How The People’s Liberation Army Of China Took Control Of The Amazon Clown, And Others

I can’t tell you how many times I have had people on both sides of the ideological divide in this country mock me for my devotion to American-made products. Rarely do they bother with my central premise: that this country is better off when we make our own stuff and pay our own people to make it. Instead, they use snark (HOPE U ENJOYED UR MEXICAN TRUCK LOLZ POOPY BUTTZ!!!) or assume an arch, world-weary pose (“Outsourcing and overseas manufacturing is inevitable, here’s an article from Vox or Buzzfeed about it, try not to be such a stupid hick”) to imply that I’m either hypocritical or hopelessly naive.

They’re wrong, of course. This country is strongest when we are self-sufficient, not when we serve as an upscale suburb and retirement community for Asians flush with the immeasurable bounty of our uneven trade. For the past thirty years, we’ve made a spectacularly bad deal with China and others, to wit: We’ll send our factories to you, then buy your products, then you can use our money to outbid us for our land, which you can then keep forever. Some of my friends describe this as the ultimate in Boomer narcissism, essentially giving away the country to ensure that they can ride the party all the way to their graves, but the attitudes involved have effortlessly leaped from my father’s generation to my own and beyond.

Faced with this literal sale of our heritage to overseas interests, it’s common for the world-weary crowd to say something about how the Japanese were doing the same thing until their banks collapsed, neatly ignoring the fact that Chinese banks, unlike Japanese banks, tend to be supported (or undermined, if you read ZeroHedge) by securities drawn on the American government. They’ll also tell you that according to the Church Of Thomas Flatworld, every nation should do what they do best; the Chinese make stuff, we sell land, and it’s great!

Well, it’s all fun and games until the Chinese People’s Liberation Army creates a hardware hack to take control of Apple’s data centers and the Amazon Clown, er, Cloud. Which has happened.

Bloomberg has the story. It’s a long read but every word of it is worth your time. The PLA engineered a microscopic chip that sits next to the “management controllers” found on all computer servers nowadays. These controllers go by many names — HP/Compaq has iLO (Integrated Lights Out) and IBM has HMC — Hamburgler Machine Control, not really, but it’s so lousy that I’ve often suspected the hand of Grimace in its creation. These chips are on and functioning even when a computer is turned off; that way the Indians administering the systems from overseas never have to actually visit the “rack and stacks” in Colorado. They are essentially all-powerful. And now we know that the Chinese put backdoors into those chips for themselves.

Fifteen years ago, this shit wouldn’t have worked. We didn’t have management controllers. We paid human attention to our network traffic rather than letting tools like Splunk tell us what was and wasn’t normal. Most critically, we didn’t have what JWZ, the fellow who destroyed his carpal tunnels writing Netscape Navigator, calls The Clown. The Clown is a stupid idea that is beloved of the lazy and the incompetent. It is popular with bosses for the same reason that children (or, um, 46-year-old adults) often “clean their rooms” by putting everything in a closet. If you can’t see the problems, they don’t exist. If you hand over your computing infrastructure to a third party, then it’s their problem, not yours.

It would be one thing for Riverside Green to use the Amazon Cloud — although we don’t, because I don’t trust it. It’s another thing for banks and major manufacturing firms to allow Jeff “No Platform” Bezos to control their infrastructures. I just finished a contract at a Really Big Bank where the H1-B crowd was in the process of convincing the grownups to move major parts of their financial processing to the Amazon Clown. What a brilliant idea! Let’s just send the keys to the entire American economy over to a third party! What could go wrong?

The Clown is an irresistible target for criminal or nation-state hackers of all types because it is a monoculture. If you can figure out how to hack Riverside Green, that won’t necessarily help you hack the Unz Review — but once you can figure out how to compromise the Amazon Clown, or the Apple Clown, then you have godlike power over banks, governments, you name it. And the Chinese managed to get their chips into the Clowns. This particular hardware hack was eventually caught and addressed. You’d have to be a special kind of fool to think it was the only one. You’d have to be a real clown.

