+ Reply to Thread
Page 1 of 3 1 3 LastLast
Results 1 to 20 of 46

Thread: Apparently China just can't resist embedding spyware (It's worse - lots worse. See Post #32)

  1. Link to Post #1
    Avalon Member Bob's Avatar
    Join Date
    23rd June 2013
    Location
    North America
    Age
    66
    Posts
    6,617
    Thanks
    11,952
    Thanked 27,588 times in 5,875 posts

    Default Apparently China just can't resist embedding spyware (It's worse - lots worse. See Post #32)

    This originates out of Bloomberg and picked up by the news services. Those "hacked" (hardware violated by physical spyware installed in China on motherboards) deny the claim.. who's to believe?

    This morning Bloomberg is reporting a bombshell for hardware security. Companies like Amazon and Apple have found a malicious chip on their server motherboards. These are not counterfeit chips. They are not part of the motherboard design. These were added by the factory at the time of manufacture. The chip was placed among other signal conditioning components and is incredibly hard to spot as the nature of these motherboards includes hundreds of minuscule components.

    Though Amazon and Apple have denied it, according to Bloomberg, a private security contractor in Canada found the hidden chip on server motherboards. Elemental Technologies, acquired by Amazon in 2015 for its video and graphics processing hardware, subcontracted Supermicro (Super Micro Computer, Inc.) to manufacture their server motherboards in China.

    It is unknown how many of the company’s products have this type of malicious hardware in them, equipment from Elemental Technologies has been supplied to the likes of government contractors as well as major banks and even reportedly used in the CIA’s drone operations.

    HOW THE HACK WORKS
    The attacks work with the small chip being implanted onto the motherboard disguised as signal couplers. It is unclear how the chip gains access to the peripherals such as memory (as reported by Bloomberg) but it is possible it has something to do with accessing the bus.

    The chip controls some data lines on the motherboard that likely provide an attack vector for the baseboard management controller (BMC).

    Hackaday spoke with Joe FitzPatrick (a well known hardware security guru who was quoted in the Bloomberg article). He finds this reported attack as a very believable approach to compromising servers. His take on the BMC is that it’s usually an ARM processor running an ancient version of Linux that has control over the major parts of the server. Any known vulnerability in the BMC would be an attack surface for the custom chip.

    Data centers house thousands of individual servers that see no physical interaction from humans once installed. The BMC lets administrators control the servers remotely to reboot malfunctioning equipment among other administrative tasks. If this malicious chip can take control of the BMC, then it can provide remote access to whomever installed the chip. Reported investigations have revealed the hack in action with brief check-in communications from these chips though it’s difficult to say if they had already served their purpose or were being saved for a future date.

    WHAT NOW?
    Adding hardware to a design is fundamentally different than software-based hacking: it leaves physical evidence behind. Bloomberg reports on US government efforts to investigate the supply chain attached to these parts. It is worth noting though that the article doesn’t include any named sources while pointing the finger at China’s People’s Liberation Army.

    The solution is not a simple one if servers with this malicious chip were already out in the field. Even if you know a motherboard has the additional component, finding it is not easy. Bloomberg also has unconfirmed reports that the next-generation of this attack places the malicious component between layers of the circuit board. If true, an x-ray would be required to spot the additional part.

    A true solution for high-security applications will require specialized means of making sure that the resulting product is not altered in any way. This hack takes things to a whole new level and calls into question how we validate hardware that runs our networks.
    source (numerous) - https://hackaday.com/2018/10/04/mali...ous-companies/
    Each of us play our part in creating a new story for humanity and our planet ~

  2. The Following 26 Users Say Thank You to Bob For This Post:

    AndrejPeĉënkin (7th November 2018), avid (4th October 2018), Axman (7th October 2018), Baby Steps (10th October 2018), Bill Ryan (5th October 2018), ceetee9 (4th October 2018), Deux Corbeaux (6th October 2018), happyuk (17th October 2018), Jantje (12th October 2018), justntime2learn (6th October 2018), Magnus (7th October 2018), Morbid (11th October 2018), Nasu (4th October 2018), Noelle (5th October 2018), norman (4th October 2018), PathWalker (5th October 2018), Reinhard (5th October 2018), Sadieblue (5th October 2018), Satori (4th October 2018), Sunny-side-up (5th October 2018), sunwings (4th October 2018), TargeT (4th October 2018), toppy (4th October 2018), Valerie Villars (4th October 2018), Verdilac (7th October 2018), YoYoYo (4th October 2018)

  3. Link to Post #2
    Canada Avalon Member Ernie Nemeth's Avatar
    Join Date
    25th January 2011
    Location
    Toronto
    Age
    60
    Posts
    3,065
    Thanks
    13,957
    Thanked 18,331 times in 2,861 posts

    Default Re: Apparently China just can't resist embedding spyware (It's worse - lots worse. See Post #32)

    In what way is this surprising? I have suspected this sort of thing for a long while. Ever seen the size of components on a motherboard or any other high tech device? They are miniscule...
    Last edited by Ernie Nemeth; 4th October 2018 at 19:11.
    Why Not?

  4. The Following 5 Users Say Thank You to Ernie Nemeth For This Post:

    Bob (4th October 2018), Bubu (5th October 2018), happyuk (17th October 2018), Magnus (7th October 2018), Sunny-side-up (5th October 2018)

  5. Link to Post #3
    England Avalon Member Did You See Them's Avatar
    Join Date
    15th October 2015
    Age
    53
    Posts
    410
    Thanks
    1,139
    Thanked 2,275 times in 381 posts

    Default Re: Apparently China just can't resist embedding spyware (It's worse - lots worse. See Post #32)

    Apple, Amazon, China all deny the Bloomberg article entirely.

    Is it corporate and state lies or just scare mongering fake news.

    It's one or the other!

  6. The Following 4 Users Say Thank You to Did You See Them For This Post:

    Bob (4th October 2018), Deux Corbeaux (5th October 2018), Magnus (7th October 2018), Sunny-side-up (5th October 2018)

  7. Link to Post #4
    United States Avalon Member
    Join Date
    29th April 2018
    Age
    67
    Posts
    386
    Thanks
    1,250
    Thanked 2,771 times in 373 posts

    Default Re: Apparently China just can't resist embedding spyware (It's worse - lots worse. See Post #32)

    Remember when the NSA bugged Cisco servers sold ?

    NSA intercepted and bugged Cisco routers

    https://www.engadget.com/2014/05/16/...cisco-routers/

    China, USA ........ what a great bunch of Orwellian guys.

  8. The Following 5 Users Say Thank You to ichingcarpenter For This Post:

    Bob (4th October 2018), Deux Corbeaux (5th October 2018), Magnus (7th October 2018), Reinhard (5th October 2018), Sunny-side-up (5th October 2018)

  9. Link to Post #5
    Avalon Member norman's Avatar
    Join Date
    25th March 2010
    Location
    too close to the hot air exhaust
    Age
    62
    Posts
    4,590
    Thanks
    6,981
    Thanked 20,946 times in 3,928 posts

    Default Re: Apparently China just can't resist embedding spyware (It's worse - lots worse. See Post #32)

    "Q" has mentioned compromised hardware. That could be where the idea came from, or it could be a confirmation that it's true.

    Take your pick.
    .................................................. my first language is TYPO..............................................

