• Guest, The rules for the P & N subforum have been updated to prohibit "ad hominem" or personal attacks against other posters. See the full details in the post "Politics and News Rules & Guidelines."
  • Community Question: What makes a good motherboard?

The Big Hack: How China Used a Tiny Chip to Infiltrate U.S. Companies

1prophet

Diamond Member
Aug 17, 2005
5,210
456
126
Cry me a fucking river while the tiniest of violins plays. Americans are reaping what they sowed thanks to profit only matters, greed is good corporatism and cheaper is better mentality sold to the rest of us as democracy through free markets, now you all are discovering that China had ulterior motives all along and plays by a different rule book,

they rope-a-doped your dumbasses by letting American corporations believe they found a way out of overpriced American labor along with an escape of all those pesky rules, regulations, and taxes domestic manufacturing would require.

Instead they played along as American know how was transferred to their country and its industrial as well as consumer economy was built up thanks to American blind greed believing the Chinese were going to be their perpetual serfs because in their minds they would be too dumb to actually understand the high tech they were putting together.

Too bad we had to wait for Trump to actually start to do something, unfortunately all he is doing is closing the barn door long after the horse ran off, as the old saying goes a day late and a dollar short.



"
One country in particular has an advantage executing this kind of attack: China, which by some estimates makes 75 percent of the world’s mobile phones and 90 percent of its PCs. Still, to actually accomplish a seeding attack would mean developing a deep understanding of a product’s design, manipulating components at the factory, and ensuring that the doctored devices made it through the global logistics chain to the desired location—a feat akin to throwing a stick in the Yangtze River upstream from Shanghai and ensuring that it washes ashore in Seattle. “Having a well-done, nation-state-level hardware implant surface would be like witnessing a unicorn jumping over a rainbow,” says Joe Grand, a hardware hacker and the founder of Grand Idea Studio Inc. “Hardware is just so far off the radar, it’s almost treated like black magic.”

But that’s just what U.S. investigators found: The chips had been inserted during the manufacturing process, two officials say, by operatives from a unit of the People’s Liberation Army. In Supermicro, China’s spies appear to have found a perfect conduit for what U.S. officials now describe as the most significant supply chain attack known to have been carried out against American companies."
 

Paratus

Lifer
Jun 4, 2004
14,360
7,124
146
Not much to comment but I did laugh at this line about the first two customers for Elemetals video compression servers:

Two of Elemental’s biggest early clients were the Mormon church, which used the technology to beam sermons to congregations around the world, and the adult film industry, which did not.
:D
 

Ichinisan

Lifer
Oct 9, 2002
28,246
1,205
136
Literally everybody in that story (even the "victims") denies it happened, it's likely impossible with current technology to do what was described, and there's no evidence that it did happen or anyone one record claiming it did.
Gubbermint intelligence agencies won't let 'em say. Even Supermicro isn't allowed to admit it.

The article subverts the USA intelligence agencies by letting China know that we discovered their chips.
 

SlowSpyder

Lifer
Jan 12, 2005
17,305
998
126
One of Trump's sticking points is that China needs to stop stealing our intellectual property. Glad to have a president that has some backbone and is standing up to those that are harming us vs. kicking the can down the road.
 

Rifter

Lifer
Oct 9, 1999
11,518
745
126
Im not surprised. Ive been saying for years we need to stop buying everything from china but there arnt enough people that think this way for it to happen obviously or it would have by now. Basically we are fucked.
 

WelshBloke

Lifer
Jan 12, 2005
26,754
3,731
126
One of Trump's sticking points is that China needs to stop stealing our intellectual property. Glad to have a president that has some backbone and is standing up to those that are harming us vs. kicking the can down the road.
Seriously if they can make a "tiny microchip, not much bigger than a grain of rice" that can do what was described then they really dont need to steal your intellectual property, they are about a decade ahead.
 

BoomerD

No Lifer
Feb 26, 2006
55,450
3,854
126
Im not surprised. Ive been saying for years we need to stop buying everything from china but there arnt enough people that think this way for it to happen obviously or it would have by now. Basically we are fucked.
(from 2001)

 

hal2kilo

Lifer
Feb 24, 2009
15,235
3,473
136
Im not surprised. Ive been saying for years we need to stop buying everything from china but there arnt enough people that think this way for it to happen obviously or it would have by now. Basically we are fucked.
You should work on military hardware. They decided that instead of having custom made computers that nobody would be able to hack due their proprietary nature, it's too expensive. Well, that started the whole Commercial Off The Shelf (COTS) push, to get all contractors to use as much COTS as possible in their designs. Well, due to things like the above and embedded malware in chips, there's this insane process now to get your equipment IA certified. You send them the hardware they run all kinds of classified testing software on the hardware to see if they find funny things going on. OK now you've got you equipment certified. They are absolutely freaked out about networks, even internal on a vessel (in my experience). Oh and if you find a bug in your firmware/software and need to change it, guess what, you have to go through the whole IA certification process again. This of course causes updates to take forever. Our military would not be in this position if they had not decided to go COTS. I don't think they are saving any money. Oh, guess where most of this is manufactured now.
 
  • Like
Reactions: IJTSSG

UNCjigga

Lifer
Dec 12, 2000
22,531
4,699
136
Seriously if they can make a "tiny microchip, not much bigger than a grain of rice" that can do what was described then they really dont need to steal your intellectual property, they are about a decade ahead.
I'm no hardware guru, but the chip itself doesn't need to have a ton of processing power or anything. It's basically the equivalent of hardwiring a few pins with solder, or a bypass that puts the CPU in Dev mode/engineering mode to allow remote hacks to disable basic protections for code execution.

Still, based on the diagrams, it doesn't seem like the Chinese hid these very well. I thought they'd hide it alongside resistors underneath another chip package, or at least some place it would be obscured by a heatsink or something.
 
Nov 29, 2006
14,453
2,145
126
One of Trump's sticking points is that China needs to stop stealing our intellectual property. Glad to have a president that has some backbone and is standing up to those that are harming us vs. kicking the can down the road.
He is all talk. What is he going to personally do about it?
 

Ichinisan

Lifer
Oct 9, 2002
28,246
1,205
136
I just see a page full of Apple products.

[edit]
This link should be better for people outside of Australia:
https://www.apple.com/newsroom/2018/10/what-businessweek-got-wrong-about-apple/
[/edit]

The thing is, Apple is supposedly keeping it extremely secret, even within Apple. It could be 100% true and many high-level folks in various departments within Apple will not know about it. This is probably mandated by the federal government. After businessweek wrote the article, the cat is out of the bag. China knows that we found their chips.
 
Last edited:

senseamp

Lifer
Feb 5, 2006
34,657
4,480
126
Why are there no pictures of this chip on an actual board, only illustrations?
You can make up anything you want in an illustration:


I get that companies are not excited about disclosing they may have been hacked since 2014, but supposedly there are thousands of servers out there with these chips across 30 companies, but there is no picture of this chip on any of them? I understand the article was just published, but if in the next few weeks, no IT guy finds one and leaks a picture, that would be very suspicious to me.

I want to see photo evidence of a board with this chip on it. Ideally, I would also want to see someone remove that chip, hook up another chip to the same connections and demonstrate that it's possible to do something useful while only having access to the same nets this chip had access to.

The timing is suspicious to me, just as we are in the beginnings of a trade war, we get this leak probably from our intelligence services to a publication alleging that Chinese tech supply chain is untrustworthy. With the same party in charge of government that lied about WMD's before to start a war. I am going to wait for independent confirmation. This is hardware, so it should not be difficult to find evidence if it exists.
 

