I’ve actually read this from several fairly good sources.
And this rings true:
“Three security experts who have analyzed foreign hardware implants for the U.S. Department of Defense confirmed that the way Sepio’s software detected the implant is sound. One of the few ways to identify suspicious hardware is by looking at the lowest levels of network traffic. Those include not only normal network transmissions, but also analog signals — such as power consumption — that can indicate the presence of a covert piece of hardware.
In the case of the telecommunications company, Sepio’s technology detected that the tampered Supermicro server actually appeared on the network as two devices in one. The legitimate server was communicating one way, and the implant another, but all the traffic appeared to be coming from the same trusted server, which allowed it to pass through security filters.
Appleboum said one key sign of the implant is that the manipulated Ethernet connector has metal sides instead of the usual plastic ones. The metal is necessary to diffuse heat from the chip hidden inside, which acts like a mini computer. “The module looks really innocent, high quality and ‘original’ but it was added as part of a supply chain attack,” he said.”
But my core beef about this article is that even if chip implants can be done, it has been debunked in regards to Apple and to a lesser extent with Amazon. If a chip implant has infiltrated Apple, where is the proof? All graphics are misleading, some articles show minor electronics components such as off-the-shelf couplers, or CGI diagrams - no actual pictures.
But, Laz, Appleboum found ONLY ONE out of supposedly thousands of scanned servers, according to his own account. That makes zero sense. There is no assurance that any one compromised Supermicro motherboard is going to wind up in a critical location to be able to glean and then transmit useful intelligence. This makes ZERO sense as an intelligence exploit.
I suggested monitoring power consumption as a way of monitoring for such things. . . but you also have to look at the source. Appleboum's company, a startup, is being pushed by Bloomberg, which is known for publishing FAKE NEWS about other companies and stocks they are interested in manipulating. The sole named source for ALL of this is Sepio and Appleboum with the rest being anonymous and all others are denying it ever happened.
IS it theoretically possible? Yes, of course. . . but even the expert source techs that Bloomberg used in the articles are crying FOUL saying they were misquoted with the articles citing them out-of-context as stating it WAS being done when they were talking hypotheticals. . . and NOT quoting them when they told the authors that doing what was being described "just doesn't make any sense" because there were easier, cheaper, and far less obvious ways to do it using the existing hardware on the boards.