Is the Chinese government placing tiny surveillance chips into all of our electronics? Are major tech companies covering up the fact that they are? Are we in the midst of a big hack or a big hoax? Ashtray breaks it down.
Download the Red Eye Report wherever you get your podcasts.
Big Hack or Big Hoax?
Is China sneaking tiny chips into our servers?
https://www.bloomberg.com/2018-the-big-hack
Supermicro
“Like the Microsoft of hardware”
Over 900 customers in over 100 countries.
By 2014 US intelligence learned that China was planning on inserting chips into the supply chain, specifically Supermicro motherboards.
2015 Apple discovers suspicious chips inside their Supermicro servers. Reported to the FBI, but kept details hush.
Amazon finds sabotaged hardware on it’s Elemental servers.
Disguised as small conditioning couplers, they were hard to detect without proper equipment.
They were placed between the RAM and the CPU, and could edit the information or alter it to change the CPU instructions.
They were small and could only hold a small amount of code. BUT they could communicate with other anonymous computers on the internet which housed the more complex code AND could prepare the motherboard’s operating system to accept this new code.
US intelligence started backtracking the Supermicro supply chain and found 4 subcontractors in China who were approached by middle men who either bribed or threatened inspection shutdowns to get their chips into the manufacturing process.
The People’s Liberation Army was suspected.
Apple had 7,000 Supermicro servers on their network by the time the chips were discovered.
Amazon did an internal investigation in their AWS Beijing facilities and found Supermicro servers with chips as well.
Some so small they were embedded in between the fiberglass of the circuit board.
2015, Apple started removing all of it’s Supermicro servers, all 7,000. In 2016 they severed ties with Supermicro – but claim it was over “a corrupted driver in one server it had in it’s R&R department. [insert eyeroll]
Amazon, Apple, Supermicro, and the Chinese Government have all denied any knowledge of these claims.
“Supermicro said it has “never been contacted by the U.S. government, or by any of our customers, about these alleged investigations.” The company said Bloomberg had assembled “a mishmash of disparate and inaccurate allegations” that “draws farfetched conclusions.” Federal agencies, including those described in this article as conducting investigations, still buy Supermicro products, the company said”
A spokesperson for the Chinese Foreign Ministry called accounts of these attacks “attempts to discredit China and Chinese enterprises” and accused U.S. officials of “making things up to hype up the ‘China threat.’”
This story is drawn from interviews with more than 50 people from law enforcement, the military, Congress, intelligence agencies and the private sector. Most asked not to be named in order to share sensitive information. Some details were confirmed in corporate documents Bloomberg News reviewed.
Supermicro, founded in 1993 by Taiwanese immigrant Charles Liang
which earned $3.3 billion in revenue last year. Its motherboards sit in products ranging from medical imaging scanners to cybersecurity devices.
Another Pentagon supplier that received attention was China’s Lenovo Group Ltd. In 2008, U.S. investigators found that military units in Iraq were using Lenovo laptops in which the hardware had been altered. – “A large amount of Lenovo laptops were sold to the U.S. military that had a chip encrypted on the motherboard that would record all the data that was being inputted into that laptop and send it back to China,” Lee Chieffalo, who managed a Marine network operations center near Fallujah, Iraq, testified during that 2010 case. “That was a huge security breach. We don’t have any idea how much data they got, but we had to take all those systems off the network.”
Without a fix on China’s ultimate purpose, U.S. leaders decided in 2013 to keep the discovery secret and let the attack run, according to three officials who were informed of the plan. Keith Alexander, then-director of the National Security Agency, played a central role in the decision, the officials said. The Pentagon devised undetectable countermeasures to protect its networks, two of them said.
The moves allowed America’s own spies to begin gathering intelligence on China’s plans without alerting Beijing, the two officials said.
“NSA cannot confirm that this incident—or the subsequent response actions described—ever occurred.”
government officials took discreet steps to try to prevent the use of Supermicro products in sensitive national-security networks—even though the company remained on public lists of approved suppliers.
the manipulation combined two pieces of code: The first was embedded in instructions that manage the order of the startup and can’t be easily erased or updated. That code fetched additional instructions that were tucked into the BIOS chip’s unused memory, where they were unlikely to be found even by security-conscious customers. When the server was turned on, the implant would load into the machine’s main memory, where it kept sending out data periodically.
Overall, the findings pointed to infiltration of Supermicro’s BIOS engineering by China’s intelligence agencies, the six officials said.
The FISA surveillance included individuals in a position to alter the company’s technology, and didn’t focus on senior executives, the officials said.
https://www.bloomberg.com/features/2021-supermicro/
What’s Sexy
Oracle: Roman Empire
Mistic: Rey Enigma
Teddy: Old Man Orthotics
Ashtray: Polar Bears move into abandoned weather station.
Fuck What You Think
Oracle: Stolen Valor
Woman faked being Marine vet dying of cancer to scam veterans charities (taskandpurpose.com)
Mistic: tik tok army
Ashtray: What the fuck were we talking about? … oh yeah Maus was banned from a Tennessee library!
Teddy: Joe Rogan Spotify shit
In all Seriousness: Go fuck yourself
Burt Reynolds Ghost!
That’s our show, we’re gonna be here every Wednesday or Thursday night at 10pm central, make sure you join the conversation at theredeyereport.com or facebook.com/redeyereport…..you can also twittle us @redeye_report….like us, share us, or fuck us, we’re down for whatever. I’m Ashtray…………….and this is the RED EYE REPORT!!!!!