Super Micro Computer, Inc. has lost half its value since the Bloomberg story dropped, erasing a billion dollars of inventor value.
I would say that his gives Bloomberg a strong motive to have their facts straight too. If this is the result of shoddy reporting, they could be sued for slander I presume.
Wrong. Slander is spoken (both start with S), libel is printed. And to prove libel, you have to prove it was intentional lying to do harm. Shoddy reporting and inaccurate sources aren’t intentional lying.
I find it difficult to believe that Bloomberg would risk fabricating this whole story. It seems more likely that deals were made behind the scenes to use this to pressure China to back off on IP theft and open up their markets. Apple and Amazon would benefit from this much more than pissing off China by going public.
That is a nonsensical conspiracy theory. AAPL fell over $4 today; AMZN fell by an even greater percentage than Apple. The change in the market value of these two stock alone explains a considerable chunk of today's fall in the NASDAQ and the DOW (i.e., the fall in their price is the leading cause, not the effect, of the market decline today).
This is not the kind of risk-taking that Apple is into, period. I'll (charitably) assume that you don't much about the company.
FAANG stocks were down primarily because of fear of regulation.
Super Micro Computer, Inc. has lost half its value since the Bloomberg story dropped, erasing a billion dollars of inventor value.
I would say that his gives Bloomberg a strong motive to have their facts straight too. If this is the result of shoddy reporting, they could be sued for slander I presume.
And you would presume wrongly. Neither Bloomberg nor any other news organization has to have its facts straight for anything. Just look at the recent debacle surrounding Washington. It takes a special kind of proof to get any judgement against a news source. As has been stated earlier, if Bloomberg is wrong nobody cares and it will sink into the bit bucket of blather. If Apple or Amazon is lying they will suffer severe consequences from the SEC. Just ask Elon Musk about that.
Bottom line for me? I believe Apple is telling the truth and Bloomberg is just wrong.
I just looked it up and Super Micro Computer, Inc. could very well win a suit if the facts of this article are wrong. If they went forward with this article with reckless disregard for the truth, Bloomberg could be in for a world of hurt.
Personally, I believe Apple, but I expect there is some kernel of true about the big picture. Too bad the other media outlets are leading off with "Servers at Apple and Amazon where compromised by the Chinese, report says."
That is because no one knows who Supermirco is or Elemental, Apple and Amazon is more of click bait, just another shining example the media is not about being correct or forth right its all about creating FUD and money for their pockets.
Agreed. That responses from Apple and Amazon is pretty emphatic and if untrue would result in jail time for executives. Given the detail of Apple’s dealings with the journalists in question in Apple’s statement, it is just example eleventy million of why more and more the stereotype of a journalist is a narcissist and sociopath. It is clear they only approached Apple at all for some sound bite type statements. Their story was already written and they were not at all interested in facts or if their source was truthful.
The Bloomberg story seems politically motivated...
There isn’t enough information do determine fault in the separate firmware incident. It also doesn’t say if Apple resumed using SuperMicro as a supplier...
Bottom line is Apple found a problem and addressed it before it could cause damage. We don’t know the results of their investigation into whom was responsible. Was the firmware modified by a third party? Was it a beta firmware? Was the hardware intercepted and modified after leaving the manufacturer, but before getting to Apple and an exploit introduced?
No enough information... but Bloomberg needs to get their facts straight before publishing rumors.
Bloomberg says they DO have their facts straight. "The companies’ denials are countered by six current and former senior national security officials, who—in conversations that began during the Obama administration and continued under the Trump administration—detailed the discovery of the chips and the government’s investigation. One of those officials and two people inside AWS provided extensive information on how the attack played out at Elemental and Amazon; the official and one of the insiders also described Amazon’s cooperation with the government investigation. In addition to the three Apple insiders, four of the six U.S. officials confirmed that Apple was a victim. In all, 17 people confirmed the manipulation of Supermicro’s hardware and other elements of the attacks. The sources were granted anonymity because of the sensitive, and in some cases classified, nature of the information."
He said, she said...
I find it utterly inconceivable that Apple -- especially Tim Cook -- would not be at least as concerned about such a security intrusion as some Bloomberg reporters or unnamed "former senior security officials" (it's the same crowd that kept harassing Apple to create backdoors and to give intrusive access to iOS devices to the likes of the FBI).
