Linked by Thom Holwerda on Tue 9th Oct 2018 22:50 UTC
Privacy, Security, Encryption

A major U.S. telecommunications company discovered manipulated hardware from Super Micro Computer Inc. in its network and removed it in August, fresh evidence of tampering in China of critical technology components bound for the U.S., according to a security expert working for the telecom company.

The security expert, Yossi Appleboum, provided documents, analysis and other evidence of the discovery following the publication of an investigative report in Bloomberg Businessweek that detailed how China’s intelligence services had ordered subcontractors to plant malicious chips in Supermicro server motherboards over a two-year period ending in 2015.

Fresh fuel for the fire.

Order by: Score:
Comment by jigzat
by jigzat on Wed 10th Oct 2018 00:06 UTC
jigzat
Member since:
2008-10-30

According to The Art of War by Sun Tzu, you can deceive the enemy by deceiving one's allies. We really don't know what is happening behind scenes, it could be true or it could be a deception. If it is true it is not convenient for Apple and Amazon and they are going to deny it until the last moment. The burden of the proof lies on Bloomberg's back but with anonymous is just another fake news. And I'm starting to dislike Apple very much in the last years.

Reply Score: 4

Comment by Lorin
by Lorin on Wed 10th Oct 2018 05:38 UTC
Lorin
Member since:
2010-04-06

Trump will jump on that fast

Reply Score: 3

Poseidon
Member since:
2009-10-31

All tech companies are massively denying it, which kind of makes me think that it happened even more than what the articles state.

I mean, if your only worry is making more money, security is not going to be even in the top 10 issues they're worried about, especially in the supply chain or having special auditing and supply chain custody.

Reply Score: 5

Old days
by xfire on Wed 10th Oct 2018 08:40 UTC
xfire
Member since:
2018-08-22

Back in the early 2000s there were tons of speculation on the net about Microsoft putting in backdoors into their operating system and regardless that even Win10 sends all kinds of usage statistics and improving cortana and whatever they don't backdoor their products because you can never get away with it on the long term.

If news like this breaks out that can destroy the company. I think they already QQing about it at Supermicro because of the instant sales/customers drop since this come out couple of days ago.

Manufacture your stuff in China and China steals it just like everything.

Regardless that this surveillance chip was probably used to steal data from multiple companies for various reasons it is funny to think about that china manufactures so complex chips what they cannot easily reverse engineer (but they can produce) so they put backdoor into the same hardware to steal off the plans from the engineers workspaces who using them ;)

Reply Score: 0

RE: Old days
by Alfman on Wed 10th Oct 2018 12:10 UTC in reply to "Old days"
Alfman Member since:
2011-01-28

xfire,

Back in the early 2000s there were tons of speculation on the net about Microsoft putting in backdoors into their operating system...


I was never satisfied with microsoft's response to the NSA key, to this day they haven't provided any evidence to really refute the accusations. The speculation based on the known facts still seems well founded.

...and regardless that even Win10 sends all kinds of usage statistics and improving cortana and whatever they don't backdoor their products because you can never get away with it on the long term.
If news like this breaks out that can destroy the company.



Well, as a matter of fact MS does have a back door, they snuck it right under our noses. It's called "windows update" ;) Seriously, the difference between a "backdoor" and "auto update" is quite subjective. MS has remote execution rights on most of our computers, and in the case on windows 10 this is forced upon us whether we want it or not.

I don't know if MS has ever lent it's remote execution access to government agencies in order to help break into the computers of criminals or even foreign governments. We may never know, but regardless we do know as a matter of fact that MS could do it on standard windows installs if they wanted to.

If some whistle-blower were to leak these sorts of activities, I agree with you there would be a public uproar. But as with all previous revelations, I doubt anything would fundamentally change. We know the illegal programs are still going on. No one in government has apologized for violating our constitution and there's been no accountability. Instead they always punish the whistleblowers to discourage the public disclosure of government crimes. It just becomes old news and we ultimately take it for granted that the government will abuse it's authority and there's not much we as individuals can do about it ;)

Reply Score: 2

Zzzzzzz
by Windows Sucks on Wed 10th Oct 2018 17:12 UTC
Windows Sucks
Member since:
2005-11-10

Bloomberg knows about as much about tech as my pet Beagle.

They have been shown over an over again to be wrong (Especially when it comes to Apple) and do a lot of things for click bait.

But hey what ever works.

Reply Score: 0

Comment by yoshi314@gmail.com
by yoshi314@gmail.com on Thu 11th Oct 2018 06:51 UTC
yoshi314@gmail.com
Member since:
2009-12-14

i got excited, but it was not the kind of carrier i expected.

Reply Score: 3

Comment by yoshi314@gmail.com
by yoshi314@gmail.com on Thu 11th Oct 2018 07:06 UTC
yoshi314@gmail.com
Member since:
2009-12-14

> National security experts say a key problem is that, in a cybersecurity industry approaching $100 billion in revenue annually, very little of that has been spent on inspecting hardware for tampering. That's allowed intelligence agencies around the world to work relatively unimpeded, with China holding a key advantage.


i fear that will enourage even more security lockdown on hardware against tampering, starting from servers and moving onto phones and other devices.

of course some of that cannot be detected on firmware level, so manufacturer will have to do some verification work on physical level.

i think it won't be very far till people will praise for its tactics against independent repair, for that reason.

Reply Score: 3

Only News...
by dionicio on Sat 13th Oct 2018 14:54 UTC
dionicio
Member since:
2006-07-12

About this News, is that Usual SPIN is not working anymore, Thom.

Reply Score: 2