Department of Homeland Security chimes in on iCloud server spy chip allegations

Posted:
in iCloud
The United States Department of Homeland Security has added to the growing chorus of voices siding with Apple and Amazon versus the blockbuster report that Apple's iCloud and Siri security was violated by a China-planted spy chip.

iCloud login screen


The statement, issued by DHS on Saturday doesn't delve into any detail about why it believes that the Bloomberg report from Thursday is flawed, and sides with Apple and Amazon in the matter.
The Department of Homeland Security is aware of the media reports of a technology supply chain compromise. Like our partners in the UK, the National Cyber Security Centre, at this time we have no reason to doubt the statements from the companies named in the story.

Information and communications technology supply chain security is core to DHS's cybersecurity mission and we are committed to the security and integrity of the technology on which Americans and others around the world increasingly rely.

Just this month - National Cybersecurity Awareness Month - we launched several government-industry initiatives to develop near- and long-term solutions to manage risk posed by the complex challenges of increasingly global supply chains. These initiatives will build on existing partnerships with a wide range of technology companies to strengthen our nation's collective cybersecurity and risk management efforts.
Thursday's story claimed Chinese operatives managed to sneak a microchip the size of a grain of rice onto 7000 motherboards produced by Supermicro, which supplied those compromised parts for use in Apple's iCloud data centers. The chip, supposedly designed by the Chinese military, allegedly passed the data on the servers to Chinese interests, and gave a back-door into Apple's public-facing networks to the alleged perpetrators.

After the report was published, both Apple and Amazon issued strongly worded statements very specifically refuting the claims. The denial, and continued clarifications after the fact goes well beyond anything Apple has distributed. Apple continues to categorically deny all assertions in Bloomberg's story, and offers point-by-point rebuttal to certain facts and figures.

Bloomberg is standing by its investigation -- claiming 30 companies were affected, but only naming two -- saying the report took more than a year to compile and involved more than 100 interviews. The publication cites 17 sources from government agencies and companies involved in the alleged hack, including senior insiders at Apple.

At least one of Bloomberg's sources appears to have changed its mind after publication.
«13

Comments

  • Reply 1 of 46
    So, fake news?
    stanthemananton zuykovrob53horvaticwatto_cobra
  • Reply 2 of 46
    I have a hard time believing that policy makers would be dumb enough to bet against Apple and Amazon inspecting the chips that go into their equipment. If something like this is ever documented, the company that does it will be driven into bankruptcy, and it will mark the beginning of the end for China’s electronics industry.
    watto_cobra
  • Reply 3 of 46
    gatorguygatorguy Posts: 24,604member
    AI: "Thursday's story claimed Chinese operatives managed to sneak a microchip the size of a grain of rice onto 7000 motherboards produced by Supermicro, which supplied those compromised parts for use in Apple's iCloud data centers."

    Didn't Bloomberg actually say it wasn't known if any of the 7000 servers already in use were compromised? I don't them saying anywhere in the article that they were, only that Apple had 7000 in use that potentially could have been. Of note Apple claims no servers were sent back to Supermicro, but in 2015 the supplier themselves said exactly that, Apple was returning recently purchased servers. No reason for Supermicro to say Apple sent servers back unless they had. 
  • Reply 4 of 46
    macxpressmacxpress Posts: 5,918member
    Maybe Bloomberg should be sued....
    williamlondonracerhomie3rob53magman1979uniscapewatto_cobra
  • Reply 5 of 46
    tmaytmay Posts: 6,453member
    gatorguy said:
    AI: "Thursday's story claimed Chinese operatives managed to sneak a microchip the size of a grain of rice onto 7000 motherboards produced by Supermicro, which supplied those compromised parts for use in Apple's iCloud data centers."

    Didn't Bloomberg actually say it wasn't known if any of the 7000 servers already in use were compromised? I don't them saying anywhere in the article that they were, only that Apple had 7000 in use that potentially could have been. Of note Apple claims no servers were sent back to Supermicro, but in 2015 the supplier themselves said exactly that, Apple was returning recently purchased servers. No reason for Supermicro to say Apple sent servers back unless they had. 
    So, Bloomberg decided to implicate Amazon and Apple, not the other 28 companies, just to create the more menacing hardware story, all the while lacking specific data on what actually happened to the hardware, if anything? 

    After reading the article, I was under the impression that Apple shipped the servers back due to firmware issues, not any hardware shortcoming.
    watto_cobra
  • Reply 6 of 46
    gatorguygatorguy Posts: 24,604member
    tmay said:
    gatorguy said:
    AI: "Thursday's story claimed Chinese operatives managed to sneak a microchip the size of a grain of rice onto 7000 motherboards produced by Supermicro, which supplied those compromised parts for use in Apple's iCloud data centers."

    Didn't Bloomberg actually say it wasn't known if any of the 7000 servers already in use were compromised? I don't them saying anywhere in the article that they were, only that Apple had 7000 in use that potentially could have been. Of note Apple claims no servers were sent back to Supermicro, but in 2015 the supplier themselves said exactly that, Apple was returning recently purchased servers. No reason for Supermicro to say Apple sent servers back unless they had. 
    So, Bloomberg decided to implicate Amazon and Apple, not the other 28 companies, just to create the more menacing hardware story, all the while lacking specific data on what actually happened to the hardware, if anything? 

    After reading the article, I was under the impression that Apple shipped the servers back due to firmware issues, not any hardware shortcoming.
    The "firmware issue" you mention was reportedly finding a non-matching and non-official firmware update version on one of the servers in a lab. When the suspicious software was reported to Supermicro Apple said it came directly from Supermicro hosted files on their secure site. Supermicro said no it didn't, it was not a valid version number and asked for further information and clarification.  I'm 100% sure Apple would have been just a tad curious at that point how it got there if it wasn't official firmware just as Supermicro would have been. But instead Apple stopped cooperation and communication at that point....

    ...That's an odd response if true isn't it, and didn't originate from the Bloomberg story either. Those statements of supposed fact were made by Supermicro themselves as quoted and reported by The Information a couple years back. 

    So three current incongruencies stand out to me as of this morning:

    -Apple (PR) said they didn't send servers back, just cancelled further purchases sometime later for unrelated reasons. Supermicro themselves on the record says that's not correct, Apple was already sending back servers previously sold to them after the unofficial firmware version was discovered on at least one server.