I am quite satisfied -- as both a consumer and a shareholder -- with Apple's unambiguous denial of this claim. I'd take Apple's word over that of these media/Washington DC types.
If Bloomberg is wrong, nobody will care in a month.
If Apple is lying, then the SEC will ultimately dole out a massive fine and the entire saga will be in the press for a very long time.
Yeah. I'm pretty sure that Apple's presenting the situation accurately.
I suspect this is a national security issue which means the involved players can deny all they want without fear of the SEC who would be prevented from interfering or involving themselves if it's truly an active case. The Bloomberg articles says as much, that it's still an open and classified investigation.
On top of that there never were allegations of a "wide-spread attack" on Apple's servers as alluded to in the AI article so of course that's deniable, and calling any source making that claim (they haven't) laughable might be perfectly appropriate.
Every reference to Apple in the investigative piece (and they were few) indicates Apple caught this early on, never once implying it was persistent and widespread. Amazon also denies anything happened and the whole thing is made up, someone's imagination, despite 17 sources including 6 hi-level current and former intelligence officials claiming otherwise.
That's not how comments about national security issues by publicly traded companies are made, though.
Those are more like "We have no comment, pending the results of a classified investigation" or just no response at all. The SEC can still come after a company that lied in public statements. national security or no.
And, regarding wide-spread. The allegations are that over 5000 servers had the surveillance chip. If that's not wide-spread, then what is?
Where did Bloomberg say that 5000 Apple servers were infected? I totally missed that. AFAICT they don't claim that and I read the article again just now.
As far as the SEC where have you seen that they can ignore national security orders?
My bad, 7000. Bloomberg does say 7000.
Also, FTA, from Apple's response: "In response to Bloomberg's latest version of the narrative, we present the following facts: Siri and Topsy never shared servers; Siri has never been deployed on servers sold to us by Super Micro; and Topsy data was limited to approximately 2,000 Super Micro servers, not 7,000. None of those servers has ever been found to hold malicious chips."
Regarding the SEC - they couldn't ignore a national security order now. However, they can go back to lies by publicly traded companies presented during the time of the investigation and drop the hammer on companies. If Apple, and Amazon are under a national security order, they wouldn't have said a single thing.
This is a funny hill for you to die on, man. Occam's razor applies here -- the simplest explanation is that Bloomberg is wrong, because the stakes are too high for Apple and Amazon to lie about it.
No one is accusing them of lying, and no one is claiming there was any security breach at Apple. Nor is Bloomberg claiming your revised 7000 servers number was infected with anything at all. It appears to me the reason for including a mention in the story was to emphasize how many Apple had in place before the returns back to Supermicro started.
But the vendor themselves notes Apple's sudden and unexplained refusal to continue communication with them on the discovered "firmware" issue after initially reporting it: "...when his company (Supermicro) asked Apple's engineers to provide information about the firmware, they gave an incorrect version number—and then refused to give further information.
They also confirm Apple's return of servers already supplied by them. "Supermicro's senior vice-president of technology, Tau Leng, told The Information that Apple had ended its relationship with Supermicro because of the compromised systems in the App Store development environment. Leng also confirmed Apple returned equipment that it had recently purchased."
Occam's Razor says something significant was going on and I'm surprised as an investigative sort yourself that you aren't the least bit curious or better yet suspicious about what it was. The simplest explanation is that the vendor had no reason to lie about either statement, but Apple might have reason for misdirection considering security issues. Lying? I'm not claiming they did and no one else involved is either AFAICT.
Anyway I don't plan on dying on any hill, this is probably the last of my involvement in the thread (Probably). I'm not taking any PR statement at face value and you seem to want to believe even more than was actually stated by Apple. Fair enough. Neither of us have our own unquestionable proof. It's more like in a civil trial, preponderance of the evidence IMHO.
Two people I've been working with for over 20 years and were friends before that gave me the quotes that I put in the story beyond Apple's direct quote.
So yeah, I'm pretty sure about what's going on.
So two people you know makes you pretty sure you know what is going on but all the people who revealed details to Bloomberg just made it up. Seems you want it both ways in terms of sources.
