Home > News content

Chinese spy chips penetrate US companies? Four major doubts are contrary to common sense

via:博客园     time:2018/10/6 20:32:08     readed:319

Source: Looking for Chinese makers

Reporter: Cai Haoshuang Editor: Zhao Li


The Chinese and American scientific and technological circles are staged the biggest absurd drama of the year. Bloomberg and the companies such as Apple and Amazon have been arguing with each other publicly, and the Chinese and American technology stocks affected by it have mourned.

On October 4th, the US "Bloomberg Business Weekly" published an in-depth cover report: China's special department used the loopholes in the US technology supply chain to sneak into the motherboard and penetrated into nearly 30 US-sized micro-size micro-spy chips. Among the company's computer networks, affected are Apple, Amazon, a big bank and government contractors. Among them, the software services provided by government contractors are used to help provide the CIA with drone video and communicate with the International Space Station.

If the report is true, this is a national level hacking war! The Republican of the United States, Chris · Stewart even called it "the holy grail of hackers".

However, less than a day after the report was issued, Apple, Amazon, etc. issued a statement with a tough attitude and rich details, sternly blaming Bloomberg’s false reports about its own company. Bloomberg itself also published the statements of the two companies.

On the one hand, Bloomberg, which claims to have zero tolerance for false information, and two listed companies with strong attitudes and strong attitudes on the one hand, as described by IT Magazine The Register, see the reports of Bloomberg and the rebuttals of Apple and Amazon. Look at the collision of matter and antimatter.

However, the gods fight, "Little Ghost" 殃 殃. Affected by the report, the relevant stocks fell sharply, not only Apple, Amazon, Lenovo opened less than 1 hour, the decline exceeded 21%. The worst is Supermicro Computer, a Silicon Valley server development company at the Vortex Center, whose share price once fell 58.43% and eventually fell 41.12%.

Huawei HiSilicon one chip developer told the Chinese maker: "It is possible to achieve, but it is impossible to achieve it." ”

An entrepreneur who has worked for a cloud computing company in the United States for eight years and worked for Amazon also believes that "this is a bit like science fiction." If it is not Bloomberg, this report will not be believed. ”

The latest news is that US lawmakers want the company involved to provide Congress with a brief introduction to the chip hacker report. Under Luo Shengmen, several key details in the Bloomberg Businessweek report have caused widespread controversy. Can China really create chips that invade Apple and Amazon?


Bloomberg News

Let's first take a look at what this report says.

In a report by Bloomberg Businessweek, "The Big Hacker: How China Uses Microchips to Infiltrate US Companies," China's special department is manufacturing in China through Supermicro (AMD, a large server manufacturer). The pressure applied to the motherboard made by Supermicro to sneak a so-called chip of the same size as the tip of a sharpened pencil lead, and the chip disguised as a “signal conditioning coupler” enters the Supermicro with the motherboard. The assembled server has escaped numerous security checks and sold nearly 30 US companies and institutions.

The report said that although the chip is very small, it contains a small amount of code, but it has enough storage, network connectivity and computing power to launch hackers, can instruct the server to open external modifications, allowing the server to remotely Receive code instructions from other computers to open backdoors for hacker access.


Generally, the hacking attacks we understand are generally carried out through software vulnerabilities. The way of attacking through hardware as described in this article is very rare. From a technical point of view, such vulnerabilities are almost impossible to detect. According to Bloomberg, the reason why this "spy chip" was discovered was due to an acquisition by Amazon in 2015.

In 2015, Amazon developed its streaming video service with the intention of acquiring a startup called Elemental Technologies. During the pre-acquisition due diligence process, Amazon found some problems and sent several of Elemental's servers to Ontario, Canada for testing by third-party security companies.

In this test, the tester found a microchip of no more than one grain, which was not part of the original design of the motherboard. This situation makes people “chilly”: Elemental's servers can be found in the Defense Department's data center, the CIA's drone operations, and the airborne network of naval warships. Immediately, the discovery was reported to the US intelligence services.

After three years of investigation, the intelligence department found that this was done by the Chinese military, a special department that had never appeared publicly, using Supermicro's foundry in China.

According to reports, according to three Apple insiders, in the summer of 2015, Apple also found malicious chips on Supermicro's server motherboard and terminated its cooperation with Supermicro in 2016.


Supermicro SBI-7128RG-X

Supermicro is a server solution provider founded by Taiwanese Chinese. It is based in San Jose, Calif., with subsidiaries in Taiwan and the Netherlands. Some cloud computing practitioners are looking for Chinese makers. With the rise of cloud computing and the rising demand for servers, Supermicro has risen with its low price advantage, although it has not reached the status of “Microsoft Hardware” described in the article. However, the market share in overseas markets is very high.

Most of the company's main board assembly plants are in China, and subcontractors are also located in China. According to Bloomberg News, the motherboards for these problems are from many subcontractors in China.

Bloomberg Businessweek attempts to portray this discovery as a rare hardware-inspired national hacking war, and even like many American movies, it gives China a mystery: in the text, most of Supermicro's employees in San Jose are In mainland China or Taiwanese, Mandarin is the preferred language, and Chinese characters are also written on the workboard. “We will send Chinese cakes every week. Many regular calls are made twice, only for English employees and once for Mandarin. According to people from both countries, the latter is more efficient. ”

The text is interspersed with a number of "spy chips" schematics, it should be noted that these pictures are art drawings, Bloomberg does not show the real motherboard found problems.



Apple, Amazon's fierce rebuttal statement

The rebuttals of Amazon, Apple, and Supermicro come very quickly.

