Stories
Slash Boxes
Comments

SoylentNews is people

posted by takyon on Thursday October 04 2018, @03:00PM   Printer-friendly
from the Cyberwarfare dept.

Chinese spy chips are found in hardware used by Apple, Amazon, Bloomberg says; Apple, AWS say no way

The chips, which Bloomberg said have been the subject of a top secret U.S. government investigation starting in 2015, were used for gathering intellectual property and trade secrets from American companies and may have been introduced by a Chinese server company called Super Micro that assembled machines used in the centers.

[...] China has long been suspected — but rarely directly implicated — in en masse spy campaigns based on hardware made there. The majority of electronic components used in U.S. technology are manufactured in China. Companies including component manufacturers Huawei and ZTE, as well as surveillance camera maker Hikvision, have all fallen under intense suspicion and scrutiny from the U.S. government in the past year.

I'd think that the big guys would be designing their own boards. Maybe we should only buy PCBs from South Korea.

Also at Bloomberg and The Guardian.


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 5, Interesting) by Unixnut on Thursday October 04 2018, @04:43PM (4 children)

    by Unixnut (5779) on Thursday October 04 2018, @04:43PM (#744171)

    While an impressive little addition to the motherboards, and very hard to find. It still lags behind the Wests spy chips, which are nicely embedded in the processor itself, and hidden in plain view under names like "management engine" and somesuch.

    Then of course, you got the UEFI bondoogle, an entire OS running under your system, in ring -1, with full hardware access, with its own keysigning chips, and you have no idea what keys were burned in when it was built.

    I am honestly surprised the Chinese bothered with their own little spy chips, might have been easier to try to find the existing backdoors already in place. Although I suspect these chips may predate the new "inbuilt" backdoors currently being toted about.

    The article states that this was only "discovered" in 2015, and an investigation started, we may not know when they first started implementing the spy chips on the MBs.

    Assuming of course, this is all true, and not just invented as a "Casus belli" for more trade war. However, if we know it has been installed in all Supermicro MBs since at least 2015, it should be relatively easy for anyone with access to one to have a look.

    Starting Score:    1  point
    Moderation   +3  
       Insightful=1, Interesting=2, Total=3
    Extra 'Interesting' Modifier   0  
    Karma-Bonus Modifier   +1  

    Total Score:   5  
  • (Score: 1, Interesting) by Anonymous Coward on Thursday October 04 2018, @06:28PM (2 children)

    by Anonymous Coward on Thursday October 04 2018, @06:28PM (#744232)

    I am honestly surprised the Chinese bothered with their own little spy chips, might have been easier to try to find the existing backdoors already in place. Although I suspect these chips may predate the new "inbuilt" backdoors currently being toted about.

    Intel AMT has been around for a long time: https://en.wikipedia.org/wiki/Intel_AMT_versions [wikipedia.org]

    So it's more likely that this is fakenews/propaganda. As you said it's easier to use existing backdoors. The Chinese would be well aware of the AMT stuff and they might as well use it. You don't even have to tamper directly with it an additional NIC in a NIC won't always be noticed.

    Why shove stuff between layers in a motherboard (as the bloomberg article claims) when there are already chips connected to the stuff you need - ethernet interface etc. It's not so easy to audit silicon for "unauthorized modifications/features".

    However, if we know it has been installed in all Supermicro MBs since at least 2015, it should be relatively easy for anyone with access to one to have a look.

    Then they may claim only certain machines were affected... They already say stuff like:

    Still, to actually accomplish a seeding attack would mean developing a deep understanding of a product’s design, manipulating components at the factory, and ensuring that the doctored devices made it through the global logistics chain to the desired location—a feat akin to throwing a stick in the Yangtze River upstream from Shanghai and ensuring that it washes ashore in Seattle.

    • (Score: 2) by Unixnut on Friday October 05 2018, @09:19AM (1 child)

      by Unixnut (5779) on Friday October 05 2018, @09:19AM (#744560)

      All fair points, however I had a look at your link, the first gen AMT was in motherboards of the same generation as the D975XBX2, which (based on what I found online) was released around 2006/2007.

      The first gen AMT may not have been very useful as a backdoor. The wiki states that it only really had control over ethernet, at best it could have copied ethernet frames and forwarded traffic remotely, but a decent IDS would have noticed that.

      However, assuming that the AMT system had a backdoor since the very beginning. Supermicro itself was founded in 1993, meaning that there was a 14 year gap before AMT came around. For all we know these chips might have been put in from the very start, and the Chinese spooks saw no reason to remove it even after other backdoors came into play. Always good to have multiple entrypoints into a system.

      • (Score: 0) by Anonymous Coward on Wednesday October 10 2018, @04:27PM

        by Anonymous Coward on Wednesday October 10 2018, @04:27PM (#747007)

        Supermicro is a US company. Founded by some guy from Taiwan (not the same country as China).

  • (Score: 2) by Reziac on Friday October 05 2018, @06:33AM

    by Reziac (2489) on Friday October 05 2018, @06:33AM (#744532) Homepage

    Does anyone here have one of these boards that they could sacrifice for testing?

    --
    And there is no Alkibiades to come back and save us from ourselves.