Apple Further Refutes Bloomberg Report Suggesting Chinese Spies Tampered With iCloud Servers

MacRumors

macrumors bot
Original poster
Apr 12, 2001
48,646
10,074



Apple has gone to unusual lengths to thoroughly and definitively refute a Bloomberg Businessweek article that today suggested Chinese spies had planted microchips in the Chinese-made Supermicro server motherboards that Apple uses in its facilities.

Following the publishing of the article, Apple released a strongly worded statement calling Businessweek's report inaccurate with no evidence to support the claims, and this afternoon, Apple went further and published an entire rebuttal on its website.


Apple's press release includes the same statement that was initially provided to Bloomberg Businessweek, along with additional information that the company says it shared with Bloomberg Businessweek ahead of when the server article was released.

While Bloomberg Businessweek's report claims that Apple reported the alleged microchip incident to the FBI in 2015, Apple told the news site in no uncertain terms that no one from Apple ever reached out to the FBI, nor had Apple ever heard from the FBI about an investigation.

Apple also told Bloomberg Businessweek that despite "numerous discussions" across teams and organizations, no one at Apple had heard anything about the supposed microchip investigation.

Apple's updated statement clarifies that Apple is not under any kind of gag order or held to a confidentiality obligation, and it says clearly that the report is "completely untrue" and that no malicious chips have been found in Apple servers. The full additional statement is below:
The published Businessweek story also claims that Apple "reported the incident to the FBI but kept details about what it had detected tightly held, even internally." In November 2017, after we had first been presented with this allegation, we provided the following information to Bloomberg as part of a lengthy and detailed, on-the-record response. It first addresses their reporters' unsubstantiated claims about a supposed internal investigation:

Despite numerous discussions across multiple teams and organizations, no one at Apple has ever heard of this investigation. Businessweek has refused to provide us with any information to track down the supposed proceedings or findings. Nor have they demonstrated any understanding of the standard procedures which were supposedly circumvented.

No one from Apple ever reached out to the FBI about anything like this, and we have never heard from the FBI about an investigation of this kind -- much less tried to restrict it.

In an appearance this morning on Bloomberg Television, reporter Jordan Robertson made further claims about the supposed discovery of malicious chips, saying, "In Apple's case, our understanding is it was a random spot check of some problematic servers that led to this detection."

As we have previously informed Bloomberg, this is completely untrue. Apple has never found malicious chips in our servers.
Finally, in response to questions we have received from other news organizations since Businessweek published its story, we are not under any kind of gag order or other confidentiality obligations.
Apple's initial statement, available below, was shared this morning after Bloomberg Businessweek published its article claiming Apple discovered illicit microchips in its Supermicro server motherboards that were able to inject code or provide instruction to the CPU with the ultimate goal of providing the Chinese government with access to "high-value corporate secrets and sensitive government networks."

Bloomberg Businessweek claimed to have spoken to officials with knowledge of the investigation, which Apple says did not happen at all.
Over the course of the past year, Bloomberg has contacted us multiple times with claims, sometimes vague and sometimes elaborate, of an alleged security incident at Apple. Each time, we have conducted rigorous internal investigations based on their inquiries and each time we have found absolutely no evidence to support any of them. We have repeatedly and consistently offered factual responses, on the record, refuting virtually every aspect of Bloomberg's story relating to Apple.

On this we can be very clear: Apple has never found malicious chips, "hardware manipulations" or vulnerabilities purposely planted in any server. Apple never had any contact with the FBI or any other agency about such an incident. We are not aware of any investigation by the FBI, nor are our contacts in law enforcement.

In response to Bloomberg's latest version of the narrative, we present the following facts: Siri and Topsy never shared servers; Siri has never been deployed on servers sold to us by Super Micro; and Topsy data was limited to approximately 2,000 Super Micro servers, not 7,000. None of those servers have ever been found to hold malicious chips.

As a matter of practice, before servers are put into production at Apple they are inspected for security vulnerabilities and we update all firmware and software with the latest protections. We did not uncover any unusual vulnerabilities in the servers we purchased from Super Micro when we updated the firmware and software according to our standard procedures.

We are deeply disappointed that in their dealings with us, Bloomberg's reporters have not been open to the possibility that they or their sources might be wrong or misinformed. Our best guess is that they are confusing their story with a previously-reported 2016 incident in which we discovered an infected driver on a single Super Micro server in one of our labs. That one-time event was determined to be accidental and not a targeted attack against Apple.

While there has been no claim that customer data was involved, we take these allegations seriously and we want users to know that we do everything possible to safeguard the personal information they entrust to us. We also want them to know that what Bloomberg is reporting about Apple is inaccurate.

Apple has always believed in being transparent about the ways we handle and protect data. If there were ever such an event as Bloomberg News has claimed, we would be forthcoming about it and we would work closely with law enforcement. Apple engineers conduct regular and rigorous security screenings to ensure that our systems are safe. We know that security is an endless race and that's why we constantly fortify our systems against increasingly sophisticated hackers and cybercriminals who want to steal our data.
Along with Apple, Bloomberg Businessweek claimed that other companies, such as Amazon, were also affected. Amazon has also issued a similarly worded denial. According to Amazon, the report is untrue and Amazon has never found any issues "relating to modified hardware or malicious chips in Supermicro motherboards" nor has Amazon participated in an investigation with the government.

Supermicro has also denied all reports and says it is not aware of any investigation regarding the topic.

Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.

Article Link: Apple Further Refutes Bloomberg Report Suggesting Chinese Spies Tampered With iCloud Servers
 
  • Like
Reactions: oneway

kildraik

macrumors 6502a
May 7, 2006
836
978
I don’t blame them for standing by their word. Bloomberg is huge, as is its audience, and this could result in major public opinion setbacks. Shame on Bloomberg.

They need shocking stories to keep afloat. If the editor did a poor job in their investigative journaling, regardless of authenticity and (lack of) proof, it goes to show you how powerful media snakes can be. The line between conspiracy theory and actual events are becoming blurred.
 

NT1440

macrumors G5
May 18, 2008
12,287
15,111
I don’t blame them for standing by their word. Bloomberg is huge, as is its audience, and this could result in major public opinion setbacks. Shame on Bloomberg.
I find even the graphic to be projecting to people that aren’t tech savvy. It implies that the object in the picture is one of these chips, which is ****ing ludicrous.

Smells like the “manufacturing consent” stage of warfare to me.
 

WBRacing

macrumors 65816
Nov 19, 2012
1,195
2,616
UK
It's an interesting reminder though, how much can be (potentially) discovered by something (potentially) so little. People like to complain about privacy from Google, imagine though how quickly and deeply your life could be affected by someone maliciously accessing your data cloud.

Bloomberg though are epic ****stirrers, they say stuff to prompt reaction. Their hysterical, near panic inducing articles they churned out every day for 6months after Brexit proved that. I blocked their feed as none of it was news, just FUD.
 

profets

macrumors 601
Mar 18, 2009
4,553
4,451
Apple really going strong with refuting this today.

Finally, in response to questions we have received from other news organizations since Businessweek published its story, we are not under any kind of gag order or other confidentiality obligations.
 

SmileyBlast!

macrumors 6502a
Mar 1, 2011
654
43
As a possible solution: Do you think it's possible for Apple to audit all their servers and remove this chip? Do you think it made it into any iMacs? Is there going to be a mass recall with Line ups at the apple stores with people getting their motherboards serviced? Will the servers work without the chip? So many questions...
 

cmaier

macrumors P6
Jul 25, 2007
18,027
15,830
California
As a possible solution: Do you think it's possible for Apple to audit all their servers and remove this chip? Do you think it made it into any iMacs? Is there going to be a mass recall with Line ups at the apple stores with people getting their motherboards serviced? Will the servers work without the chip? So many questions...
There IS NO CHIP.
 

JPack

macrumors 603
Mar 27, 2017
5,648
8,543
As a possible solution: Do you think it's possible for Apple to audit all their servers and remove this chip? Do you think it made it into any iMacs? Is there going to be a mass recall with Line ups at the apple stores with people getting their motherboards serviced? Will the servers work without the chip? So many questions...
At this point, it's more likely the NSA added the chip and then pointed fingers at China when discovered.

Snowden, PRISM, and all that.

After all, Apple has openly refused to help the FBI. What better way to teach Apple a lesson than to seed a fake story?
 

0958400

Suspended
Jul 20, 2011
401
716
"narrative" - can we finally start talking about facts and not fabrications again? I am so sick and tired of people telling each other that they create fiction and Apple joining in on this "narrative" discussion, enables more of the "fake news" people. Just say it isn't so, period! "Narrative, my a..."
 

coolfactor

macrumors 601
Jul 29, 2002
4,633
4,661
Vancouver, BC
I remember back when I had my Mac SE, I purchased a chip that was supposed to boost the performance. It was a simple add-on... just open up the box and add the chip to the motherboard in a specific way. Yes, I did this, but did not notice any changes afterwards. The computer continued to work as it always did. Now that I think about it, I was WAY over-trusting, as that could have caused a complete meltdown of the computer!

Even IF there was a chip (there isn't!), what could it do? How would it open up a doorway to the outside world?
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.