Supermicro Spy Chips

Discussion in 'Business & Enterprise Computing' started by Agg, Oct 9, 2018.

  1. Agg

    Agg Lord of the Pings

    Joined:
    Jun 16, 2001
    Messages:
    30,598
    Location:
    A Reported Post Near You
    There's a strange story emerging that involves Supermicro, perhaps best known for their enterprise motherboards. A report by Bloomberg claims there are chinese spy chips on their motherboards which have hugely compromised the worldwide tech ecosystem. I've read a bit about this and I can't work out how these spy chips are supposed to have interacted with the various O/Ss and encryption that would have been used by servers they're installed in. When a server was installed and switched on, the microchip altered the operating system’s core so it could accept modifications. What does that even mean? Anyway, pretty much everyone involved is denying the accusations, but if it turns out to be true it will be very widespread given pretty much everyone uses Supermicro motherboards - including the Australian Government.

    I've been away and am just looking into this now, so feel free to post more recent info..
     
  2. power

    power Member

    Joined:
    Apr 20, 2002
    Messages:
    54,593
    Location:
    brisbane
    Apple wrote to congress or some shit vehemently denying this is true.

    https://techcrunch.com/2018/10/07/homeland-security-denies-bloomberg-spy-chip-report/

    I dunno what to make of it yet.

     
  3. OP
    OP
    Agg

    Agg Lord of the Pings

    Joined:
    Jun 16, 2001
    Messages:
    30,598
    Location:
    A Reported Post Near You
    There's a story from today on SMH with a more political spin on it, thanks IntelInside: https://www.smh.com.au/national/ste...hack-shows-its-true-hand-20181008-p508co.html

    While Vladimir Putin's Russia is expert at manipulating the US and its systems, Xi Jinping's China is much more ambitious. The Chinese Communist Party wants to own and control those systems. Russia wants to mess with America's world. China wants America's world. And it's making good progress.
     
  4. millsy_c

    millsy_c Member

    Joined:
    Mar 31, 2007
    Messages:
    12,279
    Location:
    Brisbane
    I am pretty firmly of the belief that whatever truth was in this has been spun pretty hard into the eventual story. Interested to see what the original facts of this are, as potentially there's something interesting, but this article just reads wrong on a number of levels.
     
    fredhoon likes this.
  5. power

    power Member

    Joined:
    Apr 20, 2002
    Messages:
    54,593
    Location:
    brisbane
    for all we know Homeland aren't talking because they put the chips in.
     
  6. millsy_c

    millsy_c Member

    Joined:
    Mar 31, 2007
    Messages:
    12,279
    Location:
    Brisbane
    Considering the US gov had a skeleton key to windows for a good few years, this seems way too onerous / scattergun an approach when there's easier ways. Reads well for bringing in the paranoid, but facts are thin.
     
  7. PabloEscobar

    PabloEscobar Member

    Joined:
    Jan 28, 2008
    Messages:
    12,200
  8. fad

    fad Member

    Joined:
    Jun 26, 2001
    Messages:
    2,170
    Location:
    City, Canberra, Australia
    It seems Australian government organisations only has limited exposure. With a contract in the $300k with defence, and the BoM. How ever this does raise interesting questions on how the attack on the BoM over the last few years occurred. Was this chip involved? Which would widen the attack.
     
  9. Unframed

    Unframed Member

    Joined:
    Mar 30, 2010
    Messages:
    8,844
    Location:
    Hella south west
    Some very strong assumptions in that article
     
  10. dave_dave_dave

    dave_dave_dave Member

    Joined:
    Mar 17, 2004
    Messages:
    2,764
    Location:
    Gold Coast
    Word on the street is this has already happened with some high end Cisco gear years back, not long after they moved manufacturing to China. And don't get me started on pre-compromised Cisco firmware.

    Most enterprise level hardware already has western gov back-doors in it (just look at Intel vPro & AMT), its apparently the east's turn to have a go.
     
