[AusNOG] supermicro stocks dive

Rob Thomas xrobau at gmail.com
Fri Oct 5 14:00:34 EST 2018


I've been doing some research on my own, to see if ANYTHING corroborates
this, and I'm coming up empty handed. (This is the bonus of being
unemployed!)

Let's go through a few assertions in the original article.

1. It was an extremely small chip ('grain of rice'), disguised as a signal
coupler (which has, at most, 4 pins)
2. It was able to alter the OS running on the machine
3. It was tied into the BMC
4. It was able to connect to things, AND receive connections from things.

Unfortunately, those things just don't add up. The smallest standalone
computer that I can find is from IBM - https://bit.ly/2GLm0K6 - which is
1mm^2.

That does not include any external communications pins (apparently), as
it's all self contained.

You can't just wave a magic wand and say 'It was connected to the BMC, so
it could do all these things'. Especially if it only had 4 pins - 2 of
which would be power, and the other two would be 'rxd' and 'txd' - But what
does it connect to? How does it recieve connections? Does it tap into the
BMC and make it do stuff? This just doesn't add up.

So I don't know WHY Bloomberg is pushing this, especially with extremely
vocal and explicit denials from all the parties involved.  I'm calling this
'fake news' and my first hypothesis was that it's something do with with
the US Government being annoyed at China, but I try to avoid conspiracy
theories, and I think we'll probably find out it was 4chan trolling some
bloomberg reporter, for the lulz.

--Rob


On Fri, 5 Oct 2018 at 10:00, Noel Butler <noel.butler at ausics.net> wrote:

> given when this broke a couple days ago
>
>
> https://www.securityweek.com/china-used-tiny-chips-us-computers-steal-secrets-report
>
> overnight nasdaq supermicro stocks  down 41%
> seems cant trust much coming out of China these days. though, you cant
> trust anything coming out of the USA either.
>
>
> --
>
> Kind Regards,
>
> Noel Butler
> This Email, including any attachments, may contain legally privileged
> information, therefore remains confidential and subject to copyright
> protected under international law. You may not disseminate, discuss, or
> reveal, any part, to anyone, without the authors express written authority
> to do so. If you are not the intended recipient, please notify the sender
> then delete all copies of this message including attachments, immediately.
> Confidentiality, copyright, and legal privilege are not waived or lost by
> reason of the mistaken delivery of this message. Only PDF
> <http://www.adobe.com/> and ODF
> <http://en.wikipedia.org/wiki/OpenDocument> documents accepted, please do
> not send proprietary formatted documents
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20181005/8ea3b161/attachment.html>


More information about the AusNOG mailing list