    - According again to Supermicro executives speaking on the record:
    When a suspicious firmware update was discovered on an Apple server previously purchased from Supermicro in 2015 and were advised it did not come from them despite what Apple believed at the time Apple stopped communication on the issue rather than pursuing it with Supermicro to get to the bottom of it.

    -No current Apple executive has been willing to be quoted on the record disputing the Bloomberg story, only communicating "anonymously" with one publication.  Any statements attributed to "Apple" have come only from the PR department AFAIK, no specific Apple executive so far willing to go on the record themselves. 
    Apple's former Chief Legal Officer and executive Bruce Sewell was offered as evidence and spoke on the record, but he's retired and no longer represents them. Where's the current Chief Legal Officer's statement rather the the retired's? 

    But I'm still siding with Apple and Amazon, just not nearly as convinced as I was 48 hours ago.
    edited October 2018 muthuk_vanalingam
  • Reply 7 of 46
    mwhitemwhite Posts: 287member
    gatorguy said:
    tmay said:
    gatorguy said:
    AI: "Thursday's story claimed Chinese operatives managed to sneak a microchip the size of a grain of rice onto 7000 motherboards produced by Supermicro, which supplied those compromised parts for use in Apple's iCloud data centers."

    Didn't Bloomberg actually say it wasn't known if any of the 7000 servers already in use were compromised? I don't them saying anywhere in the article that they were, only that Apple had 7000 in use that potentially could have been. Of note Apple claims no servers were sent back to Supermicro, but in 2015 the supplier themselves said exactly that, Apple was returning recently purchased servers. No reason for Supermicro to say Apple sent servers back unless they had. 
    So, Bloomberg decided to implicate Amazon and Apple, not the other 28 companies, just to create the more menacing hardware story, all the while lacking specific data on what actually happened to the hardware, if anything? 

    After reading the article, I was under the impression that Apple shipped the servers back due to firmware issues, not any hardware shortcoming.
    The "firmware issue" you mention was reportedly finding a non-matching and non-official firmware version on one of the servers in a lab. When the suspicious software was reported to Supermicro Apple said it came directly from Supermicro hosted files on their secure site. Supermicro said no it didn't, it was not a valid version number and asked for further information and clarification.  I'm 100% sure Apple would have been just a tad curious at that point how it got there if it wasn't official firmware just as Supermicro would have been. But instead Apple stopped cooperation and communication at that point. 

    That's an odd response if true, and that didn't originate from the Bloomberg story either. Those statements of supposerd fact were made by Supermicro themselves. 

    So three current incongruences stand out to me as of this morning:

    -Apple said they didn't send servers back, just cancelled further purchases sometime later. Supermicro themselves says that's not correct, Apple was already sending back servers previously sold to them. 

    - According again to Supermicro executives speaking on the record:
    When a suspicious firmware update was discovered on an Apple server previously purchased from Supermicro in 2015 and were advised it did not come from them despite what Apple believed at the time Apple stopped communication on the issue rather than pursuing it with Supermicro to get to the bottom of it.

    -No current Apple executive has been willing to be quoted on the record disputing the Bloomberg story, only communicating "anonymously" with any statements from Apple coming only from the PR department AFAIK.
    Apple's former Chief Legal Officer Bruce Sewell was offered as evidence and spoke on the record, but he's retired and no longer represents them. Where's the current Chief Legal Officer's statement? Or Cook's for that matter?

    Still siding with Apple and Amazon but not nearly as convinced as I was 48 hours ago. 
    So who are you the all seeing and all knowing gator??? I don't think so.....
    watto_cobra
  • Reply 8 of 46
    gatorguygatorguy Posts: 24,604member
    mwhite said:
    gatorguy said:
    tmay said:
    gatorguy said:
    AI: "Thursday's story claimed Chinese operatives managed to sneak a microchip the size of a grain of rice onto 7000 motherboards produced by Supermicro, which supplied those compromised parts for use in Apple's iCloud data centers."

    Didn't Bloomberg actually say it wasn't known if any of the 7000 servers already in use were compromised? I don't them saying anywhere in the article that they were, only that Apple had 7000 in use that potentially could have been. Of note Apple claims no servers were sent back to Supermicro, but in 2015 the supplier themselves said exactly that, Apple was returning recently purchased servers. No reason for Supermicro to say Apple sent servers back unless they had. 
    So, Bloomberg decided to implicate Amazon and Apple, not the other 28 companies, just to create the more menacing hardware story, all the while lacking specific data on what actually happened to the hardware, if anything? 

    After reading the article, I was under the impression that Apple shipped the servers back due to firmware issues, not any hardware shortcoming.
    The "firmware issue" you mention was reportedly finding a non-matching and non-official firmware version on one of the servers in a lab. When the suspicious software was reported to Supermicro Apple said it came directly from Supermicro hosted files on their secure site. Supermicro said no it didn't, it was not a valid version number and asked for further information and clarification.  I'm 100% sure Apple would have been just a tad curious at that point how it got there if it wasn't official firmware just as Supermicro would have been. But instead Apple stopped cooperation and communication at that point. 

    That's an odd response if true, and that didn't originate from the Bloomberg story either. Those statements of supposerd fact were made by Supermicro themselves. 

    So three current incongruences stand out to me as of this morning:

    -Apple said they didn't send servers back, just cancelled further purchases sometime later. Supermicro themselves says that's not correct, Apple was already sending back servers previously sold to them. 

    - According again to Supermicro executives speaking on the record:
    When a suspicious firmware update was discovered on an Apple server previously purchased from Supermicro in 2015 and were advised it did not come from them despite what Apple believed at the time Apple stopped communication on the issue rather than pursuing it with Supermicro to get to the bottom of it.

    -No current Apple executive has been willing to be quoted on the record disputing the Bloomberg story, only communicating "anonymously" with any statements from Apple coming only from the PR department AFAIK.
    Apple's former Chief Legal Officer Bruce Sewell was offered as evidence and spoke on the record, but he's retired and no longer represents them. Where's the current Chief Legal Officer's statement? Or Cook's for that matter?

    Still siding with Apple and Amazon but not nearly as convinced as I was 48 hours ago. 
    So who are you the all seeing and all knowing gator??? I don't think so.....
    Try being a bit more detailed if you don't mind.rather than just tossing out a couple of insults and calling it a day... 

    What part of the post are you disagreeing with? Obviously if I was "all-knowing" I'd already know the answers to the story inconsistencies I mentioned. How about you, anything pertinent and informative to add? You completely comfortable with Apple executives speaking only if "off the record"? 

