Slashdot Mirror

← Back to Stories (view on slashdot.org)

Lenovo Discovers and Removes Backdoor In Networking Switches (bleepingcomputer.com)

Posted by msmash on from the fixing-things dept.

An anonymous reader writes: Lenovo engineers have discovered a backdoor in the firmware of RackSwitch and BladeCenter networking switches. The company released firmware updates last week. The Chinese company said it found the backdoor after an internal security audit of firmware for products added to its portfolio following the acquisitions of other companies. Lenovo says the backdoor affects only RackSwitch and BladeCenter switches running ENOS (Enterprise Network Operating System).

The backdoor was added to ENOS in 2004 when ENOS was maintained by Nortel's Blade Server Switch Business Unit (BSSBU). Lenovo claims Nortel appears to have authorized the addition of the backdoor "at the request of a BSSBU OEM customer." In a security advisory regarding this issue, Lenovo refers to the backdoor under the name of "HP backdoor." The backdoor code appears to have remained in the firmware even after Nortel spun BSSBU off in 2006 as BLADE Network Technologies (BNT). The backdoor also remained in the code even after IBM acquired BNT in 2010. Lenovo bought IBM's BNT portfolio in 2014.

42 comments

  1. Some FISA court has to stop the chinese by aod7br7932 · · Score: 4, Funny

    Some american FISA court has to stop this crazy chinese from stepping over their orders.

    1. Re:Some FISA court has to stop the chinese by Anonymous Coward · · Score: 1

      There is only one FISC and it doesn’t actually give out orders. If you’re gonna try to create a conspiracy at least gets your facts straight.

    2. Re: Some FISA court has to stop the chinese by Anonymous Coward · · Score: 0

      An NSL *is* an order.

    3. Re: Some FISA court has to stop the chinese by Anonymous Coward · · Score: 1

      Yes, and those are written up and issued by the FBI not the FISC. The whole point of the NSL is not needing court approval. Want to try again?

    4. Re: Some FISA court has to stop the chinese by Lunix+Nutcase · · Score: 3, Insightful

      Neither the FISA court nor any court is involved in NSLs. That’s one of the major issues with them; the complete lack of any (even rubber-stamped) judicial oversight.

    5. Re:Some FISA court has to stop the chinese by Anonymous Coward · · Score: 0

      I spotted the government stooge!

    6. Re:Some FISA court has to stop the chinese by Anonymous Coward · · Score: 1

      Yeah knowing how the law works must make one a stooge... NOT. On the other hand, I’ve spotted an ignorant twat.

      Do you have an actual argument as to how I’m wrong?

    7. Re:Some FISA court has to stop the chinese by Anonymous Coward · · Score: 0

      you're talking about the law. We're talking about the people who write and execute it.

    8. Re:Some FISA court has to stop the chinese by Anonymous Coward · · Score: 0

      You're a real blast at parties, aren't you?

  2. Don't be so blatant! by Anonymous Coward · · Score: 1

    Better to make it look like an accidental "vulnerability" like how intel does it.

  3. Does HP own Nortel?t by pnutjam · · Score: 4, Funny

    TFA says they are calling it the "HP backdoor", but it was installed by Nortel at the request of Enterprise customers (government ones?). Is this just a nice attempt to smear HP? As an ex hp'er I approve, but I'm curious.

    --
    Cheap storage VM.
    1. Re:Does HP own Nortel?t by Anonymous Coward · · Score: 5, Insightful

      Not an "enterprise" customer but a customer that embeds the switches in their own product or solution, hence the term OEM. Presumably HP requested the backdoor for some reason (ex. easier support, CIA request, etc) and Nortel complied.

      I guess it's pretty funny to name the backdoor after the requester. Allegedly.

  4. Really? by GrumpySteen · · Score: 5, Insightful

    One customer asked for a backdoor and they added it to all their products, giving that customer access to all of their customers' systems? Who the hell would authorize that?

    1. Re:Really? by Anonymous Coward · · Score: 0

      NSA

    2. Re:Really? by Anonymous Coward · · Score: 3, Insightful

      Why would a Canadian company have done something for the NSA that would have violated Canadian law? Do you people even think through your conspiracies?

    3. Re:Really? by Anonymous Coward · · Score: 0

      'customer' is just a placeholder word. While the entity probably was a customer too that is not why they asked for the backdoor and not the reason Nortel complied.

    4. Re:Really? by Anonymous Coward · · Score: 1

      Because national security. You don't want the terrorists to win do you? Think of the chrilden.

    5. Re: Really? by Anonymous Coward · · Score: 1

      ^^^^ +1 funny!

    6. Re:Really? by Anonymous Coward · · Score: 0

      Imagine they start a new project for this customer. They branch off the code base from the main source code trunk directory, then start committing changes. No problem, this is on a branch, so changes are harmless. Dozens of code changes are made, then hundreds, all submitted, reviewed, committed and merged. Still no problem. Bugs are found, fixed and documented along with new features and options. The project is completed, and the source code handed over to the customer. Then they decide to merge all those code changes and bug fixes back into the main trunk. A simple merge is all that's required and the changes made in the branch are reintegrated into trunk.

