Written apology from Bloomberg? Fire the reporters? SEC charges of security fraud related to stock manipulation?
Also, I want to believe that they did more groundwork to establish credibility before deciding to go for it. If it turns out to be false, I wouldn't know whom to trust anymore.
A lawsuit from damaged shareholders isn’t out of the question though.
If this was anything, it would be a reason to move against China.
However, several days later, we can be fairly confident in saying it isn't any reason for the President to do anything, on the grounds that to the best of my knowledge, he hasn't done anything. (This opinion subject to change if someone cites something, of course. But I'd expect it would have come up in our HN conversations by now.) If this was a conspiracy from the government to make hay out of this news, they would have done so by now. Next day at the latest, given the speed of the news cycle nowadays. I think we can safely discard this theory now.
(I also see no reason to even suspect that the President thinks he needs some sort of additional casus belli against China. He seems to believe he's got plenty already. If such things are being faked, they aren't being faked in stories like this, but at a much different level in much different places.)
Edited: When i first read your comment, it sounded like you were emploring the president to act against the press. I see that i misread.
As an example they claim 10 reasons not to believe Bloomberg and cite two other pieces they have wrote, both proclaiming apples innocence.
They literally give the same reason multiple times, and the reason is little more than "Apple wouldn't lie!". Apple has been caught lying in the past about other things like battery life.
That's a stretch to say that they were lying. They weren't lying about the battery life nor did they claim that they weren't changing the clock speed of the device. They simply claimed to have different motivation for doing so (namely, to keep older phones from completely turning off) than what others assume was the motivation (intentionally slowing phones to gain more sales).
You are right but arguing semantics. They kept the same battery life true but they did this by slowing the phones below the specs they advertised, thats plain lying.
It took a year of people calling them out before they admitted it. True they never admitted to lying, but they did admit the year long omission, they just claimed it as a feature, classy.
https://www.theguardian.com/technology/2017/dec/21/apple-adm...
https://www.bloomberg.com/news/articles/2018-10-09/new-evide...
I'm not saying it is true, but of course all parties involved will deny everything, imagine how much it would hurt them if they acknowledged they have been hacked.
> Appleboum said one key sign of the implant is that the manipulated Ethernet connector has metal sides instead of the usual plastic ones. The metal is necessary to diffuse heat from the chip hidden inside, which acts like a mini computer.
Every RJ45 jack ("Ethernet connector") I've seen used in modern networking hardware has a metal case for EMI shielding. This isn't an indicator of compromise. Nor does this make sense as a location for an implant -- the RJ45 jack isn't in a privileged position to access information on the server, nor would a device located inside the jack be able to easily interact with the network without interfering with the real Ethernet controller.
Where would one acquire these metal RJ45 jacks? The ones I have are all plastic (usually clear), with the exception of the small (copper?) metal wires that transmit the signals. I am in fact looking at one right now on my desk and it's definitely not metal shielded.
We don't even have to imagine much beyond the current pain its caused Supermicro. According to that article, the stock dropped 41% last Thursday from the original article and then another 15% today (the article says 27% today, but they made some gains since the article was published).
> How could [discovering exoplanet] not be dramatic? If you're an actual f$@!%%# astronomer, that's how. Because then you'd feel compelled to drone on for page after page of details on the different telescopes you used, and the software pipelines the data went through, and how everything was normalized to... Exoplanets, which are BRAND NEW WORLDS UNKNOWN TO US get announced with excessive details on Monte Carlo sampling and Markov chains. I would not have thought it possible to suck the life out of stories like these, but the people who have chosen to make this their life's work manage.
https://arstechnica.com/science/2018/09/here-are-the-subject...
In other words: "Why do these eggheads spend so much time worrying about whether the things they think they know are actually true when they could be talking about how it makes them feel?"
I think you are just misunderstanding discussion of why covering science is hard in a form of writing readers enjoy, for actually criticizing scientists for doing what they do.
