Apple Tells Congress 'Nothing Was Ever Found' to Suggest Alleged Supply Chain-Based Hack

[IG88]

You do realize you’re making accuracy comparisons for 24 hour TV news stations and lowest common denominator news websites?

I’m not sure this would be the distinction that you think it is.

Apple is a publicly traded company, lying to shareholders about this (lawyer or not) would invoke immediately legal penalties (For reference: Elon Musk), not to mention the mother of all class action lawsuits.

I think the two biggest culprits here are Bloomberg stretching for an iPhone season gotcha story that gets above the election noise, and Finding Bigfoot style programming that’s made people desensitized to injesting stupid fantasies.

You aren't lying if you were never informed. That's part of the point of the "need to know" here.

I'll start holding more credence to the denials if Katherine Adams makes a statement.

If there is / was a national security interest, the feds have zero ****s to give if Apple accidentally lies by denying. As long as they don't confirm, they're good.

It's as if people have forgotten about the Patriot Act, and how it's entire basis for circumventing the Constitution is "national security."
[doublepost=1539007564][/doublepost]

There is a big flaw in Bloomberg’s report.

1.
When a motherboard is made, there is no guarantee where a motherboard will be used. For all anyone knows, the motherboards in question are powering porn sites or are used by Netflix.

That's like arguing that Stuxnet wasn't real because there was no guarantee that it would ever make it to its intended target.

 

[cmaier]

Why would 17 people come forward to Bloomberg and tell lies?

We don’t know that all of them did. One may have lied and said there are chips in apple servers. Another may have said “i heard there was some sort of issue” (which was true - there was a bad driver at one point). Another may have said “it’s possible.” Three of them may have just confirmed that the other 14 were in a position to know, but offered no corroborating evidence for the underlying claim. Another may have said... Or maybe they all lied as part of a plan to gin up a reason to go to war with China. Or maybe they all lied to affect the prices of the companies’ stocks because they shorted them for financial gain.

We not only do not know who these people are, but we also don’t have the things they actually said or the questions they were asked.

On the other side of the coin we have explicit statements by multiple on the record entities, none of which leave much wiggle room.

 

[IG88]

Why would 17 people come forward to Bloomberg and tell lies?

I'm trying to figure this out too. Not only that, but why would 17 people risk getting their jewels chopped off for sourcing a story that would be likely classified beyond Top Secret?

I'm also wondering if 17 people would be able to get together on a plan to short some blue chip stock.

 

[limo79]

https://qz.com/1416651/the-strange-story-of-how-china-detained-interpol-head-meng-hongwei/
https://edition.cnn.com/2018/10/07/europe/missing-interpol-president-china-meng-hongwei/index.html

 

[DVD9]

This would be a good subject for a congressional investigation but since there's no Russian connection.......

 

[KGB7]

That's like arguing that Stuxnet wasn't real because there was no guarantee that it would ever make it to its intended target.

Virus can be precisely delivered remotely.

 

[DanBig]

One of the PURPOSES of the management port is for updating system firmware. Nobody takes a cart down the row updating firmware on thousands of servers. It's done remotely. The management port has "out of band" communication. e.g. it has it's own, separate, physical Ethernet port.

Re-read what I said, The management port is on its own Ethernet network on a isolated net from the front facing Ethernet. The logic of the management is likewise isolated from the system directly.

Any traffic would be only between the management station and the server nodes. Any server to server traffic over the management port would be seen and alarms would be fired off, even on the outbound side this would be highly suspect traffic and someone would investigate.

Don't forget you're talking about a compromised management processor not this Rice Grain spy chip!

No matter how you spin it this is so far afield from reality with todays tech. Maybe in 10 to 15 years we'll need to worry about intrusion like this as the tech will likely be at the needed level then at the rate we are going.

