Welcome to European Tribune. It's gone a bit quiet around here these days, but it's still going.
Some technical analysis:

Decoding the Chinese Super Micro super spy-chip super-scandal: What do we know - and who is telling the truth? - The Register

So which is true: did the Chinese government succeed in infiltrating the hardware supply chain and install spy chips in highly sensitive US systems; or did Bloomberg's journalists go too far in their assertions? We'll dig in.

And two days ago:

Forgotten that Chinese spy chip story? We haven't - it's still wrong, Super Micro tells SEC - The Regidter

As far as El Reg is concerned, while Bloomberg is generally a gold standard in journalism, there are numerous problems with the original piece. For one thing, it would be near impossible to exfiltrate data from a bugged machine in a data center as Apple and Amazon, at least, have sophisticated monitoring tools that should catch unexpected network traffic. Similarly, they should be able to detect unauthorized changes to operating systems and applications, caused by the alleged spy chips injecting backdoor code into the software stack during boot.

They also inspect hardware before it is put into production: as well as visual inspections, it is possible to scan a motherboard for electromagnetic emissions and identify anything unexpected, such as a tiny chip smuggled onto or inside a PCB - there's even a patent on this kind of technology. Finally, the chip shown in the Bloomberg piece is too small to realistically contain the necessary logic and all the data to insert a viable backdoor into a software stack. It is likely just an illustration - meaning, the journalists had no evidence of a chip to show.

by Bernard (bernard) on Wed Oct 24th, 2018 at 07:12:49 PM EST
[ Parent ]

Others have rated this comment as follows:

Oui 4


Occasional Series