Slashdot Mirror
New Evidence of Hacked Supermicro Hardware Found in US Telecom: Bloomberg (bloomberg.com)
A major U.S. telecommunications company discovered manipulated hardware from Super Micro Computer in its network and removed it in August, fresh evidence of tampering in China of critical technology components bound for the U.S., Bloomberg reported Tuesday. From the report: The security expert, Yossi Appleboum, provided documents, analysis and other evidence of the discovery following the publication of an investigative report in Bloomberg Businessweek that detailed how China's intelligence services had ordered subcontractors to plant malicious chips in Supermicro server motherboards over a two-year period ending in 2015. Appleboum previously worked in the technology unit of the Israeli Army Intelligence Corps and is now co-chief executive officer of Sepio Systems in Gaithersburg, Maryland. His firm specializes in hardware security and was hired to scan several large data centers belonging to the telecommunications company. Bloomberg is not identifying the company due to Appleboum's nondisclosure agreement with the client. Unusual communications from a Supermicro server and a subsequent physical inspection revealed an implant built into the server's Ethernet connector, a component that's used to attach network cables to the computer, Appleboum said.
Has any other news media outfit independently verified the Bloomberg claims?
Still, no concrete evidence is shown by Bloomberg.
Where is the evidence? They keep saying they have it. Why don't they show it?
Now Apple and others claim they have no idea what Bloomberg is talking about. Clearly something was installed on Supermicro servers to cause Apple and others to stop using them.
Report from early 2017
https://www.marketwatch.com/st...
The proof is too small to see
Can they a least release the damn documents.
If they don't want to compromise the company just obfuscate the names with a fucking marker.
o better yet where this devices are for god sake.
Why put the chip on the Ethernet connector? You know this doesn't decrypt encrypted traffic. They should have taken note of US intelligence agencies and built it into the CPU so they could get the info before encryption. Oh well, eventually they will learn about Intel ME and take a hint.
How about a credible write-up by someone knowledgeable in the field? Something with actual substance?
Oh wait, there's no such thing because there's no such person anywhere to be found. Not even in the field itself.
Welp, HACKED!!!1! it is then.
Also from that era that they say. I haven't seen anything anomalous. The fact is that some of their IPMI stuff is vulnerable and they're not updating the firmware (eg. old versions of Dropbear SSH), so if you leave it on the Internet, it may get compromised.
On the other hand, I also don't leave that stuff on a routable VLAN. If it tries to connect to anything (and I haven't seen it reach out), I'd notice and it wouldn't work anyway. Sure the IPMI has some hooks into the rest of the hardware so it is potentially capable of doing 'weird stuff' to my Linux or Windows kernels (although it'd have to be pretty smart to intercept keyboard authentication, wait for someone to be away from the keyboard, automatically replay credentials, then load a workable kernel module to do that) and have the OS compromised do the dirty work, but then again, I haven't seen anything there either and we've used various integrity and antivirus systems from TripWire, Sophos and Cylance that probably would've noticed.
Custom electronics and digital signage for your business: www.evcircuits.com
So that's why monoprice is so cheap
The US government is going to bury this at all costs, either because it doesn't want egg on its face, or because it is complicit in this hacking. Perhaps these devices were installed at the behest of the NSA and the Chinese simply redesigned them to also send info to the Chinese government.
Not implausible, if you ask me.
n/t
According to the original article - the alleged Chinese culprit chip exploited via the BMC. Aspeed is the company that makes 99% of the BMC controllers in Supermicro boards. If China really did go through the trouble to develop a chip to exploit via Aspeed controllers.... why limit themselves to Supermicro? I know at least Tyan and Lenovo also use Aspeed. From China's intelligence perspective, they would want a solution that could work across multiple board vendors.
According to latest:
Really wish they would give us more to go on than just that. Not sure about other Slashdotters, but I have Tyan/Supermicro/Insert-Taiwanese-Motherboard-Manufacturer boards in production, and would really appreciate more information on what to look for.