Apple and the other companies are just not the dumb!!
[doublepost=1539011217][/doublepost]

To repeat the speculation I made in the other post about this, based on the size of the chip described, the physical depiction (which I assume is not the ACTUAL chip), and the description of it as disguised as a "signal conditioning" component, it could be disguised as a small choke (inline coil, simple as that) which are commonly found on lines entering/existing circuit boards. It could also be disguised (as I speculated in the other post, actually) as a distributed filter capacitor. With a circuit board mod with clever routing of traces, inductive coupling from a signal line from the management chip might be possible. So, you have a two-terminal device that acts like a three-terminal device, and is perhaps capable of either "listening" or "injecting" signals from/onto the serial management bus.

Arguments agains expecting that this needs to be a large chip or have a large number of pins are off base, IMO. It's not a chip expected to do a lot of crunching or tapping large data flows.

The spy chip needs enough lines to talk with the bus at the binary level to even inject code. This how a EEROM is programed a clip is placed across the chip touching the data pins. 6 points of connection would not do it and don't forget you need two pins for power.

 

[gnasher729]

This is not possible in the US.

It _is_ possible to tell companies to say nothing. It is _not_ possible legally to tell companies to lie.

So Apple is _not_ telling lies because the government told them so.
[doublepost=1539011596][/doublepost]

But I do understand the difference. It's minimal. In all three cases there is the postulate that this could be happening, and zero evidence that it is. Your repeating the same lame claim that it could have happened doesn't change this fact.

There is no doubt that the Chinese government could put some chips into some server hardware. There is _huge_ doubt that this could happen without companies like Apple or Amazon detecting it very quickly. And by now, it is 100% safe to say that Apple and Amazon would have found these chips. There is also huge doubt that Apple and Amazon would be lying about it.
[doublepost=1539011694][/doublepost]

If one country threatens the national security of another then government agencies step in and tell the exploited company (Apple) to SHUT UP! IT NEVER HAPPENED

You are saying two contradictory things. They can indeed tell Apple to SHUT UP. If they do that then Apple will stay quiet. They will say nothing. They won't say "nothing happened". The government can NOT tell Apple to say IT NEVER HAPPENED.

 

[WatchFromAfar]

You are saying two contradictory things. They can indeed tell Apple to SHUT UP. If they do that then Apple will stay quiet. They will say nothing. They won't say "nothing happened". The government can NOT tell Apple to say IT NEVER HAPPENED.

Lets not forget Amazon admits it happened; Apple who knows....

 

[gnasher729]

The problem is a technical English issue "Nothing was ever found" well it might be there but perhaps you didn't look hard enough?

Bloomberg says "17 sources". That's 17 people who should have reported to their manager, who should have reported to their manage, ..., who should have reported to Tim Cook. So "you didn't look hard enough" is a total contradiction to what Bloomberg says.
[doublepost=1539011980][/doublepost]

Do not underestimate China. They have the best hackers in the world.

Do they now?

 

[DanBig]

This shows you the power of suggestion, which the media like Bloomberg are expertly doing. You don’t need anything. Simply create the possibility of something scary, add on infographics and technical jumbo jumbo, and people’s imagination will do the rest (happily aided by Hollywood and TV). Mission accomplished.

Zombies and the Aliens & Predator conflict here on earth is real isn't it?? ;-}

People lets get back to the real world here.

Just because its possible to break-in to a server system does not mean it was! I can come up with more plausible stories than this one, like the group who still think the world is flat ;-}

 

[jtara]

How do you plant a 6pin chip of the size of something 0402 with THAT functionality on a seven or more layer motherboard crammed with other components without altering the pcb tracks of the original Layout without anyone noticing the differences?

Did Bloomberg indicate it is a 6-pin chip? When did this become a 6-pin chip? Somebody up above mentioned I think that some of the management chips are 6-pin, and it seems to have stuck.

