I’ve gotten lots of inquiries if I could analyze some hardware for or could recommend someone who might.
I’ll be blunt - most of you don’t need this. Here are some things you should consider before seeking out services like this:
This is not a small job. This is not a cheap job. Expect a server motherboard to have at least 10^1 components with firmware, 10^2 active logic components, and 10^3 passive components. Every one needs analysis.
Take off your tinfoil hat. If something is different, rule out engineering or business reasons before assuming malicious intent. Sometimes docs are outdated, chips interchangeable, board errors fixed, and market prices for compatible replacements shift.
My commentary might be sarcastic, but with good reason. Hardware implants are real and technically possible. We see modchips, counterfeit bypasses, key loggers, and card skimmers all the time - but we’ve never actually seen deployed hardware backdoors in servers.
TL,DR - if you haven’t talked to your vendors about the supply-chain integrity mechanisms they have in place, tearing down a few motherboards for analysis won’t solve your problems.