Apple Demands Retraction Of Bloomberg's Big 'Chip Infiltration' Story; Bloomberg Has Some Explaining To Do

from the not-looking-good dept

A few weeks ago, Bloomberg published a giant story claiming that Chinese spies did a somewhat daring supply chain hack on American big tech firms. The gist of the story was that servers from Super Micro had hidden chips that somehow were then used by Apple and Amazon (not to mention the US government), that allowed someone in China to access certain data. The story was a blockbuster that got everyone talking. But, almost as soon as it came out, a bunch of people started raising questions about the story. While the Bloomberg reporters claimed over a dozen sources, both Apple and Amazon came out with incredibly strong denials. Way stronger than is common in these situations. And while I know some cynical people insist that companies will lie about this stuff all the time, that is not actually true. Some companies may misrepresent things, or try to play down stories, but outright fabrication is not at all common (and the consequences of a company doing it would be severe). And here, both Amazon and Apple's denials were so clear, so specific and so adamant that it raised serious questions about the reporting.

Since there was so much confusion over it all, we held off on writing about it, figuring more information would come out in the days and weeks after the initial story. And so far, nearly all of the "additional info" has only served to raise significantly more questions about Bloomberg's reporting. Various government and intelligence agencies all claimed they had no evidence to support these claims. Again, some will argue that they are lying, and (again) while those agencies may have a history of misrepresenting things, the denials here were clear and unequivocal. The UK's National Cyber Security Centre (a part of GCHQ) said they completely supported Apple and Amazon that no such attack occurred. The US Department of Homeland Security said the same thing. Dan Coats, the US Director of National Intelligence said the US intelligence community has seen no evidence of such an attack, which certainly undermines the Bloomberg story. Some of the folks quoted in the Bloomberg article even questioned the accuracy of the article with one going so far as to say the article that he is named in... "didn't make sense."

Also, as reporter Nicole Perlroth noted, one of the reporters on the Bloomberg story -- Michael Riley -- had also done a story back in 2014 making bold claims that the NSA had exploited the Heartbleed bug, and multiple other reports ripped that story to shreds, with multiple people denying it and no one else confirming it.

Now, with this story, Apple has done something it's never done before: asked Bloomberg for a retraction of the article. That's a pretty big move -- and Bloomberg says it still stands by its reporting (as it did with the Heartbleed story).

However, at this point, Bloomberg has whittled away whatever benefit of the doubt there was left and set fire to the scraps. It's difficult to believe that Bloomberg's story was accurate, and the company and its reporters owe everyone an explanation -- or at least some additional evidence to support the reporting. I don't doubt that there is a kernel of truth in the story -- but given the vehement and thorough response from everyone, it certainly seems likely that the reporters on the Bloomberg piece misunderstood something big, leading to misreporting of things in a way that leads to a very inaccurate picture of what's going on. Bloomberg should, at the very least, appoint someone else to go through the work put in by reporters Michael Riley and Jordan Robertson, and explore whether or not the story really is accurate, and why it is that basically everyone is saying it's not.

Reporters can, and do, make mistakes. How they respond to such mistakes is the real marker of the ethics they and the organizations they work for hold. Considering Bloomberg stood by that Heartbleed story, perhaps we shouldn't expect such a reckoning at the publication -- but, at the very least, it's going to lead plenty of people to write off Bloomberg as a credible source on issues like these, and that's unfortunate, given that there are some really big and important stories having to do with computer security right now. Having one major publication show itself to be untrustworthy in its coverage would be very bad.

Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: espionage, hacked chips, jordan robertson, michael riley, security, supply chain, surveillance
Companies: amazon, apple, bloomberg, super micro


Reader Comments

Subscribe: RSS

View by: Time | Thread


  1. icon
    Darkness Of Course (profile), 19 Oct 2018 @ 8:08pm

    Yes, but first they must be an actual reporter

    And this one is definitely suspect.

    Listen to various chats, fueled by who knows what, believe it (for who knows why), publish and double down. Include the names of people who said that the initial info didn't make any sense, and clam up when the list of people that clearly knows better.

    That is hardly a mistake. That is bad reporting. Bad publishing too.

    link to this | view in thread ]

  2. identicon
    Anonymous Coward, 19 Oct 2018 @ 8:27pm

    First rule of spycraft

    You don't tell the public about anything involving state secrets. Once out in the open, you can no longer feed disinformation to your enemy through it.

    link to this | view in thread ]

  3. icon
    stderric (profile), 19 Oct 2018 @ 8:36pm

    Since there was so much confusion over it all, we held off on writing about it, figuring more information would come out in the days and weeks after the initial story.

    I noticed that, and had to follow the story over at Ars. On a completely unrelated note, has anyone ever had to get a latte at a strip-mall Starbucks because their local coffee shop's espresso machine was on the fritz?

    link to this | view in thread ]

  4. identicon
    Anonymous Coward, 19 Oct 2018 @ 8:43pm

    Denials everywhere...

    And here, both Amazon and Apple's denials were so clear, so specific and so adamant that it raised serious questions [whether they were ordered by the government to deny it].

    link to this | view in thread ]

  5. identicon
    Anonymous Coward, 19 Oct 2018 @ 8:45pm

    With the national security implications of such a huge supply chain attack, if it happened, of fucking course everyone would deny it.

