Results 1 to 4 of 4

Thread: Shocking News! China Not Our Friend, Putting Spy Chips In Hardware

  1. #1
    Join Date
    10-21-01
    Location
    San Antonio, Tx.
    Posts
    18,387

    Shocking News! China Not Our Friend, Putting Spy Chips In Hardware

    Tiny chips in critical hardware placed in companies’ and perhaps government’ computers opening them up to Chinese masters avoiding passwords.

    This is how they did it.
    https://pjmedia.com/richardfernandez...-global-world/

    Who still thinks we should not be pressuring them?
    ...............
    “You can vote your way into socialism, but you have to shoot your way out.” — Too fundamental to have an attribution


  2. #2
    Join Date
    10-20-03
    Posts
    15,885
    Tariffs be damned, they have been stealing from us for years right in our faces as well as demanding our trade secrets. Trump needs to hit them again.

  3. #3
    Join Date
    10-21-01
    Location
    San Antonio, Tx.
    Posts
    18,387
    Below is a much more thorough explanation of the issue —

    https://www.bloomberg.com/news/featu...-top-companies

    ...Officials familiar with the investigation say the primary role of implants such as these is to open doors that other attackers can go through. “Hardware attacks are about access,” as one former senior official puts it. In simplified terms, the implants on Supermicro hardware manipulated the core operating instructions that tell the server what to do as data move across a motherboard, two people familiar with the chips’ operation say. This happened at a crucial moment, as small bits of the operating system were being stored in the board’s temporary memory en route to the server’s central processor, the CPU. The implant was placed on the board in a way that allowed it to effectively edit this information queue, injecting its own code or altering the order of the instructions the CPU was meant to follow. Deviously small changes could create disastrous effects...

    Since the implants were small, the amount of code they contained was small as well. But they were capable of doing two very important things: telling the device to communicate with one of several anonymous computers elsewhere on the internet that were loaded with more complex code; and preparing the device’s operating system to accept this new code. The illicit chips could do all this because they were connected to the baseboard management controller, a kind of superchip that administrators use to remotely log in to problematic servers, giving them access to the most sensitive code even on machines that have crashed or are turned off.
    This system could let the attackers alter how the device functioned, line by line, however they wanted, leaving no one the wiser. To understand the power that would give them, take this hypothetical example: Somewhere in the Linux operating system, which runs in many servers, is code that authorizes a user by verifying a typed password against a stored encrypted one. An implanted chip can alter part of that code so the server won’t check for a password—and presto! A secure machine is open to any and all users. A chip can also steal encryption keys for secure communications, block security updates that would neutralize the attack, and open up new pathways to the internet. Should some anomaly be noticed, it would likely be cast as an unexplained oddity. “The hardware opens whatever door it wants,” says Joe FitzPatrick, founder of Hardware Security Resources LLC, a company that trains cybersecurity professionals in hardware hacking techniques...
    Conclusion —

    ...“You end up with a classic Satan’s bargain,” one former U.S. official says. “You can have less supply than you want and guarantee it’s secure, or you can have the supply you need, but there will be risk. Every organization has accepted the second proposition.”
    In the three years since the briefing in McLean, no commercially viable way to detect attacks like the one on Supermicro’s motherboards has emerged—or has looked likely to emerge. Few companies have the resources of Apple and Amazon, and it took some luck even for them to spot the problem. “This stuff is at the cutting edge of the cutting edge, and there is no easy technological solution,” one of the people present in McLean says. “You have to invest in things that the world wants. You cannot invest in things that the world is not ready to accept yet.”
    Last edited by wacojoe; 10-05-2018 at 01:07 PM.
    ...............
    “You can vote your way into socialism, but you have to shoot your way out.” — Too fundamental to have an attribution


  4. #4
    Join Date
    10-21-01
    Location
    San Antonio, Tx.
    Posts
    18,387
    The Bloomberg allegations are receiving serious denials from various companies and U.S. government agencies.

    https://9to5mac.com/2018/10/11/spy-chip-claims/

    More stones to overturn here.
    ...............
    “You can vote your way into socialism, but you have to shoot your way out.” — Too fundamental to have an attribution


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •