Our company started emergency inspection to pull off each and every supermicro servers.
We have 127 and 40 of them are supermicro servers.
The company will set emergency budget tomorrow to do anything to secure HPE and Dell's server stocks.
We've been notified there are AMD EPYC stocks left, and Intel servers needs to wait 1~2 months.
We are waiting for the decision.
Servers hacked by chinese VS AMD servers that can't stably run RHEL
The big match starts and IT is fucked. shit.
Is Epyc actually having problems with RHEL? I've been out of the loop.
We tested two epyc machines and considered them unstable.
Kernel is getting epyc related patches literally every week and RHEL has 3.10 (although it is a frankenkernel)
IT'S REAL
lol amazon?
was is probably 80-20 on quanta-supermicro
>AMD servers that can't stably run RHEL
cringe intel shill post
Can you post your company's stock symbol?
go dell if you're buying new. great support and you won't have to deal with the potential idrac vulnerabilities.
good luck on your migrations bro.
>hardware that was released in 2017 can't run stable on a kernel that was released in 2012
Erm... Just because the Chinese bought the rights to manufacture their own EPYC CPUs in whole from AMD doesn't necessarily mean that they are able to hack into the American counterparts.
We can't choose in this situation.
Generally server vendors doesn't keep stocks so we are just looking for vendors that *have* them now.
Look up on kernel patches for epyc faggot. We need to run kernel that (probably) isn't patched.
go get a job
We are not blaming AMD for security. read the fucking post.
>"Intel motherboardes have hardware implants in them"
>"fugg :DDD whad do???"
>"buy more Intel servers that have 28+ hardware security vulnerabilities in the processor itself :DDD"
>AMZ 80-20 on quanta-supermicro
srsly? ouch.
gonna be a shitload of dirtcheep SM in ebay shortly
>pull servers because of chink spy chip
>doesn't realize the litography masks are patched by about 5 different agencies before fabrication
Jesus, why are business people so fucking retarded?
good thing our my wagecucks datacenter is such a lenovo and dell shills
>everyone dumping their supermicro intel boards
>they buy Epyc instead
Intel is literally getting BTFO every day
>gonna be a shitload of dirtcheep SM in ebay shortly
That's what I was thinking.
Buy hygon dhyana CPUs from China.
But why would you want them?
Dunno, why buy chinese technologies when United States have lots of factories with safe, 100% tested chips? with the chip Chinese people are stealing your panties because companies still obsessed with Asia
pulled parts gets sanitized, crushed, then gets taken away by an e-waste truck
>mfw chinese
>coworkers were a little quiet today
>the pull request is probably approved already
>mfw chinese
From China, or from Chinatown SF?
CGAF what the Chinks think of my warez collection tbqh, they're still nice HW. Besides, what else you recommend, landfill? For non-sensitive applications, its (suddenly..) a buyers market.
>e-waste truck
..like I said, cheep ebay, coming right up ;)
LARP
literally epyc with a chink sticker
>>mfw chinese
guess whos next up for the crusher
post feet
Supermicro made a lot of AMD boards too. This is absolutely disastrous for the entire industry.
This is lead up to war levels of bad.
>with safe, 100% tested chips?
You mean 100% safe with NSA spy hardware installed by the manufacturer.
>But why would you want them?
If you read the article, it sounds like this exploit most likely very limited as far as which hardware has it.
There is going to be a LOT of hardware thrown away in panic that isn't compromised at all.
>Besides, what else you recommend,
Single CPU
>Gigabyte
>ASrock
>Asus
Dual
>Asus
>Gigabyte
Maybe get in touch with their business to business to see what they can do for you if you need more than that.
Just your run of the mill BMC vulnerability from the looks of it
>There is going to be a LOT of hardware thrown away in panic that isn't compromised at all.
What makes you think that super micro has not compromised all of their within the last 10 years?
This entire thread is a larp.
yeah, eh, thanks, notOP tho.
*I* was meaning more, what other uses could you propose for a 'compromised' machine. And as most have laready noted, your choice nowadays is not 'compromised, or not' just (maybe) 'who you least prefer to be comprised by?' Half the idiot Cos panic trashing this shit be backing their shit to some cloud with wider backdoors than goatse.cx anyway.
we know.
