It should not be that hard to take a look at some server boards and find a grain of sand/ or rice in this day and age.
WTF is this :)~
With the Victims denying it, iād have to assume that now years after the fact, that it would be hard enough to find them, much less prove you were looking at āthose boardsā.
I agreeā¦ specifically targeted shipments. It may be hard to produce physical evidence.
The grain of rice fud has been bouncing around for a little while nowā¦
I have to ask myselfā¦ Why use an add on ā¦when you can compromise the firmware directly or incorporate it into the design directly in some not so obvious manner.
An add on would stick out like a sore thumb.
Interesting. I guess Iāll have to wait for the dust to clear.
2 Likes
Itās pretty routine for someone in the supply-chain path to reflash firmware to line them up with a larger shipment.
I wonder now if the security sweep at larger operations has really gotten to the point of demanding schematics and BOMs and doing a visual and probe checklist?
1 Like
Supposedly it was only discovered because of some malicious behavior. Not because the implant was physically noticed.
Hereās a scary thought,
If these are servers, what would happen if you set the implant run in pass-through mode and activate only after several months of being powered-on?
A server in a datacenter will be powered on 24/7 but is that necessarily the case for the security testing lab?
1 Like
Well, this story might e 100% BS, butā¦ all of this discussion of recent events is why Iāve been saying since before smeltdown and rowhammer than we need to change our thought-process and expectations on computer security.
We need to give up on the idea that āsecureā computers are any more āsecureā than a locked door (the old saying is ālocks keep honest people honestā¦ā). We are not converging on a day where computers are āinherently secureā, we are moving away from that even being possible.
As such, our focus has to include the same things we include in other realms of security and defenseā¦ dealing with the human element and making sure there is āadequate dis-incentiveā for malicious behavior whether by criminal or government actor.
Youāve pointed out this is off topic, so Iāll be short. What about the TAO intercepting Cisco routers and other products sent globally? https://arstechnica.com/tech-policy/2014/05/photos-of-an-nsa-upgrade-factory-show-cisco-router-getting-implant/
Blockquote
āshipments of computer network devices (servers, routers, etc,) being delivered to our targets throughout the world are intercepted. Next, they are redirected to a secret location where Tailored Access Operations/Access Operations (AO-S326) employees, with the support of the Remote Operations Center (S321), enable the installation of beacon implants directly into our targetsā electronic devices. These devices are then re-packaged and placed back into transit to the original destination. All of this happens with the support of Intelligence Community partners and the technical wizards in TAO.ā
It doesnāt help with the backdoors built in some of the appliances either.
1 Like
Obviously the NSA spies on people, thatās their job. Just not American people, and not to steal intellectual property to give American companies a market advantage.
1 Like
While I donāt necessarially trust them, thereās nothing I can do about it, so I donāt worry about it.
I recommend everyone else do the same.
1 Like
The NSA was set up to help in WW2. Then it carried out attacks using information technology systems and is believed to do the same as every other countries intelligence services: Make their countries economy perform better.
Obviously, nobody would ever admit cheating to gain an economical advantageā¦
If they wonāt admit to it, I have four words for you:
When did we do away with innocent until proven guilty.
Anyone who knows me knows that Iām not a huge fan of the intelligence community, but Iām not going to indict them without evidence.
Ballās in your court kiddo. Prove it.
3 Likes
A little more descriptiveā¦
1 Like
And now we have an expanded statement from Apple:
Hereās the equivalent from Supermicro:
https://www.supermicro.com/newsroom/pressreleases/2018/press181004_Bloomberg.cfm
Story from Toms Hardware
Just buy it TM /s
Eh, has there been any boards found with this issue or is this all conjecture
Conjecture atm, tho bloomberg claim some high level sources. Only time will tell.
Unless it was on like every board eh to be honest
Well my company deals almost entirely with supermicro for servers, so Iām on the edge of my seat for this one.
I run them in my PFsense and Freenas box, but dont have ipmi on ATM and would be on an OOBM network so eh would need physical access or already pwned my switch