Cooler Master MasterBox Q500L review
Promo: URCDKey Summer Sale Windows 10 Pro for $11
Colorful iGame GeForce GTX 1660 Ti Advanced OC review
ASRock Z390 Steel Legend review
Corsair M55 RGB PRO gaming mouse review
Promo: Windows 10 Pro for $13 With Office 2016 For $33
Lexar NM600 NVMe M.2. SSD (480GB) review
Tech preview: Radeon RX 5700 and 5700 XT
Tech preview: AMD Ryzen 3000 - 7nm ZEN2
Patriot Viper VPN100 M2 NVMe 512 GB SSD Review
Supermicro to further investigate Chinese espionage chips on their hardware
After the devastating article from Bloomberg, Supermicro will check its products for the presence of malicious chips. The investigation follows the publication of a controversial article stating that the Supermicro production chain would have been infiltrated by China.
"Despite the lack of evidence for the existence of a malicious chip, we carry out an extensive and time-consuming assessment," Supermicro has told its customers. The company also denies the accusation. Bloomberg published an article on October 4 in which it wrote that China would have placed microchips on Supermicro's motherboards. These products would then have ended up at thirty US companies, including Apple and Amazon.
Both companies deny the allegations.
Apple CEO Tim Cook even called on Bloomberg to withdraw the article, something the company has never done publicly before. American and British authorities also said they knew nothing about the alleged infiltration. Bloomberg has used seventeen anonymous sources for his story according to his own statements, and they remain behind his publication. Until even this moment it has not come up with additional evidence. If Bloomberg is wrong, they might have sunk SMC into a pending bankruptcy, if they are right then perhaps that is rightfully so. The CEOs of Amazon and chipmaker Supermicro, following Apple CEO Tim Cook, call for the withdrawal of the Bloomberg article about alleged espionage chips in Supermicro hardware.
Apple CEO Tim Cook called Friday in an interview with BuzzFeed News to withdraw the story, for the first time the company does something like that.
'No proof, no interest in answers'
Cook receives support from Supermicro CEO Charles Liang, who also calls for the retraction of the story. " Bloomberg has not shown any affected motherboard, we have no malicious components in our products, we have not been contacted by the government and no customer has reported malicious hardware to us," Liang said. Amazon Web Services CEO Andy Jassy also calls for the retraction of the story. "Tim Cook is right, they do not provide proof, the story keeps changing, they were not interested in our answers unless they confirmed their theories," Jassy writes on Twitter . "Bloomberg should pull it back."
Supermicro along with Apple and Amazon refute claims in Bloomberg story - 10/05/2018 08:59 AM
Super Micro Computer, Inc. (SMCI), a global leader in enterprise computing, storage, networking solutions and green computing technology, strongly refutes reports that servers it sold to customers con...
SuperMicro to release two Supero X299 motherboards (updated) - 06/02/2017 05:03 PM
Supermicro presented its C7X299-PG at the IT trade show Computex in Taiwan. Much like all Intel board partners Supermicro is cooking up something nice as well. And I do say nice with a reason, as prev...
Review: SuperMicro C7Z270-CG Motherboard - 01/19/2017 10:51 AM
It is the era of the Z270 schipset, and in this article we cover the SuperMicro C7Z270-CG review. It is advertised as a server grade motherboard, but will it deliver in performance, features and aesth...
Review: SuperMicro C7Z170-SQ motherboard - 11/03/2015 10:08 AM
In this review we look at a SuperMicro C7Z170-SQ motherboard from their new Gaming series. SMC is predominantly active in the server market, however they have a new gaming line of consumer grade mainb...
SPARKLE CalibreCUTi Supermicro Computer - 01/19/2010 01:28 PM
Sparkle announced the Calibre CUTi, a revolutionary small form factor PC providing high definition 1080p playback and digital surround sound for a variety of multimedia formats displayed right on a us...
fry178
Senior Member
Posts: 1024
Joined: 2012-04-30
Senior Member
Posts: 1024
Joined: 2012-04-30
#5599829 Posted on: 10/25/2018 12:59 AM
So why hasnt supermicro provided a bluprint/schematic of the board next to a picture?
We wouldnt even need to see any info/nam/model nbrs of components/chips, but it would be easy to visually compare it and see if there is anything that shouldn't be there.
Yet they havent...
So why hasnt supermicro provided a bluprint/schematic of the board next to a picture?
We wouldnt even need to see any info/nam/model nbrs of components/chips, but it would be easy to visually compare it and see if there is anything that shouldn't be there.