    Personally I'll be much more assured when Apple's current chief legal officer Katherine Adams speaks on the record rather than their retired one. I suspect she may at some point. 
    edited October 2018
  • Reply 9 of 46
    tmaytmay Posts: 6,453member
    gatorguy said:
    tmay said:
    gatorguy said:
    AI: "Thursday's story claimed Chinese operatives managed to sneak a microchip the size of a grain of rice onto 7000 motherboards produced by Supermicro, which supplied those compromised parts for use in Apple's iCloud data centers."

    Didn't Bloomberg actually say it wasn't known if any of the 7000 servers already in use were compromised? I don't them saying anywhere in the article that they were, only that Apple had 7000 in use that potentially could have been. Of note Apple claims no servers were sent back to Supermicro, but in 2015 the supplier themselves said exactly that, Apple was returning recently purchased servers. No reason for Supermicro to say Apple sent servers back unless they had. 
    So, Bloomberg decided to implicate Amazon and Apple, not the other 28 companies, just to create the more menacing hardware story, all the while lacking specific data on what actually happened to the hardware, if anything? 

    After reading the article, I was under the impression that Apple shipped the servers back due to firmware issues, not any hardware shortcoming.
    The "firmware issue" you mention was reportedly finding a non-matching and non-official firmware version on one of the servers in a lab. When the suspicious software was reported to Supermicro Apple said it came directly from Supermicro hosted files on their secure site. Supermicro said no it didn't, it was not a valid version number and asked for further information and clarification.  I'm 100% sure Apple would have been just a tad curious at that point how it got there if it wasn't official firmware just as Supermicro would have been. But instead Apple stopped cooperation and communication at that point. 

    That's an odd response if true, and that didn't originate from the Bloomberg story either. Those statements of supposerd fact were made by Supermicro themselves. 

    So three current incongruencies stand out to me as of this morning:

    -Apple (PR) said they didn't send servers back, just cancelled further purchases sometime later for unrelated reasons. Supermicro themselves on the record says that's not correct, Apple was already sending back servers previously sold to them after the unofficial firmware version was discovered on at least one server.

    - According again to Supermicro executives speaking on the record:
    When a suspicious firmware update was discovered on an Apple server previously purchased from Supermicro in 2015 and were advised it did not come from them despite what Apple believed at the time Apple stopped communication on the issue rather than pursuing it with Supermicro to get to the bottom of it.

    -No current Apple executive has been willing to be quoted on the record disputing the Bloomberg story, only communicating "anonymously" with one publication.  Any statements attributed to "Apple" have come only from the PR department AFAIK, no specific Apple executive so far willing to go on the record themselves. 
    Apple's former Chief Legal Officer and executive Bruce Sewell was offered as evidence and spoke on the record, but he's retired and no longer represents them. Where's the current Chief Legal Officer's statement rather the the retired's? 

    But I'm still siding with Apple and Amazon, just not nearly as convinced as I was 48 hours ago.
    My point is that there has been zero collaboration of the "grain of rice' hardware story. That Apple hasn't sent out a senior executive to comment on this at this time is actually not unusual for Apple for any "gate" event, which Bloomberg seems to want to attempt to create.

    StrangeDaysmagman1979dysamoria
  • Reply 10 of 46
    gatorguygatorguy Posts: 24,604member
    tmay said:
    gatorguy said:
    tmay said:
    gatorguy said:
    AI: "Thursday's story claimed Chinese operatives managed to sneak a microchip the size of a grain of rice onto 7000 motherboards produced by Supermicro, which supplied those compromised parts for use in Apple's iCloud data centers."

    Didn't Bloomberg actually say it wasn't known if any of the 7000 servers already in use were compromised? I don't them saying anywhere in the article that they were, only that Apple had 7000 in use that potentially could have been. Of note Apple claims no servers were sent back to Supermicro, but in 2015 the supplier themselves said exactly that, Apple was returning recently purchased servers. No reason for Supermicro to say Apple sent servers back unless they had. 
    So, Bloomberg decided to implicate Amazon and Apple, not the other 28 companies, just to create the more menacing hardware story, all the while lacking specific data on what actually happened to the hardware, if anything? 

    After reading the article, I was under the impression that Apple shipped the servers back due to firmware issues, not any hardware shortcoming.
    The "firmware issue" you mention was reportedly finding a non-matching and non-official firmware version on one of the servers in a lab. When the suspicious software was reported to Supermicro Apple said it came directly from Supermicro hosted files on their secure site. Supermicro said no it didn't, it was not a valid version number and asked for further information and clarification.  I'm 100% sure Apple would have been just a tad curious at that point how it got there if it wasn't official firmware just as Supermicro would have been. But instead Apple stopped cooperation and communication at that point. 

    That's an odd response if true, and that didn't originate from the Bloomberg story either. Those statements of supposerd fact were made by Supermicro themselves. 

    So three current incongruencies stand out to me as of this morning:

    -Apple (PR) said they didn't send servers back, just cancelled further purchases sometime later for unrelated reasons. Supermicro themselves on the record says that's not correct, Apple was already sending back servers previously sold to them after the unofficial firmware version was discovered on at least one server.

    - According again to Supermicro executives speaking on the record:
    When a suspicious firmware update was discovered on an Apple server previously purchased from Supermicro in 2015 and were advised it did not come from them despite what Apple believed at the time Apple stopped communication on the issue rather than pursuing it with Supermicro to get to the bottom of it.

    -No current Apple executive has been willing to be quoted on the record disputing the Bloomberg story, only communicating "anonymously" with one publication.  Any statements attributed to "Apple" have come only from the PR department AFAIK, no specific Apple executive so far willing to go on the record themselves. 
    Apple's former Chief Legal Officer and executive Bruce Sewell was offered as evidence and spoke on the record, but he's retired and no longer represents them. Where's the current Chief Legal Officer's statement rather the the retired's? 

    But I'm still siding with Apple and Amazon, just not nearly as convinced as I was 48 hours ago.
    My point is that there has been zero collaboration of the "grain of rice' hardware story. That Apple hasn't sent out a senior executive to comment on this at this time is actually not unusual for Apple for any "gate" event, which Bloomberg seems to want to attempt to create.

    The inference as I read it is that's how the unidentified and not-official Suprermicro firmware got installed on the server, via that "grain of rice" allowing that specific server to be targeted. 
    Aren't you curious how Apple got that version even tho the server supplier says it's not theirs? You can be positive Apple was, but yet chose to stop communicating with Supermicro to find out? That doesn't make sense to me unless the investigation on how it happened was taken out of their hands. Otherwise it sounds plainly dumb to drop it. What about you? 

