Author Topic: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.  (Read 67937 times)

0 Members and 1 Guest are viewing this topic.

Offline David Hess

  • Super Contributor
  • ***
  • Posts: 16545
  • Country: us
  • DavidH
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #150 on: October 07, 2018, 04:52:46 am »
Disgree.... not the 1990's... now. There are exact copies of creative patented or copyrighted work by Australian companies and individuals which thieving pirates sell stuff blatantly around the world. IP theft is rampant. Not "copy watch" of the 1990's, but entire designs of high value items where you cannot tell the difference.

Weird. I don't see any of them. Examples please.

Let's make it clear. Since we are talking illegal blatant direct clones that hit the market, those don't count:
1. Cloning of ideas and patents don't count. Only cloning of actual reduction to practice counts.
2. Mimicking a genuine hardware device to illegally use the original software doesn't count.
3. Cloning under a license or a circumvented or successfully attacked IP (copyright under DMCA exemptions, patents with nullified claims, etc.) doesn't count.
4. Cloning at a small scale (mom and dad shop, personal projects or industrial products that're only intended to be used in-house, not to be sold) or for special purposes (government actions for defensive, governmental or policing applications) doesn't count.
5. Genuine development using pirate software/firmware o cloned tools doesn't count.

What about cloning an entire company?

The other common type of cloning is when the production factory runs an extra undocumented shift.
 

Offline BravoV

  • Super Contributor
  • ***
  • Posts: 7547
  • Country: 00
  • +++ ATH1
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #151 on: October 07, 2018, 05:03:40 am »
So anyone who wants to buy a  Supermicro server boards and search the chip? Looks like they are getting cheaper at the moment at eBay :-DD

These special Supermicro products are surely sold exclusively to Amazon & Apple only, hence there is no proof, or very hard to get. Hence, you have to understand the reluctance to release the details by Bloomberg, riding their reputation, all you need is to trust Bloomberg and believe.

Hey, where is your patriotism anyway ?  >:D

<spin dr. mode:OFF>

 :-DD

Offline helius

  • Super Contributor
  • ***
  • Posts: 3632
  • Country: us
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #152 on: October 07, 2018, 05:47:17 am »
I have purchased "ghost shift" products in the past. Some typical signs are 1.) the box and manual of the product do not carry the vendor's name, address, or logo, but the vendor logo is silkscreened onto the device itself; 2.) the manual appears to be a crudely laid-up Xerox copy of an existing document; 3.) the presence of China-market testing and recycling marks. The actual quality of the product may be the same, but you obviously should not expect vendor support.
 

Offline chris_leyson

  • Super Contributor
  • ***
  • Posts: 1541
  • Country: wales
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #153 on: October 07, 2018, 05:48:34 am »
Quote
What about cloning an entire company?
Or stealing an entire company

Company C, the Chinese company, owes Company A £600,000 and makes lame excuses for not paying. Company A embarks on a huge project, hires a lot more staff and borrows £250,000 from Company K. Meanwhile Chinese director of Company C buys shares in Company A. becomes a board member of Company A and still owes Company A.
New Chinese board member buys out directors of Company A, forms new Company B and transfers assets to new Company B. Chinese director of Company A winds up company A but keeps Company B going under a similar name. Company K are not happy. Directors wife becomes sole director and owner of company B. Company B ceases trading a year later. Company C owns all of the interlectual property of Company A and probably any left over stock from Company B. True story.
 

Offline a59d1

  • Regular Contributor
  • *
  • Posts: 102
  • Country: us
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #154 on: October 07, 2018, 06:10:32 am »
The billions of dollars can be used to help pay some of the damage to western companies caused by China's rampant and shameless IP theft.

And also your loss of employment insurance, if that's what you mean.

China is getting more and more innovative, as can be seen from history.

In the 1990s, China blatantly cloned entire designs.

In the 2000s, China cloned part of the designs and costed-down the designs by modifications.

