nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: bloomberg on supermicro: sky is falling

From: Eric Kuhnke <eric.kuhnke () gmail com>
Date: Thu, 4 Oct 2018 14:03:59 -0700
To me this looks like a Chinese version of the NSA FIREWALK product. Which
is a network implant built into a RJ45 jack intended to be soldered onto a
motherboard. The FIREWALK info came out with the Snowden leaks in 2013 and
the tech was years old at that time.

https://en.wikipedia.org/wiki/NSA_ANT_catalog

I am not able to say a lot more, but when I worked for a major defence
contractor in 2006-2007 in Afghanistan, building WAN links in and out of
the country by satellite, hardware implants were found in equipment. Not
our equipment, but it was close enough to our operations that we were
briefed on it and made aware.



On Thu, Oct 4, 2018 at 10:02 AM Randy Bush <randy () psg com> wrote:


re:
https://www.bloomberg.com/news/features/2018-10-04/the-big-hack-how-china-used-a-tiny-chip-to-infiltrate-america-s-top-companies

from a side convo with a well known sec researcher:


saw that a couple of years back when apple tossed them out.  so who
do we know that is for sure not poisoned.  and therein lies the rub.

Yup


truth is, i am surprised they had to add a chip, and one of the larger
dies was not already trojaned.

have visions of the chinese implant on box A fighting with the american
implant on box B with occasional jabs from the israelis from box C.

what i would love to see/know is how apple tries to vet the macs made in
shenzhen.

randy
Previous By Date Next
Previous By Thread Next

Current thread: