Super Micro found no evidence of iCloud spy chips after audit
The supplier at the heart of Bloomberg's contentious iCloud spy chip story has completed its promised audit, and has told customers that it found no evidence of server tampering.
In a letter to customers, Super Micro has specifically denied Bloomberg's allegations again. In a letter to customers, the server designer and manufacturer said that a promised audit is complete, and there is no evidence of the attack in software or hardware.
Third-party Nardello & Co was tapped for the audit, according to Reuters. The firm not just looked at engineering documents, but also tested samples of motherboards not just in production, but also ones that were sold to Apple and Amazon and found no evidence of a chip that could perform the surveillance and pass-along of data that the report alleged.
Super Micro says that it is continuing to evaluate its legal actions in response to the story. As a result of the reporting, Super Micro stock fell from $21.40 to $12.60 in one day. It has since only climbed to a high of $16.35.
On October 4, a Bloomberg report based on a multi-year investigation claimed that Apple, Amazon, and 30 other companies had been the victim of an espionage campaign in which rice-sized chips had been planted on motherboards made by Super Micro. Once delivered, the motherboards supposedly created a backdoor into infrastructure like Apple's iCloud.
Apple was quick to deny allegations, insisting that it had conducted a "massive, granular, and siloed investigation."
Amazon also issued a very clear denial of the story.
"There are so many inaccuracies in this article as it relates to Amazon that they're hard to count," Amazon said in its statement, refuting several specific claims, and specifically citing that there was no modified hardware found.
Several subsequent accounts have cast further doubt, such as one from the senior advisor for Cybersecurity Strategy to the director of the U.S. National Security Agency. Additionally, The U.S. Department of Homeland Security commented that it had "no reason to doubt" the positions of Apple and Amazon.
Tim Cook has spoken about Bloomberg's allegations several times. Apple's CEO continues to deny the report, and takes issue with how the story's reporters communicated with Apple.
"There is no truth in their story about Apple," Cook said on Oct. 19. "They need to do that right thing and retract it."
"I was involved in our response to this story from the beginning," said Cook. "I personally talked to the Bloomberg reporters along with Bruce Sewell who was then our general counsel. We were very clear with them that this did not happen, and answered all their questions. Each time they brought this up to us, the story changed and each time we investigated we found nothing."
"We turned the company upside down. Email searches, datacenter records, financial records, shipment records," Cook added. "We really forensically whipped through the company to dig very deep and each time we came back to the same conclusion: This did not happen. There's no truth to this."
Super Micro CEO Charles Liang echoed Cook's call for a retraction in October as well.
"Bloomberg's recent story has created unwarranted confusion and concern for our customers, and has caused our customers, and us, harm," Liang said. "Bloomberg should act responsibly and retract its unsupported allegations that malicious hardware components were implanted on our motherboards during the manufacturing process."
Bloomberg still hasn't backed down from its claims.
In a letter to customers, Super Micro has specifically denied Bloomberg's allegations again. In a letter to customers, the server designer and manufacturer said that a promised audit is complete, and there is no evidence of the attack in software or hardware.
Third-party Nardello & Co was tapped for the audit, according to Reuters. The firm not just looked at engineering documents, but also tested samples of motherboards not just in production, but also ones that were sold to Apple and Amazon and found no evidence of a chip that could perform the surveillance and pass-along of data that the report alleged.
Super Micro says that it is continuing to evaluate its legal actions in response to the story. As a result of the reporting, Super Micro stock fell from $21.40 to $12.60 in one day. It has since only climbed to a high of $16.35.
On October 4, a Bloomberg report based on a multi-year investigation claimed that Apple, Amazon, and 30 other companies had been the victim of an espionage campaign in which rice-sized chips had been planted on motherboards made by Super Micro. Once delivered, the motherboards supposedly created a backdoor into infrastructure like Apple's iCloud.
Apple was quick to deny allegations, insisting that it had conducted a "massive, granular, and siloed investigation."
Amazon also issued a very clear denial of the story.
"There are so many inaccuracies in this article as it relates to Amazon that they're hard to count," Amazon said in its statement, refuting several specific claims, and specifically citing that there was no modified hardware found.
