CrashnBrn Posted October 4, 2018 Share Posted October 4, 2018 (edited) https://www.bloomberg.com/news/features/2018-10-04/the-big-hack-how-china-used-a-tiny-chip-to-infiltrate-america-s-top-companies It's a great article. Makes me want to get rid of my SM motherboard in my unraid server. It looks like from the photos it's their blade motherboards but who knows, it makes me lose trust in a company. There are very strong denials from AWS and Apple about the article. It's a he said, she said situation. Of course they are going to deny it, but at the same time maybe the bloomberg sources are wrong? What do you guys think about the article? Edited October 4, 2018 by CrashnBrn Quote Link to comment
lionelhutz Posted October 4, 2018 Share Posted October 4, 2018 (edited) Interesting stuff. From the detail, it's likely true. Edited October 4, 2018 by lionelhutz Quote Link to comment
JorgeB Posted October 4, 2018 Share Posted October 4, 2018 Seams a little farfetched to me, just hope Supermicro can survive this in the long run, they're my favorite server board manufacturer, they certainly took a hit: On the bright side, maybe there will be some good deals for used Supermicro boards soon... Quote Link to comment
CrashnBrn Posted October 4, 2018 Author Share Posted October 4, 2018 2 minutes ago, johnnie.black said: Seams a little farfetched to me, just hope Supermicro can survive this in the long run, they're my favorite server board manufacturer, they certainly took a hit: On the bright side, maybe there will be some good deals for used Supermicro boards soon... I've though about this since I'd read the news and others comments. It can be farfetched but at the same time if there is any type of gag order on these companies then they have to deny it. It can also be that only certain people in the companies know excluding PR so the statements released will obviously say this is false. Or bloomberg got the news wrong. If there is any country that can pull off this type of espionage it would be China, so I definitely think it's possible. Either way this is going to really hurt supermicro because if the sue and they prove that they are in the right I bet the news won't report it and the damage has already been done. I love/loved supermicro so I really hope the news is wrong. Quote Link to comment
JonathanM Posted October 5, 2018 Share Posted October 5, 2018 So THAT's why a good portion of those relatively new servers and e5-26xx chips showed up at TAMS and other ebay outfits and liquidators at firesale prices. I bet some of the raw chip surplus was caused by companies destroying motherboards or surrendering them for government research. Quote Link to comment
cybrnook Posted October 5, 2018 Share Posted October 5, 2018 You would have to believe though that prior to publishing this article, it would have had to pass the editor as well as receive approval that the sources were valid, right? Quote Link to comment
tr0910 Posted October 5, 2018 Share Posted October 5, 2018 I have often wondered about that. I have 6 of the e5-2670 and a boatload of RAM. Now wished I had purchased more at $70. Prices have rebounded significantly. I'm surprised Facebook and Google aren't also listed as being victims. So THAT's why a good portion of those relatively new servers and e5-26xx chips showed up at TAMS and other ebay outfits and liquidators at firesale prices. I bet some of the raw chip surplus was caused by companies destroying motherboards or surrendering them for government research. Quote Link to comment
GreenDolphin Posted October 5, 2018 Share Posted October 5, 2018 Bloomberg is usually a trustworthy source. Their tech understanding is of course low, but they claim to have done a lot of investigation, and have a lot of supporting info given in the article. I can't see so many details created out of whole cloth -- Bloomberg would leave themselves open to endless lawsuits otherwise. OTOH, both Apple & Amazon have made explicit statements denying the story, and they'll take a credibility hit if it turns out true. Someone is lying. If I had to bet, I'd guess the story is mostly true. It also sounds very likely that US authorities would hesitate about taking steps that would harm a large US company (that itself was presumably not complicit). This story will definitely be continued... Quote Link to comment
lionelhutz Posted October 5, 2018 Share Posted October 5, 2018 After reading the level of work that must have gone into the Stuxnet attack, this type of attack sounds completely believable. China is well known to have a massive state operated hacking organization and is also well known for counterfeiting complex integrated circuits, so it isn't far fetched at all for them to be hardware hacking new products being produced there. Another big question to be asked is how many compromised products don't we know about? Quote Link to comment
CrashnBrn Posted October 5, 2018 Author Share Posted October 5, 2018 Going forward when building your next server would you guys skip over SM? Or would you still use their boards? HP with iLO is looking mighty nice right now. Quote Link to comment
cybrnook Posted October 5, 2018 Share Posted October 5, 2018 Too early to tell. Something like this feels more like a focused attack, and may not represent SM as a whole, but perhaps some compromised links in the supply chain. I doubt this is at the consumer board level. All my boards right now are SM, and I have no plans to change atm. Quote Link to comment
JorgeB Posted October 5, 2018 Share Posted October 5, 2018 1 hour ago, CrashnBrn said: Going forward when building your next server would you guys skip over SM? Or would you still use their boards? HP with iLO is looking mighty nice right now. Where do you think HP boards are made? If the SM hack is true it can be in any other manufacturer, all boards are made in China. 39 minutes ago, cybrnook said: All my boards right now are SM, and I have no plans to change atm. Same. Quote Link to comment
CrashnBrn Posted October 5, 2018 Author Share Posted October 5, 2018 (edited) 2 minutes ago, johnnie.black said: Where do you think HP boards are made? If the SM hack is true it can be in any other manufacturer, all boards are made in China. Same. Oh I know, most boards are made at/around the same place, but if I can lower the risk by using a less high volume supplier. I don't plan on dropping my SM board but I think I might think twice about buying one in the future (TBD future news). And I love SM, we only use SM JBOD's and blades at work. Edited October 5, 2018 by CrashnBrn Quote Link to comment
