AI: "Thursday's story claimed Chinese operatives managed to sneak a microchip the size of a grain of rice onto 7000 motherboards produced by Supermicro, which supplied those compromised parts for use in Apple's iCloud data centers."
Didn't Bloomberg actually say it wasn't known if any of the 7000 servers already in use were compromised? I don't them saying anywhere in the article that they were, only that Apple had 7000 in use that potentially could have been. Of note Apple claims no servers were sent back to Supermicro, but in 2015 the supplier themselves said exactly that, Apple was returning recently purchased servers. No reason for Supermicro to say Apple sent servers back unless they had.
So, Bloomberg decided to implicate Amazon and Apple, not the other 28 companies, just to create the more menacing hardware story, all the while lacking specific data on what actually happened to the hardware, if anything?
After reading the article, I was under the impression that Apple shipped the servers back due to firmware issues, not any hardware shortcoming.
The "firmware issue" you mention was reportedly finding a non-matching and non-official firmware version on one of the servers in a lab. When the suspicious software was reported to Supermicro Apple said it came directly from Supermicro hosted files on their secure site. Supermicro said no it didn't, it was not a valid version number and asked for further information and clarification. I'm 100% sure Apple would have been just a tad curious at that point how it got there if it wasn't official firmware just as Supermicro would have been. But instead Apple stopped cooperation and communication at that point.
That's an odd response if true, and that didn't originate from the Bloomberg story either. Those statements of supposerd fact were made by Supermicro themselves.
So three current incongruencies stand out to me as of this morning:
-Apple (PR) said they didn't send servers back, just cancelled further purchases sometime later for unrelated reasons. Supermicro themselves on the record says that's not correct, Apple was already sending back servers previously sold to them after the unofficial firmware version was discovered on at least one server.
- According again to Supermicro executives speaking on the record: When a suspicious firmware update was discovered on an Apple server previously purchased from Supermicro in 2015 and were advised it did not come from them despite what Apple believed at the time Apple stopped communication on the issue rather than pursuing it with Supermicro to get to the bottom of it.
-No current Apple executive has been willing to be quoted on the record disputing the Bloomberg story, only communicating "anonymously" with one publication. Any statements attributed to "Apple" have come only from the PR department AFAIK, no specific Apple executive so far willing to go on the record themselves. Apple's former Chief Legal Officer and executive Bruce Sewell was offered as evidence and spoke on the record, but he's retired and no longer represents them. Where's the current Chief Legal Officer's statement rather the the retired's?
But I'm still siding with Apple and Amazon, just not nearly as convinced as I was 48 hours ago.
My point is that there has been zero collaboration of the "grain of rice' hardware story. That Apple hasn't sent out a senior executive to comment on this at this time is actually not unusual for Apple for any "gate" event, which Bloomberg seems to want to attempt to create.
The inference as I read it is that's how the unidentified and not-official Suprermicro firmware got installed on the server, via that "grain of rice" allowing that specific server to be targeted. Aren't you curious how Apple got that version even tho the server supplier says it's not theirs?
You would think that there would be some evidence of that "grain of rice", yet none has been provided by anyone. No physical evidence, no component, not photos.
Your current argument is that Apple hasn't responded from the top. I'm not seeing that as meaningful, one way or another.
No sir that's only a part of what I find odd. Any comment on the other two I mentioned this morning in Post 6?
Have fun with your conspiracy.
No comment. Fair enough.
To be clear I'm not claiming any conspiracies either as you would know if you read what I wrote which you presumably did. I have questions on a couple of things and far from claiming a bunch of agencies are in cahoots to hide the truth. You obviously prefer not to acknowledge there could be any questions, everything is perfectly clear to you. It's all good,
I acknowledge that there are questions. Hence why I found this article much more enlightening;
Lots of IT people commenting on this. Bottom line, unlikely that a component could be added on the board, it would be discovered. Hiding the component within the board layers is technically difficult, would have to be small to avoid discovery by X-Ray, and other means. Even then, monitoring network traffic would have likely found any transmissions pretty quickly.
All in all, attempting to decide who is telling the truth based on the veracity of the statements, or the elevation of the company official posting it, is a fool's errand.
Thanks, it's a decent article and discussion, tho I'd disagree on what the the bottom line was. It looks like the article tends to believe Bloomberg and explains how it could have been accomplished without being quickly noticed.
I don't disagree that it could have happened, or did happen, or even happened differently, but Apple, and Amazon have not given statements to that effect the it happened to them as stated by Bloomberg; there is, of course, those other 28 companies who haven't been named, nor have responded independently, that adds even more questions to the Bloomberg article
My problem with your analysis is that it is based on a flawed premise, that the level of official response is an indicator of truthfulness.
There is no test for that, and absent any other evidence from Bloomberg, I have no choice but to consider the three named companies equally reliable and truthful in their statements, even with the conflicts, at least until the inconsistencies have been addressed. That would seem to be something that Bloomberg needs to do.
AI: "Thursday's story claimed Chinese operatives managed to sneak a microchip the size of a grain of rice onto 7000 motherboards produced by Supermicro, which supplied those compromised parts for use in Apple's iCloud data centers."
Didn't Bloomberg actually say it wasn't known if any of the 7000 servers already in use were compromised? I don't them saying anywhere in the article that they were, only that Apple had 7000 in use that potentially could have been. Of note Apple claims no servers were sent back to Supermicro, but in 2015 the supplier themselves said exactly that, Apple was returning recently purchased servers. No reason for Supermicro to say Apple sent servers back unless they had.
So, Bloomberg decided to implicate Amazon and Apple, not the other 28 companies, just to create the more menacing hardware story, all the while lacking specific data on what actually happened to the hardware, if anything?
After reading the article, I was under the impression that Apple shipped the servers back due to firmware issues, not any hardware shortcoming.
The "firmware issue" you mention was reportedly finding a non-matching and non-official firmware version on one of the servers in a lab. When the suspicious software was reported to Supermicro Apple said it came directly from Supermicro hosted files on their secure site. Supermicro said no it didn't, it was not a valid version number and asked for further information and clarification. I'm 100% sure Apple would have been just a tad curious at that point how it got there if it wasn't official firmware just as Supermicro would have been. But instead Apple stopped cooperation and communication at that point.
That's an odd response if true, and that didn't originate from the Bloomberg story either. Those statements of supposerd fact were made by Supermicro themselves.
So three current incongruencies stand out to me as of this morning:
-Apple (PR) said they didn't send servers back, just cancelled further purchases sometime later for unrelated reasons. Supermicro themselves on the record says that's not correct, Apple was already sending back servers previously sold to them after the unofficial firmware version was discovered on at least one server.
- According again to Supermicro executives speaking on the record: When a suspicious firmware update was discovered on an Apple server previously purchased from Supermicro in 2015 and were advised it did not come from them despite what Apple believed at the time Apple stopped communication on the issue rather than pursuing it with Supermicro to get to the bottom of it.
-No current Apple executive has been willing to be quoted on the record disputing the Bloomberg story, only communicating "anonymously" with one publication. Any statements attributed to "Apple" have come only from the PR department AFAIK, no specific Apple executive so far willing to go on the record themselves. Apple's former Chief Legal Officer and executive Bruce Sewell was offered as evidence and spoke on the record, but he's retired and no longer represents them. Where's the current Chief Legal Officer's statement rather the the retired's?
But I'm still siding with Apple and Amazon, just not nearly as convinced as I was 48 hours ago.
My point is that there has been zero collaboration of the "grain of rice' hardware story. That Apple hasn't sent out a senior executive to comment on this at this time is actually not unusual for Apple for any "gate" event, which Bloomberg seems to want to attempt to create.
The inference as I read it is that's how the unidentified and not-official Suprermicro firmware got installed on the server, via that "grain of rice" allowing that specific server to be targeted. Aren't you curious how Apple got that version even tho the server supplier says it's not theirs?
You would think that there would be some evidence of that "grain of rice", yet none has been provided by anyone. No physical evidence, no component, not photos.
Your current argument is that Apple hasn't responded from the top. I'm not seeing that as meaningful, one way or another.
No sir that's only a part of what I find odd. Any comment on the other two I mentioned this morning in Post 6?
Have fun with your conspiracy.
No comment. Fair enough.
To be clear I'm not claiming any conspiracies either as you would know if you read what I wrote which you presumably did. I have questions on a couple of things and far from claiming a bunch of agencies are in cahoots to hide the truth. You obviously prefer not to acknowledge there could be any questions, everything is perfectly clear to you. It's all good,
I acknowledge that there are questions. Hence why I found this article much more enlightening;
Lots of IT people commenting on this. Bottom line, unlikely that a component could be added on the board, it would be discovered. Hiding the component within the board layers is technically difficult, would have to be small to avoid discovery by X-Ray, and other means. Even then, monitoring network traffic would have likely found any transmissions pretty quickly.
All in all, attempting to decide who is telling the truth based on the veracity of the statements, or the elevation of the company official posting it, is a fool's errand.
Thanks, it's a decent article and discussion, tho I'd disagree on what the the bottom line was. It looks like the article tends to believe Bloomberg and explains how it could have been accomplished without being quickly noticed.
I don't disagree that it could have happened, or did happen, or even happened differently....
My problem with your analysis is that it is based on a flawed premise, that the level of official response is an indicator of truthfulness.
That's but one of at least three concerns I have. You know that, but for whatever reason deciding not to comment on the other two I've already specifically mentioned.
-- How would you explain Apple choosing to cease looking into a questionable server firmware version alongside the provider, and apparently quite quickly, after initially contacting them for assistance and advisement? I offered my opinion on one logical reason for it, what's yours? -- How do you explain Apple (PR?) saying they didn't return servers to Supermicro after discovering that mysterious firmware update yet Supermicro going on the record saying they did?
