bloomberg on supermicro: sky is falling

Eric Kuhnke eric.kuhnke at gmail.com
Thu Oct 4 21:03:59 UTC 2018


To me this looks like a Chinese version of the NSA FIREWALK product. Which
is a network implant built into a RJ45 jack intended to be soldered onto a
motherboard. The FIREWALK info came out with the Snowden leaks in 2013 and
the tech was years old at that time.

https://en.wikipedia.org/wiki/NSA_ANT_catalog

I am not able to say a lot more, but when I worked for a major defence
contractor in 2006-2007 in Afghanistan, building WAN links in and out of
the country by satellite, hardware implants were found in equipment. Not
our equipment, but it was close enough to our operations that we were
briefed on it and made aware.



On Thu, Oct 4, 2018 at 10:02 AM Randy Bush <randy at psg.com> wrote:

> re:
> https://www.bloomberg.com/news/features/2018-10-04/the-big-hack-how-china-used-a-tiny-chip-to-infiltrate-america-s-top-companies
>
> from a side convo with a well known sec researcher:
>
> >> saw that a couple of years back when apple tossed them out.  so who
> >> do we know that is for sure not poisoned.  and therein lies the rub.
> > Yup
>
> truth is, i am surprised they had to add a chip, and one of the larger
> dies was not already trojaned.
>
> have visions of the chinese implant on box A fighting with the american
> implant on box B with occasional jabs from the israelis from box C.
>
> what i would love to see/know is how apple tries to vet the macs made in
> shenzhen.
>
> randy
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20181004/ce0ce8d6/attachment.html>


More information about the NANOG mailing list