It looks like you're using an Ad Blocker.
Please white-list or disable AboveTopSecret.com in your ad-blocking tool.
Thank you.
Some features of ATS will be disabled while you continue to use an ad-blocker.
Bloomberg's report about The Big Hack
page: 14
share:
The Big Hack: How China Used a Tiny Chip to Infiltrate U.S. Companies
www.bloomberg.com...
For all those who believe that this is something extraordinary - it's not. I believe that this really happened and probably still happens but I am surprised that it just become public knowledge.
It's rather a simple thing to do. All of these chips communicate on very simple serial protocols like i2c or SPI. Anyone with basic micro controller skills can build a SPI proxy and plant a chip between a BMC and it's EEPROM.
What is the BMC?
All you do is write a daisy-chain firmware that loads first your code and then the actual firmware.
Your "hack" will be always on top and serve you first before it goes through it's "standard" procedure. You don't need to alter any PCB's or circuits. Just cut the traces between the Controller and it's memory and put it in the middle. Classic man-in-the-middle principle. The cuts can be so tiny, you don't even will see it. No passive chips needed either. Your custom "hack" chip just implements a good power module that can use the SPI bus regulated voltage to power it... and the best is that you don't have to have any special computing power in your chip because your stuff will run on top of the BMC.
So there it is. I think the article hit's an under appreciated topic that is long known in the industry but it's also over glorified where the tech involved is basic level.
www.bloomberg.com...
For all those who believe that this is something extraordinary - it's not. I believe that this really happened and probably still happens but I am surprised that it just become public knowledge.
It's rather a simple thing to do. All of these chips communicate on very simple serial protocols like i2c or SPI. Anyone with basic micro controller skills can build a SPI proxy and plant a chip between a BMC and it's EEPROM.
What is the BMC?
The baseboard management controller (BMC) is a specialized service processor that monitors the physical state of a computer, network server or other hardware device using sensors and communicating with the system administrator through an independent connection.
All you do is write a daisy-chain firmware that loads first your code and then the actual firmware.
Your "hack" will be always on top and serve you first before it goes through it's "standard" procedure. You don't need to alter any PCB's or circuits. Just cut the traces between the Controller and it's memory and put it in the middle. Classic man-in-the-middle principle. The cuts can be so tiny, you don't even will see it. No passive chips needed either. Your custom "hack" chip just implements a good power module that can use the SPI bus regulated voltage to power it... and the best is that you don't have to have any special computing power in your chip because your stuff will run on top of the BMC.
So there it is. I think the article hit's an under appreciated topic that is long known in the industry but it's also over glorified where the tech involved is basic level.
edit on 4-10-2018 by flyandi because: (no reason given)
originally posted by: OccamsRazor04
a reply to: flyandi
China is not "Most Favored Trading Partner" .. they are an enemy. They need to be treated as such immediately.
Thank God Trump was elected hey? Hillary would have Xi as her Secretary of State.
a reply to: Carcharadon
Considering the ties Democrats have with the Chinese, I believe she could go further and name him the VP.
Considering the ties Democrats have with the Chinese, I believe she could go further and name him the VP.
originally posted by: vinifalou
a reply to: Carcharadon
Considering the ties Democrats have with the Chinese, I believe she could go further and name him the VP.
Wouldn't want to get TOO obvious with it though lol.
I found this part of the article the most interesting.
So, saying publicly that an American company could not to be trusted was bad, but alerting its customers instead of the company in a way that could kill the company was not.
How can we know that there wasn't any Supermicro's competitors inside this move? Who benefited the most from this way of doing things, Supermicro's customers or Supermicro's competitors?
That left the question of whom to notify and how. U.S. officials had been warning for years that hardware made by two Chinese telecommunications giants, Huawei Corp. and ZTE Corp., was subject to Chinese government manipulation. (Both Huawei and ZTE have said no such tampering has occurred.) But a similar public alert regarding a U.S. company was out of the question. Instead, officials reached out to a small number of important Supermicro customers. One executive of a large web-hosting company says the message he took away from the exchange was clear: Supermicro’s hardware couldn’t be trusted. “That’s been the nudge to everyone—get that crap out,” the person says.