AI: "Thursday's story claimed Chinese operatives managed to sneak a microchip the size of a grain of rice onto 7000 motherboards produced by Supermicro, which supplied those compromised parts for use in Apple's iCloud data centers."
Didn't Bloomberg actually say it wasn't known if any of the 7000 servers already in use were compromised? I don't them saying anywhere in the article that they were, only that Apple had 7000 in use that potentially could have been. Of note Apple claims no servers were sent back to Supermicro, but in 2015 the supplier themselves said exactly that, Apple was returning recently purchased servers. No reason for Supermicro to say Apple sent servers back unless they had.
So, Bloomberg decided to implicate Amazon and Apple, not the other 28 companies, just to create the more menacing hardware story, all the while lacking specific data on what actually happened to the hardware, if anything?
After reading the article, I was under the impression that Apple shipped the servers back due to firmware issues, not any hardware shortcoming.
The "firmware issue" you mention was reportedly finding a non-matching and non-official firmware version on one of the servers in a lab. When the suspicious software was reported to Supermicro Apple said it came directly from Supermicro hosted files on their secure site. Supermicro said no it didn't, it was not a valid version number and asked for further information and clarification. I'm 100% sure Apple would have been just a tad curious at that point how it got there if it wasn't official firmware just as Supermicro would have been. But instead Apple stopped cooperation and communication at that point.
That's an odd response if true, and that didn't originate from the Bloomberg story either. Those statements of supposerd fact were made by Supermicro themselves.
So three current incongruences stand out to me as of this morning:
-Apple said they didn't send servers back, just cancelled further purchases sometime later. Supermicro themselves says that's not correct, Apple was already sending back servers previously sold to them.
- According again to Supermicro executives speaking on the record: When a suspicious firmware update was discovered on an Apple server previously purchased from Supermicro in 2015 and were advised it did not come from them despite what Apple believed at the time Apple stopped communication on the issue rather than pursuing it with Supermicro to get to the bottom of it.
-No current Apple executive has been willing to be quoted on the record disputing the Bloomberg story, only communicating "anonymously" with any statements from Apple coming only from the PR department AFAIK. Apple's former Chief Legal Officer Bruce Sewell was offered as evidence and spoke on the record, but he's retired and no longer represents them. Where's the current Chief Legal Officer's statement? Or Cook's for that matter?
Still siding with Apple and Amazon but not nearly as convinced as I was 48 hours ago.
So who are you the all seeing and all knowing gator??? I don't think so.....
mwhite, who are you to dispute gatorguy's statements? Declare your real name and your experience in this issue. gatorguy's been around a long time and has some inside and informative information even though I don't always agree with him or his political ideals. As for me, I have >30 years working as a subcontractor for a branch of the US government so I've seen boards checked out when they arrive.
My original statement on a previous article was Bloomberg is simply trying to disrupt the stock market, going after Apple and Amazon, with speculation based on hearsay. Let's see some actual proof in the form of actual computer boards sold to any US company with the nefarious chip. As for firmware, everyone who's ever dealt with Symantec knows all about corrupted downloads that brick computers. Microsoft, and others, do the same thing as do disk drive vendors with their collection of toxic software installed on drives destined for consumers who usually haven't the faintest idea what they're getting.
AI: "Thursday's story claimed Chinese operatives managed to sneak a microchip the size of a grain of rice onto 7000 motherboards produced by Supermicro, which supplied those compromised parts for use in Apple's iCloud data centers."
Didn't Bloomberg actually say it wasn't known if any of the 7000 servers already in use were compromised? I don't them saying anywhere in the article that they were, only that Apple had 7000 in use that potentially could have been. Of note Apple claims no servers were sent back to Supermicro, but in 2015 the supplier themselves said exactly that, Apple was returning recently purchased servers. No reason for Supermicro to say Apple sent servers back unless they had.
So, Bloomberg decided to implicate Amazon and Apple, not the other 28 companies, just to create the more menacing hardware story, all the while lacking specific data on what actually happened to the hardware, if anything?
After reading the article, I was under the impression that Apple shipped the servers back due to firmware issues, not any hardware shortcoming.
The "firmware issue" you mention was reportedly finding a non-matching and non-official firmware version on one of the servers in a lab. When the suspicious software was reported to Supermicro Apple said it came directly from Supermicro hosted files on their secure site. Supermicro said no it didn't, it was not a valid version number and asked for further information and clarification. I'm 100% sure Apple would have been just a tad curious at that point how it got there if it wasn't official firmware just as Supermicro would have been. But instead Apple stopped cooperation and communication at that point.
That's an odd response if true, and that didn't originate from the Bloomberg story either. Those statements of supposerd fact were made by Supermicro themselves.
So three current incongruencies stand out to me as of this morning:
-Apple (PR) said they didn't send servers back, just cancelled further purchases sometime later for unrelated reasons. Supermicro themselves on the record says that's not correct, Apple was already sending back servers previously sold to them after the unofficial firmware version was discovered on at least one server.
- According again to Supermicro executives speaking on the record: When a suspicious firmware update was discovered on an Apple server previously purchased from Supermicro in 2015 and were advised it did not come from them despite what Apple believed at the time Apple stopped communication on the issue rather than pursuing it with Supermicro to get to the bottom of it.
-No current Apple executive has been willing to be quoted on the record disputing the Bloomberg story, only communicating "anonymously" with one publication. Any statements attributed to "Apple" have come only from the PR department AFAIK, no specific Apple executive so far willing to go on the record themselves. Apple's former Chief Legal Officer and executive Bruce Sewell was offered as evidence and spoke on the record, but he's retired and no longer represents them. Where's the current Chief Legal Officer's statement rather the the retired's?
But I'm still siding with Apple and Amazon, just not nearly as convinced as I was 48 hours ago.
My point is that there has been zero collaboration of the "grain of rice' hardware story. That Apple hasn't sent out a senior executive to comment on this at this time is actually not unusual for Apple for any "gate" event, which Bloomberg seems to want to attempt to create.
The inference as I read it is that's how the unidentified and not-official Suprermicro firmware got installed on the server, via that "grain of rice" allowing that specific server to be targeted. Aren't you curious how Apple got that version even tho the server supplier says it's not theirs?
You would think that there would be some evidence of that "grain of rice", yet none has been provided by anyone. No physical evidence, no component, not photos.
Your current argument is that Apple hasn't responded from the top. I'm not seeing that as meaningful, one way or another.
No sir that's only a part of what I find odd. Any comment on the other two I mentioned this morning in Post 6?
Have fun with your conspiracy.
No comment. Fair enough.
To be clear I'm not claiming any conspiracies either as you would know if you read what I wrote which you presumably did. I have questions on a couple of things and far from claiming a bunch of agencies are in cahoots to hide the truth. You obviously prefer not to acknowledge there could be any questions, everything is perfectly clear to you. It's all good,
I acknowledge that there are questions. Hence why I found this article much more enlightening;
Lots of IT people commenting on this. Bottom line, unlikely that a component could be added on the board, it would be discovered. Hiding the component within the board layers is technically difficult, would have to be small to avoid discovery by X-Ray, and other means. Even then, monitoring network traffic would have likely found any transmissions pretty quickly.
All in all, attempting to decide who is telling the truth based on the veracity of the statements, or the elevation of the company official posting it, is a fool's errand.
Thanks, it's a decent article and discussion, tho I'd disagree on what the the bottom line was. It looks like the article tends to believe Bloomberg and explains how it could have been accomplished without being quickly noticed.
I don't disagree that it could have happened, or did happen, or even happened differently....
My problem with your analysis is that it is based on a flawed premise, that the level of official response is an indicator of truthfulness.
That's but one of at least three concerns I have. You know that, but for whatever reason deciding not to comment on the other two I've already specifically mentioned.
-- How would you explain Apple choosing not to continue looking into a questionable firmware version after contacting the server provider to question it? -- How do you explain Apple (PR?) saying they didn't return servers to Supermicro after discovering that mysterious firmware update yet Supermicro going on the record saying they did?
I actually addressed the other two comments.
Just because Supermicro is "on the record" doesn't necessarily mean that it is absolutely true in its statements. Supermicro should be taken a face value no more nor less than Apple or Amazon, given the fact that beyond Bloomberg, everyone else is indicating that Apple and Amazon are telling the truth.
More to the point, why would Supermicro be given a pass at this point in time? It was, after all, the manufacturing of the boards that is central to the question of whether or not there was a hardware security issue.
At this point in time, it is Bloomberg that needs to clarify the details of the article, not Apple or Amazon.
AI: "Thursday's story claimed Chinese operatives managed to sneak a microchip the size of a grain of rice onto 7000 motherboards produced by Supermicro, which supplied those compromised parts for use in Apple's iCloud data centers."
Didn't Bloomberg actually say it wasn't known if any of the 7000 servers already in use were compromised? I don't them saying anywhere in the article that they were, only that Apple had 7000 in use that potentially could have been. Of note Apple claims no servers were sent back to Supermicro, but in 2015 the supplier themselves said exactly that, Apple was returning recently purchased servers. No reason for Supermicro to say Apple sent servers back unless they had.
So, Bloomberg decided to implicate Amazon and Apple, not the other 28 companies, just to create the more menacing hardware story, all the while lacking specific data on what actually happened to the hardware, if anything?
After reading the article, I was under the impression that Apple shipped the servers back due to firmware issues, not any hardware shortcoming.
The "firmware issue" you mention was reportedly finding a non-matching and non-official firmware version on one of the servers in a lab. When the suspicious software was reported to Supermicro Apple said it came directly from Supermicro hosted files on their secure site. Supermicro said no it didn't, it was not a valid version number and asked for further information and clarification. I'm 100% sure Apple would have been just a tad curious at that point how it got there if it wasn't official firmware just as Supermicro would have been. But instead Apple stopped cooperation and communication at that point.
That's an odd response if true, and that didn't originate from the Bloomberg story either. Those statements of supposerd fact were made by Supermicro themselves.
So three current incongruencies stand out to me as of this morning:
-Apple (PR) said they didn't send servers back, just cancelled further purchases sometime later for unrelated reasons. Supermicro themselves on the record says that's not correct, Apple was already sending back servers previously sold to them after the unofficial firmware version was discovered on at least one server.
- According again to Supermicro executives speaking on the record: When a suspicious firmware update was discovered on an Apple server previously purchased from Supermicro in 2015 and were advised it did not come from them despite what Apple believed at the time Apple stopped communication on the issue rather than pursuing it with Supermicro to get to the bottom of it.
-No current Apple executive has been willing to be quoted on the record disputing the Bloomberg story, only communicating "anonymously" with one publication. Any statements attributed to "Apple" have come only from the PR department AFAIK, no specific Apple executive so far willing to go on the record themselves. Apple's former Chief Legal Officer and executive Bruce Sewell was offered as evidence and spoke on the record, but he's retired and no longer represents them. Where's the current Chief Legal Officer's statement rather the the retired's?
But I'm still siding with Apple and Amazon, just not nearly as convinced as I was 48 hours ago.
My point is that there has been zero collaboration of the "grain of rice' hardware story. That Apple hasn't sent out a senior executive to comment on this at this time is actually not unusual for Apple for any "gate" event, which Bloomberg seems to want to attempt to create.
The inference as I read it is that's how the unidentified and not-official Suprermicro firmware got installed on the server, via that "grain of rice" allowing that specific server to be targeted. Aren't you curious how Apple got that version even tho the server supplier says it's not theirs?
You would think that there would be some evidence of that "grain of rice", yet none has been provided by anyone. No physical evidence, no component, not photos.
Your current argument is that Apple hasn't responded from the top. I'm not seeing that as meaningful, one way or another.
No sir that's only a part of what I find odd. Any comment on the other two I mentioned this morning in Post 6?
Have fun with your conspiracy.
No comment. Fair enough.
To be clear I'm not claiming any conspiracies either as you would know if you read what I wrote which you presumably did. I have questions on a couple of things and far from claiming a bunch of agencies are in cahoots to hide the truth. You obviously prefer not to acknowledge there could be any questions, everything is perfectly clear to you. It's all good,
I acknowledge that there are questions. Hence why I found this article much more enlightening;
Lots of IT people commenting on this. Bottom line, unlikely that a component could be added on the board, it would be discovered. Hiding the component within the board layers is technically difficult, would have to be small to avoid discovery by X-Ray, and other means. Even then, monitoring network traffic would have likely found any transmissions pretty quickly.
All in all, attempting to decide who is telling the truth based on the veracity of the statements, or the elevation of the company official posting it, is a fool's errand.
Thanks, it's a decent article and discussion, tho I'd disagree on what the the bottom line was. It looks like the article tends to believe Bloomberg and explains how it could have been accomplished without being quickly noticed.
I don't disagree that it could have happened, or did happen, or even happened differently....
My problem with your analysis is that it is based on a flawed premise, that the level of official response is an indicator of truthfulness.
That's but one of at least three concerns I have. You know that, but for whatever reason deciding not to comment on the other two I've already specifically mentioned.
-- How would you explain Apple choosing not to continue looking into a questionable firmware version after contacting the server provider to question it? -- How do you explain Apple (PR?) saying they didn't return servers to Supermicro after discovering that mysterious firmware update yet Supermicro going on the record saying they did?
TMay, I think I know you enough from your time in the forums to believe that I've put a couple of new questions in your mind. I don't think you're as firmly convinced now that' there's nothing of truth in the Bloomberg article as Apple and Amazon would have us believe, even if you're not willing to say so right now in the forums.
I respect you and believe you have a more open mind than some others.
AI: "Thursday's story claimed Chinese operatives managed to sneak a microchip the size of a grain of rice onto 7000 motherboards produced by Supermicro, which supplied those compromised parts for use in Apple's iCloud data centers."
Didn't Bloomberg actually say it wasn't known if any of the 7000 servers already in use were compromised? I don't them saying anywhere in the article that they were, only that Apple had 7000 in use that potentially could have been. Of note Apple claims no servers were sent back to Supermicro, but in 2015 the supplier themselves said exactly that, Apple was returning recently purchased servers. No reason for Supermicro to say Apple sent servers back unless they had.
So, Bloomberg decided to implicate Amazon and Apple, not the other 28 companies, just to create the more menacing hardware story, all the while lacking specific data on what actually happened to the hardware, if anything?
After reading the article, I was under the impression that Apple shipped the servers back due to firmware issues, not any hardware shortcoming.
The "firmware issue" you mention was reportedly finding a non-matching and non-official firmware version on one of the servers in a lab. When the suspicious software was reported to Supermicro Apple said it came directly from Supermicro hosted files on their secure site. Supermicro said no it didn't, it was not a valid version number and asked for further information and clarification. I'm 100% sure Apple would have been just a tad curious at that point how it got there if it wasn't official firmware just as Supermicro would have been. But instead Apple stopped cooperation and communication at that point.
That's an odd response if true, and that didn't originate from the Bloomberg story either. Those statements of supposerd fact were made by Supermicro themselves.
So three current incongruencies stand out to me as of this morning:
-Apple (PR) said they didn't send servers back, just cancelled further purchases sometime later for unrelated reasons. Supermicro themselves on the record says that's not correct, Apple was already sending back servers previously sold to them after the unofficial firmware version was discovered on at least one server.
- According again to Supermicro executives speaking on the record: When a suspicious firmware update was discovered on an Apple server previously purchased from Supermicro in 2015 and were advised it did not come from them despite what Apple believed at the time Apple stopped communication on the issue rather than pursuing it with Supermicro to get to the bottom of it.
-No current Apple executive has been willing to be quoted on the record disputing the Bloomberg story, only communicating "anonymously" with one publication. Any statements attributed to "Apple" have come only from the PR department AFAIK, no specific Apple executive so far willing to go on the record themselves. Apple's former Chief Legal Officer and executive Bruce Sewell was offered as evidence and spoke on the record, but he's retired and no longer represents them. Where's the current Chief Legal Officer's statement rather the the retired's?
But I'm still siding with Apple and Amazon, just not nearly as convinced as I was 48 hours ago.
My point is that there has been zero collaboration of the "grain of rice' hardware story. That Apple hasn't sent out a senior executive to comment on this at this time is actually not unusual for Apple for any "gate" event, which Bloomberg seems to want to attempt to create.
The inference as I read it is that's how the unidentified and not-official Suprermicro firmware got installed on the server, via that "grain of rice" allowing that specific server to be targeted. Aren't you curious how Apple got that version even tho the server supplier says it's not theirs?
You would think that there would be some evidence of that "grain of rice", yet none has been provided by anyone. No physical evidence, no component, not photos.
Your current argument is that Apple hasn't responded from the top. I'm not seeing that as meaningful, one way or another.
No sir that's only a part of what I find odd. Any comment on the other two I mentioned this morning in Post 6?
Have fun with your conspiracy.
No comment. Fair enough.
To be clear I'm not claiming any conspiracies either as you would know if you read what I wrote which you presumably did. I have questions on a couple of things and far from claiming a bunch of agencies are in cahoots to hide the truth. You obviously prefer not to acknowledge there could be any questions, everything is perfectly clear to you. It's all good,
I acknowledge that there are questions. Hence why I found this article much more enlightening;
Lots of IT people commenting on this. Bottom line, unlikely that a component could be added on the board, it would be discovered. Hiding the component within the board layers is technically difficult, would have to be small to avoid discovery by X-Ray, and other means. Even then, monitoring network traffic would have likely found any transmissions pretty quickly.
All in all, attempting to decide who is telling the truth based on the veracity of the statements, or the elevation of the company official posting it, is a fool's errand.
Thanks, it's a decent article and discussion, tho I'd disagree on what the the bottom line was. It looks like the article tends to believe Bloomberg and explains how it could have been accomplished without being quickly noticed.
I don't disagree that it could have happened, or did happen, or even happened differently....
My problem with your analysis is that it is based on a flawed premise, that the level of official response is an indicator of truthfulness.
That's but one of at least three concerns I have. You know that, but for whatever reason deciding not to comment on the other two I've already specifically mentioned.
-- How would you explain Apple choosing not to continue looking into a questionable firmware version after contacting the server provider to question it? -- How do you explain Apple (PR?) saying they didn't return servers to Supermicro after discovering that mysterious firmware update yet Supermicro going on the record saying they did?
TMay, I think I know you enough from your time in the forums to believe that I've put a couple of new questions in your mind. I don't think you're as firmly convinced now that' there's nothing of truth in the Bloomberg article as Apple and Amazon would have us believe, even if you're not willing to say so right now in the forums.
I respect you and believe you have a more open mind than some others.
Even if I have doubts, they are more inline with what Supermicro said and represented than Apple or Amazon;
I note your POV on this, from a response in the other thread;
"Has any current Apple executive denied the story on the record? Anyone at all? As far as I know it's only been Apple PR releasing statements.
This Buzzfeed story is no better than the Bloomberg one in some ways. Why, if there's absolutely nothing true in the Bloomberg story, would those Apple executives who offered comments to Buzzfeed only agree to do so only "off the record"? Weirder and weirder....
While originally I had doubts about where the truth was when Apple and Amazon came out with their first set of denials I came around to believing Apple/Amazon as their denials became more specific. While I'm still on Apple's side with this I'm less firmly so less than I was two days ago. A Buzzfeed story claiming absolutely nothing was found after an extensive company-wide investigation but attributed to "multiple high-ranking Apple executives who spoke on the matter anonymously" didn't help anything."
Your doubts are entirely wrt to statements released by various companies, and the level of company officials making those statements, not about the facts, or lack thereof.
