ASRock Z590 Extreme review
Gigabyte Radeon RX 6700 XT Gaming OC review
Corsair K70 RGB TKL keyboard review
Corsair RM650x (2021) power supply review
be quiet! Silent Loop 2 280mm review
Corsair K55 RGB PRO XT keyboard review
Guru3D Rig of the Month - March 2021
Intel Core i9-11900K processor review
Intel Core i5-11600K processor review
ASUS ROG Maximus XIII HERO review
Supermicro to further investigate Chinese espionage chips on their hardware
After the devastating article from Bloomberg, Supermicro will check its products for the presence of malicious chips. The investigation follows the publication of a controversial article stating that the Supermicro production chain would have been infiltrated by China.
"Despite the lack of evidence for the existence of a malicious chip, we carry out an extensive and time-consuming assessment," Supermicro has told its customers. The company also denies the accusation. Bloomberg published an article on October 4 in which it wrote that China would have placed microchips on Supermicro's motherboards. These products would then have ended up at thirty US companies, including Apple and Amazon.
Both companies deny the allegations.
Apple CEO Tim Cook even called on Bloomberg to withdraw the article, something the company has never done publicly before. American and British authorities also said they knew nothing about the alleged infiltration. Bloomberg has used seventeen anonymous sources for his story according to his own statements, and they remain behind his publication. Until even this moment it has not come up with additional evidence. If Bloomberg is wrong, they might have sunk SMC into a pending bankruptcy, if they are right then perhaps that is rightfully so. The CEOs of Amazon and chipmaker Supermicro, following Apple CEO Tim Cook, call for the withdrawal of the Bloomberg article about alleged espionage chips in Supermicro hardware.
Apple CEO Tim Cook called Friday in an interview with BuzzFeed News to withdraw the story, for the first time the company does something like that.
'No proof, no interest in answers'
Cook receives support from Supermicro CEO Charles Liang, who also calls for the retraction of the story. " Bloomberg has not shown any affected motherboard, we have no malicious components in our products, we have not been contacted by the government and no customer has reported malicious hardware to us," Liang said. Amazon Web Services CEO Andy Jassy also calls for the retraction of the story. "Tim Cook is right, they do not provide proof, the story keeps changing, they were not interested in our answers unless they confirmed their theories," Jassy writes on Twitter . "Bloomberg should pull it back."
Supermicro along with Apple and Amazon refute claims in Bloomberg story - 10/05/2018 08:59 AM
Super Micro Computer, Inc. (SMCI), a global leader in enterprise computing, storage, networking solutions and green computing technology, strongly refutes reports that servers it sold to customers con...
SuperMicro to release two Supero X299 motherboards (updated) - 06/02/2017 05:03 PM
Supermicro presented its C7X299-PG at the IT trade show Computex in Taiwan. Much like all Intel board partners Supermicro is cooking up something nice as well. And I do say nice with a reason, as prev...
Review: SuperMicro C7Z270-CG Motherboard - 01/19/2017 10:51 AM
It is the era of the Z270 schipset, and in this article we cover the SuperMicro C7Z270-CG review. It is advertised as a server grade motherboard, but will it deliver in performance, features and aesth...
Review: SuperMicro C7Z170-SQ motherboard - 11/03/2015 10:08 AM
In this review we look at a SuperMicro C7Z170-SQ motherboard from their new Gaming series. SMC is predominantly active in the server market, however they have a new gaming line of consumer grade mainb...
SPARKLE CalibreCUTi Supermicro Computer - 01/19/2010 01:28 PM
Sparkle announced the Calibre CUTi, a revolutionary small form factor PC providing high definition 1080p playback and digital surround sound for a variety of multimedia formats displayed right on a us...
Denial
Senior Member
Posts: 13280
Joined: 2004-05-16
Senior Member
Posts: 13280
Joined: 2004-05-16
#5599321 Posted on: 10/23/2018 04:00 PM
The problem with this is that the vector of attack means that there would be evidence of the hack everywhere. That's why I found the entire thing so strange when it was first reported - the companies were outright denying it and not giving the usual "no comment".. but on the flipside Bloomberg claims it has ~15 sources including both in the industry/government whose details about the attack align. If this was a random blog or something I'd write it off - but despite what "everythingisfakenewsloololo" people think, Bloomberg is fairly reputable and I don't really see a motive for the fake story. I keep saying people say "its a political hit piece" or "malicious intent against supermicro" but neither really make any sense to me - the scope of the piece allows multiple companies to weigh in on it being fake - not just supermicro, the various details of the attack do the same, and the weight of the claims levied opens Bloomberg up for liability.
Whole story is strange to me.
On the other hand, there's no way any of those companies would confess to having possessed compromised hardware even if they did, unless they got caught pants down by officials. It would be a nightmare to try to figure out what sort of information might have leaked and how many people would be affected. Far easier to deny everything since nobody can prove anything. I don't trust Bloomberg, which seems to have gone suspiciously silent to boot, but the world would need to be ending before I trusted the likes of Apple.
The problem with this is that the vector of attack means that there would be evidence of the hack everywhere. That's why I found the entire thing so strange when it was first reported - the companies were outright denying it and not giving the usual "no comment".. but on the flipside Bloomberg claims it has ~15 sources including both in the industry/government whose details about the attack align. If this was a random blog or something I'd write it off - but despite what "everythingisfakenewsloololo" people think, Bloomberg is fairly reputable and I don't really see a motive for the fake story. I keep saying people say "its a political hit piece" or "malicious intent against supermicro" but neither really make any sense to me - the scope of the piece allows multiple companies to weigh in on it being fake - not just supermicro, the various details of the attack do the same, and the weight of the claims levied opens Bloomberg up for liability.
Whole story is strange to me.
tunejunky
Senior Member
Posts: 1223
Joined: 2017-08-18
Senior Member
Posts: 1223
Joined: 2017-08-18
#5599322 Posted on: 10/23/2018 04:05 PM
1) when a news organization has 17 sources and corroboration from two gov'ts (U.K. & U.S.)
and does not "show the evidence", it is not from a lack of evidence, it's from national security.
2) the Pentagon (esp DARPA), has been aware of the problem of offshore manufacturing and the guaranteed penetration by state actors ever since businesses started going to China.
3) other than the technical aspects of this story, anybody who doesn't believe China has spies in every manufacturing plant is both foolish and naive and they've never been to China.
4) Supermicro is doing precisely the right thing - put on a brave face, deny everything but investigate thoroughly.
1) when a news organization has 17 sources and corroboration from two gov'ts (U.K. & U.S.)
and does not "show the evidence", it is not from a lack of evidence, it's from national security.
2) the Pentagon (esp DARPA), has been aware of the problem of offshore manufacturing and the guaranteed penetration by state actors ever since businesses started going to China.
3) other than the technical aspects of this story, anybody who doesn't believe China has spies in every manufacturing plant is both foolish and naive and they've never been to China.
4) Supermicro is doing precisely the right thing - put on a brave face, deny everything but investigate thoroughly.
WareTernal
Senior Member
Posts: 248
Joined: 2013-09-27
Senior Member
Posts: 248
Joined: 2013-09-27
#5599354 Posted on: 10/23/2018 05:27 PM
1) when a news organization has 17 sources and corroboration from two gov'ts (U.K. & U.S.)
and does not "show the evidence"
'Bloomberg has used seventeen anonymous sources'
'American and British authorities also said they knew nothing about the alleged infiltration.'
I've never said this isn't possible, or even unlikely, but I'm not at all interested in stories with no evidence. If you can't back it up, then you shouldn't print it(or keep repeating it)
1) when a news organization has 17 sources and corroboration from two gov'ts (U.K. & U.S.)
and does not "show the evidence"
'Bloomberg has used seventeen anonymous sources'
'American and British authorities also said they knew nothing about the alleged infiltration.'
I've never said this isn't possible, or even unlikely, but I'm not at all interested in stories with no evidence. If you can't back it up, then you shouldn't print it(or keep repeating it)
tunejunky
Senior Member
Posts: 1223
Joined: 2017-08-18
Senior Member
Posts: 1223
Joined: 2017-08-18
#5599364 Posted on: 10/23/2018 05:55 PM
in every newspaper or news program of any repute three independent sources are required.
whistle-blowing in particular, often means anonymity because of the power differential between a person and a group/company/corporation/nation.
when you add in the known behavior of Chinese industrial and military espionage, costing billions of dollars in Intellectual Property to leapfrog from second world status to first, why is anyone surprised at anything?
i've only said i wasn't surprised by the Bloomberg story as it is entirely credible if you've ever been to China. i've been to China and Hong Kong many times, as in more than 10. and the strong-arm tactics of the gov't re: business and IP is well known and a company is forced to transfer some technology in order to be there in the first place. whether you're General Motors, Supermicro, Apple, et al... or not.
this alleged event wasn't for that technology transfer - they have that, it was to target the end user. totalitarian states are totalitarian, so "free discourse/data/information" is antithetical to the state. the Chinese are already the most surveilled people on the face of the earth (as are the visitors there...if you look you can find the minders). why the surprise they want to gather every bit of information that they can?
in every newspaper or news program of any repute three independent sources are required.
whistle-blowing in particular, often means anonymity because of the power differential between a person and a group/company/corporation/nation.
when you add in the known behavior of Chinese industrial and military espionage, costing billions of dollars in Intellectual Property to leapfrog from second world status to first, why is anyone surprised at anything?
i've only said i wasn't surprised by the Bloomberg story as it is entirely credible if you've ever been to China. i've been to China and Hong Kong many times, as in more than 10. and the strong-arm tactics of the gov't re: business and IP is well known and a company is forced to transfer some technology in order to be there in the first place. whether you're General Motors, Supermicro, Apple, et al... or not.
this alleged event wasn't for that technology transfer - they have that, it was to target the end user. totalitarian states are totalitarian, so "free discourse/data/information" is antithetical to the state. the Chinese are already the most surveilled people on the face of the earth (as are the visitors there...if you look you can find the minders). why the surprise they want to gather every bit of information that they can?
Click here to post a comment for this news story on the message forum.
Senior Member
Posts: 12156
Joined: 2014-07-21
This turn of the story tackles the journalistic issue here, claims that (yet) have not been proved true, or false for that matter. If it'd be political, the whole thing might as well have been called fake news at some point.
That said, I'm not sure if Supermicro is the only company that should do their checks. If they're infiltrated, they'd just say everything's as normal... I'd trust the answers of the biggest users, Amazon, Apple, etc. more than just the company's words who's meant to be compromised in the first place.