It looks like you're using an Ad Blocker.

Please white-list or disable AboveTopSecret.com in your ad-blocking tool.

Thank you.

 

Some features of ATS will be disabled while you continue to use an ad-blocker.

 

Bloomberg's report about The Big Hack

page: 1
4

log in

join
share:

posted on Oct, 4 2018 @ 04:56 PM
link   
The Big Hack: How China Used a Tiny Chip to Infiltrate U.S. Companies

www.bloomberg.com...

For all those who believe that this is something extraordinary - it's not. I believe that this really happened and probably still happens but I am surprised that it just become public knowledge.

It's rather a simple thing to do. All of these chips communicate on very simple serial protocols like i2c or SPI. Anyone with basic micro controller skills can build a SPI proxy and plant a chip between a BMC and it's EEPROM.

What is the BMC?



The baseboard management controller (BMC) is a specialized service processor that monitors the physical state of a computer, network server or other hardware device using sensors and communicating with the system administrator through an independent connection.


All you do is write a daisy-chain firmware that loads first your code and then the actual firmware.

Your "hack" will be always on top and serve you first before it goes through it's "standard" procedure. You don't need to alter any PCB's or circuits. Just cut the traces between the Controller and it's memory and put it in the middle. Classic man-in-the-middle principle. The cuts can be so tiny, you don't even will see it. No passive chips needed either. Your custom "hack" chip just implements a good power module that can use the SPI bus regulated voltage to power it... and the best is that you don't have to have any special computing power in your chip because your stuff will run on top of the BMC.

So there it is. I think the article hit's an under appreciated topic that is long known in the industry but it's also over glorified where the tech involved is basic level.

edit on 4-10-2018 by flyandi because: (no reason given)




posted on Oct, 4 2018 @ 05:00 PM
link   
a reply to: flyandi

China is not "Most Favored Trading Partner" .. they are an enemy. They need to be treated as such immediately.



posted on Oct, 4 2018 @ 05:04 PM
link   
a reply to: flyandi

If I'm not mistaken, that's how the Chinese got a lot of military intel from the US in the 90's and early 2000's. Selling chips that stole the data. I think The US now only uses USA made chips for their equipment.



posted on Oct, 4 2018 @ 06:17 PM
link   

originally posted by: OccamsRazor04
a reply to: flyandi

China is not "Most Favored Trading Partner" .. they are an enemy. They need to be treated as such immediately.


Thank God Trump was elected hey? Hillary would have Xi as her Secretary of State.



posted on Oct, 4 2018 @ 07:44 PM
link   
a reply to: Carcharadon

Considering the ties Democrats have with the Chinese, I believe she could go further and name him the VP.




posted on Oct, 4 2018 @ 07:53 PM
link   

originally posted by: vinifalou
a reply to: Carcharadon

Considering the ties Democrats have with the Chinese, I believe she could go further and name him the VP.



Wouldn't want to get TOO obvious with it though lol.



posted on Oct, 5 2018 @ 05:36 AM
link   
I found this part of the article the most interesting.


That left the question of whom to notify and how. U.S. officials had been warning for years that hardware made by two Chinese telecommunications giants, Huawei Corp. and ZTE Corp., was subject to Chinese government manipulation. (Both Huawei and ZTE have said no such tampering has occurred.) But a similar public alert regarding a U.S. company was out of the question. Instead, officials reached out to a small number of important Supermicro customers. One executive of a large web-hosting company says the message he took away from the exchange was clear: Supermicro’s hardware couldn’t be trusted. “That’s been the nudge to everyone—get that crap out,” the person says.

So, saying publicly that an American company could not to be trusted was bad, but alerting its customers instead of the company in a way that could kill the company was not.

How can we know that there wasn't any Supermicro's competitors inside this move? Who benefited the most from this way of doing things, Supermicro's customers or Supermicro's competitors?



posted on Oct, 5 2018 @ 08:38 AM
link   
what if we just shared all technology and worked together to go to mars?



posted on Oct, 5 2018 @ 08:53 AM
link   
a reply to: fauxpas1337

So China can steal Mars like everything else?



posted on Oct, 5 2018 @ 11:52 AM
link   

originally posted by: OccamsRazor04
a reply to: fauxpas1337

So China can steal Mars like everything else?


they stole my heart with the ciggie butts they leave behind the restaurant down my street

could atleast return the favour and give them a whole #ing planet

or just share it



posted on Oct, 5 2018 @ 05:41 PM
link   
a reply to: flyandi

I saw a couple of other articles on this today. My favorite was in the Register.

Decoding the Chinese Super Micro super spy-chip super-scandal: What do we know – and who is telling the truth?


Who's your money on? Bloomberg's sources? Apple? Amazon? Super Micro?


3 pages but still a quick read.



posted on Oct, 9 2018 @ 01:45 PM
link   
More stuff:

www.bloomberg.com...



new topics




 
4

log in

join