Please do not try and associate by doubts with yours; they are not coincident, hence why I find you more interested in any underlying conspiracy between Apple, and various entities and Government Agencies that have backed them up.
The bit I find a bit suss in the Bloomberg story (apart from the pretty clear and detailed denials from all the other entities) is this claim of a chip. That has not been produced.
And besides, adecent spying caper would not have a special chip on the motherboard, it would be built into, part of, a legitimate chip, preferably the CPU or comms chips that would be used by all brands of motherboards.
The easiest of course would be to just build spyware into the firmware.....oh, wait, didn’t Apple possibly find something like that? As in completely different to the Bloomberg story?
Lol. I see someone is still clutching at straws. (and still firmly believe in dubious, to say the least, report)
this is why I never take this gator guy words seriously and almost always believe the opposite of what he said on controversial issue is more likely true. No smart man will give any credence to a people who’s full of agenda.
AI: "Thursday's story claimed Chinese operatives managed to sneak a microchip the size of a grain of rice onto 7000 motherboards produced by Supermicro, which supplied those compromised parts for use in Apple's iCloud data centers."
Didn't Bloomberg actually say it wasn't known if any of the 7000 servers already in use were compromised? I don't them saying anywhere in the article that they were, only that Apple had 7000 in use that potentially could have been. Of note Apple claims no servers were sent back to Supermicro, but in 2015 the supplier themselves said exactly that, Apple was returning recently purchased servers. No reason for Supermicro to say Apple sent servers back unless they had.
So, Bloomberg decided to implicate Amazon and Apple, not the other 28 companies, just to create the more menacing hardware story, all the while lacking specific data on what actually happened to the hardware, if anything?
After reading the article, I was under the impression that Apple shipped the servers back due to firmware issues, not any hardware shortcoming.
The "firmware issue" you mention was reportedly finding a non-matching and non-official firmware version on one of the servers in a lab. When the suspicious software was reported to Supermicro Apple said it came directly from Supermicro hosted files on their secure site. Supermicro said no it didn't, it was not a valid version number and asked for further information and clarification. I'm 100% sure Apple would have been just a tad curious at that point how it got there if it wasn't official firmware just as Supermicro would have been. But instead Apple stopped cooperation and communication at that point.
That's an odd response if true, and that didn't originate from the Bloomberg story either. Those statements of supposerd fact were made by Supermicro themselves.
So three current incongruences stand out to me as of this morning:
-Apple said they didn't send servers back, just cancelled further purchases sometime later. Supermicro themselves says that's not correct, Apple was already sending back servers previously sold to them.
- According again to Supermicro executives speaking on the record: When a suspicious firmware update was discovered on an Apple server previously purchased from Supermicro in 2015 and were advised it did not come from them despite what Apple believed at the time Apple stopped communication on the issue rather than pursuing it with Supermicro to get to the bottom of it.
-No current Apple executive has been willing to be quoted on the record disputing the Bloomberg story, only communicating "anonymously" with any statements from Apple coming only from the PR department AFAIK. Apple's former Chief Legal Officer Bruce Sewell was offered as evidence and spoke on the record, but he's retired and no longer represents them. Where's the current Chief Legal Officer's statement? Or Cook's for that matter?
Still siding with Apple and Amazon but not nearly as convinced as I was 48 hours ago.
So who are you the all seeing and all knowing gator??? I don't think so.....
mwhite, who are you to dispute gatorguy's statements? Declare your real name and your experience in this issue. gatorguy's been around a long time and has some inside and informative information even though I don't always agree with him or his political ideals.
Uh, no, GG doesn’t have any “inside” information. He’s just a guy who doesn’t even use most of the stuff we talk about here.
AI: "Thursday's story claimed Chinese operatives managed to sneak a microchip the size of a grain of rice onto 7000 motherboards produced by Supermicro, which supplied those compromised parts for use in Apple's iCloud data centers."
Didn't Bloomberg actually say it wasn't known if any of the 7000 servers already in use were compromised? I don't them saying anywhere in the article that they were, only that Apple had 7000 in use that potentially could have been. Of note Apple claims no servers were sent back to Supermicro, but in 2015 the supplier themselves said exactly that, Apple was returning recently purchased servers. No reason for Supermicro to say Apple sent servers back unless they had.
So, Bloomberg decided to implicate Amazon and Apple, not the other 28 companies, just to create the more menacing hardware story, all the while lacking specific data on what actually happened to the hardware, if anything?
After reading the article, I was under the impression that Apple shipped the servers back due to firmware issues, not any hardware shortcoming.
The "firmware issue" you mention was reportedly finding a non-matching and non-official firmware version on one of the servers in a lab. When the suspicious software was reported to Supermicro Apple said it came directly from Supermicro hosted files on their secure site. Supermicro said no it didn't, it was not a valid version number and asked for further information and clarification. I'm 100% sure Apple would have been just a tad curious at that point how it got there if it wasn't official firmware just as Supermicro would have been. But instead Apple stopped cooperation and communication at that point.
That's an odd response if true, and that didn't originate from the Bloomberg story either. Those statements of supposerd fact were made by Supermicro themselves.
So three current incongruencies stand out to me as of this morning:
-Apple (PR) said they didn't send servers back, just cancelled further purchases sometime later for unrelated reasons. Supermicro themselves on the record says that's not correct, Apple was already sending back servers previously sold to them after the unofficial firmware version was discovered on at least one server.
- According again to Supermicro executives speaking on the record: When a suspicious firmware update was discovered on an Apple server previously purchased from Supermicro in 2015 and were advised it did not come from them despite what Apple believed at the time Apple stopped communication on the issue rather than pursuing it with Supermicro to get to the bottom of it.
-No current Apple executive has been willing to be quoted on the record disputing the Bloomberg story, only communicating "anonymously" with one publication. Any statements attributed to "Apple" have come only from the PR department AFAIK, no specific Apple executive so far willing to go on the record themselves. Apple's former Chief Legal Officer and executive Bruce Sewell was offered as evidence and spoke on the record, but he's retired and no longer represents them. Where's the current Chief Legal Officer's statement rather the the retired's?
But I'm still siding with Apple and Amazon, just not nearly as convinced as I was 48 hours ago.
My point is that there has been zero collaboration of the "grain of rice' hardware story. That Apple hasn't sent out a senior executive to comment on this at this time is actually not unusual for Apple for any "gate" event, which Bloomberg seems to want to attempt to create.
The inference as I read it is that's how the unidentified and not-official Suprermicro firmware got installed on the server, via that "grain of rice" allowing that specific server to be targeted. Aren't you curious how Apple got that version even tho the server supplier says it's not theirs?
You would think that there would be some evidence of that "grain of rice", yet none has been provided by anyone. No physical evidence, no component, not photos.
Your current argument is that Apple hasn't responded from the top. I'm not seeing that as meaningful, one way or another.
No sir that's only a part of what I find odd. Any comment on the other two I mentioned this morning in Post 6?
Have fun with your conspiracy.
No comment. Fair enough.
To be clear I'm not claiming any conspiracies either as you would know if you read what I wrote which you presumably did. I have questions on a couple of things and far from claiming a bunch of agencies are in cahoots to hide the truth. You obviously prefer not to acknowledge there could be any questions, everything is perfectly clear to you. It's all good,
I acknowledge that there are questions. Hence why I found this article much more enlightening;
Lots of IT people commenting on this. Bottom line, unlikely that a component could be added on the board, it would be discovered. Hiding the component within the board layers is technically difficult, would have to be small to avoid discovery by X-Ray, and other means. Even then, monitoring network traffic would have likely found any transmissions pretty quickly.
All in all, attempting to decide who is telling the truth based on the veracity of the statements, or the elevation of the company official posting it, is a fool's errand.
Thanks, it's a decent article and discussion, tho I'd disagree on what the the bottom line was. It looks like the article tends to believe Bloomberg and explains how it could have been accomplished without being quickly noticed.
I don't disagree that it could have happened, or did happen, or even happened differently....
My problem with your analysis is that it is based on a flawed premise, that the level of official response is an indicator of truthfulness.
That's but one of at least three concerns I have. You know that, but for whatever reason deciding not to comment on the other two I've already specifically mentioned.
-- How would you explain Apple choosing not to continue looking into a questionable firmware version after contacting the server provider to question it? -- How do you explain Apple (PR?) saying they didn't return servers to Supermicro after discovering that mysterious firmware update yet Supermicro going on the record saying they did?
TMay, I think I know you enough from your time in the forums to believe that I've put a couple of new questions in your mind. I don't think you're as firmly convinced now that' there's nothing of truth in the Bloomberg article as Apple and Amazon would have us believe, even if you're not willing to say so right now in the forums.
I respect you and believe you have a more open mind than some others.
What a truly bizarre comment. It’s like your ego is personally tied to the FUD dispensing, that you must feel it’s working. Wow.
AI: "Thursday's story claimed Chinese operatives managed to sneak a microchip the size of a grain of rice onto 7000 motherboards produced by Supermicro, which supplied those compromised parts for use in Apple's iCloud data centers."
Didn't Bloomberg actually say it wasn't known if any of the 7000 servers already in use were compromised? I don't them saying anywhere in the article that they were, only that Apple had 7000 in use that potentially could have been. Of note Apple claims no servers were sent back to Supermicro, but in 2015 the supplier themselves said exactly that, Apple was returning recently purchased servers. No reason for Supermicro to say Apple sent servers back unless they had.
So, Bloomberg decided to implicate Amazon and Apple, not the other 28 companies, just to create the more menacing hardware story, all the while lacking specific data on what actually happened to the hardware, if anything?
After reading the article, I was under the impression that Apple shipped the servers back due to firmware issues, not any hardware shortcoming.
The "firmware issue" you mention was reportedly finding a non-matching and non-official firmware version on one of the servers in a lab. When the suspicious software was reported to Supermicro Apple said it came directly from Supermicro hosted files on their secure site. Supermicro said no it didn't, it was not a valid version number and asked for further information and clarification. I'm 100% sure Apple would have been just a tad curious at that point how it got there if it wasn't official firmware just as Supermicro would have been. But instead Apple stopped cooperation and communication at that point.
That's an odd response if true, and that didn't originate from the Bloomberg story either. Those statements of supposerd fact were made by Supermicro themselves.
So three current incongruencies stand out to me as of this morning:
-Apple (PR) said they didn't send servers back, just cancelled further purchases sometime later for unrelated reasons. Supermicro themselves on the record says that's not correct, Apple was already sending back servers previously sold to them after the unofficial firmware version was discovered on at least one server.
- According again to Supermicro executives speaking on the record: When a suspicious firmware update was discovered on an Apple server previously purchased from Supermicro in 2015 and were advised it did not come from them despite what Apple believed at the time Apple stopped communication on the issue rather than pursuing it with Supermicro to get to the bottom of it.
-No current Apple executive has been willing to be quoted on the record disputing the Bloomberg story, only communicating "anonymously" with one publication. Any statements attributed to "Apple" have come only from the PR department AFAIK, no specific Apple executive so far willing to go on the record themselves. Apple's former Chief Legal Officer and executive Bruce Sewell was offered as evidence and spoke on the record, but he's retired and no longer represents them. Where's the current Chief Legal Officer's statement rather the the retired's?
But I'm still siding with Apple and Amazon, just not nearly as convinced as I was 48 hours ago.
My point is that there has been zero collaboration of the "grain of rice' hardware story. That Apple hasn't sent out a senior executive to comment on this at this time is actually not unusual for Apple for any "gate" event, which Bloomberg seems to want to attempt to create.
The inference as I read it is that's how the unidentified and not-official Suprermicro firmware got installed on the server, via that "grain of rice" allowing that specific server to be targeted. Aren't you curious how Apple got that version even tho the server supplier says it's not theirs?
You would think that there would be some evidence of that "grain of rice", yet none has been provided by anyone. No physical evidence, no component, not photos.
Your current argument is that Apple hasn't responded from the top. I'm not seeing that as meaningful, one way or another.
No sir that's only a part of what I find odd. Any comment on the other two I mentioned this morning in Post 6?
Have fun with your conspiracy.
No comment. Fair enough.
To be clear I'm not claiming any conspiracies either as you would know if you read what I wrote which you presumably did. I have questions on a couple of things and far from claiming a bunch of agencies are in cahoots to hide the truth. You obviously prefer not to acknowledge there could be any questions, everything is perfectly clear to you. It's all good,
I acknowledge that there are questions. Hence why I found this article much more enlightening;
Lots of IT people commenting on this. Bottom line, unlikely that a component could be added on the board, it would be discovered. Hiding the component within the board layers is technically difficult, would have to be small to avoid discovery by X-Ray, and other means. Even then, monitoring network traffic would have likely found any transmissions pretty quickly.
All in all, attempting to decide who is telling the truth based on the veracity of the statements, or the elevation of the company official posting it, is a fool's errand.
Thanks, it's a decent article and discussion, tho I'd disagree on what the the bottom line was. It looks like the article tends to believe Bloomberg and explains how it could have been accomplished without being quickly noticed.
I don't disagree that it could have happened, or did happen, or even happened differently....
My problem with your analysis is that it is based on a flawed premise, that the level of official response is an indicator of truthfulness.
That's but one of at least three concerns I have. You know that, but for whatever reason deciding not to comment on the other two I've already specifically mentioned.
-- How would you explain Apple choosing not to continue looking into a questionable firmware version after contacting the server provider to question it? -- How do you explain Apple (PR?) saying they didn't return servers to Supermicro after discovering that mysterious firmware update yet Supermicro going on the record saying they did?
TMay, I think I know you enough from your time in the forums to believe that I've put a couple of new questions in your mind. I don't think you're as firmly convinced now that' there's nothing of truth in the Bloomberg article as Apple and Amazon would have us believe, even if you're not willing to say so right now in the forums.
I respect you and believe you have a more open mind than some others.
What a truly bizarre comment. It’s like your ego is personally tied to the FUD dispensing, that you must feel it’s working. Wow.
I guess Gatorguy's work is done here. He got the official denial he was craving;
"Apple hasn't detected unusual transmissions or other evidence servers were infiltrated with Chinese spy chips, the company's VP of Information Security insisted in a letter to Congress on Sunday."
AI: "Thursday's story claimed Chinese operatives managed to sneak a microchip the size of a grain of rice onto 7000 motherboards produced by Supermicro, which supplied those compromised parts for use in Apple's iCloud data centers."
Didn't Bloomberg actually say it wasn't known if any of the 7000 servers already in use were compromised? I don't them saying anywhere in the article that they were, only that Apple had 7000 in use that potentially could have been. Of note Apple claims no servers were sent back to Supermicro, but in 2015 the supplier themselves said exactly that, Apple was returning recently purchased servers. No reason for Supermicro to say Apple sent servers back unless they had.
So, Bloomberg decided to implicate Amazon and Apple, not the other 28 companies, just to create the more menacing hardware story, all the while lacking specific data on what actually happened to the hardware, if anything?
After reading the article, I was under the impression that Apple shipped the servers back due to firmware issues, not any hardware shortcoming.
The "firmware issue" you mention was reportedly finding a non-matching and non-official firmware version on one of the servers in a lab. When the suspicious software was reported to Supermicro Apple said it came directly from Supermicro hosted files on their secure site. Supermicro said no it didn't, it was not a valid version number and asked for further information and clarification. I'm 100% sure Apple would have been just a tad curious at that point how it got there if it wasn't official firmware just as Supermicro would have been. But instead Apple stopped cooperation and communication at that point.
That's an odd response if true, and that didn't originate from the Bloomberg story either. Those statements of supposerd fact were made by Supermicro themselves.
So three current incongruencies stand out to me as of this morning:
-Apple (PR) said they didn't send servers back, just cancelled further purchases sometime later for unrelated reasons. Supermicro themselves on the record says that's not correct, Apple was already sending back servers previously sold to them after the unofficial firmware version was discovered on at least one server.
- According again to Supermicro executives speaking on the record: When a suspicious firmware update was discovered on an Apple server previously purchased from Supermicro in 2015 and were advised it did not come from them despite what Apple believed at the time Apple stopped communication on the issue rather than pursuing it with Supermicro to get to the bottom of it.
-No current Apple executive has been willing to be quoted on the record disputing the Bloomberg story, only communicating "anonymously" with one publication. Any statements attributed to "Apple" have come only from the PR department AFAIK, no specific Apple executive so far willing to go on the record themselves. Apple's former Chief Legal Officer and executive Bruce Sewell was offered as evidence and spoke on the record, but he's retired and no longer represents them. Where's the current Chief Legal Officer's statement rather the the retired's?
But I'm still siding with Apple and Amazon, just not nearly as convinced as I was 48 hours ago.
My point is that there has been zero collaboration of the "grain of rice' hardware story. That Apple hasn't sent out a senior executive to comment on this at this time is actually not unusual for Apple for any "gate" event, which Bloomberg seems to want to attempt to create.
The inference as I read it is that's how the unidentified and not-official Suprermicro firmware got installed on the server, via that "grain of rice" allowing that specific server to be targeted. Aren't you curious how Apple got that version even tho the server supplier says it's not theirs?
You would think that there would be some evidence of that "grain of rice", yet none has been provided by anyone. No physical evidence, no component, not photos.
Your current argument is that Apple hasn't responded from the top. I'm not seeing that as meaningful, one way or another.
No sir that's only a part of what I find odd. Any comment on the other two I mentioned this morning in Post 6?
Have fun with your conspiracy.
No comment. Fair enough.
To be clear I'm not claiming any conspiracies either as you would know if you read what I wrote which you presumably did. I have questions on a couple of things and far from claiming a bunch of agencies are in cahoots to hide the truth. You obviously prefer not to acknowledge there could be any questions, everything is perfectly clear to you. It's all good,
I acknowledge that there are questions. Hence why I found this article much more enlightening;
Lots of IT people commenting on this. Bottom line, unlikely that a component could be added on the board, it would be discovered. Hiding the component within the board layers is technically difficult, would have to be small to avoid discovery by X-Ray, and other means. Even then, monitoring network traffic would have likely found any transmissions pretty quickly.
All in all, attempting to decide who is telling the truth based on the veracity of the statements, or the elevation of the company official posting it, is a fool's errand.
Thanks, it's a decent article and discussion, tho I'd disagree on what the the bottom line was. It looks like the article tends to believe Bloomberg and explains how it could have been accomplished without being quickly noticed.
I don't disagree that it could have happened, or did happen, or even happened differently....
My problem with your analysis is that it is based on a flawed premise, that the level of official response is an indicator of truthfulness.
That's but one of at least three concerns I have. You know that, but for whatever reason deciding not to comment on the other two I've already specifically mentioned.
-- How would you explain Apple choosing to cease looking into a questionable server firmware version alongside the provider, and apparently quite quickly, after initially contacting them for assistance and advisement? I offered my opinion on one logical reason for it, what's yours? -- How do you explain Apple (PR?) saying they didn't return servers to Supermicro after discovering that mysterious firmware update yet Supermicro going on the record saying they did?
Quick question, since this seems to form the basis of your smoking gun.
Where did you read Apple's statement that it had not returned servers to Super Micro? What Apple said was that it had not returned front end cloud servers to Supermicro because SuperMicro servers weren't actually used to serve Siri requests at the front end.
Looking back at the original story, we have this quote from Bloomberg, not Apple:
Bloomberg claims senior insiders at Apple advised that it had found a number of malicious chips in Supermicro boards in May 2015, after detecting odd network activity and firmware problems. The company reportedly informed the FBI, but kept the details of what it had uncovered quiet, even internally. A few weeks after the discovery, Apple started to remove all Supermicro servers from its data centers, with 7,000 installed units replaced over a brief period. According to the report, Apple denies any servers were removed. Apple allegedly cut ties to the company in 2016, for "unrelated reasons" according to the report.
So according to Bloomberg, Apple found this malicious chip and removed 7000 SuperMicro servers from its data centres. And also according to Bloomberg, Apple denied that any servers were removed.
And this is where the story starts to break down, because it seems pretty clear that Bloomberg has missed out a vital piece of information that your interpretation of events hangs on: what these returned servers were being used for.
Super Micro says that Apple returned servers. I think we can take this part as being true, simply because I don't see any reason for them to lie. But if you read what Supermicro said, then the reason that these servers were returned was because there was a problem with a compromised firmware patch. Supermicro also says that these servers returned were from the Apple Design Lab, not the front end servers. Since this is related to firmware, and not the 'grain of rice' chip that Bloomberg is talking about, and also the fact that this is related to development servers, and not the front end servers, then it looks like Bloomberg has indeed got it's wires crossed: the return of the servers was related to the equipment Apple bought for the design labs, and Apple hasn't actually said what they did with those servers. My guess is that they returned them, but they don't mention this because this has nothing to do with what Bloomberg is alleging: that Apple found spy chips in front line servers and returned those servers to SuperMicro. Apple is keeping the story focussed on the allegations, which is pretty much standard operating procedure in cases like this.
According to Apple, what Bloomberg specifically alleges happened, did not happen. And so far, Bloomberg has not produced any evidence that it did.
So where is this Apple denial? Well, here's what Apple has to say:
In response to Bloomberg's latest version of the narrative, we present the following facts: Siri and Topsy never shared servers; Siri has never been deployed on servers sold to us by Super Micro; and Topsy data was limited to approximately 2,000 Super Micro servers, not 7,000. None of those servers has ever been found to hold malicious chips.
So, according to Apple, they don't use SuperMicro servers for Siri processing.
Supermicro says that Apple returned design lab servers. Apple hasn't denied returning design lab servers. Apple denies ever having returned 7000 Supermicro servers used for Siri processing. Supermicro has not corroborated Bloomberg's story in any way, because the servers that were returned aren't the servers that Bloomberg is talking about.
And to pre-empt another question:
Then why doesn't Apple say that they returned the servers from the design labs?
Public Relations Rule 101: Only deny what you're being accused of. Deny the enemy any opportunity to obscure their lack of evidence by expanding the field. If I were Apple, I wouldn't have even given them the chance to withdraw their allegation by pointing out that they were probably mistaken by the events with the design lab servers. I would just make a huge noise about it until Bloomberg produces the evidence or tries to spin its way out of the allegation.
And the fact an accusation is all you need and a bunch anonymous sources even when the accuse say it never happen. Facts no longer matter as long as you have a good story to tell.
AI: "Thursday's story claimed Chinese operatives managed to sneak a microchip the size of a grain of rice onto 7000 motherboards produced by Supermicro, which supplied those compromised parts for use in Apple's iCloud data centers."
Didn't Bloomberg actually say it wasn't known if any of the 7000 servers already in use were compromised? I don't them saying anywhere in the article that they were, only that Apple had 7000 in use that potentially could have been. Of note Apple claims no servers were sent back to Supermicro, but in 2015 the supplier themselves said exactly that, Apple was returning recently purchased servers. No reason for Supermicro to say Apple sent servers back unless they had.
So, Bloomberg decided to implicate Amazon and Apple, not the other 28 companies, just to create the more menacing hardware story, all the while lacking specific data on what actually happened to the hardware, if anything?
After reading the article, I was under the impression that Apple shipped the servers back due to firmware issues, not any hardware shortcoming.
The "firmware issue" you mention was reportedly finding a non-matching and non-official firmware version on one of the servers in a lab. When the suspicious software was reported to Supermicro Apple said it came directly from Supermicro hosted files on their secure site. Supermicro said no it didn't, it was not a valid version number and asked for further information and clarification. I'm 100% sure Apple would have been just a tad curious at that point how it got there if it wasn't official firmware just as Supermicro would have been. But instead Apple stopped cooperation and communication at that point.
That's an odd response if true, and that didn't originate from the Bloomberg story either. Those statements of supposerd fact were made by Supermicro themselves.
So three current incongruencies stand out to me as of this morning:
-Apple (PR) said they didn't send servers back, just cancelled further purchases sometime later for unrelated reasons. Supermicro themselves on the record says that's not correct, Apple was already sending back servers previously sold to them after the unofficial firmware version was discovered on at least one server.
- According again to Supermicro executives speaking on the record: When a suspicious firmware update was discovered on an Apple server previously purchased from Supermicro in 2015 and were advised it did not come from them despite what Apple believed at the time Apple stopped communication on the issue rather than pursuing it with Supermicro to get to the bottom of it.
-No current Apple executive has been willing to be quoted on the record disputing the Bloomberg story, only communicating "anonymously" with one publication. Any statements attributed to "Apple" have come only from the PR department AFAIK, no specific Apple executive so far willing to go on the record themselves. Apple's former Chief Legal Officer and executive Bruce Sewell was offered as evidence and spoke on the record, but he's retired and no longer represents them. Where's the current Chief Legal Officer's statement rather the the retired's?
But I'm still siding with Apple and Amazon, just not nearly as convinced as I was 48 hours ago.
My point is that there has been zero collaboration of the "grain of rice' hardware story. That Apple hasn't sent out a senior executive to comment on this at this time is actually not unusual for Apple for any "gate" event, which Bloomberg seems to want to attempt to create.
The inference as I read it is that's how the unidentified and not-official Suprermicro firmware got installed on the server, via that "grain of rice" allowing that specific server to be targeted. Aren't you curious how Apple got that version even tho the server supplier says it's not theirs?
You would think that there would be some evidence of that "grain of rice", yet none has been provided by anyone. No physical evidence, no component, not photos.
Your current argument is that Apple hasn't responded from the top. I'm not seeing that as meaningful, one way or another.
No sir that's only a part of what I find odd. Any comment on the other two I mentioned this morning in Post 6?
Have fun with your conspiracy.
No comment. Fair enough.
To be clear I'm not claiming any conspiracies either as you would know if you read what I wrote which you presumably did. I have questions on a couple of things and far from claiming a bunch of agencies are in cahoots to hide the truth. You obviously prefer not to acknowledge there could be any questions, everything is perfectly clear to you. It's all good,
I acknowledge that there are questions. Hence why I found this article much more enlightening;
Lots of IT people commenting on this. Bottom line, unlikely that a component could be added on the board, it would be discovered. Hiding the component within the board layers is technically difficult, would have to be small to avoid discovery by X-Ray, and other means. Even then, monitoring network traffic would have likely found any transmissions pretty quickly.
All in all, attempting to decide who is telling the truth based on the veracity of the statements, or the elevation of the company official posting it, is a fool's errand.
Thanks, it's a decent article and discussion, tho I'd disagree on what the the bottom line was. It looks like the article tends to believe Bloomberg and explains how it could have been accomplished without being quickly noticed.
I don't disagree that it could have happened, or did happen, or even happened differently....
My problem with your analysis is that it is based on a flawed premise, that the level of official response is an indicator of truthfulness.
That's but one of at least three concerns I have. You know that, but for whatever reason deciding not to comment on the other two I've already specifically mentioned.
-- How would you explain Apple choosing not to continue looking into a questionable firmware version after contacting the server provider to question it? -- How do you explain Apple (PR?) saying they didn't return servers to Supermicro after discovering that mysterious firmware update yet Supermicro going on the record saying they did?
I actually addressed the other two comments.
Just because Supermicro is "on the record" doesn't necessarily mean that it is absolutely true in its statements. Supermicro should be taken a face value no more nor less than Apple or Amazon, given the fact that beyond Bloomberg, everyone else is indicating that Apple and Amazon are telling the truth.
More to the point, why would Supermicro be given a pass at this point in time? It was, after all, the manufacturing of the boards that is central to the question of whether or not there was a hardware security issue.
At this point in time, it is Bloomberg that needs to clarify the details of the article, not Apple or Amazon.
Exactly. If there really were boards with this supposed chip then let’s see them, SuperMicro. Otherwise it matters not whether Apple returned one or 7000 boards.
AI: "Thursday's story claimed Chinese operatives managed to sneak a microchip the size of a grain of rice onto 7000 motherboards produced by Supermicro, which supplied those compromised parts for use in Apple's iCloud data centers."
Didn't Bloomberg actually say it wasn't known if any of the 7000 servers already in use were compromised? I don't them saying anywhere in the article that they were, only that Apple had 7000 in use that potentially could have been. Of note Apple claims no servers were sent back to Supermicro, but in 2015 the supplier themselves said exactly that, Apple was returning recently purchased servers. No reason for Supermicro to say Apple sent servers back unless they had.
So, Bloomberg decided to implicate Amazon and Apple, not the other 28 companies, just to create the more menacing hardware story, all the while lacking specific data on what actually happened to the hardware, if anything?
After reading the article, I was under the impression that Apple shipped the servers back due to firmware issues, not any hardware shortcoming.
The "firmware issue" you mention was reportedly finding a non-matching and non-official firmware version on one of the servers in a lab. When the suspicious software was reported to Supermicro Apple said it came directly from Supermicro hosted files on their secure site. Supermicro said no it didn't, it was not a valid version number and asked for further information and clarification. I'm 100% sure Apple would have been just a tad curious at that point how it got there if it wasn't official firmware just as Supermicro would have been. But instead Apple stopped cooperation and communication at that point.
That's an odd response if true, and that didn't originate from the Bloomberg story either. Those statements of supposerd fact were made by Supermicro themselves.
So three current incongruencies stand out to me as of this morning:
-Apple (PR) said they didn't send servers back, just cancelled further purchases sometime later for unrelated reasons. Supermicro themselves on the record says that's not correct, Apple was already sending back servers previously sold to them after the unofficial firmware version was discovered on at least one server.
- According again to Supermicro executives speaking on the record: When a suspicious firmware update was discovered on an Apple server previously purchased from Supermicro in 2015 and were advised it did not come from them despite what Apple believed at the time Apple stopped communication on the issue rather than pursuing it with Supermicro to get to the bottom of it.
-No current Apple executive has been willing to be quoted on the record disputing the Bloomberg story, only communicating "anonymously" with one publication. Any statements attributed to "Apple" have come only from the PR department AFAIK, no specific Apple executive so far willing to go on the record themselves. Apple's former Chief Legal Officer and executive Bruce Sewell was offered as evidence and spoke on the record, but he's retired and no longer represents them. Where's the current Chief Legal Officer's statement rather the the retired's?
But I'm still siding with Apple and Amazon, just not nearly as convinced as I was 48 hours ago.
My point is that there has been zero collaboration of the "grain of rice' hardware story. That Apple hasn't sent out a senior executive to comment on this at this time is actually not unusual for Apple for any "gate" event, which Bloomberg seems to want to attempt to create.
The inference as I read it is that's how the unidentified and not-official Suprermicro firmware got installed on the server, via that "grain of rice" allowing that specific server to be targeted. Aren't you curious how Apple got that version even tho the server supplier says it's not theirs?
You would think that there would be some evidence of that "grain of rice", yet none has been provided by anyone. No physical evidence, no component, not photos.
Your current argument is that Apple hasn't responded from the top. I'm not seeing that as meaningful, one way or another.
No sir that's only a part of what I find odd. Any comment on the other two I mentioned this morning in Post 6?
Have fun with your conspiracy.
No comment. Fair enough.
To be clear I'm not claiming any conspiracies either as you would know if you read what I wrote which you presumably did. I have questions on a couple of things and far from claiming a bunch of agencies are in cahoots to hide the truth. You obviously prefer not to acknowledge there could be any questions, everything is perfectly clear to you. It's all good,
I acknowledge that there are questions. Hence why I found this article much more enlightening;
Lots of IT people commenting on this. Bottom line, unlikely that a component could be added on the board, it would be discovered. Hiding the component within the board layers is technically difficult, would have to be small to avoid discovery by X-Ray, and other means. Even then, monitoring network traffic would have likely found any transmissions pretty quickly.
All in all, attempting to decide who is telling the truth based on the veracity of the statements, or the elevation of the company official posting it, is a fool's errand.
Thanks, it's a decent article and discussion, tho I'd disagree on what the the bottom line was. It looks like the article tends to believe Bloomberg and explains how it could have been accomplished without being quickly noticed.
I don't disagree that it could have happened, or did happen, or even happened differently....
My problem with your analysis is that it is based on a flawed premise, that the level of official response is an indicator of truthfulness.
That's but one of at least three concerns I have. You know that, but for whatever reason deciding not to comment on the other two I've already specifically mentioned.
-- How would you explain Apple choosing to cease looking into a questionable server firmware version alongside the provider, and apparently quite quickly, after initially contacting them for assistance and advisement? I offered my opinion on one logical reason for it, what's yours? -- How do you explain Apple (PR?) saying they didn't return servers to Supermicro after discovering that mysterious firmware update yet Supermicro going on the record saying they did?
Quick question, since this seems to form the basis of your smoking gun.
Where did you read Apple's statement that it had not returned servers to Super Micro? What Apple said was that it had not returned front end cloud servers to Supermicro because SuperMicro servers weren't actually used to serve Siri requests at the front end.
Looking back at the original story, we have this quote from Bloomberg, not Apple:
Bloomberg claims senior insiders at Apple advised that it had found a number of malicious chips in Supermicro boards in May 2015, after detecting odd network activity and firmware problems. The company reportedly informed the FBI, but kept the details of what it had uncovered quiet, even internally. A few weeks after the discovery, Apple started to remove all Supermicro servers from its data centers, with 7,000 installed units replaced over a brief period. According to the report, Apple denies any servers were removed. Apple allegedly cut ties to the company in 2016, for "unrelated reasons" according to the report.
So according to Bloomberg, Apple found this malicious chip and removed 7000 SuperMicro servers from its data centres. And also according to Bloomberg, Apple denied that any servers were removed.
And this is where the story starts to break down, because it seems pretty clear that Bloomberg has missed out a vital piece of information that your interpretation of events hangs on: what these returned servers were being used for.
Super Micro says that Apple returned servers. I think we can take this part as being true, simply because I don't see any reason for them to lie. But if you read what Supermicro said, then the reason that these servers were returned was because there was a problem with a compromised firmware patch. Supermicro also says that these servers returned were from the Apple Design Lab, not the front end servers. Since this is related to firmware, and not the 'grain of rice' chip that Bloomberg is talking about, and also the fact that this is related to development servers, and not the front end servers, then it looks like Bloomberg has indeed got it's wires crossed: the return of the servers was related to the equipment Apple bought for the design labs, and Apple hasn't actually said what they did with those servers. My guess is that they returned them, but they don't mention this because this has nothing to do with what Bloomberg is alleging: that Apple found spy chips in front line servers and returned those servers to SuperMicro. Apple is keeping the story focussed on the allegations, which is pretty much standard operating procedure in cases like this.
According to Apple, what Bloomberg specifically alleges happened, did not happen. And so far, Bloomberg has not produced any evidence that it did.
So where is this Apple denial? Well, here's what Apple has to say:
In response to Bloomberg's latest version of the narrative, we present the following facts: Siri and Topsy never shared servers; Siri has never been deployed on servers sold to us by Super Micro; and Topsy data was limited to approximately 2,000 Super Micro servers, not 7,000. None of those servers has ever been found to hold malicious chips.
So, according to Apple, they don't use SuperMicro servers for Siri processing.
Supermicro says that Apple returned design lab servers. Apple hasn't denied returning design lab servers. Apple denies ever having returned 7000 Supermicro servers used for Siri processing. Supermicro has not corroborated Bloomberg's story in any way, because the servers that were returned aren't the servers that Bloomberg is talking about.
And to pre-empt another question:
Then why doesn't Apple say that they returned the servers from the design labs?
Public Relations Rule 101: Only deny what you're being accused of. Deny the enemy any opportunity to obscure their lack of evidence by expanding the field. If I were Apple, I wouldn't have even given them the chance to withdraw their allegation by pointing out that they were probably mistaken by the events with the design lab servers. I would just make a huge noise about it until Bloomberg produces the evidence or tries to spin its way out of the allegation.
For my money, this is one of the best, most lucid comments posted on AI in the years I’ve been a member. That’s just me saying this, not wearing my moderator hat.
AI: "Thursday's story claimed Chinese operatives managed to sneak a microchip the size of a grain of rice onto 7000 motherboards produced by Supermicro, which supplied those compromised parts for use in Apple's iCloud data centers."
Didn't Bloomberg actually say it wasn't known if any of the 7000 servers already in use were compromised? I don't them saying anywhere in the article that they were, only that Apple had 7000 in use that potentially could have been. Of note Apple claims no servers were sent back to Supermicro, but in 2015 the supplier themselves said exactly that, Apple was returning recently purchased servers. No reason for Supermicro to say Apple sent servers back unless they had.
So, Bloomberg decided to implicate Amazon and Apple, not the other 28 companies, just to create the more menacing hardware story, all the while lacking specific data on what actually happened to the hardware, if anything?
After reading the article, I was under the impression that Apple shipped the servers back due to firmware issues, not any hardware shortcoming.
The "firmware issue" you mention was reportedly finding a non-matching and non-official firmware version on one of the servers in a lab. When the suspicious software was reported to Supermicro Apple said it came directly from Supermicro hosted files on their secure site. Supermicro said no it didn't, it was not a valid version number and asked for further information and clarification. I'm 100% sure Apple would have been just a tad curious at that point how it got there if it wasn't official firmware just as Supermicro would have been. But instead Apple stopped cooperation and communication at that point.
That's an odd response if true, and that didn't originate from the Bloomberg story either. Those statements of supposerd fact were made by Supermicro themselves.
So three current incongruencies stand out to me as of this morning:
-Apple (PR) said they didn't send servers back, just cancelled further purchases sometime later for unrelated reasons. Supermicro themselves on the record says that's not correct, Apple was already sending back servers previously sold to them after the unofficial firmware version was discovered on at least one server.
- According again to Supermicro executives speaking on the record: When a suspicious firmware update was discovered on an Apple server previously purchased from Supermicro in 2015 and were advised it did not come from them despite what Apple believed at the time Apple stopped communication on the issue rather than pursuing it with Supermicro to get to the bottom of it.
-No current Apple executive has been willing to be quoted on the record disputing the Bloomberg story, only communicating "anonymously" with one publication. Any statements attributed to "Apple" have come only from the PR department AFAIK, no specific Apple executive so far willing to go on the record themselves. Apple's former Chief Legal Officer and executive Bruce Sewell was offered as evidence and spoke on the record, but he's retired and no longer represents them. Where's the current Chief Legal Officer's statement rather the the retired's?
But I'm still siding with Apple and Amazon, just not nearly as convinced as I was 48 hours ago.
My point is that there has been zero collaboration of the "grain of rice' hardware story. That Apple hasn't sent out a senior executive to comment on this at this time is actually not unusual for Apple for any "gate" event, which Bloomberg seems to want to attempt to create.
