The Big Hack:中国通过在主板植入芯片入侵三十余家美国企业

Tips:点击图片进入下一页



http://www.bloomberg.com/news/features/2018-10-04/the-big-hack-how-china-used-a-tiny-chip-to-infiltrate-america-s-top-companies




网友评论:
我不信有这黑科技
伪装成电容?
祖国有这水平,前一段时间中兴还用得着交罚款?
俄罗斯黑客:总算尼玛能放个鸡儿假了!
看样这事美国长干
In a strongly-worded statement, Apple denied Bloomberg Businessweek"s report:
Over the course of the past year, Bloomberg has contacted us multiple times with claims, sometimes vague and sometimes elaborate, of an alleged security incident at Apple. Each time, we have conducted rigorous internal investigations based on their inquiries and each time we have found absolutely no evidence to support any of them. We have repeatedly and consistently offered factual responses, on the record, refuting virtually every aspect of Bloomberg"s story relating to Apple.

On this we can be very clear: Apple has never found malicious chips, "hardware manipulations" or vulnerabilities purposely planted in any server. Apple never had any contact with the FBI or any other agency about such an incident. We are not aware of any investigation by the FBI, nor are our contacts in law enforcement.

In response to Bloomberg"s latest version of the narrative, we present the following facts: Siri and Topsy never shared servers; Siri has never been deployed on servers sold to us by Super Micro; and Topsy data was limited to approximately 2,000 Super Micro servers, not 7,000. None of those servers has ever been found to hold malicious chips.

As a matter of practice, before servers are put into production at Apple they are inspected for security vulnerabilities and we update all firmware and software with the latest protections. We did not uncover any unusual vulnerabilities in the servers we purchased from Super Micro when we updated the firmware and software according to our standard procedures.

We are deeply disappointed that in their dealings with us, Bloomberg"s reporters have not been open to the possibility that they or their sources might be wrong or misinformed. Our best guess is that they are confusing their story with a previously-reported 2016 incident in which we discovered an infected driver on a single Super Micro server in one of our labs. That one-time event was determined to be accidental and not a targeted attack against Apple.

While there has been no claim that customer data was involved, we take these allegations seriously and we want users to know that we do everything possible to safeguard the personal information they entrust to us. We also want them to know that what Bloomberg is reporting about Apple is inaccurate.

Apple has always believed in being transparent about the ways we handle and protect data. If there were ever such an event as Bloomberg News has claimed, we would be forthcoming about it and we would work closely with law enforcement. Apple engineers conduct regular and rigorous security screenings to ensure that our systems are safe. We know that security is an endless race and that"s why we constantly fortify our systems against increasingly sophisticated hackers and cybercriminals who want to steal our data.

苹果否认了。
路边社
至少亚马逊,超微和苹果都否认了
FKNS


反正原理上没问题,一切以川皇推特为准

顺便,记者写新闻的能力不说,LZ编新闻的能力不错嘛。

Gray or off-white in color, they looked more like signal conditioning couplers, another common motherboard component, than microchips, and so they were unlikely to be detectable without specialized equipment.

又懂电容了?
以及,他的配图是巴伦,图文无关。


洋人修个煞有介事的图,就能让民众觉得这事是真的。可见提高审美水平的重要性。
这是说在美帝人民心中邪恶的大红龙地位终于超过邪恶的毛熊了吗……

不是应该查超微通共?自己设计的主板上多了一个不知用途的元器件居然这么久没发现,一定是有问题。
别闹,我国没这技术,有的话早上厉害了我的国了
有这水平,中兴还怕个鸡吧

发自我的iPad via Saralin 2.1.1
来自: iPhone客户端
前有俄罗斯黑客,今有中国组装厂。真的是多难兴邦啊!KAG!!
微星华硕什么的不都是WW的,难道WW早就通共了?
中国有怎么牛的芯片技术,有个傻逼企业何苦被人驻扎了美方军代表

2020提前了
哈哈哈哈哈哈哈fuck off

  -
为了安装脑控芯片

  -
当年NSA干这个事情是有人证的…
说你不能造芯片就是不能造,说你能造超牛逼芯片就突然能造了~
别问为什么,问了就是KAG!
中国的技术水平根据maga需要上下波动。

