Supermicro server motherboards with hardware backdoor?

Started by Clifford Heath October 4, 2018
Whether it turns out to be true or not, this will be the biggest 
security blockbuster of the decade.

<https://www.bloomberg.com/news/features/2018-10-04/the-big-hack-how-china-used-a-tiny-chip-to-infiltrate-america-s-top-companies>

Clifford Heath
On 10/05/18 00:29, Clifford Heath wrote:
> Whether it turns out to be true or not, this will be the biggest > security blockbuster of the decade. > > <https://www.bloomberg.com/news/features/2018-10-04/the-big-hack-how-china-
used-a-tiny-chip-to-infiltrate-america-s-top-companies>
> > > Clifford Heath
Couple of articles in The Register as well. Have said for years that we should keep the Chinese at arms length for hi tech, as even if they are not stealing the ip, they have more than enough reason to subvert the designs for their own good and the intellect to implement it. All good and furry on the outside, cheap manufacturing etc, but an undemocratic police state at core, with an expansionist agenda. More than ever, nations progress through advances in the sciences and technology and it should be considered a national security asset. Don't need a tinfoil hat to see that... Chris
On Thursday, October 4, 2018 at 7:30:02 PM UTC-4, Clifford Heath wrote:
> Whether it turns out to be true or not, this will be the biggest > security blockbuster of the decade. > >
<https://www.bloomberg.com/news/features/2018-10-04/the-big-hack-how-china-used-a-tiny-chip-to-infiltrate-america-s-top-companies>
> > Clifford Heath
I hate those white on black web sites. I won't be able to see for a while. Otherwise a great article. Doh, I could have used the reader view button! Rick C.
On a sunny day (Fri, 5 Oct 2018 09:29:55 +1000) it happened Clifford Heath
<no.spam@please.net> wrote in <WnxtD.55769$6y.40842@fx09.iad>:

>Whether it turns out to be true or not, this will be the biggest >security blockbuster of the decade. > ><https://www.bloomberg.com/news/features/2018-10-04/the-big-hack-how-china-used-a-tiny-chip-to-infiltrate-america-s-top-companies >> > >Clifford Heath
Talk about politics, the news is full of 'China has done it' 'Russia has done it', all fake news originating from trumpesite infiltrated organizations. Same here, Netherlands, gov echoing 'Russia bad ', in the mean time the international court of justice in The Hague here is threatened by the war mongering US as it it ordered that same US to end sanctions against Iran, US industry and consumers are paying more an more for their home appliances and fuel, large parts of US industry suffer under the tariffs imposed by that clueless reality show host posing as 'president', and microsoft spy software is forced upon hardware sellers with modified BIOSes so it won't run anything else, every Intel processor if full of security holes, same for the what's it on board chips. Spy satellites look at what is on your plate, everything is listened to and recorded by same US and there slave states, I wanted to write to nl.politics where are we now, let's make our own nukes and take over that silly club there in N America, let's be great again. Days of Piet Hein https://en.wikipedia.org/wiki/Piet_Pieterszoon_Hein Don't be a US slave. Respect Russia and China. STAND UP! pussies hehe
On 05.10.2018 10:27, Jan Panteltje wrote:
> On a sunny day (Fri, 5 Oct 2018 09:29:55 +1000) it happened Clifford Heath > <no.spam@please.net> wrote in <WnxtD.55769$6y.40842@fx09.iad>: > >> Whether it turns out to be true or not, this will be the biggest >> security blockbuster of the decade. >> >>
<https://www.bloomberg.com/news/features/2018-10-04/the-big-hack-how-china-used-a-tiny-chip-to-infiltrate-america-s-top-companies
>>> >> >> Clifford Heath > > Talk about politics, the news is full of 'China has done it' > 'Russia has done it', all fake news originating from trumpesite infiltrated
organizations.
> Same here, Netherlands, gov echoing 'Russia bad ', > in the mean time the international court of justice in The Hague here is
threatened by the war mongering US
> as it it ordered that same US to end sanctions against Iran, > US industry and consumers are paying more an more for their home appliances and
fuel,
> large parts of US industry suffer under the tariffs imposed by that clueless
reality show host posing as 'president',
> and microsoft spy software is forced upon hardware sellers with modified BIOSes so
it won't run anything else,
> every Intel processor if full of security holes, same for the what's it on board
chips.
> Spy satellites look at what is on your plate, everything is listened to and
recorded by same US and there slave states,
> I wanted to write to nl.politics where are we now, let's make our own nukes and
take over that silly club there in N America,
> let's be great again. > Days of Piet Hein > https://en.wikipedia.org/wiki/Piet_Pieterszoon_Hein > > Don't be a US slave. > > Respect Russia and China. > STAND UP! > > pussies > hehe >
It's interesting how a lot of political discussions are poorly understood psychology in a nutshell. Presumably, you feel insecure because of the world politics, and you want nukes. But suppose you had nukes. Would that make you feel more secure? I believe, that if the problem lies in some kind of a shared feeling of insecurity, then we don't need more nukes. We need more art, more culture, more things which make us happier. Gene.
On a sunny day (Fri, 5 Oct 2018 11:12:22 +0300) it happened Gene Filatov
<evgeny.filatov@ieee.org> wrote in <I1FtD.273300$Vl2.204335@fx46.iad>:

