https://www.golem.de/news/supermicro-diskussion-um-ueberwachungschips-1810-136965.html
https://www.heise.de/security/meldung/Bericht-Winzige-Chips-spionierten-in-Cloud-Servern-von-Apple-und-Amazon-4181461.html
Now a day backdors are already on the silicon level (inside chips). They
are declared as debugging interfaces..
It looks like at least the reengineering of the frimware an it is
analyzing of the code could increase security wholes
https://resources.infosecinstitute.com/reversing-firmware-part-1/#gref
I am curious if someone on this list had tried to do it and had achieved
helpfull results..
On 15.06.19 17:11, Stuart Henderson wrote:
On 2019-06-15, ms <m...@it-infrastrukturen.org> wrote:
There were some serious security issues with hardware and software from
Supermicro (espionage chips, firmware)
Assuming you mean the allegations in that Bloomberg piece, there was no
evidence found supporting them.
https://hackaday.com/2019/05/14/what-happened-with-supermicro/ etc
There are the usual problems with BMC security, cpu bugs, etc, but those
are by no means unique to supermicro.
