
Apple Insiders Say Nobody Knows What’s Going on with Bloomberg's Hack Story - BinaryIdiot
https://www.buzzfeednews.com/article/johnpaczkowski/apple-china-hacking-bloomberg-servers-spies-fbi
======
walterbell
From 2016, [https://arstechnica.com/information-
technology/2016/03/repor...](https://arstechnica.com/information-
technology/2016/03/report-apple-designing-its-own-servers-to-avoid-snooping/)

 _> Apple has begun designing its own servers partly because of suspicions
that hardware is being intercepted before it gets delivered to Apple,
according to a report yesterday from The Information. "Apple has long
suspected that servers it ordered from the traditional supply chain were
intercepted during shipping, with additional chips and firmware added to them
by unknown third parties in order to make them vulnerable to infiltration,
according to a person familiar with the matter," the report said. "At one
point, Apple even assigned people to take photographs of motherboards and
annotate the function of each chip, explaining why it was supposed to be
there. Building its own servers with motherboards it designed would be the
most surefire way for Apple to prevent unauthorized snooping via extra
chips."_

~~~
MR4D
If you have all the resources of a state actor to accomplish this, it’s owuld
not be a chip on the motherboard, it would be a set of circuits __in __the
motherboard.

Why make something easy to photograph when you can embed it an area that can
only be seen in an x-ray?

That’s how I’d do it at least.

~~~
xevb3k
Or just replace an existing chip, which is the most logical way to do it...

~~~
lmm
That seemed to match the lightbluetouchpaper description - the "hack chip"
goes where the optional legacy (non-quad) SPI chip would go.

~~~
xevb3k
Given the size estimation, it wouldn’t cover the whole footprint.

But... why put it on an unpopulated footprint. Why not just replace the
original Quad SPI IC with a backdoored device?

~~~
lmm
What do you then do when they upgrade/change the Quad SPI IC? A separate chip
means a stable interface they can conform to.

------
mattnewton
As an ex-apple employee, all I’ll say is this means basically nothing.
Everything was on a strict need-to-know basis and a condition of your
employment was respecting that. I would be very surprised if more than a
handful of Apple employees even knew what exactly what was purchased from
Supermicro, so a random sample of employees absolutely would know nothing
about this. Unless senior means Senior Vice President, it’s meaningless.

That being said, SVP level people did categorically deny it, and I can’t see
them doing so unequivocally unless they really believe that will hold up on
the court of public opinion for their entire tenure there.

~~~
noobermin
>A senior security engineer directly involved in Apple’s internal
investigation described it as “endoscopic,” noting they had never seen a chip
like the one described in the story, let alone found one. “I don’t know if
something like this even exists,” this person said, noting that Apple was not
provided with a malicious chip or motherboard to examine. "We were given
nothing. No hardware. No chips. No emails."

~~~
vehementi
Not once have we ever seen a tiny grain of sand sized malicious chip on the
motherboards we bought that I've seen in the racks I inspected in the
datacenters I had access to!

~~~
DaiPlusPlus
Probably easier to build “smart” Cat5 cables that draw PoE to energise a chip
in a connector to power a long-range antennae built-in to the cable (outside
the shielded layer, of course) to broadcast whatever goes on inside of it to
the outside - and put 500x of them in a cable box delivered right outside an
Apple iCloud data-center under the guise of a typo’d purchase-order from
Monoprice or Tiger Direct.

~~~
ctime
This is beyond a huge stretch but your creativity is appreciated.

~~~
dogma1138
Why? Both the Israeli Intelligence Heritage museum and the Vault 5 leaks
specifically show hardware implants that are intended to be inserted into
cables like display, HID and USB cables.

Building a network tap into a CAT5 cable isn’t that hard you just need to
essentially modulate the traffic into RF and have another implant near by that
can intercept the radio signals.

We live in a day where we have demonstratable side channels attacks against
RSA keys by listening to how a laptop squeeks when it’s under load and you
think building a chip into a cable is a stretch?