>On 05.10.2018 10:27, Jan Panteltje wrote: >> On a sunny day (Fri, 5 Oct 2018 09:29:55 +1000) it happened Clifford Heath >> <no.spam@please.net> wrote in <WnxtD.55769$6y.40842@fx09.iad>: >> >>> Whether it turns out to be true or not, this will be the biggest >>> security blockbuster of the decade. >>> >>> >>>
<https://www.bloomberg.com/news/features/2018-10-04/the-big-hack-how-china-used-a-tiny-chip-to-infiltrate-america-s-top-companies
>>>> >>> >>> Clifford Heath >> >> Talk about politics, the news is full of 'China has done it' >> 'Russia has done it', all fake news originating from trumpesite infiltrated
organizations.
>> Same here, Netherlands, gov echoing 'Russia bad ', >> in the mean time the international court of justice in The Hague here is
threatened by the war mongering US
>> as it it ordered that same US to end sanctions against Iran, >> US industry and consumers are paying more an more for their home appliances and
fuel,
>> large parts of US industry suffer under the tariffs imposed by that clueless
reality show host posing as 'president',
>> and microsoft spy software is forced upon hardware sellers with modified BIOSes
so it won't run anything else,
>> every Intel processor if full of security holes, same for the what's it on board
chips.
>> Spy satellites look at what is on your plate, everything is listened to and
recorded by same US and there slave states,
>> I wanted to write to nl.politics where are we now, let's make our own nukes and
take over that silly club there in N America,
>> let's be great again. >> Days of Piet Hein >> https://en.wikipedia.org/wiki/Piet_Pieterszoon_Hein >> >> Don't be a US slave. >> >> Respect Russia and China. >> STAND UP! >> >> pussies >> hehe >> > > >It's interesting how a lot of political discussions are poorly >understood psychology in a nutshell. > >Presumably, you feel insecure because of the world politics, and you >want nukes. But suppose you had nukes. Would that make you feel more secure? > >I believe, that if the problem lies in some kind of a shared feeling of >insecurity, then we don't need more nukes. We need more art, more >culture, more things which make us happier. > >Gene.
Personally I believe in the right of the strongest [1]. US falling victim to decadence and stupidity snake oil, racism, climate change, the list is endless. [1] That includes intellect to defeat the competition in evolution. Empires are being digged up and people wonder why those ended. Same will happen in N 'merrica. Already it is falling apart internally, all it takes is to march in there and free the people.
In comp.arch.embedded Clifford Heath <no.spam@please.net> wrote:
> Whether it turns out to be true or not, this will be the biggest > security blockbuster of the decade. > >
<https://www.bloomberg.com/news/features/2018-10-04/the-big-hack-how-china-used-a-tiny-chip-to-infiltrate-america-s-top-companies> This is my analysis: https://www.lightbluetouchpaper.org/2018/10/05/making-sense-of-the-supermicro-motherboard-attack/ Theo
On 10/05/2018 08:28 AM, Theo Markettos wrote:
> In comp.arch.embedded Clifford Heath <no.spam@please.net> wrote: >> Whether it turns out to be true or not, this will be the biggest >> security blockbuster of the decade. >> >>
<https://www.bloomberg.com/news/features/2018-10-04/the-big-hack-how-china-used-a-tiny-chip-to-infiltrate-america-s-top-companies>
> > This is my analysis: >
https://www.lightbluetouchpaper.org/2018/10/05/making-sense-of-the-supermicro-motherboard-attack/
> > Theo >
