Bloomberg says super micro servers sold to Apple and Amazon contain spy chips, all three companies (and department of Homeland security) deny this

[spartaman64]

Quote

Data center equipment run by Amazon Web Services and Apple may have been subject to surveillance from the Chinese government via a tiny microchip inserted during the equipment manufacturing process, according to a Bloomberg BusinessWeek report on Thursday. The claims in the report have been strongly disputed by the technology giants.

The chips, which Bloomberg said have been the subject of a top secret U.S. government investigation starting in 2015, were used for gathering intellectual property and trade secrets from American companies and may have been introduced by a Chinese server company called Super Micro that assembled machines used in the centers.

I think companies like Apple and Amazon will closely scrutinize hardware sold to them and spy chips will not go unnoticed by their engineers who will probably know the board layout like the back if their hand. Apple is especially wary of industrial espionage and any attempts to broadcast data to China will probably not go undetected. Also I don't know why the government will know unless the companies regularly admit government officials to examine their hardware.

 

I think what happened was that in the Pentagon lunch room one cia agent was insulting another by saying "your super micro can fit in this apple core it's amazing it's like one of those spy chips we use". And then the pentagon head janitor, the "government official", who is 85 years old with hearing aids overheard this across the lunch room and decided to report what he heard to Bloomberg. /S

https://www.cnbc.com/2018/10/04/chinese-spy-chips-are-said-to-be-found-in-hardware-used-by-apple-amazon-apple-denies-the-bloomberg-businessweek-report.html

 

Update:

Department of Homeland security backs apple and Amazon's denials

https://www.theverge.com/2018/10/7/17947840/homeland-security-apple-and-amazons-denials-chinese-microchip-hack

[emosun]

In other news , sega genesis confirmed to be brainwashing kids to vote for ronald regan with super secret microchip made by martians 

[ScratchCat]

And this is why you avoid connecting computers to networks if possible. Ideally any sort of military device should have physically separate operational and communications networks.

Quote

In addition to the three Apple insiders, four of the six U.S. officials confirmed that Apple was a victim. In all, 17 people confirmed the manipulation of Supermicro’s hardware and other elements of the attacks. The sources were granted anonymity because of the sensitive, and in some cases classified, nature of the information.

If multiple U.S. officials are confiming this I would suspect this actually happened. The CIA does something similar (basically a MiTM attack but with shipments of computers).

Source

 

1 hour ago, spartaman64 said:

Apple is especially wary of industrial espionage and any attempts to broadcast data to China will probably not go undetected

It seems they did find something:

Quote

Apple made its discovery of suspicious chips inside Supermicro servers around May 2015, after detecting odd network activity and firmware problems, according to a person familiar with the timeline.

 

Edit:

It seems AWS:China found these chips and decided against removing them to instead determine what they were sending/receiving

Quote

Its security team determined that it would be difficult to quietly remove the equipment and that, even if they could devise a way, doing so would alert the attackers that the chips had been found, according to a person familiar with the company’s probe. Instead, the team developed a method of monitoring the chips. In the ensuing months, they detected brief check-in communications between the attackers and the sabotaged servers but didn’t see any attempts to remove data. That likely meant either that the attackers were saving the chips for a later operation or that they’d infiltrated other parts of the network before the monitoring began. Neither possibility was reassuring.

 

[ScratchCat]

3 minutes ago, emosun said:

In other news , sega genesis confirmed to be brainwashing kids to vote for ronald regan with super secret microchip made by martians 

China have done something similar before, so has the CIA and virtually any agency you could care to mention.

Quote

U.S. officials had caught China experimenting with hardware tampering before, but they’d never seen anything of this scale and ambition.

 

[GoldenLag]

Before US vs China spying discussion begins. Can we agree its bad that generally spying is bad?

[emosun]

2 minutes ago, GoldenLag said:

Before US vs China spying discussion begins. Can we agree its bad that generally spying is bad?

i don't think that'll happen as the majority of people here are running windows 10

[spartaman64]

15 minutes ago, ScratchCat said:

And this is why you avoid connecting computers to networks if possible. Ideally any sort of military device should have physically separate operational and communications networks.

If multiple U.S. officials are confiming this I would suspect this actually happened. The CIA does something similar (basically a MiTM attack but with shipments of computers).