—— 来自 HUAWEI LON-AL00, Android 8.0.0上的 v2.0.3
中国真有这么牛的技术就好了
这bloomberg编的什么Jb新闻
前后逻辑也不检查下
里面是啥自己拆开看下不就知道了……
大概是NSA造的芯片然后在上面刻上made in China吧

—— 来自 Meizu 16th, Android 8.1.0上的 v2.0.3
而且你加个芯片,是不是还得改动电路。不然和放一粒米上去有啥区别?
这么多功能集成在这么小一块芯片,土狗掌握啥天顶星科技了?

中国威胁论嘛,懂行的人自然不信,但是耐不住大多数人会也愿意相信tg这个天顶星技术

—— 来自 Meizu 16th, Android 8.1.0上的 v2.0.3
天顶星科技加超小尺寸,所以现在制程是tg世界第一对吧
只偷刀片服务器吗?真要是有这种超级集成能力就好了~ 现在黑中国真是没理由也要造理由啊
有这本事还会被三星狠宰?

----发送自 App for Android.
中国黑科技,X光照一下看看里面是什么
最后发现是fbi的芯片?
太弱智了,为什么不做个原子弹进去。
智障报道,中国要真这么牛,中兴还能来个美国政委?
不得不说,这个fake news 做的很好

  -
早上刚上班的时候听到老板在讨论这个事情。我一脸懵逼去查新闻,但显然他们已经信了啊。这就叫宣传。

  -
微博上有人找到了,7毛钱一个


我也是第一次看到有六个针脚的贴片电容
那也是相当牛逼了

—— 来自 ZUK Z2121, Android 8.0.0上的 v2.0.3
中国芯片技术要这么牛逼早就把一票芯片厂都挤死了好么
这文章作者是看着美国队长2写的吧
这文章作者是看着美国队长2写的吧
看了下Reddit评论
TG一边落后到所有的科技都是偷美帝的,另一边能发展出这种超级间谍芯片
The Verge这则新闻下的评论:拳打Intel,脚踩AMD

So if this is true…
The Chinese can make a microchip that’s the size of a singe grain of rice, that can siphon data from the hardware level, through the Hypervisor kernel, the guest OS, and all the way from a hosted app – and then bring it all back down and send it somehow across the network without being detected by firewalls, WAF’s, DLP’s or any other network security monitoring system…
All that while not drawing enough power / generating enough heat to require cooling.
This also means it’s ability for data processing per die size is orders of magnitude greater then today’s top of the line Intel/AMD server grade processors….

See where I’m going with this?
“该死,为什么大家都不信!”
一个电容,焊在电容专用电路里,能干好电容本职工作不被发现的同时,还能收集数据(应该能筛选关键词吧,不然瞎收一气有什么用),最IMBA的是它一个电容焊在电容电路上它居然还能联网往外发数据!

这还是中国科技?这是天顶星科技吧
这他妈是开作弊码搞出来的科技吗?蒸汽时代有这玩意?
彭博的大概最近看谍战片看多了?

谍战片也没这么写的,应该是白日梦做多了

这是贴片磁珠吧
这记者绝对没学过模电和数电,MDZZ
更神奇的是在这个比米粒还小的芯片上,又被NSA加装了一个伪装成油墨的,比针尖还小的芯片,用来秘密控制前一个芯片!
更加更加神奇的是在这个比米粒还小的芯片上那比针尖还小的芯片上,又被俄罗斯人加装了一个伪装成尘埃的,比细菌还小的生化芯片,不但可以秘密控制前面两个芯片,还能吸走人的灵魂!
这新闻也太智障了
为了建立仇华情绪已经不择手段了么

—— 来自 OnePlus ONEPLUS A6003, Android 9上的 v2.0.3-play

其实再狗屁不通大部分人也会信的,这就叫掌握舆论阵地
这智障fake news把我看乐了,MAGA!

  -

入籍还是绿卡?可以考虑后路了吧

@pcknow

薛定谔的制造能力

----发送自 App for Android.

