• Welcome to DOSBODS

    Please consider creating a free account to be able to access all the features of the DOSBODS community. It only takes 20 seconds!

Sign in to follow this  
spunko

Fake News? Chinese spy chips

Recommended Posts

I hadn't seen this until today. Summary: Bloomberg states that it has found evidence of Supermicro adding secret microchips to servers manufactured in China and that it has been doing so for ages. But since the story broke it has been called into question and is probably fake news.
 

Quote

Chinese government agents sneaked spy chips into Super Micro servers used by Amazon, Apple, the US government, and about 30 other organizations, giving Beijing's snoops access to highly sensitive data, according to a bombshell Bloomberg report today.

 

https://www.theregister.co.uk/2018/10/04/supermicro_bloomberg/

But...

Chinese Super Micro 'spy chip' story gets even more strange as everyone doubles down

Quote

The veracity of a bombshell yarn claiming Chinese agents managed to sneak spy chips into Super Micro servers used by Amazon, Apple and the US government is still being fiercely argued over five days after publication.

On Tuesday, the media outlet behind the claims, Bloomberg, responded to growing criticism of its report by publishing a new, related story about how a "major US telecommunications company" discovered a similar hardware hack in components from the computer manufacturer at the center of the story, Super Micro.

That latest piece comes after one of the experts in the original story gave an interview in which he expressed his concern about the finished piece and questioned whether Bloomberg had done sufficient fact checking before publishing.

 

 

Share this post


Link to post
Share on other sites

It has been discussed on the wacky Q thread. You really need to k ow about the US senator, her alleged Chinese spy chauffeur of 20 years and photographs of cars driving near the factories in China where these chips are supposedly made.

When you know all that you move onto the youtube tin foil making hat.

Joking aside, I think it would be very easy for a manufacturer of both computer hardware and softwarr to put spying tech into them. Who checks every single piece of every circuit board coming out of China? Do any get checked?

Does Apple, for example, check its devices for such chips added? Does it do random tests or no tests at all? What about all the other companies?

Share this post


Link to post
Share on other sites

Also, the [alleged] chips are tiny - narrower than the lead in a lead pencil according to an article I saw, so quite possibly overlookable when in place on a circuit board.

Share this post


Link to post
Share on other sites

Hitlery Clinton saying around the time of the US election her only regret was not fixing the Palestinian election, our own spooks regretting 'helping' Putin get to power, Juncker calling for the US to intervene in the democratic result of Hungary's election. 

And I'm surprised to be shocked the Chinese do this?

 

Scum rises to the top, whether here, or in China. 

Share this post


Link to post
Share on other sites

The trouble with the chips is that I don't see how the net traffic* they set up would remain invisible to the data centres' firewalls.  There has to be some as by the story they only act as a hook to call for the code to hack into the server -- without that they don't seem to actually do anything.  Beyond that, there's any information that they'd return to base (the point of the chips, presumably)

Share this post


Link to post
Share on other sites
1 hour ago, dgul said:

The trouble with the chips is that I don't see how the net traffic* they set up would remain invisible to the data centres' firewalls.  There has to be some as by the story they only act as a hook to call for the code to hack into the server -- without that they don't seem to actually do anything.  Beyond that, there's any information that they'd return to base (the point of the chips, presumably)

Think they were mostly on video streaming servers, so traffic presumably would have been going all over the place outside the network without many firewall rules in place. They would then use this compromised server to hack into other parts of the network where the juicy stuff is.

Share this post


Link to post
Share on other sites
9 minutes ago, gibbon said:

Think they were mostly on video streaming servers, so traffic presumably would have been going all over the place outside the network without many firewall rules in place. They would then use this compromised server to hack into other parts of the network where the juicy stuff is.

I think the point was the Chinese wouldn't have been interested in these general servers.

They might have been interested in traffic from 'special government video servers', but they send traffic to very specific places and other traffic would have been noticed.

The idea behind the hack is supposed to be that the Chinese would only actually trigger the chip for servers that were doing something interesting -- holding industrial secrets, government, etc -- and those are the sort of things where network traffic could be identified as 'not normal'.

Also, the fancy 'hacked code' would have been injected from elsewhere -- the hack chip was supposed to only allow an entrance and not actually to the code modification itself -- so the firewall would at some point have to see some sort of communications back and forth from/to somewhere odd.

