Supermicro server motherboards with hardware backdoor?

Whether it turns out to be true or not, this will be the biggest security blockbuster of the decade.

Clifford Heath

Reply to
Clifford Heath
Loading thread data ...

Couple of articles in The Register as well. Have said for years that we should keep the Chinese at arms length for hi tech, as even if they are not stealing the ip, they have more than enough reason to subvert the designs for their own good and the intellect to implement it. All good and furry on the outside, cheap manufacturing etc, but an undemocratic police state at core, with an expansionist agenda.

More than ever, nations progress through advances in the sciences and technology and it should be considered a national security asset. Don't need a tinfoil hat to see that...

Chris

Reply to
Chris

I hate those white on black web sites. I won't be able to see for a while. Otherwise a great article. Doh, I could have used the reader view button!

Rick C.

Reply to
gnuarm.deletethisbit

This is my analysis:

formatting link

Theo

Reply to
Theo Markettos

Thanks for that write-up, but why do you find it more feasible that the firmware's being fetched across the network than that the interceptor chip simply has 32Mb of flash on it? It seems like that additional network traffic at boot time would be a pretty recognizable signature.

--
Rob Gaddi, Highland Technology -- www.highlandtechnology.com 
Email address domain is currently out of order.  See above to fix.
Reply to
Rob Gaddi

It is possible that the implant is simply replacing the existing QSPI flash, but then a firmware update would either replace it, or the update checksum would fail. So it has to be something that keeps the original flash functioning and tampers with it conditionally.

A regular SPI flash chip couldn't that. A very basic flash edit (overdrive the real data lines and force some bytes of config settings) could be done in a CPLD - I didn't check what die sizes vendors have, but they can be small. An FPGA would likely be too big.

A full custom chip is also feasible, but in another league in terms of costs.

Theo

Reply to
Theo

:

sh,

m

ve

e

It's a bit pedantic, but your distinction between CPLD and FPGA is not vali d, in fact there are very few CPLDs left on the market because they are not very competitive with FPGAs even on die size. Both types of devices waste a lot of real estate. CPLDs use large arrays to implement the local inter connect with a complete matrix. Larger CPLDs become disproportionately lar ge.

FPGAs use a mix of interconnect to try to find an optimal solution to the i nterconnect problem, but it is a somewhat intractable problem so a lot of r eal estate is still wasted trying to provide speed optimal solutions. All in all even in smaller PLD designs the FPGA architecture is usually used. There are several FPGAs with only 256 LUT-FFS in the chip and are very smal l sizes. They are always size limited by the need for I/O pads.

In this case, a 6 pin package with at most 4 I/Os, an FPGA could be built t hat was very small indeed, but still very functional.

Still, I expect it is a fully custom chip with an MCU, neither FPGA or CPLD . Did I miss something in the article?

BTW, if the chip has sufficient internal capacitance, it is possible to hav e five I/Os by scavenging power from the I/Os.

Rick C.

Reply to
gnuarm.deletethisbit

One article I read suggested that such a device would not even need to be visible on the board, but could mounted on one of the internal pcb layers.

Perhaps they already are, but companies need to be very wary of what they farm out for manufacturing overseas, especially considering that state level actors have essentially unlimited resources to engineer and hide such hardware hacks...

Chris

Chris

Reply to
Chris

That was the original Bloomberg article. Down the bottom it said that this had already happened. It seems like something that would need substantial modifications to any existing PCB production tooling, so would be hard to do covertly.

Clifford Heath.

Reply to
Clifford Heath

Modifying the hardware is virtually imposssible. You need the schematic, the pcb layout tools, a vendor who can duplicate the original pcb process, and a way to get the modified board into the process stream undetected.

Any hardware change can easily be detected. Take a photo of a known good board and a suspect board. Subtract them. Any differences would be instantly visible. Do the same with X-Rays. That would capture any changes to the internal layers.

It is far easier to do it in software. Modify the firmware so the change is invisible. There are virtually an infinite number of ways to do it. Untraceable, so no one can tell where it occurred in the process stream. Selective, so you can turn it on only when a desired target is found.

Someone is running a clickbait article. The whole idea of a hardware attack is not worth reading.

Reply to
Steve Wilson

Steve, have you even read the article?

The device just needs to feed the BMC customised code over SPI. Six pins on an EEPROM would do it, or a chip that sits between the code EEPROM and modifies the SPI data.

Supermicro's San Jose design facility is full of Chinese, some of whom speak no English, just Mandarin. Of course the hack was a software hack; put there in the schematic and PCB layout by one of those designers. Or added to the Gerbers in the factory by someone who had access to the schematic and layout and knew where to cut and paste.

Neither of those things is implausible for a nation-state capability that has agents working for the company.

In any case, that wasn't the subject I was responding to.

Chris said he'd read about the malware chip being inserted in between PCB layers during fab. I don't think there's anything in normal PCB fab that would make that feasible.

Clifford Heath.

Reply to
Clifford Heath

Thanks. Nicely thought out blog article. I agree that putting the chip on the SPI bus would be the ideal location. I might add that is would be possible to add microcode instructions to the CPU via the SPI bus (depending on how the added chip is wired into the system).

