Linked by Thom Holwerda on Thu 4th Oct 2018 17:11 UTC
Privacy, Security, Encryption

But that's just what U.S. investigators found: The chips had been inserted during the manufacturing process, two officials say, by operatives from a unit of the People's Liberation Army. In Supermicro, China's spies appear to have found a perfect conduit for what U.S. officials now describe as the most significant supply chain attack known to have been carried out against American companies.

One official says investigators found that it eventually affected almost 30 companies, including a major bank, government contractors, and the world's most valuable company, Apple Inc. Apple was an important Supermicro customer and had planned to order more than 30,000 of its servers in two years for a new global network of data centers. Three senior insiders at Apple say that in the summer of 2015, it, too, found malicious chips on Supermicro motherboards. Apple severed ties with Supermicro the following year, for what it described as unrelated reasons.

Both Apple and Amazon aggressively deny the reports, but such was to be expected - these companies aren't going to openly admit their products and data could be vulnerable to sophisticated Chinese hacking attempts. In addition, especially Apple is beholden to remaining in the Chinese government's good graces, and won't openly admit they're being targeted by them - like no other company in the world, Apple is dependent on China, because no other country has the manpower, labour laws, and welcoming totalitarian government required to build the massive amount of devices Apple orders from China.

None of this should surprise anyone, and further illustrates that any company - especially major ones - claiming their products are secure and privacy-focused have really no way of guaranteeing as such. Whether it be domestic carriers snooping in on internet traffic or the Chinese government adding small microchips to hardware, nothing is secure or private.

Order by: Score:
Re:
by kurkosdr on Thu 4th Oct 2018 19:07 UTC
kurkosdr
Member since:
2011-04-11

Is it too radical of an opinion to say that the efforts of the current US president to deprive trade of the Chinese regime (via import duties) are a good thing?

Edited 2018-10-04 19:07 UTC

Reply Score: 0

RE: Re:
by Drumhellar on Thu 4th Oct 2018 19:34 UTC in reply to "Re:"
Drumhellar Member since:
2005-07-12

It's not too radical, but you have to temper that with the fact that the US government has done almost the exact same thing for servers we sent to Asia and other regions

Reply Score: 5

RE[2]: Re:
by kurkosdr on Thu 4th Oct 2018 19:47 UTC in reply to "RE: Re:"
kurkosdr Member since:
2011-04-11

It's not too radical, but you have to temper that with the fact that the US government has done almost the exact same thing for servers we sent to Asia and other regions

Which I guess is the fatal flow of globalisation? State actors using industries located in their territory to spy on other states.

Reply Score: 1

RE[3]: Re:
by woegjiub on Thu 4th Oct 2018 21:22 UTC in reply to "RE[2]: Re:"
woegjiub Member since:
2008-11-25

More of a fatal flaw of still keeping nation states around, but same difference.

If we had a global parliament that kept all the countries in line, and reduced their ability to violate human rights, that would be great.

Mind you, I'm cynical enough to think that if we ever do get a global parliament, it's gonna just kowtow to major corporations and give them power instead.

Reply Score: 5

RE[4]: Re:
by benoitb on Thu 4th Oct 2018 23:35 UTC in reply to "RE[3]: Re:"
benoitb Member since:
2010-06-29

No thank you. I like being able to decide of the political representation and laws with people from my country who share some values with me.

Reply Score: 1

Comment by Drumhellar
by Drumhellar on Thu 4th Oct 2018 19:30 UTC
Drumhellar
Member since:
2005-07-12

Hahah. The best quote from the article:

Two of Elemental’s biggest early clients were the Mormon church, which used the technology to beam sermons to congregations around the world, and the adult film industry, which did not.

Reply Score: 9

Chip fab?
by amadensor on Thu 4th Oct 2018 20:53 UTC
amadensor
Member since:
2006-04-10

Imagine, for a moment, that this happened with a chip fabricator, instead of a board manufacturer. It would be microscopic, and even less likely to be discovered.

Reply Score: 2

RE: Chip fab?
by Kochise on Fri 5th Oct 2018 03:18 UTC in reply to "Chip fab?"
Kochise Member since:
2006-03-03

Intel's ME ?

Reply Score: 6

The devil is in the detail
by Tony Swash on Thu 4th Oct 2018 22:33 UTC
Tony Swash
Member since:
2009-08-22

[q] Whether it be domestic carriers snooping in on internet traffic or the Chinese government adding small microchips to hardware, nothing is secure or private.[q]

True. Probably. But some platforms and some devices are more secure than others, and the difference is not trivial.

