Reply to post: Re: Still Reason to Worry

Decoding the Chinese Super Micro super spy-chip super-scandal: What do we know – and who is telling the truth?

Steve Chalmers

Re: Still Reason to Worry

Methinks the only time it makes sense to embed a chip would be if the server were destined for a classified facility which would wipe and reload (from trusted binaries) every single byte of code on the motherboard.

The hardware strategy would then allow the board to be re-hijacked after it was thought to have been wiped and reloaded.

We may be hearing true story #1 about what happened, and true story #2 about where something else like simple substitution of code for a management processor occurred, but the two stories are mashed up to signal to the perpetrators that the attack is known without disclosing to anyone else where the attack actually occurred.

Now if the perpetrator could only control the motherboard model supplied in a bulk order to SuperMicro, and only some of those boards went to my hypothetical classified site, then many other such boards could have gone to many other customers, either sitting silent or making mischief, which could be the source of a true but irrelevant statement on the number of end customers who got hardware compromised boards.

Just thinking and speculating, no inside knowledge (and no clearance any time in my life) here.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER

Biting the hand that feeds IT © 1998–2020