[coreboot] Is this fake news or not? Bloomberg says China is using a rice-sized chip to hack amazon servers.
Patrick Georgi
pgeorgi at google.com
Thu Oct 4 18:21:03 CEST 2018
I could think of a few approaches to backdoor a system by having a very
tiny chip connect to a select set of traces.
But generally speaking: that discussion is rather off topic for this
mailing list.
Please look for some more suitable venue to discuss "people potentially
tampering other people's devices (with no obvious connection to coreboot)".
Patrick
Am Do., 4. Okt. 2018 um 18:02 Uhr schrieb fightfakenews via coreboot <
coreboot at coreboot.org>:
> I came across this news today. Bloomberg says China is using a rice-sized
> chip to hack amazon servers. They published videos and photos here:
>
> https://twitter.com/business/status/1047788207557865473
>
> https://www.bloomberg.com/news/features/2018-10-04/the-big-hack-how-china-used-a-tiny-chip-to-infiltrate-america-s-top-companies
>
> They publish very limited evidence, so it leads me questioning whether the
> report is true. As a worker in China's hardware industry, I'm very
> concerned with this report. Is this true or just another fake news
> deliberately created to escalate the trade war between US and China?
>
> They did not mention the product name. But they published a gif image,
> then I did a little research to compare Supermicro's Microblade severs with
> the one in this gif file. It seems the product is the MBI-6128R-T2
> https://www.supermicro.com/products/MicroBlade/module/MBI-6128R-T2.cfm
>
> This board has dual socket R3 (LGA 2011) that supports Intel® Xeon®
> processor E5-2600 v4†/ v3 family. So the processor is likely to be an intel
> one. So this board may support Intel's strict security features like
> BootGuard and Intel ME. These security features are so strong that even the
> top hackers in the open source community haven't fully cracked...
>
> The only techinical information they give is: The chips could do all this
> because they were connected to the baseboard management controller, a kind
> of superchip that administrators use to remotely log in to problematic
> servers, giving them access to the most sensitive code even on machines
> that have crashed or are turned off. (It sounds like something related with
> the IPMI? Is this really can be done? Even this can be done, can this be
> used to access data?)
>
>
>
> --
> coreboot mailing list: coreboot at coreboot.org
> https://mail.coreboot.org/mailman/listinfo/coreboot
--
Google Germany GmbH, ABC-Str. 19, 20354 Hamburg
Registergericht und -nummer: Hamburg, HRB 86891, Sitz der Gesellschaft:
Hamburg
Geschäftsführer: Paul Manicle, Halimah DeLaine Prado
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.coreboot.org/pipermail/coreboot/attachments/20181004/85d6657f/attachment.html>
More information about the coreboot
mailing list