Apple Tells Congress 'Nothing Was Ever Found' to Suggest Alleged Supply Chain-Based Hack

Apple's top security chief told the U.S. Congress on Sunday that it had found no indication of suspicious transmissions or other evidence that its China supply chain was ever compromised (via Reuters).


In a letter to the Senate and House commerce committees, Apple Vice President for Information Security George Stathakopoulos wrote that the company had repeatedly investigated and found no evidence to support Bloomberg Businessweek's bombshell report that alleged tiny chips were discovered inside Apple servers which allowed for backdoor transmissions to Chinese spies.

"Apple's proprietary security tools are continuously scanning for precisely this kind of outbound traffic, as it indicates the existence of malware or other malicious activity. Nothing was ever found," he wrote in the letter provided to Reuters.

Stathakopoulos repeated Apple's statements to the press that it had never found any such planted chips or been contacted by the FBI over the alleged matter. The letter follows a statement issued on Saturday by the U.S. Department of Homeland Security saying it had no reason to doubt the companies who denied that they had ever discovered the tiny chips.

Apple, Amazon, and Supermicro all strongly rebutted the report, which alleged that Chinese intelligence planted microchips in Supermicro servers, which Apple and Amazon previously used in their data centers.

Despite the denials, which are also backed by the UK's national cyber security agency, retired Apple general counsel Bruce Sewell, and other unnamed Apple senior executives, Bloomberg said it stood by its report as of Friday, but didn't immeditately respond to requests for comment on Sunday.

Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.

Top Rated Comments

(View all)
Avatar
20 months ago

There are many ways to mask communications. I'm not surprised they found nothing.

Name one undetectable by common practices.

Fortune 500 companies employ teams of IT security experts. So please enlighten us armchair hacker.
Score: 20 Votes (Like | Disagree)
Avatar
20 months ago
This is a Dog & Pony Show. If there's an ongoing investigation, #1, they rarely will even tell you. #2 Apple and others might not even know about it. It's even possible no one will ever know if its a vulnerability that is still existing and could be done again. The government never confirms stuff like this and strongly warns companies to do the same while secretly working behind the scenes. Everyone would be told to DENY ANYTHING. If we do find out anything, it will only be AFTER any possible issue is resolved, not during. Could be years!
Score: 18 Votes (Like | Disagree)
Avatar
20 months ago
Bloomberg joining #fakenews now? Sad!
Score: 15 Votes (Like | Disagree)
Avatar
20 months ago

No serious hacker enters through the front door. Thinking outside the box is all the fun. I mentioned the LZ4 frame format above, but even SSH, generally considered secure, also has the potential for abuse (although admittedly it is more difficult). The initial key exchange initialization (called a kexinit packet) contains some fields that are, in my experience, usually ignored. The potential is there for abuse as well. Generally, communication originating internally is a much more difficult thing to contain, but it certainly isn't impossible.

:rolleyes: I'm actually Security+ certified, so maybe I know a little more than you do.

Wow a certification! How many *weeks* was the class for that? I mean the exam has 90 whole questions. :rolleyes:

You know some people get whole degrees from accredited universities in this stuff.

Again you didn't list an undetectable way to communicate massive data with China. You listed areas that "abuse" could occur. Malware doing something is one thing. Malware on thousands of servers transmitting back to the motherland without any notice of the outbound traffic is something completely different.
Score: 13 Votes (Like | Disagree)
Avatar
20 months ago

That diagram and entire article looks like something out of a 1993 Popular Mechanics magazine.

And from a quick glance, it looks like the illustrations depict china hacking our pencils!



Score: 11 Votes (Like | Disagree)
Avatar
20 months ago
There are many ways to mask communications. I'm not surprised they found nothing.
Score: 11 Votes (Like | Disagree)

Top Stories

New Low-Cost 'iPhone SE' Could Launch as Soon as Tomorrow

Thursday April 2, 2020 4:06 pm PDT by Juli Clover
Apple's new low-cost iPhone is set to launch as early as Friday, April 3, according to a new report from 9to5Mac that cites a tip from a "highly trusted reader." The site says that while it can't be certain about the launch date, "Apple could reveal and begin taking orders for the new iPhone as soon as tomorrow." The iPhone 8 Apple is said to be planning to call the new iPhone, which is...

