Report: Chinese spies snuck tiny backdoor chips onto US corporate, government and military servers

Originally published at: https://boingboing.net/2018/10/04/baseboard-hacks.html

5 Likes

This message approved by 99 cent & Dollar General stores.

9 Likes

Somebody got a raise?

3 Likes

This is a new event, but hardly news? Were there still people who expected China not to do this?

10 Likes

You get what you pay for. If something is too cheap, maybe there is a reason.

3 Likes

I’m shocked. I hear they may have intercepted the Zimmerman Telegram at the same time.

4 Likes

I’m expecting something like this will come to light about consumer electronics as well, and not just China doing it.

7 Likes

“Apple said ‘we are deeply disappointed that in their dealings with us, Bloomberg’s reporters have not been open to the possibility that they or their sources might be wrong or misinformed.’.”

Who are we going to believe?

“In response to Bloomberg’s latest version of the narrative, we present the following facts: Siri and Topsy never shared servers; Siri has never been deployed on servers sold to us by Super Micro; and Topsy data was limited to approximately 2,000 Super Micro servers, not 7,000. None of those servers has ever been found to hold malicious chips.” -Apple

2 Likes

When questioned, Apple replied, “I like beer! I like beer! Do you like beer?”

15 Likes

A few years ago, this was enough of a threat (or perceived threat) that [REDACTED] was told to only buy IT equipment manufactured in the U.S. I’m not aware that they were able to find any, though, and at some point, with little fanfare, the normal purchases resumed.

…but they stopped short of “…and will never be found.”

6 Likes

My reaction was, ‘What, again?’ Has this not just always been the case?

2 Likes

How unforeseeable.

There is a business opportunity here to make hardware in the US, but it would require such a massive investment that it no one would ever do it. But if you DID do it, just think of the government contracts you couldn’t get unless you were willing to spend more bribing Congress people than the Chinese are.

It just feels like the United States is built to fail.

2 Likes

Sounds like something I would do if I were Chinese intelligence, and a boatload of the electronics used by my rivals were manufactured in my country.

5 Likes

Does the Chip block Presidential Emergancy Messages? Asking for a friend…

11 Likes

If you knew all about it, why didn’t you tell the rest of us?

In my personal infosphere, there has been speculation that the Chinese were doing this — to my recollection they were supposed to be hacking the processor chips rather than the boards — but this is the first evidence (if it is evidence) confirming it.

5 Likes

Well yeah. As @boundegar is saying, I’m shocked anyone would be surprised by this. You shouldn’t be running your fucking intelligence services on hardware produced by a potentially hostile foreign power.

But then, the name is oxymoronic. :wink:

6 Likes

Does anyone here know how to tell if the board is compromised? I have Supermicro boards in both of my home computers (old 24-core dual Opteron and newer 20 core dual Xeon), and this is a bit worrying.

Best part of the article:

Two of Elemental’s biggest early clients were the Mormon church, which used the technology to beam sermons to congregations around the world, and the adult film industry, which did not.

11 Likes

Hasn’t America been doing this kind of thing since the Cold War?

Both Apple and Amazon have issued extremely strongly worded statements saying that big chunks of Bloomberg’s reporting is false. Apple’s statement is unsigned (ie, written by PR), but Amazon’s is signed by their chief information security officer:

I think Gruber has it right here: “One way or the other, there is more to come on this story, and the credibility of either Bloomberg, or Apple and Amazon, is going to take a significant hit.”

eta: The above statement from Apple was provided to Bloomberg in response to the article before publication. Apple has issued another statement. They are seriously doubling down on insisting that Bloomberg got it very wrong in their reporting about Apple’s interactions with Supermicro and Apple’s experiences finding firmware or hardware backdoors on their servers.

My take, Apple and Amazon would be being a lot more mealy mouthed and equivocal if Bloomberg had got their story right.

3 Likes