small print taketh away."
 

Online blueskull

  • Supporter
  • ****
  • Posts: 13537
  • Country: cn
  • Power Electronics Guy
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #212 on: October 08, 2018, 01:44:43 am »
the US may have put itself in a very unpleasant situation because the rate of progress in labor saving technologies has been much faster than any of the politicians or economists ever even remotely imagined.

Please, stay within the topic.

And just so you know, for thousands of years, technology, religion and military were and are working for the top of the society pyramid.

If globalization doesn't kill the lower end of human spectrum, automation will, or wars will, or fill _in_the_blank will.
 

Offline daqq

  • Super Contributor
  • ***
  • Posts: 1765
  • Country: sk
    • My site
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #213 on: October 08, 2018, 05:28:12 am »
Quote
Also this was targeting servers. Servers have no RF capable parts on.
Please note that the part I linked was just an example of a part that looks similarly. There are also SMD EMC filters that look the same. See:

https://product.tdk.com/info/en/products/emc/emc/3tf/catalog.html

Specific series:

https://product.tdk.com/info/en/catalog/datasheets/3tf_commercial_signal_mem2012sc_en.pdf

And MURATA IIRC has something very similar.

Now, if I'd seen this on a server board sitting among other parts I do not think that I would be terribly surprised.
Believe it or not, pointy haired people do exist!
+++Divide By Cucumber Error. Please Reinstall Universe And Reboot +++
 

Offline Bud

  • Super Contributor
  • ***
  • Posts: 4038
  • Country: ca
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #214 on: October 08, 2018, 05:43:15 am »
Also this was targeting servers. Servers have no RF capable parts on.

RF balun does not mean the part radiates. RF Baluns are high frequency devices are routinely used to convert signal between balanced and unbalanced circuits, such as single ended to differential line. Digital circuits can utilize RF baluns for clock conditioning for example.
Facebook-free life and Rigol-free shack.
 

Offline Mr. Scram

  • Super Contributor
  • ***
  • Posts: 9063
  • Country: 00
  • Display aficionado
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #215 on: October 08, 2018, 06:43:47 am »
Why are you all assuming an implant chip is what it looks like? You'd obviously disguise an implant device as something innocuous, or at least attempt to make it less obvious. Otherwise you could just stick a GSM board on there and call it quits.
 

Online VK3DRB

  • Super Contributor
  • ***
  • Posts: 1710
  • Country: au
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #216 on: October 08, 2018, 10:17:28 am »
Entrepreneurial, or just plain greedy?... http://www.abc.net.au/news/2018-04-26/daigou-chinese-personal-shopping-$1-billion-industry/9671012

If you think that's worst, then you are wrong. If it's within the boarder of China, those Daigou people will buy all stocks, even without orders, to bump up the price and sell them back to the people needing them the most...


Sounds like greedy housing developers, most of whom use money from the PRC.

In this city of Melbourne it is illegal to buy tickets to the famous Grand Final football game and scalp the tickets on eBay at inflated prices. Same with concerts. They buy blocks of Justin Bieber tickets selling them to 14 year old teeny boppers at crossly inflated prices, which our govt has made illegal (not Bieber unfortunately, but ticket scalping). Our culture condemns ticket scalpers but praises the "entrepreneurs" scalping houses... Scalping tickets?>:D, but scalping houses? :-+.  In the US the rich are looked on with admiration, but those who dare question inequality are called socialist scum. How dare anyone suggest the super rich are taxed more to give to the poor.... they must be commies.

As one famous US presidential adviser said: The trickle down effect is rubbish. A billionaire might only buy 2 pairs of jeans a year. But if he shared some of his wealth to 10,000 poor people to get them out of poverty, the demand is now 20,000 pairs. Inequality also leads to economic stagnation.
« Last Edit: October 08, 2018, 10:22:18 am by VK3DRB »
 
The following users thanked this post: mtdoc, blueskull

Online madires

  • Super Contributor
  • ***
  • Posts: 5110
  • Country: de
  • A qualified hobbyist ;)
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #217 on: October 08, 2018, 11:56:32 am »
Please don't take Bloomberg's image too seriously. Media often uses images in the sense of "something looking similar" and I doubt that Bloomberg has the spy chip. Here's another interesting comment from a well known journalist: https://krebsonsecurity.com/2018/10/supply-chain-security-is-the-whole-enchilada-but-whos-willing-to-pay-for-it/. He mentions a Chinese chip built into Internet-enabled printers for sending a copy of everything printed home. That was more than a decade ago.
 
