Possible Hardware Vulnerability on Supermicro Motherboards
Bloomberg released a report on 4th October 2018 indicating that giant hardware manufacturer Supermicro included a component of unknown origin and function to motherboards manufactured by the company. The component though unknown is alleged to have been added as a means to make any system using such motherboards vulnerable to infiltration by an attacker.
It is not clear if only Elemental Technologies motherboard manufactured by Supermicro are affected or motherboards from other manufacturers are compromised as well.
In an attempt to counter the allegation, Supermicro, Apple, and Amazon released a counter report to say they have found no evidence to support the claims after a thorough security examination.
Although there is no apparent indication that Blockstream’s motherboards have been affected, the company thought it was necessary to take the allegation seriously because several indications suggest there is some truth to it.
The company is confident that if the Supermicro vulnerability does exist on its servers, it will be mitigated by the Liquid security design as the possibility of hardware security threats was factored in the threat model for the Liquid Network and so the network users have no cause to worry.
You can read more on Blockstream’s post covering this issue.