An of course MR has to lend credibility to this nonsense Bloomberg article by reposting the "How the hack worked" illustration. Because that's what clickbait is all about.
We design lots of stuff here, and I am going to say I see no way to do all of what the article says they were doing with 4 pins, in fact I'm not sure I could do it for 8, though maybe someone could, at 16 or more it becomes more a possibility on the hardware, but the software side of it is much harder to believe. And adding a 16+ pin device to a system is a much harder to do then a cap or resister.Good god the internet is full of people who think they are experts at things they've never done, I don't know why I bother reading comments.
As someone who has actually designed circuit boards and had them built, there are multiple ways this could have been done. I've had PCB manufacturing partners tweak the gerber files output from my cad files, its standard operating procedure as they prepare the design for their manufacturing equipment and it sometimes needs tweaks to ensure it etches correctly or that pads are properly sized based on their assembly experience vs what the default sizes in the part library were.
Regarding people spouting nonsense about it not having enough pins to intercept the CPU bus, no one freaking claimed it did. The supposid hack injected custom code into the remote management controller over its serial flashrom bus, which only requires 3 or 4 pins.
Did it happen? I don't know. The most difficult part of this was secretly inserting the chip into the production line and getting someone to modify the gerber files, but, seeing the Chinese government has strong control over all their companies, I don't see that as a huge problem either.
The article is mostly right, but someone made it look like China is doing the spying when in reality it is someone else.
Who do we know that has a history of installing spy chips on computers?
Hint: Snowden told us.
I don't think any public company will blandly admit to an article. That would not be in the best interest of their stock prices. Until somebody gives proven evidence they will simply deny.
If you look at this tiny component you'll realize it is not able to inject or forward data onwards it's just not big enough to have such advanced circuitry in such a small package! It also doesn't have enough electrical connections to even communicate with the systems logic (six contacts).
This is not how someone would inject eavesdropping or malware.
It's not to say someone couldn't alter the systems BIOS chips or other logic chips with embedded code. I'm sure Apple and the others control that quite well. As that would be the obvious way someone could hack the server.
Basically, this is a big noise of Nothing! to create FUD (Fear/Uncertainty/Doubt) or someones idea to smudge a company for monetary gain.
Edward Snowden said stuff like this was going on - but I had assumed it was right at the top of the design team. A very few number of people in this world are making the cites of silicon, and it is beyond the understanding of nearly everyone. Nearly. Chip foundries could "in theory" drop in a whole "NSA" module into any computer and there wouldn't be many folks to question it or wonder about it.
It sounds like you know some things about how a computer works. but can you "think different" and play through how you could be innovative to achieve a result that a hacker might desire? So often good honest intelligent people make statements about how something is impossible - but then a hacker with great creativity figures a different way to get the result that goes right past whatever "security" was planned out by good honest people. There are many interesting examples of this in the world of hacking.
I tend to think that nobody can be 100% sure of anything at all.
Two of Elemental’s biggest early clients were the Mormon church, which used the technology to beam sermons to congregations around the world, and the adult film industry, which did not.
I also want to categorically say that if this is true, Tim Cook and Jeff Bezos would be removed by the SEC from their respective boards for the official comments today, so there is no chance its true, Bezos isnt going to get removed from his company to cover up for Supermicro and I doubt Tim would either.
Yet, to Apple — and Amazon and other companies implicated by the report — they too might also be in the dark. Assuming there was an active espionage investigation into the alleged actions of a foreign government, you can bet that only a handful of people at these companies will be even cursorily aware of the situation. U.S. surveillance and counter-espionage laws restrict who can be told about classified information or investigations. Only those who need to be in the know are kept in a very tight loop — typically a company’s chief counsel. Often their bosses, the chief executive or president, are not told to avoid making false or misleading statements to shareholders.
I think Bloomberg is just trying to make money off scare tactics. Doesn’t seem like they care if they are false or not.Bloomberg has been publishing a lot of anti-Apple stuff lately. They were the ones who falsely claimed the iPhone X was selling poorly just before earnings came out and proved them wrong. I think someone on their editorial staff is manipulating Apple stock for their personal gain.
Either that, or Apple is just sick of Bloomberg's crap and hired someone to leak this story to them in hopes that it would ruin their credibility...?
Either way, damage control at this point would be a full retraction.
This simply is not happening, at least not in any volume parts. I designed CPUs for years. We knew what every transistor did. If one or two people on the team were NSA plants they couldn't have snuck this sort of massive logic in without everyone else knowing it. Nor could someone take our complete designs and then bolt on additional logic without everyone knowing it. Not even at the fabs; the chips are tested, microphotographed, examined with a fine tooth comb. Every mW and square mm is accounted for.
Just based on the size and pin out of the chip the story told by Bloomberg is impossible.
I wasn’t talking about the Bloomberg article. I was responding to a specific post, which I included in my response. Next time, read.You didn't read the Bloomberg article, or you would realize that your refutes regarding the design phase are meaningless, as this was allegedly being done well downstream of the design phase.
And we aren't talking about a CPU, we're talking about the mobo. And this wasn't being done at the main fabs. This was allegedly 4 subs that handle overflow orders when a large volume order came in that was too big for the main shops.
From a TechCrunch article that was a partial analysis of the Bloomberg piece:
https://techcrunch.com/2018/10/04/bloomberg-spy-chip-murky-world-national-security-reporting/amp/
The article shows a 6 pin part, which I don't think can do it as I said earlier, you are suggesting a 20 pin grid array, its a tiny part, but it is 20 pins, which is kind of the point several of us are making, adding 20 new lines to the board is liable to draw attention. And again, the software issue is bigger then the hardware issue, and the SEC issue is bigger then that, all of which leans pretty heavy on that this didn't really happen. So what really happened, probably counterfeit parts on some boards, that has been an issue for a long time with China, Bloomberg and their "high placed sources" don't understand the difference between a fake tantalum part and a magic chip someone is talking about.The industry has long moved to SerDes for high speed communication requiring fewer pins so the number of pins is no longer relevant along with size.
In the world of spies many countries spy on each other. Allies and non-allies do this. Many have been doing this for year including AmericaI'm not surprised. Considering the surveillance arena, it's more than likely that several nation state intel services are into modification of HW at very early stages.
The industry has long moved to SerDes for high speed communication requiring fewer pins so the number of pins is no longer relevant along with size.
https://en.m.wikipedia.org/wiki/SerDes
Freescale MCU from 2013.
Low bandwith serial connection? You mean such "low bandwidth" connections like PCIe?
And the MR member who said they need separate access to the North- or Southbridge: No, they do not need that, because they are usually integrated in the CPU package.
Such chips can write and read whatever they want. Just like drivers for network cards, graphics cards, ... There is no hardware which stops such attacks. The Thunderbolt attacks of the past years are real. Why not this attack?