homepage Welcome to WebmasterWorld Guest from 54.196.73.218
register, free tools, login, search, subscribe, help, library, announcements, recent posts, open posts,
Subscribe to WebmasterWorld
Home / Forums Index / Hardware and OS Related Technologies / Webmaster Hardware
Forum Library, Charter, Moderator: open

Webmaster Hardware Forum

    
Dell warns of malware on replacement server motherboards
PowerEdge R310, PowerEdge R410, PowerEdge R510 and PowerEdge T410
travelin cat




msg:4174808
 4:53 pm on Jul 22, 2010 (gmt 0)

As part of Dellís quality process, we have identified a potential issue with our service mother board stock... The potential issue involves a small number of PowerEdge server motherboards sent out through service dispatches that may contain malware. This malware code has been detected on the embedded server management firmware...


[en.community.dell.com...]

<added>:

There are important pieces of information to note:

1. This issue does not affect any Dell PowerEdge servers shipped from our factories and is limited to a small number of the replacement motherboards only which were sent via Dellís service and replacement process for four servers: PowerEdge R310, PowerEdge R410, PowerEdge R510 and PowerEdge T410. The maximum potential exposure is less than 1% of these server models.

2. Dell has removed all impacted motherboards from the service supply. New shipping replacement stock does not contain the malware.

3. TheW32.Spybot worm was discovered in flash storage on the motherboard during Dell testing. The malware does not reside in the firmware.

4. All industry-standard antivirus programs on the market today have the ability to identify and prevent the code from infecting the customerís operating system.

5. Systems running non-Microsoft Windows operating systems cannot be affected.

6. Systems with the iDRAC Express or iDRAC Enterprise card installed cannot be affected.

7. Remaining systems can only be exposed if the customer chooses to run an update to either Unified Server Configurator (USC) or 32-bit Diagnostics.

[edited by: Brett_Tabke at 1:37 am (utc) on Jul 23, 2010]
[edit reason] added updated info [/edit]

 

lammert




msg:4174822
 5:06 pm on Jul 22, 2010 (gmt 0)

Get your server repaired and receive free bonus software!

This is not comparable with the average cross site scripting hack or even infecting USB sticks. Developing malware to be embedded in the firmware of a server line and being able to inject it somewhere in the logistical process of the repair stock requires knowledge, careful planning and people on crucial positions.

LifeinAsia




msg:4174842
 5:28 pm on Jul 22, 2010 (gmt 0)

requires knowledge, careful planning and people on crucial positions.

Queue up "Mission:Impossible" theme music!

Wow, and to have it happen in a company like Dell.

I can't wait for the first "Dude, you're getting malware!" YouTube parody of the old Dell commercials.

pageoneresults




msg:4174862
 6:12 pm on Jul 22, 2010 (gmt 0)

Aren't those motherboards manufactured in China?

J_RaD




msg:4174864
 6:17 pm on Jul 22, 2010 (gmt 0)

^ yes, I really wish we had some state side fab outfits.

Its needed purely based on national security, we can't trust china to ship us clean trouble free boards.

kapow




msg:4174948
 8:09 pm on Jul 22, 2010 (gmt 0)

Cue china bashing
we can't trust china to ship us clean trouble free boards
Cos we know the U.S. is never the source of any spam, viruses, malware... its always those scary foreigners
travelin cat




msg:4174957
 8:16 pm on Jul 22, 2010 (gmt 0)

I think a better comment would have been "we can't trust any foreign country to ship us clean trouble free boards".

China may make the lion's share of computer equipment, but they are not the sole supplier of chips, boards and other hardware/software in machines used in the U.S.

cwnet




msg:4174974
 8:46 pm on Jul 22, 2010 (gmt 0)

Its worth repeating:

Cos we know the U.S. is never the source of any spam, viruses, malware... its always those scary foreigners

travelin cat




msg:4174989
 8:56 pm on Jul 22, 2010 (gmt 0)

No argument there. However, what you are referring to is software. The way I see it, when you have a foreign country, any foreign country, supply hardware that will be used on equipment that could be put in computers used by the government, there is always a possibility that something malicious will happen.

tangor




msg:4175000
 9:10 pm on Jul 22, 2010 (gmt 0)

Cos we know the U.S. is never the source of any spam, viruses, malware... its always those scary foreigners


It's scary foreigners distributing spam, virii and malware via U.S. servers. And some U.S. folks, too. There's bad actors everywhere, but when it gets to the hardware level, that's a real problem.

