The capability the Chinese have for insertion of components to allow access to a device are very high. They have shown a willingness to use software to grant access and there is no reason to believe they would not use hardware as well. They have both the ability and opportunity to do so, since most of the worlds routers, computers, disk drives and most electronic components are made there. So, when Bloomberg claimed the story line that Super Micro had a board with an unauthorized modification and that might affect Amazon, Apple and others, nobody blinked. Bloomberg claimed to have interviewed 17 people, an unusually high number, before making the story public.
So, Tim Cook at Apple says Bloomberg needs to withdraw the story. Amazon Web Services said the same thing. Super Micro says they don't believe it but will look. No lawsuits have followed.
That doesn't happen very often. These things are questions of fact, not prediction of some future event, or analysis of a string of thoughts that might lead to a conclusion. Either it did happen, or it didn't. I think there is more to this than any of the vendors want us to know. Some of those 17 people interviewed by Bloomberg may have heard something but had no first-hand knowledge, but they did hear about something like this happened. Some may have been in meetings where something like it was discussed. Others may have had direct knowledge. Maybe the company thought they might have discovered something and that turned out to be wrong. If so, that would be an easy thing to admit and the controversy would be over.
The other possibility is the consequences to the business reputation of Apple and Amazon Web Services may suffer extremely grave damage from exposure of any occurrence of a problem that is built-in at the manufacturer. Ask Intel what that does to your chip sales. The year after chip manufacturing started in China, flaws in designs started making their way into the public domain. It makes customers nervous, and for that reason alone, very few vendors will allow any government anywhere in the world to use their devices for these kinds of penetrations. Once discovered, and verified, businesses have to be crazy to buy these devices from anybody. They are not going to sell. That alone is a real incentive to kill this story.
I would like to see a followup from Bloomberg telling how the story was done and why they are so sure it is not going to get them sued. They seem to be confident, and so far, nobody has. Those are sure signs there is more to this than the current ink would suggest.
No comments:
Post a Comment