Heck I have one cable like that atm which is a converter from a model M
keyboard to a USB you can’t see the converter IC it’s built into the RJ45
connector the keyboard originally used without any additional bulk.

~~~
willstrafach
The implant you describe sounds much like this:

[https://nsa.gov1.info/dni/nsa-ant-
catalog/usb/FIREWALK.jpg](https://nsa.gov1.info/dni/nsa-ant-
catalog/usb/FIREWALK.jpg)

~~~
dogma1138
And this is likely not the only one the NSA has :) It’s very easy to tap
pretty much any electrical bus these days which uses a cable the tap itself
can be very basic as it’s completely passive.

I’ve seen a demonstration of similar taps on VGA cables that transmit the
entire image to a remove reciecer which is often implanted near by in a power
socket, light fixture or anything else where you have a reliable power supply
and enough wires to hide and even transmit a signal out side over the power
lines.

------
longerthoughts
>"Seventeen individual sources, including government officials and insiders at
the companies, confirmed the manipulation of hardware and other elements of
the attacks."

Is it possible that many of these sources received their information from
others on that list of 17, propagating imperfect or inaccurate information?
I'd assume it's standard practice for journalists to confirm that multiple
sources aren't essentially from the same source, but this doesn't look great.

~~~
sieabahlpark
Lol. Clicks are the metric they care about.

~~~
randyrand
you’re downvoted, but we should never forget the importance of this incentive

~~~
travmatt
If you think Bloomberg’s primary incentive is to sell newspapers then you
should probably learn more about what Bloomberg actually is.

~~~
singularity2001
sorry for asking: what is the _real_ incentive of Bloomberg? can I find the
answer on Wikipedia?

~~~
theyinwhy
Yes, first sentence: "Bloomberg L.P. provides financial software tools"

------
myrandomcomment
Look I worked at a company that built boards in China. Every board is xrayed
to verify every level of the board for every trace. They are matched vs. known
good perfect board. If anything is wrong the board is destroyed. The boards I
am talking about where complex 26+ layer boards which is way more then any
standard motherboard. HW wise this is not impossiable, just improbable. The
better method would be in software, replacing the on board system management
software (intel ME) for example with a compromised version. That is very
doable.

~~~
andrewstuart2
I would think it would be _much_ easier to validate software via simple
hashing than physical hardware, via x-ray. Sure, you can verify traces, etc,
but with current lithography at 14 nanometers, I have pretty much no doubt
that there is no economical way to validate tens of thousands of meter-long
boards.

~~~
myrandomcomment
You could see every trace on the board at each layer. A chip like this story
talks about would standout. Also at each point on the board you could probe
(traces) end to end. It’s complex. Also the is the integery testing .. a
machine that has 1000s of needles that pushes down on the top and bottom of
the board at each contact point and test the resistance and conductivity end
to end. Put something in the board in the path and the numbers come back
wrong.

~~~
myrandomcomment
Signal integrity is really important as it can lead to grey failures down the
line. It is really important to find them before you stuff the boards with $$
of components that you can not save if the board is bad.

------
Jedi72
I'm not saying it's a fake story, but the US is in the middle of a trade war.
It could be a huge piece of propaganda. The sheer audacity of that though
would be staggering.

~~~
Analemma_
I don’t buy it. I know it’s fashionable to be cynical about the media at the
moment, but Bloomberg is not a rag and it’s owned by someone who is no fan of
Trump or trade wars. It doesn’t add up.

~~~
21
It would be something Russia would do, plant a fake story to massively
discredit Bloomberg. It would go with their strategy of launching so many fake
stories that nobody knows anymore what to belive.

The problem with this theory is that Bloomberg says all the sources were from
the American govt.

~~~
CamperBob2
That's not really a problem with the theory. If anything, it's a supporting
argument.

------
simplecomplex
If there was hidden hardware on a bunch of servers, where is the hardware now?
Why doesn’t Bloomberg’s sources have the hardware or know which boards they
were?

Bloomberg provides zero evidence this happaned, outside of their anonymous
sources.

~~~
FractalParadigm
My thoughts exactly. They're making claims that virtually everyone in tech is
denying and haven't/can't produce any evidence.

Not to mention, if this hardware had been trying to phone home, it's safe to
assume it would have set off _some_ kind of an alert at at least one of these
places.

~~~
perl4ever
Matt Levine wrote in his Thursday column:

"...let us consider a hypothetical. What if: 1\. Everything in the
Businessweek story is true, Chinese spies planted hardware backdoors in
computers built and used by major American companies, and the FBI investigated
along with those companies and discovered the backdoors. 2\. It is a national-
security secret and the companies were instructed by the FBI never to
acknowledge it. 3\. The companies are patriotically but falsely denying the
hack."

