MacRumors

Apple's top security chief told the U.S. Congress on Sunday that it had found no indication of suspicious transmissions or other evidence that its China supply chain was ever compromised (via Reuters).

In a letter to the Senate and House commerce committees, Apple Vice President for Information Security George Stathakopoulos wrote that the company had repeatedly investigated and found no evidence to support Bloomberg Businessweek's bombshell report that alleged tiny chips were discovered inside Apple servers which allowed for backdoor transmissions to Chinese spies.

"Apple's proprietary security tools are continuously scanning for precisely this kind of outbound traffic, as it indicates the existence of malware or other malicious activity. Nothing was ever found," he wrote in the letter provided to Reuters.

Stathakopoulos repeated Apple's statements to the press that it had never found any such planted chips or been contacted by the FBI over the alleged matter. The letter follows a statement issued on Saturday by the U.S. Department of Homeland Security saying it had no reason to doubt the companies who denied that they had ever discovered the tiny chips.

Apple, Amazon, and Supermicro all strongly rebutted the report, which alleged that Chinese intelligence planted microchips in Supermicro servers, which Apple and Amazon previously used in their data centers.

Despite the denials, which are also backed by the UK's national cyber security agency, retired Apple general counsel Bruce Sewell, and other unnamed Apple senior executives, Bloomberg said it stood by its report as of Friday, but didn't immeditately respond to requests for comment on Sunday.

Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.

The U.S. Department of Homeland Security today said it has "no reason to doubt" the companies who denied a bombshell Bloomberg Businessweek report this week about Chinese spies using a tiny chip to infiltrate U.S. companies.

Homeland Security's full statement:

The Department of Homeland Security is aware of the media reports of a technology supply chain compromise. Like our partners in the UK, the National Cyber Security Centre, at this time we have no reason to doubt the statements from the companies named in the story. Information and communications technology supply chain security is core to DHS's cybersecurity mission and we are committed to the security and integrity of the technology on which Americans and others around the world increasingly rely. Just this month – National Cybersecurity Awareness Month – we launched several government-industry initiatives to develop near- and long-term solutions to manage risk posed by the complex challenges of increasingly global supply chains. These initiatives will build on existing partnerships with a wide range of technology companies to strengthen our nation's collective cybersecurity and risk management efforts.

Apple, Amazon, and Supermicro have all strongly refuted the report, which alleged that Chinese intelligence planted microchips in Supermicro servers, which Apple and Amazon previously used in their data centers.

Apple and Bloomberg Businessweek are in a stalemate, with the former strongly refuting the report, and the latter standing by its reporting.

Apple's denial has been backed by not only the Department of Homeland Security, but also the UK's national cyber security agency, retired Apple general counsel Bruce Sewell, and other unnamed senior executives within Apple.

Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.

Earlier this week, MacRumors obtained an internal document from Apple stating that Macs with the Apple T2 chip, including the iMac Pro and 2018 MacBook Pro, must pass Apple diagnostics for certain repairs to be completed.

The document states:

For Macs with the Apple T2 chip, the repair process is not complete for certain parts replacements until the AST 2 System Configuration suite has been run. Failure to perform this step will result in an inoperative system and an incomplete repair.

• For notebooks: Display assembly, logic board, top case, and Touch ID board
• For desktops: Logic board and flash storage

Apple's diagnostic software is limited to internal use by Genius Bars at Apple Stores, Apple Authorized Service Providers, and qualifying institutions, suggesting that independent repair shops without Apple certification would be unable to repair certain parts on the iMac Pro and 2018 MacBook Pro going forward.

Moreover, the document reignited a debate about planned obsolescence, as there were concerns that when Apple stops servicing the iMac Pro and 2018 MacBook Pro, repairs through alternative channels might not be possible.

The news was quickly opposed by "Right to Repair" activists who believe that Apple and other device manufacturers should be legally required to make replacement parts, repair guides, and tools available to the public. Apple has and continues to actively oppose "Right to Repair" legislation in the United States.

Those activists will be delighted to hear that, for whatever reason, what Apple said in its document isn't actually the case right now.

After our report was published, the repair experts at iFixit swapped out the display and logic board on a 2018 MacBook Pro, and the notebook remained operational without being subjected to Apple's diagnostic software.

iFixit is not an Apple Authorized Service Provider, so at this time, it appears that independent repair shops should remain able to repair the iMac Pro and 2018 MacBook Pro without issue. It's unclear why Apple's document suggests otherwise, but it's possible the requirement could kick in at a later date.

iFixit:

So why is Apple doing this? It could simply be a mechanism for tracking parts used by their authorized network, to check quality or replacement rates. It's possible that units with swapped parts may operate normally, but still report a failure in Apple diagnostic tests for having 'unauthorized' components installed—much like earlier units did on earlier versions of AST for third party HDD/SSD, RAM and batteries.