In the 2010s, most Chinese designs are patent infringing, but the engineering is more or less independent.

China will keep stealing patents for many more years, but engineering will be more or less independent.

China doesn't care about right or wrong, China only cares about power.

Being able to engineer is a power to technological independence. Being able to invent is not.

China needs technological independence, as that frees China from potential sanction from the west.

That is the ultimate free pass to dictatorship. The only thing that prevents Chinese government from physically suppressing its unrest people and its separatism states is the fear of being sanctioned by the west.

What China wants is not really that much. All we want is the west to leave us alone as long as we don't touch a NATO country.

And the west just will not. China will never be peaceful until the west stops policing near China.

China wouldn't have to clone western technology, China wouldn't have to manipulate currency, and China wouldn't have to be a political enemy of the west, as long as the west gets their fuck out of Chinese politics.

Is your license plate still SIGSEGV, comrade?
 

Offline T3sl4co1l

  • Super Contributor
  • ***
  • Posts: 21606
  • Country: us
  • Expert, Analog Electronics, PCB Layout, EMC
    • Seven Transistor Labs
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #155 on: October 07, 2018, 06:16:48 am »
Back in the days of print journalism, this is exactly where the editor would have put:

    [sidebar from Dr. Expert goes here "What we found under the microscope"]

A sidebar lets you provide detail that the general reader will want to skip, but that allows you to "show your workings" so that people know you're not handwaving or hoodwinking them. This is especially necessary in this case given the gravity of the accusations. Moreover, business readers aren't insulted by being presented technical details in a sidebar - business people don't expect to understand all the technical details, they have people for that "John, read this article and tell me if the technical side makes sense to you".

Yes, that would've done perfectly!


Quote
Here I'm speaking as an ex-section editor of a business computer magazine. I wouldn't have put a story one tenth as volatile as this on the page without putting enough in print to make my case lawyer proof. Providing all the facts, as far as you can, may make a difference between a case for slander of goods* and no case to answer. In fact in defamation cases sometimes the most damaging thing you can do is to make accusations without producing your proof at the same time. At the very least it leads to legal bills and court appearances where, if you'd made a good case in print already, the plaintiff's lawyers would have said "don't bother".

Good point!

Tim
Seven Transistor Labs, LLC
Electronic design, from concept to prototype.
Bringing a project to life?  Send me a message!
 


Offline Mr. Scram

  • Super Contributor
  • ***
  • Posts: 9810
  • Country: 00
  • Display aficionado
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #157 on: October 07, 2018, 06:35:37 am »
We can only assume Bloomberg understands this better than any of us. They aren't exactly amateurs and have extensive experience in the business world, which isn't exactly an amateurish or forgiving environment.
 

Offline BravoV

  • Super Contributor
  • ***
  • Posts: 7547
  • Country: 00
  • +++ ATH1
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #158 on: October 07, 2018, 06:38:15 am »
We can only assume Bloomberg understands this better than any of us. They aren't exactly amateurs and have extensive experience in the business world, which isn't exactly an amateurish or forgiving environment.

Agree, and this means Bloomberg's reporter knows better than US DHS and UK NCSC, interesting time indeed.

I have a gut feeling few fellas here starting to doubt on who the f**k is Reuters and it's reputation, say compared to Bloomberg, and probably Fox News fans too.  ;)
« Last Edit: October 07, 2018, 07:18:32 am by BravoV »
 

Offline ogden

  • Super Contributor
  • ***
  • Posts: 3731
  • Country: lv
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #159 on: October 07, 2018, 06:52:10 am »
We can only assume Bloomberg understands this better than any of us. They aren't exactly amateurs and have extensive experience in the business world, which isn't exactly an amateurish or forgiving environment.

Agree, and this means Bloomberg's reporter knows better than US DHS and UK NCSC, interesting time indeed.