IMO, this could be done with a 2-pin chip - power and ground, with inductive coupling through some creative circuit board design to e.g. an i2C or other serial bus. Hell, it could be done with a zero-pin chip, even a "security feature" "hologram" LOL. Just need to "steal" enough power from any line(s) that have a signal on them, just enough to run the chip, and not enough to adversely affect signal margins.

But it might not be even that exotic. The article mentioned it looks like a "signal conditioning" component. Indeed, every signal line entering/exiting a circuit board will have an inline RF filter needed to meet FCC interference requirements. No board would ever pass FCC without these. So, just substitute "the chip" for e.g. the Ethernet TX/RX lines on the management port. So long as the original functionality is also replicated (it still passes FCC) it would be very hard to detect.

Now you have the chip literally inline, passing every bit of management commands through, with the ability to act as traffic cop and also introduce one's own traffic.

Re-read what I said, The management port is on its own Ethernet network on a isolated net from the front facing Ethernet. The logic of the management is likewise isolated from the system directly.

As I have also stated.

Any traffic would be only between the management station and the server nodes. Any server to server traffic over the management port would be seen and alarms would be fired off, even on the outbound side this would be highly suspect traffic and someone would investigate.

Stipulated.

But there need not be any communication from/to the outside world through the "spy chip". According to Bloomberg, the purpose of the chip is to alter the system firmware. Not to exfiltrate data. Any exfiltration (if that is even the purpose) would be done by the main system, where it would be easier to hide, and potentially have access to the Internet. (Of course, not all servers in data centers have access to the Internet.)

It doesn't need command and control. It could be done on a timer of some sort. (Calendar time, elapsed time, running time, take your pick). It could be triggered by something else, for example a particular kind of server crash or any other kind of action (less than a crash) that one might coerce the server to do that might be detected by the chip as a "signal". Maybe one has the ability to crash a server, but not the ability to modify the firmware.

So, now, so long as you can get some OOOBS (out of out of band signal ) to the chip, the chip can do it's job. And the OOOBS might be as simple as the passage of time.

Although not suggested in the article, the simplest action that such chip might be performed is to simply shut down the system at a predetermined time. Like, I dunno, 5 minutes before the missiles launch...

Don't forget you're talking about a compromised management processor not this Rice Grain spy chip!

No, I'm not. I've not speculated here at all about a compromised management processor. Just a grain-of-rice sized "spy" chip with modest processing power that is able to somehow listen-talk on the management bus. I put "spy" in quotes, because it's clear in the Bloomberg article that the chip is not intended to be directly involved in exfiltration, if that's the ultimate purpose at all.

No matter how you spin it this is so far afield from reality with todays tech. Maybe in 10 to 15 years we'll need to worry about intrusion like this as the tech will likely be at the needed level then at the rate we are going.

There's nothing very exotic here. I think I could put together the team to make this. I think the inductive coupling that I speculate about is way easier than anybody thinks. Inductive coupling is the bane of circuit board designers existence. It's so hard to get rid of that I doubt it's very difficult to create!

But as I (edited) above, I may be over-thinking with the inductive coupling, given that the device has been characterized by Bloomberg as having the appearance of a "signal conditioning" component.

 

[IG88]

Virus can be precisely delivered remotely.

Nope. You have no idea what Stuxnet was apparently, but that didn't stop you from pretending! The target system was not connected to the internet, hence it could in fact not be delivered remotely.

 

[WatchFromAfar]

Bloomberg says "17 sources". That's 17 people who should have reported to their manager, who should have reported to their manage, ..., who should have reported to Tim Cook. So "you didn't look hard enough" is a total contradiction to what Bloomberg says.

Or 17 people who did everything you said were told to "Shut up" so went else where

 

[DanBig]

Did Bloomberg indicate it is a 6-pin chip? When did this become a 6-pin chip? Somebody up above mentioned I think that some of the management chips are 6-pin, and it seems to have stuck.