Apple did not respond to our request for comment.

Today is the official launch date of the new Nike+ Apple Watch Series 4 models, which were available for pre-order on September 14 alongside other Apple Watch Series 4 models, but had a later release timeline.

We got our hands on one of the new Nike+ Apple Watches this morning to show off the custom watch faces and the new reflective bands that Apple has designed.

Design wise, the Nike+ Apple Watches are identical to Apple's standard aluminum Apple Watch Series 4 models, with aluminum casings and Ion-X glass covering the display.

Nike+ Apple Watches are also priced the same and come in 40 and 44mm size options, but colors are limited to silver and space gray aluminum.

There are two perforated Sport Bands and two new Sport Loops made with a reflective fabric, which is a new option this year. The Nike+ model in our video is the 44mm Space Gray version with a Black Nike Sport Loop.

According to Apple, the new Nike Sport Loops are woven with a reflective thread that's meant to shimmer when the light strikes it for more peace of mind when running at night, but in our testing, it was pretty muted.

These reflective bands are exclusive to the Nike+ Apple Watch right now and can't be purchased separately.

In addition to the unique bands, Apple Watch Nike+ models also feature exclusive Nike+ watch faces that are not available on other Apple Watch models. There's a digital watch face and an analog watch face, both of which can be customized with different colors.

The new Nike+ Apple Watch models can be purchased from Apple at prices starting at $399 for the 40mm GPS version and $429 for the 44mm GPS version. LTE models cost $100 more.

Orders placed today from the Apple online store in the U.S. will not ship out until early November, but some retail locations do have stock for immediate pickup.

Nike+ Apple Watches are available in Australia, Austria, Bahrain, Belgium, Canada, China, Czech Republic, Denmark, Finland, France, Germany, Greece, Guam, Hong Kong, Hungary, Ireland, Italy, Japan, Kuwait, Luxembourg, Macau, Monaco, Netherlands, New Zealand, Norway, Oman, Poland, Portugal, Puerto Rico, Qatar, Russia, Saudi Arabia, Singapore, South Africa, Spain, Sweden, Switzerland, the UAE, the U.K., and the U.S.

AnandTech, known for in-depth reviews of new Apple products, today published a lengthy review of the iPhone XS and XS Max, Apple's newest flagship iPhones.

AnandTech's review takes a deep dive into the A12 chip in the two smartphones, which is the first commercially available 7nm silicon.

According to AnandTech, the A12 chip features a major revamp of the neural accelerator, a redesigned system cache that features the "biggest change since its introduction in the A7," significant changes to the CPU core, and memory compression for the GPU, all of which has led to impressive performance improvements.

Based on SPECint2006 benchmarking, the A12 performed an average of 24 percent better than the A11 in the previous-generation devices. When it comes to power efficiency, the A12 improved by 12 percent, but with memory heavy workloads, power consumption was up, for an average power usage of ~3.36W on the A11 to 3.64W on the A12.

SPECfp benchmarking saw average performance gains of 28 percent, and again, workloads with major improvements also resulted in increased power consumption.

AnandTech's benchmarking tests suggest that the A12's Vortex cores and architectural improvements offer a "much higher performance advantage than Apple's marketing materials promote." Apple's A12 beat the best Android SoCs both in performance and power efficiency.

The contrast to the best Android SoCs have to offer is extremely stark - both in terms of performance as well as in power efficiency. Apple's SoCs have better energy efficiency than all recent Android SoCs while having a nearly 2x performance advantage. I wouldn't be surprised that if we were to normalise for energy used, Apple would have a 3x performance efficiency lead.

AnandTech says that it's "quite astonishing" how close the A12 and the previous-generation A11 are to desktop CPUs, with "very small margins until Apple’s mobile SoCs outperform the fastest desktop CPUs in terms of ST performance."

As part of the review, AnandTech also offered a look at how Apple has improved performance in older devices by tweaking scaling performance. The A9 in the iPhone 6s, for example, took 435ms for the CPU to reach maximum frequency, but that time was cut to 80ms in iOS 12 for a "great boost to performance in shorter interactive workloads."

Similar improvements were made to the A10 (going from a 400ms ramp up time to 210ms), but there was little change to the A11.

All in all, AnandTech said the iPhone XS and XS Max are a "big shift" for Apple's lineup with a "beast of an SoC" that's offering performance improvements of up to 40 percent.

Apple's marketing department was really underselling the improvements here by just quoting 15% - a lot of workloads will be seeing performance improvements I estimate to be around 40%, with even greater improvements in some corner-cases. Apple's CPU have gotten so performant now, that we're just margins off the best desktop CPUs; it will be interesting to see how the coming years evolve, and what this means for Apple's non-mobile products.

The full iPhone XS and XS Max review from AnandTech is well worth checking out for those who would like to get a deeper technical look at the components inside the two new devices. It goes into much greater detail on the CPU and GPU in the iPhone XS and XS Max, while also taking a look at the camera, battery, display, and other components.

Apple's efforts to thoroughly deny this week's bombshell Bloomberg Businessweek report now extend to a former top executive.

Apple's recently retired general counsel Bruce Sewell told Reuters he called the FBI's then-general counsel James Baker last year after being told by Bloomberg of an open investigation into Supermicro, and was told that nobody at the federal law enforcement agency knew what the story was about.

"I got on the phone with him personally and said, 'Do you know anything about this?," Sewell said of his conversation with Baker, reports Reuters. "He said, 'I've never heard of this, but give me 24 hours to make sure.' He called me back 24 hours later and said 'Nobody here knows what this story is about.'"

Sewell's comments are consistent with a statement Apple shared with Bloomberg Businessweek and on its Newsroom on Thursday:

On this we can be very clear: Apple has never found malicious chips, "hardware manipulations" or vulnerabilities purposely planted in any server. Apple never had any contact with the FBI or any other agency about such an incident. We are not aware of any investigation by the FBI, nor are our contacts in law enforcement.

Also from Apple's Newsroom:

No one from Apple ever reached out to the FBI about anything like this, and we have never heard from the FBI about an investigation of this kind — much less tried to restrict it.

Apple later clarified that it is not under any kind of gag order or other confidentiality obligations after speculation mounted.

Amazon and Supermicro have also refuted the Bloomberg Businessweek report, with the latter company claiming it has "never been contacted by any government agencies either domestic or foreign regarding the alleged claims."

The UK's National Cyber Security Centre has also backed Apple's and Amazon's denials of the Bloomberg Businessweek report, which claimed Chinese spies planted tiny chips the size of a pencil tip on server motherboards manufactured by Supermicro, which were used in Apple data centers and elsewhere.

"We are aware of the media reports but at this stage have no reason to doubt the detailed assessments made by AWS and Apple," the agency, a unit of the GCHQ, said in a statement provided to Reuters today.

"The NCSC engages confidentially with security researchers and urges anybody with credible intelligence about these reports to contact us."

Bloomberg Businessweek yesterday reported that Apple discovered the suspicious microchips around May 2015, after detecting odd network activity and firmware problems. Two senior Apple insiders were cited as saying the company reported the incident to the FBI, but kept details tightly held.

The insiders cited in the report said in the summer of 2015, a few weeks after Apple identified the malicious chips, the company started removing all Supermicro servers from its data centers. Every one of the 7,000 or so Supermicro servers was replaced in a matter of weeks, according to one of the insiders.

One government official cited in the Bloomberg Businessweek report said China's goal was "long-term access to high-value corporate secrets and sensitive government networks." No consumer data is known to have been stolen, the report added, but the extent of the alleged attack appears to be unclear.

At this point, there is a clear divide between what Bloomberg is reporting and the denials from Apple, Amazon, and Supermicro. In the coming days, additional information will hopefully provide some clarity about the matter.

Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.

The United Kingdom's National Cyber Security Centre has backed Apple's and Amazon's denials of a Bloomberg Businessweek report that claimed Chinese spies planted tiny chips the size of a pencil tip on motherboards manufactured by Supermicro, which both Apple and Amazon used at one time in data center servers.

"We are aware of the media reports but at this stage have no reason to doubt the detailed assessments made by AWS and Apple," the agency, a unit of the GCHQ, said in a statement provided to Reuters today.

"The NCSC engages confidentially with security researchers and urges anybody with credible intelligence about these reports to contact us," it added.

Apple was a Supermicro customer for several years, using its servers to power the likes of iCloud, Siri, and the App Store, although it severed ties with the company in 2016 due to a previously-reported and allegedly unrelated incident in which Apple discovered an infected driver on a single server in one of its labs.