61 Replies to “How The People’s Liberation Army Of China Took Control Of The Amazon Clown, And Others”

  1. -Nate

    Spot on and why I don’t trust/use that damned cloud thing either .

    SWMBO is constantly “cleaning up” bu simply hiding things in closest or wherever, when I later need something she says ‘I dunno’ and it become _my_ problem .

    Grrrrrr.

    -Nate

    Reply
  2. DR Smith

    This what happens with management & the bean counters know better than professional with 20 plus years in the computing industry.
    It is also why FoMOCo is spending nearly half a billion building two state of the art data centers in Michigan. The original plan was to force most stuff to the AWS cloud….but then something happened to make the powers to be reconsider despite what all the smart consultants were saying. Wonder what that could have been?
    Nah, it must have been must a coincidence, right??

    Reply
  3. link3721

    Ok, that Bloomberg article is scary. Not sure what will change from it but I’m glad the information is it there so that maybe there’s some follow up investigating.

    Reply
    • Fred Lee

      What will change is that the bugs will become smaller and harder to find. As the article points out, the current iteration is literally invisible on an unmolested motherboard. It’s embedded within the layers of the board.

      I worked at one of the silicon design companies during the era of adding management engines to the processors. I wasn’t high enough to be involved in that decision, but I was low enough to be part of the implementation. I doubt anyone foresaw this exact issue, but certainly many of us felt “queasy” about it.

      Reply
  4. Martin

    I remember getting incredibly excited when Motorola announced they were going to build one of their phones in the US. Finally, we will have a little bit of electronics manufacturing back, maybe paving the way for other consumer devices. I would pay more, substantially, for a phone made here. But in the end it was only assembly, and it didn’t ever move beyond that.

    Reply
    • gtem

      I have one of those Fort Worth built gen 1 Moto Xs, perfectly good phone, and even priced reasonably. Battery started to get weak at year 3, my only complaint.

      Reply
    • Fred Lee

      I had one of the Moto Xs that were built in the US. It worked great, and when I sold it the person buying it did so specifically because it was made in the US, not one of those “Chinese pieces of shit”.

      This was a bunch of years ago, but it was probably JB on one of his trips to Portland.

      Reply
  5. Doug

    I am not sure how that story on the chip would be a surprise to anyone. Knowing the Chinese, wouldn’t it be a given that the government would require some kind of spy device to be inserted in anything they make that could be possibly be used to steal something?

    Also, didn’t I see where the Pentagon or CIA was going to contract with Amazon for a huge cloud services deal? Nothing can go wrong with putting all our sensitive data in Bezo’s hands.

    Reply
    • Fred Lee

      Right, because putting all of our sensitive data into the hands of federal employees like the ones who maintain the State Department email server is better right?

      I don’t mean to be snarky, but this is a really hard problem. I mean unimaginably hard. Imagine trying to be an expert in all aspects of the automotive realm; from preparing the road surface to curing the rubber for the tires to forging piston heads to programming the computer that controls your wipers. That’s not approaching the complexity of the compute stack.

      The reality is that Google and Amazon are the closest we come to security expertise for the whole stack. Depressing? Yes, absolutely. But also true. Government employee salaries and working environment attract neither the best nor the brightest.

      There are other options of course for certain kinds of information. No doubt air-gapped networks are used (though even those aren’t “secure”), but I imagine the military is looking for places to house live data that needs to be shared by something other than sneakernet.

      Reply
      • stingray65

        So you are saying that Hillary’s private server was actually about bringing added security for State Department documents, plus those e-mails concerning Chelsea’s wedding and yoga lessons? In other words, Hillary got vilified for something that should have made her a national hero and our president.

