Author Topic: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.  (Read 36117 times)

0 Members and 1 Guest are viewing this topic.

Offline VK3DRB

  • Super Contributor
  • ***
  • Posts: 1744
  • Country: au
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #125 on: October 06, 2018, 04:03:21 am »
I agree the Chinese communist government cares only about power.

I bet you've never lived in China. Chinese government is corrupted as hell, but many Chinese people are way more corrupted.
Everyone in China, if has some sort of power, is corrupted. At least the government is being supervised and has to obey the law, at least to certain extent.

Farmers sell poisonous food to urban citizens, doctors prescribe unnecessary lab tests for making some cut, teachers give special attentions to students with rich dads, and the list goes on.
I bet if there is any power, even if just a little bit, that can change other people's living quality by just a tiny margin, the power will be monetized

Now in such a context, Chinese government is fairly clean, compared with the F*ed up society.

I spent a few months in Tianjin in 1980's and 90's. In fact, I set up the first computer manufacturing line in all of China. No I have not lived there long term, but I know what goes on and witnessed some odd things shall we say. The most decent people I met were engineers over there... they were not the type to be corrupt, and they were great to work with.

You want corrupt? The HSBC bank is the bank of choice for Mexican drug cartels for money laundering and currency smuggling. I know someone who told me he smuggled a very large sum of money into Australia from China under full support, knowledge and guidance from HSBC. The problem is HSBC is "too big to fail", and no-one has the guts or integrity to bring them to account; not even the US or the Chinese government. The US govt only gave HSBC a small slap on the wrist for them knowingly profiteering from Mexican drug cartel drug trafficking. And yet if a poor man from the hood sells some crack on the streets, he gets 20 years prison - if the cops don't shoot him first.

I think one of the big problems in China is money is a god over there, called Mammon. A very shallow belief system indeed.

Entrepreneurial, or just plain greedy?... http://www.abc.net.au/news/2018-04-26/daigou-chinese-personal-shopping-$1-billion-industry/9671012
 

Offline blueskull

  • Supporter
  • ****
  • Posts: 13759
  • Country: cn
  • Power Electronics Guy
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #126 on: October 06, 2018, 04:23:03 am »
Entrepreneurial, or just plain greedy?... http://www.abc.net.au/news/2018-04-26/daigou-chinese-personal-shopping-$1-billion-industry/9671012

If you think that's worst, then you are wrong. If it's within the boarder of China, those Daigou people will buy all stocks, even without orders, to bump up the price and sell them back to the people needing them the most.

Remember those people buying new iPhones and dump them on eBay for 2x the price? That happens in China, on foods, concert tickets, even hospital appointment tickets.

Remember the slogan of the capitalization of China? "Regardless white cat or black cat, the can that catches mice is the good cat".
 

Offline ajb

  • Super Contributor
  • ***
  • Posts: 1771
  • Country: us
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #127 on: October 06, 2018, 04:45:22 am »
If the west stay out of human right issues of China and stop sanctioning China for suppressing separatists, China will not need to be excluded from ITAR list, and then China will not have to clone all western technologies if we have a steady, political-free supply of them.


Drifting pretty far off topic here, but that's not what ITAR is about.  ITAR is about technology and materials with military value, nothing to do with human rights.  In fact, AFAICT there are no active US sanctions against China or Chinese entities for human rights reasons, although such actions have been discussed as a result of China's treatment of Uyghers (and if what's been reported about that doesn't count as "physically suppressing", I'm not sure what does, short of actual ethnic cleansing).  Aside from ITAR, there are blanket export restrictions on China for nuclear, chemical, and biological weapons controls, national security, and regional stability reasons (but similar controls are also in place for most countries, including many allies of the US, although not as severe) and I did find references to active sanctions on Chinese entities and individuals relating to Iran, North Korea, and trafficking in arms and narcotics.  For better or for worse, it's hard to gather support for human rights-based sanctions.  Maybe something will happen soon, but most people in the US are much more concerned with problems closer to home at the moment.
 

Offline blueskull

  • Supporter
  • ****
  • Posts: 13759
  • Country: cn
  • Power Electronics Guy
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #128 on: October 06, 2018, 04:59:05 am »
In fact, AFAICT there are no active US sanctions against China or Chinese entities for human rights reasons

Depending on how do you define human right issues. My definition is everything that suppresses people from expressing their willing, is, including wanting to form their own government.

Under that umbrella, conflicts in Xinjiang, Tibet, Hong Kong and Taiwan are all considered to be human right violation.
 

Offline funkyant

  • Supporter
  • ****
  • Posts: 125
  • Country: au
    • YouTube Channel
 
The following users thanked this post: bd139

Offline VK3DRB

  • Super Contributor
  • ***
  • Posts: 1744
  • Country: au
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #130 on: October 06, 2018, 08:54:54 am »
When I say computer, I meant 8086 based PC.

