China Adding Hardware Backdoors to Servers

>thehackernews.com/2018/10/china-spying-server-chips.html

Attached: chinaespionage.jpg (2040x1360, 100.98K)

Other urls found in this thread:

web.archive.org/web/20181004150521/https://www.bloomberg.com/news/features/2018-10-04/the-big-hack-how-china-used-a-tiny-chip-to-infiltrate-america-s-top-companies
seekingalpha.com/news/3395181-super-micro-minus-54_5-percent-supply-chain-sabotage-report
bloomberg.com/businessweek
breitbart.com/news/china-used-tiny-chips-on-us-computers-to-steal-secrets-report/
archive.fo/zRW8o
twitter.com/vicecanada/status/1042156417577365505
en.wikipedia.org/wiki/Semiconductor_device_fabrication
apple.com/newsroom/2018/10/what-businessweek-got-wrong-about-apple/
theregister.co.uk/2014/09/20/apples_warrant_canary_is_either_cockup_conspiracy_or_the_antigoogle_selling_point/
bloomberg.com/news/articles/2018-10-04/the-big-hack-amazon-apple-supermicro-and-beijing-respond
us-cert.gov/ncas/alerts/TA18-276B
linux-sunxi.org/Olimex
archive.is/https://www.bloomberg.com/news/features/2018-10-04/the-big-hack-how-china-used-a-tiny-chip-to-infiltrate-america-s-top-companies
twitter.com/SFWRedditVideos

Paywalled original sauce (most archive services, even bypasses for them, do not work on that kike site right now):
web.archive.org/web/20181004150521/https://www.bloomberg.com/news/features/2018-10-04/the-big-hack-how-china-used-a-tiny-chip-to-infiltrate-america-s-top-companies

Super Micro's key people are Taiwanese.


EXPECT ALMOST ALL SERVER HARDWARE MANUFACTURED FROM A FEW YEARS AGO TO NOW TO HAVE BOTNET CHIPS

We need to set up firewalls to filter out any inbound AND outbound traffic from and to China.

Well shit user after I filtered out all potential NSA and ChiCom traffic the whole fucking world has been cut off.

So much for RISC and Power9. Theyre all literally botnet now. The kikes always win.

Go to the fab and make sure they don't insert anything if it matters so much to you faggot. None of you actually care though.

What would happen if we break that damned chip, like melting it with a soldering tool?

Unless it has a dead man switch it will probably fix the problem.

Do you seriously expect such a well done op to send traffic right to chinese gov servers?


kys


It could remove the issue, it could brick the system completely, it could stop some things from working properly...
Depends a lot on how the whole thing was integrated, if it's tightly integrated a la management engine you're fucked.

The Jews lost. They were actually botneted by the Chinese.

Attached: -999x-999.gif (1000x1332 374.25 KB, 173.56K)

SUPERMICRO MARKET CAP DOWN 54%
seekingalpha.com/news/3395181-super-micro-minus-54_5-percent-supply-chain-sabotage-report

Fuck these guys, to think I own 4 SMI servers. I remember thinking how messed up the company must be when I called their offices back in the day and was answered in Chinese.

How much code can you fit on this?

Attached: 1426217369168.jpg (300x188, 17.37K)

...

Small is not a measurement.
What did the code do and was it written in Rust?

Has nothing to do with China. The overlord crime cartel just uses China as a straw-man to keep the public at bay, while they harvest all the information they want. Same surely happens all over the world and Xi Jinping got a lot richer in the process.

Probably well under 1kB. Rust is too bloated for such applications. MCU of that chip probably doesn't even have RAM so even C is out of the question (while in theory possible, nobody bothers and just writes everything in ASM).

bloomberg.com/businessweek

breitbart.com/news/china-used-tiny-chips-on-us-computers-to-steal-secrets-report/

archive.fo/zRW8o

Posting from my Huawei, I'm never gonna visit China so don't give a shit, everything is botnet whether from USA or China or eu, the only way to be free is to be offline

Attached: a1e.png (500x366, 131.8K)

Depends on it's capabilities, it was probably done in assembly.
Anyway this just reveals more the absurdity of spying agencies. They always give shit reasons like:
And then when all countries are involved it becomes a clusterfuck.
CIA, NSA, GCHQ, GDFPI, MSS and whatnot GTFO of our hardware
CIA, NSA, GCHQ, GDFPI, MSS and whatnot GTFO of our hardware!!!! REEEEEEEEEEEEEEEEEEE

nice trips

Attached: 3b92434f252604fe618adbf9dac3848bc57e886a975b5af3abee51b0eadc3a5d.gif.jpg (255x255, 10.45K)

SUREENDER NOTE FUCKING WHEN!
There is literally no way, I repeat ''NO WAY' to resist anymore. We're fucked forever.

Really I just want to know more about the chip itself.

Learn hardware and audit it.

IDGAF China is based

Attached: 1510674486577.jpg (249x243, 17.31K)

This. Chinese are based.
twitter.com/vicecanada/status/1042156417577365505

I route all my packets through an Amiga 2000/030 tbh fam. Chinese cianiggers btfo.

Attached: C128 and Amiga 2000.jpg (2124x1195, 389.36K)

I wonder who could be behind this post.

Attached: 4e9.jpg (501x585, 37.93K)

Thanks for confirming you know nothing about hardware design. It would be an ASIC, without a CPU.

There needs to be a more accurate description of how this thing works. Right now it sounds like it grabs a payload from another computer and shoves this into the OS kernel or boot loader. But what if you're using FDE (not common on servers, but you can do that on your home computer)? Or what if you just start your computer without any network device attached? Or, in the extreme paranoid case, what if you're routing your computer directly through a custom bus and protocol you rigged up on GPIO ports? Now this chip doesn't know wtf the environment is, because it's never been in it before (and its designers never imagined it). It can't go grab the payload, because there's no wifi, no ethernet, not even a serial port or CAN bus connected.

en.wikipedia.org/wiki/Semiconductor_device_fabrication
It could be an ASIC.


This.

Yeah I read that paragraph, but it doesn't give enough details for us to know exactly what level of countermeasures are needed to foil it. I tried to follow the link to bloomberg or whatever other site the article linked to, but their server told me my computer was generating malicious activity (I use the Links browser).

Was probably on the traces that run to the Ethernet controller and patched the firmware on boot.

Given that you can fit hundreds of millions of transistors per 1mm^2 with 14nm and modern NAND flash is stacked it could have a few hundred MBit of memory.

ROLF, EVEN APPLE SAYS BUSINESSWEEK IS WRONG
apple.com/newsroom/2018/10/what-businessweek-got-wrong-about-apple/

Copy paste mistake.
It should be

Apple's warrant canary was "changed" in 2014
theregister.co.uk/2014/09/20/apples_warrant_canary_is_either_cockup_conspiracy_or_the_antigoogle_selling_point/

...

Apple, Amazon, Supermicro and the Chinese Government are all denying it: bloomberg.com/news/articles/2018-10-04/the-big-hack-amazon-apple-supermicro-and-beijing-respond

Incidentally: Apple, Amazon, Supermicro and the Chinese Government are all filled to the brim with chinamen.

Cheap Chink tech is good, retard.

I have no evidence, but I think it's likely the companies involved would have been served NSLs since it's still an ongoing investigation.

Also, there's this: us-cert.gov/ncas/alerts/TA18-276B

The risk floppies.

I miss that damn game.

Yes, I agree. More to the point, the employees who are in the know are gagged and cannot tell other employees at the same company, particularly the PR department but possibly even their own bosses, what's going on. So the PR department didn't have to knowingly lie because they were deceived by people in the company who believed they had a legal and moral obligation to keep PR in the dark.

The entire western world allowed ALL of their computer manufacturing to end up in a nation state we/they are effectively on rocky terms with at the best of times... and now we are supposed to pretend to be surprised when something like this happens?

The chips were supposedly installed by agents of China's People's Liberation Army and apparently located during a security audit of servers sold by Elemental.


White House officials have made it clear they think companies will begin shifting their supply chains to other countries as a result. Such a shift might assuage officials who have been warning for years about the security of the supply chain—even though they’ve never disclosed a major reason for their concerns.