    As far as you saying you don't think it's unusual that no exec has commented on the record, the whole Apple response to this has been unusual. Can you remember them ever being so involved or vehement in a story denial? Yet not one exec chiming in themselves. Cook or some other Apple exec has never shied away from commenting in the past when he feels Apple has been unfairly painted. This is the most vocal they have ever been AFAIK and the lack of "on the record" comments from any of then seems, well...  odd in light of that. 
    edited October 2018 muthuk_vanalingam
  • Reply 11 of 46
    tmaytmay Posts: 6,453member
    gatorguy said:
    tmay said:
    gatorguy said:
    tmay said:
    gatorguy said:
    AI: "Thursday's story claimed Chinese operatives managed to sneak a microchip the size of a grain of rice onto 7000 motherboards produced by Supermicro, which supplied those compromised parts for use in Apple's iCloud data centers."

    Didn't Bloomberg actually say it wasn't known if any of the 7000 servers already in use were compromised? I don't them saying anywhere in the article that they were, only that Apple had 7000 in use that potentially could have been. Of note Apple claims no servers were sent back to Supermicro, but in 2015 the supplier themselves said exactly that, Apple was returning recently purchased servers. No reason for Supermicro to say Apple sent servers back unless they had. 
    So, Bloomberg decided to implicate Amazon and Apple, not the other 28 companies, just to create the more menacing hardware story, all the while lacking specific data on what actually happened to the hardware, if anything? 

    After reading the article, I was under the impression that Apple shipped the servers back due to firmware issues, not any hardware shortcoming.
    The "firmware issue" you mention was reportedly finding a non-matching and non-official firmware version on one of the servers in a lab. When the suspicious software was reported to Supermicro Apple said it came directly from Supermicro hosted files on their secure site. Supermicro said no it didn't, it was not a valid version number and asked for further information and clarification.  I'm 100% sure Apple would have been just a tad curious at that point how it got there if it wasn't official firmware just as Supermicro would have been. But instead Apple stopped cooperation and communication at that point. 

    That's an odd response if true, and that didn't originate from the Bloomberg story either. Those statements of supposerd fact were made by Supermicro themselves. 

    So three current incongruencies stand out to me as of this morning:

    -Apple (PR) said they didn't send servers back, just cancelled further purchases sometime later for unrelated reasons. Supermicro themselves on the record says that's not correct, Apple was already sending back servers previously sold to them after the unofficial firmware version was discovered on at least one server.

    - According again to Supermicro executives speaking on the record:
    When a suspicious firmware update was discovered on an Apple server previously purchased from Supermicro in 2015 and were advised it did not come from them despite what Apple believed at the time Apple stopped communication on the issue rather than pursuing it with Supermicro to get to the bottom of it.

    -No current Apple executive has been willing to be quoted on the record disputing the Bloomberg story, only communicating "anonymously" with one publication.  Any statements attributed to "Apple" have come only from the PR department AFAIK, no specific Apple executive so far willing to go on the record themselves. 
    Apple's former Chief Legal Officer and executive Bruce Sewell was offered as evidence and spoke on the record, but he's retired and no longer represents them. Where's the current Chief Legal Officer's statement rather the the retired's? 

    But I'm still siding with Apple and Amazon, just not nearly as convinced as I was 48 hours ago.
    My point is that there has been zero collaboration of the "grain of rice' hardware story. That Apple hasn't sent out a senior executive to comment on this at this time is actually not unusual for Apple for any "gate" event, which Bloomberg seems to want to attempt to create.

    The inference as I read it is that's how the unidentified and not-official Suprermicro firmware got installed on the server, via that "grain of rice" allowing that specific server to be targeted. 
    Aren't you curious how Apple got that version even tho the server supplier says it's not theirs?
    You would think that there would be some evidence of that "grain of rice", yet none has been provided by anyone. No physical evidence, no component, not photos.

    "In response to Bloomberg’s latest version of the narrative, we present the following facts: Siri and Topsy never shared servers; Siri has never been deployed on servers sold to us by Super Micro; and Topsy data was limited to approximately 2,000 Super Micro servers, not 7,000. None of those servers have ever been found to hold malicious chips.
    As a matter of practice, before servers are put into production at Apple they are inspected for security vulnerabilities and we update all firmware and software with the latest protections. We did not uncover any unusual vulnerabilities in the servers we purchased from Super Micro when we updated the firmware and software according to our standard procedures.
    We are deeply disappointed that in their dealings with us, Bloomberg’s reporters have not been open to the possibility that they or their sources might be wrong or misinformed. Our best guess is that they are confusing their story with a previously-reported 2016 incident in which we discovered an infected driver on a single Super Micro server in one of our labs. That one-time event was determined to be accidental and not a targeted attack against Apple."

    Your current argument is that Apple hasn't responded from the top. I'm not seeing that as meaningful, one way or another.
    dysamoria
  • Reply 12 of 46
    StrangeDaysStrangeDays Posts: 13,058member
    mwhite said:
    gatorguy said:
    tmay said:
    gatorguy said:
    AI: "Thursday's story claimed Chinese operatives managed to sneak a microchip the size of a grain of rice onto 7000 motherboards produced by Supermicro, which supplied those compromised parts for use in Apple's iCloud data centers."

    Didn't Bloomberg actually say it wasn't known if any of the 7000 servers already in use were compromised? I don't them saying anywhere in the article that they were, only that Apple had 7000 in use that potentially could have been. Of note Apple claims no servers were sent back to Supermicro, but in 2015 the supplier themselves said exactly that, Apple was returning recently purchased servers. No reason for Supermicro to say Apple sent servers back unless they had. 
    So, Bloomberg decided to implicate Amazon and Apple, not the other 28 companies, just to create the more menacing hardware story, all the while lacking specific data on what actually happened to the hardware, if anything? 

    After reading the article, I was under the impression that Apple shipped the servers back due to firmware issues, not any hardware shortcoming.
    The "firmware issue" you mention was reportedly finding a non-matching and non-official firmware version on one of the servers in a lab. When the suspicious software was reported to Supermicro Apple said it came directly from Supermicro hosted files on their secure site. Supermicro said no it didn't, it was not a valid version number and asked for further information and clarification.  I'm 100% sure Apple would have been just a tad curious at that point how it got there if it wasn't official firmware just as Supermicro would have been. But instead Apple stopped cooperation and communication at that point. 