  10. The Following 4 Users Say Thank You to norman For This Post:

    Baby Steps (10th October 2018), Bob (4th October 2018), justntime2learn (12th October 2018), Sunny-side-up (5th October 2018)

  11. Link to Post #6
    Avalon Member Bob's Avatar
    Join Date
    23rd June 2013
    Location
    North America
    Age
    66
    Posts
    6,617
    Thanks
    11,952
    Thanked 27,588 times in 5,875 posts

    Default Re: Apparently China just can't resist embedding spyware (It's worse - lots worse. See Post #32)

    So maybe more of the users of the product need to say "it never happened !" (Schultz, I know nothing, nooooothing )

    from:

    https://boingboing.net/2018/10/04/ba...medium=website

    Quote Joe FitzPatrick, founder of Hardware Security Resources LLC, a company that trains cybersecurity professionals in hardware hacking techniques says this:

    This system could let the attackers alter how the device functioned, line by line, however they wanted, leaving no one the wiser. To understand the power that would give them, take this hypothetical example: Somewhere in the Linux operating system, which runs in many servers, is code that authorizes a user by verifying a typed password against a stored encrypted one.

    An implanted chip can alter part of that code so the server won’t check for a password—and presto! A secure machine is open to any and all users.

    A chip can also steal encryption keys for secure communications, block security updates that would neutralize the attack, and open up new pathways to the internet.

    Should some anomaly be noticed, it would likely be cast as an unexplained oddity.
    How many companies, just Apple and Amazon? How about this??

    Quote US spies and large corporate IT departments have had an open secret for years: the servers supplied by US hardware giant Supermicro for Elemental, Inc were sometimes infected with tiny hardware backdoors by Chinese spies during their manufacture; these superminiature chips were wired into the systems' baseboard management system and were able to accept covert software patches that would allow Chinese spies to utterly compromise both the servers and the networks they were connected to.

    Elemental had a formal partnership with In-Q-Tel, the CIA's investment arm, which gave it an air of trustworthiness that allowed it to sell billions of dollars' worth of hardware to US entities.

    The list of compromised entities is terrifying: Apple, Amazon, the Pentagon, DoD drone operations, Navy battleships, NASA, Congress and the Senate, even Bloomberg itself.

    All of these entities officially deny that they were ever compromised by the attack and claim that they have no knowledge of these hardware backdoors -- but Bloomberg's Jordan Robertson and Michael Riley cite multiple anonymous insiders and former insiders who say that the attack came to light in 2015 when Apple first discovered unusual traffic on its network and that in the years since, there have been mass teardowns of data-centers and divestments from Supermicro and Elemental.

    The exception is Amazon, who actually acquired Elemental after they were made aware of the hack.
    Going back to 2015.. Conspiracy you say?

    Quote US intelligence operatives were able to identify the two Supermicro subcontractors in China where the motherboards were doctored, and learned that the managers in these factories with bribed, and then threatened, by the People's Liberation Army.
    and

    Quote Officials familiar with the investigation say the primary role of implants such as these is to open doors that other attackers can go through. “Hardware attacks are about access,” as one former senior official puts it.

    In simplified terms, the implants on Supermicro hardware manipulated the core operating instructions that tell the server what to do as data move across a motherboard, two people familiar with the chips’ operation say.

    This happened at a crucial moment, as small bits of the operating system were being stored in the board’s temporary memory en route to the server’s central processor, the CPU.

    The implanted circuit (chip) was placed on the board in a way that allowed it to effectively edit this information queue, injecting its own code or altering the order of the instructions the CPU was meant to follow. Deviously small changes could create disastrous effects.
    Trust us ...

    Quote Elemental had a formal partnership with In-Q-Tel, the CIA's investment arm, which gave it an air of trustworthiness that allowed it to sell billions of dollars' worth of hardware to US entities. How it works: CIA identifies pressing problems, and In-Q-Tel provides the technology to address them...
    well, we're profitable BUY US

    Quote Amazon, in 2015 actually acquired Elemental after they were made aware of the hack. At $500 million, Elemental would represent one of Amazon’s five biggest acquisitions to date. The others include Zappos, acquired in 2009 for $1.2 billion; Twitch, acquired last year for $970 million; Kiva Systems, acquired in 2012 for $775 million; and Quidsi, acquired for $545 million in 2010.
    Need for plausible deniability

    Can one imagine the amount of lawsuits that those firms would have to deal with if they admitted that the customer's data, transactions, bank accounts, payment history, order history were "hacked" and made known to ____________ ??? (fill in the blank).. They would have to scurry to say "We no nothing, nothing ever happened, we no nothing"..

    tongue in cheek:

    Last edited by Bob; 4th October 2018 at 20:15.
    Each of us play our part in creating a new story for humanity and our planet ~

  12. The Following 7 Users Say Thank You to Bob For This Post:

    avid (4th October 2018), Deux Corbeaux (5th October 2018), happyuk (17th October 2018), justntime2learn (12th October 2018), Magnus (7th October 2018), Sunny-side-up (5th October 2018), Valerie Villars (4th October 2018)

  13. Link to Post #7
    Avalon Member Bob's Avatar
    Join Date
    23rd June 2013
    Location
    North America
    Age
    66
    Posts
    6,617
    Thanks
    11,952
    Thanked 27,588 times in 5,875 posts

    Default Re: Apparently China just can't resist embedding spyware (It's worse - lots worse. See Post #32)

    Here is how AWS Amazon rebuffed Bloomberg's article - fake news or what?

    Quote As we shared with Bloomberg BusinessWeek multiple times over the last couple months, this is untrue. At no time, past or present, have we ever found any issues relating to modified hardware or malicious chips in SuperMicro motherboards in any Elemental or Amazon systems. Nor have we engaged in an investigation with the government.

    There are so many inaccuracies in ‎this article as it relates to Amazon that they’re hard to count. We will name only a few of them here. First, when Amazon was considering acquiring Elemental, we did a lot of due diligence with our own security team, and also commissioned a single external security company to do a security assessment for us as well. That report did not identify any issues with modified chips or hardware. As is typical with most of these audits, it offered some recommended areas to remediate, and we fixed all critical issues before the acquisition closed. This was the sole external security report commissioned. Bloomberg has admittedly never seen our commissioned security report nor any other (and refused to share any details of any purported other report with us).

    The article also claims that after learning of hardware modifications and malicious chips in Elemental servers, we conducted a network-wide audit of SuperMicro motherboards and discovered the malicious chips in a Beijing data center. This claim is similarly untrue. The first and most obvious reason is that we never found modified hardware or malicious chips in Elemental servers. Aside from that, we never found modified hardware or malicious chips in servers in any of our data centers. And, this notion that we sold off the hardware and datacenter in China to our partner Sinnet because we wanted to rid ourselves of SuperMicro servers is absurd. Sinnet had been running these data centers since we ‎launched in China, they owned these data centers from the start, and the hardware we “sold” to them was a transfer-of-assets agreement mandated by new China regulations for non-Chinese cloud providers to continue to operate in China.

    Amazon employs stringent security standards across our supply chain – investigating all hardware and software prior to going into production and performing regular security audits internally and with our supply chain partners. We further strengthen our security posture by implementing our own hardware designs for critical components such as processors, servers, storage systems, and networking equipment.

    Security will always be our top priority.

    AWS is trusted by many of the world’s most risk-sensitive organizations precisely because we have demonstrated this unwavering commitment to putting their security above all else.

    We are constantly vigilant about potential threats to our customers, and we take swift and decisive action to address them whenever they are identified.

