Reply to post: What am I missing here?

Decoding the Chinese Super Micro super spy-chip super-scandal: What do we know – and who is telling the truth?

tmz

What am I missing here?

"A third thing to consider is this: if true, a lot of effort went into this surveillance operation. It's not the sort of thing that would be added to any Super Micro server shipping to any old company – it would be highly targeted to minimize its discovery. If you've bought Super Micro kit, it's very unlikely it has a spy chip in it, we reckon, if the report is correct. Other than Apple and Amazon, the other 30 or so organizations that used allegedly compromised Super Micro boxes included a major bank and government contractors."

How is the contractor/attacker in any way in control of which MBs get sent to which customers. Surely that is entirely in the hands of Super Micro? Are these particular compromised MBs only available to certain customers? If so, how?

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019