Several subsequent accounts have cast further doubt, such as one from the senior advisor for Cybersecurity Strategy to the director of the U.S. National Security Agency. Additionally, The U.S. Department of Homeland Security commented that it had "no reason to doubt" the positions of Apple and Amazon.
Tim Cook has spoken about Bloomberg's allegations several times. Apple's CEO continues to deny the report, and takes issue with how the story's reporters communicated with Apple.
"There is no truth in their story about Apple," Cook said on Oct. 19. "They need to do that right thing and retract it."
"I was involved in our response to this story from the beginning," said Cook. "I personally talked to the Bloomberg reporters along with Bruce Sewell who was then our general counsel. We were very clear with them that this did not happen, and answered all their questions. Each time they brought this up to us, the story changed and each time we investigated we found nothing."
"We turned the company upside down. Email searches, datacenter records, financial records, shipment records," Cook added. "We really forensically whipped through the company to dig very deep and each time we came back to the same conclusion: This did not happen. There's no truth to this."
Super Micro CEO Charles Liang echoed Cook's call for a retraction in October as well.
"Bloomberg's recent story has created unwarranted confusion and concern for our customers, and has caused our customers, and us, harm," Liang said. "Bloomberg should act responsibly and retract its unsupported allegations that malicious hardware components were implanted on our motherboards during the manufacturing process."
Bloomberg still hasn't backed down from its claims.
Comments
/SARCASM
$$$$$ buys you Fake News
... See there? I proved it!
Now I see it daily. Same Stories with different headlines.
Released hourly .
Mostly vague information and tons of negative speculation.
it sure seems like it when reading their News
Parody sites like "The Onion" are real fake news crafted for entertainment and comedic purposes. These can be funny as hell, and even more so, because they expose underlying sentiment that is very real.
Stories that are crafted to deceive, propagate lies, and influence human behavior are real fake news, but are more accurately defined as being "propaganda." We really should return to recognizing propaganda for what it is - propaganda- because it has been used strategically and tactically since the advent of human interaction, and with the most brutal effectiveness during the WWi-WW2 interwar period and recent political campaigns. We don't need a new word for "propaganda."
The Bloomberg "grain of rice spy chip" story is not fake news. It is shoddy, slipshod, piece-of-crap journalism. They crafted a story based on incomplete, unverified, and extrapolated sources of information. The fact that they did not fully vet, follow up, or consider the possibility that their conclusions were potentially wrong before they broadcast their story to the world is very unprofessional and unbecoming of what is expected of professional journalism. They acted unprofessionally and need to be publicly rebuked as such by their peers and contemporaries. Being chastised by your peers for doing an unprofessional job carries weight and has a lot more bite than lumping them in with chaff dispensers.
The term "Fake News" as used by some people as chaff, say an "Individual 1," in the Twittersphere. Using the term "Fake News" is the same as broadcasting the message "I don't like this story, I don't think this story is important, and I want you to ignore it and pretend it isn't real until it fades away." This does not apply to the Bloomberg story. The Bloomberg story is real, is important, should not fade away, and we should not ignore it by throwing up "Fake News" chaff. Doing so only protects Bloomberg. We and their media peers should call it out for what it is, shit journalism, go after them, and demand that they provide evidence to back their claims. Chaff is for defensive purposes and we need to go on the offensive against this story, at least until they prove otherwise.
You don't have to prove malicious intent. You have to prove actual malice, which is a term of art that doesn't mean the same thing as malicious intent. In this context, actual malice means that the alleged defamer either knew that the statements were false or acted with a reckless disregard for the truth. It doesn't mean, e.g., that they intended to cause harm.
And that's all it takes because the onus is actually on your accuser to prove you are a crook. That's how the legal system works I believe: innocent until proven guilty. Bloomberg has failed to produce any evidence to prove guilt.
Bloomberg, on the other hand posits the positive, which can be proven. Yet they are curiously silent on the issue...
Massive fines or jail time?
From the sounds of it, not many. Most seem to be parroting what they read ABOUT the article -- or using the currently popular "Fake News" to describe an article they don't like.