        Reply
      • Doug

        You have a bit of a point. Should you trust the deep state more or Google/Amazon/Fakebook etc? All have their drawbacks but like Jack says, he does not trust Amazon. I do not really see the benefit of giving Bezos or some other Silicon Valley mogul absolute control of our military or intelligence data. I think the Chinese would have an even more direct link to the data there than they would on a government run network. And there are plenty of government entities that seem to be able to handle massive amounts of data in an effective manner (especially when you consider they are government run).

        Reply
  6. Rock36

    The novel “Ghost Fleet” touched on Chinese hacking and backdoors built into exported hardware and software in a hypothetical future war with China. Not the best novel/story, but it was an interesting illustration of concepts the author wrote about in his other non-fiction book “Wired for War”.

    Reply
  7. Mike M

    This is a fascinating article and should not be surprising.

    To put this scenario in the Feynman method; this is just like that part of the Oceans 11 movie when they had to make sure the dice in craps would produce a winner. They sent a couple of guys to work in the dice factory in Mexico and made a batch of dice that could be controlled by a lighter. In the context of this article the servers are the dice and China is the lighter.

    Reply
  8. stingray65

    Reminds me of an old Twilight Zone episode titled “To Serve Man”. Instead of Martians, we have the Chinese – see it here.

    Reply
  9. G. Wallace

    “This country is better off when we make our own stuff and pay our own people to make it.” Sheer poetry.

    Reply
  10. rich

    Jack, I agree with everything you say about the lunacy of offshoring.

    However, it’s starting to look like this Bloomberg story is a start of a coordinated China bashing media campaign. Amazon and Apple have denied it completely.

    And today Mike Pence has accused China of interfering with US policies

    So to be clear: I agree with you it’s madness to have key technology manufactured offshore

    However, Coordinated media campaigns are a thing, and we should laugh at them.

    Reply
    • Jack BaruthJack Baruth Post author

      I wouldn’t believe Amazon or Apple if they told me the sun would rise tomorrow.

      As little as I trust Bloomberg, I trust them even less.

      Also, coordinated media campaigns in this day and age tend to serve the interests of Silicon Valley, not damage its public posture.

      Just my two cents.

      Reply
        • F. Lee

          Yeah, the US has been involved in hardware hackery, and is in fact probably the original. I think the article mentioned that the US’ preference is to intercept and modify in transit. The Xerox example is probably the most famous (and I’m astounded that your friend didn’t know about that one…)

          More recently there are examples of the TLAs intercepting networking equipment (e.g. enterprise routers), unpacking, modifying, and re-packing.

          Reply
      • Kevin Jaeger

        I’d largely agree with that. While I don’t know if the specifics of the Bloomberg story are true or not I do have experience with supplying national-security sensitive IT equipment and verifying the supply chain is a nightmare. Effectively impossible.

        The more common problem is just having compromised software or firmware infiltrating the environment, but of course it’s possible mystery chips could be manufactured right in to the product, too. But that’s easier to detect and it’s not clear what the advantage is over cloaked firmware.

        In any case I wouldn’t trust the public statements. Rest assured everyone who matters is very concerned about the IT supply chain.

        The problem is it’s hard to find any hardware or software company even in North America that hasn’t quite plausibly been compromised by the Chinese, so it’s not as simple as avoiding Chinese manufacturers. Not by a long shot.

        Reply
    • silentsod

      Coordinated media campaigns exist all over and this doesn’t sound like one.

      Those campaigns tend to repeat the same talking points and release at more or less the same time and some even get into circular referencing to build their case. I see this annoyingly often in the coverage of one of my hobbies and certainly they must realize at some point people will catch on (or they’ll be exposed) and media trust will drop even further.

      Reply
      • Eric H

        Really?
        Bezos has been on the republican’s hit list since he bought the Washington post.
        Apple has been on the hit list since they refused to unlock a phone.

        It’s completely believable that these companies could be on the receiving end of a politically motivated attack.

        Reply
          • Jack BaruthJack Baruth Post author

            Agreed, but they are barely one step above the “Suburban News Publications” people in terms of actual media power.

