The Long Hack: How China Exploited a U.S. Tech Supplier
Former officials say both hardware and firmware were tampered with.
www.bloomberg.com
C'mon - there was an animated GIF and everything! Bill Gates isn't just injecting microchips in to everyone at the behest of pizza-eating Illuminati - he's injecting miniature chinese spies as well! :flail:With no corroborated proof
I don't think anyone here will deny that such a thing is impossible - far from it, as you say it's relatively easy to conceal a fair amount of 'ware in to a relatively tiny area. Supply chain attacks are hard, but certainly not impossible as we've been seeing more and more.This is not as hard to pull off as people think.
I guess this is an ongoing investigation or the US is already engaged in equally dirty counter-measures, so they cannot officially disclose what they know. I wouldn't be surprised if the NSA learned a trick or two and is actively using it against other counties.I don't think anyone here will deny that such a thing is impossible - far from it, as you say it's relatively easy to conceal a fair amount of 'ware in to a relatively tiny area. Supply chain attacks are hard, but certainly not impossible as we've been seeing more and more.
But the refutations from people using this hardware who've been able to find anything of the sort themselves. Sure, absence of evidence isn't evidence of absence, but I've still yet to see any evidence at all from the Bloomberg sources so to my mind they're firmly in the scaremongering end of the paranoia spectrum at the moment.
There's far easier ways to compromise the security on the BMCs and backdoors in the software itself would be an ideal place to start.