Reply to post: Re: Cui bono

Decoding the Chinese Super Micro super spy-chip super-scandal: What do we know – and who is telling the truth?

SImon Hobson Silver badge

Re: Cui bono

I really wonder what's to gain from industrial espionage on companies like Amazon or Apple

It's hinted at in the article - its not Apple or AWS they are targeting, but the end users of those systems. Compromising the manufacturing of their systems means you can get compromised machines into places that would otherwise be hard to get compromises into - and thus give you another attack vector into some "quite well defended" territory.

Also, as to the "why not just adapt another chip". Well if the manufacturer sticks a JTAG clip onto the flash ROM to put new firmware into it, your separate chip can sit there all safe and sound - and un-noticed. And don't forget that if true, this was done by people with access to the skills and technology to make it happen - it's not like you or me "hacking" a built board, it's the people who make the boards using a slightly modified design. A chip buried in the layers would be invisible, and if buried underneath an existing chip would even be (more or less) invisible to x-rays.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon


Biting the hand that feeds IT © 1998–2020