How convenient that you're ignoring that Tim Cook, CEO, also says this did not happen. Anonymous sources can lie or get things wrong. Apple's very top leadership is not going to outright lie to its investors, it would create massive problems for them that they would not survive.
Nice try tho.
I can explain it for you but unfortunately can’t understand it for you. But one last try to do so bro. Their argument was that the two random guys they know supported their version of events while at the same time were trying to discredit the sources used by Bloomberg. Get it now bro?
I find it difficult to believe that Bloomberg would risk fabricating this whole story. It seems more likely that deals were made behind the scenes to use this to pressure China to back off on IP theft and open up their markets. Apple and Amazon would benefit from this much more than pissing off China by going public.
That is a nonsensical conspiracy theory. AAPL fell over $4 today; AMZN fell by an even greater percentage than Apple. The change in the market value of these two stock alone explains a considerable chunk of today's fall in the NASDAQ and the DOW (i.e., the fall in their price is the leading cause, not the effect, of the market decline today).
This is not the kind of risk-taking that Apple is into, period. I'll (charitably) assume that you don't much about the company.
FAANG stocks were down primarily because of fear of regulation.
The Bloomberg story seems politically motivated...
There isn’t enough information do determine fault in the separate firmware incident. It also doesn’t say if Apple resumed using SuperMicro as a supplier...
Bottom line is Apple found a problem and addressed it before it could cause damage. We don’t know the results of their investigation into whom was responsible. Was the firmware modified by a third party? Was it a beta firmware? Was the hardware intercepted and modified after leaving the manufacturer, but before getting to Apple and an exploit introduced?
No enough information... but Bloomberg needs to get their facts straight before publishing rumors.
Bloomberg says they DO have their facts straight. "The companies’ denials are countered by six current and former senior national security officials, who—in conversations that began during the Obama administration and continued under the Trump administration—detailed the discovery of the chips and the government’s investigation. One of those officials and two people inside AWS provided extensive information on how the attack played out at Elemental and Amazon; the official and one of the insiders also described Amazon’s cooperation with the government investigation. In addition to the three Apple insiders, four of the six U.S. officials confirmed that Apple was a victim. In all, 17 people confirmed the manipulation of Supermicro’s hardware and other elements of the attacks. The sources were granted anonymity because of the sensitive, and in some cases classified, nature of the information."
He said, she said...
I find it utterly inconceivable that Apple -- especially Tim Cook -- would not be at least as concerned about such a security intrusion as some Bloomberg reporters or unnamed "former senior security officials" (it's the same crowd that kept harassing Apple to create backdoors and to give intrusive access to iOS devices to the likes of the FBI).
I am quite satisfied -- as both a consumer and a shareholder -- with Apple's unambiguous denial of this claim. I'd take Apple's word over that of these media/Washington DC types.
If Bloomberg is wrong, nobody will care in a month.
If Apple is lying, then the SEC will ultimately dole out a massive fine and the entire saga will be in the press for a very long time.
Yeah. I'm pretty sure that Apple's presenting the situation accurately.
I suspect this is a national security issue which means the involved players can deny all they want without fear of the SEC who would be prevented from interfering or involving themselves if it's truly an active case. The Bloomberg articles says as much, that it's still an open and classified investigation.
On top of that there never were allegations of a "wide-spread attack" on Apple's servers as alluded to in the AI article so of course that's deniable, and calling any source making that claim (they haven't) laughable might be perfectly appropriate.
Every reference to Apple in the investigative piece (and they were few) indicates Apple caught this early on, never once implying it was persistent and widespread. Amazon also denies anything happened and the whole thing is made up, someone's imagination, despite 17 sources including 6 hi-level current and former intelligence officials claiming otherwise.
That's not how comments about national security issues by publicly traded companies are made, though.
Those are more like "We have no comment, pending the results of a classified investigation" or just no response at all. The SEC can still come after a company that lied in public statements. national security or no.
And, regarding wide-spread. The allegations are that over 5000 servers had the surveillance chip. If that's not wide-spread, then what is?
Where did Bloomberg say that 5000 Apple servers were infected? I totally missed that. AFAICT they don't claim that and I read the article again just now.
As far as the SEC where have you seen that they can ignore national security orders?
My bad, 7000. Bloomberg does say 7000.
