Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Fri 15 Nov 2019, 06:23
All times are UTC - 4
 Forum index » Off-Topic Area » Security
Hardware hack hit Supermicro motherboards?
Post new topic   Reply to topic View previous topic :: View next topic
Page 1 of 1 [4 Posts]  
Author Message
prehistoric


Joined: 23 Oct 2007
Posts: 1747

PostPosted: Thu 04 Oct 2018, 10:25    Post subject:  Hardware hack hit Supermicro motherboards?
Subject description: Wonder why lots of Supermicro boards showed up surplus?
 

This article finally explains why a large number of perfectly good Supermicro motherboards suddenly showed up on surplus markets two years ago.

A great deal has been left out for various reasons, but I can deduce a little more. The tiny size of these chips and the small number of leads means they were not handling the main computing tasks. They were on a much lower bandwidth control circuit.

These chips could affect the system management engines that bring the really baroque designs of modern processors up at boot, and may shut them down if there are faults or patches to apply to OS or firmware.

I'm not surprised big companies simply junked the entire board and switched to other designs. Tracking this down in a typical server farm would be a nightmare.
Back to top
View user's profile Send private message 
perdido


Joined: 09 Dec 2013
Posts: 1395
Location: ¿Altair IV , Just north of Eeyore Junction.?

PostPosted: Thu 04 Oct 2018, 20:59    Post subject:  

It seems SuperMicro was also a victim.
https://www.bloomberg.com/news/features/2018-10-04/the-big-hack-how-china-used-a-tiny-chip-to-infiltrate-america-s-top-companies

Earlier this year the US govt also instituted a ban on components from Huawei and ZTE tech for similar concerns.
https://www.theverge.com/2018/8/13/17686310/huawei-zte-us-government-contractor-ban-trump





.
Back to top
View user's profile Send private message 
prehistoric


Joined: 23 Oct 2007
Posts: 1747

PostPosted: Fri 05 Oct 2018, 07:51    Post subject:  

While the two large companies involved deny any such thing happened, various people in IT security have said this would be devastating.

Why the denials? Well, we are talking about two trillion-dollar companies who could lose many billions if their security is questioned, or their intellectual property is pirated. We are also dealing with companies that are doing a great deal of business with China. China doesn't want to lose their business either.

So, everyone involved will avoid making outright charges, and blame the story on a misunderstanding. If more evidence turns up, you can be sure it will be blamed on individuals or companies that "went rogue". The operation was set up to be deniable.

Now, a more serious question: how do you audit software, firmware or hardware to rule out such a backdoor installed by someone who can have their own chips designed, produced and inserted in products?
Back to top
View user's profile Send private message 
linuxcbon

Joined: 09 Aug 2007
Posts: 1278

PostPosted: Fri 05 Oct 2018, 10:39    Post subject:  

Well it seems that all the countries want to spy all the other countries, it's nothing new. The usa have done that to other countries too. All the countries do that.
Back to top
View user's profile Send private message 
Display posts from previous:   Sort by:   
Page 1 of 1 [4 Posts]  
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » Off-Topic Area » Security
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.0323s ][ Queries: 11 (0.0080s) ][ GZIP on ]