The inference as I read it is that's how the unidentified and not-official Suprermicro firmware got installed on the server, via that "grain of rice" allowing that specific server to be targeted. Aren't you curious how Apple got that version even tho the server supplier says it's not theirs?
You would think that there would be some evidence of that "grain of rice", yet none has been provided by anyone. No physical evidence, no component, not photos.
Your current argument is that Apple hasn't responded from the top. I'm not seeing that as meaningful, one way or another.
No sir that's only a part of what I find odd. Any comment on the other two I mentioned this morning in Post 6?
Have fun with your conspiracy.
No comment. Fair enough.
To be clear I'm not claiming any conspiracies either as you would know if you read what I wrote which you presumably did. I have questions on a couple of things and far from claiming a bunch of agencies are in cahoots to hide the truth. You obviously prefer not to acknowledge there could be any questions, everything is perfectly clear to you. It's all good,
I acknowledge that there are questions. Hence why I found this article much more enlightening;
Lots of IT people commenting on this. Bottom line, unlikely that a component could be added on the board, it would be discovered. Hiding the component within the board layers is technically difficult, would have to be small to avoid discovery by X-Ray, and other means. Even then, monitoring network traffic would have likely found any transmissions pretty quickly.
All in all, attempting to decide who is telling the truth based on the veracity of the statements, or the elevation of the company official posting it, is a fool's errand.
Thanks, it's a decent article and discussion, tho I'd disagree on what the the bottom line was. It looks like the article tends to believe Bloomberg and explains how it could have been accomplished without being quickly noticed.
I don't disagree that it could have happened, or did happen, or even happened differently....
My problem with your analysis is that it is based on a flawed premise, that the level of official response is an indicator of truthfulness.
That's but one of at least three concerns I have. You know that, but for whatever reason deciding not to comment on the other two I've already specifically mentioned.
-- How would you explain Apple choosing not to continue looking into a questionable firmware version after contacting the server provider to question it? -- How do you explain Apple (PR?) saying they didn't return servers to Supermicro after discovering that mysterious firmware update yet Supermicro going on the record saying they did?
TMay, I think I know you enough from your time in the forums to believe that I've put a couple of new questions in your mind. I don't think you're as firmly convinced now that' there's nothing of truth in the Bloomberg article as Apple and Amazon would have us believe, even if you're not willing to say so right now in the forums.
I respect you and believe you have a more open mind than some others.
What a truly bizarre comment. It’s like your ego is personally tied to the FUD dispensing, that you must feel it’s working. Wow.
I guess Gatorguy's work is done here. He got the official denial he was craving;
"Apple hasn't detected unusual transmissions or other evidence servers were infiltrated with Chinese spy chips, the company's VP of Information Security insisted in a letter to Congress on Sunday."
Yup, exactly the kind of thing I would expect, and yes that allays much of a concern. Still would be appropriate for Apple to offer a comment from Katherine Adams rather than the retired Sewell, but I'm far more comfortable with my position from three days ago than I was yesterday.
Nearly all that Bloomberg reported about Apple and it's relationship with Supermicro was previously reported by The Information in February of last year, and republished by ArsTechnica and others. At the time Apple had only what amounts to a boilerplate comment about it. Now they're highly offended when Bloomberg reports it, and agencies trip over themselves to deny it?
https://www.theinformation.com/articles/apple-severed-ties-with-server-supplier-after-security-concern
Comments
My problem with your analysis is that it is based on a flawed premise, that the level of official response is an indicator of truthfulness.
There is no test for that, and absent any other evidence from Bloomberg, I have no choice but to consider the three named companies equally reliable and truthful in their statements, even with the conflicts, at least until the inconsistencies have been addressed. That would seem to be something that Bloomberg needs to do.
-- How would you explain Apple choosing to cease looking into a questionable server firmware version alongside the provider, and apparently quite quickly, after initially contacting them for assistance and advisement? I offered my opinion on one logical reason for it, what's yours?
-- How do you explain Apple (PR?) saying they didn't return servers to Supermicro after discovering that mysterious firmware update yet Supermicro going on the record saying they did?
My original statement on a previous article was Bloomberg is simply trying to disrupt the stock market, going after Apple and Amazon, with speculation based on hearsay. Let's see some actual proof in the form of actual computer boards sold to any US company with the nefarious chip. As for firmware, everyone who's ever dealt with Symantec knows all about corrupted downloads that brick computers. Microsoft, and others, do the same thing as do disk drive vendors with their collection of toxic software installed on drives destined for consumers who usually haven't the faintest idea what they're getting.
Just because Supermicro is "on the record" doesn't necessarily mean that it is absolutely true in its statements. Supermicro should be taken a face value no more nor less than Apple or Amazon, given the fact that beyond Bloomberg, everyone else is indicating that Apple and Amazon are telling the truth.
More to the point, why would Supermicro be given a pass at this point in time? It was, after all, the manufacturing of the boards that is central to the question of whether or not there was a hardware security issue.
At this point in time, it is Bloomberg that needs to clarify the details of the article, not Apple or Amazon.
I respect you and believe you have a more open mind than some others.
I note your POV on this, from a response in the other thread;
"Has any current Apple executive denied the story on the record? Anyone at all? As far as I know it's only been Apple PR releasing statements.
This Buzzfeed story is no better than the Bloomberg one in some ways. Why, if there's absolutely nothing true in the Bloomberg story, would those Apple executives who offered comments to Buzzfeed only agree to do so only "off the record"? Weirder and weirder....
While originally I had doubts about where the truth was when Apple and Amazon came out with their first set of denials I came around to believing Apple/Amazon as their denials became more specific. While I'm still on Apple's side with this I'm less firmly so less than I was two days ago. A Buzzfeed story claiming absolutely nothing was found after an extensive company-wide investigation but attributed to "multiple high-ranking Apple executives who spoke on the matter anonymously" didn't help anything."
Your doubts are entirely wrt to statements released by various companies, and the level of company officials making those statements, not about the facts, or lack thereof.
Please do not try and associate by doubts with yours; they are not coincident, hence why I find you more interested in any underlying conspiracy between Apple, and various entities and Government Agencies that have backed them up.
Remember this story from 2015?:
https://theintercept.com/2015/03/10/ispy-cia-campaign-steal-apples-secrets/
And besides, adecent spying caper would not have a special chip on the motherboard, it would be built into, part of, a legitimate chip, preferably the CPU or comms chips that would be used by all brands of motherboards.
The easiest of course would be to just build spyware into the firmware.....oh, wait, didn’t Apple possibly find something like that? As in completely different to the Bloomberg story?
this is why I never take this gator guy words seriously and almost always believe the opposite of what he said on controversial issue is more likely true. No smart man will give any credence to a people who’s full of agenda.
What a truly bizarre comment. It’s like your ego is personally tied to the FUD dispensing, that you must feel it’s working. Wow.
http://appleinsider.com/articles/18/10/07/no-evidence-of-spy-chips-apple-insists-in-letter-to-us-congress
"Apple hasn't detected unusual transmissions or other evidence servers were infiltrated with Chinese spy chips, the company's VP of Information Security insisted in a letter to Congress on Sunday."
Quick question, since this seems to form the basis of your smoking gun.
Where did you read Apple's statement that it had not returned servers to Super Micro? What Apple said was that it had not returned front end cloud servers to Supermicro because SuperMicro servers weren't actually used to serve Siri requests at the front end.
Looking back at the original story, we have this quote from Bloomberg, not Apple:
So according to Bloomberg, Apple found this malicious chip and removed 7000 SuperMicro servers from its data centres.
And also according to Bloomberg, Apple denied that any servers were removed.
And this is where the story starts to break down, because it seems pretty clear that Bloomberg has missed out a vital piece of information that your interpretation of events hangs on: what these returned servers were being used for.
Super Micro says that Apple returned servers. I think we can take this part as being true, simply because I don't see any reason for them to lie. But if you read what Supermicro said, then the reason that these servers were returned was because there was a problem with a compromised firmware patch. Supermicro also says that these servers returned were from the Apple Design Lab, not the front end servers. Since this is related to firmware, and not the 'grain of rice' chip that Bloomberg is talking about, and also the fact that this is related to development servers, and not the front end servers, then it looks like Bloomberg has indeed got it's wires crossed: the return of the servers was related to the equipment Apple bought for the design labs, and Apple hasn't actually said what they did with those servers. My guess is that they returned them, but they don't mention this because this has nothing to do with what Bloomberg is alleging: that Apple found spy chips in front line servers and returned those servers to SuperMicro. Apple is keeping the story focussed on the allegations, which is pretty much standard operating procedure in cases like this.
According to Apple, what Bloomberg specifically alleges happened, did not happen. And so far, Bloomberg has not produced any evidence that it did.
So where is this Apple denial? Well, here's what Apple has to say:
In response to Bloomberg's latest version of the narrative, we present the following facts: Siri and Topsy never shared servers; Siri has never been deployed on servers sold to us by Super Micro; and Topsy data was limited to approximately 2,000 Super Micro servers, not 7,000. None of those servers has ever been found to hold malicious chips.
So, according to Apple, they don't use SuperMicro servers for Siri processing.
Supermicro says that Apple returned design lab servers.
Apple hasn't denied returning design lab servers.
Apple denies ever having returned 7000 Supermicro servers used for Siri processing.
Supermicro has not corroborated Bloomberg's story in any way, because the servers that were returned aren't the servers that Bloomberg is talking about.
And to pre-empt another question:
Then why doesn't Apple say that they returned the servers from the design labs?
Public Relations Rule 101: Only deny what you're being accused of. Deny the enemy any opportunity to obscure their lack of evidence by expanding the field. If I were Apple, I wouldn't have even given them the chance to withdraw their allegation by pointing out that they were probably mistaken by the events with the design lab servers. I would just make a huge noise about it until Bloomberg produces the evidence or tries to spin its way out of the allegation.