Apple suspects their servers were tampered with during transit

[zMeul]

source: https://www.theinformation.com/inside-apples-cloud-infrastructure-troubles?

via: http://arstechnica.co.uk/information-technology/2016/03/report-apple-designing-its-own-servers-to-avoid-snooping/

 

Quote

Apple has long suspected that servers it ordered from the traditional supply chain were intercepted during shipping, with additional chips and firmware added to them by unknown third parties in order to make them vulnerable to infiltration, according to a person familiar with the matter

At one point, Apple even assigned people to take photographs of motherboards and annotate the function of each chip, explaining why it was supposed to be there. Building its own servers with motherboards it designed would be the most surefire way for Apple to prevent unauthorized snooping via extra chips

 

this is crazy bananas ... or is it 

they've already done it with HDDs, as per Kaspersky report http://www.reuters.com/article/us-usa-cyberspying-idUSKBN0LK1QV20150216

and even routers: http://arstechnica.com/tech-policy/2014/05/photos-of-an-nsa-upgrade-factory-show-cisco-router-getting-implant/

Quote

Here’s how it works: shipments of computer network devices (servers, routers, etc,) being delivered to our targets throughout the world are intercepted. Next, they are redirected to a secret location where Tailored Access Operations/Access Operations (AO-S326) employees, with the support of the Remote Operations Center (S321), enable the installation of beacon implants directly into our targets’ electronic devices. These devices are then re-packaged and placed back into transit to the original destination. All of this happens with the support of Intelligence Community partners and the technical wizards in TAO.

 

this also ties in with the news that Apple wants to design and implement their own hardware in datacenters: http://venturebeat.com/2016/03/17/apple-cloud-project-mcqueen/

Quote

For the past several months, Apple has been working on “Project McQueen,” a plan to become more reliant on its own data center infrastructure and reduce its dependence on public clouds such as Amazon Web Services (AWS) and Microsoft Azure, a source familiar with the matter tells VentureBeat.

 

the US Gov - a shitshow of biblical proportions; add Donald Trump to it and will implode

I wonder .. where does it end?

[klnh]

wow that is...just sad

no privacy, no respect at all

[Mo_z_Art]

I wonder if their servers will be, as some of their products, designed to look great, but the functionality was compromised.

 

/s

Edited March 24, 2016 by Mo_z_Art
edited to make sarcasm more obvious

[Mew]

1 minute ago, Mo_z_Art said:

I wonder if their servers will be, as some of their products, designed to look great, but the functionality was compromised.

 

Why is it that people assume that Apple doesn't have actual engineers? 

[zMeul]

2 minutes ago, kurahk7 said:

 

Why is it that people assume that Apple doesn't have actual engineers? 

they were busy taking photos of the hardware 

[dragosudeki]

1 minute ago, kurahk7 said:

 

Why is it that people assume that Apple doesn't have actual engineers? 

Unreasonable hate apple I suppose. I've had a bad experience long time ago with an Apple computer and I've avoided Apple products for that reason (despite the fact that the problem won't occur again). However, I still respect their products. People have to learn to give respect to a couple things, regardless if they actually like the product or not.

On topic: Incoming conspiracy theories!

[Mo_z_Art]

5 minutes ago, kurahk7 said:

 

Why is it that people assume that Apple doesn't have actual engineers? 

I do think they have actual engineers (btw I'm writing this on an Iphone 4S) but I like to laugh about something sometimes

[LAwLz]

It's amazing that US government agencies are allowed to continue operation after being caught doing flat out illegal things over and over.

Steal and modify private property so that we can do warrantless surveillance of innocent people? Yeah, totally fine...

This is why you should avoid products that have been in the US like the plague.

 

Good job on Apple for doing something against it.

 

Might be worth pointing out that Cisco, which were mentioned in the article tries to counter it by doing things such as sending their equipment to vacant addresses and even asking customers to pick up orders directly from the distributor instead of shipping them.

[RexinOridle]

At the end of the day, OSX and iOS are still Unix, servers are Linux, and their workshop / factory runs on windows.

[Trik'Stari]

Gee, I wonder who could have done this?

[Brennan Price]

hahahahaha, always hated apple anyway! Screw them

[Trik'Stari]

39 minutes ago, LAwLz said:

It's amazing that US government agencies are allowed to continue operation after being caught doing flat out illegal things over and over.

Steal and modify private property so that we can do warrantless surveillance of innocent people? Yeah, totally fine...

This is why you should avoid products that have been in the US like the plague.

 

Good job on Apple for doing something against it.

 

Might be worth pointing out that Cisco, which were mentioned in the article tries to counter it by doing things such as sending their equipment to vacant addresses and even asking customers to pick up orders directly from the distributor instead of shipping them.

It was illegal until congress found out. Then they made it legal.

 

That's how.

[bcredeur97]

this is so ridiculous... i mean what is even the reasoning behind this? Whatever happened to "free country" ? Everyone has to know what everyone is doing at all times now, it's so stupid. My only question is at the level we complain about it -- the people behind it are doing it because they are told to, and that it ensures security of the country. I want to know the larger plan, because you know there is one! What is this large plan and who is behind it? Nothing makes any sense.