~~~
briandear
If it were Apple, they wouldn’t write a categorical denial because once the
“truth” leaked, their credibility would be shot for a long time. The standard
Apple answer would be “Apple could not be reached for comment.”

But no, they went thermonuclear on the denial.

~~~
sneak
The people hypothetically demanding these denials have gone literally
thermonuclear before. It’s an entirely different ball game when you deal with
the guys with machine guns.

------
panda888888
I believe the Bloomberg story. Why? Because of the fact that the chip was
originally found on hardware owned by Elemental. Elemental would have been a
great company to target.

My guess is that Elemental was specifically targeted because the cost of doing
so would be pretty small and with nearly a 100% chance of success. Back in
2015, Elemental was nearly guaranteed to be acquired by one of the greats
(Apple, Google, Amazon, etc.) because they had grown too large to be acquired
by smaller companies but were also unlikely to go public on their own. The
company was doing very well, plus they had government clients.

Knowing that Elemental would likely be acquired and infecting their hardware
beforehand would have been pretty sophisticated but also an easy thing for a
malicious party to do. Even if the hackers didn't know/plan for Elemental's
acquisition, they still would have been a great target based on their
government work.

(I'm not trying to fault Elemental; I would expect the same thing to happen at
basically any small company that employs maybe 10 hardware specialists)

And if the story were fake, why would Elemental even be mentioned? It's too
small and obscure to be of note otherwise.

~~~
ardy42
> My guess is that Elemental was specifically targeted because the cost of
> doing so would be pretty small and with nearly a 100% chance of success.
> Back in 2015, Elemental was nearly guaranteed to be acquired by one of the
> greats (Apple, Google, Amazon, etc.) because they had grown too large to be
> acquired by smaller companies but were also unlikely to go public on their
> own. The company was doing very well, plus they had government clients.

I don't think the acquisition potential had anything to do with it being a
good target. It was all about the government clients.

I could see the acquisition potential as actually being a _downside_. Apple,
Google, Amazon, etc. have histories of acquiring companies just to withdraw
their products from the market.

------
crazygringo
I know Bloomberg isn't going to, and shouldn't, give up its anonymous
sources... but it feels like Bloomberg's going to have to provide a _lot_ more
specifics if these reporters (and Bloomberg itself) are going to maintain
their credibility -- concrete facts Apple can directly confirm or deny, as
opposed to leaving Apple to guess at what it could be.

E.g. if Apple contacted the FBI about this, then who at Apple did so (or at
least what was their role), on what date, and what FBI office? Or how did
Apple detect it in the first place, what happened next, etc. Even if sources
can't provide technical details, they should certainly be able to provide
names and dates.

~~~
forapurpose
Lost of news reports result in strong, aggressive denials. Bloomberg assembled
extensive evidence, with around 17 sources. Perhaps Apple needs to provide
more evidence than just a denial (though it's hard to prove a negative).

~~~
jm__87
So anyone can just claim anything now and it is up to the person being accused
to prove their accuser wrong? We're just going to assume guilty until the
accused can prove themselves innocent? That is not a world I want to live in.

~~~
mcbits
All of the companies mentioned in the original article have the resources to
sue Bloomberg for defamation, so there's that possibility.

~~~
makomk
I'm pretty sure US law would protect Bloomberg against any lawsuits unless
Apple could prove that they definitely knew the story was false when they ran
it. Short of that, nothing - not even massive journalistic failures - would
make them liable.

~~~
mcbits
They don't have to know it was false, only be reckless in trying to verify
whether it was true or not (which would also be hard to prove, but not as
hard).

------
jacquesm
I have 10 Supermicro machines sitting in the room next door, bought through
the years. If someone would tell me where to look I'd be happy to tear them
down, but without any specifics, such as the serial numbers or SKUs of
affected hardware it seems a bit thin. Though the hack itself sounds totally
believable, compared to Van Eck Phreaking or powerline exfiltration it sounds
pretty easy.

~~~
chendragon
Iirc the chips were supposedly found near the SPI flash for the BIOS if you
can locate that, probably close to the IPMI/BMC chip.

~~~
Scoundreller
Someone needs to build nmap-style probe hardware that could be connected to
the SPI bus and scan every device on it.

