This saga is fascinating I really have no doubt of the hardware existing. Thought the original picture from the article and description made it hard for me to imagine the connectivity.
is it connected to the SPI of the BMC flash/OS storage? Why would software integrity checks like making sure the image is signed and not tampered wouldn't capture it?
(Answer to this one sounds easy bad security practices regarding firmware process)
Yes I read it. seems they added another device to the network/ethernet interface which they detected sending network packets.
Curious how this one affected the server or did compare to the original article.
This one seems more benign considering it won't be able to mess around like the BMC has access to things like secure boot and other system busses like the PCI.
is it connected to the SPI of the BMC flash/OS storage? Why would software integrity checks like making sure the image is signed and not tampered wouldn't capture it? (Answer to this one sounds easy bad security practices regarding firmware process)