JSt0rm

Lifer
Sep 5, 2000
27,402
3,939
126
Cry me a fucking river while the tiniest of violins plays. Americans are reaping what they sowed thanks to profit only matters, greed is good corporatism and cheaper is better mentality sold to the rest of us as democracy through free markets, now you all are discovering that China had ulterior motives all along and plays by a different rule book,

they rope-a-doped your dumbasses by letting American corporations believe they found a way out of overpriced American labor along with an escape of all those pesky rules, regulations, and taxes domestic manufacturing would require.

Instead they played along as American know how was transferred to their country and its industrial as well as consumer economy was built up thanks to American blind greed believing the Chinese were going to be their perpetual serfs because in their minds they would be too dumb to actually understand the high tech they were putting together.

Too bad we had to wait for Trump to actually start to do something, unfortunately all he is doing is closing the barn door long after the horse ran off, as the old saying goes a day late and a dollar short.



"
One country in particular has an advantage executing this kind of attack: China, which by some estimates makes 75 percent of the world’s mobile phones and 90 percent of its PCs. Still, to actually accomplish a seeding attack would mean developing a deep understanding of a product’s design, manipulating components at the factory, and ensuring that the doctored devices made it through the global logistics chain to the desired location—a feat akin to throwing a stick in the Yangtze River upstream from Shanghai and ensuring that it washes ashore in Seattle. “Having a well-done, nation-state-level hardware implant surface would be like witnessing a unicorn jumping over a rainbow,” says Joe Grand, a hardware hacker and the founder of Grand Idea Studio Inc. “Hardware is just so far off the radar, it’s almost treated like black magic.”

But that’s just what U.S. investigators found: The chips had been inserted during the manufacturing process, two officials say, by operatives from a unit of the People’s Liberation Army. In Supermicro, China’s spies appear to have found a perfect conduit for what U.S. officials now describe as the most significant supply chain attack known to have been carried out against American companies."

yeah fuck america!
 

WelshBloke

Lifer
Jan 12, 2005
26,754
3,731
126
I'm no hardware guru, but the chip itself doesn't need to have a ton of processing power or anything. It's basically the equivalent of hardwiring a few pins with solder, or a bypass that puts the CPU in Dev mode/engineering mode to allow remote hacks to disable basic protections for code execution.
I'm pretty sure that allowing unrestricted network access that bypasses all software protections plus manages to encrypt and tunnel to a secret server involves more than just hardworking a few pins.


Still, based on the diagrams, it doesn't seem like the Chinese hid these very well. I thought they'd hide it alongside resistors underneath another chip package, or at least some place it would be obscured by a heatsink or something.
Ummm. The diagrams are just illustrations, they don't actually correspond to anything in the real world.
 

dawp

Lifer
Jul 2, 2005
10,311
1,522
126
I'm no hardware guru, but the chip itself doesn't need to have a ton of processing power or anything. It's basically the equivalent of hardwiring a few pins with solder, or a bypass that puts the CPU in Dev mode/engineering mode to allow remote hacks to disable basic protections for code execution.

Still, based on the diagrams, it doesn't seem like the Chinese hid these very well. I thought they'd hide it alongside resistors underneath another chip package, or at least some place it would be obscured by a heatsink or something.
I've read, forgot where, the newer chip are small enough io be embedded between layers of the motherboard
 

WelshBloke

Lifer
Jan 12, 2005
26,754
3,731
126
I've read, forgot where, the newer chip are small enough io be embedded between layers of the motherboard
Apparently the new ones are on the order of dust sized. They just dust them with a crop sprayer and all your PCs are belong to them!
 

PottedMeat

Lifer
Apr 17, 2002
12,366
470
126
i'd really like to see one of these things

there may be tons of unpopulated areas on a board for test or just never removed for production. i could see a custom bga or lcc package size or SO8 ( you could hide a lot on that ) something placed on a common serial bus where it could talk and get power. i wonder why the writer said 'signal conditioning couplers' - a passive rf device
 

ASK THE COMMUNITY