Slashdot Mirror

← Back to Stories (view on slashdot.org)

Dell Ships Infected Motherboards

Posted by CmdrTaco on from the scanners-do-nothing dept.

An anonymous reader writes "Computer maker Dell is warning that some of its server motherboards have been delivered to customers carrying an unwanted extra: computer malware. It could be confirmation that the 'hardware trojans' long posited by some security experts are indeed a real threat."

5 of 326 comments (clear)

  1. Bad Article by Co0Ps · · Score: 5, Informative
    From TFA:

    This malware code has been detected on the embedded server management firmware.

    Firmware != Hardware It would have been impressive if it was a real hardware virus though e.g. some malicious chip that opens a backdoor on the network cards and allows remote code execution.

    1. Re:Bad Article by hedwards · · Score: 3, Informative

      That's bullshit and hardly relevant. Firmware is installed on a chip in the hardware. The significance is that even if you were to reinstall the OS, you'd still have the code pop up every time you try to use it. Hardware in this case indicates that it doesn't reside on the HDD or in some other removable portion of the computer. While you can change motherboards, that's a serious enough operation that you're essentially ending up with a different computer once finished.

  2. Re:To paraphrase Ghostbusters by Anonymous Coward · · Score: 3, Informative

    1) More or less the same as any other trojan, but they're much nastier.
    2) Yes, very much so.
    3) Depends on what piece of firmware it is specifically, if say, the BIOS was what was infected then pretty much whatever the hell they want/want to do. Raw dumps of the HDD in the PC(or even just particular files depending on how advanced the trojan is) and an inside track for exploiting the entire network that the machine happens to be connected to, while remaining mostly invisible to anyone but a good/dedicated sysadmin.

  3. Re:To paraphrase Ghostbusters by snadrus · · Score: 5, Informative

    Think embedded keylogger that sends results somewhere online for starters.
    Although it could be as advanced as a router that's been taken over and allow full remote access to the intranet the PC has. That way all the complex theft software is external.
    And ofcourse it could monitor activity & brick the motherboard if someone was trying to detect it.

    --
    Science & open-source build trust from peer review. Learn systems you can trust.
  4. Blown WAY out of proportion by kaizendojo · · Score: 3, Informative

    A few of their SERVICE stock for a single motherboard showed signs of malware code on the embedded server management firmware. Dell reacted quickly and appropriately. You can read the forum posting that started this all here: http://en.community.dell.com/support-forums/servers/f/956/t/19339458.aspx

    Of course this is disturbing, but it's quite a leap to say a 'hardware trojan' is 'shipping with Dell Servers'. Once again, a good example why you should never blindly trust "anonymous posters' on Slashdot... RTFA yourself.