    Is it entirely possible that Bloomberg lied? Yes. Is it equally possible, or even more likely, that the others are lying? Yes.

    Let's assume for a second the attack is real. Even if it weren't in the companies' best interests to deny it, it would still be in the government's interest, and the companies would be forced to deny it. The sheer number of heads that would roll would make sure that no intelligence agency would ever admit to it in public.

    Now, besides denying it, what would we do if it were true? We would retaliate. Not in kind, because we don't have that capability, but with what is available to us. What have we recently been doing to China? Attacking their economy in a way that hurts us, but hurts them a lot more.

    The fact that our actions to hurt China's economy also hurt ours indicate there are other reasons involved other than the purely economic. This is a candidate for being that reason.

    link to this | view in thread ]

  6. identicon
    Christenson, 19 Oct 2018 @ 9:09pm

    Unknowable truth here...

    There's lots of power and pressure on all sides here, so absent a confession from the reporters detailing who fed them the nonsense, or a sample motherboard, there is no discerning the actual truth.

    Now, my factually unsupported opinion is that someone from the NSA put the reporters up to it because NSA TAO is thinking about such hacks, and they are looking for a smart PhD/maker/hacker to implement a proof of concept that they can then weaponize.

    There is also the defense-in-depth aspect of this -- the publicity highlights the attack surface inherent in a board control computer that can reboot the server on command and feed it arbitrary firmware. So some other smart PhD will now figure out how to defend against something like this.

    link to this | view in thread ]

  7. icon
    Mike Masnick (profile), 19 Oct 2018 @ 9:55pm

    Re: Denials everywhere...

    [whether they were ordered by the government to deny it].

    That is not happening. Like, that's tinfoil hat land. It's not happening. Companies might refuse to comment, or they might give some mealy mouthed answer. But the government wouldn't (couldn't) order companies to deny something, nor would the companies comply if they did.

    link to this | view in thread ]

  8. icon
    Mike Masnick (profile), 19 Oct 2018 @ 9:58pm

    Re:

    Is it entirely possible that Bloomberg lied? Yes. Is it equally possible, or even more likely, that the others are lying? Yes.

    I don't think either one is lying. I think the reporters likely got confused over something that did happen (but likely wasn't nearly as serious as this story implied), and the companies are, rightly, denying an incorrect story. Neither of those involves lying.

    it would still be in the government's interest, and the companies would be forced to deny it.

    Again, the government has no power here to compel private companies to deny. Compelled speech by the government is not something that is happening.

    link to this | view in thread ]

  9. identicon
    Azrael, 19 Oct 2018 @ 11:48pm

    Re: Re: Denials everywhere...

    Tell us what magical palantir have you used to arrive at this conclusion despite all the evidences to the contrary from the past century.
    Otherwise we might have to conclude you're nothing more than a shillbot, a regulated "opposition" at the command of the powers that be.

    link to this | view in thread ]

  10. This comment has been flagged by the community. Click here to show it
    identicon
    Azrael, 19 Oct 2018 @ 11:54pm

    Re: Re:

    But of course, the chinese have put that chip on those server motherboards to monitor their temperatures and processor loading, there's nothing nefarious here.....
    Really, how gullible do you think we goys are? Do you really believe we don't know the reason that they are denying it is because they have done the exact same thing with all the hardware sold all over the globe for the past half century?

    link to this | view in thread ]

  11. icon
    Stephen T. Stone (profile), 20 Oct 2018 @ 12:33am

    they have done the exact same thing with all the hardware sold all over the globe for the past half century

    Extraordinary claims require extraordinary evidence.

    Also: Take your anti-Semitism somewhere else—preferably Hell, if you can swing that.

    link to this | view in thread ]

  12. icon
    mhajicek (profile), 20 Oct 2018 @ 12:52am

    Re: Re:

    The government has the power to compel anyone to do anything. Since when has the law stopped our "intelligence" agencies from doing as they please?

    link to this | view in thread ]

  13. identicon
    bob, 20 Oct 2018 @ 1:47am

    Re: Yes, but first they must be an actual reporter

    Hate to say that they duped a lot of people, myself included. But for what reason? Why would they risk their reputations so badly for a made up story.

    link to this | view in thread ]

  14. identicon
    Anonymous Coward, 20 Oct 2018 @ 1:56am

    Re: Denials everywhere...

    More likely, given the attitude to China at the White House, someone in government fed Bloomberg a story to make China look bad.

    link to this | view in thread ]

  15. identicon
    OGquaker, 20 Oct 2018 @ 3:44am

    Re: Semitism? Love it!

    This Goy married a Gal from the Urals, got to be a Semitic limerick here somewhere

    On a completely unrelated note, didn't Intel & AMD both have a 'Management Engine' backdoor last year?

    Disclaimer; I supplied the bits and filmed the Bad Guy's brains that fell out in the first 'Tron' movie.

    link to this | view in thread ]

  16. icon
    Dan (profile), 20 Oct 2018 @ 4:51am

    Re: Re: Denials everywhere...

