SoylentNews is people
SoylentNews
Chinese spy chips are found in hardware used by Apple, Amazon, Bloomberg says; Apple, AWS say no way
The chips, which Bloomberg said have been the subject of a top secret U.S. government investigation starting in 2015, were used for gathering intellectual property and trade secrets from American companies and may have been introduced by a Chinese server company called Super Micro that assembled machines used in the centers.
[...] China has long been suspected — but rarely directly implicated — in en masse spy campaigns based on hardware made there. The majority of electronic components used in U.S. technology are manufactured in China. Companies including component manufacturers Huawei and ZTE, as well as surveillance camera maker Hikvision, have all fallen under intense suspicion and scrutiny from the U.S. government in the past year.
I'd think that the big guys would be designing their own boards. Maybe we should only buy PCBs from South Korea.
Also at Bloomberg and The Guardian.
(Score: 3, Insightful) by AssCork on Thursday October 04 2018, @05:14PM (5 children)
Maybe bring some of these manufacturing jobs back 'home' to the UK & US? I mean, that wouldn't completely prevent this type of secret-chip-embedded in hardware problem, but it sounds like that would go a long way toward's helping-out.
Just popped-out of a tight spot. Came out mostly clean, too.
(Score: 1, Insightful) by Anonymous Coward on Thursday October 04 2018, @05:20PM
Or maybe use a well known design and verify it by destructively auditing samples, read: ESM analysis versus known matrices or dies? They designed the chips themselves, didn't they?
Oh, but then USA backdoors may come into the light. Let's not do it and answer all questions in this matter with intellectual property babble.
(Score: 2) by bob_super on Thursday October 04 2018, @05:35PM (3 children)
There is such thing as "trusted factories", specifically designed to avoid this kind of surprises for classified and sensitive payloads.
(Score: 0) by Anonymous Coward on Thursday October 04 2018, @09:26PM (2 children)
I know that Huawei cut through a few samples of every component they receive to check for bugs and if you're not on the paranoid scale it's probably also quality control. I won't bother reading through these articles because I assume I'm not going to find more technical details (aka. evidence), if there are details I hope they'll sieve down to SN.
If I were to bug someone I would intercept the delivery and bug it there, it seems insane and highly unlikely to start involving a manufacturer with thousands of employees involved in the product.
(Score: 4, Informative) by bob_super on Thursday October 04 2018, @09:49PM (1 child)
I've seen many assembly lines. Nobody has a clue what the chips they put on the PCBs do.
Put the tray/reel in, check the part is soldered. Run the test you go from ENG, move on to the next board.
You need a guy or five in engineering, optionally an additional guy in Test Engineering.
Purchasing guy gets a part number and a supplier, nobody on the floor knows or cares what the chips do.
(Score: 3, Informative) by Ethanol-fueled on Friday October 05 2018, @01:02AM
Yep, every sane business that deals with boards has training regarding counterfeit parts (almost always ICs) and quarantine procedures. It's a pretty fuckhuge problem in the 'biz, and even you lowly Arduino users get bitten in the ass from counterfeit shit when that clone you buy with the counterfeit FTDI chip gets bricked during the FTDI driver install and now your Arduino (or anything else with an FTDI chip, such as USB to RS-232 or RS-485 adapters) is fucking worthless.