Yet they havent...
sykozis
Senior Member
Posts: 20869
Joined: 2008-07-14
Senior Member
Posts: 20869
Joined: 2008-07-14
#5599834 Posted on: 10/25/2018 01:11 AM
So why hasnt supermicro provided a bluprint/schematic of the board next to a picture?
We wouldnt even need to see any info/nam/model nbrs of components/chips, but it would be easy to visually compare it and see if there is anything that shouldn't be there.
Yet they havent...
Bloomberg has yet to produce the proof of their claim either....but yet, people are so quick to believe a baseless claim from Bloomberg without the slightest bit of evidence to support the claim.
So why hasnt supermicro provided a bluprint/schematic of the board next to a picture?
We wouldnt even need to see any info/nam/model nbrs of components/chips, but it would be easy to visually compare it and see if there is anything that shouldn't be there.
Yet they havent...
Bloomberg has yet to produce the proof of their claim either....but yet, people are so quick to believe a baseless claim from Bloomberg without the slightest bit of evidence to support the claim.
Clouseau
Senior Member
Posts: 2271
Joined: 2011-05-17
Senior Member
Posts: 2271
Joined: 2011-05-17
#5599844 Posted on: 10/25/2018 02:04 AM
This just stinks of government meddling. Huawei is no longer backed by the large carriers here in the US. AT&T was pressured to back off from supplying the new Mate 20 and Mate 20 Pro. DOD is scrambling for a replacement since GloFo pulled out of the 7nm race. Feels like we have entered into another McCarthy Era. Instead of just general Communist infiltration, a specific country has been called out. Justified or not, just feels like this is the road being traveled down...again.
This just stinks of government meddling. Huawei is no longer backed by the large carriers here in the US. AT&T was pressured to back off from supplying the new Mate 20 and Mate 20 Pro. DOD is scrambling for a replacement since GloFo pulled out of the 7nm race. Feels like we have entered into another McCarthy Era. Instead of just general Communist infiltration, a specific country has been called out. Justified or not, just feels like this is the road being traveled down...again.
Astyanax
Senior Member
Posts: 1852
Joined: 2018-03-21
Senior Member
Posts: 1852
Joined: 2018-03-21
#5599846 Posted on: 10/25/2018 02:10 AM
It's time for all accused to jointly submit legal preceedings againsts Bloomberg
This stinks like a government covert smear campaign against asian suppliers, and they have left bloomberg to the wolves.
I have already checked with a qualified board engineer that should a chip of that size be placed where they claim, it would have no capacity to do what bloomberg is claiming.
modifying the trace layers to implement an attack vector to route this chip on would not go by unnoticed.
It's time for all accused to jointly submit legal preceedings againsts Bloomberg
This stinks like a government covert smear campaign against asian suppliers, and they have left bloomberg to the wolves.
I have already checked with a qualified board engineer that should a chip of that size be placed where they claim, it would have no capacity to do what bloomberg is claiming.
modifying the trace layers to implement an attack vector to route this chip on would not go by unnoticed.
SerotoNiN
Senior Member
Posts: 3174
Joined: 2011-11-10
Senior Member
Posts: 3174
Joined: 2011-11-10
#5599852 Posted on: 10/25/2018 02:31 AM
1) when a news organization has 17 sources and corroboration from two gov'ts (U.K. & U.S.)
and does not "show the evidence", it is not from a lack of evidence, it's from national security.
2) the Pentagon (esp DARPA), has been aware of the problem of offshore manufacturing and the guaranteed penetration by state actors ever since businesses started going to China.
3) other than the technical aspects of this story, anybody who doesn't believe China has spies in every manufacturing plant is both foolish and naive and they've never been to China.
4) Supermicro is doing precisely the right thing - put on a brave face, deny everything but investigate thoroughly.
Will you be my new best friend? <3
1) when a news organization has 17 sources and corroboration from two gov'ts (U.K. & U.S.)
and does not "show the evidence", it is not from a lack of evidence, it's from national security.
2) the Pentagon (esp DARPA), has been aware of the problem of offshore manufacturing and the guaranteed penetration by state actors ever since businesses started going to China.
3) other than the technical aspects of this story, anybody who doesn't believe China has spies in every manufacturing plant is both foolish and naive and they've never been to China.
4) Supermicro is doing precisely the right thing - put on a brave face, deny everything but investigate thoroughly.
Will you be my new best friend? <3
Fox2232
Senior Member
Posts: 9103
Joined: 2012-07-20
Senior Member
Posts: 9103
Joined: 2012-07-20
#5599902 Posted on: 10/25/2018 07:35 AM
If the Gov't had a concern relating to "national security" that resulted in an investigation, action would have been taken long before Bloomberg ran that story.
The problem is, as was brought up in the other thread, to have a chip smaller than a grain of rice, how would you connect it to the system? The necessary interconnects alone would increase the size of the chip beyond that of a grain of rice. There's also the matter of fabricating such a small chip. We're just getting to 7nm. The number of transistors alone, necessary for the functionality described, would prohibit such a small chip at 12nm or even 7nm. Bloomberg claims that these "small than a grain of rice" chips are complete systems, minus output components. That would mean the chips contain rom, ram, cpu and network interface, as well as all of the necessary interconnects for power and networking. No Chinese manufacturer has the ability to fabricate a chip at a small enough node to pull it off, much less be able to manage the heat output that running such a small chip would produce. A chip performing all the functions described by Bloomberg would require a heatsink to avoid burning out.
Actually, anyone in world can manufacture that small chip with everything inside needed. outside is an issue. That's sufficient only to tap something like BIOS chip, so altering some BIOS module to use resources of main system and download rest. But tampering with BIOS and installing rootkit on system... Easily detectable and proven.
Take Commodore64, It processes any kind of data you throw at it. Look at number of interfaces and number of pins they use for signaling. Way more than needed. Surely entire logic of C64 can be put to less than 1mm^2 even on 32nm. But as you and I wrote before, anything more advanced than reading and writing of BIOS chips requires too many traces to be taped. And those particular communications are encrypted beyond capability of any small chip to work with in real time.
If the Gov't had a concern relating to "national security" that resulted in an investigation, action would have been taken long before Bloomberg ran that story.
The problem is, as was brought up in the other thread, to have a chip smaller than a grain of rice, how would you connect it to the system? The necessary interconnects alone would increase the size of the chip beyond that of a grain of rice. There's also the matter of fabricating such a small chip. We're just getting to 7nm. The number of transistors alone, necessary for the functionality described, would prohibit such a small chip at 12nm or even 7nm. Bloomberg claims that these "small than a grain of rice" chips are complete systems, minus output components. That would mean the chips contain rom, ram, cpu and network interface, as well as all of the necessary interconnects for power and networking. No Chinese manufacturer has the ability to fabricate a chip at a small enough node to pull it off, much less be able to manage the heat output that running such a small chip would produce. A chip performing all the functions described by Bloomberg would require a heatsink to avoid burning out.
Actually, anyone in world can manufacture that small chip with everything inside needed. outside is an issue. That's sufficient only to tap something like BIOS chip, so altering some BIOS module to use resources of main system and download rest. But tampering with BIOS and installing rootkit on system... Easily detectable and proven.
Take Commodore64, It processes any kind of data you throw at it. Look at number of interfaces and number of pins they use for signaling. Way more than needed. Surely entire logic of C64 can be put to less than 1mm^2 even on 32nm. But as you and I wrote before, anything more advanced than reading and writing of BIOS chips requires too many traces to be taped. And those particular communications are encrypted beyond capability of any small chip to work with in real time.
fantaskarsef
Senior Member
Posts: 10375
Joined: 2014-07-21
Senior Member
Posts: 10375
Joined: 2014-07-21
#5599932 Posted on: 10/25/2018 09:27 AM
If the Gov't had a concern relating to "national security" that resulted in an investigation, action would have been taken long before Bloomberg ran that story.
The problem is, as was brought up in the other thread, to have a chip smaller than a grain of rice, how would you connect it to the system? The necessary interconnects alone would increase the size of the chip beyond that of a grain of rice. There's also the matter of fabricating such a small chip. We're just getting to 7nm. The number of transistors alone, necessary for the functionality described, would prohibit such a small chip at 12nm or even 7nm. Bloomberg claims that these "small than a grain of rice" chips are complete systems, minus output components. That would mean the chips contain rom, ram, cpu and network interface, as well as all of the necessary interconnects for power and networking. No Chinese manufacturer has the ability to fabricate a chip at a small enough node to pull it off, much less be able to manage the heat output that running such a small chip would produce. A chip performing all the functions described by Bloomberg would require a heatsink to avoid burning out.
Yes, I'm all with you on that, I am sceptical about the hard truth behind those claims (really finding chips on compromised hardware that's in use right now).
If the Gov't had a concern relating to "national security" that resulted in an investigation, action would have been taken long before Bloomberg ran that story.
The problem is, as was brought up in the other thread, to have a chip smaller than a grain of rice, how would you connect it to the system? The necessary interconnects alone would increase the size of the chip beyond that of a grain of rice. There's also the matter of fabricating such a small chip. We're just getting to 7nm. The number of transistors alone, necessary for the functionality described, would prohibit such a small chip at 12nm or even 7nm. Bloomberg claims that these "small than a grain of rice" chips are complete systems, minus output components. That would mean the chips contain rom, ram, cpu and network interface, as well as all of the necessary interconnects for power and networking. No Chinese manufacturer has the ability to fabricate a chip at a small enough node to pull it off, much less be able to manage the heat output that running such a small chip would produce. A chip performing all the functions described by Bloomberg would require a heatsink to avoid burning out.
Yes, I'm all with you on that, I am sceptical about the hard truth behind those claims (really finding chips on compromised hardware that's in use right now).
tunejunky
Senior Member
Posts: 875
Joined: 2017-08-18
Senior Member
Posts: 875
Joined: 2017-08-18
#5600421 Posted on: 10/26/2018 04:50 PM
1) i do not "spout anti-Chinese rhetoric".
everything that i've said the Chinese do, they do as a matter of fact.
2) i've dealt with Chinese companies (and therefore China) over decades, have you?
3) my description of their behaviors is neither unique to me or insulting to them. if they are insulted by factual analysis so be it.
4) if you look you will find my position has governments and academics behind it - worldwide.
5) re: Bloomberg. if as stated Bloomberg has spoken with agents and or collected data and hardware, it certainly would be in Federal hands atm and under intense scrutiny...and a news blackout.
1) i do not "spout anti-Chinese rhetoric".
everything that i've said the Chinese do, they do as a matter of fact.
2) i've dealt with Chinese companies (and therefore China) over decades, have you?
3) my description of their behaviors is neither unique to me or insulting to them. if they are insulted by factual analysis so be it.
4) if you look you will find my position has governments and academics behind it - worldwide.
5) re: Bloomberg. if as stated Bloomberg has spoken with agents and or collected data and hardware, it certainly would be in Federal hands atm and under intense scrutiny...and a news blackout.
Click here to post a comment for this news story on the message forum.
Posts: 20869
Joined: 2008-07-14
1. might be or might not be, sources not made available might still be made up, ESPECIALLY when it's government sources and interests beyond security, such as trade wars (you notice where I'm going?) are a thing. Like tariffs because of "national security" which is utter rubbish also.
2. if they know, warned, cried, why did they never impose a law that they need to have manufacturing in the US if companies want to supply to the government in the first place? It's not like the US would not need enough hardware with the "war on terror" that in the last 17 years nobody could have built a plant there, if the so smart goverment and three letter organisations are so sure that something's happening in China.
3. oh I do believe they have spies there. You think the US haven't gotten spies in China that are supposed to make sure nothing goes wrong with what the US need from over there? If not, why not? Have you ever been to China, I'm asking out of curiosity?
4. Supermicro was never the issue there, but more likely Bloomberg bringing out a story that not only destroys company's worth, but also actively works against any counter intelligency trying to catch the people responsible for such placements of "control" chips in hardware that's targeted to be compromised. If somebody really was trying to catch the people responsible for such an issue, it would only be logical to NOT say anything about it until AFTER they solved the issue. If not, they're trusting on the Chinese "infiltrators" to stop their doing just because somebody said they're doing it. To believe that would also be naive.
If the Gov't had a concern relating to "national security" that resulted in an investigation, action would have been taken long before Bloomberg ran that story.
The problem is, as was brought up in the other thread, to have a chip smaller than a grain of rice, how would you connect it to the system? The necessary interconnects alone would increase the size of the chip beyond that of a grain of rice. There's also the matter of fabricating such a small chip. We're just getting to 7nm. The number of transistors alone, necessary for the functionality described, would prohibit such a small chip at 12nm or even 7nm. Bloomberg claims that these "small than a grain of rice" chips are complete systems, minus output components. That would mean the chips contain rom, ram, cpu and network interface, as well as all of the necessary interconnects for power and networking. No Chinese manufacturer has the ability to fabricate a chip at a small enough node to pull it off, much less be able to manage the heat output that running such a small chip would produce. A chip performing all the functions described by Bloomberg would require a heatsink to avoid burning out.