    Do they legally have the power to order a denial? Probably not, though like the warrant canary, it hasn't actually been tested, and "national security" frees up a lot of judges' pens (witness the blatantly unconstitutional prior restraint involving the 3d-printed guns). But you're probably right that there's no court order stating "respondent shall forthwith vocally and explicitly deny the truth of this story."

    That doesn't preclude the possibility of "hey Amazon, you get an awful lot of business from the government. It'd be a shame if that business were to go away, wouldn't it?"

    I'm not saying either way, because I don't know either way. I thought the Bloomberg story was suspicious when it came out, and I thought it more than a little strange that Bloomberg is where it would be. But you seem far too confident in something that I doubt you can have personal knowledge of.

    link to this | view in thread ]

  17. identicon
    Res12, 20 Oct 2018 @ 5:45am

    Re: Bad reporting. Bad publishing

    Misrepresentations, sensationalism, bias, and even outright fabrications are hardly unusual in major media outlets like Bloomberg News. Saints they are not.

    Even journalistic icons like the New York Times and Washington Post have a long well-documented history of big "errors" ... including Pulitzer Prize for blatantly fabricated news stories.

    Very unwise to automatically presume that the American corporate media are scrupulously honest in their reporting.

    link to this | view in thread ]

  18. identicon
    Jim, 20 Oct 2018 @ 5:55am

    But?

    Like I say, I think they are protesting to vehimently. An order to retract a item that says the supply chain is bad?
    If the object requires a piece made in an suspect area, and is carried into secure areas, what else might it be doing? Like an Apple watch, set to record what's going on during an visit. That is the owner spying, keeping a daily record of his travels. It's called a feature. Let's extend that a little further, was there a camera built into the watch?
    Another feature, the voice, could have been hacked, could the camera have been hacked also. And those "built in features" include biometric monitoring, and a wallet, and what other informations? The parts, and the boards are getting down to wafer size. What lse is in there hidden from the user? Or was it added for consumer or ad revenue, or simple spying. If Bloomberg gives up the quest, we will Never know. A shame, I say, go Bloomberg, don't let the critics of nowledge stop you.

    link to this | view in thread ]

  19. icon
    Bamboo Harvester (profile), 20 Oct 2018 @ 5:59am

    Re: Re: Denials everywhere...

    ...should any of your IMF force be caught or killed, the Secretary will disavow any knowledge of your actions...

    The Government *could* "order" such. And it'd be "leaked" inside of fifteen minutes.

    link to this | view in thread ]

  20. identicon
    Anonymous Coward, 20 Oct 2018 @ 6:37am

    Re: Re:

    Again, the government has no power here to compel private companies to deny. Compelled speech by the government is not something that is happening.

    You mean there's a First Amendment and, consequently, no law that can enforce such an order. You neglect extortion along the lines of, "You should do X so we don't have to review all your lucrative contracts."

    Government power does not all derive from mere law.

    link to this | view in thread ]

  21. icon
    OldMugwump (profile), 20 Oct 2018 @ 6:44am

    Re: what magical palantir

    Azrael, that conclusion comes from familiarity with the real world.

    I've worked in large public tech companies at high levels. I've been in meetings with NSA representatives, who came to ask "favors". Ask. Not demand.

    The US government cannot, and does not, tell private firms what to say. And if they tried, the first thing the company would do is file a lawsuit over it (a very public one).

    Mike is correct. To think otherwise is uninformed fantasy.

    link to this | view in thread ]

  22. icon
    madasahatter (profile), 20 Oct 2018 @ 7:05am

    Re: Yes, but first they must be an actual reporter

    One must remember the average journalist for a major news organization is a journalism major. A major that does has a reputation for being academically weak. While some journalists are genuinely curious about how the world really works, most are not. Also, now too many reporters do not have the wisdom to realize they are often being played by their sources and fail to ask the pertinent questions about the motivation of their sources. Add the competitive nature of the business were juicy stories get headlines even they remotely look plausible by the editors.

    So a couple dim journalists got played by some sources who have a murky agenda. They ran with the story without asking some other experts about the plausibility of the story. One of the keys of the story as I heard it was there was an extra chip on the motherboard.

    Anyone who has ever looked at a motherboard would realized that a good inspection would catch this and the QA department would reject them as not meeting the specifications. Manufacturers will have a specification attached to the contract even if it 'use model xxx as specified in the supplier's document yyy attached'. This is something anyone in manufacturing would be familiar with and would be familiar with incoming inspection procedures.

    link to this | view in thread ]

  23. identicon
    Anonymous Coward, 20 Oct 2018 @ 7:41am

    Re: Re:

    The government has no legal authority to compel private companies. That is not at all the same as not having the power to compel them.

    link to this | view in thread ]

  24. identicon
    Anonymous Coward, 20 Oct 2018 @ 7:47am

    It was documented over two decades ago that industry & government were working toward the incorporation of what was called the "Clipper Chip" into computer architecture in order to protect, themselves apparently from ... an undisclosed menace - ohhh scary stuff for sure. Then it all went silent for a while, wonder what they have been up to.

    I guess they decided it was too difficult to convince the world the clipper chip was in their best interests, lol.

