By: Brett (ggtgp.delete@this.yahoo.com), October 4, 2018 11:52 am
Room: Moderated Discussions
Maynard Handley (name99.delete@this.name99.org) on October 4, 2018 12:08 pm wrote:
> Brett (ggtgp.delete@this.yahoo.com) on October 4, 2018 11:52 am wrote:
> > Gabriele Svelto (gabriele.svelto.delete@this.gmail.com) on October 4, 2018 11:32 am wrote:
> > > dmcq (dmcq.delete@this.fano.co.uk) on October 4, 2018 10:31 am wrote:
> > > > The story does smell a bit as far as I'm concerned. Too many people monitor their internet traffic for
> > > > this sort of thing to remain hidden for very long, and the possible economic negatives are just too
> > > > great. There's far easier and more deniable ways of doing it. Unless one is Putin and wants people to
> > > > know they should be scared you try to cover your tracks. If anything like this happened people will
> > > > soon find a way of identifying the compromised boards and show them generally. It is about possible
> > > > to make something that small but they would also need to reroute a bit to get the right tracks.
> > > >
> > > > Count me as somebody who needs a lot more evidence.
> > >
> > > And yet both Google and Facebook have established their own
> > > RoT in servers because they didn't trust the hardware.
> >
> > Go back 5 years and the Snowden files prove the US has been putting hardware back
> > doors in Cisco equipment used in China and Russia. This is tit for tat hacking.
> > https://www.computerweekly.com/news/2240185964/US-repeatedly-hacked-China-claims-NSA-whistleblower
> >
> > The easily hacked management hardware that bypasses the CPU in Dell/Intel servers is another
> > example. One wonders if the NSA was involved with that, which is my expectation.
> >
> > This is part of why Google, Facebook and Apple all make their own servers
> > and network equipment. None of the equipment you buy can be trusted.
> >
>
> No-one is denying that the PRC engages in cyber-espionage (just like Russia, just like the US).
> What is being denied is the precise details of the Bloomberg story, that a physical device (a
> "chip") of certain character was placed on multiple boards with the capability of doing certain
> things. THAT is the part that looks like "stupid people trying to write technolingo".
> There are too many details that seem to make no sense --- for example this device
> is tiny, right, "grain of rice". So how do data and power get to it? Microbumps? But
> then where exactly does it sit, because microbumps are going to require something
> bizarre like peeling the ceramic off the CPU. And that's not going to stand out?
>
> "This happened at a crucial moment, as small bits of the operating system were being stored
> in the board’s temporary memory en route to the server’s central processor, the CPU."
>
> So what, it's sitting on the traces between the DRAMs and the CPU? And what? Injecting
> enough current into those traces to rewrite the signal? Using what power?
Any chip hooked to the PCI bus or even off the south bridge can read and write all memory bypassing the MMU. All that is needed is a tiny ARM chip that mostly sleeps and occasionally writes to the network chip to phone home with critical info that can be used to hack the main CPU, or installs a backdoor in the main OS.
The boards are made in China, so it is easy for China’s government to respin the board with an extra innocent looking spec hooked to the PCI bus.
> Or
> "The illicit chips could do all this because they were connected to the baseboard management controller"
>
> So what is it? Where exactly WERE they connected? To the CPU? the DRAM? the BMC?
>
> Brett (ggtgp.delete@this.yahoo.com) on October 4, 2018 11:52 am wrote:
> > Gabriele Svelto (gabriele.svelto.delete@this.gmail.com) on October 4, 2018 11:32 am wrote:
> > > dmcq (dmcq.delete@this.fano.co.uk) on October 4, 2018 10:31 am wrote:
> > > > The story does smell a bit as far as I'm concerned. Too many people monitor their internet traffic for
> > > > this sort of thing to remain hidden for very long, and the possible economic negatives are just too
> > > > great. There's far easier and more deniable ways of doing it. Unless one is Putin and wants people to
> > > > know they should be scared you try to cover your tracks. If anything like this happened people will
> > > > soon find a way of identifying the compromised boards and show them generally. It is about possible
> > > > to make something that small but they would also need to reroute a bit to get the right tracks.
> > > >
> > > > Count me as somebody who needs a lot more evidence.
> > >
> > > And yet both Google and Facebook have established their own
> > > RoT in servers because they didn't trust the hardware.
> >
> > Go back 5 years and the Snowden files prove the US has been putting hardware back
> > doors in Cisco equipment used in China and Russia. This is tit for tat hacking.
> > https://www.computerweekly.com/news/2240185964/US-repeatedly-hacked-China-claims-NSA-whistleblower
> >
> > The easily hacked management hardware that bypasses the CPU in Dell/Intel servers is another
> > example. One wonders if the NSA was involved with that, which is my expectation.
> >
> > This is part of why Google, Facebook and Apple all make their own servers
> > and network equipment. None of the equipment you buy can be trusted.
> >
>
> No-one is denying that the PRC engages in cyber-espionage (just like Russia, just like the US).
> What is being denied is the precise details of the Bloomberg story, that a physical device (a
> "chip") of certain character was placed on multiple boards with the capability of doing certain
> things. THAT is the part that looks like "stupid people trying to write technolingo".
> There are too many details that seem to make no sense --- for example this device
> is tiny, right, "grain of rice". So how do data and power get to it? Microbumps? But
> then where exactly does it sit, because microbumps are going to require something
> bizarre like peeling the ceramic off the CPU. And that's not going to stand out?
>
> "This happened at a crucial moment, as small bits of the operating system were being stored
> in the board’s temporary memory en route to the server’s central processor, the CPU."
