Profile picture
Trammell Hudson ⚙ @qrs
, 3 tweets, 2 min read Read on Twitter
Allegedly a supply chain attack on Supermicro's servers installed small CPUs disguised as passive capacitors on the mainboard that were able to take over the BMC, which could then compromise the main CPU: bloomberg.com/news/features/…
The BMC is vastly over-privileged and tied into so many parts of the system. Securing it is vital to secure the root of trust, and open source firmware like OpenBMC and u-BMC are good first steps to trusting it.
This also is another explanation for Apple dropping Supermicro servers a few years ago, the rumors at the time were due to compromised firmware updates: arstechnica.com/information-te…
Missing some Tweet in this thread?
You can try to force a refresh.

Like this thread? Get email updates or save it to PDF!

Subscribe to Trammell Hudson ⚙
Profile picture

Get real-time email alerts when new unrolls are available from this author!

This content may be removed anytime!

Twitter may remove this content at anytime, convert it as a PDF, save and print for later use!

Try unrolling a thread yourself!

how to unroll video

1) Follow Thread Reader App on Twitter so you can easily mention us!

2) Go to a Twitter thread (series of Tweets by the same owner) and mention us with a keyword "unroll" @threadreaderapp unroll

You can practice here first or read more on our help page!

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just three indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member and get exclusive features!

Premium member ($30.00/year)

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!