In the 1980's, Hong Kong was THE place for pirated computers and software, especially at the Golden Centre in the aptly named Sham Shui Po. Most of the boards came from sweatshops in Hong Kong and Taiwan, not the PRC. The "rotten Apples" were even assembled in Hong Kong. These were almost always "build-to-order", often while you wait, often using a chair or the floor as a workbench. ESD protection did not even register with these people. The Golden Centre in Hong Kong also was the world's biggest piracy centre for commercial software, according to The Bulletin Magazine in 1986. The place had been raided by the HK cops several times, but after a short stint in jail the the crooks were soon peddling their wares again.
 
Dick Smith's System 80, a cheaper "clone" to the Tandy TRS-80, was made in Hong Kong in 1979 by a company called EACA, which was involved in crime.

China was just getting out of the Maoist dark ages in 1979 after the dictator died in 1976. There is no way they could go from an impoverished third world peasant-based country to making anything remotely resembling quality electronics within 3 years.
 

Online bd139

  • Super Contributor
  • ***
  • Posts: 15021
  • Country: gb
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #131 on: October 06, 2018, 10:31:51 am »
My father used to import clone computer stuff made in the late 1970s into the UK so manufacturing was definitely going on before that. China wasn’t quite as believed - parts of it had been sold out for manufacturing. Then he started importing PC clones and memory into Europe. Ironically he had a bigger production outfit than Dell at the time. I spent most of my years in the 1980s living in an import warehouse basically and being booth gremlin at CeBit.

This exposure is what made me want to be an EE and do silicon design. Ended up in software. Doh.

Stuff from HK/China wasn’t cloned at all and wasn’t crap. This was new stuff totally in house. The only thing they did was use the compatible ISA interface. A lot of the early clone market was developed in the US as well (think Tseng Labs etc) and they set up an OEM chain in HK/Taiwan and subcontracted out to new factories in China mainland.

It’s quite frankly scary how fast they ramped up production.

Someone there says jump and the answer is *boing*.

Someone here says jump and the answer is “persuade me to jump” then after two weeks they fuck off and find somewhere that doesn’t make them jump as high then shitpost on glassdoor.

Shit doesn’t get cloned. The APIs and interfaces do for compatibility but what’s inside is original. And we only have ourselves to blame. West can’t compete now because it’s lazy, bureaucratic and inefficient.
« Last Edit: October 06, 2018, 10:33:47 am by bd139 »
 
The following users thanked this post: GeorgeOfTheJungle

Online Benta

  • Super Contributor
  • ***
  • Posts: 2369
  • Country: de
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #132 on: October 06, 2018, 12:40:25 pm »
Wow, so many conspiracy hypotheses here. The one thing that surprises me is, that from all the knowledgeable people here, not one has stumbled on the most plausible explanation.

It has been mentioned a couple of times that it is a very small, low pin count device.

That screams to me: PCB-RFID tag.

This is nothing unusual, a lot of companies place RFID tags on their PCBs and have done so for years as a replacement for bar codes.

It's for production tracking, inventory control, warranty tracking, product authenticity etc. Upside compared to bar codes is, you can read the tag without opening the box.

Here's an example: https://www.mouser.com/pdfdocs/magicstrap_application_guide.PDF

It's got nothing to do with backdoors or spying.

 
The following users thanked this post: tooki

Online bd139

  • Super Contributor
  • ***
  • Posts: 15021
  • Country: gb
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #133 on: October 06, 2018, 12:50:48 pm »
RFID tag needs an antenna and those aren’t particularly small or easy to hide in a multi layer board. Go have a look at some example of PCB rfid tag antennas.
 

Online Benta

  • Super Contributor
  • ***
  • Posts: 2369
  • Country: de
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #134 on: October 06, 2018, 12:54:13 pm »
I know exactly what an RFID antenna looks like, and it's nothing more than a slot in a ground plane. You go look.

Edit: See here: https://www.nxp.com/docs/en/application-note/AN171530.pdf
Go to chapter 5 (page 28).

« Last Edit: October 06, 2018, 01:00:27 pm by Benta »
 

Offline chris_leyson

  • Super Contributor
  • ***
  • Posts: 1412
  • Country: wales
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #135 on: October 06, 2018, 03:31:27 pm »
Murata "Magicstrap" is one example and they do tags with an integrated antenna 1.25 x 1.25 x 0.55mm package 10mm range. https://www.murata.com/en-eu/products/rfid/rfid/uhf. Nothing new here.
 