~~~
mindslight
SPI works by paralleling all of the shared lines, and each chip having its own
CS line. So you can't really enumerate like that, without already having
enumerated the CS lines.

I2C works closer to how you're thinking, but even there a hostile implant
doesn't need to have an protocol-dictated address to corrupt someone else's
traffic.

------
ggggtez
I'm fairly amazed by the amount of skepticism here. A story this big is
certain to get a lot of people looking into it. It would be pretty boneheaded
for them to run a story like this with no evidence.

I suggest the skeptics keep an open mind, instead of categorically denying it
could be true, just because a couple of for-profit companies don't want to see
their stock plummet the way Supermicro did. Nothing reported so far is out of
the realm of plausible, considering the value of a successful supply-chain
attack against tech companies.

~~~
dillondoyle
I am also shocked. Especially hearing the same BS talking points I see right
now in US politics attacking credibility of news. No, reporters don't make up
sources and an anonymous source reported by a big institution !== 'might as
well be made up' as someone already commented in this thread.

I would love to see some research on accounts and comments on HN similar to
Twitter analysis post 16. Seems to me any time China is broached the HN thread
gets more comments than average. Many posts read to me as strongly defensive
or taking straw man/obfuscation type tactics.

But then again that could be personal bias I don't know the actual human
composition of HN comments - which is why I would love to see some research on
HN comments/accounts.

~~~
AsyncAwait
> No, reporters don't make up sources and an anonymous source reported by a
> big institution !== 'might as well be made up'

What would you call Iraq WMD stories?

~~~
Paradigma11
With Iraqs WMDs stories the officials, not the reporters, lied. Also there
were quite a few stories, backed by anonymous sources from the intelligence
apparatus who were very critical about the official line and the pressure that
they were put under to produce corroborating evidence.

~~~
AsyncAwait
I am not saying the reporters lied, however they were relying on "anonymous
sources", just like they do here and the sources had an agenda.

Could be the case here as well. Might not be, but there certainly would be a
motive for it, (trade war).

------
SteveNuts
This is either going to turn out to be an NSA gag order, or a total
misunderstanding on Bloomberg's part. For me, this is the most interesting
news story to follow in a decade.

~~~
ethbro
The response is equally interesting. I wouldn't have assumed people would be
so quick to jump to "Well, private US companies are lying to the public
because the US government is compelling them to."

Times we live in...

~~~
RL_Quine
The reason for that response is:

* this all seems within reason, knowing the hardware

* the denials are unusually strong

If any of it is true or not I don't know, but the IPMI stuff is crappy, if not
backdoored.

~~~
dboreham
Since everyone assumed IPMI was crappy and potentially backdoored, that's why
the story seems fishy. Why go to science fiction lengths to subvert some
easily subervertable thing?

~~~
jarfil
The described hack is nowhere near science fiction levels. Even embedding a
bare silicon chip in the layers of a board would be factible.

~~~
RL_Quine
As I referred to in the original thread, this is a commonplace construction
method.

------
kaycebasques
Somebody in another thread discussed the hack as a brute force strategy where
the attackers compromised a lot of hardware without knowing where it would end
up. If that’s the case, then I’d imagine that you could audit a bunch of this
hardware from various places in the wild and see if any of them have the
“extra” hardware. My understanding of the situation may be mistaken, however.

------
tlrobinson
> “Asked point blank if Apple is lying to the public in the interests of
> national security, this executive replied, "no."”

If they were lying about this why wouldn’t they lie about lying about it?

~~~
donohoe
They’d say ‘no comment’ in that case IMHO

~~~
andrewflnr
That would be as good as telling the truth. If you're serious about lying,
that would be obviously stupid.

------
twblalock
At the end of this it could turn out that Buzzfeed’s journalism is more
reliable than Bloomberg’s, which would be a sad state of affairs.