Edited by dgul

Share this post


Link to post
Share on other sites

I believe there is also the possibily to cripple each sever or device that they are in. During a time of warfare that would be a very valuable weapon. Major source of communication goes down, helps to cause panic amongst hundreds of millions about what else they can do and millions go into some kind of internet withdrawal crisis.

What if these are on tens of millions of smartphones?

I would question whether Western IT companies, having outsourced so much to China, have the ability or capacity to check for this. Do you check every single circuit board in every device? If you do not then how do you know that there are not vast numbers out there compromised.

 

Share this post


Link to post
Share on other sites
7 minutes ago, The Masked Tulip said:

I believe there is also the possibily to cripple each sever or device that they are in. During a time of warfare that would be a very valuable weapon. Major source of communication goes down, helps to cause panic amongst hundreds of millions about what else they can do and millions go into some kind of internet withdrawal crisis.

What if these are on tens of millions of smartphones?

I would question whether Western IT companies, having outsourced so much to China, have the ability or capacity to check for this. Do you check every single circuit board in every device? If you do not then how do you know that there are not vast numbers out there compromised.

 

That makes more sense.  

I don't think they've been put on normal computers, smartphones, etc -- the chips are supposed to attack the 'lights off' management system that you get on servers (which is a back-door into all sorts of things).  Not to say they couldn't have a similar type of thing in other computers, but it wouldn't be the specific thing suggested in the story.  Of course, most computers and phones would be 'functionally useless*' if the telecommunications infrastructure had collapsed...

[* obviously you could still play tetris and do the spreadsheet with the accounts -- thinking more about 'functional use in helping society not collapse']

Edited by dgul

Share this post


Link to post
Share on other sites

Compromising systems must be a very customised affair.  I doubt you could mass produce that very easily to work for all use cases.  And you probably usually need some form of human intelligence involved.  Maybe best ask the Iranians and if they still don't know, ask........!  Just like a lot of supposedly "high tech" fraud, it probably usually comes down to human frailty.  That recent attempted hack by the FSB in the Netherlands was hilarious to the point of being unbelievable - despite all that (actually not so) fancy kit in the car, they apparently still needed human intelligence to get hold of some valid log-on credentials.  Anyways, surely always best to assume you're compromised and work from there.  I wish I worked for GCHQ, etc.  Just to know.  Must be the ultimate job if you're into these things.  And presumably you're doing some social good, even heroic stuff.  Might even do it for free, but I talk too much!

Edited by Harley

Share this post


Link to post
Share on other sites
4 hours ago, The Masked Tulip said:

millions go into some kind of internet withdrawal crisis

First sign you usually know you're under attack is usually when the comms go down or seem odd.  And if I was HMG, switching off the internet and phone network is the first thing I would do at time of crisis.  After all, that's what the So-Called BBC's for!  No need for Chinese help!

Share this post


Link to post
Share on other sites
1 hour ago, Harley said:

Compromising systems must be a very customised affair.  I doubt you could mass produce that very easily to work for all use cases.  And you probably usually need some form of human intelligence involved.  Maybe best ask the Iranians and if they still don't know, ask........!  Just like a lot of supposedly "high tech" fraud, it probably usually comes down to human frailty.  That recent attempted hack by the FSB in the Netherlands was hilarious to the point of being unbelievable - despite all that (actually not so) fancy kit in the car, they apparently still needed human intelligence to get hold of some valid log-on credentials.  Anyways, surely always best to assume you're compromised and work from there.  I wish I worked for GCHQ, etc.  Just to know.  Must be the ultimate job if you're into these things.  And presumably you're doing some social good, even heroic stuff.  Might even do it for free, but I talk too much!

Genuine question why the Iranians ,they did no seem to fair well when it come to finding stuxnet 

Share this post


Link to post
Share on other sites

I think bloomberg have fucked up massively, maybe even ongoing concern big.

Theyve approached a very technical area and have got opinions from other non tevhincsl parties, some of whom had ulterior reasons for spinning .

As far as the chip, the only credible claim would be a chip that sits on the system serial bus and clocks out its own image on a certain event. 

Any device sat on the i2c smbus would be identifiable. And has limited access - no address or data bus.

The other option would be a wireless chip, just drawing power. It would be useless as it would have a tiny antennae.

