Slashdot Mirror

← Back to Stories (view on slashdot.org)

Amazon Offloaded Its Chinese Server Business Because it Was Compromised, Report Says (techcrunch.com)

Posted by msmash on from the aftermath dept.

An anonymous reader shares a report: It looks like Amazon's move to sell off its physical server business in China last year was because the unit had been compromised by a Chinese government spying program. That's according to a report from Bloomberg which details how the Chinese government infiltrated a number of U.S. companies by sneaking tiny chips onto motherboards from Supermicro. They then became part of servers deployed by the companies giving remote operatives potential access to data. It's a huge story that includes a comparatively small but important passage shedding light on Amazon's China deal last November -- the U.S. firm sold the physical server business to local partner Beijing Sinnet for 2 billion yuan, or around $300 million. That transaction initially sparked reports that AWS would exit China, but Amazon later clarified it planned to continue to operate its cloud services in China. Selling the physical server business, it said, was down to the fact that "Chinese law forbids non-Chinese companies from owning or operating certain technology for the provision of cloud services." While it is correct that China did introduce cybersecurity laws that placed restrictions on overseas firms and appeared to give the government unprecedented access to data, the Bloomberg report claims that Amazon's China-based servers were in fact offloaded because they were plagued with compromised servers.

19 of 56 comments (clear)

  1. "Blodbank sells off blood due to contamination..." by xpiotr · · Score: 1

    Remind me to avoid the Amazon Hospitals (tm) in the future....

  2. On one hand this discourages foreign investment by rsilvergun · · Score: 3, Insightful

    OTOH I'm not sure China wants foreign investment. This is the same country that spent a fortune figuring out how to make pens as nice as the Germans instead of just importing the occasional nice pen. China is very nationalistic.

    --
    Hi! I make Firefox Plug-ins. Check 'em out @ https://addons.mozilla.org/en-US/firefox/addon/youtube-mp3-podcaster/
    1. Re:On one hand this discourages foreign investment by Anonymous Coward · · Score: 1

      It's not about importing the pens. It's about economic warfare. They've been blatantly waging economic warfare and western presidents sat and waited for their treat when the bankers told them to. Obama, Bush, Clinton, exactly the same. At least Trump is acknowledging the problem, though probably only to piss off the bankers who ran Hilary against him.

    2. Re:On one hand this discourages foreign investment by CrimsonAvenger · · Score: 4, Insightful
      Historically, China has had next to no interest in importing anything if they could possibly help it.

      For the last couple millenia, their general policy was "foreigners can come here to buy our (obviously superior) goods, but we have no need of, and no interest in, their obviously inferior (since not Chinese) goods."

      --

      "I do not agree with what you say, but I will defend to the death your right to say it"
  3. Typical chinese games again by lengel · · Score: 2

    "Chinese law forbids non-Chinese companies from owning or operating certain technology for the provision of cloud services."

    Gee, I wonder why?

    The government thought process is obvious: We have done it to everyone else so we know it can be done. Therefore we are going to make a law so nobody can do it to us.

  4. Trump is right by Anonymous Coward · · Score: 2, Informative

    China is the enemy.

    1. Re:Trump is right by Anonymous Coward · · Score: 2, Interesting

      And you believe China is the only country doing this type of hardware hacking (or any hack for that matter)? Like the three letter agencies have so much integrity that they would never ever do such a thing? Did you ever wonder whether it was those very agencies that did it in the first place and if caught, they would have plausible deniability as well as being able to put the blame on China? As Trump once said "you think our country is so innocent?" Think outside the box a little and don't believe everything you read. The people at Bloomberg know every intimate detail of this hack, but they can never get to the bottom of who actually did the hack even though it would be so easy to follow the supply chain back directly to the attacker, but they would never go so far. Why? Because this story leads right back to those three letter agencies right here in the US of A. If caught, just blame China for it. Just because it was built in China doesn't mean they are the only ones to place blame. I'm surprised they didn't blame Russia for it. Now China and Russia are the boogie men.

  5. Re:"Blodbank sells off blood due to contamination. by Oswald+McWeany · · Score: 2

    Remind me to avoid the Amazon Hospitals (tm) in the future....

    If you're a member of Amazon Prime you will be guaranteed to be delivered to the afterlife in 2 days or less.

    --
    "That's the way to do it" - Punch
  6. Only bad if the Chinese do it by ArchieBunker · · Score: 2, Interesting

    Wasn't it confirmed by the Snowden leaks that Uncle Sam intercepts hardware during shipment to be compromised?