谁叫美国人信这套啊
让你们再笑抗战神剧

----发送自 App for Android.
以前在正负无穷之间波动的一直是中国军力
现在终于到了芯片吗
爬墙四处瞄了一下,感觉大部分老外还是很吃这一套的,毕竟有NSA珠玉在前,开后门这种事在他们眼里再正常不过,何况是来自一个“邪恶的共 产 国家”。
不要问,问就是KAG!
电容就两个针脚,干个姬儿的网络入侵
用模拟信号入侵吗

只需要n米之外的一张嘴就够了。
中国在芯片上有这技术的话 随时被按死的是美国了吧 首先这news就发都发不出来了 无论fake不fake

彭博社发出来的图上有6个针脚……
舆论就是这样的,全世界韭菜都一个样



因为这就不是个电容
回他们一句:中国这个技术其实是照抄美国的 而且我们的都是劣质型号 能被一般人发现 据我们所知这个技术的完全体大家根本发现不了

其实原文说的好像不是电容,我给翻错了


你说它能偷电+收集少量数据储存可能还有一丢丢可信度,它还能可靠地无线传输?
够拿几个诺贝尔物理学奖了
美国国家广播电台竟然在reddit开了个AMA,结合一个月来各种歪曲事实宣传迫害异见者和宗教,这波造势显然有长期准备

没说可以无线传输啊
一个巴伦,除了干好本职工作外还能收集数据向外发送,这是一个什么样的巴伦?这是个天顶星巴伦啊
http://www.reuters.com/article/ ... ttack-idUSKCN1ME19J
苹果和亚马逊否认了

看了下原文的机器翻译 好像就说开了后门没说能收集数据向外发送啊
Since the implants were small, the amount of code they contained was small as well. But they were capable of doing two very important things: telling the device to communicate with one of several anonymous computers elsewhere on the internet that were loaded with more complex code; and preparing the device’s operating system to accept this new code.

— from Sony G8342, Android 8.0.0 of Next Goose v2.0.3-play

看了下原文,明确说了有联网的能力还能修改系统核心

也就是说不但能窃听还能直接控制,我原来以为只能窃听,我太小看天顶星人了


原文说能和外界通讯,获取下一步指令。

收集数据向外发送 和 能和外界通讯 差了远了吧  能和外界通讯只要留个中断接口就行

看了一下,是说一个有微量储存能力,联网功能,足够的处理能力把间谍代码写进主板的芯片

1. Supermicro该型主板的设计者和质检全员送FBI吧,必然有大批共谍
和/或
2. 即使不能起到正常的零件作用,它功能还是过于丰富了

A Chinese military unit designed and manufactured microchips as small as a sharpened pencil tip. Some of the chips were built to look like signal conditioning couplers, and they incorporated memory, networking capability, and sufficient processing power for an attack.

如果是真的而且走的有线网络,这东西的异常流量应该一开始就被网络管理人员发现了,起不到什么有效监听作用,还是很奇怪

能通讯说明有数据交换,就有向外发送和接受数据啊。

原文说苹果就是靠网络异常活动发现的:

如果这玩意要有能力从网线输入接收指令,那么它要么有针脚接到网卡输入,要么有针脚接到网卡输出。
接到输入不可能,这么小的芯片做不了高速数据接口。接到输出同样不可能,因为能读的前提是网卡输出经过了串转并变成低速信号,那就会有几十个针脚;而这东西只有6针脚,去掉电源地最多只有2个可用于数据输入(还有两个2输出),读不出什么有效的数据。

数据是收发不可能经过这个东西的,这么小根本不可能有这种数据处理能力。唯一的可能是篡改网卡的控制信号,让网卡接收原本应该拒绝的数据。但我想不出这个东西要怎么接收来自网络的远程指令。


向外发送数据是单向的,能和外界通讯接收指令是双向的,比前者牛X多了
私下里偷偷研发了这样的技术,tg背后就是celestial being?

—— 来自 Xiaomi Redmi Note 4X, Android 7.0上的 v2.0.3

往ipmi bmc里面送个程序,用主板的功能不是美滋滋。