    – Steve Schmidt, Chief Information Security Officer
    Bloomberg's original article is here:

    https://www.bloomberg.com/news/featu...-top-companies

    Bloomberg then reported this about SuperMicro:

    Quote Super Micro Computer Inc. (commonly known as Supermicro) plunged in Thursday trading after Bloomberg Businessweek reported that a Chinese hack infiltrated the U.S. technology supply chain by implanting tiny chips on motherboards supplied by the company.

    Shares of other leading server and network-storage firms also fell. Apple Inc. and Amazon.com Inc. were among companies that found malicious microchips on Supermicro motherboards.

    Those companies, as well as Supermicro and China’s Ministry of Foreign Affairs, denied the Businessweek report, which is based on more than a year of reporting and more than 100 interviews.
    Last edited by Bob; 4th October 2018 at 20:20.
    Each of us play our part in creating a new story for humanity and our planet ~

  14. The Following 4 Users Say Thank You to Bob For This Post:

    avid (4th October 2018), Magnus (7th October 2018), Reinhard (5th October 2018), Satori (4th October 2018)

  15. Link to Post #8
    Avalon Member Bob's Avatar
    Join Date
    23rd June 2013
    Location
    North America
    Age
    66
    Posts
    6,617
    Thanks
    11,952
    Thanked 27,588 times in 5,875 posts

    Lightbulb Re: Apparently China just can't resist embedding spyware (It's worse - lots worse. See Post #32)

    This is an extract from the original Bloomberg article: see https://www.bloomberg.com/news/artic...in-u-s-telecom "Chinese hardware hack"

    In the image below, look at the white circle. See anything? Zoom in your browser until you see the chip. Darned easy to miss.
    The companies’ denials are countered by six current and former senior national security officials, who—in conversations that began during the Obama administration and continued under the Trump administration—detailed the discovery of the chips and the government’s investigation.

    One of those officials and two people inside AWS provided extensive information on how the attack played out at Elemental and Amazon; the official and one of the insiders also described Amazon’s cooperation with the government investigation.

    In addition to the three Apple insiders, four of the six U.S. officials confirmed that Apple was a victim.

    In all, 17 people confirmed the manipulation of Supermicro’s hardware and other elements of the attacks. The sources were granted anonymity because of the sensitive, and in some cases classified, nature of the information.

    One government official says China’s goal was long-term access to high-value corporate secrets and sensitive government networks. No consumer data is known to have been stolen.

    The ramifications of the attack continue to play out.

    The Trump administration has made computer and networking hardware, including motherboards, a focus of its latest round of trade sanctions against China, and White House officials have made it clear they think companies will begin shifting their supply chains to other countries as a result.

    Such a shift might assuage officials who have been warning for years about the security of the supply chain—even though they’ve never disclosed a major reason for their concerns.

    How the Hack Worked, According to U.S. Officials

    Illustrator: Scott Gelber


    Back in 2006, three engineers in Oregon had a clever idea.

    Demand for mobile video was about to explode, and they predicted that broadcasters would be desperate to transform programs designed to fit TV screens into the various formats needed for viewing on smartphones, laptops, and other devices.

    To meet the anticipated demand, the engineers started Elemental Technologies, assembling what one former adviser to the company calls a genius team to write code that would adapt the superfast graphics chips being produced for high-end video-gaming machines. The resulting software dramatically reduced the time it took to process large video files. Elemental then loaded the software onto custom-built servers emblazoned with its leprechaun-green logos.

    Elemental servers sold for as much as $100,000 each, at profit margins of as high as 70 percent, according to a former adviser to the company.

    Two of Elemental’s biggest early clients were the Mormon church, which used the technology to beam sermons to congregations around the world, and the adult film industry, which did not.

    Elemental also started working with American spy agencies.

    In 2009 the company announced a development partnership with In-Q-Tel Inc., the CIA’s investment arm, a deal that paved the way for Elemental servers to be used in national security missions across the U.S. government.

    Public documents, including the company’s own promotional materials, show that the servers have been used inside Department of Defense data centers to process drone and surveillance-camera footage, on Navy warships to transmit feeds of airborne missions, and inside government buildings to enable secure videoconferencing. NASA, both houses of Congress, and the Department of Homeland Security have also been customers. This portfolio made Elemental a target for foreign adversaries.

    Supermicro had been an obvious choice to build Elemental’s servers.

    Headquartered north of San Jose’s airport, up a smoggy stretch of Interstate 880, the company was founded by Charles Liang, a Taiwanese engineer who attended graduate school in Texas and then moved west to start Supermicro with his wife in 1993. Silicon Valley was then embracing outsourcing, forging a pathway from Taiwanese, and later Chinese, factories to American consumers, and Liang added a comforting advantage: Supermicro’s motherboards would be engineered mostly in San Jose, close to the company’s biggest clients, even if the products were manufactured overseas.

    Today, Supermicro sells more server motherboards than almost anyone else.

    It also dominates the $1 billion market for boards used in special-purpose computers, from MRI machines to weapons systems.

    Its motherboards can be found in made-to-order server setups at banks, hedge funds, cloud computing providers, and web-hosting services, among other places.

    Supermicro has assembly facilities in California, the Netherlands, and Taiwan, but its motherboards—its core product—are nearly all manufactured by contractors in China.

    The company’s pitch to customers hinges on unmatched customization, made possible by hundreds of full-time engineers and a catalog encompassing more than 600 designs.

    The majority of its workforce in San Jose is Taiwanese or Chinese, and Mandarin is the preferred language, with hanzi filling the whiteboards, according to six former employees. Chinese pastries are delivered every week, and many routine calls are done twice, once for English-only workers and again in Mandarin. The latter are more productive, according to people who’ve been on both. These overseas ties, especially the widespread use of Mandarin, would have made it easier for China to gain an understanding of Supermicro’s operations and potentially to infiltrate the company. (A U.S. official says the government’s probe is still examining whether spies were planted inside Supermicro or other American companies to aid the attack.)

    With more than 900 customers in 100 countries by 2015, Supermicro offered inroads to a bountiful collection of sensitive targets. “Think of Supermicro as the Microsoft of the hardware world,” says a former U.S. intelligence official who’s studied Supermicro and its business model. “Attacking Supermicro motherboards is like attacking Windows. It’s like attacking the whole world.”

    The security of the global technology supply chain had been compromised, even if consumers and most companies didn’t know it yet

    Well before evidence of the attack surfaced inside the networks of U.S. companies, American intelligence sources were reporting that China’s spies had plans to introduce malicious microchips into the supply chain. The sources weren’t specific, according to a person familiar with the information they provided, and millions of motherboards are shipped into the U.S. annually. But in the first half of 2014, a different person briefed on high-level discussions says, intelligence officials went to the White House with something more concrete: China’s military was preparing to insert the chips into Supermicro motherboards bound for U.S. companies.

    The specificity of the information was remarkable, but so were the challenges it posed. Issuing a broad warning to Supermicro’s customers could have crippled the company, a major American hardware maker, and it wasn’t clear from the intelligence whom the operation was targeting or what its ultimate aims were. Plus, without confirmation that anyone had been attacked, the FBI was limited in how it could respond. The White House requested periodic updates as information came in, the person familiar with the discussions says.

    Apple made its discovery of suspicious chips inside Supermicro servers around May 2015, after detecting odd network activity and firmware problems, according to a person familiar with the timeline. Two of the senior Apple insiders say the company reported the incident to the FBI but kept details about what it had detected tightly held, even internally.