          • jz78817

            you’d be surprised how many people’s only actual “news source” is their local networks.

            it’s as insidious as “news” working its way through FB and Twitter, but in different ways.

        • Kevin Jaeger

          If you’ve seen the demographics of their employees you’d conclude there are probably easier ways to infiltrate these companies than to insert mystery chips into some servers. Diversity is their strength and all that.

          And they certainly have far more Asian employees than Trump supporters.

          Reply
  11. JustPassinThru

    The thing that just torques me, and it’s the only thing in which I take major exception to Trump…

    …is this constant confusion, between FREE trade and trade with a slave-labor camp.

    The two are not the same. Free trade, across the world, across national borders, benefits all. Canada, or Costa Rica, could never afford an auto industry. WE could never afford many of the clothes stitched now in Costa Rica, or many of the plastic goods made in Canada, if done under the demands of militant unions and in compliance with Department of Labor and EPA diktats.

    Free trade is how Japan came to be an industrial giant – and how our auto industry came to look as it is. For worse and for better – go back 40 years, and cars didn’t last 18 years. They seldom lasted five years; and the domestic manufacturers didn’t much care.

    The domestic industry was cut off to new entrants by the high cost of entry – and of unionism and government safety standards. You like those? Okay, but you take the bitter with the sweet. There will never be another viable startup domestic car maker.

    Toyota, Nissan/Datsun, and later Suzuki, Kia/Hundai…all got their establishment in unregulated third-world markets (Japan was once such a market). Once healthy and self-sufficient, they launched in the Big PX – and not everyone makes it. Isuzu (even with GM connections) and Suzuki both got driven out. Mitsubushi keeps on hanging by a thread.

    A closed market will result in fewer choices, cruder product, higher cost, greater exploitation – and a closed-off overseas market, as well, as retaliations unwind.

    As in the Smoot-Hawley Tariff act. An unwise response to the economic chaos following the 1929 market crash…unwise because it operated on an untrue economic theory…it instead, spread the slowdown of commerce, worldwide. The whole world joined us in economic retreat and pain – and there are always slimeballs who look for such opportunities.

    Adolf, Benito and General Tojo were the end creations of such jingoistic trade policies.

    Reply
    • JustPassinThru

      China, of course, is another issue. No free-market manufacturer can compete with slave labor – labor STOLEN by the operators or organizers of the plant or activity. Once upon a time, we had laws barring nations who would compel their subjects to work in State factories, or who would dump product below cost…bar those nations from shipping to our markets, or place heavy constraints on them.

      That was then. Since the mid-1990s, we have been blessed/cursed with Most-Favored-Nation trade status with China; and their inferior-but-cheap crap has driven quality product out of many market categories.

      THAT should never have been allowed. But. Closing that door will invite war.

      That’s the choice we now face. One more gift to us from a certain grifter from Arkansas, who rose about six levels above his competence.

      Reply
    • Jack BaruthJack Baruth Post author

      Free and fair trade benefits everyone to some degree.

      A balanced portfolio of imports and exports would enrich the United States.

      At the current moment, however, that’s like arguing over the setting of the thermostat in a burning house. As you note at the head of your post, we are trading with a command economy that uses slave labor. We got plastic junk and hacked computers; they got millions of acres on the West Coast.

      Reply
      • JustPassinThru

        Several concepts at work here.

        First, the objective would be some sort of balance. That’s fine in concept.

        When there is not a balance, though, the answer is to examine what we sell and why it’s not selling. Not to pass laws to force some sort of balance – any more than there should be laws to force more sales of Brand X than Brand Y, which is beating Brand X in consumer choices.

        Nor is free trade a relationship between two entities. It’s a continuum – we may buy underwear from Costa Rica, and shoes from Vietnam. They don’t have any use for what we are selling – Windows software and CRT and MRI machines. Australia, may want those CRTs and MRIs and Windows licenses and Hollywood movies – and they have little to sell. To us. To Europeans, they sell winter vacation packages and kiwi fruits.