    Possibly, they moved onto IOT as a way to spy upon everyone.

    link to this | view in thread ]

  25. identicon
    Anonymous Coward, 20 Oct 2018 @ 9:19am

    The curious thing is, if there IS no bug, why have apple and amazon not only had server boards removed, but had them clinically incinerated at great expense?

    Surely if they didn't want people to realize they'd fallen for such a hack, they'd show people the original hardware and not pay to have it shredded and burned?

    link to this | view in thread ]

  26. icon
    Bamboo Harvester (profile), 20 Oct 2018 @ 9:29am

    Re:

    IIRC, because the firmware had a damned webserver in it. Treated satellite hardware as a network.

    It was an exploitable system, so they changed over to a new system.

    So far as I can recall, there were no claims of foreign OR domestic "hacks" via that firmware.

    link to this | view in thread ]

  27. icon
    Moo (profile), 20 Oct 2018 @ 9:50am

    "was that servers from Super Micro had hidden chips that somehow were then used by Apple and Amazon"
    This reads like Apple/Amazon were using the hidden chips, rather than the servers, which would be a different story, I feel.

    link to this | view in thread ]

  28. identicon
    Anonymous Coward, 20 Oct 2018 @ 10:01am

    Re: Re: Semitism? Love it!

    You killed David Warner? Bastard :)

    link to this | view in thread ]

  29. identicon
    Christenson, 20 Oct 2018 @ 10:37am

    Re: Re: Denials everywhere...

    I am with Mike here...the companies denying the story are genuinely sure it did not happen.

    However, I know that the large outfit I work for has lost track of things, and often does not know what all of its people are doing.

    So *if* the story that is being denied is true, then a very small number of people at Apple need to be involved. "Three people can keep a secret...if two of them are dead!"

    link to this | view in thread ]

  30. icon
    Bamboo Harvester (profile), 20 Oct 2018 @ 11:17am

    Re: Re: Re: Denials everywhere...

    I could see a gag order being issued, the infamous National Security Letter.

    But an Official Story to be presented to anyone questioning?

    Like I said, leaked before the gov't reps got out of the building.

    link to this | view in thread ]

  31. icon
    Bamboo Harvester (profile), 20 Oct 2018 @ 11:19am

    Re: Re:

    Considering WHO was hit, if there's anything to it just being propaganda, applying cui bono says Huawei fed it to the press.

    link to this | view in thread ]

  32. icon
    ECA (profile), 20 Oct 2018 @ 11:56am

    Read most of the Bloomberg report.

    Lets suggest something.
    Compression is a great ting, but there are faults in it..
    You CANT compress something beyond a certain level and have anything intelligible.
    Text has the biggest compression rate but even THAT, has its problems. Compressing "Multi- key format worlds" like Chinese and Japanese, and a few other languages..Really can mess things up.
    Take a picture that you need Lots of detail and compress it, ALLOT..then return it to its uncompressed size, and run a compare program. There are Lost points/pixels. Things change when they get augmented, and computers are only so good at Compressing and Uncompressing.

    Then you come to another Fact. Sending the data, in a Unnoticeable, from your computer, threw a bunch of servers, BACK to its home. This is like a Leaky pipe in a house..It will be noticed eventually..because people want to know whats going THREW their servers.
    the internet DOES use types of compression to make things faster, but MANY times it can Slow things down. because sending Compressed programs, AND THEN, compressing it again, dont work very well...AT ALL..

    Cant see it happening.
    Esp, if you are running this on server systems. The Amounts of Data are HUGE, and you are trying to sort, and compress this to send back home??

    link to this | view in thread ]

  33. icon
    TKnarr (profile), 20 Oct 2018 @ 4:08pm

    https://www.bloomberg.com/news/articles/2018-10-09/new-evidence-of-hacked-supermicro-hardware-found- in-u-s-telecom

    This article covers something that appears different from the original article. It looks plausible: the extra chip is in the connection between the Ethernet connector itself and the internal NICs in the CPU, which'd give it both network access and potentially access to the PCIe bus and/or the internal bus connecting components within the CPU. In a multi-layer motherboard I can see hiding some extra traces that'd be sufficient to give the chip enough access to monitor memory and the hard drives. Add in the claims that the technique was also found in NSA leaks back in 2013 (the TAO catalog from the NSA's Advanced Network Technologies group) and it looks like it falls into the "I really don't want to think they did that, but I can see too many ways they can feasibly do it and I know the potential payoff would be enough to tempt even a saint" category.

    link to this | view in thread ]

  34. icon
    tgaramon (profile), 20 Oct 2018 @ 4:09pm

    Yeah...No

    So forgive me if I don't believe the denials of the tech companies or the government. Anyone who does, really needs to read "No Place To Hide" by Glenn Greenwald. Not to mention the fact that we currently have a government headed by a pathological liar and his oligarch cronies......

    link to this | view in thread ]

  35. icon
    ECA (profile), 20 Oct 2018 @ 4:34pm

    Re: Yeah...No

    nor warnings from other things happening..
    And the old Authors about 1984, type things..
    Een a recent article here about DHS wanting to cover ALL travel in the USA...another way to bag and tag everyone..

    Anything can be done..
    but the costs and the secrecy needed is horrendous..

    link to this | view in thread ]

  36. icon
    BentFranklin (profile), 20 Oct 2018 @ 7:47pm

    Re: Re: Denials everywhere...

