Will our tech even work if ever we have a confrontation?

[Richard]

Stock or securities manipulation is the major issue that the authorities are concerned about and most would rightly agree with that position. However, there are other possible issues. Perhaps the placement of a major order and the need to get a ‘very good deal’, an alternative supplier who is itching to break into the market, so on and so forth. None of those are directly or indirectly in the securities fraud business, though a sales person might get a useful bonus. Perhaps it was aimed at darkening Bloomberg’s halo, or perhaps they were just collateral in the way. What is has done is darken the image of using China for anything much of anything and mud sticks as we all demonstrate in our own lives to greater or lesser extents, no smoke without fire and all that.

As for news organisations being careful ‘managers of news’ more like manipulators of information. This is frankly old news. Go buy me a war was the Randolph Hurst tag line before WWII and we have all seen many such stories bending to the whims or dictates of the owner or sponsor. I have in the past run news centres so I was able to see both the events being reported and the reports being filed. While some stories were pure fiction others were so slanted that a 3 year old child could have been made to appear as a machine gunning mass murderer more easily than you would believe the bilge-water some fiction writers, sorry reporters concocted. Some wrote ‘first hand reports’ without ever going near the events in question.

The one constant in this is that one person has been itching to make a solid case for not using China for technology manufacturing, though I have some concerns that even his twisted mind would have held off from getting his hands into a sticky mess like this. Would some of his bigot friends be so scrupulous? Read up on the Hurst empire and wonder.

[The Duke]

Not quite media related but in the said vien, confessions of an economic hitman by John perkins, is probably the one book that made me see the world differnt after reading it.

I’d do a short review, but Googl’n it would save me time and save you dysphering my short hand! Fantastic and eye opening.

[Ed P]

Bloomberg have come up with a different example in a Telco, but no detail and nothing to verify their report.

However, this US Government report on US DOD vulnerabilities is perhaps more relevant to the original post. If the US have these problems we have got them in spades given our Government’s outstanding ability to oversee IT projects and manage avionics!

[Ed P]

More analysis of Bloomberg’s article is given here by Ars.

Summaring this interesting article, I gain the impression, that although the ‘Bloomberg Method’ could be used, it would be much easier just to use the same approach that the NSA used to attack Cisco equipment (i.e substitute a subverted board in the supply chain.).

The article also says that while firmware attacks on the BMC would be both possible and undetectable, why bother when the Supermicro software is so buggy and itself prone to subversion (inadequate update controls – no signature signing of updates etc)

[Wheels-Of-Fire]

Well I did say I thought we could ignore Bloomberg on this one. Attacks on the BMC firmware, either in the supply chain or later by exploiting SuperMicro’s lax signing policy, are much more likely than a hardware mod.

[Ed P]

Who needs the Chinese to make our hardware super vulnerable, the West is quite capable of doing it on its own.

This Ars Report is headlined “Supermicro hardware weaknesses let researchers backdoor an IBM cloud server” , but if you read the detail it could all come down to sloppy policies and procedures. i.e. bad management control and bad QC — the bane of the West and the UK in particular.

[Author]

Posts