Counterintelligence is responsibility of CIA, not DHS or FBI. If this is true story, it can have "top secret" seal for decades. Other option is just stock fraud or (unlikely) dumb defamation. We will see soon because investors are very unhappy - shares plunged 50%.
 

Offline BravoV

  • Super Contributor
  • ***
  • Posts: 7547
  • Country: 00
  • +++ ATH1
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #160 on: October 07, 2018, 07:05:02 am »
Other option is just stock fraud or (unlikely) dumb defamation. We will see soon because investors are very unhappy - shares plunged 50%.

Don't rule out other option, which is a direct & straight intervention from an ignorance and short sighted white house staff, bypassing gov 3 characters agencies, and under heavy pressure that had been instructed ordered to think of how to kill two birds with one stone, which are the disobedience big corporations "and" China.  >:D

We've seen this in the past (example -> HERE), how the potus interfered at low level, cronyist must made lots of money for short selling Amazon, prolly made hundreds of millions overnight, its legal anyway.  :-DD
« Last Edit: October 07, 2018, 07:36:46 am by BravoV »
 

Offline BravoV

  • Super Contributor
  • ***
  • Posts: 7547
  • Country: 00
  • +++ ATH1
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #161 on: October 07, 2018, 07:33:45 am »
Counterintelligence is responsibility of CIA, not DHS or FBI.

Nope, just fyi, CIA is illegal to operate domestically in US.

And this matter brought out by Bloomberg, is a domestic issue which legally should be handled by FBI and DHS.

For example counterintelligence like capturing foreign spy "inside US" is under FBI jurisdiction & power, not CIA, only outside US border.

Offline donotdespisethesnake

  • Super Contributor
  • ***
  • Posts: 1093
  • Country: gb
  • Embedded stuff
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #162 on: October 07, 2018, 08:30:01 am »
We can only assume Bloomberg understands this better than any of us. They aren't exactly amateurs and have extensive experience in the business world, which isn't exactly an amateurish or forgiving environment.

That's so naive and gullible, it's almost touching. I suppose the fact that Bloomberg reporters get a bonus related to how much their stories affect the market would not affect your faith  :-DD
Bob
"All you said is just a bunch of opinions."
 
The following users thanked this post: tooki

Offline bd139

  • Super Contributor
  • ***
  • Posts: 23017
  • Country: gb
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #163 on: October 07, 2018, 08:41:11 am »
Indeed. Bloomberg are an aggregator service. Accuracy depends on what they are aggregating and their fact checking. They haven’t had a particularly good rating in that department. Compared to Reuters at least they are more the equivalent of a tabloid aggregator.
 
The following users thanked this post: tooki

Offline Mr. Scram

  • Super Contributor
  • ***
  • Posts: 9810
  • Country: 00
  • Display aficionado
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #164 on: October 07, 2018, 09:11:53 am »
That's so naive and gullible, it's almost touching. I suppose the fact that Bloomberg reporters get a bonus related to how much their stories affect the market would not affect your faith  :-DD
You seem to have invented some kind of faith and subsequently attributed it to me. Interesting. Do elaborate.
 

Online wraper

  • Supporter
  • ****
  • Posts: 16794
  • Country: lv
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #165 on: October 07, 2018, 09:18:53 am »
Counterintelligence is responsibility of CIA, not DHS or FBI.

Nope, just fyi, CIA is illegal to operate domestically in US.

And this matter brought out by Bloomberg, is a domestic issue which legally should be handled by FBI and DHS.

For example counterintelligence like capturing foreign spy "inside US" is under FBI jurisdiction & power, not CIA, only outside US border.
One peace of nonsense you wrote here. CIA often exceeds what they are allowed to do, however they can operate legally within US. Just imagine how what you wrote would work in practice. They look after some spies who are outside US, those spies contact other spies within US. Nope, we cannot investigate those  :palm:.
 