IMO, this could be done with a 2-pin chip - power and ground, with inductive coupling through some creative circuit board design to e.g. an i2C or other serial bus. Hell, it could be done with a zero-pin chip, even a "security feature" "hologram" LOL. Just need to "steal" enough power from any line(s) that have a signal on them, just enough to run the chip, and not enough to adversely affect signal margins.



As I have also stated.



Stipulated.

But there need not be any communication from/to the outside world through the "spy chip". According to Bloomberg, the purpose of the chip is to alter the system firmware. Not to exfiltrate data. Any exfiltration (if that is even the purpose) would be done by the main system, where it would be easier to hide, and potentially have access to the Internet. (Of course, not all servers in data centers have access to the Internet.)

It doesn't need command and control. It could be done on a timer of some sort. (Calendar time, elapsed time, running time, take your pick). It could be triggered by something else, for example a particular kind of server crash or any other kind of action (less than a crash) that one might coerce the server to do that might be detected by the chip as a "signal". Maybe one has the ability to crash a server, but not the ability to modify the firmware.

So, now, so long as you can get some OOOBS (out of out of band signal ) to the chip, the chip can do it's job. And the OOOBS might be as simple as the passage of time.

Although not suggested in the article, the simplest action that such chip might be performed is to simply shut down the system at a predetermined time. Like, I dunno, 5 minutes before the missiles launch...



No, I'm not. I've not speculated here at all about a compromised management processor. Just a grain-of-rice sized "spy" chip with modest processing power that is able to somehow listen-talk on the management bus. I put "spy" in quotes, because it's clear in the Bloomberg article that the chip is not intended to be directly involved in exfiltration, if that's the ultimate purpose at all.



There's nothing very exotic here. I think I could put together the team to make this. I think the inductive coupling that I speculate about is way easier than anybody thinks. Inductive coupling is the bane of circuit board designers existence. It's so hard to get rid of that I doubt it's very difficult to create!

What would be the point? If not to gain intel or alter the data which would get into the data flows. A passive spy chip has very little use. The amount of lines (18 ~34) to access the bus. This makes the chip to big not to be seen. Induction is not possible or practical as it would need a sensor pad thats quite large as well. This is all fantasy!

 

[Tigger11]

Why would 17 people come forward to Bloomberg and tell lies?

Or 1 person with 17 email addresses.

I encourage everyone who thinks this happened to PLEASE read the full article that Bloomberg wrote. First of all they say that Apple found the problem and discovered the chips. So all you posting about Apple not looking hard enough, they not knowing about it, etc, are arguing that Bloomberg's story is wrong in huge critical areas. Bloomberg says in the story that Apple replaced all 7000 Supermicro servers with this issue, so all of you the theories that the government is using them to trap the hackers are wrong according to Bloomberg. The story says that Apple contacted the FBI about the problem. So everyone arguing that the FBI is running this thing are arguing that Bloomberg is wrong, (which is true, but for whole other reasons, ie the story is made up). Also anyone with any serious knowledge of hardware knows that a 6 pin chip plugged "secretly" into the board and a best guess attached to the RMC isnt going to be able to do most/any of the things Bloomberg says it is doing. On the software side, Apple and Amazon (and the other 28 companies) all run hugely different packages from each other, how does one chip get the data from all the different OS/App combinations?

Right now Apple and Amazon have said categorically that it didn't happen, they say they have had huge meetings about it trying to discover how the theory even got started. They are in violation of so many SEC laws if it really did happen. that the officers and members of the Board of directors would be removed. 50 million Facebook accounts got hacked the other day, and everyone has gone on by today. Bad motherboards from Supermicro in servers at Apple that have already replaced wouldn't make it above the fold. If you look at what has been affected, it really looks like someone was shorting Supermicro, as they closed Wednesday night at 21.40 a share and hit a 52 week low of 8.50 a share shortly after the story came out. That is over a 60% drop, on a story that isn't accurate on so many points technically that I and any other engineer who read it, would have drawn all over it with red pen before it was published.
-Tig

 

[KGB7]

Nope. You have no idea what Stuxnet was apparently, but that didn't stop you from pretending! The target system was not connected to the internet, hence it could in fact not be delivered remotely.