J_RaD




msg:4175045
 10:26 pm on Jul 22, 2010 (gmt 0)


Cos we know the U.S. is never the source of any spam, viruses, malware... its always those scary foreigners


apples, oranges.

you can't compare a USA fab line and QA vs some guy in his basement with an agenda.

cwnet




msg:4175047
 10:43 pm on Jul 22, 2010 (gmt 0)

Can anyone confirm that the effected hardware was manufactured outside the US? Can anyone confirm that the malicious software (see below) was injected into the flash storage by someone outside the US?

The only information I found was this: "The W32.Spybot worm was discovered in flash storage on the motherboard during Dell testing. The malware does not reside in the firmware."

Robert Charlton




msg:4175063
 11:20 pm on Jul 22, 2010 (gmt 0)

Cos we know the U.S. is never the source of any spam, viruses, malware... its always those scary foreigners

That's because we don't make anything here any more... we just market and sell it. ;)

J_RaD




msg:4175075
 12:03 am on Jul 23, 2010 (gmt 0)

uh people, this isn't the 1st time tainted hardware has left china US bound. This just might be the 1st time you've heard of it but not me, this has been going on since the 90's.

just like those digital picture frames with a payload headed for your PC as soon as you plugged it in via usb.

Not china bashing just something that has been going on for a very long time.

impact




msg:4175098
 12:47 am on Jul 23, 2010 (gmt 0)

Wow, this could be next generation espionage, where the brand new computer it self comes with infected codes.

imagine, if these codes are thought how to escape antivirus while the antivirus is being installed, and these codes has the ability to connect with computers with similar infection and if there are 100s of such computers already in the market, oh! we are talking about a supper computer hidden in the network to steal you..

I dont know, i just cant stop thinking on this, may be i should go and start writing a book or make film on this! :-)

lammert




msg:4175110
 1:34 am on Jul 23, 2010 (gmt 0)

Aren't those motherboards manufactured in China?

Probably, and if you read the linked site, all the newly shipped motherboards are clean. The infection only appears on service parts which are likely to have gone through a refurbishment process inside the US.

iThink




msg:4175289
 11:44 am on Jul 23, 2010 (gmt 0)

This story is coming just a few weeks after the another widely reported story related to a lawsuit against Dell for a few million faulty motherboards in Dell Optiplex desktops. Dell shipped faulty motherboards to replace motherboards on PCs that have already failed. Large customers including the law firm defending the Dell in lawsuit were affected by the faulty computers due to the same defect.

[cnbc.com...]

Similar thing seems to have happened here. They shipped virus laced boards to replace the faulty boards in servers. Dell is used to these kind of incidents. So nothing to worry.

Edge




msg:4175337
 1:23 pm on Jul 23, 2010 (gmt 0)

Sounds like a motherboard manufacturing organization just lost a good client.

Foolish...

BillyS




msg:4175357
 2:30 pm on Jul 23, 2010 (gmt 0)

iThink - if you build computers, that's not news. Many motherboards (new and refurbished) were plagued by leaking capacitors in the 2004 timeframe. I was running SETI@home when I first noticed my pc would reboot randomly. The problem was SETI@home caused my machine to run hot, thereby exposing the capacitor problem.

I do agree this is a national security concern. I don't care where they're made, but with these devices running our country, the exposure is enormous.

kapow




msg:4175396
 3:49 pm on Jul 23, 2010 (gmt 0)

Cos we know the U.S. is never the source of any spam, viruses, malware... its always those scary foreigners
hmmm... seems I need to explain: That was sarcasm, my amazement at the speed of zenaphobic assumptive blame - over enquiry into the cause. Everything is not about national security and scary foreigners remotely controlling your toaster.
Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Hardware and OS Related Technologies / Webmaster Hardware
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved