The thing is the only reason you'd do this instead of just modifying the flash would be to more easily survive updates, or if the flash is programmed too late in the process to hijack.
Show this thread
Looking at the GIF in @BW's story about China putting hardware implants into Supermicro servers, it all looks reasonably realistic as a MITM on the BMC's SPI boot flash. I don't know how real the photo is supposed to be, though.pic.twitter.com/eQxp5RsNG6
-
-
-
Also note that the location of the implant is obviously not a normal capacitor/etc, because it's in the middle of an alternate SPI flash footprint. However, that is not a constraint if you're backdooring a system and you know they never populate the alternate footprint.
Show this thread -
FWIW, here's a high-res photo of the same board. Nothing suspicious on this one.https://twitter.com/IT_Creations/status/1047939818867445760 …
Show this thread
End of conversation
New conversation -
-
-
Does the Intel and AMD CPU backdoors (SGX, AMD-SP, etc.) count as "implants", or they get away with it because it's on the same die?
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
Has an EEE actually done experiments on it?
@eevblog or@mikelectricstuf might be interested, if they could get a bunch of boards/chips to prod.pic.twitter.com/dYToR6P3B0
-
Or you know... Someone qualified?
End of conversation
New conversation -
-
-
They could potentially also defeat signing, e.g. if signature verification happens first, and data is reloaded from flash later. That said, at least with OpenBMC I think it trusts the flash 100%.
-
Hardware attacks are a lost cause. Consumer electronics companies keep trying and failing to produce secure hardware; the only two teams I know of with half a clue are iPhone and Xbox One. If your hardware is compromised at the source you might as well give up.
- Show replies
New conversation -
-
-
Wait, were they placed in line or in place of decoupling caps, because thing I saw said the latter which would be significantly more impressive or required someone to slightly modify the board too
-
My understanding is they got the PCB manufacturer to change the gerbers and then delivered the chips to the assembly house (which is probably the same company) to be placed there. So in line/on the side, nothing to do with decoupling caps.
- Show replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.