The following users thanked this post: thm_w

Offline NiHaoMike

  • Super Contributor
  • ***
  • Posts: 6092
  • Country: us
  • "Don't turn it on - Take it apart!"
    • Facebook Page
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #218 on: October 08, 2018, 12:33:23 pm »
He mentions a Chinese chip built into Internet-enabled printers for sending a copy of everything printed home. That was more than a decade ago.
It would be interesting to troll them by hacking the printer to not actually print (save on paper), then keep sending it thousands of pages of what look like a one time pad.
Cryptocurrency has taught me to love math and at the same time be baffled by it.

Cryptocurrency lesson 0: Altcoins and Bitcoin are not the same thing.
 
The following users thanked this post: PointyOintment

Offline ajb

  • Super Contributor
  • ***
  • Posts: 1770
  • Country: us
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #219 on: October 08, 2018, 05:24:21 pm »
The Register has a good overview of thestory and the issues of competing credibility here:

https://www.theregister.co.uk/2018/10/04/supermicro_bloomberg/?page=1
 

Online Cerebus

  • Super Contributor
  • ***
  • Posts: 4699
  • Country: gb
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #220 on: October 08, 2018, 05:32:04 pm »
That article is a few days old now, and may have missed more recent developments.

(And if the author, Mr. McCarthy's, previous output is anything to judge by, the point too. Let's say that he's not at the top of my list of reliable authors, he completely mangled an article on IP networking the other week.)
Anybody got a syringe I can use to squeeze the magic smoke back into this?
 

Online bd139

  • Super Contributor
  • ***
  • Posts: 14577
  • Country: gb
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #221 on: October 08, 2018, 06:36:05 pm »
The Register is basically the same as The Sun and The Daily Mail here. But with less tits. Other than the editor.
 

Online Cerebus

  • Super Contributor
  • ***
  • Posts: 4699
  • Country: gb
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #222 on: October 08, 2018, 06:59:44 pm »
The Register is basically the same as The Sun and The Daily Mail here. But with less tits. Other than the editor.

Oh no, el Reg is much more fun. I used to know both of the founders, worked with one of them. They were both the kind of men you had "drinking stories" about that you could dine out on.  :) Mike, no longer there, had a justified reputation for digging out stories that others couldn't - possibly by giving his sources liver failure in a single evening. John, still a director there, is known for single-handedly keeping the publicans of Bloomsbury in gainful employment - IT journalism's Jeffrey Bernard.
Anybody got a syringe I can use to squeeze the magic smoke back into this?
 

Online bd139

  • Super Contributor
  • ***
  • Posts: 14577
  • Country: gb
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #223 on: October 08, 2018, 07:28:10 pm »
Yes Mike disappeared off to start the Inquirer. Surprised he's still alive. Surprised any of them. I don't know them personally but have heard the stories by proxy of someone who indeed was one of their sources many years ago. He now lives in Thailand away from it all as I think he pissed off so many people to the point he was unemployable in the UK and Europe.

Edit: I made the mistake of employing him  :-DD (fortunately we had nothing to leak)
 

Offline mnementh

  • Super Contributor
  • ***
  • Posts: 7118
  • Country: ca
  • *Escaping The Suck*
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #224 on: October 08, 2018, 07:51:43 pm »
Jeezus... you two come along and the IQ in here increases 50 points...

mnem
And then I come along and...  :palm:
 

Offline coppercone2

  • Super Contributor
  • ***
  • Posts: 3827
  • Country: us
  • $
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #225 on: October 08, 2018, 08:44:36 pm »
Well I would not be surprised if some alphabet agency, ordered by executive order, confiscated all this crap and or was aware of this crap and thats why apple/big dogs stopped doing business with these people. the whole trade war could have been planned way in advanced.

If you admit to compromise all sorts of foreign companies not on US soil could benefit greatly and massive amounts of US infrastructure could be considered compromised. If intelligence was able to figure out what the Chinese were doing we could do damage control and play geopolitical and economic games using these things, i.e. controlled leaks.

