The great China Hack - Epic infiltration

Status
Not open for further replies.
China = 21st century evil empire. Instead of throwing aid at developing countries, they debt trap them. As someone else mentioned, they are playing the long game while western governments fill their countries with immigrants, clamp down on free speech and put men in women's bathrooms.
 
It really all comes down to greed. The baby boomers sold out this country a long time ago. Now that they are retiring, they don't care. They made their money, have a fat retirement/pension. However, China is not our buddy. Yet, folks controlling american businesses can't get enough of their cheap prices. Anyone who couldn't see this happening is a fool. That would be like buying IT equipment from Russia during the cold war.
 
Last edited:
Solution: Remove the rice-grain-sized-chip off each board.
That way you still have functioning servers. (Man this is easy. Put me in charge.....)
 
Originally Posted by jcartwright99
It really all comes down to greed. The baby boomers sold out this country a long time ago. Now that they are retiring, they don't care. They made their money, have a fat retirement/pension. However, China is not our buddy. Yet, folks controlling american businesses can't get enough of their cheap prices. Anyone who couldn't see this happening is a fool. That would be like buying IT equipment from Russia during the cold war.
It's true. Even the normal blue collars had such an insane standard of living. Today governments are much worse, they allow the anchor babies and we get stuck with the medical bills and in Quebec rich foreigners can buy Canadian citizenship. Our government really likes cozying up to China, especially on the west coast.
 
When the article said "remove the equipment", I guess that meant just removing the entire board, not just the tiny chip add-on. Above, I was suggesting you could take an Xacto knife or something and sever the PCB connections to the tiny chip they added on. That way they don't throw the baby out with the bathwater. .... Of course now we don't have to worry about the attackers knowing that we know....

"Its security team determined that it would be difficult to quietly remove the equipment and that, even if they could devise a way, doing so would alert the attackers that the chips had been found, according to a person familiar with the company's probe. Instead, the team developed a method of monitoring the chips. In the ensuing months, they detected brief check-in communications between the attackers and the sabotaged servers but didn't see any attempts to remove data "
 
Originally Posted by maxdustington
China = 21st century evil empire. Instead of throwing aid at developing countries, they debt trap them. As someone else mentioned, they are playing the long game while western governments fill their countries with immigrants, clamp down on free speech and put men in women's bathrooms.


Suggest you read John Perkins' book...it's a model they copied, not invented.
 
None of this is really new. The old sayings, "watch what you say on the telephone, someone may be listening", or loose lips sink ships.

Espionage is evolving as we use technology with everything.
 
Socialist, communists, fascist, - lefties of all colours regard the US role in the world and the mere fact of America's existence as a malice. In their minds it needs to go through a "profound transformation" at a minimum minimorum.
Hence they will try to equalise US to THEM first and then declare that someone else suffers from moral certitude, terpitude and other 5-dollar words. Self-destruction is the most efficient way of destruction, just give them enough self-hate and self-guilt, and they will rise from dead yet another time. Hundreds of millions victims of the past left experiments don't count, that never happened. Useful idiots term was coined by Lenin.
 
Originally Posted by oil_film_movies
When the article said "remove the equipment", I guess that meant just removing the entire board, not just the tiny chip add-on. Above, I was suggesting you could take an Xacto knife or something and sever the PCB connections to the tiny chip they added on. That way they don't throw the baby out with the bathwater. .... Of course now we don't have to worry about the attackers knowing that we know....

"Its security team determined that it would be difficult to quietly remove the equipment and that, even if they could devise a way, doing so would alert the attackers that the chips had been found, according to a person familiar with the company's probe. Instead, the team developed a method of monitoring the chips. In the ensuing months, they detected brief check-in communications between the attackers and the sabotaged servers but didn't see any attempts to remove data "


You can easily remove chips using special equipments (manufacturing do that for rework all the time, the ones I worked with usually rework up to 3 times and then throw it away if it is still bad).

Anything goes into the big cloud data centers (AWS, Azure, Google, etc) only comes out crushed and scraps into bits, nobody can bring any functional equipment out. There is no rework there, and no one will xacto knife a chip in a data center without testing it on the production line (you will damage a percentage of it, and fail down the road instead of immediately).

I know for one thing that a cloud service company would not try to risk customer data and use their securities to "bait" some international intruders. Their network around equipments will likely monitor anything unusual like BMC or SMBus traffic.

The easiest way to get in is software, why bother "sandwiching a pencil tip thin chip between fiberglass PCB"? If anyone can do that they can win a Nobel Peace Prize and license that technologies to everyone.

This article has so many false info that even a college engineering intern can do better.
 
Last edited:
https://www.theregister.co.uk/2018/10/04/supermicro_bloomberg/

Quote
Which makes you wonder: where did this alleged report come from? Who commissioned it? Who wrote it? Should we trust who claims to have seen it? The entire story may hinge on that report that Bloomberg claims exists and Amazon denies.

From that point, Bloomberg's story is built on another 14 people - that it has chosen to keep anonymous - confirming various aspects of the story. There are "six current and former senior national security officials" that it says have confirmed the "discovery of the chips and the government's investigation."