LOL


I said “can be”. I didn’t say it was.

 

[WatchFromAfar]

Or 1 person with 17 email addresses.

Or 17 people. When people, for whatever reason, are anonymous people are going to claim they are fake

 

[jtara]

The spy chip needs enough lines to talk with the bus at the binary level to even inject code. This how a EEROM is programed a clip is placed across the chip touching the data pins. 6 points of connection would not do it and don't forget you need two pins for power.

No, that's not the way an EEPROM is program today. Good lord, we did that in the 80s!

Look up I2C. It's been around since 1982. It's a serial bus. It's how you "program" just about anything on a chip today. It has a lot of other uses, BTW. For example, used during manufacturing test.

[doublepost=1539014004][/doublepost]

The amount of lines (18 ~34) to access the bus. This makes the chip to big not to be seen.

No. There's no need to 18 ~34 lines. One. Line. It's a serial bus.

It's never been stated that the chip has access to the processor bus, which would require more pins than 18-34 anyway.

 

[Tigger11]

Lets not forget Amazon admits it happened; Apple who knows....

??? Amazon is just as emphatic that this did not happen, what are you talking about?

-Tig

 

[kahkityoong]

I'm actually Security+ certified, so maybe I know a little more than you do.

I’m no expert in this subject but when I see a statement like this I assume the poster knows FA about what they’re talking about.

 

[WatchFromAfar]

??? Amazon is just as emphatic that this did not happen, what are you talking about?

-Tig

If this didn't exist then where did the concept of this story come from? were the news outlets sitting around one day and said "hey Bill check out this nonsense I just wrote"

 

[cmaier]

If this didn't exist then where did the concept of this story come from? were the news outlets sitting around one day and said "hey Bill check out this nonsense I just wrote"

Apple had an issue with a bad driver on one supermicro machine. Somebody crossed their wires and this is what you end up with.

Where'd the idea that santa clause exists come from?

Not every story is true.

 

[WatchFromAfar]

Apple had an issue with a bad driver on one supermicro machine. Somebody crossed their wires and this is what you end up with.

Where'd the idea that santa clause exists come from?

Not every story is true.

Santa Claus is a fairytale we tell our children. Why would 17 people say something so specific about an operating system?

 

[Tigger11]

1

If this didn't exist then where did the concept of this story come from? were the news outlets sitting around one day and said "hey Bill check out this nonsense I just wrote"

Why we know its not true
1) Amazon and Apple have both said it did not happen in a manner that would lead to 10s if not 100s of millions in fines from the SEC as well as removal of company officers (see Elon Musk event of last week) all before the story was even published.
2) Apple had told congress it did not occur, in a manner that would have them in contempt of congress if it was true, without being asked, why do that if there were any chance it were true?
3) Technically as explained in the full article the hardware couldn't do what it did
4) Technically as explained in the full article the software couldn't do what it did
5) Technically the people making the raw pwb's and the people stuffing the boards are different companies almost always at very least different factories, but we are to believe that the 4th choice for Supermicro this isn't true and somehow 7000 boards from that place get to apple.
6) Story claims apple replaced 7000 servers in a couple of weeks, that is a huge cost that is not in any ways shown in the annual report. (Another SEC violation)
7) Not one picture of one of the boards, or an x-ray of the chip in the article though Bloomberg says in the article both exist. We literally have that of the A12 a week after it comes out, but Bloomberg works on this story forever and the best they can come up with is all anonymous sources, simplistic drawn pictures and a finger holding a 6 pin part that has nothing to do with the story.

Someone is making alot shorting Supermicro now that they drove it down so low, and it may get bought out, but the rest of this story is a mess.
-Tig