Jump to content
Guest_Jim_*

Supermicro Releases Open Letter Following Investigation of Motherboards

Recommended Posts

Back in October Bloomberg released a pair of news articles claiming some motherboards designed by Supermicro but made in China had been compromised with malicious chips that produced backdoors for attack. Today the company has released an open letter to its customers on the results of its investigation that it did with the assistance of a "leading, third-party investigation firm," which is not specified in the letter. A representative sample of motherboards shown in the articles and used by the companies mentioned in the article were examined, along with more recently produced motherboards, and none showed any evidence of any tampering.

Further the letter goes on to share some of the safeguards in place to protect against what the articles claimed, and a video covering these was also shared, and is embedded below. Supermicro states it tests its products at every stage of the process, and each layer of every board is tested. While there are assembly contractors building the boards, there are Supermicro employees onsite for conducting inspections including automated optical, visual, electrical, and functional tests. No single employee, team, or contractor has unrestricted access to complete board designs, and these designs themselves are complex enough to make it very difficult to tamper with, without the aberration being detected, rejecting the board. And finally, the contractors are regularly audited for process, quality, and controls.

In addition to this, it should also be noted that while the Bloomberg article does reference sources, Supermicro unequivocally states it has never been informed of malicious hardware being found on any of its products by governments or customers.

 

 

Source: Supermicro



Back to original news post

Share this post


Link to post
Share on other sites

I'm sure that SM believes the pitch they are selling, but who audits the auditors, qc employees, engineers etc. and how do they prevent the common or uncommon bribery that runs rampant in that economy?

Share this post


Link to post
Share on other sites

I'm sure that SM believes the pitch they are selling, but who audits the auditors, qc employees, engineers etc. and how do they prevent the common or uncommon bribery that runs rampant in that economy?

 

That goes for every country in the world tbh. Whatever the case may be, I hope they find the culprits to prevent this from happening in the future or maybe Bloomberg did some bad reporting, because lets face it, today's news outlets do A LOT of that.

Share this post


Link to post
Share on other sites

Personally I am trying to view this with good faith for both Supermicro and Bloomberg, because I think it is more unreasonable to think Bloomberg lied or was so elaborately lied to than that they have actual information, and that Supermicro is not lying now that they cannot find any evidence of these claims. Navigating that is not too easy though, as it would require the compromising occurring somewhere else in the supply chain, somewhere outside Supermicro's control and prior to customers receiving the parts.

Of course one or both of them could be lying; I'm not totally accepting them at their word. It is just that I believe most people act in good faith most of the time because that is expected to produce the most desirable result. That's where I start from and I'll listen and see where it goes from there. Besides, if you start expecting them to be lying, how many assumed lies do you allow?

Share this post


Link to post
Share on other sites

×