Source

 

It seems they did find something:

 

Edit:

It seems AWS:China found these chips and decided against removing them to instead determine what they were sending/receiving

 

Apple and Amazon claims otherwise

[ScratchCat]

2 minutes ago, spartaman64 said:

Apple and Amazon claims otherwise

Quote

This happened at a crucial moment, as small bits of the operating system were being stored in the board’s temporary memory en route to the server’s central processor, the CPU. The implant was placed on the board in a way that allowed it to effectively edit this information queue, injecting its own code or altering the order of the instructions the CPU was meant to follow.

Their diagram does look a bit off center if it is accessing data between the CPU and RAM (feel free to correct me) so it seems a bit odd to say the least despite the supposed support from officials.

[BuckGup]

I don't understand if they are saying that tiny spec is spying then are they sending the data back to them or saving it locally? All of which would raise a red flag 

[JacobFW]

Dammit, I had wanted to post this news with the title: LTT/SuperMicro Compromised  

[Taf the Ghost]

So there's roughly two ways this can go:

 

1) More confirmation of why destroying local production was a massive National Security disaster for the USA 

 

or 

 

2) Full Scale Fake News!

 

Either way, this should be fun.

 

As a note, everyone spies and everyone will try to do stuff like this. This is why local technology production was always important. It's also why money from black sources historically love to make other countries dependent on the technology/manufacturing from a single country. 

[ScratchCat]

2 hours ago, VegetableStu said:

Apple and Amazon claims otherwise. https://www.bloomberg.com/news/articles/2018-10-04/the-big-hack-amazon-apple-supermicro-and-beijing-respond

(not saying they should or shouldn't be trusted, but)

If Bloomberg were being misleading they would have a potentially bankrupting lawsuit from Apple, AWS and SuperMicro. No one in Bloomberg would have given this the green light if it were fake (You may not trust Bloomberg but you can trust the idea that they don't want a billion dollar lawsuit in their mail).

 

Just look at SuperMicro's stock, down >50%, if SuperMicro did not have anything related to this I would expect a heavy complain in the next few hours.

 

Edit: Stock now at 2013 levels. (Still mainly low volume)

[Bananasplit_00]

18 minutes ago, ScratchCat said:

If Bloomberg were being misleading they would have a potentially bankrupting lawsuit from Apple, AWS and SuperMicro. No one in Bloomberg would have given this the green light if it were fake (You may not trust Bloomberg but you can trust the idea that they don't want a billion dollar lawsuit in their mail).

 

Just look at SuperMicro's stock, down >50%, if SuperMicro did not have anything related to this I would expect a heavy complain in the next few hours.

 

Edit: Stock now at 2013 levels.

Seems like a good time to get in on supermicro shares tbh

[Xilefian]

The article suggests that the attacked unit is the Baseboard Management Controller, which allows monitoring the server hardware - with remote access capabilities.

 

However, BMC over network uses UDP/IP - being an Internet Protocol it's going to be a standard thing to get blocked or detected by a network firewall. If these servers were sending data remotely to external IP addresses then it would have been detected almost immediately and the hardware would never have been put in use. Even when installed, it would likely get flagged by the network firewall.

 

Unless BMC has some kind of secret remote access protocol that doesn't use the internet (and for some reason these servers were connected to an outside network that forwards non-internet-protocols to the internet - which is very unlikely, these protocols get killed when in-flight) I doubt this would have gone under the radar at all - if it is even true.

 

BMC's remote protocol is even one that Wireshark supports - so it would have been very easy to detect. Evidence for at least this can be easily retrieved.

Edited October 4, 2018 by Xilefian

[Brooksie359]

57 minutes ago, ScratchCat said:

If Bloomberg were being misleading they would have a potentially bankrupting lawsuit from Apple, AWS and SuperMicro. No one in Bloomberg would have given this the green light if it were fake (You may not trust Bloomberg but you can trust the idea that they don't want a billion dollar lawsuit in their mail).

 

Just look at SuperMicro's stock, down >50%:

You dont have be misleading to be wrong. You are imply that they wouldn't lie about this but it is entirely possible that they are simply wrong and the information they used to come to their conclusion was incorrect as well. 

[Wasteoftime]

I think this actually happened, but they are denying it to protect their stock prices and try to prevent a massive panic. The thing that scares me the most is how widespread it is. Spying is one thing, but this looks more like they were planning something, especially because of who was affected. This would also explain the current tensions with China and the tariffs that are currently on Chinese goods. there is a difference between a tabloid article and something like this, Bloomberg has way too much to lose if this is not true.

[williamcll]

What's not to say that the issue still exists on other motherboards? Considering this chip was made in 2014/5 it could be possible by now they could be so small it couldn't even be seen.

