bloomberg on supermicro: sky is falling
SNaslund at medline.com
Thu Oct 4 20:37:38 UTC 2018
I was wondering about where this chip tapped into all of the data and timing lines it would need to have access to. It would seem that being really small creates even more problems making those connections. I am a little doubtful about the article. It would seem to me better to create a corrupted copy of something like a front side bus chipset, memory controller or some other component that handles data lines than create a new component that would then require a motherboard redesign to integrate correctly. It would seem that as soon as the motherboard design was changed someone would wonder "hey, where are all those data lines going?" It would also require less people in on the plan to corrupt or replace a device already in the design. All you need is a way to intercept the original chip supply and insert your rogue devices.
On the opposite side of the argument, does anyone think it is strange that all of the companies mentioned in the article along with the PRC managed to get a simultaneous response back to Bloomberg. Seems pretty pre-calculated to me. Or did some agency somewhere tell everyone they better shut up about the whole thing?
>Though Bloomberg didn't go out of their way to say it, the photos were
>"representative" of the chip supposedly found. Were they in possession
>of any hard evidence of the chips' existence, they'd have said so.
More information about the NANOG