    --
    Only the State obtains its revenue by coercion. - Murray Rothbard
    1. Re:Only bad if the Chinese do it by mi · · Score: 1

      Wasn't it confirmed by the Snowden leaks that Uncle Sam intercepts hardware during shipment to be compromised?

      NSA, generally, works for the US interests. Chinese work for China — against US interests.

      Pick your side — and stick to it.

      --
      In Soviet Washington the swamp drains you.
    2. Re:Only bad if the Chinese do it by Holi · · Score: 4, Insightful

      Wasn't the NSA found to be acting outside of its charter by intercepting US Citizens communications, like all of them.

      That is the NSA working for someone's interest, but certainly not ours.

      --
      Sorry, teleporters just kill you and then make a copy. A perfect, soul-less copy.
    3. Re:Only bad if the Chinese do it by Megol · · Score: 2

      How about rejecting them both?

    4. Re:Only bad if the Chinese do it by mi · · Score: 2

      Wasn't the NSA found to be acting outside of its charter by intercepting US Citizens communications, like all of them.

      Of course. Since the times of Alan Turing, to intercept the bad guys' communications, you have to intercept all communications — and then sift through them. Of course, some of that can also be used for internal needs, such as to sabotage political enemies.

      That is the NSA working for someone's interest, but certainly not ours.

      That usage of NSA-intercepted traffic to help the entitled one was done by Obama, not by the NSA themselves.

      Wherever your political preferences lie, the major difference between us and China are that we consider privacy a right and any invasion of it — scandalous and possibly criminal. In China (or even in India) these would hardly raise an eyebrow...

      --
      In Soviet Washington the swamp drains you.
    5. Re:Only bad if the Chinese do it by mi · · Score: 1

      How about rejecting them both?

      Go ahead, build your own motherboards — for servers, and other computers you use (including your cellphone). At least, in the US there is no law against that.

      --
      In Soviet Washington the swamp drains you.
    6. Re:Only bad if the Chinese do it by Aighearach · · Score: 1

      No. I mean I agree it would be interesting if true, but no.

      You're probably remembering the first 6 months of reporting where they used the teaching notes from the UK people who didn't actually have access to the program details, but were assigned to write PDFs to try to teach it. That was the real scandal; they led with the mistakes instead of the truth, trickling out bullshit for an extended period of time before the real programs got leaked. And by then, almost nobody paid any attention. And so the internet is full of people who purport to care a lot but don't know any details. It is almost as if somebody wanted them to be used to surveillance, rather than that somebody wanted to tell them what was going on.

      If you paid any attention at all to the leaks, you'd know that the US doesn't intercept hardware to be compromised at all! If it is to be compromised that is done on-site, either over the network or by planting USB drives in convenient places. When the hardware is to be altered, that is done with the assistance of the equipment provider; nothing is "compromised" at all, the vendor is asked to help, they agree, and they get paid.

      It is very different than breaking into the factory and altering what gets produced, as is the accusation against China here.

    7. Re:Only bad if the Chinese do it by Aighearach · · Score: 1

      Wasn't the NSA found to be acting outside of its charter by intercepting US Citizens communications, like all of them.

        That is the NSA working for someone's interest, but certainly not ours.

      1) No

      2) What country are you from? They're not supposed to be working for your interests. They're supposed to be working for the interests of the US Government. When you say "our" in a way that leaves out the US Government, and even leaves out any American who disagrees with you, then it is clear you don't even understand what the nature of the United States is, and what the nature of "our shared interests" are.

  7. taxes by originalGMC · · Score: 1

    Really, they "...weren't paying their taxes" and were about to be "disappeared" so they got the fuck out. https://www.independent.co.uk/...

  8. Intel Management Engine by goombah99 · · Score: 1

    SO is amazon using intel chips? If so there's the intel management engine which is basically a backdoor that can do absolutely anything including run when the computer is turned off (but powered).

    --
    Some drink at the fountain of knowledge. Others just gargle.
  9. Stealth hardware has come along by UnixUnix · · Score: 2

    The Bloomberg link is worth reading, grain of rice -sized HW backdoor and all. Things have progressed quite a bit since 2005, when I opened up an Averatec laptop and noticed a stealth CastleNet mini comm board -- no, it wasn't on any bus or otherwise part of the architecture, it was "in the air", GLUED to the underside of the top cover, with just a cable running to the Ethernet port! Most likely injection somewhere in the supply chain. How crude, huh. What a difference 10 years can make.