    Government investigators were still chasing clues on their own when Amazon made its discovery and gave them access to sabotaged hardware, according to one U.S. official.

    This created an invaluable opportunity for intelligence agencies and the FBI—by then running a full investigation led by its cyber-and counterintelligence teams—to see what the chips looked like and how they worked.

    The chips on Elemental servers were designed to be as inconspicuous as possible, according to one person who saw a detailed report prepared for Amazon by its third-party security contractor, as well as a second person who saw digital photos and X-ray images of the chips incorporated into a later report prepared by Amazon’s security team.

    Gray or off-white in color, they looked more like signal conditioning couplers, another common motherboard component, than microchips, and so they were unlikely to be detectable without specialized equipment. Depending on the board model, the chips varied slightly in size, suggesting that the attackers had supplied different factories with different batches.

    Officials familiar with the investigation say the primary role of implants such as these is to open doors that other attackers can go through. “Hardware attacks are about access,” as one former senior official puts it. In simplified terms, the implants on Supermicro hardware manipulated the core operating instructions that tell the server what to do as data move across a motherboard, two people familiar with the chips’ operation say.

    This happened at a crucial moment, as small bits of the operating system were being stored in the board’s temporary memory en route to the server’s central processor, the CPU. The implant was placed on the board in a way that allowed it to effectively edit this information queue, injecting its own code or altering the order of the instructions the CPU was meant to follow. Deviously small changes could create disastrous effects.

    Since the implants were small, the amount of code they contained was small as well. But they were capable of doing two very important things: telling the device to communicate with one of several anonymous computers elsewhere on the internet that were loaded with more complex code; and preparing the device’s operating system to accept this new code. The illicit chips could do all this because they were connected to the baseboard management controller, a kind of superchip that administrators use to remotely log in to problematic servers, giving them access to the most sensitive code even on machines that have crashed or are turned off.

    This system could let the attackers alter how the device functioned, line by line, however they wanted, leaving no one the wiser. To understand the power that would give them, take this hypothetical example: Somewhere in the Linux operating system, which runs in many servers, is code that authorizes a user by verifying a typed password against a stored encrypted one. An implanted chip can alter part of that code so the server won’t check for a password—and presto!

    A secure machine is open to any and all users. A chip can also steal encryption keys for secure communications, block security updates that would neutralize the attack, and open up new pathways to the internet. Should some anomaly be noticed, it would likely be cast as an unexplained oddity. “The hardware opens whatever door it wants,” says Joe FitzPatrick, founder of Hardware Security Resources LLC, a company that trains cybersecurity professionals in hardware hacking techniques.

    U.S. officials had caught China experimenting with hardware tampering before, but they’d never seen anything of this scale and ambition. The security of the global technology supply chain had been compromised, even if consumers and most companies didn’t know it yet. What remained for investigators to learn was how the attackers had so thoroughly infiltrated Supermicro’s production process—and how many doors they’d opened into American targets.

    Unlike software-based hacks, hardware manipulation creates a real-world trail. Components leave a wake of shipping manifests and invoices. Boards have serial numbers that trace to specific factories. To track the corrupted chips to their source, U.S. intelligence agencies began following Supermicro’s serpentine supply chain in reverse, a person briefed on evidence gathered during the probe says.

    As recently as 2016, according to DigiTimes, a news site specializing in supply chain research, Supermicro had three primary manufacturers constructing its motherboards, two headquartered in Taiwan and one in Shanghai.

    When such suppliers are choked with big orders, they sometimes parcel out work to subcontractors. In order to get further down the trail, U.S. spy agencies drew on the prodigious tools at their disposal.

    They sifted through communications intercepts, tapped informants in Taiwan and China, even tracked key individuals through their phones, according to the person briefed on evidence gathered during the probe. Eventually, that person says, they traced the malicious chips to four subcontracting factories that had been building Supermicro motherboards for at least two years.

    As the agents monitored interactions among Chinese officials, motherboard manufacturers, and middlemen, they glimpsed how the seeding process worked. In some cases, plant managers were approached by people who claimed to represent Supermicro or who held positions suggesting a connection to the government. The middlemen would request changes to the motherboards’ original designs, initially offering bribes in conjunction with their unusual requests. If that didn’t work, they threatened factory managers with inspections that could shut down their plants. Once arrangements were in place, the middlemen would organize delivery of the chips to the factories.

    The investigators concluded that this intricate scheme was the work of a People’s Liberation Army unit specializing in hardware attacks, according to two people briefed on its activities. The existence of this group has never been revealed before, but one official says, “We’ve been tracking these guys for longer than we’d like to admit.”

    The unit is believed to focus on high-priority targets, including advanced commercial technology and the computers of rival militaries.

    In past attacks, it targeted the designs for high-performance computer chips and computing systems of large U.S. internet providers.

    Provided details of Businessweek’s reporting, China’s Ministry of Foreign Affairs sent a statement that said “China is a resolute defender of cybersecurity.”

    The ministry added that in 2011, China proposed international guarantees on hardware security along with other members of the Shanghai Cooperation Organization, a regional security body.

    The statement concluded, “We hope parties make less gratuitous accusations and suspicions but conduct more constructive talk and collaboration so that we can work together in building a peaceful, safe, open, cooperative and orderly cyberspace.”

    The Supermicro attack was on another order entirely from earlier episodes attributed to the PLA. It threatened to have reached a dizzying array of end users, with some vital ones in the mix. Apple, for its part, has used Supermicro hardware in its data centers sporadically for years, but the relationship intensified after 2013, when Apple acquired a startup called Topsy Labs, which created superfast technology for indexing and searching vast troves of internet content.

    By 2014, the startup was put to work building small data centers in or near major global cities. This project, known internally as Ledbelly, was designed to make the search function for Apple’s voice assistant, Siri, faster, according to the three senior Apple insiders.

    Documents seen by Businessweek show that in 2014, Apple planned to order more than 6,000 Supermicro servers for installation in 17 locations, including Amsterdam, Chicago, Hong Kong, Los Angeles, New York, San Jose, Singapore, and Tokyo, plus 4,000 servers for its existing North Carolina and Oregon data centers.

    Those orders were supposed to double, to 20,000, by 2015. Ledbelly made Apple an important Supermicro customer at the exact same time the PLA was found to be manipulating the vendor’s hardware.

    Project delays and early performance problems meant that around 7,000 Supermicro servers were humming in Apple’s network by the time the company’s security team found the added chips. Because Apple didn’t, according to a U.S. official, provide government investigators with access to its facilities or the tampered hardware, the extent of the attack there remained outside their view.


    Microchips found on altered motherboards in some cases looked like signal conditioning couplers.

    American investigators eventually figured out who else had been hit.

    Since the implanted chips were designed to ping anonymous computers on the internet for further instructions, operatives could hack those computers to identify others who’d been affected. Although the investigators couldn’t be sure they’d found every victim, a person familiar with the U.S. probe says they ultimately concluded that the number was almost 30 companies.

    That left the question of whom to notify and how.

    U.S. officials had been warning for years that hardware made by two Chinese telecommunications giants, Huawei Corp. and ZTE Corp., was subject to Chinese government manipulation.

    (Both Huawei and ZTE have said no such tampering has occurred.)

    But a similar public alert regarding a U.S. company was out of the question. Instead, officials reached out to a small number of important Supermicro customers.