Pics or it didn't happen.
The story is a plant, but by 4Chan.
It has nothing to do with Trump you retard.
In case you hadn't been paying attention China and Trump are actually close friends (unlike Russia where Trump has done nothing favorable for them).
More bullshit from Bloomberg. Photos or GTFO
Need an independent source; not Bloomberg. The first article was absolute trash and hysteria. No evidence. The images of the "chip" were illustrations by an artist. There is literally no evidence. The DHS, Apple, and Amazon deny the allegations. Onus on the claimant to prove compromise, otherwise they can just sit back and shut the fuck up.
FWIW, one of the main reasons why MSM is garbage.
You wanted chi.com diversity Bosco ... you got chi.com diversity. Feckin-A chinks and the SV Trotsky pander-pals who blojob them. I'd march your left-coast gaffot azwholes to the Utah gulag
So why aren't China computers and routers banned from sale in the USA?
This is an interesting story and all, but a targeted attack on a single machine using interception doesn't really make it likely there was compromise of Supermicro's supply chain at the factory level.
We know NSA intercepts Cisco routers, but that doesn't prove Cisco intentionally backdoors their machines for them in the factory.
time to make stuff in the USA!
right... we'll just take your word for it. I mean it's not like the U.S. has a habit of bursting out with flippant accusations of spying and sabotage, or like they have two agencies who specialize in doing precisely this kind of spying and sabotage themselves.
Believe Israelis or Chinese? (sweating intensifies)
'Trust me, I'm being honest with you' is not proof.
SHOW ME SOME PICTURES, and detailed analysis, data, and other things that amount to PROOF.
of *ALL* BMC Modules.
Seriously, when was the last time someone saw a system WITHOUT an Aspeed based BMC?
Unless you are using Intel AMT as your BMC, it's Aspeed units all the way down, even on many systems that could otherwise support Intel's AMT.
If it's true they'll eventually photograph the actual hardware and provide in depth analysis of how it worked
Isn't being a russian troll pretty much the apex of bootlicking?
They are just another garbage MSM outlet.
They are one of the main outlets of the neocon-fascist / Wall Street / Mont Pelerin Society old boys. I don't know who is more evil, Chinese government of them.
This is exactly the sort of thing they are interested in furthering. That's not even the main problem here.
The main problem is, that people actually listen to them, and spread their shit.
Which is in the same league as spreading Chinese/Russian/US propaganda and acting like it is news.
At least that is my assessment. And it's very likely far more true than any Bloomberg report. :)
What's that?
These motheruckers outsourced EVERYTHING to China and this is the result. A kill switch. I donâ(TM)t give a shit if the electrical engineers here say itâ(TM)s impossible.
Iâ(TM)ll tell you what. I donâ(TM)t want to be on an airplane when itâ(TM)s server is killed.
"Appleboum said one key sign of the implant is that the manipulated Ethernet connector has metal sides instead of the usual plastic ones."
Take a look at a google image search for "motherboard" and see if you can find an RJ-45 socket that doesn't have a metal shield around it for RF blocking.
Awesome furniture, accessories and cabinetry in Santa Rosa, CA: http://humanity-home.com/
The CenturyLink COs in Yakima & Spokane, WA, & elsewhere.
Don't worry, they will Trump another 500 million and he will make it all go away just like he did for ZTE......
Sucks having a traitor as president and a bunch of party before nation traitors supporting him in office. Trump is stupid while the Republicans act like Little Finger from Game of Thrones and would gladly burn this nation down so long as they get to rule over the ashes just a little longer and want to make as big of a mess as possible for the next guy so they can blame them for it.
Irrelevant: IS IT TRUE?
When we started having them build our stuff... what did you think would happen?
Do you think that your corporate security team wants to admit that you were infiltrated?
The first dozen companies that admit this will likely see their stock price decline. Do you want your company to go first?
...in their first article on the subject:
There is a second article with the latest details.