The source is upset that his technical jargon and long-winded explanation didn't make the final article. That's the connection to the above post. If you are a non-technical reader, and you had to read the raw transcript of a hardware guy telling you about firmware updates, you'd fall asleep. The point here is that the journalist cut out that stuff, which maybe makes the story less accurate, but the point of the story is still preserved.
>I sent him a link to Mouser, a catalog where you can buy a 0.006 x 0.003 inch coupler. Turns out that’s the exact coupler in all the images in the story...
I don't know much about technology journalism, but I would think that no one who is a technology reporter would make a miss like that. And even if he/she did make a miss like that, wouldn't an editor or someone higher up call that out pretty much right away?
I can't see why this story would have been put out as is without further investigation? Maybe some independent verification? I suppose there remains a slim possibility that the overarching theme of the story is true, and the reporters are simply spectacularly inept. There is also the possibility that the story is false and Bloomberg itself is spectacularly inept. Other possibilities are too terrible to contemplate. They run the gamut from simple propaganda, which is terrible, but would not be unexpected... all the way to out and out graft. ie - Some influential guy was short Apple.
Have you ever actually dealt with reporters before? From my time in science I can attest that yes, reporters very much are this dumb at times. That's the issue with anyone who's too much of a generalist.
Some reporters may be dumb, but if it has the Bloomberg name attached to it, and has far reaching effects in financial markets, you can be pretty confident that this wasn't just the work of some clueless reporter.
I can easily imagine ONE journalist getting key facts wrong in a typical story which had to be pumped out before a deadline. I've seen it myself.
BUT this is a very major story by elite journalists with a lot to lose if they screw up. They're not "dumb" but they might have been deceived deliberately.
Whatever the case, I expect a very ugly truth will shake out eventually.
Their failing isn't that they are dumb per se, but that they confidently believe they understand something when they have only heard the barest details. It's like they are afraid to ever say "I don't know", or question their own understanding of reality.
>In September when he asked me like, “Okay, hey, we think it looks like a signal amplifier or a coupler. What’s a coupler? What does it look like?”
Am I missing something? What's specifically the criticism about the pictures here, that they aren't literally what the alleged devices look like?
What makes you think so
In seriousness though this is starting to smell like the whole story is plain wrong. Which is fascinating, however it came to be.
So next time, when it's real, we'll all ignore the story?
Particularly damning part, to me: "I sent him a link to Mouser, a catalog where you can buy a 0.006 x 0.003 inch coupler. Turns out that’s the exact coupler in all the images in the story." Clearly they didn't have an original hacked part like some have claimed/hoped.
https://risky.biz/RB517_feature/
Also worth mentioning here is the background on the credibility of these journo's that Robert Lee provides:
https://twitter.com/RobertMLee/status/1049617855396933632?s=...
The most interesting tweet in that thread:
"They claimed anonymous US intelligence community sources as well. Except I led the ICS threat discovery mission at the time at the NSA. And I had never heard of this attack being a cyber attack. The NSA doesn’t see everything but if the US IC is your source we would have."
He is referring to the BTC pipeline piece that these guys wrote. It claims the pipeline explosion was a cyber attack, which has never been substantiated.
Is it the expert or the journalist who doesn't know the difference between silicon and silicone?
>For a journalist, the fear of getting it wrong is a mortal one. Experts loudly calling me wrongheaded were hard to shake. Many of their objections were highly technical—and I would never pass myself off as someone with an expert’s grasp of computer science. (Less than 24 hours after my piece went live, The Intercept published a very long, very detailed piece that suggested my piece was likely bunk.)…
https://www.theatlantic.com/politics/archive/2018/10/trump-o...
It would be no exaggeration to say that his decision to ignore the pesky technical objections he didn't understand and run the story anyway did permanent damage to the US political and news climate, that it made everyone's beliefs about the world a little more wrong forevermore. When Clinton's campaign tweeted to demand the FBI investigate, only one outlet - the New York Times - dared stand up and report that the FBI had already investigated and concluded all the evidence was consistent with it being exactly the boring junk email server it looked like, and people are still pointing to that article to drag the Times' reputation through the mud to this day. (Their own public editor even criticized them for questioning and not believing!)
