"Hey Siri" support and possibly wireless charging case alongside AirPower charging mat.
Apple Tells Congress 'Nothing Was Ever Found' to Suggest Alleged Supply Chain-Based Hack
Apple's top security chief told the U.S. Congress on Sunday that it had found no indication of suspicious transmissions or other evidence that its China supply chain was ever compromised (via Reuters).
In a letter to the Senate and House commerce committees, Apple Vice President for Information Security George Stathakopoulos wrote that the company had repeatedly investigated and found no evidence to support Bloomberg Businessweek's bombshell report that alleged tiny chips were discovered inside Apple servers which allowed for backdoor transmissions to Chinese spies.
Apple, Amazon, and Supermicro all strongly rebutted the report, which alleged that Chinese intelligence planted microchips in Supermicro servers, which Apple and Amazon previously used in their data centers.
Despite the denials, which are also backed by the UK's national cyber security agency, retired Apple general counsel Bruce Sewell, and other unnamed Apple senior executives, Bloomberg said it stood by its report as of Friday, but didn't immeditately respond to requests for comment on Sunday.
Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.
In a letter to the Senate and House commerce committees, Apple Vice President for Information Security George Stathakopoulos wrote that the company had repeatedly investigated and found no evidence to support Bloomberg Businessweek's bombshell report that alleged tiny chips were discovered inside Apple servers which allowed for backdoor transmissions to Chinese spies.
"Apple's proprietary security tools are continuously scanning for precisely this kind of outbound traffic, as it indicates the existence of malware or other malicious activity. Nothing was ever found," he wrote in the letter provided to Reuters.Stathakopoulos repeated Apple's statements to the press that it had never found any such planted chips or been contacted by the FBI over the alleged matter. The letter follows a statement issued on Saturday by the U.S. Department of Homeland Security saying it had no reason to doubt the companies who denied that they had ever discovered the tiny chips.
Apple, Amazon, and Supermicro all strongly rebutted the report, which alleged that Chinese intelligence planted microchips in Supermicro servers, which Apple and Amazon previously used in their data centers.
Despite the denials, which are also backed by the UK's national cyber security agency, retired Apple general counsel Bruce Sewell, and other unnamed Apple senior executives, Bloomberg said it stood by its report as of Friday, but didn't immeditately respond to requests for comment on Sunday.
Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.
Tags: China, The Big Hack
[ 154 comments ]
Top Rated Comments
(View all)
10 weeks ago
There are many ways to mask communications. I'm not surprised they found nothing.
Name one undetectable by common practices.
Fortune 500 companies employ teams of IT security experts. So please enlighten us armchair hacker.
10 weeks ago
This is a Dog & Pony Show. If there's an ongoing investigation, #1, they rarely will even tell you. #2 Apple and others might not even know about it. It's even possible no one will ever know if its a vulnerability that is still existing and could be done again. The government never confirms stuff like this and strongly warns companies to do the same while secretly working behind the scenes. Everyone would be told to DENY ANYTHING. If we do find out anything, it will only be AFTER any possible issue is resolved, not during. Could be years!
10 weeks ago
No serious hacker enters through the front door. Thinking outside the box is all the fun. I mentioned the LZ4 frame format above, but even SSH, generally considered secure, also has the potential for abuse (although admittedly it is more difficult). The initial key exchange initialization (called a kexinit packet) contains some fields that are, in my experience, usually ignored. The potential is there for abuse as well. Generally, communication originating internally is a much more difficult thing to contain, but it certainly isn't impossible.
:rolleyes: I'm actually Security+ certified, so maybe I know a little more than you do.
Wow a certification! How many *weeks* was the class for that? I mean the exam has 90 whole questions. :rolleyes:
You know some people get whole degrees from accredited universities in this stuff.
Again you didn't list an undetectable way to communicate massive data with China. You listed areas that "abuse" could occur. Malware doing something is one thing. Malware on thousands of servers transmitting back to the motherland without any notice of the outbound traffic is something completely different.
10 weeks ago
Wow a certification! How many *weeks* was the class for that? I mean the exam has 90 whole questions. :rolleyes:
You know some people get whole degrees from accredited universities in this stuff.
Again you didn't list an undetectable way to communicate massive data with China. You listed areas that "abuse" could occur. Malware doing something is one thing. Malware on thousands of servers transmitting back to the motherland without any notice of the outbound traffic is something completely different.
Insulting the Security+ makes you look foolish, so please continue.
10 weeks ago
That diagram and entire article looks like something out of a 1993 Popular Mechanics magazine.
And from a quick glance, it looks like the illustrations depict china hacking our pencils!
10 weeks ago
There are many ways to mask communications. I'm not surprised they found nothing.
10 weeks ago
Outbound communications would be easy to detect. I'm suspecting the chips, if they exist, are not for surveillance but for a kill-switch purpose.
They would be easy to detect only if they're not sophisticated. A couple protocols I'm aware of (and I'm sure many I'm not very familiar with) have either unused sections, or allow for extra data to be included, intended for custom extensions to the protocol, but if properly supported at both ends, can be used for almost anything else. The LZ4 compression's frame format, for example, allows for what are called "skippable frames", which are exactly that: user data which can contain anything, and are not parsed by the algorithm. I know of some other algorithms with similar concepts as well. It would take someone at the other end to receive the transmission, but I have no doubt that Apple communicates with third parties, some of which may be compromised, so the risk exists.
10 weeks ago
Bloomberg joining #fakenews now? Sad!
Ahhh... let's continue to categorize everything that we don't fully understand or opposes our views as "Fake News" after all everyone's doing it!!
[doublepost=1538950831][/doublepost]
Name one undetectable by common practices.
Fortune 500 companies employ teams of IT security experts. So please enlighten us armchair hacker.
Are you implying that because Fortune 500 companies employ "teams of IT security experts" that their systems can't be breached or compromised?! HA!!!
10 weeks ago
That diagram and entire article looks like something out of a 1993 Popular Mechanics magazine.
[ Read All Comments ]
Steam recently announced that it will stop supporting macOS versions 10.7 ("Lion"), 10.8 ("Mountain Lion"), 10.9 ("Mavericks") and 10.10 ("Yosemite") on January 1,...
Apple this week released iTunes 12.8.1 for OS X Yosemite up to macOS High Sierra. The minor update resolves an issue that prevented iTunes from streaming media to third-party AirPlay speakers, and...
Earlier this month, we told you about an auction for a Steve Jobs business card listing him as Chairman of the Board at Apple Computer. The business card features Apple's classic rainbow logo and...
For this week's giveaway, we've teamed up with Speck to offer MacRumors readers a chance to win an iPhone case bundle for the iPhone XR, XS, XS Max, X, or 8/8 Plus that comes with a Presidio...
Best Buy today kicked off a new three-day sale that will last all weekend and end on Sunday at 11:59 p.m. CT. The sale is full of great last-minute gift ideas for the holidays, and Best Buy still...
Satechi today announced that three of its USB-C hubs are now available to pre-order in a gold color that resembles the finish of the latest MacBook Air.
Slim USB-C Multi-Port Adapter V2 -...
Apple is reportedly looking to shift production of older iPhones to Taiwanese supplier Pegatron in an effort to avoid losing billions in revenue as a result of its patent dispute with Qualcomm.
...
In macOS, transparency – or more properly, translucency – is a visual effect many apps use to create a sense of depth by hinting at content residing in the background.
An example of...