dukiethecorgi Posted October 6, 2018 Share Posted October 6, 2018 Seems kind of far fetched to me. It looks like they replaced a coupler that connects to the cache memory, but in that case each chip would only have access to a single bit, yet the article claims it contained a processor and network capability. I really don't see how that would work Quote Link to comment
CrashnBrn Posted October 6, 2018 Author Share Posted October 6, 2018 3 hours ago, dukiethecorgi said: Seems kind of far fetched to me. It looks like they replaced a coupler that connects to the cache memory, but in that case each chip would only have access to a single bit, yet the article claims it contained a processor and network capability. I really don't see how that would work It's possible since they supposedly are going through the BMC. If they said it was another way I would doubt it, but BMC can do everything in the article. Quote Link to comment
Jcloud Posted October 9, 2018 Share Posted October 9, 2018 (edited) Another article and more fuel to the fire - the plot thickens. EDIT: Being overly-dramatic. Edited October 10, 2018 by Jcloud Quote Link to comment
cybrnook Posted October 10, 2018 Share Posted October 10, 2018 Seems he slightly disagrees https://www.servethehome.com/yossi-appleboum-disagrees-bloomberg-is-positioning-his-research-against-supermicro/ Quote Link to comment
JorgeB Posted October 10, 2018 Share Posted October 10, 2018 Seems he slightly disagrees Those are exactly my thoughts, if Supermicro is affected all other manufacturers can be, since it's all made in China, some using the same suppliers SM uses. Quote Link to comment
cybrnook Posted October 10, 2018 Share Posted October 10, 2018 (edited) 1 hour ago, johnnie.black said: Those are exactly my thoughts, if Supermicro is affected all other manufacturers can be, since it's all made in China, some using the same suppliers SM uses. @johnnie.black In their detailed breakdown, which is linked in the article I linked above, there is what I believe to be a good summary: "Bottom line, if this Supermicro attack vector is to the BMC, then the Bloomberg story is no bigger than the Dell EMC PowerEdge iDRACula story or any others. Saying there is a vulnerability in a BMC is like saying the sun is hot." and "First and foremost, I think we need to call for an immediate SEC investigation around anyone who has recently taken short positions or sold shares in Supermicro. With the accompanying Supermicro stock price hit that was foreseeable prior to the story, if anyone knew the story would be published, and acted on that non-public or classified information, the SEC needs to take action. There seems to have been over 20 people that knew about this." "Further, with public companies making statements on the impact, unless there is a valid national security/ classified reason that they gave the responses they did, there is a mismatch. Apple and Amazon did not say “no comment” they called Bloomberg’s account false. The SEC needs to investigate here as well to see if these were publicly misleading statements." Edited October 10, 2018 by cybrnook Quote Link to comment
tr0910 Posted October 10, 2018 Share Posted October 10, 2018 Part of me wonders if this is political. First the government is just releasing a huge cloud computing bid. Second Google just announced they will not bid as it conflicts with their corporate values..(eyeroll). Third, a whole crapload of e5 2670 xeons hit the market at extremely depressed pricing about 2 yrs ago along with matching ecc memory but there were no motherboards. Perhaps the motherboards were compromised? My take is that there is enough truth here to use this as a political weapon, and maybe affect the bidding process for government cloud computing. For some unknown reason, Supermicro is the sacrificial lamb here. And Amazon by being fingered as a victim will have a tougher time assuring everyone they should automatically win the bid. Quote Link to comment
JorgeB Posted October 10, 2018 Share Posted October 10, 2018 Some more reading on the topic: https://www.lightbluetouchpaper.org/2018/10/05/making-sense-of-the-supermicro-motherboard-attack/ Quote Link to comment
S80_UK Posted October 11, 2018 Share Posted October 11, 2018 (edited) 10 hours ago, tr0910 said: Part of me wonders if this is political. First the government is just releasing a huge cloud computing bid. Second Google just announced they will not bid as it conflicts with their corporate values..(eyeroll). Third, a whole crapload of e5 2670 xeons hit the market at extremely depressed pricing about 2 yrs ago along with matching ecc memory but there were no motherboards. Perhaps the motherboards were compromised? My take is that this could be a bit of politically driven protectionist China bashing, with Supermicro being a (probably) innocent victim, although the suggestions about expected movements in stock prices also add an interesting dimenison. This seems pretty well aligned with some of the current US administration's rhetoric against China. As for the motherboards - there were plenty of motherboards from some vendors when the E5-2670 Xeons hit the market., but I am not sure that the availability of those devices is connected - they were already far from new at that time. And there were (still are) threads on this forum with people buying up motherboards and CPUs to build some pretty decent servers. What I struggle with is the lack of credible detailed evidence. To me, it's all hearsay. I'd want to see some pictures - a good and bad motherboard for example; a high magnification image or two of the alleged offending devices; and so on. Edited October 11, 2018 by S80_UK Quote Link to comment
cybrnook Posted October 11, 2018 Share Posted October 11, 2018 (edited) 12 hours ago, S80_UK said: I'd want to see some pictures - a good and bad motherboard for example; a high magnification image or two of the alleged offending devices; and so on. That's what I am waiting on too. Model motherboards, serial number ranges, want to see it in action, what's it's signature on a network, what to look for, etc... Edited October 11, 2018 by cybrnook Quote Link to comment
michael123 Posted October 13, 2018 Share Posted October 13, 2018 On 10/11/2018 at 4:11 PM, cybrnook said: That's what I am waiting on too. Model motherboards, serial number ranges, want to see it in action, what's it's signature on a network, what to look for, etc... +1 Quote Link to comment
tr0910 Posted October 13, 2018 Share Posted October 13, 2018 As of right now it seems that the evidence has vanished like a puff of smoke. Some 3 letter agency has the evidence all hidden in a warehouse? Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.