    That's an odd response if true, and that didn't originate from the Bloomberg story either. Those statements of supposerd fact were made by Supermicro themselves. 

    So three current incongruences stand out to me as of this morning:

    -Apple said they didn't send servers back, just cancelled further purchases sometime later. Supermicro themselves says that's not correct, Apple was already sending back servers previously sold to them. 

    - According again to Supermicro executives speaking on the record:
    When a suspicious firmware update was discovered on an Apple server previously purchased from Supermicro in 2015 and were advised it did not come from them despite what Apple believed at the time Apple stopped communication on the issue rather than pursuing it with Supermicro to get to the bottom of it.

    -No current Apple executive has been willing to be quoted on the record disputing the Bloomberg story, only communicating "anonymously" with any statements from Apple coming only from the PR department AFAIK.
    Apple's former Chief Legal Officer Bruce Sewell was offered as evidence and spoke on the record, but he's retired and no longer represents them. Where's the current Chief Legal Officer's statement? Or Cook's for that matter?

    Still siding with Apple and Amazon but not nearly as convinced as I was 48 hours ago. 
    So who are you the all seeing and all knowing gator??? I don't think so.....
    The post you quoted is typical of this user’s pattern of FUD dispensing — Fear, Uncertainty, Doubt. It’s a tactic used to subtly deploy a particular narrative after Apple’s failings, doom, etc. You’ll soon recognize it on 80% of this person’s posts. 
    magman1979mwhite
  • Reply 13 of 46
    gatorguygatorguy Posts: 24,604member
    tmay said:
    gatorguy said:
    tmay said:
    gatorguy said:
    tmay said:
    gatorguy said:
    AI: "Thursday's story claimed Chinese operatives managed to sneak a microchip the size of a grain of rice onto 7000 motherboards produced by Supermicro, which supplied those compromised parts for use in Apple's iCloud data centers."

    Didn't Bloomberg actually say it wasn't known if any of the 7000 servers already in use were compromised? I don't them saying anywhere in the article that they were, only that Apple had 7000 in use that potentially could have been. Of note Apple claims no servers were sent back to Supermicro, but in 2015 the supplier themselves said exactly that, Apple was returning recently purchased servers. No reason for Supermicro to say Apple sent servers back unless they had. 
    So, Bloomberg decided to implicate Amazon and Apple, not the other 28 companies, just to create the more menacing hardware story, all the while lacking specific data on what actually happened to the hardware, if anything? 

    After reading the article, I was under the impression that Apple shipped the servers back due to firmware issues, not any hardware shortcoming.
    The "firmware issue" you mention was reportedly finding a non-matching and non-official firmware version on one of the servers in a lab. When the suspicious software was reported to Supermicro Apple said it came directly from Supermicro hosted files on their secure site. Supermicro said no it didn't, it was not a valid version number and asked for further information and clarification.  I'm 100% sure Apple would have been just a tad curious at that point how it got there if it wasn't official firmware just as Supermicro would have been. But instead Apple stopped cooperation and communication at that point. 

    That's an odd response if true, and that didn't originate from the Bloomberg story either. Those statements of supposerd fact were made by Supermicro themselves. 

    So three current incongruencies stand out to me as of this morning:

    -Apple (PR) said they didn't send servers back, just cancelled further purchases sometime later for unrelated reasons. Supermicro themselves on the record says that's not correct, Apple was already sending back servers previously sold to them after the unofficial firmware version was discovered on at least one server.

    - According again to Supermicro executives speaking on the record:
    When a suspicious firmware update was discovered on an Apple server previously purchased from Supermicro in 2015 and were advised it did not come from them despite what Apple believed at the time Apple stopped communication on the issue rather than pursuing it with Supermicro to get to the bottom of it.

    -No current Apple executive has been willing to be quoted on the record disputing the Bloomberg story, only communicating "anonymously" with one publication.  Any statements attributed to "Apple" have come only from the PR department AFAIK, no specific Apple executive so far willing to go on the record themselves. 
    Apple's former Chief Legal Officer and executive Bruce Sewell was offered as evidence and spoke on the record, but he's retired and no longer represents them. Where's the current Chief Legal Officer's statement rather the the retired's? 

    But I'm still siding with Apple and Amazon, just not nearly as convinced as I was 48 hours ago.
    My point is that there has been zero collaboration of the "grain of rice' hardware story. That Apple hasn't sent out a senior executive to comment on this at this time is actually not unusual for Apple for any "gate" event, which Bloomberg seems to want to attempt to create.

    The inference as I read it is that's how the unidentified and not-official Suprermicro firmware got installed on the server, via that "grain of rice" allowing that specific server to be targeted. 
    Aren't you curious how Apple got that version even tho the server supplier says it's not theirs?
    You would think that there would be some evidence of that "grain of rice", yet none has been provided by anyone. No physical evidence, no component, not photos.

    Your current argument is that Apple hasn't responded from the top. I'm not seeing that as meaningful, one way or another.
    No sir that's only a part of what I find odd. Any comment on the other two I mentioned this morning in Post 6?
    edited October 2018
  • Reply 14 of 46
    tmaytmay Posts: 6,453member
    gatorguy said:
    tmay said:
    gatorguy said:
    tmay said:
    gatorguy said:
    tmay said:
    gatorguy said:
    AI: "Thursday's story claimed Chinese operatives managed to sneak a microchip the size of a grain of rice onto 7000 motherboards produced by Supermicro, which supplied those compromised parts for use in Apple's iCloud data centers."

    Didn't Bloomberg actually say it wasn't known if any of the 7000 servers already in use were compromised? I don't them saying anywhere in the article that they were, only that Apple had 7000 in use that potentially could have been. Of note Apple claims no servers were sent back to Supermicro, but in 2015 the supplier themselves said exactly that, Apple was returning recently purchased servers. No reason for Supermicro to say Apple sent servers back unless they had. 
    So, Bloomberg decided to implicate Amazon and Apple, not the other 28 companies, just to create the more menacing hardware story, all the while lacking specific data on what actually happened to the hardware, if anything? 

    After reading the article, I was under the impression that Apple shipped the servers back due to firmware issues, not any hardware shortcoming.
    The "firmware issue" you mention was reportedly finding a non-matching and non-official firmware version on one of the servers in a lab. When the suspicious software was reported to Supermicro Apple said it came directly from Supermicro hosted files on their secure site. Supermicro said no it didn't, it was not a valid version number and asked for further information and clarification.  I'm 100% sure Apple would have been just a tad curious at that point how it got there if it wasn't official firmware just as Supermicro would have been. But instead Apple stopped cooperation and communication at that point. 