[SurvivorNVL]

21 minutes ago, bcredeur97 said:

this is so ridiculous... i mean what is even the reasoning behind this? Whatever happened to "free country" ? Everyone has to know what everyone is doing at all times now, it's so stupid. My only question is at the level we complain about it -- the people behind it are doing it because they are told to, and that it ensures security of the country. I want to know the larger plan, because you know there is one! What is this large plan and who is behind it? Nothing makes any sense.

The large plan is pretty much being seen all around the world, and not just here.  It's pretty much the slow march toward a one world government.  Get rid of national identities, anonymity, security, and borders and the end result is that people will have chaos and eventually a one world government of monumental proportions can take root.  Then again you have EU collapsing slowly but surely and the liberal thought experiment in American getting some pretty unwelcome backlash as time goes on due to people really hating safe spaces, and having to cater to others and people who jump right to, "Xenophobic racist!" as their primary argument for most things, so--seems there may be a bit of a speed bump in these things.

That was a lot more of a response than I expected to type!  Also!  @LAwLz  Cisco has been found of working with the NSA to install microcode and firmware that is nigh undetectable that is for packet sniffing.  So, while Cisco has their own work around for some companies - I deeply do not trust them.  Them and HP.

[LAwLz]

24 minutes ago, SurvivorNVL said:

Also!  @LAwLz  Cisco has been found of working with the NSA to install microcode and firmware that is nigh undetectable that is for packet sniffing.  So, while Cisco has their own work around for some companies - I deeply do not trust them.  Them and HP.

[Citation Needed]

[SurvivorNVL]

11 minutes ago, LAwLz said:

[Citation Needed]

That was in regards to Cisco trying to counter it.  While they try to counter their shipments being intercepted, all shipments are pre-loaded by the NSA with a little firmware to monitor traffic of routers and modems.  It's in just about all of the routers from 2006 onward, I believe from some of the things Snowden had leaked.

Basically the point was that while they try to counter their gear being intercepted, they are also willingly co-operating with them and that the interceptions may be for larger clientele, but overall it's all pre-handled before being sent out, and then re-intercepted to check and ensure the gear in question has already gotten the necessary firmware.

I'm a little scatter brained today.

 

[LAwLz]

31 minutes ago, SurvivorNVL said:

That was in regards to Cisco trying to counter it.  While they try to counter their shipments being intercepted, all shipments are pre-loaded by the NSA with a little firmware to monitor traffic of routers and modems.  It's in just about all of the routers from 2006 onward, I believe from some of the things Snowden had leaked.

Basically the point was that while they try to counter their gear being intercepted, they are also willingly co-operating with them and that the interceptions may be for larger clientele, but overall it's all pre-handled before being sent out, and then re-intercepted to check and ensure the gear in question has already gotten the necessary firmware.

I'm a little scatter brained today.

I understood what you meant. I was just asking for evidence to support that claim, because I can't find any on my own.

[Mister Snow]

5 hours ago, LAwLz said:

It's amazing that US government agencies are allowed to continue operation after being caught doing flat out illegal things over and over.

Steal and modify private property so that we can do warrantless surveillance of innocent people? Yeah, totally fine...

This is why you should avoid products that have been in the US like the plague.

 

Good job on Apple for doing something against it.

 

Might be worth pointing out that Cisco, which were mentioned in the article tries to counter it by doing things such as sending their equipment to vacant addresses and even asking customers to pick up orders directly from the distributor instead of shipping them.

Rules don't matter if there is no one more powerful to enforce it.

[Roawoao]

This is a fool's errand. There is no way to 100% ensure that a targeted attack has not compromised your hardware unless you 100% trust every person that is working at your company and do everything totally in house including chip manufacturing (apple does not). There is literally no way to prevent modification somewhere along the supply chain.

 

Example would be using specialized chips that get dropped into the supply chain that look physically and functionally identical but have modifications for easier analysis later. There is no way to even know if your employee's are all on the same page as your company stance on government access. Taking pictures of all hardware and noting what each one does is retarded as revisions and bodge rework will always be the NSA's fault...

 

Pfsense has the right approach in that you will never be sure. Instead of trying to defend against the impossible just vote for a government you want and the majority will decide. Make it a campaign issue publicise it at a certain point it would become riotous if the majority was so against it.

 

If you happen to be in the minority and the majority doesn't care then that is just how democratic governments work. 

10 hours ago, SurvivorNVL said:

The large plan is pretty much being seen all around the world, and not just here.  It's pretty much the slow march toward a one world government.  Get rid of national identities, anonymity, security, and borders and the end result is that people will have chaos and eventually a one world government of monumental proportions can take root.  Then again you have EU collapsing slowly but surely and the liberal thought experiment in American getting some pretty unwelcome backlash as time goes on due to people really hating safe spaces, and having to cater to others and people who jump right to, "Xenophobic racist!" as their primary argument for most things, so--seems there may be a bit of a speed bump in these things.

I highly doubt this "plan" (conspiracy theory) is working very well the chances you can peacefully/militarily get a single world government are slim to none. Humans are just so diverse maybe if you genetically homogenized the population by force and made physically made everyone (literally everyone with no exceptions) severely mentally delayed (in a clinical respect) you could get a one world government. More of a wall than a speed bump.

[Lethal Seraph]

12 hours ago, zMeul said:

-snip-

 

"When you're born into this world, you're given a ticket to the freak show. If you're born in America you get a front row seat." -George Carlin