<div dir="ltr">1. Everyone has Supermicro stuff somewhere (important note that the attack could have been any brand with majority share so replace with $popularvendor)<div>2. Supermicro makes embedded boards too</div><div>3. It is safe to assume the worst at all times and run a honeypot on vlan1 and limit new outbound connections. This is true of software and hardware.</div></div><br><div class="gmail_quote"><div dir="ltr">On Thu, Oct 4, 2018 at 8:48 AM Douglas Eadline <<a href="mailto:deadline@eadline.org">deadline@eadline.org</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><a href="https://www.bloomberg.com/news/features/2018-10-04/the-big-hack-how-china-used-a-tiny-chip-to-infiltrate-america-s-top-companies" rel="noreferrer" target="_blank">https://www.bloomberg.com/news/features/2018-10-04/the-big-hack-how-china-used-a-tiny-chip-to-infiltrate-america-s-top-companies</a><br>
<br>
(limited free articles)<br>
<br>
First question: So who has Supermicro motherboards?<br>
Second question: Where else are these devices?<br>
Third question: Who else is making/inserting these kind of devices?<br>
<br>
<br>
<br>
-- <br>
Doug<br>
<br>
-- <br>
MailScanner: Clean<br>
<br>
_______________________________________________<br>
Beowulf mailing list, <a href="mailto:Beowulf@beowulf.org" target="_blank">Beowulf@beowulf.org</a> sponsored by Penguin Computing<br>
To change your subscription (digest mode or unsubscribe) visit <a href="http://www.beowulf.org/mailman/listinfo/beowulf" rel="noreferrer" target="_blank">http://www.beowulf.org/mailman/listinfo/beowulf</a><br>
</blockquote></div><br clear="all"><div><br></div>-- <br><div dir="ltr" class="gmail_signature" data-smartmail="gmail_signature"><div dir="ltr">- Andrew "lathama" Latham -</div></div>