Online mikeselectricstuff

  • Super Contributor
  • ***
  • Posts: 13694
  • Country: gb
    • Mike's Electric Stuff
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #166 on: October 07, 2018, 10:24:03 am »
We don't know the truth yet. It's kind of simmering, like when a big turd is going to hit the fan. Somebody is grossly wrong and the Internet is divided.

No comment from the FBI, CIA and NSA. Amazon and Apple deny it.

Bloomberg claims 17 people are confirming the H/W mods:
but not one single plausible photo.
If this was real, there would be pictures.
Youtube channel:Taking wierd stuff apart. Very apart.
Mike's Electric Stuff: High voltage, vintage electronics etc.
Day Job: Mostly LEDs
 
The following users thanked this post: mtdoc, tooki, a59d1

Offline madires

  • Super Contributor
  • ***
  • Posts: 7695
  • Country: de
  • A qualified hobbyist ;)
 

Offline donotdespisethesnake

  • Super Contributor
  • ***
  • Posts: 1093
  • Country: gb
  • Embedded stuff
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #168 on: October 07, 2018, 12:22:59 pm »
DHS says no reason to doubt firms' China hack denials: https://www.reuters.com/article/us-china-cyber-dhs/dhs-says-no-reason-to-doubt-firms-china-hack-denials-idUSKCN1MH00Y

I think that nails it dead, Bloomberg's story is fake news. Reminds me of https://en.wikipedia.org/wiki/Hitler_Diaries

Now we know the story is bogus, the question is how Bloomberg managed to make such a huge cock-up. Unquestioning conservative blogs are already using it as justification to increase the "war" with China, so maybe that provides the answer.
Bob
"All you said is just a bunch of opinions."
 
The following users thanked this post: NiHaoMike, mtdoc, tooki

Offline BravoV

  • Super Contributor
  • ***
  • Posts: 7547
  • Country: 00
  • +++ ATH1
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #169 on: October 07, 2018, 01:47:25 pm »
Now we know the story is bogus, the question is how Bloomberg managed to make such a huge cock-up. Unquestioning conservative blogs are already using it as justification to increase the "war" with China, so maybe that provides the answer.

Not that simple, China is just collateral damage which is inline with the current US political agenda at the international scenes.

Meanwhile at local/domestic affair, this is happening ...

https://www.washingtonpost.com/business/capitalbusiness/pentagon-doubles-down-on-single-cloud-strategy-for-10-billion-contract/2018/08/05/352cfee8-972b-11e8-810c-5fa705927d54_story.html?noredirect=on

https://www.bloomberg.com/news/articles/2018-07-26/pentagon-goes-with-winner-take-all-10-billion-cloud-contract

https://www.washingtonpost.com/business/2018/08/07/oracle-challenges-pentagons-multibillion-dollar-cloud-computing-contract-before-bids-are-even-submitted/

https://www.bloomberg.com/news/articles/2018-06-26/amazon-foes-in-pentagon-cloud-deal-are-said-to-include-sap-csra


... + senates hearing for big companies ...

Offline Cerebus

  • Super Contributor
  • ***
  • Posts: 10576
  • Country: gb
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #170 on: October 07, 2018, 02:29:13 pm »
Agree, and this means Bloomberg's reporter knows better than US DHS and UK NCSC, interesting time indeed.

Counterintelligence is responsibility of CIA, not DHS or FBI. If this is true story, it can have "top secret" seal for decades. Other option is just stock fraud or (unlikely) dumb defamation. We will see soon because investors are very unhappy - shares plunged 50%.

Literally wrong on every fact.

The FBI is the lead agency for exposing, preventing, and investigating intelligence activities on U.S. soil, ...

Foster a fully synchronized, cohesive enterprise that integrates intelligence into operational functions and drives action through Mission Centers to mitigate all threats to the Homeland including-Counterintelligence, Counterterrorism, Cyber, Economic Security, and Transnational Organized Crime.