Thanks for that write-up, but why do you find it more feasible that the firmware's being fetched across the network than that the interceptor chip simply has 32Mb of flash on it? It seems like that additional network traffic at boot time would be a pretty recognizable signature. -- Rob Gaddi, Highland Technology -- www.highlandtechnology.com Email address domain is currently out of order. See above to fix.
In comp.arch.embedded Rob Gaddi <rgaddi@highlandtechnology.invalid> wrote:
> Thanks for that write-up, but why do you find it more feasible that the > firmware's being fetched across the network than that the interceptor > chip simply has 32Mb of flash on it? It seems like that additional > network traffic at boot time would be a pretty recognizable signature.
It is possible that the implant is simply replacing the existing QSPI flash, but then a firmware update would either replace it, or the update checksum would fail. So it has to be something that keeps the original flash functioning and tampers with it conditionally. A regular SPI flash chip couldn't that. A very basic flash edit (overdrive the real data lines and force some bytes of config settings) could be done in a CPLD - I didn't check what die sizes vendors have, but they can be small. An FPGA would likely be too big. A full custom chip is also feasible, but in another league in terms of costs. Theo
On Friday, October 5, 2018 at 3:59:58 PM UTC-4, Theo wrote:
> In comp.arch.embedded Rob Gaddi <rgaddi@highlandtechnology.invalid> wrote: > > Thanks for that write-up, but why do you find it more feasible that the > > firmware's being fetched across the network than that the interceptor > > chip simply has 32Mb of flash on it? It seems like that additional > > network traffic at boot time would be a pretty recognizable signature. > > It is possible that the implant is simply replacing the existing QSPI flash, > but then a firmware update would either replace it, or the update checksum > would fail. So it has to be something that keeps the original flash > functioning and tampers with it conditionally. > > A regular SPI flash chip couldn't that. A very basic flash edit (overdrive > the real data lines and force some bytes of config settings) could be done > in a CPLD - I didn't check what die sizes vendors have, but they can be > small. An FPGA would likely be too big. > > A full custom chip is also feasible, but in another league in terms of > costs.
It's a bit pedantic, but your distinction between CPLD and FPGA is not valid, in fact there are very few CPLDs left on the market because they are not very competitive with FPGAs even on die size. Both types of devices waste a lot of real estate. CPLDs use large arrays to implement the local interconnect with a complete matrix. Larger CPLDs become disproportionately large. FPGAs use a mix of interconnect to try to find an optimal solution to the interconnect problem, but it is a somewhat intractable problem so a lot of real estate is still wasted trying to provide speed optimal solutions. All in all even in smaller PLD designs the FPGA architecture is usually used. There are several FPGAs with only 256 LUT-FFS in the chip and are very small sizes. They are always size limited by the need for I/O pads. In this case, a 6 pin package with at most 4 I/Os, an FPGA could be built that was very small indeed, but still very functional. Still, I expect it is a fully custom chip with an MCU, neither FPGA or CPLD. Did I miss something in the article? BTW, if the chip has sufficient internal capacitance, it is possible to have five I/Os by scavenging power from the I/Os. Rick C.