[ / / / / / / / / / / / / / ] [ dir / bestemma / cafechan / colombia / fast / mde / reviews / tenda / vichan ]

/tech/ - Technology

Winner of the 62rd Attention-Hungry Games
/eris/ - Wherein Is Explained Absolutely Everything Worth Knowing About Absolutely Anything.

November 2018 - 8chan Transparency Report
Email
Comment *
File
Password (Randomized for file and post deletion; you may also set your own.)
* = required field[▶ Show post options & limits]
Confused? See the FAQ.
Flag
Oekaki
Show oekaki applet
(replaces files and can be used instead)
Options

Allowed file types:jpg, jpeg, gif, png, webm, mp4, pdf
Max filesize is 16 MB.
Max image dimensions are 15000 x 15000.
You may upload 3 per post.


File: 0144e71fd908ace⋯.jpg (74.32 KB, 600x799, 600:799, 600x-1.jpg)

 No.984392

Both US and UK intelligence officials have put out statements over the weekend in support of Amazon, Apple, and Supermicro in regards to recent allegations made by Bloomberg in an article published last week.

On Thursday, Bloomberg reporters claimed that Chinese intelligence had secretly implanted spy chips inside motherboards used for Supermicro servers that eventually made their way inside the IT infrastructure of Apple, Amazon, and 30 other companies, but also inside the networks of US and UK governments.

The report shocked the public and cut Supermicro's stock value in half.

All three major companies named in the piece vehemently denied the Bloomberg report's claims.

Amazon cited "so many inaccuracies [...] that they're hard to count."

Apple suggested Bloomberg's sources "might be wrong or misinformed," and they might be "confusing their story with a previously-reported 2016 incident in which we discovered an infected driver on a single Super Micro server in one of [the Apple] labs."

Supermicro, too, denied the Bloomberg report, with the company saying they have "never been contacted by any government agencies either domestic or foreign regarding the alleged claims."

In its report, Bloomberg cited 17 unnamed sources from the intelligence and private sector.

But in its statement, Apple said that "no one from Apple ever reached out to the FBI about anything like this, and we have never heard from the FBI about an investigation of this kind -- much less tried to restrict it."

Over the past few days, several security researchers and infosec pundits have torn the Bloomberg article to pieces, criticizing everything from the incorrect artwork to the lack of technical details or the reporters' ability to convince sources to go on the record with their real names. Despite all this, Bloomberg stood by its reporting.

https://www.zdnet.com/article/dhs-and-gchq-join-amazon-and-apple-in-denying-bloomberg-chip-hack-story/

 No.984393

Curious on how this story hasn't caught too much traction yet.

If Amazon and Apple is telling fibs and denied so vehemently against it then they are in a world of astronomical hurt by the regulators. If Bloomberg was in the wrong then this would of been an epic fail of journalism or even worse someone is out there feeding misinformation to influence policy. Either way the fallout from this ordeal will be interesting.

Could Apple lie on the grounds of National Security etc. ?- the same way tech companies neglected to mention about various NSA spying programs they were a part of.. a requirement of the gag order


 No.984394

>>984393

They did for PRISM, not to mention lying about their own firmware issues.


 No.984399

>>984393

>reddit spacing

>would of been

There are actually two things wrong about this.


 No.984400

>No, those spy devices aren't in our hardware

said the people who continue to lie about built-in backdoors for spy agencies.


 No.984401

The alphabet agencies are not loyal to their respective countries. They are whores of the globalists, and the israelis, and probably the chinese as well.


 No.984403

>>984401

>The alphabet agencies are not loyal to their respective countries.

Hell, they're outright hostile to their respective countries


 No.984413


 No.984414

>>984394

When did they deny being part of PRISM?


 No.984421


 No.984424

File: 03260ba4d6fcd1d⋯.png (58.96 KB, 640x419, 640:419, ClipboardImage.png)

>>984399

>caring about spacing of a copy-pasted article

>muh leddit spacing meme

fuck off.


 No.984432

>>984392

I don't know who not to trust


 No.984455

I get why Amazon or Apple will deny it but why the other 2? GCHQ has always been quite hawkish on China's tech in the UK so this will give them a lot of ammunition. Homeland would likely want the same validation for keeping Huawei and ZTE out so giving credence to the Bloomberg story would support that.

DHS banned Huawei use in security devices for that specific reason, nearly a year ago.

Now when the Chinese complain or do retaliatory actions they can point to this as justification. Also this is strong ammunition to rally the allies to negotiate with China. Makes no sense for them to cover it up especially in this political climate. I know the hedgies sometimes go quite far with their short plays...but this would take the cake by a light year.


 No.984456

>>984455

If the story is true, the various security agencies may be denying it because there are still vulnerable systems in place.


 No.984459

>>984456

Or the spooks have found a way to hack those chips themselves and are spying on there own citizens through them. Or because of the market hit that would happen.