    Came here to say this.

    link to this | view in thread ]

  37. icon
    BentFranklin (profile), 20 Oct 2018 @ 8:01pm

    "pathological liar and his oligarch cronies" applies to Trump and Greenwald.

    link to this | view in thread ]

  38. This comment has been flagged by the community. Click here to show it
    icon
    Sayonara Felicia-San (profile), 20 Oct 2018 @ 10:09pm

    Re:

    Yet you willingly lap up Tim Cook's juvenile lies about not coordinating the deplatforming of Alex Jones and infowars.

    Yup it just happened coincidentally all at the same time.

    What vile hypocrites you people are.

    link to this | view in thread ]

  39. identicon
    Anonymous Coward, 20 Oct 2018 @ 10:14pm


    People should listen to this interview with the engineer who was a source on the story:

    https://risky.biz/RB517_feature/

    The whole thing is complete bullshit. The photo they used of the secret spy device is the same thing this guy linked them to on Mouser when the author asked for an example of a small device. He said his descriptions of theoretical attacks match exactly what the author wrote about how the attacks worked.

    link to this | view in thread ]

  40. icon
    Stephen T. Stone (profile), 20 Oct 2018 @ 10:17pm

    If you could prove it, you would have done so already.

    link to this | view in thread ]

  41. identicon
    Christenson, 21 Oct 2018 @ 2:17am

    Re: Re: Re: Re: Denials everywhere...

    "Official Story" is not the model I have at all...the leadership doing the denying has to be ignorant of the actual events and believe the denials they are making.

    Think more as follows: Somebody testing a new server quietly investigates some anomalous network traffic from one of these servers, and tips off the NSA....who swears her and possibly her boss to secrecy.

    NSA asks these people who is responsible for physical maintenance.... and pays that manager a visit, and swears them to secrecy. The compromised servers are rotated out as part of regular PM, but *much* sooner than they would be otherwise, and the guys lifting the racks don't know that anything special is going on...

    Of course, if this was the actual sequence of events, you have to ask who is doing the leaking to the press, and why that leak wouldn't point to those people above who knew. Additionally, suppose the exploit was real and NSA knew about it...wouldn't it be to their advantage to let the chinese think it was undiscovered?? The case in favor of the bloomberg article being anything like the whole truth is weakened substantially.

    link to this | view in thread ]

  42. identicon
    Chuck, 21 Oct 2018 @ 3:32am

    Response to: Anonymous Coward on Oct 19th, 2018 @ 8:45pm

    I just want to take one little moment to say that, no, the trade war with China does NOT hurt them more than it hurts us. I'm sure that's what he-wh-shall-not-be-named says, but any economist without "Fox News Analyst" after their name will tell you otherwise.

    China can export every single product they've been exporting to us to any other nation on earth, and for the exact same price. While no other nation has the buying power of the US, many of them in aggregate - for example, the EU - totally do. Add to that the fact that tariffs are paid by the importers, not the exporters, and the effects of US tariffs on imports from China are felt almost entirely by US consumers, not Chinese manufacturers.

    So no, the trade war is hurting us worse than them, and it will continue to for the foreseeable future because you'd have to get the entire EU, all of the richer middle eastern nations, and the half of South America that has some money to all join with us and tariff them together for it to have the desired effect, and none of those nations have any incentive to join us.

    Trade wars can be won, but much like nuclear war, in the end everybody loses. This is a reality that a "lifetime politician" understands and that 99% of the business world doesn't because an individual business can usually work around a trade war, while a nation's economy as a whole cannot. Just another example of why electing a businessman - ANY businessman, regardless of party or ideology - is always, always, ALWAYS a bad idea.

    link to this | view in thread ]

  43. identicon
    Chuck, 21 Oct 2018 @ 3:46am

    Response to: TKnarr on Oct 20th, 2018 @ 4:08pm

    1) There's no such thing as a NIC inside a CPU. A NIC is a Network Interface Controller, i.e. a network card, and is not a sub-component of a CPU. Even in a "system on a chip" they are not literally part of the same chip.

    2) The problem with these sorts of hacks is that, while they absolutely can hide the data from the system with the chip installed, that data has to be sent back to Spymaster HQ somehow. That can either be through the device itself - which runs the risk that an uncompromised system on the network can detect it, easily - or some sort of wireless transmission - which can be easily detected with a $10 RF scanner.

    Any infrared system needs line of sight so couldn't transmit from a datacenter in California or New York all the way around the curvature of the earth back to China (disregarding the fact that IR light that strong would be impossible to miss and likely also give anyone nearby instant sunburns and probably 5 minute cancer). Any satellite-based system is just directional RF that you'd also pickup with the RF scanner.

    I could keep going on but the point is made, I hope. This type of hack has never been widely deployed because it's too hard to deny and it's completely impossible to hide. You could target it at a specific user or device - Trump's Tweet Phone is a prime target - but the odds that your chip winds up in the right finished device are astronomically low.

    Now, in theory, you could put the chip in every device that fits the make/model and then use some sort of special code to activate the chip later. This would give you a far lower risk of detection and if your target isn't someone super-important like POTUS (maybe someone like a major CEO or even CTO instead) the odds that their IT department will be able to identify your little chip are low. In short, it could work as a hardware-based spear fishing attack.

