(old)Puppy Linux Discussion Forum

READ-ONLY Archive
https://oldforum.puppylinux.com/

Hardware hack hit Supermicro motherboards?

https://oldforum.puppylinux.com/viewtopic.php?t=114414

Page 1 of 1

Hardware hack hit Supermicro motherboards?

Posted: Thu 04 Oct 2018, 14:25
by prehistoric
This article finally explains why a large number of perfectly good Supermicro motherboards suddenly showed up on surplus markets two years ago.

A great deal has been left out for various reasons, but I can deduce a little more. The tiny size of these chips and the small number of leads means they were not handling the main computing tasks. They were on a much lower bandwidth control circuit.

These chips could affect the system management engines that bring the really baroque designs of modern processors up at boot, and may shut them down if there are faults or patches to apply to OS or firmware.

I'm not surprised big companies simply junked the entire board and switched to other designs. Tracking this down in a typical server farm would be a nightmare.

Posted: Fri 05 Oct 2018, 00:59
by perdido
It seems SuperMicro was also a victim.
https://www.bloomberg.com/news/features ... -companies

Earlier this year the US govt also instituted a ban on components from Huawei and ZTE tech for similar concerns.
https://www.theverge.com/2018/8/13/1768 ... -ban-trump


Image


.

Posted: Fri 05 Oct 2018, 11:51
by prehistoric
While the two large companies involved deny any such thing happened, various people in IT security have said this would be devastating.

Why the denials? Well, we are talking about two trillion-dollar companies who could lose many billions if their security is questioned, or their intellectual property is pirated. We are also dealing with companies that are doing a great deal of business with China. China doesn't want to lose their business either.

So, everyone involved will avoid making outright charges, and blame the story on a misunderstanding. If more evidence turns up, you can be sure it will be blamed on individuals or companies that "went rogue". The operation was set up to be deniable.

Now, a more serious question: how do you audit software, firmware or hardware to rule out such a backdoor installed by someone who can have their own chips designed, produced and inserted in products?

Posted: Fri 05 Oct 2018, 14:39
by linuxcbon
Well it seems that all the countries want to spy all the other countries, it's nothing new. The usa have done that to other countries too. All the countries do that.

Posted: Fri 17 Apr 2020, 01:01
by hatemonday

It seems SuperMicro was also a victim...
Soon the tiny chips designed and produced will be more powerful .....
as powerful as corona...
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited