Bloomberg: Super Micro motherboards used by Apple, Amazon contained Chinese spy chips

Super Micro, Amazon, and Apple deny everything in the report.

Article intro image

(credit: Wikipedia)

Tiny Chinese spy chips were embedded onto Super Micro motherboards that were then sold to companies in the US, including Amazon and Apple, reports Bloomberg. The report has attracted strenuous denials from Amazon, Apple, and Super Micro.

Bloomberg claims that the chips were initially and independently discovered by Apple and Amazon in 2015 and that the companies reported their findings to the FBI, prompting an investigation that remains ongoing. The report alleges that the tiny chips, disguised to look like other components or even sandwiched into the fiberglass of the motherboards themselves, were connected to the management processor, giving them far-reaching access to both networking and system memory. The report says that the chips would connect to certain remote systems to receive instructions and could then do things like modify the running operating system to remove password validation, thereby opening a machine up to remote attackers.

The boards were all designed by California-based Super Micro and built in Taiwan and China. The report alleges that operatives masquerading as Super Micro employees or government representatives approached people working at four particular factories to request design changes to the motherboards to include the extra chips. Bloomberg further reports that the attack was made by a unit of the People's Liberation Army, the Chinese military.

Read 3 remaining paragraphs | Comments

New modification of the old cold boot attack leaves most systems vulnerable

The defenses put in place to thwart the 2008 attack turn out to be very weak.

Footprints in the snow.

Enlarge (credit: rabiem22 / Flickr)

Cold boot attacks, used to extract sensitive data such as encryption keys and passwords from system memory, have been given new blood by researchers from F-Secure. First documented in 2008, cold boot attacks depend on the ability of RAM to remember values even across system reboots. In response, systems were modified to wipe their memory early during the boot process—but F-Secure found that, in many PCs, tampering with the firmware settings can force the memory wipe to be skipped, once again making the cold boot attacks possible.

The RAM in any commodity PC is more specifically called Dynamic RAM (DRAM). The "dynamic" here is in contrast to the other kind of RAM (used for caches in the processor), static RAM (SRAM). SRAM retains its stored values for as long as the chip is powered on; once the value is stored, it remains that way until a new value is stored or power is removed. It doesn't change, hence "static." Each bit of SRAM typically needs six or eight transistors; it's very fast, but the high transistor count makes it bulky, which is why it's only used for small caches.

DRAM, on the other hand, has a much smaller size per bit, using only a single transistor paired with a capacitor. These capacitors lose their stored charge over time; when they're depleted, the DRAM no longer retains the value it was supposed to remember. To handle this, the DRAM is refreshed multiple times per second to top up the capacitors and rewrite the values being stored. This rewriting is what makes DRAM "dynamic." It's not just the power that needs to be maintained for DRAM; the refreshes also need to occur.

Read 11 remaining paragraphs | Comments

Meltdown and Spectre: Here’s what Intel, Apple, Microsoft, others are doing about it

Enlarge (credit: Jen)
The Meltdown and Spectre flaws—two related vulnerabilities that enable a wide range of information disclosure from every mainstream processor, with particularly severe flaws for Intel and some ARM chips—were originally revealed…

Enlarge (credit: Jen)

The Meltdown and Spectre flaws—two related vulnerabilities that enable a wide range of information disclosure from every mainstream processor, with particularly severe flaws for Intel and some ARM chips—were originally revealed privately to chip companies, operating system developers, and cloud computing providers. That private disclosure was scheduled to become public some time next week, enabling these companies to develop (and, in the case of the cloud companies, deploy) suitable patches, workarounds, and mitigations.

With researchers figuring out one of the flaws ahead of that planned reveal, that schedule was abruptly brought forward, and the pair of vulnerabilities was publicly disclosed on Wednesday, prompting a rather disorderly set of responses from the companies involved.

There are three main groups of companies responding to the Meltdown and Spectre pair: processor companies, operating system companies, and cloud providers. Their reactions have been quite varied.

Read 52 remaining paragraphs | Comments

Perv Utopia: Light on MacBook webcams can be bypassed

Sneaky software allows the hardware interlock to be turned off.

The MacBook's LED indicator is off, but its webcam is very much turned on.

A common pastime among the residents of the Internet's seedy underbelly is spying on people through their webcams then using the pictures to harass and blackmail the victims. This kind of hacking went mainstream when Miss Teen USA Cassidy Wolf was named as a victim of a blackmail attempt.

In addition to standard computer security advice given to combat this behavior—keep your computer patched, don't install malware, and so on—it's commonly suggested that you only use webcams where the activity LED is hardwired to light up whenever the camera is active. Among others, Apple's line of laptops has been identified as having such hardwired LEDs. However, researchers at Johns Hopkins University have published a paper, first reported on by the Washington Post, demonstrating that even this isn't good enough. Some hardwired LEDs turn out to be, well, software controlled after all.

As with just about every other piece of modern hardware, the webcams in the computers that the researchers looked at—an iMac G5 and 2008-vintage MacBooks, MacBook Pros, and Intel iMacs—are smart devices with their own integrated processors, running their own software. The webcams have three main components: the actual digital imaging sensor, a USB interface chip with both an integrated Intel 8051-compatible microcontroller and some RAM, as well as a little bit of EEPROM memory.

Read 9 remaining paragraphs | Comments