[arch-general] If you have a SuperMicro board....
David C. Rankin
drankinatty at suddenlinkmail.com
Sat Oct 6 06:55:30 UTC 2018
On 10/05/2018 04:28 PM, james harvey via arch-general wrote:
> On Fri, Oct 5, 2018 at 8:36 PM David C. Rankin
> <drankinatty at suddenlinkmail.com> wrote:
>>
>> Worth passing along:
>>
>> We can now add motherboard stealth chips to the list of security concerns
>>
>>
>> https://www.bloomberg.com/news/features/2018-10-04/the-big-hack-how-china-used-a-tiny-chip-to-infiltrate-america-s-top-companies
>
> I don't know what to think on this, but FWIW, Amazon and Apple deny
> this happened. Apple says a lot of the anonymous source background
> information is just wrong. They think this might be confusion over a
> single driver issue that happened. Apple also says it's not under an
> agreement or government ban regarding discussing such an issue.
>
> https://www.cnbc.com/2018/10/04/apple-response-to-china-spy-chip-claims.html
>
The Register also did a very good story on "Who's telling the truth?" which
leaves it as an open question. But with DOD involved, it makes interpreting
the companies public statements a bit more difficult as they could presumably
be given immunity for any SEC violation with careful wording to advance a
particular denial...
http://go.reg.cx/tdml/dfd67/5bdf87ff/0ca20a03/2Q0X
Regardless of the "He said, she said..." It's pretty clear what happened, and
the preponderance of the evidence isn't that Bloomberg got it wrong...
I'm just glad my two SuperMicro boards predate the time period in question,
but then there was:
FS#58542: [linux] kernels 4.16.6 through 4.16.8 - 140 second boot hang and
multiiple call traces in dmesg I filed on one of my SuperMicro boards
https://bugs.archlinux.org/task/58542 (closed as it disappeared by 4.18.11)
No doubt completely unrelated, but after reading the article, it does make you
wonder.
--
David C. Rankin, J.D.,P.E.
More information about the arch-general
mailing list