[ad_1]
On Thursday, Bloomberg released an investigation that revealed that Chinese spies were able to plant tiny microchips on motherboards in data servers provided by SuperMicro to a large number of US technology companies, including Apple.
According to Bloomberg, the goal of Chinese spies was to use these chips to access sensitive business data and other secrets through advanced computer hacking.
In the Bloomberg report, Apple denies just about all the facts, which indicate having discovered suspicious chips on its servers in 2015.
In a statement released Thursday afternoon, Apple claims that the company has never found "malicious chips" or vulnerabilities in "a server" and totally denies any contact with the "FBI or any other agency about Such an incident "- directly refuting several key claims in the report.
"Despite numerous discussions within several teams and organizations, no one at Apple has ever heard of this survey," Apple's latest release said on Thursday that it would have been contacted for the first time. times by Bloomberg reporters about the alleged FBI investigation in November 2017.
It's a nice, unequivocal denial. However, there was speculation after the initial report and denial were released on Thursday that Apple may be under a gag order – a possible way to reconcile the Bloomberg report with the denial of 39; Apple.
Some federal investigations involving espionage and national security may give such orders, which prevents the recipient from even discussing the existence of this order. The most common version is called a "national security letter".
But Apple also denies this, in an updated statement released later Thursday, that he is under a gag order:
"Finally, in response to questions we have received from other news agencies since Businessweek published its article, we are not subject to any sort of gag order or obligation of confidentiality. "
It is a difficult situation to reconcile. Bloomberg is a reputable media with a history of breaking big stories and revealed plots of this size and scope in the past. In a statement to Business Insider on Thursday, Bloomberg said it was sticking to its reports, which cited 18 unidentified sources.
But Apple – and other companies involved, including Amazon – have all made firm statements completely contradicting the facts reported by Bloomberg. For its part, Amazon said that it was "difficult to count the inaccuracies in Bloomberg's history.
Since these companies are publicly traded and this type of information is clearly determinative of the price of their shares, any misrepresentation in such statements could cause them trouble with the federal authorities.
Note: in 2017, Apple acknowledged having downloaded an infected firmware related to the servers manufactured by SuperMicro.
It is therefore difficult to analyze and understand this situation clearly for the moment. This may not be surprising, given that this story is about some of the darkest realms in the world, affecting both US and Chinese spies, high-tech manufacturing and piracy.
Read the Bloomberg report here >>
The full statement from Apple is reproduced below:
The October 8, 2018 issue of Bloomberg Businessweek incorrectly reports that Apple detected "malicious chips" on its network's servers in 2015. As Apple has repeatedly explained to reporters and editors of Bloomberg in the past 12 months, these claims are unfounded.
Before releasing its story, Apple told Bloomberg Businessweek the following statement:
Over the past year, Bloomberg has contacted us several times to point to claims, sometimes vague and sometimes complex, about an alleged security incident at Apple. Each time, we conducted rigorous internal investigations based on their investigations and each time, we found absolutely no evidence supporting them. We have regularly and regularly offered factual answers, refuting virtually every aspect of Apple's Bloomberg story.
We can be very clear about this: Apple has never found malicious chips, "hardware manipulations" or vulnerabilities created intentionally on a server. Apple has never had any contact with the FBI or any other agency about such an incident. We are not aware of any FBI investigations, nor are our contacts in the field of law enforcement.
In response to the latest version of Bloomberg's story, we present the following facts: Siri and Topsy have never shared servers; Siri has never been deployed on servers sold by Super Micro; and Topsy data was limited to about 2,000 Super Micro servers, not 7,000. None of these servers ever managed to contain malicious chips.
Typically, before the servers go into production at Apple, they are inspected for security vulnerabilities and we update all firmware and software with the latest protection. We did not discover any unusual vulnerabilities in the servers we purchased from Super Micro when we updated the firmware and software in accordance with our standard procedures.
We are deeply disappointed that, in their dealings with us, Bloomberg reporters have not been open to the possibility that their sources or sources are false or misinformed. Our best guess is that they confuse their story with a previously reported incident in 2016, in which we discovered an infected driver on a single Super Micro server in one of our labs. This one-off event was deemed accidental and not a targeted attack on Apple.
Although no one has claimed that customer data was involved, we take these allegations seriously and want users to know that we are doing everything we can to protect the personal information they have entrusted to us. We also want them to know that what Bloomberg reports about Apple is inaccurate.
Apple has always been transparent about how we treat and protect data. Should an event such as Bloomberg News ever occur, we would be open about it and we would work closely with the forces of order. Apple engineers perform regular and rigorous security checks to ensure the security of our systems. We know that security is an endless race and that is why we are constantly strengthening our systems against increasingly sophisticated hackers and cybercriminals who want to steal our data.
The story published by Businessweek also states that Apple "reported the incident to the FBI but kept details of what it detected, even internally." In November 2017, after the presentation of this allegation for the first time, we provided the following information to Bloomberg as part of a long and detailed recorded response. He first addresses the unsubstantiated claims of their journalists about a supposed internal investigation:
Despite numerous discussions within several teams and organizations, no one at Apple has ever heard of this survey. Businessweek refused to provide us with information to trace the alleged procedure or conclusions. Nor did they demonstrate that they understood the standard procedures that would have been circumvented.
No one from Apple has ever contacted the FBI about something like that, and the FBI has never told us about an investigation like this – let alone tried to restrict it.
In an appearance this morning at Bloomberg Television, reporter Jordan Robertson said in another statement about the alleged discovery of malicious chips: "In the case of Apple, we understood that it was a random check of some problematic servers that had led to this detection. "
As we have already informed Bloomberg, this is completely false. Apple has never found malicious chips on our servers.
Finally, in response to questions we have received from other media outlets since Businessweek published its article, we are not subject to any kind of gag order or other confidentiality obligations.
Source link