Reply Score: 0

RE: The devil is in the detail
by zima on Fri 5th Oct 2018 15:05 UTC in reply to "The devil is in the detail"
zima Member since:
2005-07-06

And what platforms do you have in mind as the more secure?... :rolleyes:

Reply Score: 4

It was very easy to imagine actually
by tails92 on Thu 4th Oct 2018 22:59 UTC
tails92
Member since:
2007-10-07

This is what you get when you are bent on producing such sensitive equipment in the cheapest place you can find. It has always baffled me, and then this happens.
It is not like you couldn't imagine them doing this...

Now you are hearing this story because of the so-called "trade war". They need to rally their people against China for obvious political reasons.

But trust me, if the roles were switched, the US would be doing the same to China, politics 101 really. Most probably they already do this (hiding backdoors in the CPU or Management Engine....)

A classic, when it's money it's all great, China and US are great friends then, then they backstab each other at the best possible moment, for the greatest profit.

And while the elites accumulate wealth, the common man has less and less.

Reply Score: 3

The thing about these backdoors
by Dasher42 on Thu 4th Oct 2018 23:38 UTC
Dasher42
Member since:
2007-04-05

The scary thing about these backdoors is that once they're discovered, there's no telling who'll use them. After all, some of the deadliest malware out there is what some black hat copied and pasted from something the NSA engineered and released into the wild. This is going to blow up in all of our faces one day, and there's no telling who's going to lose the most.

Reply Score: 2

Meanwhile.......
by Tony Swash on Fri 5th Oct 2018 08:12 UTC
Tony Swash
Member since:
2009-08-22
v Silver Lining?
by Lobotomik on Fri 5th Oct 2018 08:28 UTC
Windows Sucks
Member since:
2005-11-10

Looks like (As Apple and Amazon said) it’s all a crock of shi_ the funny part is that anyone would even believe the technical aspects of the story, that this little chip is able to do things that full SOCs can’t do.

Anyway they claimed the government investigated etc and now the Government is coming out and calling the whole thing Poppy Cock.

https://appleinsider.com/articles/18/10/05/uks-gchq-us-officials-cas...

On to the next story.

Edited 2018-10-05 13:45 UTC

Reply Score: 1

Megol Member since:
2011-04-11

Looks like (As Apple and Amazon said) it’s all a crock of shi_ the funny part is that anyone would even believe the technical aspects of the story, that this little chip is able to do things that full SOCs can’t do.

Two words: firmware backdoor.
Change things enough that an attacker can "tickle" the device with a special code and then command it to do whatever is wanted. Many things use serial EEPROMs (Flash memory) to store firmware so just add a tiny memory, some logic to detect the right time to send the contents of that memory. Not that hard, doesn't require a large chip and very few hijacked signals.


Anyway they claimed the government investigated etc and now the Government is coming out and calling the whole thing Poppy Cock.

https://appleinsider.com/articles/18/10/05/uks-gchq-us-officials-cas...

That isn't what that "article" said.


On to the next story.

Yeah. It all smells like a FUD campaign and will keep doing that until some actual proof is produced.
But it's possible to do such an attack given enough money.

Reply Score: 5

Windows Sucks Member since:
2005-11-10

“Two words: firmware backdoor.
Change things enough that an attacker can "tickle" the device with a special code and then command it to do whatever is wanted. Many things use serial EEPROMs (Flash memory) to store firmware so just add a tiny memory, some logic to detect the right time to send the contents of that memory. Not that hard, doesn't require a large chip and very few hijacked signals.”

Sounds good on paper please show someone preistalling something similar (the size of a pencil point in this case) and then hiding the traffic out of the network for years without being caught??

Edited 2018-10-06 05:44 UTC

Reply Score: 1

Megol Member since:
2011-04-11

“Two words: firmware backdoor.
Change things enough that an attacker can "tickle" the device with a special code and then command it to do whatever is wanted. Many things use serial EEPROMs (Flash memory) to store firmware so just add a tiny memory, some logic to detect the right time to send the contents of that memory. Not that hard, doesn't require a large chip and very few hijacked signals.”

Sounds good on paper please show someone preistalling something similar (the size of a pencil point in this case) and then hiding the traffic out of the network for years without being caught??


This is called shifting goalposts and is considered rude.

An exploit doesn't have to exist to be possible - if so no exploit could ever be possible as the initial creation wouldn't be possible.

