The Big Hack: How China Used a Tiny Chip to Infiltrate U.S. Companies

This site may earn a commission from merchant affiliate links, including eBay, Amazon, and others.

NightShade

Sharpshooter
Special Hen
Joined
Apr 24, 2013
Messages
4,116
Reaction score
1,813
Location
Guthrie
News is coming out from some of the cited sources in the article that it's all BS.

https://www.zdnet.com/article/secur...chip-hack-investigation-casts-doubt-on-story/

A ton of the information is brought into question and my guess is someone figures that the BMC chip is at blame. That chip allows remote access however you would have to have internal network access to even make it a viable hack I would imagine that most large corporations physically separate access to the IPMI function from the general network. Not to mention that the supposed hack is more related to out of date software on the IMPI interface rather than a hardware hack.
 

NightShade

Sharpshooter
Special Hen
Joined
Apr 24, 2013
Messages
4,116
Reaction score
1,813
Location
Guthrie
Nope, they took the researchers information that applies to all boards that have BMC or IPMI controllers for datacenter bare metal access remotely and applied it to only SuperMicro. For anything that is out of date or setup in an insecure method someone can easily cause problems and hack the boards. However physical separation of the the IPMI port from the general data port mitigates the majority of that issue. I can't comment on how a large datacenter would do things but I would not want to have the IPMI ports connected to ANY of the ports that transfer data to the internet. Physical separation of both networks will cost a little more in the short run but is a huge security gain in the long run. Plus all it ends up being is an extra switch and a little extra cat5 cabling and honestly if you were connecting the ports up to begin with it's not even an extra switch since you would need another switch for the ports to be in use anyway. The other option is setting up vLan which is still pretty secure in it's own way.

https://www.servethehome.com/yossi-...-positioning-his-research-against-supermicro/


For those who do not understand what IPMI is https://en.wikipedia.org/wiki/Intelligent_Platform_Management_Interface will explain it. But basically it allows a user to manage a server as if they were sitting in front of it with a tool and an ethernet connection. This allows you to literally do ANYTHING that you could do physically sitting at the computer and in some ways more since you can remotely mount ISO's and load the operating system. I have it and use it from time to time when I check on my FreeNAS. To turn off access I can simply unplug the Cat5 Cable. Some systems will however default that if a cable is not plugged in to the dedicated IPMI interface that the first LAN port will allow access. In my case since I am not using the built in LAN ports for data transfer but instead have a 10Gbit fiber card this is not an issue.

However, like for any other management interface, best security practices dictate the placement of the IPMI management port on a dedicated management LAN or VLAN restricted to trusted Administrators.

My router uses a similar IPMI port and while I am using the LAN ports it doesn't matter since when I acquired the board the IPMI function was damaged. The only way to even hook up a monitor is to insert a video card of some sort and even using the tool while it will connect there is nothing else available, could not even power cycle the board. Hence the reason why the purchase price of the board was refunded. I didn't figure out until afterwards that the board was still semi functional however as a router I only need access to it if there is an issue or I am initially setting things up. Otherwise management is done through a web page.

All I can say is I have two Supermicro boards and set a system up for my father and step-daughter using Supermicro boards. The BS that Bloomberg is crapping out is custom built from a bull's rear end.
 
Joined
Dec 9, 2008
Messages
87,928
Reaction score
70,793
Location
Ponca City Ok
News is coming out from some of the cited sources in the article that it's all BS.

https://www.zdnet.com/article/secur...chip-hack-investigation-casts-doubt-on-story/

I would imagine that most large corporations physically separate access to the IPMI function from the general network. Not to mention that the supposed hack is more related to out of date software on the IMPI interface rather than a hardware hack.

When I was at the power plant, we upgraded our control system to a new ABB software, serial number 1 and 2. Double firewalls and absolutely no access to the internet. It was and is a stand alone system that can't be hacked.
 
Joined
Aug 21, 2024
Messages
22
Reaction score
13
Location
oklahoma
The Chinese are everywhere! So are the Democrats just complacent or intentional? Think of Hilary’s server.


A Chinese Spy Worked In Senator Dianne Feinstein's Office For Twenty Years
We can only imagine the twenty-four hour media blitz that would be unleashed if this had happened with the Trump campaign, or on anyone's staff even remotely associated with President Trump past or present.

But when the story first broke in the middle of this week of a mole working on behalf of the Russian Chinese government on a powerful Democrat Senate Intelligence Committee member's staff, it passed in the mainstream media with a yawn, and though slowly gaining visibility still hasn't been covered by some of the large cable networks or newspapers.

Senator Dianne Feinstein (D-Calif.) was "mortified" upon learning that a Chinese spy had worked in her office for nearly 20 years.

According to new details initially unveiled in a Politico report on Russian and Chinese spies in Silicon Valley, a staffer who was fired five years ago had managed to stay on her team for nearly two decades likely out of motivation to collect information related to her long tenure on the Senate Intelligence Committee, for which she maintains top-secret security clearance.

Sen. Feinstein reportedly made the staffer retire upon being alerted by the FBI. He worked as her personal driver and clerk for her Bay Area office, as CBS San Francisco relates:

On Wednesday, the San Francisco Chronicle uncovered additional details in a column written by reporters Phil Matier and Andy Ross. The column revealed that the Chinese spy was Feinstein’s driver who also served as a gofer in her Bay Area office and was a liaison to the Asian-American community.

He even attended Chinese consulate functions for the senator.

Feinstein — who was Chair of the Senate Intelligence Committee at the timewas reportedly mortified when the FBI told her she’d be infiltrated. Investigators reportedly concluded the driver hadn’t leaked anything of substance and Feinstein forced him to retire.

Perhaps the most stunning part of the story is that he remained in her office for nearly two decades, reportedly having contact with China's Ministry of State Security for an unknown number of years during that lengthy period.

Though it's unclear when his contact with the Chinese state began, follow-up reports by local San Francisco sources claim he may have been an unwitting asset.

The San Francisco Chronicle in a follow-up investigation reports:

According to our source, the intrigue started years earlier when the staffer took a trip to Asia to visit relatives and was befriended by someone who continued to stay in touch with him on subsequent visits.

That someone was connected with the People’s Republic of China’s Ministry of State Security.

“He didn’t even know what was happening — that he was being recruited,” says our source. “He just thought it was some friend.”

Neither the FBI nor Chinese embassy has issued official comment in response to the bombshell story; however, various reports cite investigators close to the matter who say the mole was able to obtain little or nothing of substance.

It's believed that the advantage of Chinese intelligence placing a driver with the Chair of the Senate Intelligence Committee is that he may have picked up on tidbits of sensitive conversations at moments the senator thought she could comfortably speak to colleagues and staff.

One former counter-espionage FBI agent in the Bay Area, Jeff Harp, told CBS San Francisco he believes someone like Sen. Feinstein would constitute a key, high value target for foreign intelligence and eavesdropping:

Harp pointed out politicians with access to classified information are generally trained on what not to say and when not to say it. But he also noted when you have a driver behind the wheel day in and day out for 20 years, there are more opportunities to slip up.

“Think about Diane Feinstein and what she had access to,” Harp explained. “One, she had access to the Chinese community here in San Francisco; great amount of political influence. Two, correct me if I’m wrong, Dianne Feinstein still has very close ties to the intelligence committees there in Washington, D.C.”

And of Silicon Valley being a hotbed of Chinese espionage, Harp continued, “They also have an interest in the economy here. How to get political influence here. What’s being developed in Silicon Valley that has dual-use technology. All of that is tied to the Bay Area.”
“…They also have an interest in the economy here. How to get political influence here.”
Here i am reading this in late 2024 and we know our current president and a myriad of other government officials have received plenty of payoff from the country that shall not be named. As well as yet another member of government from cali having had a personal relationship with a c* spy. As well as the supply chain issues caused by c*v*d suddenly causing a desire to bring chip manufacturing back to us…but that is waning as c* does all it can to ramp back up production at any and all costs, utilizing slave and child labor. Insatiable corporate greed feeds the machine, allowing it to continue to grow, becoming more powerful every year, getting closer to accomplishing its goal of being The Superpower.
As well as the numbers of illegals from all over the world, including c* that have entered.
Seems there are few if any in position of power that care to actually do what is needed to prevent the coming supersession and protect the country, instead preferring to profit off the demise having become personally friendly with the adversary in apparent attempt to guarantee themselves riches and/or a seat of power in the coming takeover.
Just thoughts.
 

Latest posts

Top Bottom