    But that's one hell of a lot of money to spend on such an attack. You'd have to be targeting someone with some VERY juicy info - either insanely good blackmail material or extremely valuable IP - and one bad choice of targets and all your effort and expense is for naught.

    link to this | view in thread ]

  44. identicon
    Anonymous Coward, 21 Oct 2018 @ 5:45am

    Just because most agree this story about a secret chip from China is bullshit, does not mean that there are no nefarious evil master minds plotting their next attempt to take over the world from their volcanic lair.

    link to this | view in thread ]

  45. icon
    Zof (profile), 21 Oct 2018 @ 6:05am

    I can't blame them

    We now have a good 8 working examples of completely fabricated yet fantastical stories that were pushed hard by our Media over the past two years. It's unprecedented. I used to joke that the Pulitzer was the "yellow journalism" award because Pulitzer is credited with creating fake news. Funny he's a hero for it. Now it's like they are competing to see how big of a lie they can get America to believe with no evidence.

    So yeah, we really can't blame Bloomberg for trying to fabricate a story out of thin air. They learned it from watching mom and dad.

    link to this | view in thread ]

  46. icon
    Zof (profile), 21 Oct 2018 @ 6:42am

    It used to be...

    That the VERY FIRST CLUE something was fake was a complete and total lack of evidence, but a pile of very adamant witnesses. I mean, our brains would see that and IMMEDIATELY do the math and say "Oh, they've got nothing. This is a con. All they have are witnesses and no evidence."

    When did that change? I swear, I can remember that being normal.

    link to this | view in thread ]

  47. icon
    Bamboo Harvester (profile), 21 Oct 2018 @ 8:11am

    Re: Re: Re: Re: Re: Denials everywhere...

    We just went through a similar server problem - the "housekeeping" firmware was exploitable. IIRC, nobody took credit for actually exploiting it, but the internal subnets it created, if exploited, could have wreaked havoc.

    I find it far more likely that the "journalists" were baffled by conspiracy theory regarding that firmware and ran with it.

    Huawei is "banned", but Apple is "allowed" at the moment. I can easily see a couple of engineers at Huawei coming up with a propaganda story to shift the claim of pre-exploited firmware to Apple.

    But even that is a bit far-fetched when simpler explanations are available.

    link to this | view in thread ]

  48. identicon
    Anonymous Coward, 21 Oct 2018 @ 10:39am

    Re: I can't blame them

    What are these eight stories to which you refer and which media pushed them?

    People who refer to the media as though it were one homogeneous unit that works in unison all publishing tghe same stories ... well, they are quite wrong in their over simplifications. I find it useful to read a variety of sources and intentionally look for counter arguments because well - many people out there are liars but not everyone regurgitates the same lies. Eventually you begin to get the idea of wtf is going on - maybe. Depends upon how good the cover up is.

    link to this | view in thread ]

  49. identicon
    Anonymous Coward, 21 Oct 2018 @ 10:42am

    Re: It used to be...

    otoh, one would suspect the nefarious to cover up their ill fated attempts and maybe they found someone who knows what they are doing.

    link to this | view in thread ]

  50. identicon
    Christenson, 21 Oct 2018 @ 10:56am

    Please cite the 8 working examples...

    Besides the obvious frauds coming through Breitbart, Fox news,Alex Jones, and company.. like Pizzagate, Sandy Hook as crisis actors, vaccines cause autism, etc.

    I flunked mind-reading class, and have been thrown out repeatedly for having absolutely no skill at it!

    link to this | view in thread ]

  51. identicon
    guy, 21 Oct 2018 @ 12:36pm

    Re: Re: Re:

    Not really; it's supposedly from tampering at factories in China not too far from Huawei's factories and carries the implication that Huawei is blacklisted because they're a similar risk.

    link to this | view in thread ]

  52. icon
    TKnarr (profile), 21 Oct 2018 @ 9:53pm

    Re: Response to: TKnarr on Oct 20th, 2018 @ 4:08pm

    As to #2, these chips were installed in the Ethernet connector itself. That means they have access to the physical Ethernet so they can inject their own packets in between legitimate packets. And if you'd read the article, the extra network traffic that would imply was exactly how they were in fact detected according to the author.

    As to #1, go look up the specs for Intel's chipsets like the current X299. They include on-board network hardware (specifically an Intel I219) which is connected to the Ethernet connector itself via a PCIe x1 and the SMBus. That would give hardware embedded in the Ethernet connector a nice neat line into the hardware's internals.

    And perhaps it might be a lot of money. Maybe. Remember that this is China, which specializes in manufacturing chips for electronics manufacturers. I'm pretty sure their government could fund a fab line for the necessary chip, they could probably even piggyback it onto an existing fab line other companies were paying for. Installing it in every Supermicro board manufactured in China wouldn't be expensive, it's just a small tweak to the cost they're already charging Supermicro to manufacture the boards after all. Putting it into every board would actually make it less likely to be detected since there'd be no anomalies in the components to be noticed and the chip is probably on the original blueprints labelled as something innocuous so anyone checking would see that the connector's exactly as specced. You'd need to actually peel the chip apart before you'd find any hint of anything wrong. Or be monitoring for unusual network traffic, and that's often difficult as there's so much and only the most paranoid would go to that effort. Your targets wouldn't be the high-security networks that'd be the main places that'd spot that traffic either, they'd be the lower-security stuff in big datacenters where you can scoop up information from the commercial side where security isn't nearly as tight. Set the chip up to do a limited number of time-delayed pings at first power-up and shut itself off if it didn't get a response and by the time anyone looking notices the traffic and goes hunting for the source the trail's gone cold.