Both Amazon and Apple said in a statement that the company has never found a malicious chip on the Supermicro server board, and has conducted a rigorous internal investigation in the past few months based on Bloomberg's claims and found no evidence. “We are constantly providing factual feedback and documenting it, almost refusing Bloomberg’s all aspects of Apple’s coverage. & rdquo; Supermicro also said that it was completely unaware of the government investigation.

Declaring an anti-listed company's vague attitude in dealing with public relations events in the past, it gives a rebuttal to many details in the article.

For example, the report said that Apple reported the findings to the FBI, but Apple responded that it had never contacted the FBI or other agencies for such incidents. In addition, the response details include: Siri and Topsy never shared servers; Siri was not deployed on servers that Supermicro sold to us; Topsy recorded data was limited to 2,000 Supermicro servers instead of 7000, and these servers were No malicious chips were found.

Amazon also said:

“At any time, past or present, we have not found any problems with modified hardware or malicious chips in any Elemental or Amazon Supermicro motherboard. We have not conducted any investigations with the government. ”

“This article has a lot of inaccuracies because it’s related to Amazon and it’s hard to calculate. ”

“The article also claimed that after understanding the hardware modifications and malicious chips in the Elemental server, we conducted a full network audit of the SuperMicro motherboard and found a malicious chip in the Beijing data center. This statement is also untrue. ”

On the one hand, there are authoritative commercial media with 2,000 journalists and multi-layer editors for fact verification. On the other hand, there are two large listed companies with trillions of dollars and credibility as key assets. The credibility of both sides has been tested.

It is worth mentioning that Amazon's chief information security officer Steve Schmidt also signed his name in this statement, known technology blogger John Gruber believes that this increases the credibility of the statement: "Amazon has no one to compare Mitter is more familiar with the details of this violation. & rdquo; John Gruber also believes that for Apple's public relations department, they would rather not say anything, and would not choose to lie.



Four major doubts violate engineering knowledge

A chip that is less than the size of a grain, is it possible to open a "stealth door" for a hacker on the server?

Huawei HiSilicon one chip developer told the Chinese maker: "It is possible to achieve, but it is impossible to achieve it." ”

An entrepreneur who has worked for a cloud computing company in the United States for eight years and worked for Amazon also believes that the authenticity of the report is debatable. “It’s written a bit like science fiction. If it is not Bloomberg, this report will not be believed. ”

By communicating with relevant technical personnel, aside from the inaccuracies of the details pointed out by Amazon and Apple in the statement, from the perspective of process and technology, at least four points in the report violate the common sense of the engineering community and cannot be explained.

The first is the discovery of the problem board.

According to reports, the problem chip was discovered by Amazon in the pre-acquisition of the acquisition. The entrepreneurs told the search for Chinese makers that in the eight years of work experience in the United States, they have responded to numerous third-party security as a network and security team leader. Institutional review and FBI's round-trip visits, and in a merger like Amazon's acquisition of Elemental, it's unheard of to check the components on the server board in the process. “Check the motherboard components”, whether it is the workflow or technical implementation is too far-fetched. In the Verge report, legendary hacker George Hotz also believes that detecting hardware attacks is technically difficult to achieve: “Fundamentally, there is no way to check this in software. ”

Second, if the chip is to reach the point of the text, “allowing the attacker to create a stealth gate in any network containing the changed machine” requires a suitable power and logic control unit.In other words, adding a chip on the motherboard is not as simple as attaching it directly. Instead, you need to change the schematic design of the motherboard to change the power supply routing. On the motherboard level board, the simplest circuit design has 4-6 layers. If you want to add a power line, you need to change countless lines. “ The motherboard has been designed, it is difficult to insert a chip without being discovered. & rdquo; The above-mentioned Huawei Haisi people told to find Chinese makers.

Third, take a step back, “even if the entire motherboard circuit team is all bought, it is not easy to achieve an attack. ”First, the system with high security level will be physically isolated from the external network, which means that other computers cannot be controlled by remote control. Second, regardless of Amazon, Apple or the US security department, the operating systems are different, and it is difficult to get through a motherboard. All systems. Third, even if it is a hardware attack, it needs to transmit information at the software level. With Apple and Amazon's security mechanism, it is difficult to let go of the anomaly at the software level.

Finally, as mentioned above, the chip has to achieve the effect of creating a stealth gate for the attacker on the server, requires a suitable power supply and logic control unit, and also has a network transmission function.“It’s not possible to implement these three functions on such a small chip. ” The above entrepreneur said. Huawei HiS chip developer said that because there is no more data in the article, it is difficult to evaluate the required size of the chip, but the existing CPU is larger than described in the article. “Intuitively, I also think that it is difficult to make this thing in the size of rice. ”

At present, this technology industry's "Rashomon" has not yet been determined, and Supermicro's share price has fallen by 41%, the semiconductor sector also led the decline in Hong Kong stocks yesterday, ZTE H shares fell more than 10%, SMIC, Hua Hong Semiconductor has fallen more than 4%.

Lenovo's share price plummeted 21% yesterday, and its market value evaporated by about 15 billion Hong Kong dollars, the biggest drop in a decade. Lenovo announced that computer hardware manufacturer Supermicro is not a Lenovo supplier, and the company as an international company will also take a number of measures in the future to ensure the supply chain is sound. The above-mentioned entrepreneurs believe that Lenovo's acquisition of IBM's personal computer business, sales to the world's forefront. As a typical world-class Chinese brand, and the business is closely connected with the server, the impact of the chain reaction is expected.

Regardless of the truth, the seeds of doubt have been planted. The withdrawal of the technology supply chain from China has been discussed in American social media.

China IT News APP

Download China IT News APP

Please rate this news

The average score will be displayed after you score.

Post comment

Do not see clearly? Click for a new code.

User comments