Long-time Slashdot reader Artem S. Tashkinov quotes Wired:
More than a year has passed since Bloomberg Businessweek grabbed the lapels of the cybersecurity world with a bombshell claim: that Supermicro motherboards in servers used by major tech firms, including Apple and Amazon, had been stealthily implanted with a chip the size of a rice grain that allowed Chinese hackers to spy deep into those networks. Apple, Amazon, and Supermicro all vehemently denied the report. The NSA dismissed it as a false alarm. The Defcon hacker conference awarded it two Pwnie Awards, for “most overhyped bug” and “most epic fail.” And no follow-up reporting has yet affirmed its central premise.
But even as the facts of that story remain unconfirmed, the security community has warned that the possibility of the supply chain attacks it describes is all too real. The NSA, after all, has been doing something like it for years, according to the leaks of whistle-blower Edward Snowden. Now researchers have gone further, showing just how easily and cheaply a tiny, tough-to-detect spy chip could be planted in a company’s hardware supply chain. And one of them has demonstrated that it doesn’t even require a state-sponsored spy agency to pull it off — just a motivated hardware hacker with the right access and as little as $200 worth of equipment.
Even Small Nations Have Jumped into the Cyber Espionage Game
JetBrains’ build automation software eyed as possible enabler of SolarWinds hack
Apple Plans First iMac Desktop Redesign In Nearly a Decade
Nissan Source Code Leaked via Misconfigured Git Server
How Tim Berners-Lee Will Fix the Internet
After a decade, NASA’s big rocket fails its first real test
After 2 Years on Mars, NASA’s Digger Declared Dead
UnGoogled Chromium 87.0.4280.141-1 (BSD License)