Offline Cerebus

  • Super Contributor
  • ***
  • Posts: 4875
  • Country: gb
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #136 on: October 06, 2018, 03:40:50 pm »
Wow, so many conspiracy hypotheses here. The one thing that surprises me is, that from all the knowledgeable people here, not one has stumbled on the most plausible explanation.

It has been mentioned a couple of times that it is a very small, low pin count device.

That screams to me: PCB-RFID tag.

This is nothing unusual, a lot of companies place RFID tags on their PCBs and have done so for years as a replacement for bar codes.

It's for production tracking, inventory control, warranty tracking, product authenticity etc. Upside compared to bar codes is, you can read the tag without opening the box.

Here's an example: https://www.mouser.com/pdfdocs/magicstrap_application_guide.PDF

It's got nothing to do with backdoors or spying.

Bit of a red herring frankly. The context is not one where someone has pointed at a component on a board that they, but not an expert, are incapable of identifying. The allegation claims a years long investigation by, among others, the FBI, who are quite capable of popping into MIT or Stanford or Intel or On Semi and saying "tell us what this component is and what it does". I don't think Bloomberg are going to turn around and go "Aw shucks! Is that what it was? If only we'd asked some random bloke on the eevblog forum what it was instead of going off half cocked".
Anybody got a syringe I can use to squeeze the magic smoke back into this?
 

Online Benta

  • Super Contributor
  • ***
  • Posts: 2369
  • Country: de
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #137 on: October 06, 2018, 03:49:05 pm »
Sorry, but "half cocked" is what the Bloomberg article is. Allegations, allegations and not one hard fact. The article shows pictures of a miniscule 6-pin device, which is completely in line with an RFID chip and a ground plane slot antenna. It could even have been embedded during PCB manufacturing before assembly. This is in line with manufacturing tracking.
A 6-pin device as "back door"? No way, José.




« Last Edit: October 06, 2018, 03:55:42 pm by Benta »
 
The following users thanked this post: tooki

Offline MT

  • Super Contributor
  • ***
  • Posts: 1290
  • Country: cn
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #138 on: October 06, 2018, 04:15:14 pm »
China go full fascistic according to ABC Australia
 

Online wraper

  • Supporter
  • ****
  • Posts: 11541
  • Country: lv
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #139 on: October 06, 2018, 04:16:59 pm »
A 6-pin device as "back door"? No way, José.
2 power pins and 2-3 data pins are more than enough to compromise the system.
 

Offline JimRemington

  • Regular Contributor
  • *
  • Posts: 173
  • Country: us
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #140 on: October 06, 2018, 04:20:37 pm »
https://arstechnica.com/tech-policy/2018/10/bloomberg-stands-by-chinese-chip-story-as-apple-amazon-ratchet-up-denials/

Quote
Luckily, we're likely to know the answer one way or the other in the coming days. If the Bloomberg story is true, there are thousands of compromised motherboards out there, and companies will be scouring their data centers for them. People have already identified the specific circuit board featured in the graphic at the top of the Bloomberg article, though it's not clear if this is a real photograph or a Bloomberg-made mockup. If the story is accurate, sooner or later someone will produce a compromised board and do a public teardown.

Sounds like a great job for Dave!
 

Offline Cerebus

  • Super Contributor
  • ***
  • Posts: 4875
  • Country: gb
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #141 on: October 06, 2018, 04:22:44 pm »
Sorry, but "half cocked" is what the Bloomberg article is. Allegations, allegations and not one hard fact. The article shows pictures of a miniscule 6-pin device, which is completely in line with an RFID chip and a ground plane slot antenna. It could even have been embedded during PCB manufacturing before assembly. This is in line with manufacturing tracking.
A 6-pin device as "back door"? No way, José.

No dispute that it's half-cocked, I'm just disputing that you've found the magic that everybody else missed.

This is not about the ability to recognise a component from first instance, this is about politics, propaganda, misinformation tactics and possibly share price manipulation. The very length and depth of the Bloomberg article's claims make it clear that this is more than mere "tech ignorant journo makes a cock up". That scale suggests deliberation, a very real conspiracy to mislead (even if that misleading is only about the various sources ability and accuracy), or (improbably) the most perfect synchronicity of journalistic and official incompetence that has ever been produced by happenstance.
Anybody got a syringe I can use to squeeze the magic smoke back into this?
 

Offline radioactive

  • Regular Contributor
  • *
  • Posts: 176
  • Country: us
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #142 on: October 06, 2018, 04:23:41 pm »
I think the image of the part in that article looks like a common RF balun.  Would have to see proof otherwise to believe anything else.
 