    BurningFeetMan likes this.
  11. Frozen_Hell

    Frozen_Hell Member

    Joined:
    Sep 11, 2002
    Messages:
    2,932
    Location:
    Melbourne
    The Register's analysis of the situation to me was pretty on-point in my understanding of the situation thus far: https://www.theregister.co.uk/2018/10/04/supermicro_bloomberg/

    I'm very skeptical about the whole thing being anything but a load of bullshit, it basically now can't be proven/disproven except if believe the denials of Apple/Amazon/Supermicro.

    You know this is how propaganda gets built up in this day and age right? If I was a so-called superpower who was feeling threatened by the economic influence of another on the rise, then I would also start trying to damage that credibility in small non-obvious pieces to try and build up a "body of evidence" to portray someone in a negative light in an attempt to curb that influence. Most people judge things on a continued pattern of behaviour and not a single incident, propaganda works in the same way as it tries to sway the public opinion by building up a narrative over time.

    How about all of those "leaked" intelligence sources that built up the story and swayed public opinion into invading Iraq and toppling Saddam? How about them WMDs all of the repeated leaked "intelligence" lead us to believe he had, quite complicated fabrication and many pieces of that puzzle. It was all bullshit, this was about money and taking control of oil assets, as well as awarding US companies the rebuilding contracts that would be paid for with Iraqi oil.
     
  12. OP
    OP
    Agg

    Agg Lord of the Pings

    Joined:
    Jun 16, 2001
    Messages:
    30,598
    Location:
    A Reported Post Near You
    I'm skeptical as well. Is there a good technical article out there that explains how this attack actually worked? Secret spy chips magically changing software as it installs just sounds like a non-technical fantasy explanation.

    Is there a list of affected boards/servers? Surely among us we have one and can find and photograph this chip? I have several generations of Dell pizza boxen here, among other things.

    edit: ok, that Register article does a pretty good job of dissecting the reports. still sounds like the stuff of cyberpunk fantasy to me, but given how high the stakes are and how big the players are, who knows.
     
    Last edited: Oct 9, 2018
  13. g00nster

    g00nster Member

    Joined:
    Sep 10, 2004
    Messages:
    332
    Location:
    Melbourne
  14. PabloEscobar

    PabloEscobar Member

    Joined:
    Jan 28, 2008
    Messages:
    12,200
  15. fad

    fad Member

    Joined:
    Jun 26, 2001
    Messages:
    2,170
    Location:
    City, Canberra, Australia
    You needed it if the password changed. iDracula was with remote creds or it looks like LPC or i2c physical bus access.
     
  16. Frozen_Hell

    Frozen_Hell Member

    Joined:
    Sep 11, 2002
    Messages:
    2,932
    Location:
    Melbourne
    If anyone actually had one of them and it was in distribution outside of a very targeted attack, i.e. only boards they knew were going to end up going to Amazon, Apple etc. then it would've come out sooner.

    The basics are that the chip was going to phone home, which people would've discovered very quickly as soon as it tried to do that. Everyone is looking for threats from within their networks these days, so it won't have gone unseen for very long at all, unless it sits dormant until a particular date yet to be reached.

    Even if this wasn't something the US came up with as a story, they won't deny it as they are anti-China and have been working hard to erode trust in them. China also won't deny it or comment on it as they quietly want their own people to think they are actually that sophisticated.


    Yeah, well. A much more likely story behind this than anything else.
     
  17. fad

    fad Member

    Joined:
    Jun 26, 2001
    Messages:
    2,170
    Location:
    City, Canberra, Australia
  18. eixt

    eixt Member

    Joined:
    Apr 9, 2003
    Messages:
    1,275
    Location:
    Canberra
    cmi83 likes this.
  19. fad

    fad Member

    Joined:
    Jun 26, 2001
    Messages:
    2,170
    Location:
    City, Canberra, Australia
  20. millsy_c

    millsy_c Member

    Joined:
    Mar 31, 2007
    Messages:
    12,279
    Location:
    Brisbane

Share This Page