Because I don't think supermicro had anything to do with it. It sounds like the PLA bribed or strong armed OEM manufacturers without supermicro being aware of it. If that's the case, they would have to engineer the hack separately for each board they want to compromise. According to the article, the product that was compromised was likely targeted because the CIA uses it to stream drone footage. The fact that apple and amazon etc also use the product was probably collateral damage and probably weren't targets of the PLA.
just curious, what does unstable mean? OS hangs / powers off spontaneously? Or other more sinister undefined behavior?
buy it an remove the spy chip?
Doubt the internet activity of a video stream would go unnoticed. More likely it's a killswitch
It's been stated that the NSA installs their hardware backdoors in transit, not in the factory.
Will it boot without the spy chip? SuperMicro have been real Chang's with their boards even before this spy chip.
Makes sense.
> (probably)
it means op is a retard and expects to use xeons on dos
OP here.
No. Apple (sources) claimed there are spyware located in the firmware of SM boards. That's the tipping point.
It means it needs more attention. Also RHEL didn't support it officially at that time.
when we tested them rhel didnt support it officially. that means it could've added support patches through kernel updates but end users would never know.
>send all manufacturing overseas to a totalitarian government that spies constantly on everyone so it can steal sensitive/valuable information
>WOW I CAN'T BELIEVE THEY TAMPERED WITH OUR HARDWARE
loving every laugh
especially the fact that the DoD was using these fucking chinese boards as well
You get what you fucking deserve. I bet they'll continue doing this shit though.
>with a chink sticker
and botnet
Wait, what RHEL version are you running? 6 or something relatively recent like 7.4/7.5?
I am looking at what AMD says is supported and they say they have supported it for some time since 2017.
community.amd.com
If you are running something older, you have my condolences.
Should I just accept that the botnet is truly inescapable, lads
Of course they will, SuperMicro is probably going to go down the toilet, get re-branded and then go back to selling chink shit. Maybe they'll use different subcontractors, who will just get manipulated by the Chinese government the same way the old subcontractors did.
Hell, they'll probably still be businesses who continue buying SM boards just because they don't have any IP they care if the chinks get a copy of.
>using new hardware
>with old software
>expect it to work
boomers at work everyone
>send all manufacturing overseas to a totalitarian government that spies constantly on everyone
Britain agrees with this decision and looks forward to welcoming all our new manufacturing manufacturers.
>dell
>hpe
Ah so you're just letting HP and Dell sell you to the FBI instead of Supermicro giving you over to the Chinese.
Nice.
WHAT IS WRONG WITH SUPERMICRO
production uses 6.10 waiting for 8
tested w/ rhel 7.3 and later 7.4 and both were pretty unstable for us.
Should have built boards in the USA suckas.
>You get what you fucking deserve.
Yeah, seriously. If you're the government, just build your boards in the US.
bloomberg.com
tl;dr - SuperMicro has their hardware manufactured in China, which means the Chinese government installed hardware backdoors onto all their shit
>SuperMicro has their hardware manufactured in China
who the fuck doesn;t?
op here and we don't care faggot
we have data that shouldn't be seen by foreigners. desu gvmt agencies are just welcome.
Bill Clinton signed the executive order to make all companies outsource manufacturing to china
>The majority of its workforce in San Jose is Taiwanese or Chinese, and Mandarin is the preferred language, with hanzi filling the whiteboards, according to six former employees. Chinese pastries are delivered every week, and many routine calls are done twice, once for English-only workers and again in Mandarin. The latter are more productive, according to people who’ve been on both.
there are some manufacturers stateside, mostly for stuff that sees military use
Dayton wire wheels are still made in the heartland, course they cost about 4x as much as chinas...
why is supermicro being singled out?
They might go bankrupt at this rate, they already got desisted from the NASDAQ for accounting auditing problems and this scandal might be the nail in the coffin, especially if the corporate bond rating companies like Moodys start downgrading it.
I don't know who will buy them out honestly, and I doubt they will get approval to sell to the chinks.
Do you have the option to try 7.5 or going with mainline LTS 4.14 kernels? Honestly, outside of that, your options are limited besides waiting for Intel servers which is now compounded by 10 nm delay with 14 nm shortage along with this now.
