Jump to content


Photo

Supermicro Releases Open Letter Following Investigation of Motherboards


4 replies to this topic

#1 Guest_Jim_*

Guest_Jim_*

    ANTITHAT

  • News Editor
  • PipPipPipPipPipPip
  • 9636 posts
  • Gender:Male

Posted 11 December 2018 - 07:54 AM

Back in October Bloomberg released a pair of news articles claiming some motherboards designed by Supermicro but made in China had been compromised with malicious chips that produced backdoors for attack. Today the company has released an open letter to its customers on the results of its investigation that it did with the assistance of a "leading, third-party investigation firm," which is not specified in the letter. A representative sample of motherboards shown in the articles and used by the companies mentioned in the article were examined, along with more recently produced motherboards, and none showed any evidence of any tampering.

Further the letter goes on to share some of the safeguards in place to protect against what the articles claimed, and a video covering these was also shared, and is embedded below. Supermicro states it tests its products at every stage of the process, and each layer of every board is tested. While there are assembly contractors building the boards, there are Supermicro employees onsite for conducting inspections including automated optical, visual, electrical, and functional tests. No single employee, team, or contractor has unrestricted access to complete board designs, and these designs themselves are complex enough to make it very difficult to tamper with, without the aberration being detected, rejecting the board. And finally, the contractors are regularly audited for process, quality, and controls.

In addition to this, it should also be noted that while the Bloomberg article does reference sources, Supermicro unequivocally states it has never been informed of malicious hardware being found on any of its products by governments or customers.

 

 

Source: Supermicro



Back to original news post

#2 wevsspot

wevsspot

    I'm trying to be helpful.... really I am

  • Moderator
  • PipPipPipPipPipPipPipPip
  • 16283 posts
  • Gender:Male
  • Location:USA

Posted 11 December 2018 - 08:13 AM

I'm sure that SM believes the pitch they are selling, but who audits the auditors, qc employees, engineers etc. and how do they prevent the common or uncommon bribery that runs rampant in that economy?


40335406303_9d0700d9e9.jpg

#3 That_Guy

That_Guy

    Member

  • Members
  • PipPip
  • 302 posts
  • Gender:Male
  • Location:Nantucket, MA

Posted 11 December 2018 - 03:12 PM

I'm sure that SM believes the pitch they are selling, but who audits the auditors, qc employees, engineers etc. and how do they prevent the common or uncommon bribery that runs rampant in that economy?

 

That goes for every country in the world tbh. Whatever the case may be, I hope they find the culprits to prevent this from happening in the future or maybe Bloomberg did some bad reporting, because lets face it, today's news outlets do A LOT of that.


There are two kinds of people in this world: those who can extrapolate from an incomplete data...


#4 Guest_Jim_*

Guest_Jim_*

    ANTITHAT

  • News Editor
  • PipPipPipPipPipPip
  • 9636 posts
  • Gender:Male

Posted 12 December 2018 - 06:32 AM

Personally I am trying to view this with good faith for both Supermicro and Bloomberg, because I think it is more unreasonable to think Bloomberg lied or was so elaborately lied to than that they have actual information, and that Supermicro is not lying now that they cannot find any evidence of these claims. Navigating that is not too easy though, as it would require the compromising occurring somewhere else in the supply chain, somewhere outside Supermicro's control and prior to customers receiving the parts.

Of course one or both of them could be lying; I'm not totally accepting them at their word. It is just that I believe most people act in good faith most of the time because that is expected to produce the most desirable result. That's where I start from and I'll listen and see where it goes from there. Besides, if you start expecting them to be lying, how many assumed lies do you allow?


Processor: AMD Ryzen Threadripper 1950X @ 3.8 GHz
Cooling: Corsair H110 AIO
Motherboard: ASUS Zenith Extreme
GPU: AMD RX Vega 64 (Stock @ 0.965 V +50% Power Limit)
Memory: G.Skill TridentZ 4x8 GB (32 GB) @ 3200 MHz 14-14-14-28
PSU: OCZ Fata1ty 750 W
OS: Windows 10 Pro 64-bit

GitHub OCC-OCAT script repository
Regular Saturday game stream at YouTube - GuestJimOCC Live

The Body on Games (YouTube, Release Calendar, Blog, and Patreon)


#5 road-runner

road-runner

    Posting Machine

  • Folding Member
  • 11385 posts
  • Gender:Male
  • Location:Texas

Posted 12 December 2018 - 07:15 AM

Well of course the ones tested or selected to test were ok, I am sure they were pre selected just for the test now its back to business



I7-6900K Asus X99 Deluxe 2 Corsair Vengeance 32Gb Intel 750 400gb  2- 1080ti

 

sigimage.gif




Reply to this topic