    One executive of a large web-hosting company says the message he took away from the exchange was clear: Supermicro’s hardware couldn’t be trusted. “That’s been the nudge to everyone—get that crap out,” the person says.

    Amazon, for its part, began acquisition talks with an Elemental competitor, but according to one person familiar with Amazon’s deliberations, it reversed course in the summer of 2015 after learning that Elemental’s board was nearing a deal with another buyer. Amazon announced its acquisition of Elemental in September 2015, in a transaction whose value one person familiar with the deal places at $350 million. Multiple sources say that Amazon intended to move Elemental’s software to AWS’s cloud, whose chips, motherboards, and servers are typically designed in-house and built by factories that Amazon contracts from directly.

    A notable exception was AWS’s data centers inside China, which were filled with Supermicro-built servers, according to two people with knowledge of AWS’s operations there.

    Mindful of the Elemental findings, Amazon’s security team conducted its own investigation into AWS’s Beijing facilities and found altered motherboards there as well, including more sophisticated designs than they’d previously encountered. In one case, the malicious chips were thin enough that they’d been embedded between the layers of fiberglass onto which the other components were attached, according to one person who saw pictures of the chips.

    That generation of chips was smaller than a sharpened pencil tip, the person says. (Amazon denies that AWS knew of servers found in China containing malicious chips.)

    China has long been known to monitor banks, manufacturers, and ordinary citizens on its own soil, and the main customers of AWS’s China cloud were domestic companies or foreign entities with operations there. Still, the fact that the country appeared to be conducting those operations inside Amazon’s cloud presented the company with a Gordian knot.

    Its security team determined that it would be difficult to quietly remove the equipment and that, even if they could devise a way, doing so would alert the attackers that the chips had been found, according to a person familiar with the company’s probe.

    Instead, the team developed a method of monitoring the chips.

    In the ensuing months, they detected brief check-in communications between the attackers and the sabotaged servers but didn’t see any attempts to remove data. That likely meant either that the attackers were saving the chips for a later operation or that they’d infiltrated other parts of the network before the monitoring began. Neither possibility was reassuring.

    When in 2016 the Chinese government was about to pass a new cybersecurity law—seen by many outside the country as a pretext to give authorities wider access to sensitive data—Amazon decided to act, the person familiar with the company’s probe says.

    In August it transferred operational control of its Beijing data center to its local partner, Beijing Sinnet, a move the companies said was needed to comply with the incoming law.

    The following November, Amazon sold the entire infrastructure to Beijing Sinnet for about $300 million. The person familiar with Amazon’s probe casts the sale as a choice to “hack off the diseased limb.”

    As for Apple, one of the three senior insiders says that in the summer of 2015, a few weeks after it identified the malicious chips, the company started removing all Supermicro servers from its data centers, a process Apple referred to internally as “going to zero.” Every Supermicro server, all 7,000 or so, was replaced in a matter of weeks, the senior insider says. (Apple denies that any servers were removed.) In 2016, Apple informed Supermicro that it was severing their relationship entirely—a decision a spokesman for Apple ascribed in response to Businessweek’s questions to an unrelated and relatively minor security incident.

    That August, Supermicro’s CEO, Liang, revealed that the company had lost two major customers. Although he didn’t name them, one was later identified in news reports as Apple. He blamed competition, but his explanation was vague. “When customers asked for lower price, our people did not respond quickly enough,” he said on a conference call with analysts. Hayes, the Supermicro spokesman, says the company has never been notified of the existence of malicious chips on its motherboards by either customers or U.S. law enforcement.

    Concurrent with the illicit chips’ discovery in 2015 and the unfolding investigation, Supermicro has been plagued by an accounting problem, which the company characterizes as an issue related to the timing of certain revenue recognition. After missing two deadlines to file quarterly and annual reports required by regulators, Supermicro was delisted from the Nasdaq on Aug. 23 of this year. It marked an extraordinary stumble for a company whose annual revenue had risen sharply in the previous four years, from a reported $1.5 billion in 2014 to a projected $3.2 billion this year.

    One Friday in late September 2015, President Barack Obama and Chinese President Xi Jinping appeared together at the White House for an hourlong press conference headlined by a landmark deal on cybersecurity. After months of negotiations, the U.S. had extracted from China a grand promise: It would no longer support the theft by hackers of U.S. intellectual property to benefit Chinese companies. Left out of those pronouncements, according to a person familiar with discussions among senior officials across the U.S. government, was the White House’s deep concern that China was willing to offer this concession because it was already developing far more advanced and surreptitious forms of hacking founded on its near monopoly of the technology supply chain.

    In the weeks after the agreement was announced, the U.S. government quietly raised the alarm with several dozen tech executives and investors at a small, invite-only meeting in McLean, Va., organized by the Pentagon. According to someone who was present, Defense Department officials briefed the technologists on a recent attack and asked them to think about creating commercial products that could detect hardware implants. Attendees weren’t told the name of the hardware maker involved, but it was clear to at least some in the room that it was Supermicro, the person says.

    The problem under discussion wasn’t just technological. It spoke to decisions made decades ago to send advanced production work to Southeast Asia. In the intervening years, low-cost Chinese manufacturing had come to underpin the business models of many of America’s largest technology companies. Early on, Apple, for instance, made many of its most sophisticated electronics domestically. Then in 1992, it closed a state-of-the-art plant for motherboard and computer assembly in Fremont, Calif., and sent much of that work overseas.

    Over the decades, the security of the supply chain became an article of faith despite repeated warnings by Western officials. A belief formed that China was unlikely to jeopardize its position as workshop to the world by letting its spies meddle in its factories. That left the decision about where to build commercial systems resting largely on where capacity was greatest and cheapest. “You end up with a classic Satan’s bargain,” one former U.S. official says. “You can have less supply than you want and guarantee it’s secure, or you can have the supply you need, but there will be risk. Every organization has accepted the second proposition.”

    In the three years since the briefing in McLean, no commercially viable way to detect attacks like the one on Supermicro’s motherboards has emerged—or has looked likely to emerge. Few companies have the resources of Apple and Amazon, and it took some luck even for them to spot the problem.

    “This stuff is at the cutting edge of the cutting edge, and there is no easy technological solution,” one of the people present in McLean says.

    “You have to invest in things that the world wants. You cannot invest in things that the world is not ready to accept yet.”

    Bloomberg LP has been a Supermicro customer. According to a Bloomberg LP spokesperson, the company has found no evidence to suggest that it has been affected by the hardware issues raised in the article.

    Paul Harvey used to say, " and that folks is the rest of the story... " seems an awful lot and long drawn out investigation spanning many years to simply be "fake news" doncha think?
    Last edited by Bob; 6th November 2018 at 02:14.
    Each of us play our part in creating a new story for humanity and our planet ~

  16. The Following 5 Users Say Thank You to Bob For This Post:

    avid (4th October 2018), Flash (5th October 2018), happyuk (17th October 2018), Magnus (7th October 2018), TargeT (4th October 2018)

  17. Link to Post #9
    Avalon Member avid's Avatar
    Join Date
    19th March 2010
    Location
    NW UK
    Posts
    1,826
    Thanks
    24,123
    Thanked 7,485 times in 1,604 posts

    Default Re: Apparently China just can't resist embedding spyware (It's worse - lots worse. See Post #32)

    Obfuscation to key nations...
    The love you withhold is the pain that you carry
    and er..
    "Chariots of the Globs" (apols to Fat Freddy's Cat)

  18. The Following User Says Thank You to avid For This Post:

    Bob (4th October 2018)

  19. Link to Post #10
    Avalon Member Bob's Avatar
    Join Date
    23rd June 2013
    Location
    North America
    Age
    66
    Posts
    6,617
    Thanks
    11,952
    Thanked 27,588 times in 5,875 posts

    Default Re: Apparently China just can't resist embedding spyware (It's worse - lots worse. See Post #32)

    Here is an article on Ars-technica (2017) about APPLE getting rid of SuperMicro servers - https://arstechnica.com/information-...rmware-update/
    A mid-2016 security incident led to Apple purging its data centers of servers built by Supermicro, including returning recently purchased systems, according to a report by The Information. Malware-infected firmware was reportedly detected in an internal development environment for Apple's App Store, as well as some production servers handling queries through Apple's Siri service.