    As for juicy, remember that the government contracts out almost all of it's military hardware. You may not be able to steal the designs from the government, but scoop up the info on what the civilian subcontractors are making for the contractors making the hardware and you can get a pretty good idea what's being delivered. Plus the sheer monetary value of simple commercial espionage, of course, and commercial security is a complete joke as we've witnessed time and time again.

    link to this | view in thread ]

  53. identicon
    OGquaker, 21 Oct 2018 @ 10:08pm

    Re: Re: Re: Frisbee® deaths in China

    On a completely unrelated note,

    Since the 'rendering' computers were running at a few megahertz, I built an aluminum rig to mount Chris's 1920's Bell&Howell 2709 on the Hong Kong hotel wall to shoot the animation cells coming back by mule from Red China (not Taiwan) where the 'ink & paint' was done for Tron.... still a State Secret.
    After he got back and turned in the color negative, Disney needed a 'pick-up' shot of spilling brains, we shot that on an Oxberry that I bought from Lockheed Skunkworks the year before. Sadly, the parts and bits were replaced with Fruit Loops in the DVD release:(

    link to this | view in thread ]

  54. identicon
    Peter, 21 Oct 2018 @ 11:19pm

    Maybe the story is right but the government named is wrong

    Maybe it was one of the 5 eyes government agencies who installed the chip with a Chinese government cover story. That way if the chip is discovered, the trail leads back to a "Chinese" source. All those who deny the story are large US companies and UK/USA government. Don't the later have history of modifying hardware (Cisco network gear) and spying on their own citizens?

    link to this | view in thread ]

  55. icon
    crade (profile), 22 Oct 2018 @ 6:54am

    Sorry but I can't resist:

    Apple was extremely strong and powerful in his denial today :)

    link to this | view in thread ]

  56. identicon
    Anonymous Coward, 22 Oct 2018 @ 7:19am

    Re: Re:

    I think you are right, and probably it was the older IPMI issues with SuperMicro, Dell, and a lot of other vendors.
    https://blog.eclypsium.com/2018/09/06/insecure-firmware-updates-in-server-management-systems/

    Thing is these attacks are well known, and anyone will put very strict firewall rules on any BMC access.

    link to this | view in thread ]

  57. identicon
    guy, 22 Oct 2018 @ 8:20am

    Re:

    It seemed pretty clear in the original story that they used him to fill in technical details and the photos were for illustrative purposes and were examples of what such a chip might look like rather than photos of the chips in question.

    So all that shows is that Bloomberg's other sources didn't provide specific technical details of the attack, not that no attack occurred. It is, however, reason to doubt that the story accurately describes the actual mechanism used.

    link to this | view in thread ]

  58. identicon
    Anonymous Coward, 22 Oct 2018 @ 8:42am

    Re: Re: what magical palantir

    the first thing the company would do is file a lawsuit over it (a very public one).

    Why do you say "very public"? When they sue over gag orders it's done in secret "Doe vs. government" form. People once thought that the government couldn't issue gag orders (apparently having somewhere got the idea somewhere that it's illegal for congress to make a law abridging the freedom of speech).

    link to this | view in thread ]

  59. identicon
    Anonymous Coward, 22 Oct 2018 @ 8:47am

    Re: Response to: TKnarr on Oct 20th, 2018 @ 4:08pm

    Even in a "system on a chip" they are not literally part of the same chip.

    All modern CPUs are actually SOCs to some degree (eg. integrated Northbridge / memory controller). What do you mean by "not literally part of the same chip?" Don't they have everything but the PHY in the same wafer stack?

    link to this | view in thread ]

  60. icon
    Igualmente69 (profile), 22 Oct 2018 @ 8:49am

    Re: Re: what magical palantir

    The problem is that you are wrong. What do you mean the US government "cannot", and does not, tell private firms what to say? Like there is a constitutional prohibition? Simply reading Techdirt would give numerous counterexamples of government at all levels engaging in constitutional violations. Your personal experience is irrelevant. The fact is that the government tells private firms what to say and do, every single day, whether directly or indirectly, by fiat or by suggestion, and for you to suggest otherwise is to be embarrassingly naive or deliberately deceptive. The job of an intelligence agency is to lie. They wouldn't be good at what they do otherwise. Please stop making yourself look silly. Bloomberg might be full of crap, but you can't know because the US and UK governments have declared it to be so.

    link to this | view in thread ]

  61. identicon
    nae such, 22 Oct 2018 @ 9:10am

    Re: Re: Yes, but first they must be an actual reporter

    i've worked with motherboards building pcs and servers. i have no idea what many parts on the board do. a new chip would not stand out to me. qa i can believe would be more on top of it, but do they check each and every board? humans miss lots of things too would they catch them all? i work in a small shop so hardware audits aren't a thing, but i can believe apple and amazon would be different. they would still have the same problems as the qa team though.

    i found the report interesting as i've wondered how we could deal with such a situation were it to happen. the us government has been accused of intercepting and tampering with packages and software. can we trust any other state actor not to be doing the same?

    link to this | view in thread ]

  62. icon
    James Burkhardt (profile), 22 Oct 2018 @ 9:37am

    Re: Re: Re: what magical palantir

    The issue is enforceability.

