More commentary on China, Apple, and supply-chain hacking

Following up the previous story Supply chain hacking: bull in a China shop? [updated]:

Paul Ducklin for Sophos: Apple and Amazon hacked by China? Here’s what to do (even if it’s not true) – more useful than most of the commentary I’ve seen!


The Register: Chinese Super Micro ‘spy chip’ story gets even more strange as everyone doubles down – “Bloomberg puts out related story while security experts cast doubt on research and quotes”


Risky.biz: Risky Business Feature: Named source in “The Big Hack” has doubts about the story See also commentary by John Gruber.


Reuters: Apple tells Congress it found no signs of hacking attack – John Gruber adds Here’s the entire letter.

Department of Homeland Security: Statement from DHS Press Secretary on Recent Media Reports of Potential


Supply Chain Compromise – “Like our partners in the UK, the National Cyber Security Centre, at this time we have no reason to doubt the statements from the companies named in the story. ”

Well, that’s reassuring. Or is it? Well, not for John Gruber: “For me, having the current U.S. government weighing in publicly on this issue does not fill me with any sense of confidence or reassurance on either side of this story….” Me neither. And I’m not reassured by the equally lukewarm commentary from the UK, either. Reuters: UK cyber security agency backs Apple, Amazon China hack denials

So still waiting to see if Bloomberg has something more definite to back its claims.


Commentary from Graham Cluley: Department of Homeland Security and GCHQ back Apple and Amazon’s denials they were hacked by China

And Richard Chirgwin for The Register: Super Micro China super spy chip super scandal: US Homeland Security, UK spies back Amazon, Apple denials – “Officials: Not saying Bloomberg was wrong, we just believe biz saying Bloomberg was wrong”

David Harley



*** This is a Security Bloggers Network syndicated blog from Mac Virus authored by David Harley. Read the original post at: https://macviruscom.wordpress.com/2018/10/10/more-commentary-on-china-apple-and-supply-chain-hacking/