    An Apple spokesperson denied there was a security incident. However, Supermicro's senior vice-president of technology, Tau Leng, told The Information that Apple had ended its relationship with Supermicro because of the compromised systems in the App Store development environment. Leng also confirmed Apple returned equipment that it had recently purchased. An anonymous source was cited as the source of the information regarding infected Siri servers.

    Apple has used a variety of other companies' server hardware—since the company got out of the server business itself and never used its own in datacenters—including servers from HP and storage from NetApp. A few years ago, Apple added Supermicro as a supplier for some of its development and data center computing infrastructure.

    But Apple has been squeezing the cost of its data center supply chain and moving toward more custom hardware much like the other cloud giants. In August of 2016, Digitimes reported Apple was increasing its orders for full-rack systems from the integrator ZT Systems and adding the China-based Inspur as a server supplier.

    Leng told The Information that Apple was the only company to report the firmware issue, and he said the servers are used by thousands of customers. He asserted that when his company asked Apple's engineers to provide information about the firmware, they gave an incorrect version number—and then refused to give further information.
    Each of us play our part in creating a new story for humanity and our planet ~

  20. The Following 4 Users Say Thank You to Bob For This Post:

    avid (5th October 2018), Magnus (7th October 2018), Paul (5th October 2018), Reinhard (5th October 2018)

  21. Link to Post #11
    Avalon Member Bob's Avatar
    Join Date
    23rd June 2013
    Location
    North America
    Age
    66
    Posts
    6,617
    Thanks
    11,952
    Thanked 27,588 times in 5,875 posts

    Default Re: Apparently China just can't resist embedding spyware (It's worse - lots worse. See Post #32)

    Reports of major tech giants using the SuperMicro servers -
    • IBM has been known as a big customer of Supermicro, which supplied servers for its cloud business, formerly known as SoftLayer.
    • Last year, Intel was reported to have placed a massive Supermicro server order for one of its data centers.
    • Dedicated Server Hosting Provider, Hivelocity, is proud to announce the addition of Dell to its list of server hardware partners. Dell is known for producing some of the most soundly built and innovative server chassis in the industry. Customers of Hivelocity now have the option of choosing between both Dell and SuperMicro dedicated servers.
    • The Supermicro SuperStorage servers improve upon their existing extensive portfolio of modern solutions to drive IT transformation in the data center. Commvault has worked with Supermicro on three (3) different reference designs to support our customers’ diverse needs.
    • What hardware powers ETSY? We’re pretty much in love with this 2U Supermicro chassis which allows for 4x nodes that share two power supplies and 12 3.5″ disks on the front of the chassis
    • SUSE Enterprise storage - Get cost-effective, infinitely scalable data storage with SUSE Enterprise Storage and Supermicro servers.
    • Reliable hosting and domains that you can trust, mtc. - MTC Media - Our web-sites are hosted on high performance Supermicro servers
    • the Reston data-center configured IPMI on Supermicro servers
    • Arista and Supermicro partner on SDN servers
    • Mellanox Collaborates with Supermicro to Deliver CloudX-based Hyper-Converged..
    • Webzilla, one of the largest web hosting companies in the world.. SuperMicro H8QGi-F Motherboard G34 Quad Opteron with 4x Opteron 6128
    • The colocation data center Ilia Hamrah Kish in Tehran, Iran SuperMicro servers (CIA scores bigtime?)
    • 4 Top Data Centers in the Mid-East - Equinix, IPTP, Mobily, Dubai Silicon Oasis - They offer a range of Supermicro servers that are pretested and ready for use..
    • Equinix (Australia) operates data centers - own proprietary IaaS built on enterprise-grade supermicro servers
    source - internet search on keywords "data center" "co-hosting" SuperMicro
    Each of us play our part in creating a new story for humanity and our planet ~

  22. The Following 3 Users Say Thank You to Bob For This Post:

    Magnus (7th October 2018), Paul (5th October 2018), Reinhard (5th October 2018)

  23. Link to Post #12
    Avalon Member Bob's Avatar
    Join Date
    23rd June 2013
    Location
    North America
    Age
    66
    Posts
    6,617
    Thanks
    11,952
    Thanked 27,588 times in 5,875 posts

    Default Re: Apparently China just can't resist embedding spyware (It's worse - lots worse. See Post #32)

    Looks like Facebook and Apple finally confirm, yes they were targets

    from Mashable - https://mashable.com/article/chinese.../#hsR7XtrouGqq

    Quote The confirmation by both companies is still significant, however, because it confirms that Chinese actors have made attempts to compromise U.S. security.

    This is something the Chinese government is denying, per Bloomberg.

    What's unclear now is the extent of the breach and whether, or why, Amazon and Apple may have had reason to deny the chip attack.
    Each of us play our part in creating a new story for humanity and our planet ~

  24. The Following User Says Thank You to Bob For This Post:

    avid (5th October 2018)

  25. Link to Post #13
    Avalon Member norman's Avatar
    Join Date
    25th March 2010
    Location
    too close to the hot air exhaust
    Age
    62
    Posts
    4,590
    Thanks
    6,981
    Thanked 20,946 times in 3,928 posts

    Default Re: Apparently China just can't resist embedding spyware (It's worse - lots worse. See Post #32)

    The 64 million dollar question right now is, was this a sneaky trick apple was completely unaware of before it committed to merging with China?

    The ten dollar question is, will it make any difference?
    .................................................. my first language is TYPO..............................................

  26. The Following 2 Users Say Thank You to norman For This Post:

    avid (5th October 2018), Bob (5th October 2018)

  27. Link to Post #14
    Avalon Member Bob's Avatar
    Join Date
    23rd June 2013
    Location
    North America
    Age
    66
    Posts
    6,617
    Thanks
    11,952
    Thanked 27,588 times in 5,875 posts

    Default Re: Apparently China just can't resist embedding spyware (It's worse - lots worse. See Post #32)

    I suppose this begs us to question, exactly what IS in a component, a "chip" or part that the supply chain receives from let's say China, or Malaysia, or the Philippines.. Remember that airplane which disappeared somewhere in the Indian Ocean, with key chip manufacturing engineers on board?

    If one believes with "certainty" that one's data buffer chip for instance is pure great ! BUT, a normal part expected to be part of the data chain for access to peripherals, or parts of the memory may actually contain a miniature microprocessor just waiting for a certain code sequence to appear in the data stream, then takes over, and does the "oh my gowd" level attack.. Do we know for sure?

    How certain are we that our chips themselves from those Countries are actually what they say they are and not a trojan horse just waiting to be activated?