The following users thanked this post: tooki

Offline chris_leyson

  • Super Contributor
  • ***
  • Posts: 1412
  • Country: wales
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #143 on: October 06, 2018, 04:26:22 pm »
@Benta. Sorry, should have read your post, the Magicstrap RFID chips are pretty cool but nothing to do with the Bloomberg article. Smallest microprocessor I can buy is ATtiny in 2x2x0.6mm package and there is no reason why you can't embed that either. The die size probably limits the packaging but you've got a fair amount of metal to plate onto so an ATtiny would be one example of something relatively easy to embed into a PCB.
 

Online bd139

  • Super Contributor
  • ***
  • Posts: 15021
  • Country: gb
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #144 on: October 06, 2018, 04:33:19 pm »
Has anyone read the eSPI manual from Intel?

https://www.intel.com/content/dam/support/us/en/documents/software/chipset-software/327432-004_espi_base_specification_rev1.0_cb.pdf

Each device is bussed with clock, io, independent chip select. Also it’s not multi master and is fanned out over the board so to modify the protocol you’d need to intercept rather than tap. That means twice as many pins as a tap. Also it’s a channeled protocol. On top of that the slaves can initiate transactions so you’d have to be aware of the state of the system to stop bus collisions.

This seems a whole load of faff when there’s a whole bunch of firmware floating around on the boards you can futz with.

And as I have said before the entire thing would leave tangible evidence on the board which is quite frankly fucking stupid as you can probably through comparison trace the encapsulation and/or the silicon back to the originating country.
 

Offline apis

  • Super Contributor
  • ***
  • Posts: 1667
  • Country: se
  • Hobbyist
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #145 on: October 06, 2018, 05:34:22 pm »
Would have thought it would be easy enough to re-encapsulate chips with added components or make custom versions of chips already on the board. You could then just replace the original parts with your modified parts, would be much harder to discover. But hey, whatever works works.
 

Offline IanMacdonald

  • Frequent Contributor
  • **
  • Posts: 944
  • Country: gb
    • IWR Consultancy
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #146 on: October 06, 2018, 05:39:29 pm »
There is a product called Computrace LoJack which is in the BIOS, but injects DLLs into the system32 folder of any installed copy of Windows when run. Ostensibly this is so a stolen computer can be traced. It's done like this because the DLLs can do a lot more things than the limited BIOS code. Like, phone home. I wouldn't be surprised if the supermicro bug worked the same way. So yes, this is certainly feasible.

People have been hammered with propaganda to the effect that HTTPS protects them whilst on the Internet. In fact, the protection it provides is minimal. The problem is that this kind of hard-sell of one rather limited security product creates a false sense of security, which leads to other more prevalent threats being overlooked.

https://iwrconsultancy.co.uk/blog/https
 

Online bd139

  • Super Contributor
  • ***
  • Posts: 15021
  • Country: gb
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #147 on: October 06, 2018, 05:46:14 pm »
I disagree. HTTPS, more correctly HTTP over TLS, is just one part of the security model. At each end you have vendors providing software that have an interest in making sure they don’t look like shit. HTTPS protects you between those security boundaries.

That’s unrelated to this discussion entirely however.

The biggest threat is the competence of the programmers at each end and the user doing something stupid.
 

Offline floobydust

  • Super Contributor
  • ***
  • Posts: 3527
  • Country: ca
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #148 on: October 06, 2018, 06:42:11 pm »
We don't know the truth yet. It's kind of simmering, like when a big turd is going to hit the fan. Somebody is grossly wrong and the Internet is divided.

No comment from the FBI, CIA and NSA. Amazon and Apple deny it.

Bloomberg claims 17 people are confirming the H/W mods:
"The companies’ denials are countered by six current and former senior national security officials who... detailed the discovery of the chips... One of those officials and two people inside AWS provided extensive information on how the attack played out at Elemental and Amazon; the official and one of the insiders also described Amazon’s cooperation with the government investigation. In addition to the three Apple insiders, four of the six U.S. officials confirmed that Apple was a victim. In all, 17 people confirmed the manipulation of Supermicro’s hardware and other elements of the attacks. The sources were granted anonymity because of the sensitive, and in some cases classified, nature of the information."

I think the problem is these servers are heavily used, beyond the early clients Amazon and Apple.
So other big companies would be compromised, perhaps Facebook (again), Google, banks, DoD etc.

Second, why not add the back door to cellphones? I have to wonder if the iPhone didn't get "the treatment", hence Apple's denial.
 

Offline BravoV

  • Super Contributor
  • ***
  • Posts: 6798
  • Country: 00
  • +++ ATH1
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #149 on: October 06, 2018, 06:50:51 pm »


versus


 :-DD


Share me

Digg  Facebook  SlashDot  Delicious  Technorati  Twitter  Google  Yahoo
Smf