In 1947 Congress passed the National Security Act, which created the National Security Council (NSC) and, under its direction, the CIA. ..., the CIA was forbidden by law (the National Security Act) from conducting intelligence and counterintelligence operations on domestic soil.
Anybody got a syringe I can use to squeeze the magic smoke back into this?
 
The following users thanked this post: ogden

Offline Cerebus

  • Super Contributor
  • ***
  • Posts: 10576
  • Country: gb
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #171 on: October 07, 2018, 02:49:52 pm »
One peace of nonsense you wrote here. CIA often exceeds what they are allowed to do, however they can operate legally within US. Just imagine how what you wrote would work in practice. They look after some spies who are outside US, those spies contact other spies within US. Nope, we cannot investigate those  :palm:.

Let's repeat that again:

In 1947 Congress passed the National Security Act, which created the National Security Council (NSC) and, under its direction, the CIA. ..., the CIA was forbidden by law (the National Security Act) from conducting intelligence and counterintelligence operations on domestic soil.

If it's on US soil it's the FBI's jurisdiction. If the CIA discover something overseas with a domestic link they have to get the FBI to handle that end of it - just as if, say, the Sûreté uncover a crime in Paris with a London link and have to involve the Metropolitan Police [of London] because they have no legal powers in London. The CIA case is more extreme because they are explicitly forbidden by law from acting domestically, not just lacking legal powers to do so.

So who was writing a "peace[sic] of nonsense"?  :palm: Y'all might want to check your facts before implying someone else is a fool.
Anybody got a syringe I can use to squeeze the magic smoke back into this?
 
The following users thanked this post: ogden

Offline David Hess

  • Super Contributor
  • ***
  • Posts: 16545
  • Country: us
  • DavidH
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #172 on: October 07, 2018, 02:55:34 pm »
I have purchased "ghost shift" products in the past. Some typical signs are 1.) the box and manual of the product do not carry the vendor's name, address, or logo, but the vendor logo is silkscreened onto the device itself; 2.) the manual appears to be a crudely laid-up Xerox copy of an existing document; 3.) the presence of China-market testing and recycling marks. The actual quality of the product may be the same, but you obviously should not expect vendor support.

In many cases this is discovered when the real company receives customer service requests for identical products which they have no record of producing.
 
The following users thanked this post: tooki

Online wraper

  • Supporter
  • ****
  • Posts: 16794
  • Country: lv
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #173 on: October 07, 2018, 02:59:30 pm »
I have purchased "ghost shift" products in the past. Some typical signs are 1.) the box and manual of the product do not carry the vendor's name, address, or logo, but the vendor logo is silkscreened onto the device itself; 2.) the manual appears to be a crudely laid-up Xerox copy of an existing document; 3.) the presence of China-market testing and recycling marks. The actual quality of the product may be the same, but you obviously should not expect vendor support.
What you described in 99% of cases is counterfeit, not ghost shift. Also when you order from China, often they throw away original box. So it also could be a product for Chinese market which originally came with Chinese manual.
« Last Edit: October 07, 2018, 03:04:21 pm by wraper »
 

Offline BravoV

  • Super Contributor
  • ***
  • Posts: 7547
  • Country: 00
  • +++ ATH1
Re: Chinese manufacturer puts hardware backdoor onto Supermicro server boards.
« Reply #174 on: October 07, 2018, 03:17:25 pm »
So who was writing a "peace[sic] of nonsense"?  :palm: Y'all might want to check your facts before implying someone else is a fool.

You have to realize after seeing this thread grows into so many pages which is a proof and sign, that even one that had been experienced, worked and trained in logical thinking regime at engineering field, doesn't mean one can see thru clearly in this kind of matter, which is pretty simple and straightforward.

This thread grows because posters are divided majorly into two camps only, as I stated previously, which are "want to believe" camp vs "the pudding" camp.  :-DD


Share me

Digg  Facebook  SlashDot  Delicious  Technorati  Twitter  Google  Yahoo
Smf