    They can demand it, but enforcing the demand is another thing entirely. If Apple spoke out, how would the government shut it down? They probably couldn't get the courts to enforce the demand. The accepted legal distinction is they can instruct you not to speak, or to not express details, but they can not force you to lie. They can't even force you to express a government position with your own voice (IE, if forced professionally to say things you can express that this information is coming from the government rather than your own opinion or is your choice to express the information.)

    So without launching an all out campaign of personal blackmail and disappearances, given the number of people who would end up knowing, they can't enforce that demand.

    And given that Bloomberg should have evidence if this was actually true, such a campaign would be rapidly fruitless.

    link to this | view in thread ]

  63. icon
    tom (profile), 22 Oct 2018 @ 9:51am

    When this first broke, it seemed plausible to me.

    Apple did pull a bunch of Supermicro units out of service about the time the story claimed the chips were discovered. Apple claimed a firmware issue. Believable cover story if there really were spy chips.
    Amazon did sell off one of their China operations about the time the story claimed Supermicro boards were found in the China operation. Amazon claimed the sale was due to increasing China Govt interference in their operations. Again, a believable cover story as China is increasingly exerting government oversight over Internet in China.
    Further, the story claimed the magic chips were added at a sometimes used subcontractor for Supermicro. Unlikely that batch number 3 from a subcontractor would get the same QA look over that the first qualification batch would get, making it a better time to add the magic chip.

    But at some point, a modified board needs to be produced and that hasn't happened. Where did the retired Apple servers go? Either there are magic chips on them or not. Unlikely we could inspect the former Amazon China operation at this point for compromised boards.

    Given the failure to produce a modified motherboard, might be worth investigating any possible connection between the folks that reported this story and people/companies that made money from the large drop in Supermicro stock.

    link to this | view in thread ]

  64. identicon
    Valkor, 22 Oct 2018 @ 10:48am

    Re:

    Re: "where did they go"
    One podcaster I listen to mentioned that he had what would have been a suspect motherboard in his specialized, very expensive, video recording setup. Unfortunately, he traded it back in when he upgraded. Perhaps they were being removed from circulation through planned obsolesce.

    link to this | view in thread ]

  65. identicon
    Anonymous Coward, 22 Oct 2018 @ 11:19am

    Bonus chip the least plausible part

    I mean if you have things so throughly compromised why the hell would you bother with macroscopic components? It seems far too symbolic to include a digital parasite when they could just add it to the design with chip masks to require a more through and expensive examination to find or even go one step better and include a plausibily deniable vulnerability.

    link to this | view in thread ]

  66. identicon
    guy, 22 Oct 2018 @ 12:43pm

    Re: Bonus chip the least plausible part

    According to the story it was done by coercing supervisors at subcontractors to add the chip, which would limit the extent to which they could change the design without causing loss of functionality. A separate chip could be found by visual inspection but would be less likely to cause it to fail testing.

    Note that Supermicro HQ and design work is in the US; only the actual fabrication is done in China.

    link to this | view in thread ]

  67. icon
    btr1701 (profile), 22 Oct 2018 @ 4:18pm

    Re:

    > and the companies would be forced to deny it.

    And how would that work exactly?

    link to this | view in thread ]

  68. identicon
    Vlad, 23 Oct 2018 @ 4:31pm

    This article starts with incorrect and misslead

    link to this | view in thread ]

  69. identicon
    Vlad, 23 Oct 2018 @ 4:59pm

    This article starts with incorrect statement right from the top

    I haven't seen this before on techdirt but this post starts with completely incorrect and misleading statement. Next is misleading:

    "The gist of the story was that servers from Super Micro had hidden chips that somehow were then used by Apple and Amazon (not to mention the US government), that allowed someone in China to access certain data."

    The gist of original article was that Chinese spy agency has changed / compromised products of Super Micro - servers by hardware hack adding additional chips in hardware design. Those servers where then sold to Apple, Amazon & others. Hidden chips were used then by Chinese spy agency to access servers and article never claimed that hidden chips were used by Apple or Amazon. US government was mentioned in relation of similar hardware hacks that happen prior, based on leaked documents and not related to this incident.

    Apple and Amazon are claiming that they never detected - discovered this hardware hack which was also mentioned in original article. Apple took position that this never happened too - also in original article or maybe in some that followed.

    This is at least what I read in original article.

    Thanks,
    Vlad

    link to this | view in thread ]

  70. icon
    OldMugwump (profile), 24 Oct 2018 @ 9:44am

    Re: Re: Re: what magical palantir

    They can tell you NOT to say X.

    They can't tell you that you MUST say Y.

    link to this | view in thread ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.