It claims to have two people inside Amazon (AWS) that "provided extensive information on how the attack played out at Elemental" and three people inside Apple, two of whom confirmed to Bloomberg that "the company reported the incident to the FBI but kept details about what it had detected tightly held, even internally."

So we have:

Two Amazon employees
Three Apple employees
Six intelligence agencies officials
Six other people that Bloomberg says confirmed various different aspects of the story

That is clearly enough to run a story. But is it possible there was all a big misunderstanding somewhere down the line?



Quote
Why lie?

It's worth asking one more question: what would everyone gain from misstating the truth?

Well, Bloomberg's reporters clearly have the story of a lifetime, and were driven to publish it, to the extent that it is very possible that they disregarded company denials, convinced that they were closing ranks on them over a very sensitive story.

Bloomberg reporters receive bonuses based indirectly on how much they shift markets with their reporting. This story undoubtedly did that. The publisher employs roughly 2,000 journalists, who are encouraged to work together and share information through their Bloomberg Terminals, with many layers of editing and fact checking, and it has a zero tolerance on errors: it is inconceivable that it would publish a story this huge that wasn't watertight.
 
Last edited:
Originally Posted by PandaBear
https://www.theregister.co.uk/2018/10/04/supermicro_bloomberg/

Quote
Which makes you wonder: where did this alleged report come from? Who commissioned it? Who wrote it? Should we trust who claims to have seen it? The entire story may hinge on that report that Bloomberg claims exists and Amazon denies.

From that point, Bloomberg's story is built on another 14 people - that it has chosen to keep anonymous - confirming various aspects of the story. There are "six current and former senior national security officials" that it says have confirmed the "discovery of the chips and the government's investigation."

It claims to have two people inside Amazon (AWS) that "provided extensive information on how the attack played out at Elemental" and three people inside Apple, two of whom confirmed to Bloomberg that "the company reported the incident to the FBI but kept details about what it had detected tightly held, even internally."

So we have:

Two Amazon employees
Three Apple employees
Six intelligence agencies officials
Six other people that Bloomberg says confirmed various different aspects of the story

That is clearly enough to run a story. But is it possible there was all a big misunderstanding somewhere down the line?



Quote
Why lie?

It's worth asking one more question: what would everyone gain from misstating the truth?

Well, Bloomberg's reporters clearly have the story of a lifetime, and were driven to publish it, to the extent that it is very possible that they disregarded company denials, convinced that they were closing ranks on them over a very sensitive story.

Bloomberg reporters receive bonuses based indirectly on how much they shift markets with their reporting. This story undoubtedly did that. The publisher employs roughly 2,000 journalists, who are encouraged to work together and share information through their Bloomberg Terminals, with many layers of editing and fact checking, and it has a zero tolerance on errors: it is inconceivable that it would publish a story this huge that wasn't watertight.




Which seems to suggest, and I'd agree, that the story itself is not without merit, but perhaps there's some details missing or things being misconstrued due to trying to get the piece to press and the patching together of information from multiple sources by somebody who is likely nowhere near technical enough.
 
Originally Posted by oil_film_movies
When the article said "remove the equipment", I guess that meant just removing the entire board, not just the tiny chip add-on. Above, I was suggesting you could take an Xacto knife or something and sever the PCB connections to the tiny chip they added on. That way they don't throw the baby out with the bathwater. .... Of course now we don't have to worry about the attackers knowing that we know.... "Its security team determined that it would be difficult to quietly remove the equipment and that, even if they could devise a way, doing so would alert the attackers that the chips had been found, according to a person familiar with the company's probe. Instead, the team developed a method of monitoring the chips. In the ensuing months, they detected brief check-in communications between the attackers and the sabotaged servers but didn't see any attempts to remove data "


Originally Posted by PandaBear
You can easily remove chips using special equipments (manufacturing do that for rework all the time, the ones I worked with usually rework up to 3 times and then throw it away if it is still bad).
Anything goes into the big cloud data centers (AWS, Azure, Google, etc) only comes out crushed and scraps into bits, nobody can bring any functional equipment out. There is no rework there, and no one will xacto knife a chip in a data center without testing it on the production line (you will damage a percentage of it, and fail down the road instead of immediately).


Understood that normally an entire board gets thrown away if diagnostics has a problem, fine, modular stuff.
In this particular case, there could be a circuit board mod you could make to restore the board to the original Silicon Valley design.
Remember, the Chinese spy agency created this add-on device, and depending on if it's wired in parallel or not, or can have it's power wire severed, a work procedure can return the board to normal operation.
Without removing thousands of servers. ... Whatever is cheaper really. Sounds like they put this on the cache memory lines with power & a serial port hook-up, or something similar.

It would be hard to sue SuperMicro I suppose, although they are ultimately responsible for not sampling and inspecting any stuff made in a hostile Chinese country.
No hardware conformance inspections done state-side? Sloppy. I guess that's normal for consumer-quality devices though. I'm accustomed to aerospace quality, which does get inspected if a supplier is not quite trusted.
 
