back to article The BMC in OpenBMC stands for 'Burglarize My Computer' – thanks to irritating security flaw

An oversight in the firmware for various baseband management controllers (BMCs) can be exploited by miscreants to bury spyware deep inside a server, potentially poisoning it for the next owner. Malware successfully abusing this security blunder can remain invisible to hypervisor, operating system, and antivirus software, can …

  1. _LC_
    Stop

    Could we do without the trumpets, please?

    "In most cases, the vulnerability is not a huge risk, as it requires privileged superuser access to exploit, and if a bad person has root on your server, it's pretty much game over anyway."

    Indeed. In the future, could we do it a little less alarming when it comes issues like that?

    1. Dabbb

      Re: Could we do without the trumpets, please?

      BMC can have access to network ports and pretty much control everything on the server. Root or not the fact that Aspeed is a Chinese company now should be enough to start worrying.

    2. Anonymous Coward
      Anonymous Coward

      Re: Could we do without the trumpets, please?

      Still, it could be a great way to stay stealthy, survive warm reboots and even OS patches, restores, and reinstalls. And maybe put your nose in what an hypervisor runs, steal passwords when remote consoles are used, etc. etc.

  2. JulieM Silver badge
    Headmaster

    "Burglarise" ?

    "Burglar" is an agent noun. The verb is "burgle".

    1. _LC_
      Holmes

      Re: "Burglarise" ?

      From: https://grammarist.com/usage/burgle-burglarize/

      "In American English, the verb burgle, meaning to rob, is regarded as a humorous backformation from burglar, and burglarize is the preferred term in serious contexts.

      In British English, it’s the other way around. Burgle is a legitimate verb, used even in sober news reports, and burglarize (or burglarise, as it would probably be spelled if it were an accepted word in British English) is virtually nonexistent in serious contexts. Some Britons view burglarize as an American barbarism.

      Irish, Australian, New Zealand, and South African writers tend to go along with British writers on this. Canadians prefer burglarize."

      From: https://en.oxforddictionaries.com/definition/burglarize

      "Definition of burglarize in English:

      burglarize

      (British burglarise)

      verb

      Enter (a building) illegally with intent to commit a crime, especially theft; burgle.

      ‘our summer house has been burglarized’"

      Personally, I've never heard of 'burgle', but I've heard 'burglarize' before. Then again, I'm not a native English speaker. I was surprised about what the Americans thought a 'fanny' was. I probably have it all mixed up. ;-)

      1. Anonymous Coward
        Anonymous Coward

        Silly burglarizers

        Perhaps, but I do wish El Reg would stop borrowerizing those goofy Americanisms!

        1. Anonymous Coward
          Paris Hilton

          Re: Silly burglarizers

          "but I do wish El Reg would stop borrowerizing those goofy Americanisms"

          "By Shaun Nichols in San Francisco"

          I note you called the Register El Reg ...

          1. John Brown (no body) Silver badge

            Re: Silly burglarizers

            "I note you called the Register El Reg ..."

            Yeah, one of neighbouring countries speaks Spanish where they even named the country after the language, Spain, so as not to confuse it with Mexico where they also speak a sort of Spanish. It was also the home of the Reg SPB and the late lamented Lester Haines.

        2. Anonymous Coward
          Anonymous Coward

          Re: Silly burglarizers

          Actually, burgle is a ripoff of the American word burglarize, so it's a Red Coated word... yeah, it happens both ways. The word in general is a ripoff of larceny+burrough... (which is still larceny, so leave it to the general English speaking people to reinvent the wheel and/or to greatly misinterpret another's native language).

          1. Anonymous Coward
            Alien

            Re: Silly burglarizers

            Does a bugler buglarize a bugle in the US or simply play it?

      2. Doctor Syntax Silver badge

        Re: "Burglarise" ?

        "In American English, the verb burgle, meaning to rob, is regarded as a humorous backformation from burglar, and burglarize is the preferred term in serious contexts."

        I've always assumed it was coined by a US lawyer who was on piece work rates and it allowed him to charge for four extra letters every time he used the word.

        1. Anonymous Coward
          Anonymous Coward

          Re: "Burglarise" ?

          Sounds about right really. Probably explains where "burglariously" came from. Overheard from one lawyer to another: "I burglariously used burglariousness to further my cut!"

          1. whileI'mhere

            Re: "Burglarise" ?

            So if you were burglarised it was presumably done by burglarizers, who later burglarisered your house because they were burglariserisers?

            (Burglers burgle and burglarisers burglarise. Buglers play for the Buggles.)

  3. phuzz Silver badge

    Supermicro

    This is why I never really bought the allegations about 'someone' putting secret chips into Supermicro servers. Why bother going to all that trouble when there's already a BMC/IPMI/iLO chip on-board almost every server that can basically pwn the entire rest of the system. Surely finding vulnerabilities in an existing chip is easier than developing your own.

    (of course, you still have the same problem hiding your command and control communications)

  4. Missing Semicolon Silver badge
    Mushroom

    WT actual living F?

    These devices have an uncontrolled, always-on way for the host machine to access and modify the BMC firmware and memory for development purposes. And it's on in production?

    And the board with the chips on has no jumper/DIP switch to enable/disable the access?

    Are these guys just lazy, or is the cost of 2 pins and a jumper just too much.

    Once again somebody elses' convenience and profit socialises all of our security costs.

    Bah!

    1. Dabbb

      Re: WT actual living F?

      Always on by design because it's a server that can be installed somewhere on the other side of the planet and in most cases BMC is the only way to power/configure/install/troubleshoot OS on that server.

      If that in your mind was done out of convenience or profit, I'd like to hear your solution for remote management of hardware without or with broken OS.

      1. Missing Semicolon Silver badge

        Re: WT actual living F?

        The management of the PC by the BMC - that's fine, that's what the BMC is for,

        But here, we have the management (firmware alteration) of the BMC by the OS on the PC. That should not be possible.

  5. mutin

    old news sometimes not a bad news

    BMC actually is not "baseband management controller" but Baseboard Management Controller. And alterations of management system in BMC flash memory have long and great story. You guys can take a look back in 2008 when Russian guy found hidden hypervisor in Intel motherboards. If you do not read Russian see the site www.rubos.com for both Russian and English. The people who think it is minor stuff can possibly change the mindset. See also articles on malicious hypervisors there. Have a fun!

    Another inconsistence in this article that to change management software one needs root access. Actually not. Root is about "ring-0" level. And root belongs to the OS. System management software is ring -2 and that is two levels down from root. It is really funny that people do not know that such embedded software CANNOT be identified from OS level using any currently available security means. Sorry, it is ring -2.

    1. Fruit and Nutcase Silver badge
      Joke

      Re: old news sometimes not a bad news

      Very old news...

      British Motor Corporation

      Burglarize My Car

  6. JSIM

    You think Burglarise is bad? How about

    "architectured"?

    More lousy writing. "Architecture" is

    not a verb.

    1. John Brown (no body) Silver badge

      "Architecture" is not a verb.

      It is if you verb it.

      I was going to say "verbalise it", but that's a real word too.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like