        Europeans who buy them, sell us cars, high-tech industrial electronics goods, etc. The full circle.

        When we are buying more than selling, the thing to to is take apart the fundamentals of the economy and puzzle out why. In some cases, it’s trade with slave-labor prison-states. In some cases it may be dumping. In some cases, it may be that the economy of a certain nation, poor-but-free, is desperate to grow. The low-wage work of its competent workforce, represents a better life than work trying to till infertile soil – or waiting for UN food shipments.

        More-judicious use of Most-Favored-Nation trade status would address much of this. So would a return to sound money, which would negate currency-exchange manipulations or speculative fears of the fiat-dollar.

        I find it interesting that persons who otherwise adhere to libertarian (small-L) views, are so eager to allow the same Big-Brother government they fear in their bedrooms or their drug kits or their computers, to tell them what they may buy, by limiting what other people, often American companies, may import. Yes, I agree, anarchy at Customs is not an answer. It’s a fine line, and I don’t want people with entirely-different ideas of “fairness” and who are on massive power-trips, to tell me what I must comply with.

        The problem, in the views of these folks, is, in my opinion: Too-few people have any sort of Political Philosophy to guide them. They make ad-hoc decisions on what “should be” based on expediencies.

        A Political Philosophy need not be complex. It can be something as simple as “We need Government to PROTECT US!” or “Government is composed of the lowest-performing of the masses, elected by popular passions. They should be made to STAY OUT of private decisions.”

        Applying such a personal test, such a check, against proposed ideas by pols playing to the masses, helps to clarify thinking and choices, somewhat.

        Reply
        • jz78817

          the wrinkle in that argument is that many premium, high-priced goods are still made in China. That $1,100 iPhone? China. Those “premium” sellers of stuff like Mack Weldon or Tommy John ($30 for one pair of underwear) or Bombas ($12-15 for one pair of socks?) Ask them where their stuff is made, and they’ll tell you that their corporate HQ is in the USA, their design is in the USA, their fucking distribution center is in the USA, and if you’re lucky they’ll eventually get down to the end of the list and mention the products are still made in China.

          Boll and Branch sheets used to advertise relentlessly on SiriusXM, magnifying the greatness of their stuff (“Three US presidents have used our sheets!”) and are pricy ($240 for a set.) Made? In India and Turkey, using Indian and Turkish cotton. Meanwhile, Lime & Leaf makes their sheets here, from cotton grown and spun here. And guess what? $40 cheaper than the other folks for the same size sheet set.

          Reply
        • Jack BaruthJack Baruth Post author

          I think the reason so many libertarians have no issue with tariffs is because it’s one of the very few powers assigned to the Federal Government by the Founders.

          Reply
          • JustPassinThru

            Tariffs are not, in my understanding, based on any libertarian principle. They were an answer to the question of how to finance the new FedGov – in an era where industrial development and growth of worldwide trade was unimaginable; and an Income Tax would have been an obscenity.

            One Free-Market principle often ignored, is: What you want less of, you must tax. What you want more of, you subsidize.

            If you want less trade, tax trade. And if you want the convoluted structures of thirty years ago, where Ford and GM were limited in car sales in Mexico, for local construction laws which made the Mexican-government company VAM the biggest Mexican auto marketer (with AMC-licensed cars!)…or small, inefficient Canadian plants only to build up CKD kits for Ford and GM…

            …if you want more of the Chicken-Tax absurdity, where half-built vehicles are sent to the States to be sloppily completed (Japanese pickups), and with many models denied us (VW Transporter vans, one example) then tariffs are the answer.

            This is where I take exception to libertarians. They’re ALL ABOUT open borders for un-vetted persons. Which, as Milton Friedman pointed out, is economically unsustainable in a welfare state. But at the same time they want to LIMIT the one thing that does generate wealth and equalize economic prosperity (reducing pressures for population migration) – trade.

            Just my $.02, FWIW.