>AMD servers that can't stably run RHEL
Waht
Guy. Run an el-repo kernel and you'll be fine.
By the PLA? Because they have high-value targets as customers.
>designed in the USA
Because multiple people actually found hardware bugs on SuperMicro hardware. They found the physical bugs on the boards.
Because Supermicro boards are the ones being found with these chink spying chips. Chinese intelligence doesn't bother with your consumer and gaymer shit because your info isn't useful. Supermicro boards are used in commercial and government applications.
Not merely stated. There's photographic proof of it in the snowden leaks
they spied on you masturbating to anime furry porn.
Well, the equivalent for the companies that used them.
yeah, you'd think someone was trying to annoy China, some reason. The days of cheap hardware maybe nearing an end - they ran out of innovation, progress has slowed to a halt - need some way of bumping the profit margins, and what better than an artificial 'crisis' of shit that goes on in every country and firm, everyday of the week.
>who cares bro, I trust china with my data way more than the us
posted my OnePocoMateHonorPhone
>Our machines are made and verified in the US, including the new Blackbird systems.
twitter.com
Well sure, that's more or less what I meant.
There's also less of a chance that the US government needs to install backdoors into US corporations' hardware because sending national security letters is cheaper than installing hardware bugs.
>Daytons
90's gang member wheels. Fuck it might as well put these on my town and country.
Time to buy buy buy, stocks are going up, hardware is getting cheap! Who cares if the chinks can know your plans, they'll release an update or something to fix this if it's true, and we can buy used server shit for really cheap soon! I'm completely on board.
op. We planned to wait for 8 but as for now we have no option but to upgrade replacement servers with 7.5( or 7.6)
supermicro isn't the only company that makes server boards
It's not like China ignores low value shit either. They've already been caught adding spying shit to laundry steam irons, rice cookers, toasters, vacuums, and other home appliances.
In retrospect it seems like giving them manufacturing was a mistake.
>they'll release an update or something to fix this if it's true
>release an update
>for a hardware backdoor
lol
Is it only supermicron or other manufactured got chink'd too?
You're missing the point. As far as has been reported, Supermicro boards are the only ones being found with these chips.
are taiwanese server boards safe, like tyan, asus, and aopen?
Most of them manufactured on mainland thought, so maybe.
Wtf? I use supermicro since 1998s
>seems like giving them manufacturing was a mistake.
weeeeellll...
it is the literal 'no shit, Sherlock' decision award winner tho, one that will leave future generations shaking their heads in wonder. If you just left them fucking cars or some shit - take a month to post you a new one, but for that it only cost you $497
Are those actually made in Taiwan? Or is corporate HQ in Taiwan with manufacturing in the People's Republic?
It hasn't been reported, but it's not an impossibility. Most manufacturing is done on the mainland.
Only SM has been directly implicated so far, for what it is worth.
i dunno, i thought taiwan had a healthy manufactuing industry and maybe didnt need to outsource to the mainland, especially considering taiwan and china are virtually at war with each other. the 3 i mentioned are taiwanese companies
Also is supermicron server assembled by third party, like iphone and nokia and other by foxcoon or it is direct subsidary?
It is the latter. They subcontract out to manufacturers in mainland China and the PLA bribed/politically threatened plant managers who were the contractors, and because SuperMicro didn't do a good job at securing/due diligence with their supply chain, this happened as a result. I don't think it's maliciously done by Supermicro but they didn't just not get top 5 server spots by pimping out their servers, it was cutting corners that did them in.
you can safely assume that any chinese manufacturer has been CHINK'D
>it is the literal 'no shit, Sherlock' decision award winner tho,
Right, the fuck was anyone even expecting.
The article's rationalization was this:
"Over the decades, the security of the supply chain became an article of faith despite repeated warnings by Western officials. A belief formed that China was unlikely to jeopardize its position as workshop to the world by letting its spies meddle in its factories. That left the decision about where to build commercial systems resting largely on where capacity was greatest and cheapest."
Hilarious.
Why the fuck everyone focusing their manufacture in china thou? There other shithole with cheap worker like vietnam, indonesia, or india. Why chink? even salary in china already raised a lot.
Are they just want to exhausted china resource?