Comments on Chinese spy chips: So many people are arguing it's nonsense because a chip that small couldn't have enough memory, enough logic or network capacity. Although it's not what it is said, it is said it could, under some circumstance, add or manipulate code transiting to the CPU so the "computer" (not the chip) would connect an outside computer exposing data which could be manipulated.




Comments on Chinese spy chips: So many people are arguing it's nonsense because a chip that small couldn't have enough memory, enough logic or network capacity. Although it's not what it is said, it is said it could, under some circumstance, add or manipulate code transiting to the CPU so the "computer" (not the chip) would connect an outside computer exposing data which could be manipulated.


If there is a firewall blocking outgoing connection for one of those server, fine the next one will do perhaps. But firewall are often configured to block inbound traffic and let outbound free, hence it's possible for someone to use something like SSH tunneling from computer A inside the firewall to connect to an outside computer B and then it's possible to use that connection to "climb back" to A from B  (just a simple example, it doesn't need to be SSH, it's just very convenient for that). But, in normal case (I hope), enterprise setup aren't supposed to allow such "funny tricks" with more advanced filters on different layers.

Here I'm NOT saying it's TRUE or NOT. I don't really have position about that, but there are few things to consider before one decide to call BS on this.

First, the information we have about that are somewhat limited, it doesn't seem possible at first sight, but that's not enough IMHO.

Also, this article has a considerable effect on diplomacy between China and all other countries relating on China for tech hardware. Any respectable news company would be very careful before releasing such article (bomb) or it would be very harmful for them. Bloomberg isn't what I call gossip newspaper and I trust they verified many times the information and have proper backups.

One last thing, US and China aren't what we can call, "Political allies". It's closer to "political enemies" than anything else. Yet, US let them taking care of their most critical internal infrastructure. Knowing that, would you be surprised China do something like that? Not me to be honest.

Now, Apple and Amazon refuting doesn't really surprises me either. It's not like if they are going to say "btw, we messed up and your most valuable data are gone in China, oh! an here is your monthly bill of 2<put some 0 here>$". At the end, most certainly, someone will have to take responsibilities for that, false or true.

I honestly don't know what to think, it's so big that somehow I refuse to believe that and at the same time consequences are so big I can't believe Bloomberg would release such "false" news. Anyway, we'll see soon enough I guess.

Comments