          • Jack BaruthJack Baruth Post author

            I’m not sure we are disagreeing.

            I have zero interest in open borders. I’m not much of a libertarian. But many patriot-styled libertarians support tariffs because there’s a justification for it in the original founding of this country. I’d rather have zero income tax and a 50% tariff on imported luxury goods, as an example.

            Using your tax/subsidy discussion as a jumping-off point, I would suggest that both the United States and China have been actively subsidizing the destruction of American manufacturing over the past thirty years.

  12. trollson

    I wouldn’t be surprised if all phones are owned as well.

    And with all the electronic shit they are putting in cars these days, that wouldn’t be surprising either.

    In general, it is very likely that foreign governments have leveraged the mass surveillance apparatus we have built for ourselves.

    Reply
    • JustPassinThru

      Now the question is, how do we get ourselves out of China’s grasp.

      Put up trade embargoes and revoke MFN trade-status, and there’s war.

      Shooting war, eventually. Before that, currency war – as they dump their dollars on the world market, forcing a de-facto devaluation of our fiat-dollar.

      And a lot of the dollars they’ve took from us, they’ve spent on gold bullion. A lot more, they’ve spent on arming up the People’s Liberation Army. Because, of course, there’s no truly-private industry in China.

      This is why saner voices, conservatives, resisted this opening-up of China. Not because we’re stick-in-the-mud poopy-heads. Because this is the genii that now needs to be put back in the bottle.

      And it won’t happen without huge cost – in treasure and lives.

      Reply
      • jz78817

        I don’t know what the solution is. Trump is absolutely right that our trade deal with China is fucked up, but there’s way too many other things at stake for there to be a simple solution like a tariff war. We’re their biggest trading partner (but not by far) and they have enough of the world by the short hairs where they’re not going to roll over to anyone’s demands that easily.

        Reply
    • Akr-med

      One wonders whether the Made in Korea stuff has been hardware-compromised by their state actors, such as Samsung and LG. Though, for phones, the hardware itself doesn’t necessarily have to be compromised. There are plenty of apps that could possibly achieve the same end, willingly installed—however unwittingly—by consumers. Server environments putatively have better control over what software is installed, right? Right??

      Reply
    • Ark-med

      Chinese made phones may well have compromised hardware. What about the Korean-made LG or Samsung phones? Though hardware snoopers aren’t needed for phone surveillance, due to the willing (and unwitting) installation of all kinds of apps/games by the laity. One assumes that the high priesthood of IT sec controls and restricts what software’s installed on datacenters/servers, right? Right?

      Reply
  13. Cdotson

    Did anyone catch that the founder of the company that presided over the hardware outsourcing that was initially caught with these spy-chips embedded died in mysterious circumstances after selling to Amazon? Or that it was Amazon that identified these chips in 2015 doing investigative work before buying the company?

    Reply
  14. Shortest Circuit

    As someone who was involved in cleaning up the IT operations of a F500 bank after they “successfully” migrated their ailing infrastructure into “the cloud”, I can only agree. Operation (and more frightening, lately architecture) of IT systems is outsourced to India or Singapore or some 2nd-world county who generally couldn’t be bothered to give a shit about the quality or the security of operation itself. If no major disasters happen in 2 years, they get the contract renewed. I would be VERY wary in this era of digital cowboys (pay with your watch, use this cloud-connected app to control your OWN appliances, put this wireless device running a 2.4 kernel onto your network, etc.) of migrating any of the know-how overseas. We are all seeing this carelessness in consumer-grade electronics already (HW and SW aswell) with Apple using 3A capable transistors to supply a peripheral that draws 3A (seriously?) BMW/Mercedes entertainment systems greeting their owners with PHP error messages in the morning, I could go on. I don’t support this. Getting clothes from a country where the no1 contributor to their GDP is their textile industry? Meh, let them make it. But don’t outsource critical IT operations to someone who was fixing 6502-powered looms last week.

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.