Considering the statements by Apple and Amazon, I have a hard time believing this is true unless they are just completely clueless or lying. They'd be facing some serious ethics/legal/shareholder action if they knowingly put out false statements.

If Bloomberg is wrong, they gonna go down

Of course, but why apple and Amazon?

Would their shares drop that much?

they were capable of doing two very important things: telling the device to communicate with one of several anonymous computers elsewhere on the internet that were loaded with more complex code; and preparing the device’s operating system to accept this new code. The illicit chips could do all this because they were connected to the baseboard management controller, a kind of superchip that administrators use to remotely log in to problematic servers, giving them access to the most sensitive code even on machines that have crashed or are turned off.

A BMC modification. Not good.

Looks like Trump was right about Apple building phones here

There may be a future market of electronics assembly of sensitive components in trusted countries(preferably your own)

Price will rise

More propaganda to get the proles ready for the inevitable police action in southeast Asia. Enjoy being drafted amerifats.

Interesting, it only has 3 pins, two have to draw power as well. Also that it is a independent chip and not a cpu die modification, pretty nice of them tbh. I wonder what bus it would sit on, most of them operate at a very high freq. Has anyone decapped the chip and got pics of the die? Are there any models that are known to have this chip? If it is reprogramable expect many other parties to make use of this backdoor.

Not to mention these guys will buy time to dump their stock before announcing it, only to not be covered by 99% of media. Can't have people worried about amazon and apple.

I already got plans in place. My blood isn't going to be used to fertilize a rice paddy.

"We are announcing that we have been storing all our users data, iTunes and App Store 3rd party IP, and our own sensitive IP, including technical designs and source code, on systems compromised by the Chinese government. Please don't rape our stock price."
t. Apple Inc

So the CIA niggers got out-CIA'd by chinks, huh. Either that or it was all orchestrated so the chinese could be a scapegoat

I just bought a Huawei Matebook X Pro the other week, it's very nice (3000x2000 pixel screen, good battery life, 4-core, 8GB RAM), but now I'm worried about built in backdoors aside from intel's ME.
Did I fuck up?

FUCK! SUPERMICRO IS CHINESE TOO?!
MY NAS IS SUPERMICRO!

never trust a heeb
never trust a chink
With capitalist outsourcing and globalization, nobody wins.
Historical evidence and analysis of the 1989 Tiananmen Square Protest should be included on the silkscreen of all PCBs from now on as an ideological weapon against chinkery.
CIDF and Blackpillanon have popped up in the thread too. Great.


quality high-magnesium post

>(((BMC)))
Out Of Band management was a mistake
management is always a mistake

...

China is fueled by Jews. Their new "host" has been carefully chosen. They won.

Attached: mao-and-his-jews.jpg (500x225, 30.9K)

These were the installed hardware backdoors that were found.

How many are undiscovered?


Over the decades, the security of the supply chain became an article of faith despite repeated warnings by Western officials. A belief formed that China was unlikely to jeopardize its position as workshop to the world by letting its spies meddle in its factories. That left the decision about where to build commercial systems resting largely on where capacity was greatest and cheapest. “You end up with a classic Satan’s bargain,” one former U.S. official says. “You can have less supply than you want and guarantee it’s secure, or you can have the supply you need, but there will be risk. Every organization has accepted the second proposition.”

In the three years since the briefing in McLean, no commercially viable way to detect attacks like the one on Supermicro’s motherboards has emerged—or has looked likely to emerge. Few companies have the resources of Apple and Amazon, and it took some luck even for them to spot the problem. “This stuff is at the cutting edge of the cutting edge, and there is no easy technological solution,” one of the people present in McLean says. “You have to invest in things that the world wants. You cannot invest in things that the world is not ready to accept yet.”

The Zucc marriage to the Chinese mafia don's daughter was the nail in the coffin tbh.
BYE BYE WEIMERICA!

It was too tempting


Did CIA spooks do this?

This will be Chins's claim if the chips are real

Never has this webm been more relevant.


