Supermicro server motherboards with hardware backdoor?

cb

What are you talking about??? The article talks about this. The schematic is not hard to obtain from the board itself. They know the general design because the boards are PC type servers. It would not be hard at all to fi nd the signals they want to intercept. Mods could be made at the Gerber le vel. They bribed and/or threatened factory personnel and there was no one to catch the change.

How would you know to look? Do you think they routinely inspect delivered hardware for hardware modifications???

is

Invisible??? A simple checksum will catch changes. There are many other m ethods as well. In fact, it was software that ultimately flagged the explo it. It's hard to hide from software.

ck

Oh ye of little understanding.

Rick C.

Yeah. At one time all in circuit test was done by overdriving outputs. Add a series resistor to the other source and it's a slam dunk.

Rick C.

What I don't understand is how the customized BMC code later communicates with the home base. I mean, nobody in their right mind would put the BMC on internet, wouldn't they?

Are they relying on stupid admins who configure NAT between their management network and internet??

Clifford Heath wrote in news:rb1uD.295652$tK2.24441 @fx42.iad:

They would not want it to be traceable in that manner, capice? It was done AT the contract manufacturing point... period. The only possible downstream accomplice might be the visual inspector for the mobo as it exits the reflow oven. After that all parties at the factory could be innocent and that makes it even more covert.

Adding an extra resistor would need one more board modification no? I drive SPI clock directly from for example a PIC output, the point being that to have that pullup power as you state, taken from the other SPI lines and !CE would be low, seems not possible to me, looking at that chip I see no big caps either.

It is different if they have power on that thing.

Yes.

Do you mean this rubbish?

You have a good imagination. Perhaps you might know what a "signal conditioner coupler" mentioned in the first paragraph might be? While you're working on that, perhaps you can also explain what an operating system core might be as in "...the microchip altered the operating

core memory?

Certainly they'll investigate. So will every other government agency and publicity hungry entity will conduct their own independent investigation. This was discovered by Amazon's outside security contractor something like 2 years ago. One might suspect that there are now a fair number of these chips floating around and that they have been rather thoroughly analyzed over the last 2 years. Oddly, I don't see any reports, photos, or info leaks. However, I'm sure they'll take their time releasing any real results, when they discover it's an SMD resistor network.

Is that like blame the victim? I would think that the average user might assume that an operating system update wouldn't erase all their data. Actually, that begs the question of what was Microsoft doing digging around in the users files anyway? Were they building a catalog of "interesting" files for the NSA? Why was this update so big when it only added a few new features: New spyware, err... telemetry perhaps?

Incidentally, MS has suspended the update and is investigating the problem. Pulling the plug 5 days after a huge number of rather serious complaints is what is now called "decisive action".

The first step to solving a problem really is to blame someone, but never blame the person in charge of fixing the problem. They might get angry and do nothing.

I have a simple method of dealing with such complainers. I construct a clone of their computer. I then push pins and needles into the motherboard until it exhibits erratic behavior. By sympathetic voodoo and quantum entanglement, your identical PC will exhibit identical problems.

For my former medical office customers, that was standard procedure. I also didn't install updates of any kind until after a suitable waiting period. However, for the typical small business and home user, I prefer image backups, which allows me to quickly restore literally everything. For backups between image backups, I just copy or rsync a few directories that I consider important to a local NAS (network attached storage) drive.

Trump doesn't say anything. He tweets.

Large PCB assembly shops do not do visual inspection for production boards. They use optical comparison equipment. Take a photo of a known working board and compare it with what comes out of the reflow oven. If a component is missing, backwards, sideways, or has been added, it will see the change, and flag the defective part. For smaller runs, a side by side optical comparator is sometimes used.

Like a previously mumbled, why would someone add a spy chip, which could be easily be seen, when adding additional instructions or microcode inside commodity chips, such as bi-directional bus controllers that can see and write to the entire 64 bit bus, would make more sense? Or, if it were so important to remote control the server, why not just design it into the original reference design instead of adding it as an afterthought?

Jeff Liebermann wrote in news: snipped-for-privacy@4ax.com:

Especially when the FIRST thing they are ALWAYS supposed to do is perform a backup. Yeah... you might get angry and... start blaming Microsoft for your missteps.

Jeff Liebermann wrote in news: snipped-for-privacy@4ax.com:

Yeah... mumbled is right.

Picture this. Your ideas would get caught right away. Ooops, failed idea.

This INSERTS the code, so goes undetected *until* implemented.

Jeff Liebermann wrote in news: snipped-for-privacy@4ax.com:

Because most of Supermicro's employees were legitimate folk.

At that frequency of "updates" I hear windows 10 is doing backing up a a few terabytes all the time sounds the practical thing to do, yeah.

Dimiter

====================================================== Dimiter Popoff, TGI

I wouldn't touch win 10 with yours, never mind my own. Completely untrustworthy if you value personal or even corporate privacy. Modern systems are getting so complex, who can verify what's been hidden in either the hardware or software ?.

This report has really been a wakeup call for me, even though it doesn't impact work here at all. Never even considered that substitute or added h/w might have been fitted, but state level actors have the resources to do just that. Where are most of the management engine cpus made, for example ?...

Chris

Embedded passives have been around for ages, so that's probably quite feasible.

Cheers

Phil Hobbs

Dimiter_Popoff wrote in news:ppapdd$s8$ snipped-for-privacy@dont-email.me:

The word for today is "Incremental"

No guarantees that it will get properly interpreted.

Still not convinced that it ws the update that caused it. Perhaps there was activity taking place during the update that should not have been.

I set all my machines to manual and update regularly with that being all that runs during the update.

Chris wrote in news:ppauu1$11ja$1 @gioia.aioe.org:

Ummm... the millions of folks using it. Particularly the pro installations.

Do you claim you can switch autoupdate on windows 10 and go manually? That would be news I suppose.

Millions or billions of users do not change the facts. Yes, millions are hooked and have no reasonable escape option, which is why windows 10 still has a market share - and why nobody cares to try to make something to replace it, because the effort looks (is) doomed.

Good luck with that, wading back through all the incrementals for system recovery. Sounds like seriously hard work for present day sysadmins :-)...

Chris

Microsoft doesn't have users. They have hostages.