Slashdot Mirror
FBI Director on Whether Apple and Amazon Servers Had Chinese Spy Chips: 'Be Careful What You Read' (cnbc.com)
During a hearing in front of the Senate Homeland Security Committee on Wednesday, FBI Director Christopher Wray told senators to "be careful what you read," when asked about a recent story involving spy chips from China being secretly embedded into servers owned by Apple, Amazon and other big companies. From a report: Senator Ron Johnson, R-Wis., chairman of the committee, asked Wray when his agency found out about the chips that server manufacturer Super Micro implanted into server hardware, as reported last week by Bloomberg Businessweek. "I would say to the newspaper article or, I mean, the magazine article, I would say be careful what you read," Wray replied. "Especially in this context." Johnson called on Wray to speak to the accuracy of the story, telling the FBI director that, "We don't want false information out there." Wray said he couldn't offer much detail because the agency has a policy of not confirming or denying that an investigation is underway. "I do want to be careful that my comment not be construed as inferring or implying, I should say, that there is an investigation," Wray said. "We take very seriously our obligation to notify victims when they've been targeted."
"We don't want false information out there." - he had a mouse in his pocket?
I always read the White House press statements with a 5lb bag of salt.
This same guy and guys just like him (and worse) have been able to do the same thing with the legal authority of the US federal government behind them for over a decade and a half with legal immunity. Who cares what the Chinese know. The US government knows it too and they've proven they're ready to use it against you.
You're going to get fucked if you don't fall in line with big brother. The two part illusion is only a facade to keep the most dimwitted in line. That would be the Democrat and Republican voting base.
Wray made a non-statement, that he's unable to make a statement. Nothing to see here, move along.
'Be careful what you read' is ambiguous enough it doesn't necessarily imply anything one way or the other; I don't think it's supposed to be a subtle hint that we're supposed to read between the lines of. It's like the phrase "so it has come to this", it can be used in any context without adding anything of value.
Corruption is convincing someone that the selfless ideal is the same as their selfish ideal.
At least this statement may or may not indicate that. Maybe.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
"Be careful what you read" is promoting censorship. Be careful what you believe is more to the point - as well as WHO you believe.
Why guess when you can know? Measure!
It would probably be an overall improvement but there would still be problems unless you could somehow find a way to filter 5th columnists from the random selection process ahead of time.
At least it does sound like that to me. Maybe everything we read is correct, except that the attack actually was done by the NSA?
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
Using the term "brain faggots" doesn't really help your argument any.
Don't tell me or anyone else what we should and should not read.
Now, that being said, if you want to tell people to think carefully about the validity of what they read, then that's something else entirely.
What could be going on?
1) Everything is exactly as Bloomberg states and the Chinese have performed a supply line hack on American industry. - The strong denials from all public sources that might confirm this, including to the public and stockholders, would seem to indicates that a serious investigation is going on and the government is ordering everybody to deny hard if not out lie to preserve it. However, why keep it secret it the cat's out of the bag? China, and anybody involved, would already know and be taking steps to cover their tracks. Seems the proper response by law enforcement to break the news and step up public investigation ASAP.
2) Bloomberg's editors and writers are just misinterpreting whatever happened to Apple that they say was a compromised driver caught in the lab coming from a variety of sources who don't really have that good of info. - Bad stain on Bloomberg's reputation and failure of their editors to preserve the brand. Will no doubt hurt their operation when things come to light as their business is acting as a reliable source of business news.
3) The authors of the article are fabricating the article either from a collection of unrelated sources, or whole of cloth and selling it to Bloomberg, perhaps not expecting the attention it's getting. - A worse stain on Bloomberg as their editors still fell for it, but pretty much ruin for the author's careers as journalists in the future.
4) Bloomberg and the authors are in cahoots to create a fictitious story that can't be confirmed or denied in order to manipulate the markets, push international policy, and/or create fear of China. - This might actually spell doom for Bloomberg, or might not. There are plenty of "news sources" that could get away with such things and nobody would even blink if it was proved to be true. Perhaps Bloomberg thinks they can get sales and get away with it at the same time. I'm sure some people have played harder and faster with more on the line and the end result would depend on how trustworthy the public actually takes Bloomberg to be to begin with. It would also probably be straying into legal territory it it turned out toe be manufactured, cause the people involved to lose their jobs, and maybe do jail time.
4)Somebody has manufactured the story and fed it to Bloomberg's authors in order to manipulate the markets, push international policy, create fear of China, hurt Bloomberg's reputation, or any combination of these. - Now we're practically back into spook territory. There are certainly people who would like to do any number of things, but to have the scale to do beyond simply option #2 would take resources and also probably venture into legal territory for acting against Bloomberg, the companies involved, China, etc.