~~~
judge2020
I've found that Buzzfeed News is pretty alright, but the main Buzzfeed website
is definitely something to stay away from.

~~~
notatoad
Buzzfeed has a legit investigative news division. their last highlight list is
pretty impressive (in listicle form, because buzzfeed)

[https://www.buzzfeednews.com/article/markschoofs/the-year-
in...](https://www.buzzfeednews.com/article/markschoofs/the-year-in-
investigations)

~~~
makomk
On the other hand, some of their investigative articles are just long-form
clickbait. I was particularly unimpressed with this one:
[https://www.buzzfeed.com/janebradley/scientist-who-helped-
co...](https://www.buzzfeed.com/janebradley/scientist-who-helped-connect-
litvinenkos-murder-to-the)

They managed to write 30 breathless paragraphs about how the UK police were
inexplicably treating what they claimed was the Russian murder of a key
scientist in the Litvinenko investigation as a suicide, and that the police
had mysteriously testified that “no-one in his family seemed particularly
surprised he had taken his own life" even though some of his relatives had
suggested foul play, before they thought to mention that he'd been showing
signs of depression for some time, his wife said he'd tried to kill himself
the week before, and there was no signs of foul play and no evidence anyone
else was present. They then argued this shouldn't have ruled out foul play
because he could've been given some kind of secret Russian mind control
chemicals. Seriously.

To make matters worse, from what I can tell he didn't even play the key role
in the Litvinenko investigation that they claim he did. He merely recalculated
Litvinenko's exposure in 2010 after it was discovered he was exposed twice
rather than once - several years after all the announcements and further
investigation the Buzzfeed story portrayed as a direct result of that work,
and well after this had been clearly pinned on Russia. The original analysis
was done by different scientists who are presumably still alive.

------
kristofferR
This story is good news regardless of who is right.

Even if this attack actually didn't happen, you can be damn sure that the tech
giants now massively will intensify efforts to prevent hardware hacks like
this will ever happen to them.

------
kerng
Wow, didn't realize that is based in more then one year long investigation by
Bloomberg. That seems to be quite thorough and am I already curious when
companies will come forward with details.

------
elorant
Say you work for a company that uses SuperMicro boards on their servers. Is it
possible to inspect them for the hack or you could have no way of telling if
they're tampered? Because if there is then I guess in the following days we'll
have confirmation from third parties.

~~~
late2part
Correct.

------
chrischen
It also doesn’t make sense for China to do this. These chips would eventually
be discovered and easily traces to China.

The economic damage would be huge, and the value of the data they could gleam
seems worthless by comparison.

~~~
alex_duf
Of course it makes sense for China. Assuming Bloomberg is right, China still
is pretty much a manufacturing monopoly, the production isn't going to move
any time soon.

------
housingpost
Why are so many people ignoring the fact that Supermicro was delisted from
Nasdaq over a month ago with continued delays and specious excuses from the
company. Something really strange is going on there.

~~~
bhouston
Something is weird there. There is smoke but it is hard to know what exactly
is the fire.

------
myrandomcomment
One interesting bit of fall out here would be companies moving out of China
proof or no proof. One of the startups I worked at had fab in China and San
Jose. The devices we sold to the government could only come from the US fabs.
There were a few non-gov customers that insisted on the same.

~~~
wincy
What was the price difference between US and China fab prices? 2x? 3x? 10x?

~~~
myrandomcomment
For us to build it? IIRC not 2x but enough that it made a difference.

------
strstr
This is probably just BadBIOS2[1].

If this is as common as it sounds someone will get a chip and do a teardown
and the similarities to BadBIOS will be gone.

[1][https://en.m.wikipedia.org/wiki/BadBIOS](https://en.m.wikipedia.org/wiki/BadBIOS)

------
kalleboo
The Apple timeline in the Bloomberg article doesn't seem to make any sense.
Apple found an "accidentally" malicious driver on a Super Micro board in 2016,
and that caused them drop them right away.

So if Apple found a batch of 7,000 manipulated boards a year earlier, why
would _that_ not cause them to drop Super Micro as a supplier?

A government gag order is plausible, but is a government keep-buying-
malicious-hardware order a thing?

~~~
jasonlotito
> So if Apple found a batch of 7,000 manipulated boards a year earlier, why
> would that not cause them to drop Super Micro as a supplier?

You don't want to tie the two events together. If the article is accurate, the
hope would be that by waiting, the could garner support with comments like
yours.

e.g. Let's wait 6 months before you do something in response to something
today so you can say that this has nothing to do with the even 6 months ago.

