Jump to content
RESET Forums (homeservershow.com)
Sign in to follow this  
oj88

Super Micro - The Big Hack

Recommended Posts

oj88

Since there's a lot of Super Micro fans here, I thought this article would be of some interest.

 

Do note that the hack does not affect most of us mere mortals, at least not directly. However, this is like a kick in the nuts for many large US companies, namely Apple, AWS,  and including the US military.

 

You can't make this up. This is real cloak and dagger, James Bond meets Mission Impossible stuff.

 

https://www.bloomberg.com/news/features/2018-10-04/the-big-hack-how-china-used-a-tiny-chip-to-infiltrate-america-s-top-companies

Share this post


Link to post
Share on other sites
ShadowPeo

Does affect everyone as potentially anyone and everyone's data is at risk. I have discussed this at length today including in some quite high-level meetings with multiple people and whilst this is serious if they have done it here, what else has it been done in. My contention is that servers would likely be lower on the attack list, at least if I was doing it, I would be going after routers, switches, cell points that kind of gear, there are a greater number of them, and if you have control of that infrastructure you can cause any mayhem you want elsewhere. Who needs to destroy the electrical grid when you can simply tell all the infrastructure managing its automation to turn off or prevent it from communicating.

 

Even if this turns to be blown out of all proportion or perhaps even dare I say it "fake news", in my opinion, it's good as it brings this to the forefront of peoples minds, how and what to do about it, well that's a trickier proposition and something that none of us mear mortals can do anything about

Share this post


Link to post
Share on other sites
nrf

of course huge denials from all companies involved. of course we do this too by intercepting stuff in transit.

if apple was under a gag order can they say they are not without reprisal from the SEC?

Edited by nrf

Share this post


Link to post
Share on other sites
oj88

It’s unclear how the actual breach or attack is going to be like. For now it seems that it’s just a backdoor on their beck and call in the future.

 

News speculates that there are two reasons why the impacted companies are in denial. First, apparently, the alleged government investigation is classified and second, since no data breach has actually been detected, these companies are keeping it under wraps as they’re under no obligation to disclose this hack to their customers.

 

Well, one would hope that this is just fake news, but at least at this point, the sources seems credible. Seeing that the great majority of tech we use are manufactured in China, we can’t help ourselves but feel paranoid about what other shady activities have they got their hands on.

 

As soon as my Amazon Echo devices starts speaking Chinese, I’m smashing them with a hammer.

Share this post


Link to post
Share on other sites
nrf
Quote

 

so many ways to think about this. can a reporter be sure someone who approaches them is REALLY from a three-letter agency?

on the other hand three letter agencies frequently use reporters to advance leaks they WANT to be out in the wild. could be psychological economic warfare against china !

 

remember the tailored access operations group does this kind of crap mid-shipment, why would china be less capable of creating such hacks or even stealing them from our three letter agencies?

 

Bottom line this sows more fear and distraction while other crap is being foisted by our bought and paid for representatives etc. Since most of our stuff flows thru china at some point in its life this will leave lingering doubts and perhaps even justify yet more budget for our three letter agencies. dare I say false flag?

 

just remember the manufacturers already seeded most of our servers with the means to hack them in the name of remote maintenance ! and how many backdoors were found in cxsco equipment in the past year? cyber warfare is an everyday reality and I am not going to strip down my servers over this. :)

Share this post


Link to post
Share on other sites
ShadowPeo
6 hours ago, nrf said:

 I am not going to strip down my servers over this.

 

 

I would be impressed if you did your eyesight must be way better than mine :P

Share this post


Link to post
Share on other sites
nrf

:) unfortunately it would take an original schematic and an x-ray machine :)

Share this post


Link to post
Share on other sites
Trig0r

Everyone still denying it though I see...

Share this post


Link to post
Share on other sites
ShadowPeo

Yes, but what would you expect, if it is true, do you think they want the world to know if it's not true, then people will think the former anyway. I say let's just take it for what it is, a good conversation starter about this issue

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  



×
×
  • Create New...