In addition to this:
...both Apple and Amazon have a large number of chinamen working for them. Chinamen that are naturalized American citizens but which have relatives in China, and also Chinamen that are not American citizens at all.

It's very possible that these corporations have a bias towards protecting the reputation of the Chinese government. They could have Chinese employees conspiring to this end without the knowledge of non-Chinese employees who are socially conditioned to be offended by the thought of even considering the possibility (How dare you suggest that Chinese citizens may not be loyal to the strategic interests of America?! That's racist!)

Attached: Sam Hyde - The Chinese.webm (1280x720, 1.11M)

These are still American companies and not all the components are even from China. This is more likely a CIA false flag to "convince" Apple to start moving assembly over to the USA to carefully consider a closer audit of their security hardware in Americas interests. It's 4D Chess

Attached: hRHyYNh.jpg (480x270, 50.99K)

That doesn't even make any sense. Most hosting services are not located in China but in the USA and European Tax Havens like Scotland

Thanks for your input, but please read what this thread is actually about before commenting again.

I slightly misread what the original user said tbh

Now there's a thought.

Attached: 0aa76898ae2601668b1e77ac1f5587f4a4b9663556e5b2b414f1093e5dd6816c.jpg (850x637, 116.79K)

Commit homicide.

Mass shooter announces his plan for Asian genocide (TRIGGER WARNING)

This, once you get an NSL you say what the NSL tells you to say.

...if you're a faggot.

Do you doubt the faggotry of Apple and Amazon?

Attached: 3eff686fe52a838f91960e31e7d79a8d5e98a46cfd81af64c49313d9427e4d96.jpg (1280x720, 622.79K)

...

Attached: absolutely-civic.png (417x429, 349.2K)

So what is it about the obsession with tiannanmen? What's the end goal of spamming that? I can understand mentioning it to piss off the chinks from a thread, but do they even care? And if they get pissed off by it whats the point of reminding them that? To make them dive back further into the embrafe of the communist collective?

I wouldn't worry about it

Attached: .png (147x148, 4.98K)

fuck you cia nigger

There's this place in Bulgaria that has been making ARM boards for some time.
linux-sunxi.org/Olimex

I don't know anything about that model of phone, but it's not like there's a realistic option of buying an American made phone.

Even if you did the design yourself, who knows what gets added during fabrication. As Amazon and Apple found out.

六四天安门事件
1989年天安门广场大屠杀
1989年天安門廣場大屠殺

We do it for free.

Betcha $50 it was just two or three hardcoded exploits for the Intel ME.

Everything has happened once in China, it's 3 times the size of the USA. Who cares again?

fuck off moshe


Live in china? maybe
Don't? no


We don't. It is basically your cianiggers trying to rile up hatred against china by astroturfing.


nu-Zig Forums is CIA now. Did you think the chosen ones will not flood the board after it was discussed so much in mainstream?


Thanks. If you think about it China must be a technological genius to pull this off. Yet, everywhere we (((hear))) China is technologically inferior. Hmm. Sounds a lot like that baby-nazi narrative. Nazi's are powerless babies, yet they are doing super evil things. How?

Just buy stuffs from countries which don't have jurisdiction on where you live.

are you insane?

You're very likely right on the money. Exploits for the Intel ME would be far cheaper and achieve the same effects as inserting more hardware for surveillance purposes.

China already filters the shit out of the internet. Cutting china's network access to the internet wouldn't be a loss imo.

Attached: nixon.jpg (480x600, 45.93K)

you need to LARP harder

rm --no-preserve-root -rf /

>archive.is/https://www.bloomberg.com/news/features/2018-10-04/the-big-hack-how-china-used-a-tiny-chip-to-infiltrate-america-s-top-companies
fuck this gay earth

I wonder how free market idiots will defend this.

Don't like it? Don't buy it.

Obviously fascism is the answer to keeping production of mission critical infrastructure out of the hands of your communist enemies.

Yes, we should produce them locally in the USA just like (((intel))).

What's your argument? (((Intel))) produces their chips in China with Chinese labor under Chinese supervision.

Wrong. Majority of Intel fabs are in America.

(And the others are Europe and Israel)