Originally Posted by oil_film_movies

Understood that normally an entire board gets thrown away if diagnostics has a problem, fine, modular stuff.
In this particular case, there could be a circuit board mod you could make to restore the board to the original Silicon Valley design.
Remember, the Chinese spy agency created this add-on device, and depending on if it's wired in parallel or not, or can have it's power wire severed, a work procedure can return the board to normal operation.
Without removing thousands of servers. ... Whatever is cheaper really. Sounds like they put this on the cache memory lines with power & a serial port hook-up, or something similar.

It would be hard to sue SuperMicro I suppose, although they are ultimately responsible for not sampling and inspecting any stuff made in a hostile Chinese country.
No hardware conformance inspections done state-side? Sloppy. I guess that's normal for consumer-quality devices though. I'm accustomed to aerospace quality, which does get inspected if a supplier is not quite trusted.



Typically, servers are not installed one by one on a rack at customer site, you buy them from one contract manufacturer, tell them to send to the next, install it in a rack, run your test, then send the whole rack to your data center, then another contractor bolt it down wire it up etc. They are tested, you as a customer tell them to run your test, but you never tear down things to check if the test past. This is not transportation safety cutting tire to inspect, they are just equipment, that will die as a percentage in normal use, and typically a data center have 1.5% of its capacity down anyways.

No one get a security clearance to go into a data center to de solder a chip to save a few hundred bucks. That board (or SSD drive, or hard drive, etc) gets thrown away and warranty claimed filed, vendor paid for. IF THIS ARTICLE IS TRUE, this board gets thrown away, customer not satisfied but not warranty claim filed, they'll eat the cost (what is a few hundred bucks vs $10B a year in equipment anyways, AWS spend $1B in flash memory alone each year).

Just woke up today and realized this: they are probably talking about a SPI interface (boot rom, EFI BIOS, etc), and some "security expert" realized it is an article material talking about a SPY chip and now the whole world is on super micro's butt.

https://en.wikipedia.org/wiki/Serial_Peripheral_Interface

Yup, SPI, that thing you use to connect boot chip, SMBus, Bios, BMC, whatever you call it. Perfecto, we have an article.
 
Last edited:
You know, even though it sounds patently ridiculous, I am having hard time ruling out this SPI/SPY confusion completely. It seems more probable than not.
 
Last edited:
Originally Posted by Vikas
You know, even though it sounds patently ridiculous, I am having hard time ruling out this SPI/SPY confusion completely. It seems more probable than not.


Certainly possible, that's for sure. I'm keeping an eye on it to see if more information comes out that might perhaps add some much needed clarity.
 
I really don't wanna wade in these threads that are patently "Political" but somehow are allowed by management as long as the bent is right wing...
smile.gif
Firstly I'm not defending the PR Chinese here, they're led by an autocrat that has no term limit, something that hasn't happened since Chairman Mao died...

But, nonsense like this:

Originally Posted by maxdustington
China = 21st century evil empire.


I think it's pretty nauseating to call an entire people, "evil". The current leadership of China are ***** to be sure, but engaging is such demagoguery is destructive and just ignorant...

Quote
Instead of throwing aid at developing countries, they debt trap them.


Oh, lol, I guess 'Merica never "debt traps" countries nor leverages its holdings for economic gain. The PRC also gives OVER TWICE as much 'fer'in' aid as the US gives per captia/GNP.


Quote
As someone else mentioned, they are playing the long game while western governments fill their countries with immigrants, clamp down on free speech and put men in women's bathrooms.


"Long game" to what ends? China has vast problems and is already beginning to feel the crunch of post-industrialization. They have massive environmental problems and a young population that is agitating for change. The other historic, vaguely racist and homophobic nonsense you've posted I dunno even know how to react too other than have you considered therapy? Are these really issues in your life?

I'm pretty sure the US was a nation of immigrants and China has transsexuals too...
 
Last edited:
Hello Shannow, I think at the end of the day we actually agree more than disagree and I'd have a beer with you anytime...


As to my previous post, I would also add and forget that China also has a vast illegal immigration problem from North Korea. They also have their own ethnic/tribal squabbles...

As for the chip thing, there is something to it but it's overblown. If China can't manufacture a decent jet engine on their own, I doubt they can hijack everyone else's.. Just ask their Russian buddies still alternately angry and laughing hysterically at the theft of the SU-27/SU-33 fighter tech that was pirated into the Chinese J-15 carrier jet - an awful, under-powered boondoggle.....
 
And in what way will that effect you personally? Why do you think the US might be a Nazi continuum? That seems like another histrionic overreaction but whatever your opine. And I am not an 'Merican nationalist, but I do think the Chinese PRC gov't as saber rattling towards a Taiwan invasion and the self-appointment of Xi Jinping as essentially the new emperor are cause for concern. But I guess you're in Europe whereas those in places like Japan or South Korea may have different fears...
 
Status
Not open for further replies.
Back
Top