    Begs one to take a very very long look at what is in the supply chain of the parts we all buy, worldwide.. hummmmm

    ---more thoughts from The Verge - https://www.theverge.com/2018/10/4/1...-apple-servers

    Quote [..] a successful supply-chain attack would still be nearly impossible to mitigate with conventional security tools.

    “If you cannot trust your hardware, you cannot trust anything that the hardware checks,” Hotz says. “Fundamentally, there is no way to check for this in software.”
    If one wants to 'buy Chinese' or Malaysian, or Philippines to save a few pennies, are you sure your component is not just waiting to do some dastardly deed to your security, you bank accounts, your heart monitor, or pacemaker? Or your Jet Airplane navigation system?

    Prior folks have thought that it was the complex computer which may have been taken over by remote commands due to some hole in the operating system software.. Apparently there was someone who leaked, well, it was done at the CHIP LEVEL.. And that again begs one to question, er.... those chips are in exactly WHAT electronics apparatus?

    Possibly the biggest conspiracy of the Ages has just been cracked open.. fake news, methinks hardly.

    Last edited by Bob; 5th October 2018 at 18:22.
    Each of us play our part in creating a new story for humanity and our planet ~

  28. The Following 5 Users Say Thank You to Bob For This Post:

    avid (5th October 2018), Magnus (7th October 2018), norman (5th October 2018), Paul (5th October 2018), Valerie Villars (5th October 2018)

  29. Link to Post #15
    Virgin Islands Avalon Member TargeT's Avatar
    Join Date
    30th June 2011
    Location
    St. Croix
    Age
    39
    Posts
    7,225
    Thanks
    20,734
    Thanked 37,255 times in 6,757 posts

    Default Re: Apparently China just can't resist embedding spyware (It's worse - lots worse. See Post #32)

    Quote Posted by norman (here)
    The 64 million dollar question right now is, was this a sneaky trick apple was completely unaware of before it committed to merging with China?

    The ten dollar question is, will it make any difference?
    The investigators counter hacked the command and control points on the internet & observed traffic (there is a possibility this is just a "red herring" but the report seems fairly certain on it)... we know who this benefited and it was not Apple (it was China).

    This is a "shot over the bow" & I am interested in what the DOD's response will be; they did just stand up the new Cyber Command........
    There was a 1: 400,000,000,000,000 chance of you being born: what have you done with your miraculous life today?

  30. The Following 6 Users Say Thank You to TargeT For This Post:

    avid (5th October 2018), Bob (5th October 2018), Magnus (7th October 2018), norman (5th October 2018), Paul (5th October 2018), Valerie Villars (5th October 2018)

  31. Link to Post #16
    Avalon Member norman's Avatar
    Join Date
    25th March 2010
    Location
    too close to the hot air exhaust
    Age
    62
    Posts
    4,590
    Thanks
    6,981
    Thanked 20,946 times in 3,928 posts

    Default Re: Apparently China just can't resist embedding spyware (It's worse - lots worse. See Post #32)

    Quote Posted by TargeT (here)
    Quote Posted by norman (here)
    The 64 million dollar question right now is, was this a sneaky trick apple was completely unaware of before it committed to merging with China?

    The ten dollar question is, will it make any difference?
    The investigators counter hacked the command and control points on the internet & observed traffic (there is a possibility this is just a "red herring" but the report seems fairly certain on it)... we know who this benefited and it was not Apple (it was China).

    This is a "shot over the bow" & I am interested in what the DOD's response will be; they did just stand up the new Cyber Command........
    Apple's manufacturing base is in China, so they were very much over a barrel if China leaned on them to choose a side in the upcoming stand off.

    Apple is SO big that the president, even, will have to tread carefully to avoid an economic bender. If the DOD isn't fully on top of this, they should be.

    edit:

    Is the outing of this story ( we are now hearing about it ) really a US move to give apple a legitimate "out" from whatever it has agreed to do with China ?
    Last edited by norman; 5th October 2018 at 18:34.
    .................................................. my first language is TYPO..............................................

  32. The Following 4 Users Say Thank You to norman For This Post:

    Bob (5th October 2018), Magnus (7th October 2018), Paul (5th October 2018), TargeT (5th October 2018)

  33. Link to Post #17
    Avalon Member Bob's Avatar
    Join Date
    23rd June 2013
    Location
    North America
    Age
    66
    Posts
    6,617
    Thanks
    11,952
    Thanked 27,588 times in 5,875 posts

    Default Re: Apparently China just can't resist embedding spyware (It's worse - lots worse. See Post #32)

    WIRED published an article which showed how a hidden sabotaged function in a computer or electronic's CHIP could be designed. (These chips can contain billions of transistors, or circuits and are "integrated" into a small convenient package for cheap and easy mass production).

    In FACT to prove that it can be done, the University of Michigan Computer Scientists showed this in operation in a custom chip they had built with the "hidden feature" in it.


    Quote "Detecting this with current techniques would be very, very challenging if not impossible," says Todd Austin, one of the computer science professors at the University of Michigan who led the research. "It's a needle in a mountain-sized haystack."

    Or as Google engineer Yonatan Zunger wrote after reading the paper: "This is the most demonically clever computer security attack I've seen in years."
    Blow your mind away with this type of evil insidiousness

    Quoting from the article -
    It's that it violates the security industry's most basic assumptions about a chip's digital functions and how they might be sabotaged.

    Instead of a mere change to the "digital" properties of a chip—a tweak to the chip's logical computing functions—the researchers describe their backdoor as an "analog" one: a physical hack that takes advantage of how the actual electricity flowing through the chip's transistors can be hijacked to trigger an unexpected outcome. Hence the backdoor's name: A2, which stands for both Ann Arbor, the city where the University of Michigan is based, and "Analog Attack."

    Here's how that analog hack works:

    After the chip is fully designed and ready to be fabricated, a saboteur adds a single component to its "mask," the blueprint that governs its layout.

    That single component or "cell"—of which there are hundreds of millions or even billions on a modern chip—is made out of the same basic building blocks as the rest of the processor: wires and transistors that act as the on-or-off switches that govern the chip's logical functions. But this cell is secretly designed to act as a capacitor, a component that temporarily stores electric charge.


    Every time a malicious program—say, a script on a website you visit—runs a certain, obscure command, that capacitor cell "steals" a tiny amount of electric charge and stores it in the cell's wires without otherwise affecting the chip's functions.

    With every repetition of that command, the capacitor gains a little more charge.

    Only after the "trigger" command is sent many thousands of times does that charge hit a threshold where the cell switches on a logical function in the processor to give a malicious program the full operating system access it wasn't intended to have.

    "It takes an attacker doing these strange, infrequent events in high frequency for a duration of time," says Austin. "And then finally the system shifts into a privileged state that lets the attacker do whatever they want."

    That capacitor-based trigger design means it's nearly impossible for anyone testing the chip's security to stumble on the long, obscure series of commands to "open" the backdoor. And over time, the capacitor also leaks out its charge again, closing the backdoor so that it's even harder for any auditor to find the vulnerability.
    Quote by building a backdoor that exploits the unintended physical properties of a chip's components—their ability to "accidentally" accumulate and leak small amounts of charge—rather than their intended logical function, the researchers say their backdoor component can be a thousandth the size of previous attempts. And it would be far harder to detect with existing techniques like visual analysis of a chip or measuring its power use to spot anomalies.