We can be sure that Chinese, if they did indeed sponsor implanting chips as described, already know if we know.
And we can be certain that the truth of this has been known for a while, by the agencies interested, globally. And for a while, possibly months. Keeping the knowledge quiet is important to fully understanding the problem, since the target servers would likely be reconfigured to obscure their true purposes, then quietly killed. And the data being sent would need to be evaluated with live examples to understand the capabilities and guess at the intentions.
Of course this could all be an elaborate ruse, to either prevent an effort - describing the possible exploit methods, and so rendering them fairly useless, or at least being able to put the opposition on notice that 'we are watching'. But I doubt this.
This news is most likely an unexpected and unwanted disclosure. We should have heard about this through indictments, plentiful evidence, and the already-launched mitigation, most likely black holing the destinations and then writing specific rules to block the outbound traffic. That's done a lot for lesser threats, Cisco in particular would be working on that, and core transport would be involved. At least everywhere but the perpetrator states.
So this is known to be true or not, and I expect the authorities to delay confirming this for a variety of reasons, some not mentioned above. Certainly to get as much information as possible about the sponsors.
deleting the extra space after periods so i can stay relevant, yeah.
to say we shouldn't be attentive of our sources, but "Be careful what you read" isn't a good way to say it. What he should have said was "Be critical of what you read".
Hi! I make Firefox Plug-ins. Check 'em out @ https://addons.mozilla.org/en-US/firefox/addon/youtube-mp3-podcaster/
I am pretty sure he meant the former, not the latter.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
A government rep promoting critical thinking and independent thought? He'd be disappeared to a black site faster than a Saudi journalist.
Corruption is convincing someone that the selfless ideal is the same as their selfish ideal.
I remember seeing a news article from a sensationalistic source that had a picture of a chip. I immediately though that we had one of those chips, and it was just just an RF filter with only 2 pins. Of course, no one ever had a picture of the actual alleged chip but it was funny enough that they picked some random chip in order to scare their readers while everyone in the know would have known the picture was bogus.
I chuckle at this, but sardonically.
This same guy and [others in the US "intelligence community"] have been able to do the same thing w... for over a decade and a half
Quite. They can, and do, do everything this alleged hardware hack is alleged to enable, and more. Since Snowden that's solidly on the public record, manuals and all. Since the Shadow Brokers, lots of others have been able to do some of it and/or see how it works.
Seems to me they are trying to tone down the outrage - because if it really gets going, it might (finally) be turned on them.
What's the big deal if the Chinese came up with the capability, but had to put a chip on the boards to make it happen, rather than get Intel and AMD build it into their own chip sets?
Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
The Chinese chips are right next to the NSA chips, which are immediately below the Russian vacuum tubes.
Have gnu, will travel.
I don't know if these "magic" chips are installed or not.. buuut..
If they were, you'd think that someone would have noticed the extra traffic on their network going through, or trying to get through, their firewalls. Unless these chips are packed with every known vulnerability of bypassing corporate firewalls, they would leave a very suspicious trail of evidence to their use.
They were warned of the school shooter in Florida before it happened and did nothing. They were told exactly who it was and what he was planning. A two minute follow up call to the school to ask if this kid was a threat or not was all it would have taken. The running joke at the school was he was going to shoot the place up. One teacher specifically asked that he be notified if the student ever showed up with a backpack.
Only the State obtains its revenue by coercion. - Murray Rothbard
Its the decades of before PRISM talk?
Did the intelligence community find a way back to China?
Sending back altered data?
Did the USA have spies in China that warned the USA and the US just watched on to protect its spies?
Did one part of the US gov use methods for decryption and does not want methods talked about?
Domestic spying is now "Benign Information Gathering"
The part that got me about the article was that there were no pictures of actual compromised motherboards.
Supposedly they were sold by the thousand, and the IT crews pulled them all out and replaced them. No one thought to keep one?
Or there isn't one still lying on some shelf somewhere?
Reeses
When you can sell them all on Ebay? :p
This is not what "investigative journalism" and "reliable sources" are about.
Pray tell, what are those things about then? Because I certainly see no investigative anything, journalistic anything, reliable anything, or sources anything in this whole rigmarole.
You might as well say "chinese replace russians as big bad boojum, with hardware instead of network messages" and and you would have the gist of the thing nailed.
Which doesn't mean our computers are safe. They're not, and we do know this whether we admit it or not.
The SEC is busy with Elon Musk, which already takes too much time away from their midget porn fetish.
Why guess when you can know? Measure!
I'm not disclosed to bespeak any such information to you, nor would I, even if I had said information you want, at this juncture be able.
Our intelligence organs have hacked the hackers and are using it against them. Blanket denial would support this.
E Proelio Veritas.
Oh really?
Have gnu, will travel.