------
novaRom
It might be plausible this chip is not for spying, but rather a doomsday
switch. It works like a switch which disables the whole system working
correctly if enabled by a simple signal. There are many critical paths on the
board which can be disabled with that very simple approach. You don't even
need a sophisticated IC for that.

------
Animats
Many people bought Supermicro motherboards. If this is real, we should be
hearing more about it soon.

There's so much attack surface at the motherboard "management" hardware level
that some kind of attack wouldn't be all that hard.

------
iask
Perhaps they’re afraid that some stiff regulations might come out of this,
affecting their bottom line, so they just deny it?

~~~
panda888888
Yeah, I agree. I'm thinking that the attack/breach was so bad that it could
have major consequences for these companies.

------
RantyDave
This whole thing is bollocks. If it were for real, we'd have the firmware
dumped from that thing in minutes flat.

------
writepub
Given the impasse, I'm inclined to believe one of two things:

1\. US intelligence planted & played along for this story, for a long time.

2\. The story is true on all fronts: i.e. those inside Apple with knowledge
about this are lying to senior executives under immunity protection from US
intelligence/law

Personally, I think #2 to be a lot more likely - US intelligence has managed
to sneak in backdoors into tech forever, in cahoots with sympathizers who
probably have immunity agreements if outed.

------
Havoc
Well I bought shares in supermicro & expect to make a tidy profit.

There is just too much lined up against that single article...

~~~
novaRom
Supermicro underperforms, especially Nvidia continues to win their traditional
area of business. There is a small chance Nvidia will acquire Supermicro, but
right now Supermicro is still too expensive for a company in decline.

~~~
Havoc
It took a 40% hit on news that has a high chance of being BS. That to me is
worth a gamble

------
crb002
Who, what, when, why, where? Bloomberg needs to tie it to specific SKUs of
servers, get shipping records, see where they were sold after three years of
use which is when they usually go out of warranty so researchers can get their
hands on them.

------
Simulacra
Part of me wants to believe Apple and Amazon, but they're really under no
obligation to tell us the truth. It's way more harmful for them to admit this
happened.

~~~
astrange
> but they're really under no obligation to tell us the truth.

They are legally required to tell the truth.

~~~
kchoudhu
Not if they've been told not to.

~~~
astrange
They are legally obligated to their shareholders (you), so you could sue them
for being untruthful, and the First Amendment says the government can't "tell
you not to".

~~~
kchoudhu
That is absolutely not the case if US intelligence agencies have told them to
deny the allegations.

~~~
astrange
Whoever told you that made it up because it sounded cool.

------
ezVoodoo
Technical possibility is one thing; proving the story has actually happened is
another thing. Until now, what we get is a categorical denial of the story
from all related parties. And all the evidence Bloomberg can provide so far is
just vague anonymous sources.

Talk is cheap, show me the code/server/chip if they ever exist. Otherwise, the
story is just a blunt lie fabricated by Bloomberg serving as a propaganda to
bash China amid the Sino-America trade war.

~~~
ardy42
> Talk is cheap, show me the code/server/chip if they ever exist.

Bloomberg is a journalism organization. They'll report and cross-check
testimony that there's been a chemical weapons attack in Syria, but they're
_not_ going to go there to collect samples of the chemicals. They aren't going
to have "the code/server/chip" to show you, and they shouldn't be expected to.

Furthermore, the people who talked to Bloomberg who may have access to the
"code/server/chip" are _anonymous_ and may not be able to have too many
details released publicly without compromising their identities. Bloomberg may
have more details than they have reported, but be unable to release them
publicly while respecting their sources' confidence.

~~~
briandear
Bloomberg wouldn’t, however publish a story about a chemical attack based on
an anonymous source. They’d have independently verifiable evidence and not
just some dude saying so.

~~~
ardy42
> They’d have independently verifiable evidence and not just some dude saying
> so.

This is where you misunderstand. An anonymous source isn't "just some dude"
who called in "saying so." Journalists, in the case Bloomberg, _knows exactly
who their "anonymous" sources are._

------
amaccuish
Or, you know, it could be the NSA, since we've seen pictures of what they can
do to a cisco router, and especially after the big web services made a push
for TLS everywhere.

Does anyone more knowledgable know if this must be an at-the-factory thing, or
if it's possible to do this afterwards, "interdiction" as the bloomberg story
put it?

------
phkahler
And now for wild speculation: What if the NSA or other US TLA was behind the
hardware hack? While it would obviously require a coverup, I have no idea what
leverage the government could have to keep it quiet - that would be a massive
1st amendment violation.

------
tanilama
I would believe Bloomberg if they had some detailed reports/demonstration as
regards the mechanism of how this attack actually happens, not some nebulous
picturing of some vague concepts the reporters themselves seem don't
understand.

------
tapirl
Is there an article showing the concrete steps/evidences on how such small
chips are used to steal info?

If such a small chip can steal info, why can't the remaining other large
quantity of "normal" chips on the same board?