    "We take advantage of these rules 'outside of the Matrix' to perform a trick that would [otherwise] be very expensive and obvious," says Matthew Hicks, another of the University of Michigan researchers. "By following that different set of rules, we implement a much more stealthy attack."

    The Michigan researchers went so far as to build their A2 backdoor into a simple open-source OR1200 processor to test out their attack.

    Since the backdoor mechanism depends on the physical characteristics of the chip's wiring, they even tried their "trigger" sequence after heating or cooling the chip to a range of temperatures, from negative 13 degrees to 212 degrees Fahrenheit, and found that it still worked in every case.
    and
    ... given that current defenses against detecting processor-level backdoors wouldn't spot their A2 attack, they argue that a new method is required:

    Specifically, they say that modern chips need to have a trusted component that constantly checks that programs haven't been granted inappropriate operating-system-level privileges.

    Ensuring the security of that component, perhaps by building it in secure facilities or making sure the design isn't tampered with before fabrication, would be far easier than ensuring the same level of trust for the entire chip.
    Building in SECURE FACILITIES with each member of the supply chain fully security vetted, bonded, and trusted. The days of "cheap Chinese", or "cheap Japanese" or "cheap Malaysian, or Korean" (fill in the blank ____________________) chip manufacturer really SHOULD BE OVER if we want to know safety.

    Alas though this may be currently an insurmountable issue to recover from. The Trojan Horses may already be here - this is no idle situation, modern integrated circuits, (chips) are in everything of our modern world.

    source - https://www.documentcloud.org/docume...og-Attack.html the full paper from Michigan University

    ==ps update==

    Manufacturers or prototypers, or schools or industries wanting to cut some corners, and save some bux, 'hey, we have some surplus bargain over-flow chips from our recent manufacturing run, the end buyer says they can't buy any more, want to get some at a 90% discount?' Ever hear the expression Caveat Emptor (let the buyer be-ware)... What one may be buying may seem perfectly "functional" but one may be buying something more...

    ---I'm going to add one more 'food for mental thought' point - Watching the naysayers, saying naw China is our friend, they would never deliberately put spyware into key information systems (or internet connected cameras, or children's toys that spy..), watching the spook agencies trying to sway readers away from 'looking under the hood' so to speak..

    If the focus is on the BOARD server sabotaging, let's not forget the CHIP level sabotage (as pointed out by the University of Michigan computer scientists...

    So maybe in the future, when the smoke dies down, we don't see any added "chips" on the servers any more or on the motherboards, or in our iPHONES or Samsung Phones, etc.. so we don't see the 'extra parts'...

    ARE OUR PARTS themselves quality controlled and certified as SAFE and SECURE?

    Here is a current blip from UK - "trust us, we KNOW what we are talking about" says the spy agency...
    Quote UK’s top national cybersecurity agency GCHQ told Reuters on Friday that it didn’t see any reason to question the validity of Apple and Amazon’s denials that their servers were compromised following a meteoric report from Bloomberg on Thursday. The report claimed that Chinese spies were able to place microchips in the companies’ servers, allegedly giving the Chinese government backdoor access to some of the largest cloud platforms in the world.

    The GCHQ, which is the UK’s equivalent to the US National Security Agency (NSA), didn’t call for an investigation into the claims, but it requested that anyone with information about the alleged attack reach out. In its response to Reuters, the GCHQ said, “We are aware of the media reports but at this stage have no reason to doubt the detailed assessments made by AWS and Apple,” said the National Cyber Security Centre, a unit of GCHQ.
    Last edited by Bob; 5th October 2018 at 19:49.
    Each of us play our part in creating a new story for humanity and our planet ~

  34. The Following 4 Users Say Thank You to Bob For This Post:

    devplan (5th October 2018), Magnus (7th October 2018), norman (5th October 2018), Paul (5th October 2018)

  35. Link to Post #18
    Avalon Member norman's Avatar
    Join Date
    25th March 2010
    Location
    too close to the hot air exhaust
    Age
    62
    Posts
    4,590
    Thanks
    6,981
    Thanked 20,946 times in 3,928 posts

    Default Re: Apparently China just can't resist embedding spyware (It's worse - lots worse. See Post #32)

    It reminds me of the time that Iranian nuclear centrifuge plant was allegedly hacked and wrecked.
    .................................................. my first language is TYPO..............................................

  36. The Following 2 Users Say Thank You to norman For This Post:

    Bob (5th October 2018), Paul (5th October 2018)

  37. Link to Post #19
    United States Avalon Member Ratszinger's Avatar
    Join Date
    9th September 2018
    Posts
    156
    Thanks
    380
    Thanked 667 times in 142 posts

    Default Re: Apparently China just can't resist embedding spyware (It's worse - lots worse. See Post #32)

    It is interesting. I read somewhere, I think somewhere on here that the emergency test was to 'weed out infected equipment' and on that topic my AT&T TV receiver literally went out of commission right after the emergency broadcast came across my phone. I got the alert on two Androids at about the same time. On the one with phone service connected through the cell network I clicked "OK" and the message cleared. The phone functioned fine even with the message up also.

    On the other Android, my MOTO X and first one that does not have cell service any longer that I just use for storing pictures I also got the alert through my wireless receiver also from AT&T. The very second, the very moment I clicked OK on the emergency alert to clear that phone without cell service connected to my home service (by the by this Android MOTOX did lock up and would not function to open anything or work at all until I clicked "OK" unlike the other one. ) I clicked "OK" and the very second my phone cleared, and rebooted the TV receiver went off too. The phone rebooted then worked again. The TV receiver went out completely and gave messages I've never seen before. Something about conflicted equipment detected or there abouts. Then it had the number to contact to turn it in. AT&T seemed very interested in getting in their possession.
    The genius consistently stands out from the masses in that he unconsciously anticipates truths of which the population as a whole only later becomes conscious! Speech-circa 1937

  38. The Following 3 Users Say Thank You to Ratszinger For This Post:

    Bob (5th October 2018), norman (5th October 2018), Valerie Villars (5th October 2018)

  39. Link to Post #20
    France Administrator Hervé's Avatar
    Join Date
    7th March 2011
    Location
    Brittany
    Posts
    15,138
    Thanks
    52,500
    Thanked 82,273 times in 13,884 posts

    Default Re: Apparently China just can't resist embedding spyware (It's worse - lots worse. See Post #32)

    ...


    I wonder who gave them the idea... Re: CPU Security Holes affecting Intel and AMD CPUs ...


    And, in Carmody's word:

    Quote Posted by Carmody (here)
    I knew about purpose built cpu backdoors in 1993, approximately. Custom telecom chips.

    I can tell you - that the situation was global. Yes, in the mid 1990's, it was fully global.

    This is many times done with many a large scale chip, depending on intended usage. Same for complex software that runs said systems. A single piece of software for a backbone system might have the original programmer's secret back door (which any programmer worth their pay will make for themselves), the corporate backdoor system (which the corporation demanded) and then the NSA purpose built backdoor (that the NSA demanded). Each may be a derivative of the fundamental.

    the more complex the chip and software the more likely the backdoor exists and that there may be multiple paths.
    "La réalité est un rêve que l'on fait atterrir" San Antonio AKA F. Dard

    Troll-hood motto: Never, ever, however, whatsoever, to anyone, a point concede.

  40. The Following 3 Users Say Thank You to Hervé For This Post:

    Magnus (7th October 2018), norman (5th October 2018), Paul (5th October 2018)

+ Reply to Thread
Page 1 of 3 1 3 LastLast

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts