Third Party & Independents Archives

The Chinese Chip That Could Steal Your Data

How safe are your servers? The ones up in “The Cloud” that is. Of course, the cloud is a bunch of servers warehoused in some secure facility usually near fairly cheap power sources, like hydroelectric facilities in Washington State, for example. They’re designed to be more efficient and safer than your humble laptop which you would never safeguard the way Apple, Microsoft, and Amazon safeguard your data, right?

That depends apparently.

Personally, I don't like sending stuff up to the cloud, I'd rather be responsible myself for my laptop, as naïve as that attitude may be. But now we have a couple of articles in Bloomberg that state - after over a year of detailed investigative reporting - that a key company in the server space called Supermicro may have been duped or bribed by Chinese officials in order to place malicious hardware on their motherboards that run their much-used servers.

A chip no bigger than a grain of rice (the analogy was inevitable it seems) apparently found its way onto Supermicro's motherboards. How? Through Chinese subcontractors that build the motherboards for way cheaper than it would cost if they had set up shop in San Jose, California, where Supermicro is headquartered. The company itself was founded by Taiwanese or Chinese Americans and is a key supplier of servers throughout the world apparently.

The introduced chips reportedly allow for data to be surreptitiously streamed back to China. Although whether they have been activated and actually manipulated and stolen data is unclear at this point.

The reaction to these articles has been either outright and self-righteous denial by companies like Apple and Amazon, and of course Supermicro itself, as well as snotty skepticism by tech geeks who have expressed doubt about the feasibility of such a plan.

The intel community and government in general have been silent.

So, as this story plays out, an interesting question is: did the government and perhaps the companies figure out that a malicious chip had, in fact, been installed on these servers, and did they allow it to continue to use those chips as a back door into the tactics the Chinese use to steal intellectual property?

Or are they truly unaware of the chips?

Or is the Bloomberg story chasing shadows that might not exist?

Bloomberg is sticking by its story, so someone is either wrong, or they're lying. Clearly Bloomberg is either right or wrong on this one, and Apple and Amazon have therefore either been caught flat-footed or are lying because they may be collaborating with intel agencies. Not too sure about that possibility, but you never know.

For those of us who wouldn't know the components on a motherboard from the innards of a discarded cell phone, this is all a little precious, but it's a fascinating story and one that could have interesting implications. Especially if Trump and Pompeo and Bolton decide to turn it into a major political issue. Can Trump resist? For now he's got plenty of other items to deal with, but we'll see in a few weeks or months if he decides to comment on this.

Posted by AllardK at October 11, 2018 10:44 PM
Comment #432812

China is a long-time cheater.
There is no telling what all of those secret computer chips are doing in so many devices.
Someone said the chips spy, and also allow for changing the operating system on the computers that they’re attached to, which opens the door for potential software attacks. IF that is true, it could result in a HUGE shift of manufacturers to move out of China.

Also, China is harming and killing us, and killing our pets (whether intentionally, or accidentally) via cheap products (i.e. ladders that fail; toxic medicines; toxic toys; batteries that catch fire; toxic toothpaste; pet treats that kill; cheap and defective capacitors in all types of electronics; and thousands of other dangerous products).
63% of all recalled products are from China.

Toxic pot treats killed my borther’s dog.
I was injured when a Chinese step-stool (rated for 300 LBs; I am 6’2” and weigh 245LBs) collapsd (they sent me a refund and admitted many sold were defective).
I lost count of all of the cheap Chinese products that had to be returned of thrown away.

China exports 5 times more to the U.S.A. than China allows the U.S.A. to export to China.
China has used high tarrifs for decades to discourage and/or prevent imports into China from other countries.

That’s not fair-trade.
But, the U.S.A. was stupid for ever letting it happen in the first place.

The federal government and major importers (of products from China and other nations) need to hang tough, find other sources, and insist on ZERO reciprical tarrifs; or face reciprocal (or higher punitive) tarrifs.

Do we need more low-quality worthless, and/or dangerous products from China?
63% of all product recalls are from China.

Posted by: d.a.n at October 12, 2018 4:02 PM
Comment #432991

What a horrible news. Thank you for updating. Just imagine how much data they stole in those time…

Posted by: email login at October 17, 2018 11:06 PM
Post a comment