Also, FTA, from Apple's response: "In response to Bloomberg's latest version of the narrative, we present the following facts: Siri and Topsy never shared servers; Siri has never been deployed on servers sold to us by Super Micro; and Topsy data was limited to approximately 2,000 Super Micro servers, not 7,000. None of those servers has ever been found to hold malicious chips."
Regarding the SEC - they couldn't ignore a national security order now. However, they can go back to lies by publicly traded companies presented during the time of the investigation and drop the hammer on companies. If Apple, and Amazon are under a national security order, they wouldn't have said a single thing.
This is a funny hill for you to die on, man. Occam's razor applies here -- the simplest explanation is that Bloomberg is wrong, because the stakes are too high for Apple and Amazon to lie about it.
No one is accusing them of lying, and no one is claiming there was any security breach at Apple. Nor is Bloomberg claiming your revised 7000 servers number was infected with anything at all. It appears to me the reason for including a mention in the story was to emphasize how many Apple had in place before the returns back to Supermicro started.
But the vendor themselves notes Apple's sudden and unexplained refusal to continue communication with them on the discovered "firmware" issue after initially reporting it: "...when his company (Supermicro) asked Apple's engineers to provide information about the firmware, they gave an incorrect version number—and then refused to give further information.
They also confirm Apple's return of servers already supplied by them. "Supermicro's senior vice-president of technology, Tau Leng, told The Information that Apple had ended its relationship with Supermicro because of the compromised systems in the App Store development environment. Leng also confirmed Apple returned equipment that it had recently purchased."
Occam's Razor says something significant was going on and I'm surprised as an investigative sort yourself that you aren't the least bit curious or better yet suspicious about what it was. The simplest explanation is that the vendor had no reason to lie about either statement, but Apple might have reason for misdirection considering security issues. Lying? I'm not claiming they did and no one else involved is either AFAICT.
Anyway I don't plan on dying on any hill, this is probably the last of my involvement in the thread (Probably). I'm not taking any PR statement at face value and you seem to want to believe even more than was actually stated by Apple. Fair enough. Neither of us have our own unquestionable proof. It's more like in a civil trial, preponderance of the evidence IMHO.
Two people I've been working with for over 20 years and were friends before that gave me the quotes that I put in the story beyond Apple's direct quote.
So yeah, I'm pretty sure about what's going on.
So two people you know makes you pretty sure you know what is going on but all the people who revealed details to Bloomberg just made it up. Seems you want it both ways in terms of sources.
How convenient that you're ignoring that Tim Cook, CEO, also says this did not happen. Anonymous sources can lie or get things wrong. Apple's very top leadership is not going to outright lie to its investors, it would create massive problems for them that they would not survive.
Nice try tho.
I can explain it for you but unfortunately can’t understand it for you. But one last try to do so bro. Their argument was that the two random guys they know supported their version of events while at the same time were trying to discredit the sources used by Bloomberg. Get it now bro?
Apple and Amazon’s clear-cut responses are discrediting enough. That’s what he’s saying.
Could there be a possibility the chip is mounted by NSA to spy on China?
Right, the NSA has spies on Chinese assembly lines installing these chips so they can spy on China? Really?
Do you know the story of NSA sabotaged Iranian nuclear program by placing something in their computer?
That's a great story, but I seem to recall it was a remarkably clever worm, not any production line altering of any HW.
A better example, which is also a great story, might be how the the Russians installed microchips into a small cavity into early electric typewriters that could figure out what key was pressed by the location of the mechanical ball in ball Selectric typewriters from the 1970s.
Could there be a possibility the chip is mounted by NSA to spy on China?
Right, the NSA has spies on Chinese assembly lines installing these chips so they can spy on China? Really?
Do you know the story of NSA sabotaged Iranian nuclear program by placing something in their computer?
Good god, Stuxnet was a worm, not a piece of hardware. You sound like a Chinese propagandist trying to deflect your government's thievery and malevolence.
Could there be a possibility the chip is mounted by NSA to spy on China?
Right, the NSA has spies on Chinese assembly lines installing these chips so they can spy on China? Really?
Do you know the story of NSA sabotaged Iranian nuclear program by placing something in their computer?
That's a great story, but I seem to recall it was a remarkably clever worm, not any production line altering of any HW.
A better example, which is also a great story, might be how the the Russians installed microchips into a small cavity into early electric typewriters that could figure out what key was pressed by the location of the mechanical ball in ball Selectric typewriters from the 1970s.