>
> So what, it's sitting on the traces between the DRAMs and the CPU? And what? Injecting
> enough current into those traces to rewrite the signal? Using what power?
Any chip hooked to the PCI bus or even off the south bridge can read and write all memory bypassing the MMU. All that is needed is a tiny ARM chip that mostly sleeps and occasionally writes to the network chip to phone home with critical info that can be used to hack the main CPU, or installs a backdoor in the main OS.
The boards are made in China, so it is easy for China’s government to respin the board with an extra innocent looking spec hooked to the PCI bus.
> Or
> "The illicit chips could do all this because they were connected to the baseboard management controller"
>
> So what is it? Where exactly WERE they connected? To the CPU? the DRAM? the BMC?
>
Topic | Posted By | Date |
---|---|---|
Supply chains and trust | David Kanter | 2018/10/04 07:23 AM |
Supply chains and trust | Maynard Handley | 2018/10/04 08:57 AM |
Supply chains and trust | Maynard Handley | 2018/10/04 09:01 AM |
Supply chains and trust | wumpus | 2018/10/04 03:35 PM |
Supply chains and trust | Robert Williams | 2018/10/08 05:30 PM |
Supply chains and trust | Maynard Handley | 2018/10/08 06:21 PM |
Supply chains and trust | Robert Williams | 2018/10/09 08:03 AM |
Supply chains and trust | Robert Williams | 2018/10/09 08:08 AM |
Supply chains and trust | Maynard Handley | 2018/10/09 08:27 AM |
Supply chains and trust | dmcq | 2018/10/04 09:31 AM |
Supply chains and trust | Gabriele Svelto | 2018/10/04 10:32 AM |
Supply chains and trust | Brett | 2018/10/04 10:52 AM |
Supply chains and trust | Maynard Handley | 2018/10/04 11:08 AM |
Supply chains and trust | Adrian | 2018/10/04 11:36 AM |
Supply chains and trust | Maynard Handley | 2018/10/04 11:51 AM |
Supply chains and trust | Rob Thorpe | 2018/10/04 12:09 PM |
Supply chains and trust | David Hess | 2018/10/04 11:38 AM |
Supply chains and trust | Brett | 2018/10/04 11:52 AM |
Supply chains and trust | Doug S | 2018/10/04 12:33 PM |
Supply chains and trust | David Hess | 2018/10/04 11:09 AM |
Supply chains and trust | David Hess | 2018/10/04 11:03 AM |
Supply chains and trust | Doug S | 2018/10/04 12:45 PM |
Supply chains and trust | Gabriele Svelto | 2018/10/05 12:53 AM |
Supply chains and trust | dmcq | 2018/10/05 02:51 AM |
Supply chains and trust | Gabriele Svelto | 2018/10/05 03:34 AM |
Supply chains and trust | Doug S | 2018/10/05 11:46 AM |
Supply chains and trust | Gabriele Svelto | 2018/10/06 01:59 PM |
Supply chains and trust | David Hess | 2018/10/06 03:12 PM |
Supply chains and trust | J | 2018/10/04 09:24 PM |
Supply chains and trust | Andrew Clough | 2018/10/05 05:38 AM |
Supply chains and trust | David Hess | 2018/10/06 03:16 PM |
Supply chains and trust | Maxwell | 2018/10/06 03:37 PM |
Hit job on Super Micro? | Maxwell | 2018/10/04 09:46 PM |
Hit job on Super Micro? | Brett | 2018/10/04 11:55 PM |
Hit job on Super Micro? | David Hess | 2018/10/06 03:15 PM |
Supply chains and trust | Kevin G | 2018/10/04 12:47 PM |
Raptor Engineering's Raptor | Gabriele Svelto | 2018/10/05 03:42 AM |
Supply chains and trust | Groo | 2018/10/06 05:49 AM |
Supply chains and trust | David Kanter | 2018/10/06 08:04 AM |
Supply chains and trust | Groo | 2018/10/06 02:42 PM |
Supply chains and trust | David Kanter | 2018/10/06 02:46 PM |
SuperMicro boards are not made in USA | Adrian | 2018/10/06 11:08 PM |
SuperMicro boards are not made in USA | Adrian | 2018/10/06 11:28 PM |
Supply chains and trust | juanrga | 2018/10/07 06:12 AM |
Supply chains and trust | David Hess | 2018/10/06 03:24 PM |
Supply chains and trust | Wes Felter | 2018/10/07 02:35 PM |
What did the BOM entry look like? | Mark Roulo | 2018/10/04 01:21 PM |
Supply chains and trust | Maynard Handley | 2018/10/04 03:01 PM |
Supply chains and trust | dmcq | 2018/10/05 12:27 AM |
Here's what I think happened | Doug S | 2018/10/05 11:56 AM |
Here's what I think happened | Brett | 2018/10/05 03:17 PM |
FBI wants to be your first contact | ex-apple | 2018/10/05 03:41 PM |
Here's what I think happened | Doug S | 2018/10/05 09:59 PM |
Why call CIA? | David Kanter | 2018/10/06 08:01 AM |
Why call CIA? | Doug S | 2018/10/06 08:33 AM |
Why call CIA? | David Kanter | 2018/10/06 02:43 PM |
Here's what I think happened | Maynard Handley | 2018/10/05 03:23 PM |
Here's what I think happened | dmcq | 2018/10/06 03:52 AM |
Supply chains and trust | David Hess | 2018/10/06 03:34 PM |
Supply chains and trust | Groo | 2018/10/06 06:01 AM |
Supply chains and trust | etudiant | 2018/10/07 03:36 AM |