TFA says: "Unusual communications from a Supermicro server ..." and on inspection the Ethernet hardware looked odd.
Maybe they just saw some Intel AMT traffic and components. B-)
Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
Gee, who could be behind these ridiculous rumors?
Will anyone admit to being compromised by such a thing, if the story turns out to be true.
The impact on stock prices alone will probably keep companies from disclosing anything if they have any say so in the matter.
If you live in the US, you can't really be outraged about what China is doing when we have the NSA intercepting Cisco* hardware and tampering with it before shipping it on to the end customer. ( *Cisco is the only one we know about, who knows what else they have their hands in )
This is something everyone needs to think carefully about.
How much do you trust your supplier and what happens when relations with your supplier takes a bad turn ?
Still think relying on a single source for the majority of your goods is a great idea ?
NO! The first story was 'anonymous sources', who failed to provide any evidence or samples of the alleged hardware. Multiple credible sources have spoken up to refute the claims that they used tainted hardware or even found any such hack despite inspections.
THIS time, the only source on record is a 'security' company that seems to be staffed/directed entirely by ex CIA and Mossad operatives. They obfuscate their claim by refusing to name the actual company, and again fail to deliver any evidence.
You'd think that if Supermicro were shipping these hardware-hacked boards in bulk, as suggested by the original article, that some shred of evidence would be forthcoming.
j'ai découvert une démonstration vraiment admirable (de ce théorème général) que cette si
.... you don't say no. if you recall i think it was "Kingsmen", samuel jackson saying, "y'know, the chinese secret service is so secret it doesn't even have a name?" that's because it's operated along isolated cell network lines. *not even the chinese government* can contact those independent cell networks! the only way to "contact" them is for the chinese government - just like everyone else - to make a bit of a fuss, publish a press release and hope like hell that the relevant cell happens to be reading the local or national news.
"Unusual communications from a Supermicro server and a subsequent physical inspection revealed an implant built into the server's Ethernet connector"
translation: someone from an unidentifiable cell called someone in supermicro up, and sai something along the lines of, "we know where you live, we know where your children go to school. we know the manager at the bank and how much is in your bank account, and we know where the bank manager lives as well. now, _about_ those servers you ship to the USA..."
"Appleboum said one key sign of the implant is that the manipulated Ethernet connector has metal sides instead of the usual plastic ones."
Take a look at a google image search for "motherboard" and see if you can find an RJ-45 socket that doesn't have a metal shield around it for RF blocking.
Please forgive them, for they do not know.
They have tried their very best, in portraying themselves as 'experts', but old timers like you and me know otherwise.
They are doing the thing they do to serve their master - By making China looks ridiculously bad they might be able to reap some rewards from their master.
implant in ethernet connector point to NSA's ANT catalog,
either "COTTONMOUTHIII" https://nsa.gov1.info/dni/nsa-...
or "FIREWALK" https://nsa.gov1.info/dni/nsa-...
It looks as if someone is attempting to raise anti-china sentiment, with the goal of getting USA manufacturing back in shape... surely it couldn't be the US governement (haha)...
"Unusual communications from a Supermicro server and a subsequent physical inspection revealed an implant built into the serverâ(TM)s Ethernet connector, a component that's used to attach network cables to the computer, Appleboum said."
Minor details - didn't Bloomberg say it was a chip embedded on the mother board circuitry? So now it's on the ethernet connector... To some its like saying China is Japan ...
> Could you fit a 10G transceiver, phy, mac and stack inside the connector? Why would you?
Yes. Lots of blades have plug and play phys interfaces smaller than your pinky, which handle the eth or fibre and present a unified interface to the backplane. This has been common practice for >10y, since I remember loving the idea (what, you dn't have to open cases to change cable types?!) the very first time I was allowed in a real server room, around 2007.
Yossi Appleboum Disagrees with How Bloomberg is Positioning His Research ... ... â Other Components
ServeTheHome â
---