It would only be useful as allowing a killswitch code to be broadcast.

My money is, if an extra chip exists, us a fuckup in production.

Share this post


Link to post
Share on other sites
12 minutes ago, spygirl said:

I think bloomberg have fucked up massively, maybe even ongoing concern big.

Theyve approached a very technical area and have got opinions from other non tevhincsl parties, some of whom had ulterior reasons for spinning .

As far as the chip, the only credible claim would be a chip that sits on the system serial bus and clocks out its own image on a certain event. 

Any device sat on the i2c smbus would be identifiable. And has limited access - no address or data bus.

The other option would be a wireless chip, just drawing power. It would be useless as it would have a tiny antennae.

It would only be useful as allowing a killswitch code to be broadcast.

My money is, if an extra chip exists, us a fuckup in production.

Any device sat on the i2c smbus would be identifiable -  Would be if someone were to be seriously checking the provided schematics with the physical chips on the board - most likely picked up at board level repair but is that really done much nowadays? Working at hardware level beneath all the software level security controls, chip flips a few configuration bytes and opens up service modes / additional functionality used at the factory for example and not out in production and who knows what features may be exposed. Would have thought that any resulting network traffic / comms from that point would be picked up though. Might not have worked in isolation either - something in the bios or low level functional code that stuffed data into the videos themselves, some blocks in the video codec normally used for padding stuffed with a few bytes of data providing details of how to compromise the machine / network. 

Share this post


Link to post
Share on other sites
3 minutes ago, onlyme said:

Any device sat on the i2c smbus would be identifiable -  Would be if someone were to be seriously checking the provided schematics with the physical chips on the board - most likely picked up at board level repair but is that really done much nowadays? Working at hardware level beneath all the software level security controls, chip flips a few configuration bytes and opens up service modes / additional functionality used at the factory for example and not out in production and who knows what features may be exposed. Would have thought that any resulting network traffic / comms from that point would be picked up though. Might not have worked in isolation either - something in the bios or low level functional code that stuffed data into the videos themselves, some blocks in the video codec normally used for padding stuffed with a few bytes of data providing details of how to compromise the machine / network. 

These are server products.

Typical production test would do a full search to pick up all the devices.

Stuff ive worked on in the past would do the test then archive against serial#.

Bios only runs til the os bootstraps.

Any netwotk packet would have to traverse a firewall.

Share this post


Link to post
Share on other sites
On 11 October 2018 at 11:46, gibbon said:

Think they were mostly on video streaming servers, so traffic presumably would have been going all over the place outside the network without many firewall rules in place. They would then use this compromised server to hack into other parts of the network where the juicy stuff is.

Well if a 19 year old with as asperg ergs can get into NASA and the pentagon from his bedroom i doubt firewalls will do much 

Share this post


Link to post
Share on other sites
3 minutes ago, spygirl said:

These are server products.

Typical production test would do a full search to pick up all the devices.

Stuff ive worked on in the past would do the test then archive against serial#.

Bios only runs til the os bootstraps.

Any netwotk packet would have to traverse a firewall.

Even if you put a microscope on the whole board you could hide an SPI/I2C device underneath another component or even inside one.

Test, any electrical test would be in first few hours of operation, just program the device to turn on after X hours, well outside any likely test process, sitting there passive on the bus no test would see it most likely.

Network packets, yes they would have to get past firewall, hence thoughts that maybe associated with other functionality that could mask any compromise.

OK not Bios - but UEFI, maybe, some low level functions there very explicitly associated with cryptography and security.

 

Share this post


Link to post
Share on other sites
46 minutes ago, spygirl said:

Any netwotk packet would have to traverse a firewall.

There might not be a firewall between the server and the employee who is actually a spy. 

Share this post


Link to post
Share on other sites
6 hours ago, leonardratso said:

well, there is one way to make sure - manufacture the hardware yourself. AH, too expensive, ok, well get your arse back to the mechanical typewriter then.

Ill be honest. CHinese labour cost is 100x more expesnive than it was 20 years ago.

Its cheaper, all in, to do stuff in places like Stoke/the north, than China.

Any compnay that bet the farm on Cheap/produtive chinese labour - and there were/are lotsi nthe UK - are fucked just from the cost basis, never mind security, quality and lead time reasons.

 

 

Edited by spygirl

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.