The exploit doesn't have to be detected to be out in the wild* and there are plenty of examples of exploits having been active for many years before being detected. It is reasonable that a bugged system would only be accessed in a few exceptional cases to reduce the chance for detection.

Designing such a chip requires a lot of expense so it's reasonable only states can (or will) create something like it. Not something that is usual IOW.
Expenses: small process node to be able to have a tiny chip with large enough memory plus custom chip encapsulation.

(* After all they have to be used to be detected in the first place, there have been active exploits detected... What is the logical conclusion?)

Reply Score: 3

Windows Sucks Member since:
2005-11-10

"“Two words: firmware backdoor.
Change things enough that an attacker can "tickle" the device with a special code and then command it to do whatever is wanted. Many things use serial EEPROMs (Flash memory) to store firmware so just add a tiny memory, some logic to detect the right time to send the contents of that memory. Not that hard, doesn't require a large chip and very few hijacked signals.”

Sounds good on paper please show someone preistalling something similar (the size of a pencil point in this case) and then hiding the traffic out of the network for years without being caught??


This is called shifting goalposts and is considered rude.

An exploit doesn't have to exist to be possible - if so no exploit could ever be possible as the initial creation wouldn't be possible.

The exploit doesn't have to be detected to be out in the wild* and there are plenty of examples of exploits having been active for many years before being detected. It is reasonable that a bugged system would only be accessed in a few exceptional cases to reduce the chance for detection.

Designing such a chip requires a lot of expense so it's reasonable only states can (or will) create something like it. Not something that is usual IOW.
Expenses: small process node to be able to have a tiny chip with large enough memory plus custom chip encapsulation.

(* After all they have to be used to be detected in the first place, there have been active exploits detected... What is the logical conclusion?)
"

Sorry but that is not the meaning of moving the goalposts, I just asked a simple question. As we all know no exploit is created in a vacuum. Everything has a past and path to that past, back to the very first virus ever made on down. I can't think or or can even find some exploit that was crated and was successful out of thin air. Normally even, most exploits are a combination of previous things all put together to make a successful exploit.

So to ask where in the past this has been attempted is not moving the goal post, its a straight forward question.

Reply Score: 1

xfire Member since:
2018-08-22

Yes the creators needed to know that this will get exposed once and it must communicate through some way with its CC so well configured IDSes should pick it up over time and the traffic can be investigated.

Same goes for all hardware stuff where you try to push security through obscurity like those set top boxes what the guy reverse engineered by buying 20 of them and start taking off layers from the chip.

Reply Score: 1

Windows Sucks
Member since:
2005-11-10

https://www.dhs.gov/news/2018/10/06/statement-dhs-press-secretary-re...

“The Department of Homeland Security is aware of the media reports of a technology supply chain compromise. Like our partners in the UK, the National Cyber Security Centre, at this time we have no reason to doubt the statements from the companies named in the story. Information and communications technology supply chain security is core to DHS’s cybersecurity mission and we are committed to the security and integrity of the technology on which Americans and others around the world increasingly rely. Just this month – National Cybersecurity Awareness Month – we launched several government-industry initiatives to develop near- and long-term solutions to manage risk posed by the complex challenges of increasingly global supply chains. These initiatives will build on existing partnerships with a wide range of technology companies to strengthen our nation’s collective cybersecurity and risk management efforts.”

Reply Score: 1

how?
by roverrobot on Sun 7th Oct 2018 08:00 UTC
roverrobot
Member since:
2006-07-23

to embed a chip in a motherboard, you either need to change the pcb layout to supply power, signal, connect to ground, connect to eth/wifi circuit, or maybe antenna if the chip has a wireless transmitter, or add a layer to achieve these connections. no matter how small the chip is, the modification will be obvious. or, any expert here mind to explain how you can achieve this in a stealth way?

Reply Score: 2

nothing is secure or private
by xfire on Mon 8th Oct 2018 08:20 UTC
xfire
Member since:
2018-08-22

Except Open Source Hardware + Open Source Software.

There are couple of attempts for open source hardware out there such as Pinebook, unfortunately currently they are overpriced and not made for the masses.

Don't you have the sense of security when using OpenBSD or Linux by default because you know it's being reviewed by thousands of people around the world and it doesn not contain built in backdoors like MicroSht/Apple products.

We should see the same in hardware. I never review 1 line of source code of OpenBSD or Linux but I trust the developers who do so.

Reply Score: 1

Windows Sucks
Member since:
2005-11-10

https://appleinsider.com/articles/18/10/08/security-researcher-cited...

Because it was Apple people jumped on it and were wrong!

Reply Score: 2