www. O S N E W S .com
News Features Interviews
BlogContact Editorials
.
New evidence of hacked Supermicro hardware at US carrier
By Thom Holwerda on 2018-10-09 22:50:22

A major U.S. telecommunications company discovered manipulated hardware from Super Micro Computer Inc. in its network and removed it in August, fresh evidence of tampering in China of critical technology components bound for the U.S., according to a security expert working for the telecom company.

The security expert, Yossi Appleboum, provided documents, analysis and other evidence of the discovery following the publication of an investigative report in Bloomberg Businessweek that detailed how China’s intelligence services had ordered subcontractors to plant malicious chips in Supermicro server motherboards over a two-year period ending in 2015.

Fresh fuel for the fire.

 Email a friend - Printer friendly - Related stories
.
Post a new comment
.
Comment by jigzat
By jigzat on 2018-10-10 00:06:58
According to The Art of War by Sun Tzu, you can deceive the enemy by deceiving one's allies. We really don't know what is happening behind scenes, it could be true or it could be a deception. If it is true it is not convenient for Apple and Amazon and they are going to deny it until the last moment. The burden of the proof lies on Bloomberg's back but with anonymous is just another fake news. And I'm starting to dislike Apple very much in the last years.
Permalink - Score: 4
.
Comment by Lorin
By Lorin on 2018-10-10 05:38:18
Trump will jump on that fast
Permalink - Score: 3
.
The backpedaling and denial has been incredible
By Poseidon on 2018-10-10 05:49:50
All tech companies are massively denying it, which kind of makes me think that it happened even more than what the articles state.

I mean, if your only worry is making more money, security is not going to be even in the top 10 issues they're worried about, especially in the supply chain or having special auditing and supply chain custody.
Permalink - Score: 5
.
Old days
By xfire on 2018-10-10 08:40:14
Back in the early 2000s there were tons of speculation on the net about Microsoft putting in backdoors into their operating system and regardless that even Win10 sends all kinds of usage statistics and improving cortana and whatever they don't backdoor their products because you can never get away with it on the long term.

If news like this breaks out that can destroy the company. I think they already QQing about it at Supermicro because of the instant sales/customers drop since this come out couple of days ago.

Manufacture your stuff in China and China steals it just like everything.

Regardless that this surveillance chip was probably used to steal data from multiple companies for various reasons it is funny to think about that china manufactures so complex chips what they cannot easily reverse engineer (but they can produce) so they put backdoor into the same hardware to steal off the plans from the engineers workspaces who using them :)
Permalink - Score: 0
.
RE: Old days
By Alfman on 2018-10-10 12:10:38
xfire,

> Back in the early 2000s there were tons of speculation on the net about Microsoft putting in backdoors into their operating system...

I was never satisfied with microsoft's response to the NSA key, to this day they haven't provided any evidence to really refute the accusations. The speculation based on the known facts still seems well founded.

> ...and regardless that even Win10 sends all kinds of usage statistics and improving cortana and whatever they don't backdoor their products because you can never get away with it on the long term.
If news like this breaks out that can destroy the company.



Well, as a matter of fact MS does have a back door, they snuck it right under our noses. It's called "windows update" :) Seriously, the difference between a "backdoor" and "auto update" is quite subjective. MS has remote execution rights on most of our computers, and in the case on windows 10 this is forced upon us whether we want it or not.

I don't know if MS has ever lent it's remote execution access to government agencies in order to help break into the computers of criminals or even foreign governments. We may never know, but regardless we do know as a matter of fact that MS could do it on standard windows installs if they wanted to.

If some whistle-blower were to leak these sorts of activities, I agree with you there would be a public uproar. But as with all previous revelations, I doubt anything would fundamentally change. We know the illegal programs are still going on. No one in government has apologized for violating our constitution and there's been no accountability. Instead they always punish the whistleblowers to discourage the public disclosure of government crimes. It just becomes old news and we ultimately take it for granted that the government will abuse it's authority and there's not much we as individuals can do about it :(
Permalink - Score: 2
.
Zzzzzzz
By Windows Sucks on 2018-10-10 17:12:32
Bloomberg knows about as much about tech as my pet Beagle.

They have been shown over an over again to be wrong (Especially when it comes to Apple) and do a lot of things for click bait.

But hey what ever works.
Permalink - Score: 0
.
Comment by yoshi314@gmail.com
By yoshi314@gmail.com on 2018-10-11 06:51:51
i got excited, but it was not the kind of carrier i expected.
Permalink - Score: 3
.
Comment by yoshi314@gmail.com
By yoshi314@gmail.com on 2018-10-11 07:06:11
> National security experts say a key problem is that, in a cybersecurity industry approaching $100 billion in revenue annually, very little of that has been spent on inspecting hardware for tampering. That's allowed intelligence agencies around the world to work relatively unimpeded, with China holding a key advantage.


i fear that will enourage even more security lockdown on hardware against tampering, starting from servers and moving onto phones and other devices.

of course some of that cannot be detected on firmware level, so manufacturer will have to do some verification work on physical level.

i think it won't be very far till people will praise for its tactics against independent repair, for that reason.
Permalink - Score: 3
.
Only News...
By dionicio on 2018-10-13 14:54:08
About this News, is that Usual SPIN is not working anymore, Thom.
Permalink - Score: 2

Post a new comment
Username

Password

Title

Your comment

If you do not have an account, please use a desktop browser to create one.
LEAVE SPACES around URLs to autoparse. No more than 8,000 characters are allowed. The only HTML/UBB tags allowed are bold & italics.
Submission of a comment on OSNews implies that you have acknowledged and fully agreed with THESE TERMS.
.
News Features Interviews
BlogContact Editorials
.
WAP site - RSS feed
© OSNews LLC 1997-2007. All Rights Reserved.
The readers' comments are owned and a responsibility of whoever posted them.
Prefer the desktop version of OSNews?