[D13H4RD]

Sneak: 100

[danieltien]

2 hours ago, Bananasplit_00 said:

Seems like a good time to get in on supermicro shares tbh

Volume on their shares is low because they missed their filing deadlines back in August and were delisted from NASDAQ. They're only traded over-the-counter now.

[danieltien]

Best quote from the Bloomberg article:

Quote

Two of Elemental’s biggest early clients were the Mormon church, which used the technology to beam sermons to congregations around the world, and the adult film industry, which did not.

 

[MyName13]

4 hours ago, Taf the Ghost said:

So there's roughly two ways this can go:

 

1) More confirmation of why destroying local production was a massive National Security disaster for the USA 

 

or 

 

2) Full Scale Fake News!

 

Either way, this should be fun.

 

As a note, everyone spies and everyone will try to do stuff like this. This is why local technology production was always important. It's also why money from black sources historically love to make other countries dependent on the technology/manufacturing from a single country. 

Third way: WAR

[Delicieuxz]

7 hours ago, spartaman64 said:

I think companies like Apple and Amazon will closely scrutinize hardware sold to them and spy chips will not go unnoticed by their engineers who will probably know the board layout like the back if their hand.

I don't know about Apple, but Amazon is a CIA asset, Jeff Bezos a CIA operative, and all personal data that is gathered from Amazon services and products customers is being compiled into virtual profiles of each individual person and going into CIA servers to create a god-view of society that lets the US government know everything they can about each individual person that uses Amazon services and products.

 

Expect the same from Microsoft services and products, as Microsoft was a willing and eager participant in the illegal PRISM surveillance and personal data-sharing program.

 

Expect the same from Facebook, as Facebook is partnered with the US government through Atlantic Council.

 

The CIA and NSA hack everything, and even intercept servers mid-shipment to install spy chips into them, before they reach their destinations.

 

These companies will of course deny that the hardware running their services is compromised, because the idea shatters consumer confidence and generates huge negative PR. Believe it or not, the general public still just takes as granted that companies understand privacy rights and respect each individual's data and life.

 

But, in reality, many companies wilfully allow the hardware running their services to be compromised because the US government pays them for the access - and those that don't accept the US government's offer have their hardware intercepted mid-delivery, anyway.

 

Quote

Apple is especially wary of industrial espionage and any attempts to broadcast data to China will probably not go undetected. Also I don't know why the government will know unless the companies regularly admit government officials to examine their hardware.

 

I think what happened was that in the Pentagon lunch room one cia agent was insulting another by saying "your super micro can fit in this apple core it's amazing it's like one of those spy chips we use". And then the pentagon head janitor, the "government official", who is 85 years old with hearing aids overheard this across the lunch room and decided to report what he heard to Bloomberg. /S

https://www.cnbc.com/2018/10/04/chinese-spy-chips-are-said-to-be-found-in-hardware-used-by-apple-amazon-apple-denies-the-bloomberg-businessweek-report.html

Or, these companies are protecting their business, while knowing that at a minimum their hardware is compromised by the US government and that what Bloomberg has reported is true all the same, even if it isn't true regarding the Chinese government.

[ScratchCat]

2 hours ago, Brooksie359 said:

You dont have be misleading to be wrong. You are imply that they wouldn't lie about this but it is entirely possible that they are simply wrong and the information they used to come to their conclusion was incorrect as well. 

I know the following quote is from Bloomberg but assuming they are not lying about the entire thing then getting it wrong after a year and hundreds of interviews would be beyond reason: Source

Quote

Those companies, as well as Supermicro and China’s Ministry of Foreign Affairs, denied the Businessweek report, which is based on more than a year of reporting and more than 100 interviews.

 

2 hours ago, VegetableStu said:

problem is I don't have any grasp on either end to say anything definitive about it. both could be equally legit in the extreme case scenarios separately (not concurrently) ._.

(my previous reply was just to reiterate the "victim" companies' official responses, not an agreement to either party's stance)

Ideally the investigators should provide some sort of confirmation that there indeed is the issue or not, at this point if the attackers exist they know they have been found.

[Dabombinable]

Didn't Apple know about Intel's IME?

[abazigal]

My guess is that Apple did indeed find out that their hardware was compromised, and so they never made their way into any of their servers. Given that China is still a major business partner, it’s still better for Apple to play dumb and not blow up the matter. But I have no doubt Apple is closely scrutinising their suppliers to make sure this never happens.