Given how focused the american goverment is on economic growth I don't really think they would just flip out, they have to plan something out to limit economic damage (cuz now we are in a three superpower world, not only USSR/USA), so if our economy falls the Russians and other people can get stronger.

It's often the case when taps and other bugs are discovered they are left in place and used to misguide the enemy.

I expect that this whole thing is a complete and utter cluster fuck by our standards. I think that there might be secret services doing counter stock market manipulation using knowledge of stuff like this. 

Also the DHS is new by intelligence standards and they don't have the same connections as the CIA/OSA that has been around for a long time now, so they don't know fuck.

If it was used for counterintelligence purposes, identical boards could have been made in CIA run facilities to replace compromised boards with some kind of filter or protection diode or whatever too, then reinstalled, with the surveillance chips removed when no longer useful. This could be used to cover up machiavelian stock market manipulation, which favors the growth and protection to companies that are more vital to the US economy then companies which were naturally more successful (kind of like load balancing, the successful companies that can tolerate the hit got hit, while the weaker or more important ones for reputation were protected to have a overall less effect on the US economy).  A few businesses suffering on the stock market or losing IP is alot better then some big one going down, causing big unemployment, leading to the expensive retrofit of otherwise high quality infrastructure and military stuff.

The existence of communist china, with its great focus on economic growth by any means necessary, could have lead to this reaction, be it necessary or out of a sense of justice or pride. Since many businesses could be seen as doing Machiavellian things (like operating out of low tax areas to avoid paying the US government) they could be seen as pawns to manipulate with little moral qualm from someone that considers themselves a patriot that wants to protect their own country and sees those companies as having a hostile or 'i dont give a fuck about anything but my business' mentality. Eventually when you try to make money by any means necessary some patriots are going to get pissed off when your logically fucking the country you live in in a legal way. If you make a 'psychological profile' of a company you can kind of determine its various levels of allegiance to values, stock holders, employees, country of origin and its owners. A focus on pure economy is easily seen as sociopathic, so you don't really have much of a concern for its well being?

Someone setting up massive factories in china, allowing communist party members into its nerve centers and running out other loyal American businesses is not really seen as that much of a friendly citizen, especially if their trying to avoid paying taxes.
« Last Edit: October 08, 2018, 09:02:36 pm by coppercone2 »
 

Online bd139

  • Super Contributor
  • ***
  • Posts: 14577
  • Country: gb
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #226 on: October 08, 2018, 09:05:16 pm »
The trade war is pretty shallow. All it takes is a nose through some modern history books to see where we’re being nudged.

Or not because national governments are incredibly weak and vulnerable the moment they deployed technology unaware it can and is being used against them until it’s too late.

Another empire falls. Then you find our Firefly was right and you’ll be speaking English but insulting each other in Cantonese :)
 
The following users thanked this post: BravoV, mnementh, a59d1

Offline Bud

  • Super Contributor
  • ***
  • Posts: 4038
  • Country: ca
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #227 on: October 08, 2018, 09:18:52 pm »
and running out other loyal American businesses is not really seen as that much of a friendly citizen, especially if their trying to avoid paying taxes.

I am pretty sure US requires you to report income regardless of where the business is located and you still get taxed.
Facebook-free life and Rigol-free shack.
 

Offline coppercone2

  • Super Contributor
  • ***
  • Posts: 3827
  • Country: us
  • $
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #228 on: October 08, 2018, 09:20:51 pm »
and running out other loyal American businesses is not really seen as that much of a friendly citizen, especially if their trying to avoid paying taxes.

I am pretty sure US requires you to report income regardless of where the business is located and you still get taxed.

https://itep.org/fact-sheet-apple-and-tax-avoidance/
 

Offline apis

  • Super Contributor
  • ***
  • Posts: 1668
  • Country: se
  • Hobbyist
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #229 on: October 08, 2018, 09:26:11 pm »
Then you find our Firefly was right and you’ll be speaking English but insulting each other in Cantonese :)
Technically they were all supposed to speak as much Chinese as English (if not more), but for obvious reasons they were mainly speaking English but kept insults in Chinese as a way of getting around the US censorship.
 