    That's an odd response if true, and that didn't originate from the Bloomberg story either. Those statements of supposerd fact were made by Supermicro themselves. 

    So three current incongruencies stand out to me as of this morning:

    -Apple (PR) said they didn't send servers back, just cancelled further purchases sometime later for unrelated reasons. Supermicro themselves on the record says that's not correct, Apple was already sending back servers previously sold to them after the unofficial firmware version was discovered on at least one server.

    - According again to Supermicro executives speaking on the record:
    When a suspicious firmware update was discovered on an Apple server previously purchased from Supermicro in 2015 and were advised it did not come from them despite what Apple believed at the time Apple stopped communication on the issue rather than pursuing it with Supermicro to get to the bottom of it.

    -No current Apple executive has been willing to be quoted on the record disputing the Bloomberg story, only communicating "anonymously" with one publication.  Any statements attributed to "Apple" have come only from the PR department AFAIK, no specific Apple executive so far willing to go on the record themselves. 
    Apple's former Chief Legal Officer and executive Bruce Sewell was offered as evidence and spoke on the record, but he's retired and no longer represents them. Where's the current Chief Legal Officer's statement rather the the retired's? 

    But I'm still siding with Apple and Amazon, just not nearly as convinced as I was 48 hours ago.
    My point is that there has been zero collaboration of the "grain of rice' hardware story. That Apple hasn't sent out a senior executive to comment on this at this time is actually not unusual for Apple for any "gate" event, which Bloomberg seems to want to attempt to create.

    The inference as I read it is that's how the unidentified and not-official Suprermicro firmware got installed on the server, via that "grain of rice" allowing that specific server to be targeted. 
    Aren't you curious how Apple got that version even tho the server supplier says it's not theirs?
    You would think that there would be some evidence of that "grain of rice", yet none has been provided by anyone. No physical evidence, no component, not photos.

    Your current argument is that Apple hasn't responded from the top. I'm not seeing that as meaningful, one way or another.
    No sir that's only a part of what I find odd. Any comment on the other two I mentioned this morning in Post 6?
    Have fun with your conspiracy.
    StrangeDays
  • Reply 15 of 46
    gatorguygatorguy Posts: 24,604member
    tmay said:
    gatorguy said:
    tmay said:
    gatorguy said:
    tmay said:
    gatorguy said:
    tmay said:
    gatorguy said:
    AI: "Thursday's story claimed Chinese operatives managed to sneak a microchip the size of a grain of rice onto 7000 motherboards produced by Supermicro, which supplied those compromised parts for use in Apple's iCloud data centers."

    Didn't Bloomberg actually say it wasn't known if any of the 7000 servers already in use were compromised? I don't them saying anywhere in the article that they were, only that Apple had 7000 in use that potentially could have been. Of note Apple claims no servers were sent back to Supermicro, but in 2015 the supplier themselves said exactly that, Apple was returning recently purchased servers. No reason for Supermicro to say Apple sent servers back unless they had. 
    So, Bloomberg decided to implicate Amazon and Apple, not the other 28 companies, just to create the more menacing hardware story, all the while lacking specific data on what actually happened to the hardware, if anything? 

    After reading the article, I was under the impression that Apple shipped the servers back due to firmware issues, not any hardware shortcoming.
    The "firmware issue" you mention was reportedly finding a non-matching and non-official firmware version on one of the servers in a lab. When the suspicious software was reported to Supermicro Apple said it came directly from Supermicro hosted files on their secure site. Supermicro said no it didn't, it was not a valid version number and asked for further information and clarification.  I'm 100% sure Apple would have been just a tad curious at that point how it got there if it wasn't official firmware just as Supermicro would have been. But instead Apple stopped cooperation and communication at that point. 

    That's an odd response if true, and that didn't originate from the Bloomberg story either. Those statements of supposerd fact were made by Supermicro themselves. 

    So three current incongruencies stand out to me as of this morning:

    -Apple (PR) said they didn't send servers back, just cancelled further purchases sometime later for unrelated reasons. Supermicro themselves on the record says that's not correct, Apple was already sending back servers previously sold to them after the unofficial firmware version was discovered on at least one server.

    - According again to Supermicro executives speaking on the record:
    When a suspicious firmware update was discovered on an Apple server previously purchased from Supermicro in 2015 and were advised it did not come from them despite what Apple believed at the time Apple stopped communication on the issue rather than pursuing it with Supermicro to get to the bottom of it.

    -No current Apple executive has been willing to be quoted on the record disputing the Bloomberg story, only communicating "anonymously" with one publication.  Any statements attributed to "Apple" have come only from the PR department AFAIK, no specific Apple executive so far willing to go on the record themselves. 
    Apple's former Chief Legal Officer and executive Bruce Sewell was offered as evidence and spoke on the record, but he's retired and no longer represents them. Where's the current Chief Legal Officer's statement rather the the retired's? 

    But I'm still siding with Apple and Amazon, just not nearly as convinced as I was 48 hours ago.
    My point is that there has been zero collaboration of the "grain of rice' hardware story. That Apple hasn't sent out a senior executive to comment on this at this time is actually not unusual for Apple for any "gate" event, which Bloomberg seems to want to attempt to create.

    The inference as I read it is that's how the unidentified and not-official Suprermicro firmware got installed on the server, via that "grain of rice" allowing that specific server to be targeted. 
    Aren't you curious how Apple got that version even tho the server supplier says it's not theirs?
    You would think that there would be some evidence of that "grain of rice", yet none has been provided by anyone. No physical evidence, no component, not photos.

    Your current argument is that Apple hasn't responded from the top. I'm not seeing that as meaningful, one way or another.
    No sir that's only a part of what I find odd. Any comment on the other two I mentioned this morning in Post 6?
    Have fun with your conspiracy.
    No comment. Fair enough. 

    To be clear I'm not claiming any conspiracies either as you would know if you read what I wrote which you presumably did. I have questions on a couple of things and far from claiming a bunch of agencies are in cahoots to hide the truth. You obviously prefer not to acknowledge there could be any questions, everything is perfectly clear to you. It's all good,
  • Reply 16 of 46
    gatorguygatorguy Posts: 24,604member
    mwhite said:
    gatorguy said:
    tmay said:
    gatorguy said:
    AI: "Thursday's story claimed Chinese operatives managed to sneak a microchip the size of a grain of rice onto 7000 motherboards produced by Supermicro, which supplied those compromised parts for use in Apple's iCloud data centers."