He created a world where not believing junk emails were secret Russian communications was, to quote the recent New Yorker article, the equivalent of believing "that space aliens did this".
https://www.newyorker.com/magazine/2018/10/15/was-there-a-co...
I'm saying 9to5mac as an apple enthusiast site has a reason to run the post it did and that since technical people like to talk about technical things of course there's someone connected to the story making those arguments then largely non-technical reporters have trouble making sense of it all.
If it's true that Amazon and Apple discovered flawed ones, all of those would have been returned to Supermicro and likely destroyed for the most part. If Supermicro was aware of the problem and ethical, they likely would have contacted other customers who they suspect could have received altered boards and replaced those boards too. I'm not saying it would be impossible to get your hands on one, but if there's any truth to this hack, I think you'd have to buy a ton of boards before you ever came across an altered one.
>Super Micro Computer Inc. SMCI, -18.58% dropped 8% in late trading Thursday after a report said Apple Inc. AAPL, +0.93% ended its relationship with the company after finding "a potential security vulnerability" in a data center server provided by Super Micro.
https://www.marketwatch.com/story/super-micro-plummets-after...
I tried to buy some over the weekend, because I think this will all blow over like Equifax, but I got a message saying they've been suspended from trading since August for not reporting to the SEC on time. Is it the OTC price?
I did a super quick search, and sure enough, yep- the images in the article are most likely a $0.38/each 0603 coupler.
https://www.mouser.com/ProductDetail/TDK/HHM2510B1?qs=sGAEpi...
I'd imagine it's mostly for illustrative purposes, but Gell-Mann Amnesia Effect in full force here.
I'd argue that all this backlash is justification for why we don't typically have to worry about the Gell-Mann amnesia effect. When something is egregiously wrong in the news, people talk about it, and we learn. As long as you're reading about something that will critical and knowledgeable people also reading it, then you should feel comfortable knowing that no backlash means it's probably fine.
A pesky problem of missing paperwork. Apparently Supermicro thinks that filing quarterly and annual reports is something optional, a "nice to have" rather than a "requirement". So they haven't bothered.
Nasdaq feels otherwise, and got tired of waiting for them to get their house in order, and so delisted Supermicro.
https://www.marketwatch.com/story/super-micros-stock-set-to-...
https://www.politico.com/blogs/media/2013/12/the-bloomberg-m...
In light of the above, something smells.
Yeah that doesn't sound promising for Bloomberg.
"For example putting two pieces of silicone in a single package makes sense when one of them is flash storage and the other is a micro controller. But an experienced observer could easily jump to the conclusion that it’s a hardware implant."
yeah - silicone. but more importantly: he certainly meant IN-experienced.
"You put hardware in a device to help you persist the software, the malware. You don’t put hardware in a device to do the whole attack, you put hardware in the device to unlock the keys, to elevate the privileges on the shell, to open the network port and then you take a software or remote approach to do the rest of the work. And I think that’s the context of that quote."
"Risky Business Feature: Named source in "The Big Hack" has doubts about the story": https://risky.biz/RB517_feature/
I found it really interesting how pointed and specific the denials were, rather than blanket denials or refusals to say anything.
I wonder if the technical details that were wrong in the article ended up giving cover to the denials. Maybe the hack never was in hardware, and Bloomberg totally screwed that part up, due to a misunderstanding of what it means to "manufacture a board with vulnerabilities" and that ended up giving inadvertent cover to those parties wishing to deny that a hardware hack was found in products in their datacenters?
EDIT:
Okay, maybe my theory's not so great.
>On this we can be very clear: Apple has never found malicious chips, “hardware manipulations” or vulnerabilities purposely planted in any server. Apple never had any contact with the FBI or any other agency about such an incident. We are not aware of any investigation by the FBI, nor are our contacts in law enforcement.