Some deficiencies and unanswered questions in the original Bloomberg article:

  1. Since Bloomberg apparently has possession of several of these mystery chips, why haven't anyone done an autopsy or xray analysis on what's inside? From the few photos, it looks like a resistor network.
  2. If I wanted to compromise a server, it would much easier to add a few more undocumented instructions to an existing chip, such as a bus controller (which sees the entire data bus), than to add a new device that might be detected by the production equipment that uses optical comparators to detect missing, backwards, and misaligned components. A white alumina or porcelain chip, among the usual brown ceramic chips, would be easily visible.
  3. The photos of the mystery chip seems a little odd: The solder pads on the sides of the chip look slightly oxidized and do not look like anything that has been unsoldered by a hot air SMT desoldering station, where the solder would be shiny and tends to collect near the PCB side of the chip.
  4. What is a "signal conditioning coupler"?

  1. With a PCB and chip in Bloomberg's possession, it would be fairly easy to determine how it was connected into the server. This should have been done before announcing to the world that they had discovered a spy chip, rather than discovering a capacitor or termination resistor.

  2. There seems to be nearly zero demonstratable information on how the chip could actually do something useful. Plenty of theoretical possibilities, but nothing that an SPI or serial bus analyzer couldn't handle.

etc...

Not currently having the answers to these questions doesn't bother me. The lack of anyone close to the source actually bothering to answer them does bother me.

Sorry to be so vague but I've had a rotten day dealing with Microsoft's October 2018 Windoze 10 update destroying customer data. This has not been a good day.

--
Jeff Liebermann     jeffl@cruzio.com 
150 Felker St #D    http://www.LearnByDestroying.com 
 Click to see the full signature
Reply to
Jeff Liebermann

They don't claim that, and we don't know it. The motherboard photos could have been sent by their inside source. It would have been much more risky to provide a whole MB to Bloomberg. The chip photos are probably something off Digikey.

If they don't have the board or chips, the rest of your questions don't matter.

Clifford Heath.

Reply to
Clifford Heath

Good point. If they don't have physical possession of a working chip and/or motherboard, then that's the end of the physical evidence making literally everything written so far no better than speculation.

Incidentally, the photo of the chip and the finger look edited: At that level of magnifications, the ridges of the finger and the nail show substantial levels of dirt, cuts, and irregularities. Most peoples palm and back of the hand are different colors. To produce a perfectly rounded edge view, clean nails, clean ridges, an uniform color requires considerable photo editing. Since the chip seems to be back lighted, while the finger is lighted most from the right side, I would guess that the chip was added to the finger photo. Looking again at the solder plate on the chip, I'm sure it's never been attached to a PCB.

Fake news? I think so.

--
Jeff Liebermann     jeffl@cruzio.com 
150 Felker St #D    http://www.LearnByDestroying.com 
 Click to see the full signature
Reply to
Jeff Liebermann

He has a good analysis IMNSHO. Sure hand anything to the press, especially the biased press, and it will publish that. The whole issue here is to get the reality show manager re-elected, mid-terms are knocking on the door, keep republicans in power, create a common enemy, standard stuff. Truth and 'tronics has little to do with it.

Any kid can make up this story.

Maybe that 'chip dot' is just flee poop, like the rest of what the reality lost show manager does. And as significant as that.

At the same time companies like Apple may hand all user data to China, they only have to ask for it.. Money, sales, profit is the law. Snake oil is the trade. :-) Oh well... remember in the last cold war how Russia was accused of spying on every one... Now US does it as one bigger number.

And there is nothing to know really, of value, that China does not already have, or can do better. That includes running a country.

Reply to
<698839253X6D445TD

Yes, why do they not show a circuit diagram? Board layout? Power is indeed an issue, pulldown could be done that way, but force a SPI line up?

Reply to
<698839253X6D445TD

Clifford Heath wrote in news:VpVtD.128717$SN2.9245 @fx38.iad:

Nope. The design engineers for Supermicro are in the US.

It may have been as simple as cutting and scraping clean pad areas on a single trace and adding the part to the trace lead. It was done at the manufacturing facility.

Reply to
DecadentLinuxUserNumeroUno

Jeff Liebermann wrote in news: snipped-for-privacy@4ax.com:

Did you even read the article? Did you not see the picture of what the chip contained?

And I am quite sure that the DoD's investigation into it was much more comprehensive than a news agency's most elite hardware nerd.

Reply to
DecadentLinuxUserNumeroUno

Jeff Liebermann wrote in news: snipped-for-privacy@4ax.com:

Bullshit. Operator error. Always backup first for one thing, and I still think you did something to cause the loss. And you do not have an instantaneous mirror on another machine for their data?

Sounds like something Trump would say.

Reply to
DecadentLinuxUserNumeroUno

the

r

onal

e.

lash

be

f

types

CPLDs

256

ze

Not so much. An IC package is rather big and hard to insert, but the IC di e can be very thin and barely make a difference. Think COB.

Rick C.

Reply to
gnuarm.deletethisbit

ElectronDepot website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.