    Didn't Bloomberg actually say it wasn't known if any of the 7000 servers already in use were compromised? I don't them saying anywhere in the article that they were, only that Apple had 7000 in use that potentially could have been. Of note Apple claims no servers were sent back to Supermicro, but in 2015 the supplier themselves said exactly that, Apple was returning recently purchased servers. No reason for Supermicro to say Apple sent servers back unless they had. 
    So, Bloomberg decided to implicate Amazon and Apple, not the other 28 companies, just to create the more menacing hardware story, all the while lacking specific data on what actually happened to the hardware, if anything? 

    After reading the article, I was under the impression that Apple shipped the servers back due to firmware issues, not any hardware shortcoming.
    The "firmware issue" you mention was reportedly finding a non-matching and non-official firmware version on one of the servers in a lab. When the suspicious software was reported to Supermicro Apple said it came directly from Supermicro hosted files on their secure site. Supermicro said no it didn't, it was not a valid version number and asked for further information and clarification.  I'm 100% sure Apple would have been just a tad curious at that point how it got there if it wasn't official firmware just as Supermicro would have been. But instead Apple stopped cooperation and communication at that point. 

    That's an odd response if true, and that didn't originate from the Bloomberg story either. Those statements of supposerd fact were made by Supermicro themselves. 

    So three current incongruences stand out to me as of this morning:

    -Apple said they didn't send servers back, just cancelled further purchases sometime later. Supermicro themselves says that's not correct, Apple was already sending back servers previously sold to them. 

    - According again to Supermicro executives speaking on the record:
    When a suspicious firmware update was discovered on an Apple server previously purchased from Supermicro in 2015 and were advised it did not come from them despite what Apple believed at the time Apple stopped communication on the issue rather than pursuing it with Supermicro to get to the bottom of it.

    -No current Apple executive has been willing to be quoted on the record disputing the Bloomberg story, only communicating "anonymously" with any statements from Apple coming only from the PR department AFAIK.
    Apple's former Chief Legal Officer Bruce Sewell was offered as evidence and spoke on the record, but he's retired and no longer represents them. Where's the current Chief Legal Officer's statement? Or Cook's for that matter?

    Still siding with Apple and Amazon but not nearly as convinced as I was 48 hours ago. 
    So who are you the all seeing and all knowing gator??? I don't think so.....
    The post you quoted is typical of this user’s pattern of FUD dispensing — Fear, Uncertainty, Doubt. It’s a tactic used to subtly deploy a particular narrative after Apple’s failings, doom, etc. You’ll soon recognize it on 80% of this person’s posts. 
    Well that certainly answered all those questions point by point. Thanks.

    LOL
    edited October 2018 muthuk_vanalingamdysamoria
  • Reply 17 of 46
    tmaytmay Posts: 6,453member
    gatorguy said:
    tmay said:
    gatorguy said:
    tmay said:
    gatorguy said:
    tmay said:
    gatorguy said:
    tmay said:
    gatorguy said:
    AI: "Thursday's story claimed Chinese operatives managed to sneak a microchip the size of a grain of rice onto 7000 motherboards produced by Supermicro, which supplied those compromised parts for use in Apple's iCloud data centers."

    Didn't Bloomberg actually say it wasn't known if any of the 7000 servers already in use were compromised? I don't them saying anywhere in the article that they were, only that Apple had 7000 in use that potentially could have been. Of note Apple claims no servers were sent back to Supermicro, but in 2015 the supplier themselves said exactly that, Apple was returning recently purchased servers. No reason for Supermicro to say Apple sent servers back unless they had. 
    So, Bloomberg decided to implicate Amazon and Apple, not the other 28 companies, just to create the more menacing hardware story, all the while lacking specific data on what actually happened to the hardware, if anything? 

    After reading the article, I was under the impression that Apple shipped the servers back due to firmware issues, not any hardware shortcoming.
    The "firmware issue" you mention was reportedly finding a non-matching and non-official firmware version on one of the servers in a lab. When the suspicious software was reported to Supermicro Apple said it came directly from Supermicro hosted files on their secure site. Supermicro said no it didn't, it was not a valid version number and asked for further information and clarification.  I'm 100% sure Apple would have been just a tad curious at that point how it got there if it wasn't official firmware just as Supermicro would have been. But instead Apple stopped cooperation and communication at that point. 

    That's an odd response if true, and that didn't originate from the Bloomberg story either. Those statements of supposerd fact were made by Supermicro themselves. 

    So three current incongruencies stand out to me as of this morning:

    -Apple (PR) said they didn't send servers back, just cancelled further purchases sometime later for unrelated reasons. Supermicro themselves on the record says that's not correct, Apple was already sending back servers previously sold to them after the unofficial firmware version was discovered on at least one server.

    - According again to Supermicro executives speaking on the record:
    When a suspicious firmware update was discovered on an Apple server previously purchased from Supermicro in 2015 and were advised it did not come from them despite what Apple believed at the time Apple stopped communication on the issue rather than pursuing it with Supermicro to get to the bottom of it.

    -No current Apple executive has been willing to be quoted on the record disputing the Bloomberg story, only communicating "anonymously" with one publication.  Any statements attributed to "Apple" have come only from the PR department AFAIK, no specific Apple executive so far willing to go on the record themselves. 
    Apple's former Chief Legal Officer and executive Bruce Sewell was offered as evidence and spoke on the record, but he's retired and no longer represents them. Where's the current Chief Legal Officer's statement rather the the retired's? 

    But I'm still siding with Apple and Amazon, just not nearly as convinced as I was 48 hours ago.
    My point is that there has been zero collaboration of the "grain of rice' hardware story. That Apple hasn't sent out a senior executive to comment on this at this time is actually not unusual for Apple for any "gate" event, which Bloomberg seems to want to attempt to create.

    The inference as I read it is that's how the unidentified and not-official Suprermicro firmware got installed on the server, via that "grain of rice" allowing that specific server to be targeted. 
    Aren't you curious how Apple got that version even tho the server supplier says it's not theirs?
    You would think that there would be some evidence of that "grain of rice", yet none has been provided by anyone. No physical evidence, no component, not photos.

    Your current argument is that Apple hasn't responded from the top. I'm not seeing that as meaningful, one way or another.
    No sir that's only a part of what I find odd. Any comment on the other two I mentioned this morning in Post 6?
    Have fun with your conspiracy.
    No comment. Fair enough. 