Bloomberg Businessweek yesterday reported that Apple discovered the suspicious microchips around May 2015, after detecting odd network activity and firmware problems. Two senior Apple insiders were cited as saying the company reported the incident to the FBI, but kept details tightly held.

The insiders cited in the report said in the summer of 2015, a few weeks after Apple identified the malicious chips, the company started removing all Supermicro servers from its data centers. Every one of the 7,000 or so Supermicro servers was replaced in a matter of weeks, according to one of the insiders.

One government official cited in the Bloomberg Businessweek report said China's goal was "long-term access to high-value corporate secrets and sensitive government networks." No consumer data is known to have been stolen, the report added, but the extent of the alleged attack appears to be unclear.

Apple denied Bloomberg Businessweek's report in a strongly-worded statement:

Over the course of the past year, Bloomberg has contacted us multiple times with claims, sometimes vague and sometimes elaborate, of an alleged security incident at Apple. Each time, we have conducted rigorous internal investigations based on their inquiries and each time we have found absolutely no evidence to support any of them. We have repeatedly and consistently offered factual responses, on the record, refuting virtually every aspect of Bloomberg's story relating to Apple.

On this we can be very clear: Apple has never found malicious chips, "hardware manipulations" or vulnerabilities purposely planted in any server. Apple never had any contact with the FBI or any other agency about such an incident. We are not aware of any investigation by the FBI, nor are our contacts in law enforcement.

In response to Bloomberg's latest version of the narrative, we present the following facts: Siri and Topsy never shared servers; Siri has never been deployed on servers sold to us by Super Micro; and Topsy data was limited to approximately 2,000 Super Micro servers, not 7,000. None of those servers has ever been found to hold malicious chips.

As a matter of practice, before servers are put into production at Apple they are inspected for security vulnerabilities and we update all firmware and software with the latest protections. We did not uncover any unusual vulnerabilities in the servers we purchased from Super Micro when we updated the firmware and software according to our standard procedures.

We are deeply disappointed that in their dealings with us, Bloomberg's reporters have not been open to the possibility that they or their sources might be wrong or misinformed. Our best guess is that they are confusing their story with a previously-reported 2016 incident in which we discovered an infected driver on a single Super Micro server in one of our labs. That one-time event was determined to be accidental and not a targeted attack against Apple.

While there has been no claim that customer data was involved, we take these allegations seriously and we want users to know that we do everything possible to safeguard the personal information they entrust to us. We also want them to know that what Bloomberg is reporting about Apple is inaccurate.

Apple has always believed in being transparent about the ways we handle and protect data. If there were ever such an event as Bloomberg News has claimed, we would be forthcoming about it and we would work closely with law enforcement. Apple engineers conduct regular and rigorous security screenings to ensure that our systems are safe. We know that security is an endless race and that's why we constantly fortify our systems against increasingly sophisticated hackers and cybercriminals who want to steal our data.

Apple later clarified that it is not under any kind of gag order or other confidentiality obligations after speculation mounted.

Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.

Apple CEO Tim Cook has tweeted in memory of his former boss and mentor Steve Jobs, who passed away on October 5, 2011. Today marks the seventh anniversary of the Apple co-founder's death. He was 56 years old.

"Steve showed me—and all of us—what it means to serve humanity," tweeted Cook, alongside a photo of Steve.

Here's what Cook said on the day of Steve's death:

Apple has lost a visionary and creative genius, and the world has lost an amazing human being. Those of us who have been fortunate enough to know and work with Steve have lost a dear friend and an inspiring mentor. Steve leaves behind a company that only he could have built, and his spirit will forever be the foundation of Apple. […]

No words can adequately express our sadness at Steve's death or our gratitude for the opportunity to work with him. We will honor his memory by dedicating ourselves to continuing the work he loved so much.

We rounded up many other comments in our 2011 article for those who wish to look back, while Apple still has a Remembering Steve page on its website with condolences and memories from customers.

Steve Jobs narrated this unaired version of Apple's famous Think Different ad in 1997:

Steve Jobs' 2005 Stanford Commencement Speech, where he addresses his mortality:

Lisa Brennan-Jobs, the eldest daughter of Steve, recently shed a less flattering light on her father. In her "Small Fry" memoir released last month, Brennan-Jobs described both "moments of joy" and "coldness" about her father, including his "frequent use of money to confuse or frighten her."