Mathew Ingram writes in Pressure increases on Bloomberg to verify its China hack story:
It was a certified bombshell: Bloomberg News reported on October 4 that the Chinese government had been able to infiltrate both Apple and Amazon’s hardware systems by putting hacked microchips into the third-party motherboards they used in their servers. But as the days following the report have turned into weeks, doubts about the validity of the story have continued to grow, while the amount of independent verification and/or supporting material proving such a hack actually occurred remains at zero.
In a column on Tuesday, Washington Post media critic Erik Wemple argued the chorus of voices in opposition to the allegations in the piece—including strenuous and detailed denials from the companies involved—have put the onus on Bloomberg to come up with additional verification, or else risk casting even more doubt on its scoop. “The relentlessness of the denials and doubts from companies and government officials obligate Bloomberg to add the sort of proof that will make believers of its skeptics,” Wemple wrote. “Assign more reporters to the story, re-interview sources, ask for photos and emails. Should it fail in this effort, it’ll need to retract the entire thing.” Wemple also criticized the news outlet for using a photo of a generic microchip on the cover of Bloomberg BusinessWeek magazine, despite the fact that the news outlet has no photos of the actual chip that was allegedly used in the hacks.
… (emphasis in original)
Ingram has collected links to a number of the posts and refutations of the original Bloomberg claims.
But you don’t need the protests of innocence and/or deep technical analysis to be wary of the Bloomberg story.
On the face of the original report, how many people do you think would “know” about the subversion of the motherboards?
- Designers of the subversive chip
- Motherboard designers to create a motherboard that uses the subversive chip
- Development and testing staff for the chip and the motherboards
- Users of capabilities offered by the subversive chips
- Handlers of the intelligence produced by the subversive chips
- Funders for #1 – #5
Would you concede those in the “know” about the chips would have to number in the thousands?
I ask because research on conspiracies estimates to keep a secret for five years, the maximum number of participants has an upper limit of 2521 agents. On the Viability of Conspiratorial Beliefs, David Robert Grimes, PLOS, Published: January 26, 2016, https://doi.org/10.1371/journal.pone.0147905.
On the face of it, the ‘China Hack’ more closely resembles the NASA Moon-landing conspiracy than technological legerdemain.
Especially given Bloomberg’s explanation for the absence of any motherboard with the “extra” chip:
…
In the three years since the briefing in McLean, no commercially viable way to detect attacks like the one on Supermicro’s motherboards has emerged—or has looked likely to emerge. Few companies have the resources of Apple and Amazon, and it took some luck even for them to spot the problem. “This stuff is at the cutting edge of the cutting edge, and there is no easy technological solution,” one of the people present in McLean says. “You have to invest in things that the world wants. You cannot invest in things that the world is not ready to accept yet.”
Failure to detect becomes evidence of the cleverness of these conspirators.
Looks like a conspiracy theory, walks like a conspiracy theory, talks like a conspiracy theory, the absence of evidence proves the conspiracy theory, all suggests Bloomberg’s “China Hack” is a conspiracy theory.