No names of the six current and former senior national security officials were reported. No names of the Apple people were reported. No names of the Amazon people were reported. Only 2 of 30 US companies were reported.
To me Bloomberg was the only viable publication that decided to run a story that promotes the agenda of the current US administration against China. There are many holes in the Bloomberg report that Bloomberg will not address because it could expose Bloomberg as being duped with disinformation and/or that it is a publication that chooses to disregard on-the-record information for sensationalist clicks.
Apple admitted it answered Bloomberg’s questions. Bloomberg will not confirm nor deny Apple. The same goes for Amazon.
The ball is Bloomberg’s court to respond to Apple. I expect Bloomberg to remain silent.
Perhaps they should leave the techie stuff to the likes of Ars Technica.
Bloomberg has a solid track record of reporting on Apple. Apple has a solid track record of saying little of substance when it does not fit their image.
Until I see a photo of one of these chips, on a board inside of one of these servers, this is all BS as far as I'm concerned. I want an iFixit Teardown.
Wow so much at stake... The simplest answer to me is avoid the cloud? I have read articles about US routers having NSA/patriot act back doors? Is the mandatory incremental push to cloud backups represented in iOS 12, at least for those not so inclined to deal with the technical and paid alternative options ? Is there 'belief' (assumption), historical fact, and (less used) logic, based on potential risks? Is point source content, especially if deemed highly verifiable (iCloud history) a prime target? I simply do not understand the risks so many seem willing to take (gmail) to save a few dollars?
S/MIME took me a day, irrespective of pro/con, and I ask if Apple is so into privacy this is not offered at install ? Lots to consider - why is all this still feeling so wild west to me...? (because it is?
Jeez, this again. Yes, let's shut down the internet because you are extrapolating from this article (again, like every other similar thread) that it has anything to do with iCloud being insecure.
I still back up my iPhone to iTunes.
Apple Mail supports S/MIME. iCloud Mail is encrypted in transit.
etc... but again, none of this has anything to do with this article.
The Bloomberg story seems politically motivated...
There isn’t enough information do determine fault in the separate firmware incident. It also doesn’t say if Apple resumed using SuperMicro as a supplier...
Bottom line is Apple found a problem and addressed it before it could cause damage. We don’t know the results of their investigation into whom was responsible. Was the firmware modified by a third party? Was it a beta firmware? Was the hardware intercepted and modified after leaving the manufacturer, but before getting to Apple and an exploit introduced?
No enough information... but Bloomberg needs to get their facts straight before publishing rumors.
Bloomberg says they DO have their facts straight. "The companies’ denials are countered by six current and former senior national security officials, who—in conversations that began during the Obama administration and continued under the Trump administration—detailed the discovery of the chips and the government’s investigation. One of those officials and two people inside AWS provided extensive information on how the attack played out at Elemental and Amazon; the official and one of the insiders also described Amazon’s cooperation with the government investigation. In addition to the three Apple insiders, four of the six U.S. officials confirmed that Apple was a victim. In all, 17 people confirmed the manipulation of Supermicro’s hardware and other elements of the attacks. The sources were granted anonymity because of the sensitive, and in some cases classified, nature of the information."
He said, she said...
He said, she said... but where is there even one of these servers that can be shown with the rumored chip, and more germaine, let’s see one that was ever in Apple’s server farms.
Perhaps they should leave the techie stuff to the likes of Ars Technica.
Bloomberg has a solid track record of reporting on Apple. Apple has a solid track record of saying little of substance when it does not fit their image.
You must be new. Bloomberg has a solid track record of trolling Apple, as its headed now by Mark Gurman. Gurman has an axe to grind for Apple from when he was a rumors blog Jr detective. He once got so pissy about one of his rumors being wrong that he claimed Apple actually changed their product design just to invalidate his rumor. Kid is nuts.
@davgreg also has a solid track record of extremely negative posts on this forum now, and also seems to have an axe to grind for Apple. Birds of a feather!
The Bloomberg story seems politically motivated...
There isn’t enough information do determine fault in the separate firmware incident. It also doesn’t say if Apple resumed using SuperMicro as a supplier...
Bottom line is Apple found a problem and addressed it before it could cause damage. We don’t know the results of their investigation into whom was responsible. Was the firmware modified by a third party? Was it a beta firmware? Was the hardware intercepted and modified after leaving the manufacturer, but before getting to Apple and an exploit introduced?
No enough information... but Bloomberg needs to get their facts straight before publishing rumors.
Bloomberg says they DO have their facts straight. "The companies’ denials are countered by six current and former senior national security officials, who—in conversations that began during the Obama administration and continued under the Trump administration—detailed the discovery of the chips and the government’s investigation. One of those officials and two people inside AWS provided extensive information on how the attack played out at Elemental and Amazon; the official and one of the insiders also described Amazon’s cooperation with the government investigation. In addition to the three Apple insiders, four of the six U.S. officials confirmed that Apple was a victim. In all, 17 people confirmed the manipulation of Supermicro’s hardware and other elements of the attacks. The sources were granted anonymity because of the sensitive, and in some cases classified, nature of the information."
He said, she said...
He said, she said... but where is there even one of these servers that can be shown with the rumored chip, and more germaine, let’s see one that was ever in Apple’s server farms.
No one claimed there was one installed at an Apple server farm AFAIK. If anything it was in an Apple lab, and even that is still a very open question. The claims regarding Amazon are more involved, yet Amazon too categorically denies there's any truth whatsoever to anything Bloomberg reported, it wa all made up. All very very weird.
The Bloomberg story seems politically motivated...
There isn’t enough information do determine fault in the separate firmware incident. It also doesn’t say if Apple resumed using SuperMicro as a supplier...
Bottom line is Apple found a problem and addressed it before it could cause damage. We don’t know the results of their investigation into whom was responsible. Was the firmware modified by a third party? Was it a beta firmware? Was the hardware intercepted and modified after leaving the manufacturer, but before getting to Apple and an exploit introduced?
No enough information... but Bloomberg needs to get their facts straight before publishing rumors.
Bloomberg says they DO have their facts straight. "The companies’ denials are countered by six current and former senior national security officials, who—in conversations that began during the Obama administration and continued under the Trump administration—detailed the discovery of the chips and the government’s investigation. One of those officials and two people inside AWS provided extensive information on how the attack played out at Elemental and Amazon; the official and one of the insiders also described Amazon’s cooperation with the government investigation. In addition to the three Apple insiders, four of the six U.S. officials confirmed that Apple was a victim. In all, 17 people confirmed the manipulation of Supermicro’s hardware and other elements of the attacks. The sources were granted anonymity because of the sensitive, and in some cases classified, nature of the information."
He said, she said...
He said, she said... but where is there even one of these servers that can be shown with the rumored chip, and more germaine, let’s see one that was ever in Apple’s server farms.
No one claimed there was one installed at an Apple server farm AFAIK. If anything it was in an Apple lab, and even that is still a very open question. The claims regarding Amazon are more involved, yet Amazon too categorically denies there's any truth whatsoever to anything Bloomberg reported, it wa all made up. All very very weird.
GG, didn’t you say you were done with this thread, like, hours ago? Sometimes you just need to let things go. None of this is really that important.
Comments
https://www.marketwatch.com/story/cyber-security-stocks-fall-as-investors-shrug-off-china-spy-threat-2018-10-04
Apple and Amazon’s clear-cut responses are discrediting enough. That’s what he’s saying.
And he’s right.
A better example, which is also a great story, might be how the the Russians installed microchips into a small cavity into early electric typewriters that could figure out what key was pressed by the location of the mechanical ball in ball Selectric typewriters from the 1970s.
To me Bloomberg was the only viable publication that decided to run a story that promotes the agenda of the current US administration against China. There are many holes in the Bloomberg report that Bloomberg will not address because it could expose Bloomberg as being duped with disinformation and/or that it is a publication that chooses to disregard on-the-record information for sensationalist clicks.
Apple admitted it answered Bloomberg’s questions. Bloomberg will not confirm nor deny Apple. The same goes for Amazon.
The ball is Bloomberg’s court to respond to Apple. I expect Bloomberg to remain silent.
I want an iFixit Teardown.
I still back up my iPhone to iTunes.
Apple Mail supports S/MIME. iCloud Mail is encrypted in transit.
etc... but again, none of this has anything to do with this article.