~~~
okket
Oh, they can. See Intel Management Engine.

------
flylib
Bloomberg's reputation about take a big hit

------
crunchlibrarian
Putting aside the specifics of this story for a moment: I really hope that we
don't enter a new era of tech journalism where we get story after story
written by anonymous government sources, because I am about to lose my mind
over the constant barrage of reporting in this style on politics.

It's already creeping into business sections, just make it stop.

~~~
gunlaw22
Scared of something? You are projecting

~~~
crunchlibrarian
Yes I am scared of anonymous sources writing with an agenda that is bullshit
as often as not. Not sure when this became the norm in journalism for people
to just take everyone at their word just because they are senior and they have
an axe to grind but it's quite tiresome.

If it's important stand up and put your name behind a story as a source,
everyone just cowering in the corner because they want to keep their careers
safe is making things worse, not better.

~~~
cycrutchfield
>Not sure when this became the norm in journalism for people to just take
everyone at their word just because they are senior and they have an axe to
grind but it's quite tiresome.

Anonymous sources have been around as long as journalism. It’s not like what
those sources say is taken as a given, they are heavily corroborated against
other sources of information, often documents/records/etc.

------
nachman
As a long-time lurker, my turn to contribute:

Look into Softbank.

------
IBM
Apparently these reporters have some questionable history with their
reporting.

[https://twitter.com/GossiTheDog/status/1048322164653535232](https://twitter.com/GossiTheDog/status/1048322164653535232)

[https://twitter.com/RidT/status/1048349907487264768](https://twitter.com/RidT/status/1048349907487264768)

~~~
nabla9
It was news reported vs. government denies.

To know who is telling the truth you must know what the government policy
really is related to NSA exploits and how bold NSA is when protecting secrets.

These things can be verified only when whistleblowers release documents.
Snowden and other whistleblowers have revealed multiple lies, including that
Director of National Intelligence James Clapper lied under oath.

That said, it's also possible that Riley & Co. rely on bad or unreliable
sources.

------
brianberns
This is exactly what happened when both the US intelligence community and
media decided that Saddam Hussein had weapons of mass destruction in the 00's.
All the sources traced back to a handful of Iraqi dissidents who had made the
story up to encourage American intervention.

~~~
ams6110
Not just the US intelligence community but most of the Western world was
convinced.

~~~
badosu
Please... I was a 12 year old boy in a poor city from Brazil and knew it was
all garbage.

At that time I did not even have internet and most people knew it was
bullshit.

The only thing that needed convincing was that the US would do it anyways, so
better to have a smooth pathway.

~~~
longerthoughts
Quite a skill to _know_ that kind of thing with no direct involvement. Mind
telling us the truth about what happened at Apple?

~~~
tylersmith
Far too often people mistake correct guesses with having actual knowledge. If
I had a dollar for every time I've heard somebody be "100% certain" of
something I'd probably have a lot of money by now, although I don't know for
sure.

~~~
ellius
"Some people are more certain of everything than I am of anything."

—Robert Rubin

~~~
tylersmith
I've never heard this before but it describes my feelings very well. Thanks
for sharing it.

------
anon7429
Big claims require equally big evidence and big sources, otherwise it's he
said/she said. I'm doubtful about the story but not against it entirely until
more evidence and sources can be presented. If not, it smells like clickbait
trying desperately to get traffic, and they just flushed their reputations
down the drain.

~~~
bilbo0s
> _I 'm doubtful about the story but not against it entirely until more
> evidence and sources can be presented..._

This is a reasonable position. I'm with you. I'm waiting for some independent
reporters and investigators to run some of this stuff down.