    To be clear I'm not claiming any conspiracies either as you would know if you read what I wrote which you presumably did. I have questions on a couple of things and far from claiming a bunch of agencies are in cahoots to hide the truth. You obviously prefer not to acknowledge there could be any questions, everything is perfectly clear to you. It's all good,
    I acknowledge that there are questions. Hence why I found this article much more enlightening;

    https://www.theregister.co.uk/2018/10/04/supermicro_bloomberg/

    Lots of IT people commenting on this. Bottom line, unlikely that a component could be added on the board, it would be discovered. Hiding the component within the board layers is technically difficult, would have to be small to avoid discovery by X-Ray, and other means. Even then, monitoring network traffic would have likely found any transmissions pretty quickly.

    All in all, attempting to decide who is telling the truth based on the veracity of the statements, or the elevation of the company official posting it, is a fool's errand.
    edited October 2018 StrangeDaysdysamoria
  • Reply 18 of 46
    grifmxgrifmx Posts: 92member
    so now this whole thing must all be solved by iFixIt, unless they need to play dumb too, if it's real. haha there is really no one to trust anymore.
  • Reply 19 of 46
    So, fake news?
    If it didn’t happen his time there is nothing keeping the thieving Chinese govt from doing it a year from now when everyone’s forgotten about this. We can’t allow that. 

    The Chinese govt is engaging right now in the greatest theft of American intellectual property and tech by ALL means possible. Goal: bring down the US economy. This is real. Anyone who thinks it’s some joke is totally uninformed. Just today NPR published a story exactly about what the Chinese govt is doing to us:

    China Makes A Big Play In Silicon Valley - NPR https://apple.news/ALymw-5ufTZGdpRdRMc03DQ
    60sguy
  • Reply 20 of 46
    gatorguygatorguy Posts: 24,604member
    tmay said:
    gatorguy said:
    tmay said:
    gatorguy said:
    tmay said:
    gatorguy said:
    tmay said:
    gatorguy said:
    tmay said:
    gatorguy said:
    AI: "Thursday's story claimed Chinese operatives managed to sneak a microchip the size of a grain of rice onto 7000 motherboards produced by Supermicro, which supplied those compromised parts for use in Apple's iCloud data centers."

    Didn't Bloomberg actually say it wasn't known if any of the 7000 servers already in use were compromised? I don't them saying anywhere in the article that they were, only that Apple had 7000 in use that potentially could have been. Of note Apple claims no servers were sent back to Supermicro, but in 2015 the supplier themselves said exactly that, Apple was returning recently purchased servers. No reason for Supermicro to say Apple sent servers back unless they had. 
    So, Bloomberg decided to implicate Amazon and Apple, not the other 28 companies, just to create the more menacing hardware story, all the while lacking specific data on what actually happened to the hardware, if anything? 

    After reading the article, I was under the impression that Apple shipped the servers back due to firmware issues, not any hardware shortcoming.
    The "firmware issue" you mention was reportedly finding a non-matching and non-official firmware version on one of the servers in a lab. When the suspicious software was reported to Supermicro Apple said it came directly from Supermicro hosted files on their secure site. Supermicro said no it didn't, it was not a valid version number and asked for further information and clarification.  I'm 100% sure Apple would have been just a tad curious at that point how it got there if it wasn't official firmware just as Supermicro would have been. But instead Apple stopped cooperation and communication at that point. 

    That's an odd response if true, and that didn't originate from the Bloomberg story either. Those statements of supposerd fact were made by Supermicro themselves. 

    So three current incongruencies stand out to me as of this morning:

    -Apple (PR) said they didn't send servers back, just cancelled further purchases sometime later for unrelated reasons. Supermicro themselves on the record says that's not correct, Apple was already sending back servers previously sold to them after the unofficial firmware version was discovered on at least one server.

    - According again to Supermicro executives speaking on the record:
    When a suspicious firmware update was discovered on an Apple server previously purchased from Supermicro in 2015 and were advised it did not come from them despite what Apple believed at the time Apple stopped communication on the issue rather than pursuing it with Supermicro to get to the bottom of it.

    -No current Apple executive has been willing to be quoted on the record disputing the Bloomberg story, only communicating "anonymously" with one publication.  Any statements attributed to "Apple" have come only from the PR department AFAIK, no specific Apple executive so far willing to go on the record themselves. 
    Apple's former Chief Legal Officer and executive Bruce Sewell was offered as evidence and spoke on the record, but he's retired and no longer represents them. Where's the current Chief Legal Officer's statement rather the the retired's? 

    But I'm still siding with Apple and Amazon, just not nearly as convinced as I was 48 hours ago.
    My point is that there has been zero collaboration of the "grain of rice' hardware story. That Apple hasn't sent out a senior executive to comment on this at this time is actually not unusual for Apple for any "gate" event, which Bloomberg seems to want to attempt to create.

    The inference as I read it is that's how the unidentified and not-official Suprermicro firmware got installed on the server, via that "grain of rice" allowing that specific server to be targeted. 
    Aren't you curious how Apple got that version even tho the server supplier says it's not theirs?
    You would think that there would be some evidence of that "grain of rice", yet none has been provided by anyone. No physical evidence, no component, not photos.

    Your current argument is that Apple hasn't responded from the top. I'm not seeing that as meaningful, one way or another.
    No sir that's only a part of what I find odd. Any comment on the other two I mentioned this morning in Post 6?
    Have fun with your conspiracy.
    No comment. Fair enough. 

    To be clear I'm not claiming any conspiracies either as you would know if you read what I wrote which you presumably did. I have questions on a couple of things and far from claiming a bunch of agencies are in cahoots to hide the truth. You obviously prefer not to acknowledge there could be any questions, everything is perfectly clear to you. It's all good,
    I acknowledge that there are questions. Hence why I found this article much more enlightening;

    https://www.theregister.co.uk/2018/10/04/supermicro_bloomberg/

    Lots of IT people commenting on this. Bottom line, unlikely that a component could be added on the board, it would be discovered. Hiding the component within the board layers is technically difficult, would have to be small to avoid discovery by X-Ray, and other means. Even then, monitoring network traffic would have likely found any transmissions pretty quickly.

    All in all, attempting to decide who is telling the truth based on the veracity of the statements, or the elevation of the company official posting it, is a fool's errand.
    Thanks, it's a decent article and discussion, tho I'd disagree on what the the bottom line was. It looks like the article tends to believe Bloomberg and explains how it could have been accomplished without being quickly noticed.
Sign In or Register to comment.