The Big Hack: How China Used a Tiny Chip to Infiltrate U.S. Companies


#61

Thank you!


#62

Here’s a conundrum for you. How do you ensure software integrity unless you wrote the compiler yourself, and maybe also the assembler to assemble the compiler? I remember an article discussing that problem many years ago ?in the Bell Labs journal?.

@Earl_Boebert1 have you thoughts on this?


#63

Wasn’t it ECOs that walked in the door?


#64

Tom Clancy wrote a book about a rogue foreign pilot using a jumbo jet as a missile to attack America. It wasn’t long before terrorists took that idea and attacked America for real. That was almost 20 years and $20 Trillion dollars ago.

It’s obvious, that everything these days has a computer in it, and more and more are interconnected to the “internet of things.”

What if the Bloomberg article is accurate, but the Government, Apple, Amazon, and Super Micro are lying to us? Why would they lie? Maybe to prevent panic, technical collapse, economic collapse, social upheaval, or to prevent war. They lie to us all the time. Why wouldn’t they lie about this?


#65

Supermicro shareholders will be suing Bloomberg as its halved the share price


#66

Looks like Google manage to get in hot water without “help” from China:


Or was it a Chinese chip involved here too??


#67

Assuming computer security is similar to vessel security 100% secure is not obtainable. The experts in security talk about hardening rather then absolute denial of access. Computer security seems like a spy vs spy, moves and countermoves.


#68

This was the first thought that came to mind while reading that article. After all the number one job of these mega-corporations is to make money for their stockholders and seeing how their stock could take a nose dive when news like this hits, they have a whole bunch of reasons to, well if not outright lie then bend the truth a little bit.


#69

That’s the Ken Thompson Turing Award Lecture. A good overview of it and countermeasures against it here.

Cheers,

Earl


#70

That would be a very dangerous thing for a publicly traded company to do.

Cheers,

Earl


#71

Maybe do like Google. Not telling isn’t lying??


#72

What if the Government ordered Apple, Amazon,and Supermicro to lie for the sake of “national security”?

This will be litigated. The truth will eventually come out. People are examining supermicro server boards right now.


#73

I haven’t finished reading the comments, but my immediate question is why should two different compilers produce the same binary? Don’t they mostly all optimize to some extent?

There is of course always Mel’s method.** :wink:

**Do timing by locating instructions on the drum at fast or slow locations relative to the current instruction; use instructions as constants; employ counter overflow as a loop termination device…simple, obvious stuff like that.


#74

The assumption is that they both use the same optimization algorithms. Otherwise the process fails. (As I understand it).

Cheers,

Earl


#75

He specifically stated in the article that it’s ok if one one of the compilers produces horribly slow code – but I guess that was a slip of the keyboard. I should probably read the paper. :slight_smile:


#76

Very likely unconstitutional as an instance of compelled speech.

But as you say, this will all come out in the litigation wash.

Cheers,

Earl


#77

They have to give all those folk something to do. When the gyro failed on an AHTS 6 on 6 off it was no fun for anyone and not a lot of anything else got done.
I am surprised the US Navy went back to lights and flags so recently. I am pretty sure that ours never dropped this method of signalling because of the reasons you point out. Semaphore is still used as well .
As someone said once a rumour or gossip can move around a fleet so fast it would make a native put away his tomtoms in embarrassment.


#78

Maybe “Ordered” was too Mandatory, what I meant was:

“do the patriotic thing we tell you to, for national security and the good of the country, and we’ll protect you, if you do anything else, the full weight of the Government is apt to fall upon you.”


#79

Bloomberg doubles down:

Ars Technica

This is turning into quite the circus.

Cheers,

Earl


#80

Possibly. But Apple in particular has not shown a lot of desire to cooperate with the Govt.

Cheers,

Earl