~~~
jethro_tell
Also, some technical detail about what a chip with three pins can do. Was it
working with another chip? Enabling intelME? There's just not a ton you can do
with chip of that size.

Is the story that the board had an extra undocumented chip, or that the chip
was used to exfiltrate data?

~~~
Scoundreller
A 3 pin chip could talk over i2c:

1 pin for GND, 1 pin for CLK and 1 pin for data.

Where is VCC coming from? Via pull-up resistors connected to the data line and
capacitance.

I’ve seen MCUs run without direct VCC connections under these circumstances.

Either that or the chip is connected to VCC and a PCB ground plane on the
other side of the chip.

Edit: boards are often sandwiched between VCC and GND layers. One could have a
functioning device with just a few obvious “pins”/“leads”.

~~~
jethro_tell
I'm not saying they can't do anything with a three pin chip, just that this
was pretty short on tech details. That's (probably) not the kind of chip you'd
be using to parse network traffic on a 10G link and upload secrets. Maybe a
key logger, but I don't imagine apple or amazon having a keyboard plugged into
very many of their servers.

If they had come out and said, this is what this chip does, this is how it
interacts with the rest of the board, or it phones home to x.y.z or something,
I'd be a lot more convinced. As it is, the technical evidence is a little
light as are the sources. So I think I'll hold on conclusions until we get
some more info about what they think the chip was doing.

~~~
snovv_crash
It is the kind of chip that could insert malicious bytes into an I2C or SPI
line though, for example the line that the BMC loads its ROM over at boot.

------
smokeyj
It's too specific to be fake. My money is on Amazon and Apple being under a
gag order. Why would they be under such order? Maybe it's CHYNA, or maybe it's
PRISM's big brother ;)

~~~
geofft
If it were a gag order why would they respond with _specific_ denials instead
of just saying "We take our customers' privacy seriously, your data is safe,
we cannot comment on rumors" or something?

~~~
smokeyj
This is like believing undercover agents have to admit they're cops if asked.
Who even spreads these rumors..

No, Apple would not admit being under gag order. The publicist wouldn't even
know, so they wouldn't be lying. Like the PR dude would even have the
clearance for that type of info..

~~~
cwyers
The thing about a gag order is it _gags_ you. You can't talk when you're under
a gag order. You're not compelled to lie by a gag order.

------
PascLeRasc
I personally don't believe Bloomberg's reporting based on Apple and Amazon's
strong denial and outright accusation of being misinformed, and that there's
no third-party datacenter worker/homelabber posting that they've found this.
But I'm glad this story has come up in the midst of the discussion on online
voting machines. This kind of hardware manipulation would be much more
powerful there and the hack Bloomberg describes is technically possible. The
whole story reeks of this XKCD:
[https://xkcd.com/2030/](https://xkcd.com/2030/)

------
NTDF9
Who else thinks this is another Vietnam, Gaddafi, Saddam Hussein moment?

~~~
mulmen
I don’t know what that means, can you elaborate?

~~~
jjcc
The common factors of three cases I can see:

1.The lies were used to create hostility of public towards another country.

2.A lie was not considered as a lie at the time when the lie was presented.

3.Public don't remember the history and can be fooled again by media or
government

Just my speculation. I'm not the author

------
_iyig
There’s an easy way for Bloomberg to prove, or least provide a great deal of
support for, their story. Show us an affected motherboard. If this problem was
so widespread and they have so many well-informed sources, surely that
shouldn’t be difficult.

~~~
whatever1
Since when is it easy to steal corporate equipment walk out from the premises
and surrender it to third parties to take photos so that a random hacker news
user feels satisfied ?

------
debt
Interesting, then why not sue? I imagine it’s because they’re lying and would
have to turn over documents related to the incident.

~~~
umanwizard
How do you know they won't?

The story broke yesterday, I think it takes a bit longer than that for a
competent legal team to even decide whether to sue.

------
yuanotes
As Chinese I think this is FAKE news. The people work in GOV in China know
very little about technology. The smartest guy here don't work for GOV since
those jobs are less paid.

------
paulcarroty
Well, totally denial is PROFITABLE for Apple. They just "defend" his brands:
our overpriced hardware is so special, you should paid to much!

Absolute the same situations with slow down of their smartphones - whey info
will be available for all, they just said "oh, we are so sorry!".

