New Evidence of Hacked Supermicro Hardware

[OneMoar]

nonsense supermicro have been around for how long ?

 

[StrayKAT]

I think everybody should relax for a bit and chill the hypocrisy.
You are all acting like China spying on US it's the worst thing happened since the invention of Politics or Java.
The US had and has the most advances spying System in the world with the tentacles spread all over the world. Heck, the Internet itself it's the biggest and most complex tool ever developed by Humanity, with all it's 7 Layers possible to hacking, spying, etc, etc.
This news it's just a grain in the sand, more bashing on China, just because...

I don't like US' spying either, but it's "tentacles" were encouraged in the Cold War. They didn't create the beast on their own. It's also technically the "5 eyes" (US, UK, Aus, Can, NZ) along with some play with other nations that share intel with each other. Third, at least in the US, as much data as the government collects, it can't officially admit to any of it. The 4th Amendment requires a warrant to invade people's property, etc.. So the spies have to find legal tricks to first obtain a warrant on legitimate grounds, and only then can they inject the crap they've already been collecting under the guise of a "new investigation". It's not always easy. Until politicians convince their idiotic population to get rid of this Amendment, it'll serve us well.

China plays by no such rules... and has no such allies.

 

[Prima.Vera]

Well you know, potato - potatoe.
In U.S. at least there are some "laws" that, in theory, protect the citizens from those kind of ... maneuvers. In China, they even openly admit spying on their own people, and not only that, it's a state law also. Naturally, what expectation one has over a country who doesn't care anything about their citizens private lives and IPs? The moment an international company is opening a fab in China, they can say bye-bye to any proprietary IP or even patent they might have. It's game over.
Just look at their phone industry for example. Callous perfect design clones of Apple's designs and functionalities.

 

[Athlonite]

Until we see conclusive evidence of these "chips" and what they do as far as I'm concerned it's all just conjecture and hearsay no pics no logs no backward engineering

 

[Jetster]

They did not release the evidence yet because the security company that found it is bound by a contract of non disclosure.

 

[dorsetknob]

Story update
https://www.theregister.co.uk/2018/10/22/super_micro_chinese_spy_chip_sec/
excerpt culled from story

They also inspect hardware before it is put into production: as well as visual inspections, it is possible to scan a motherboard for electromagnetic emissions and identify anything unexpected, such as a tiny chip smuggled onto or inside a PCB – there's even a patent on this kind of technology. Finally, the chip shown in the Bloomberg piece is too small to realistically contain the necessary logic and all the data to insert a viable backdoor into a software stack. It is likely just an illustration – meaning, the journalists had no evidence of a chip to show.

 

[R-T-B]

Finally, the chip shown in the Bloomberg piece is too small to realistically contain the necessary logic and all the data to insert a viable backdoor into a software stack.

I called that on day 1.

Bloomberg is usually good but this whole story honestly stinks to high heavens. Show us evidence or I'm going to keep saying that.

 

[StrayKAT]

I called that on day 1.

Bloomberg is usually good but this whole story honestly stinks to high heavens. Show us evidence or I'm going to keep saying that.

I remember you saying that. I'd still like a lot more to be out in the open though.

As for Bloomberg, I don't trust Bloomberg himself at all.. but not sure what to think of his site. I mean, I can trust raw business news, but it's not always that.

 

[silentbogo]

Story update
https://www.theregister.co.uk/2018/10/22/super_micro_chinese_spy_chip_sec/
excerpt culled from story

They also inspect hardware before it is put into production: as well as visual inspections, it is possible to scan a motherboard for electromagnetic emissions and identify anything unexpected, such as a tiny chip smuggled onto or inside a PCB – there's even a patent on this kind of technology. Finally, the chip shown in the Bloomberg piece is too small to realistically contain the necessary logic and all the data to insert a viable backdoor into a software stack. It is likely just an illustration – meaning, the journalists had no evidence of a chip to show.

The most important part of that article also reveals the purpose of Bloomberg "newspiece":

The Bloomberg article – published on October 3 – wiped more than 40 per cent off Super Micro's share price within a matter of hours. But, despite all the three main companies included in the report – Apple, Amazon and Super Micro – all strenuously denying the story was true, Super Micro's share price has not recovered.

...

"We trust you appreciate the difficulty of proving that something did not happen, even though the reporters have produced no affected motherboard or any such malicious hardware chip. As we have said firmly, no one has shown us a motherboard containing any unauthorized hardware chip, we are not aware of any such unauthorized chip, and no government agency has alerted us to the existence of any unauthorized chip."

 

[StrayKAT]

The most important part of that article also reveals the purpose of Bloomberg "newspiece":

Now that just pisses me off :\

edit: I mean SM taking all the damage here.

 

[cdawall]

Still seems like a crock of it. Just like the first story.

 

[Athlonite]

sounds abit like the AMD smear to gain shares cheap SM should sue Bloomberg for any such losses I'd say they'd win over Bloomberg

 

[DeathtoGnomes]

So CTS scandal all over again. Man are those guys trying hard to make a profit. Assuming that is the case here.

 

[Liquid Cool]

New No Evidence of Hacked Supermicro Hardware

,

Liquid Cool