Apple's 2020 MacBook Air vs. 2020 iPad Pro

Wednesday April 1, 2020 2:45 pm PDT by Juli Clover
Apple in March updated both the MacBook Air and the iPad Pro, and with the iPad Pro increasingly positioned as a computer replacement, we thought we'd compare both new machines to see how they measure up and which one might be a better buy depending on user needs. Subscribe to the MacRumors YouTube channel for more videos. We're comparing the base model 12.9-inch iPad Pro and the base model...

AirTags Referenced in New Apple Support Video

Thursday April 2, 2020 12:12 pm PDT by Joe Rossignol
Apple has accidentally referenced its widely rumored AirTags item tracking tags in a video that it uploaded to its Apple Support channel on YouTube today. The video was first spotted by the blog Appleosophy and has quickly been removed. The video was titled "How to erase your iPhone." AirTags were mentioned in Settings > Apple ID > Find My > Find My iPhone under Enable Offline Finding, with...

Intel Unveils 10th-Gen Processors Suitable for Next 16-Inch MacBook Pro With Wi-Fi 6 and Turbo Boost Speeds Above 5GHz

Thursday April 2, 2020 7:53 am PDT by Joe Rossignol
Intel today announced the launch of its latest 10th-generation Core processors for high-end notebooks, potentially including the next 16-inch MacBook Pro. The batch of 45W chips, part of the Comet Lake family, are built on Intel's 14nm++ architecture. The new H-series chips have the same base clock speeds as the 9th-generation chips in the current 16-inch MacBook Pro, but Turbo Boost speeds...

Apple Paid Hacker $75,000 for Uncovering Zero-Day Camera Exploits in Safari

Friday April 3, 2020 3:58 am PDT by Tim Hardwick
Apple paid out $75,000 to a hacker for identifying multiple zero-day vulnerabilities in its software, some of which could be used to hijack the camera on a MacBook or an iPhone, according to Forbes. A zero-day vulnerability refers to a security hole in software that is unknown to the software developer and the public, although it may already be known by attackers who are quietly exploiting...

Apple Offers Employees Deep Discounts on HomePod, Beats Headphones and More

Friday April 3, 2020 11:14 am PDT by Juli Clover
Apple is offering employees significant discounts on products that include the HomePod and Beats headphones, according to details on the deals shared by MacGeneration and 9to5Mac. Apple is said to be clearing stock of Beats headphones and HomePods, providing them to employees through an internal deals program. The HomePod is available at a 50 percent discount, dropping the price to $149.50,...

iPhone 8 Screen Protector Updated With 'iPhone SE' Compatibility on Apple's Online Store

Thursday April 2, 2020 8:10 pm PDT by Joe Rossignol
Another clue has surfaced to suggest that Apple's rumored lower-cost iPhone SE successor will likely be released soon. Earlier today, a product listing for a Belkin screen protector on Apple's online store was updated to reflect compatibility with not only the iPhone 7 and iPhone 8, but also the iPhone SE. Given the original iPhone SE was a 4-inch device, and the iPhone 7 and iPhone 8 are...

Apple Adding Some 2013 and 2014 MacBook Air and MacBook Pro Models to Vintage Products List at End of April

Wednesday April 1, 2020 2:24 pm PDT by Joe Rossignol
In an internal memo obtained by MacRumors, Apple has indicated that the following 2013 and 2014 models of the MacBook Air and MacBook Pro will be added to its vintage and obsolete products list on April 30:MacBook Air (11-inch, Mid 2013) MacBook Air (13-inch, Mid 2013) MacBook Air (11-inch, Early 2014) MacBook Air (13-inch, Early 2014) MacBook Pro (13-inch, Mid 2014)Apple defines vintage...

Zoom Updates Mac App Installer to Remove Controversial 'Preflight' Installation Method

Thursday April 2, 2020 11:42 am PDT by Eric Slivka
The popular video conferencing company Zoom has been under scrutiny over the past few days for the method used to install the Mac version of its app, which essentially abused a "preflight" compatibility check to install the app without the user needing to explicitly grant installation permission, as highlighted by developer Felix Seele earlier this week. Screenshot of preflight compatibility ...

Top Stories: Apple Leaks iPhone SE and AirTags, Apple Buys Dark Sky, and More

Saturday April 4, 2020 6:00 am PDT by MacRumors Staff
With the calendar rolling over to April this week, we yet again saw several leaks and rumors, most notably including Apple itself leaking some references to a pair of long-rumored products: a new budget iPhone SE and AirTags item trackers. Subscribe to the MacRumors YouTube channel for more videos. Apple also acquired popular weather app Dark Sky, while Amazon's Prime Video app now allows...