 No.984466

>>984432

trust nobody, not even yourself


 No.985217

gonna bump this to help defeat disinfo


 No.985223

For what its worth Sepio Systems, a hardware security company, has confirmed with Bloomberg that they have found other types of modifications to servers from Supermicro as well as other vendors.

https://www.bloomberg.com/news/articles/2018-10-09/new-evidence-of-hacked-supermicro-hardware-found-in-u-s-telecom

>His firm specializes in hardware security and was hired to scan several large data centers belonging to the telecommunications company.

>Unusual communications from a Supermicro server and a subsequent physical inspection revealed an implant built into the server’s Ethernet connector, a component that's used to attach network cables to the computer, Appleboum said.

>The executive said he has seen similar manipulations of different vendors' computer hardware made by contractors in China, not just products from Supermicro.

>The more recent manipulation is different from the one described in the Bloomberg Businessweek report last week

The real kicker though

>The manipulation of the Ethernet connector appeared to be similar to a method also used by the U.S. National Security Agency, details of which were leaked in 2013. In e-mails, Appleboum and his team refer to the implant as their “old friend,” because he said they had previously seen several variations in investigations of hardware made by other companies manufacturing in China.


 No.985246

I found this to be interesting:

https://www.servethehome.com/yossi-appleboum-disagrees-bloomberg-is-positioning-his-research-against-supermicro/

Basically, this guy thinks the problem isn't restricted to supermicro and is far reaching.

I still would like to see a physical example though.


 No.985251

>>985246

>I still would like to see a physical example though.

Same here, I won't deny that hardware spying device is possible. But since it's so prevalent, I'd like to see what components there are in.

Also the picture they use like in OP and how it's written is like it's some chip that you "just plug on a board" and suddenly it's sending stuff to China, whereas >>985223 is describing it as a bugged connector which isn't something new.

Added bonus, if they showed what it looked like. Other people could check around the hardware they get and can confirm/deny how widespread it is.


 No.985254

>The Chinese government has actually been hacking infrastructure hardware at the factory level and nobody knew about it

>Multiple global tech industries actually knew about it and lied about it

>The press lied about it

No matter which case is eventually found to be true, nobody should be happy. Any one of them is unacceptable.


 No.985307

>>985254

Even if the whole shambles is a complete lie to force businesses to invest in security measures, the real problem is that BMCs have become a standard component and that they are never updated due to manufacturer carelessness. Why bother updating BMC firmware when nobody will pay for it? Why bother making servers that meet the OpenBMC standard or other opensource standards when nobody with money will care until the breach has already taken place?

Security is still an afterthought.


 No.985344

B-but it's nothing. J-just allegations out of thin air.

Goym, trust our PR departments.

Really, our submarines, our Navy(TM), our Striker Tanks are 100% secured by our partners who are totally NOT using mobos manufactured in China and are not sellouts for a greater israel. Trust your government full of double citizens who have business with the tirannic China slave country.

Be polite. Keep tweeting, Goym.


 No.985345

>The Chinese government has actually been hacking infrastructure hardware at the factory level and nobody knew about it

If anyone could do it, he has done it. China mass produces anything with billion of slaves. China has done it.

>Multiple global tech industries actually knew about it and lied about it

Let's say that out of the many backdoors some has been found. Let's say that by finding them, these backdoors can be used by changing the firmware//code. Do you use it against an opponent or go ranting about it on CNN while giving the (((precious info))) to some fucking TLA ??

>The press lied about it

OY, (((Press))) is Free. It is 2019 (((Jewish Year))) soon.


 No.985346

>(((Bloom)))(((berg)))

hmmm...


 No.985352

DAMAGE CONTROL

They don't want people becoming concerned with backdoors in computer hardware.


 No.985353

>>985346

Ugh, like, this. It's all fine you guys, Apple and Amazon said so. Stop acting like conspiracy theorists.

Sent from my iPhone.


 No.985355

>>985353

Just like the Intelaviv leaks these will be verified shortly. I don't think anyone with two halves of a brain cell to rub together is convinced it's all a lie.


 No.985399

We've known for years that this sort of thing is going on, why is it such a stretch that the Chinese would be doing to us what we obviously do to them? Heck it's possible that the implants that have been discovered are reverse-engineered from ones the NSA planted in hardware destined for China.


 No.985414

>>984393

They're probably not lying as much as they're selectively telling parts of the truth. If there were a compromise of this type, it would almost certainly be highly classified, and the companies involved would be required not to comment on it for national security reasons. It's highly likely that C-level executives would be completely ignorant of this - knowledge would be compartmentalized by government requirement to only the personnel with direct knowledge of the event and their immediate superiors.


 No.985561

>>985399

Yeah, I'm honestly surprised this didn't happen sooner.

>>984432

Spooks vs American journalists. It's best not to trust either.


 No.985760

>>984392

>17 anonymous sources

Why is there even a discussion about this?




[Return][Go to top][Catalog][Nerve Center][Cancer][Post a Reply]
Delete Post [ ]
[]
[ / / / / / / / / / / / / / ] [ dir / bestemma / cafechan / colombia / fast / mde / reviews / tenda / vichan ]