Online bd139

  • Super Contributor
  • ***
  • Posts: 14577
  • Country: gb
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #230 on: October 08, 2018, 09:33:51 pm »
That makes sense  :-+
 

Online Cerebus

  • Super Contributor
  • ***
  • Posts: 4699
  • Country: gb
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #231 on: October 08, 2018, 09:37:54 pm »
Another empire falls. Then you find our Firefly was right and you’ll be speaking English but insulting each other in Cantonese :)

Only a 杘頭 would think that.  :)
Anybody got a syringe I can use to squeeze the magic smoke back into this?
 
The following users thanked this post: mnementh, bd139

Offline tooki

  • Super Contributor
  • ***
  • Posts: 4837
  • Country: ch
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #232 on: October 08, 2018, 10:00:38 pm »
Also this was targeting servers. Servers have no RF capable parts on.

Actually I don’t have any  Supermicro ones available to me but after scanning tens of high res motherboard pictures there’s nothing that looks even remotely like a balun on any server motherboards. There’s decoupling, power conversion, protection, identifiable ICs, transistors/MOSFETs/diodes, connectors and bugger all else. anything with enough pins is identifiable.
^^^ this. I've been saying this since I read the article.

If you were going to camouflage a chip to covertly install it on a server mobo, you'd masquerade it as a component normally found on a server mobo! You would't make it look like an RF component, which has no place on a server board!!   :palm: |O :-DD

There are so many issues with this alleged infiltration that I'm surprised anyone with half an ounce of technical savvy is giving it a second thought. There are just too many layers of too many organizations that you'd have to infiltrate in tandem, to maintain version control throughout design, manufacturing, and testing. It defies belief.
 
The following users thanked this post: bd139

Online wraper

  • Supporter
  • ****
  • Posts: 11345
  • Country: lv
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #233 on: October 08, 2018, 10:13:15 pm »
Also this was targeting servers. Servers have no RF capable parts on.

Actually I don’t have any  Supermicro ones available to me but after scanning tens of high res motherboard pictures there’s nothing that looks even remotely like a balun on any server motherboards. There’s decoupling, power conversion, protection, identifiable ICs, transistors/MOSFETs/diodes, connectors and bugger all else. anything with enough pins is identifiable.
^^^ this. I've been saying this since I read the article.

If you were going to camouflage a chip to covertly install it on a server mobo, you'd masquerade it as a component normally found on a server mobo! You would't make it look like an RF component, which has no place on a server board!!   :palm: |O :-DD

There are so many issues with this alleged infiltration that I'm surprised anyone with half an ounce of technical savvy is giving it a second thought. There are just too many layers of too many organizations that you'd have to infiltrate in tandem, to maintain version control throughout design, manufacturing, and testing. It defies belief.
FWIW there are also EMI filters in similar package https://media.digikey.com/pdf/Data%20Sheets/Murata%20PDFs/NFA31C_Series(1206%20Size).pdf
As I said earlier, I dunno if this story has any truth in it. I just consider it technically feasible. IIRC article called rogue component disguised as "filter". Picture probably is just something they googled as filter.
« Last Edit: October 08, 2018, 10:17:23 pm by wraper »
 

Offline cdev

  • Super Contributor
  • ***
  • Posts: 5338
  • Country: 00
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #234 on: October 08, 2018, 10:30:30 pm »
What a mess. And I don't see this getting any better soon, either.

Time to go back to reading books and spending time with real people instead of on the Internet.

The Register has a good overview of thestory and the issues of competing credibility here:

https://www.theregister.co.uk/2018/10/04/supermicro_bloomberg/?page=1
"What the large print giveth, the small print taketh away."
 

Offline donotdespisethesnake

  • Super Contributor
  • ***
  • Posts: 1088
  • Country: gb
  • Embedded stuff
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #235 on: October 08, 2018, 11:10:01 pm »
It seems that all the "on the record" commentators are denying the story, and the only people "confirming" it are Bloomberg's anonymous sources. Bloomberg are not providing a shred of evidence, nor even evidence that they have seen any evidence....

However, Bloomberg can just the story sit there, whoever is behind it presumably achieved their mission (shorts, alphabet, POTUS etc), no one can prove Bloomberg's "scoop" is fake. Win win basically.

Well, the Russians meddled with US elections, annexed a country, murdered people in the UK, downed a whole airliner over Ukraine, and they basically get away with it. So spreading a little FUD about China is pretty small beer really.