    7. Re:Really? by Anonymous Coward · · Score: 0

      Oh yeah, because Canadian companies never do anything that violates Canadian law... /eyeroll

      Because money, that's why. Cash, guaranteed contracts, industrial espionage, etc.

    8. Re:Really? by AHuxley · · Score: 1

      5 eyes.

      --
      Domestic spying is now "Benign Information Gathering"
  5. HP Backdoor.... by Anonymous Coward · · Score: 1

    Yeah, right. In other news, Lenovo engineers executed by Chinese government for tampering with government code.

    1. Re:HP Backdoor.... by Anonymous Coward · · Score: 0

      They must be lightyears ahead of US government then since the US installed backdoors gets found a lot more often than the Chinese ones.

      Unless of course the Chinese government doesn't install as many as the US does.

  6. How deep does this go? by Monster_user · · Score: 4, Interesting

    So, around about 2002, Nortel got hacked by hackers in China. This hack was not completely dealt with for at least ten years.

    So,... How was this vulnerability discovered? Could it have been "discovered" by its creator?

    1. Re:How deep does this go? by Luthair · · Score: 2

      Its literally in the first paragraph of the summary. Its no longer RTFA its RTFS.

    2. Re:How deep does this go? by Monster_user · · Score: 4, Interesting

      There is enough possibility left open, that RTFS doesn't quite discredit the implication I suggested. This was added to ENOS during a time when someone in China had a full backdoor into Nortel's systems, which apparently went undetected until 2004, and was not fully detected at least until 2012. http://www.zdnet.com/article/n...

      This might have been requested by HP, as another commenter suggested elsewhere, and then incompetence spread it to equipment beyond the requester's equipment. Or it could have been compromised code planted by the hackers, hiding it as HP requested code. Yet another option is that this was code intended for HP equipment, which the hackers then approved for non-HP equipment.

      We also don't know if any of the hackers involved in the incident(s) from 2000-2012 are employed with Lenovo. It is logical to assume they would have valuable expertise and skills.

    3. Re:How deep does this go? by Anonymous Coward · · Score: 0

      You:

      There is enough possibility left open, that RTFS doesn't quite discredit the implication I suggested.

      The article:

      Lenovo claims Nortel appears to have authorized the addition of the backdoor "at the request of a BSSBU OEM customer." In a security advisory regarding this issue, Lenovo refers to the backdoor under the name of "HP backdoor."

      Really? Nortel authorizing a backdoor = Chinese hackers? Were the dastardly Chinese hackers running Nortel at the time? Or did they run the customer OEM whose name contains letters H and P? Do clarify how and when did those evil Chinamen take over the world by hacking everything and everyone. Or was that the dastardly Russians who hacked everything including the weather? Its hard to keep the Vile Official Enemies of The Moment and their Terrifying Evil Super-powers list straight sometimes.

  7. Part of the procedure... by Anonymous Coward · · Score: 1

    Part of the procedure that they have for adding Chinese government backdoors, is to check if there are already any other backdoors there...

  8. More importantly by Anonymous Coward · · Score: 0, Funny

    How will Trump blame Obama for this?

  9. FYI by fubarrr · · Score: 3, Interesting

    FYI: Nortel used to be big with North American defence contractors

    The fact that Lenovos did the audit in first place itself tells that Chinese were hoping to shop for more than just an average network gear supplier

    1. Re: FYI by Anonymous Coward · · Score: 0

      It cant be Lenovo is just a highly professional chinese-american Company. Yellow Reds unda da beds.

  10. Re:hDoltl by Anonymous Coward · · Score: 0

    You missed your chance to be on-topic! It's a backdoor! An "HP backdoor", at that!

    Now to decide what "HP" should stand for... so many good options. Literally, the choice for that picture should be "hardwood peg", if the stories about its origins and picture set are to be believed.

  11. you sure this was not Harry's Powerswitch? by swschrad · · Score: 1

    certainly if Harry's Powerswitch management software stops working in certain modes, we'll know who the mysterious OEM was....

    --
    if this is supposed to be a new economy, how come they still want my old fashioned money?
  12. Nortel was hurting for business, so... by swschrad · · Score: 1

    the top brass authorized it. as The Red Book said, it's a feature, not a bug.

    --
    if this is supposed to be a new economy, how come they still want my old fashioned money?
  13. Comment removed by account_deleted · · Score: 1

    Comment removed based on user account deletion

  14. They found the back door account by viperidaenz · · Score: 1

    and fixed it by changing the password.

  15. Why does this sound familiar? by functor0 · · Score: 1

    Oh right: https://news.slashdot.org/stor...
    Posted by samzenpus on Thursday July 11, 2013 @09:06PM:
    For the second time in a month, Hewlett-Packard has been forced to admit it built secret backdoors into its enterprise storage products.