So, saying publicly that an American company could not to be trusted was bad, but alerting its customers instead of the company in a way that could kill the company was not.
How can we know that there wasn't any Supermicro's competitors inside this move? Who benefited the most from this way of doing things, Supermicro's customers or Supermicro's competitors?
what if we just shared all technology and worked together to go to mars?
originally posted by: OccamsRazor04
a reply to: fauxpas1337
So China can steal Mars like everything else?
they stole my heart with the ciggie butts they leave behind the restaurant down my street
could atleast return the favour and give them a whole #ing planet
or just share it
a reply to: flyandi
I saw a couple of other articles on this today. My favorite was in the Register.
Decoding the Chinese Super Micro super spy-chip super-scandal: What do we know – and who is telling the truth?
3 pages but still a quick read.
I saw a couple of other articles on this today. My favorite was in the Register.
Decoding the Chinese Super Micro super spy-chip super-scandal: What do we know – and who is telling the truth?
Who's your money on? Bloomberg's sources? Apple? Amazon? Super Micro?
3 pages but still a quick read.
new topics
-
Florida man's trip overseas ends in shock over $143,000 T-Mobile phone bill
Social Issues and Civil Unrest: 10 seconds ago -
Former Labour minister Frank Field dies aged 81
People: 2 hours ago -
SETI chief says US has no evidence for alien technology. 'And we never have'
Aliens and UFOs: 3 hours ago -
This is our Story
General Entertainment: 6 hours ago -
President BIDEN Vows to Make Americans Pay More Federal Taxes in 2025 - Political Suicide.
2024 Elections: 8 hours ago -
Ode to Artemis
General Chit Chat: 9 hours ago
top topics
-
University student disciplined after saying veganism is wrong and gender fluidity is stupid
Education and Media: 17 hours ago, 14 flags -
President BIDEN Vows to Make Americans Pay More Federal Taxes in 2025 - Political Suicide.
2024 Elections: 8 hours ago, 12 flags -
Should Biden Replace Harris With AOC On the 2024 Democrat Ticket?
2024 Elections: 14 hours ago, 6 flags -
One Flame Throwing Robot Dog for Christmas Please!
Weaponry: 13 hours ago, 6 flags -
Don't take advantage of people just because it seems easy it will backfire
Rant: 13 hours ago, 4 flags -
Ditching physical money
History: 13 hours ago, 4 flags -
SETI chief says US has no evidence for alien technology. 'And we never have'
Aliens and UFOs: 3 hours ago, 4 flags -
Former Labour minister Frank Field dies aged 81
People: 2 hours ago, 3 flags -
Ode to Artemis
General Chit Chat: 9 hours ago, 3 flags -
This is our Story
General Entertainment: 6 hours ago, 2 flags
active topics
-
Florida man's trip overseas ends in shock over $143,000 T-Mobile phone bill
Social Issues and Civil Unrest • 0 • : Consvoli -
So this is what Hamas considers 'freedom fighting' ...
War On Terrorism • 244 • : HopeForTheFuture -
"We're All Hamas" Heard at Columbia University Protests
Social Issues and Civil Unrest • 269 • : Vermilion -
Police clash with St George’s Day protesters at central London rally
Social Issues and Civil Unrest • 42 • : ohahhupthera -
University student disciplined after saying veganism is wrong and gender fluidity is stupid
Education and Media • 42 • : TzarChasm -
Russia Ukraine Update Thread - part 3
World War Three • 5721 • : stu119 -
President BIDEN Vows to Make Americans Pay More Federal Taxes in 2025 - Political Suicide.
2024 Elections • 22 • : CarlLaFong -
Tucker Carlson UFOs are piloted by spiritual entities with bases under the ocean and the ground
Aliens and UFOs • 43 • : Xtrozero -
Thousands Of Young Ukrainian Men Trying To Flee The Country To Avoid Conscription And The War
Other Current Events • 127 • : Consvoli -
1980s Arcade
General Chit Chat • 25 • : confuzedcitizen
4