It's kind of like the computer game sequel to "Cold War I", with new player factions.
Bob
"All you said is just a bunch of opinions."
 

Online bd139

  • Super Contributor
  • ***
  • Posts: 14577
  • Country: gb
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #236 on: October 08, 2018, 11:20:42 pm »
I think you may have just nailed it there.
 

Online blueskull

  • Supporter
  • ****
  • Posts: 13537
  • Country: cn
  • Power Electronics Guy
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #237 on: October 09, 2018, 12:27:09 am »
It's kind of like the computer game sequel to "Cold War I", with new player factions.

Seems like the cold war won't be cold for long. Let's see, will WW3 break out on Nov. 6th?
 

Offline tooki

  • Super Contributor
  • ***
  • Posts: 4837
  • Country: ch
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #238 on: October 09, 2018, 01:00:16 am »
FWIW there are also EMI filters in similar package https://media.digikey.com/pdf/Data%20Sheets/Murata%20PDFs/NFA31C_Series(1206%20Size).pdf
As I said earlier, I dunno if this story has any truth in it. I just consider it technically feasible. IIRC article called rogue component disguised as "filter". Picture probably is just something they googled as filter.
They specifically said “signal conditioning coupler”, which a bit of googling showed to be RF devices.
 

Offline cdev

  • Super Contributor
  • ***
  • Posts: 5338
  • Country: 00
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #239 on: October 09, 2018, 02:47:58 am »
They may simply be fancy feed through caps, i.e. bypass caps.. "fancy" name for which is now filter. (Maybe there is an inductor, i.e. spiral structure in there along with the capacitance.)

Also, we're forgetting that with multinational public companies, they have a legal obligation to treat all countries the same. If they install a back door for one, they have to do it for all of them.

They are not allowed to discriminate on any basis other than money.

Whichever countries are their bigge$t customers come first.
« Last Edit: October 09, 2018, 02:54:41 am by cdev »
"What the large print giveth, the small print taketh away."
 

Offline Mr. Scram

  • Super Contributor
  • ***
  • Posts: 9063
  • Country: 00
  • Display aficionado
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #240 on: October 09, 2018, 03:16:45 am »
Jeezus... you two come along and the IQ in here increases 50 points...

mnem
And then I come along and...  :palm:
That's about 25 points each.
 

Offline Mr. Scram

  • Super Contributor
  • ***
  • Posts: 9063
  • Country: 00
  • Display aficionado
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #241 on: October 09, 2018, 03:25:19 am »
They may simply be fancy feed through caps, i.e. bypass caps.. "fancy" name for which is now filter. (Maybe there is an inductor, i.e. spiral structure in there along with the capacitance.)

Also, we're forgetting that with multinational public companies, they have a legal obligation to treat all countries the same. If they install a back door for one, they have to do it for all of them.

They are not allowed to discriminate on any basis other than money.

Whichever countries are their bigge$t customers come first.
According to who do they have that obligation? A company is to obey the law, in whichever form it locally comes up to and including gag orders and active cooperation.
 

Offline mnementh

  • Super Contributor
  • ***
  • Posts: 7118
  • Country: ca
  • *Escaping The Suck*
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #242 on: October 09, 2018, 05:26:46 am »
Jeezus... you two come along and the IQ in here increases 50 points...

mnem
And then I come along and...  :palm:
That's about 25 points each.
Not exactly; IQ is by definition an average scale, as well as being weighted median. To make such a shift indicates a huge disparity between the groups in question. It was a deliberate play on a phrase recently popularized by Sherlock, "Don't talk out loud, you lower the IQ of the whole street."

To wit, there is a lot of egregiously dumb shit flying around this thread.

mnem
*Anything I put here would not improve on silence*
 

Offline technix

  • Super Contributor
  • ***
  • Posts: 3316
  • Country: cn
  • From Shanghai With Love
    • My Untitled Blog
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #243 on: October 09, 2018, 06:11:03 am »
Here is the thing: the best way on a server motherboard to hide a backdoor here is to ship the ASPEED chip with a compromised firmware. Putting suspicion on those small components seem to make no sense to me. The ASPEED chip has an internal bootloader for its ARM9 or ARM11 processor, through abusing this with just software any code can be hidden.
 
The following users thanked this post: thm_w, tooki
</