18 votes

Amazon pulls ads from Bloomberg, and Apple did not invite Bloomberg to its Oct. 30 event—both allegedly over China hacking story

10 comments

  1. [9]
    cfabbro
    Link
    I still deperately want to know how much truth there is to that Bloomberg story, but who knows if/when it will ever be definitively proven/disproven. All the articles I have read from experts in...

    I still deperately want to know how much truth there is to that Bloomberg story, but who knows if/when it will ever be definitively proven/disproven. All the articles I have read from experts in the electronics and netsec field can basically be summarized with "it's definitely possible but we really can't say for certain one way or the other", which is totally fair but doesn't really shed any light on the situation.

    If it isn't true, I suppose this reaction by the companies involved is totally fair as well... but if it actually is true? :/

    5 votes
    1. [3]
      Kraetos
      Link Parent
      The allegation is that there’s a physical chip on the boards in question. If the allegation was true, it would be corroborated by a third party by now. Experts are hedging the bet because you...

      The allegation is that there’s a physical chip on the boards in question. If the allegation was true, it would be corroborated by a third party by now.

      Experts are hedging the bet because you can’t prove a negative, but there is zero smoke here. It’s bullshit. The more interesting question is “how did Bloomberg foul up so badly?”

      8 votes
      1. Akir
        Link Parent
        Simply put, journalists don't understand technology very well. Even "tech journalism" tends to be bad, with reports drinking up every crazy claim as if it's the word of God even when they are...

        The more interesting question is “how did Bloomberg foul up so badly?”

        Simply put, journalists don't understand technology very well. Even "tech journalism" tends to be bad, with reports drinking up every crazy claim as if it's the word of God even when they are physically impossible. Look at flexible displays for an example. They have been hyped for years even though there are very obvious reasons why they haven't been released in a consumer product.

        That being said, I think this is most likely an honest mistake and will probably still trust a Bloomberg News article as long as it's an area where they have some sort of expertise in.

        6 votes
      2. vakieh
        Link Parent
        You can prove a negative in any situation where you can do an exhaustive search. It's like saying 'there are no brown M&Ms in this bowl' - you can prove it if you can view every single M&M in the...

        You can prove a negative in any situation where you can do an exhaustive search. It's like saying 'there are no brown M&Ms in this bowl' - you can prove it if you can view every single M&M in the bowl.

        The number of chips on a board is not infinite, and thus it is possible to prove the negative here.

        5 votes
    2. [2]
      clone1
      Link Parent
      https://9to5mac.com/2018/10/09/bloomberg/ Apparently one of their sources claims that the article misrepresented what they said. Seems pretty likely that it was just meant to stir up drama and get...

      https://9to5mac.com/2018/10/09/bloomberg/

      Apparently one of their sources claims that the article misrepresented what they said. Seems pretty likely that it was just meant to stir up drama and get clicks.

      That doesn't mean that there couldn't be spy chips in hardware, but I don't think the article really helps that stance.

      5 votes
      1. munche
        Link Parent
        This is a fantastic link and provides some great context, thank you.

        This is a fantastic link and provides some great context, thank you.

        1 vote
    3. cptcobalt
      Link Parent
      I'm with you. I want to know—I feel like Bloomberg wouldn't have run this story without having substantive evidence, but so far signs point toward them having nothing. I think Apple and Amazon...

      I'm with you. I want to know—I feel like Bloomberg wouldn't have run this story without having substantive evidence, but so far signs point toward them having nothing. I think Apple and Amazon have done the right thing by issuing vehement denials. This is a rough situation because, while the idea of "you can't prove a negative" is a bit of a logical fallacy, I don't think this report should necessarily compel Apple and Amazon to release all of their internal documentation of these investigations to prove that this didn't happen—nor do I think that either of the company's investigations will be insufficient.

      From my perspective, it's Bloomberg's move. To any discerning reader, it's obvious that their initial report lacked substance. If they're doubling down and saying that they stand by their report, they now need to prove it—clearly and accurately. I think the story was a result of a birds nest of crossed wires and insufficient technical understanding on behalf of the reporters. I'm just making things up, but I think there was probably some sort of compromise, but not nearly on the same level or as dangerous as originally reported, and something probably fixable/made-irrelevant by the SOP of Apple/Amazon's DC processes.

      Sadly, I think Bloomberg is just comfortable with the silence—they've said what they wanted to say, and now the conversations have been had. People probably trust Amazon and Apple less now.

      4 votes
    4. [2]
      Deimos
      Link Parent
      Here's a long (split over 5 pages) article from last week that seems to do a pretty good job of investigating and analyzing the story: Investigating Implausible Bloomberg Supermicro Stories

      Here's a long (split over 5 pages) article from last week that seems to do a pretty good job of investigating and analyzing the story: Investigating Implausible Bloomberg Supermicro Stories

      3 votes
      1. cfabbro
        Link Parent
        Thanks, that was a really good read. Even after reading it I am still a bit unsure whether a hack happened or not but it's definitely clear it couldn't have happened as Bloomberg described it...

        Thanks, that was a really good read. Even after reading it I am still a bit unsure whether a hack happened or not but it's definitely clear it couldn't have happened as Bloomberg described it occurring.

        1 vote
  2. Parameter
    (edited )
    Link
    Quotes from the original article: https://www.bloomberg.com/news/features/2018-10-04/the-big-hack-how-china-used-a-tiny-chip-to-infiltrate-america-s-top-companies "But that’s just what U.S....

    Quotes from the original article:
    https://www.bloomberg.com/news/features/2018-10-04/the-big-hack-how-china-used-a-tiny-chip-to-infiltrate-america-s-top-companies


    "But that’s just what U.S. investigators found: The chips had been inserted during the manufacturing process, two officials say, by operatives from a unit of the People’s Liberation Army. In Supermicro, China’s spies appear to have found a perfect conduit for what U.S. officials now describe as the most significant supply chain attack known to have been carried out against American companies.

    One official says investigators found that it eventually affected almost 30 companies, including a major bank, government contractors, and the world’s most valuable company, Apple Inc."


    "In addition to the three Apple insiders, four of the six U.S. officials confirmed that Apple was a victim. In all, 17 people confirmed the manipulation of Supermicro’s hardware and other elements of the attacks. The sources were granted anonymity because of the sensitive, and in some cases classified, nature of the information."


    Wasn't Bloomberg well regarded for their standards of journalism prior to this point? I find it hard to believe that they would post this controversial story without the requisite sources.

    They're claiming that some of the sources are government and some were Apple insiders. I would expect these sources to need to remain anonymous.

    I would also expect Apple to push back through legal means if the claim is really as unfounded as they claim. They haven't done this yet. Bloomberg and the articles authors are still willing to stand by the story.

    Stories with anonymous sources published by trustworthy institutions are usually believed, right? I don't see the difference here.

    3 votes