Super Micro Says Review Found No Malicious Chips in Motherboards

Computer hardware maker Super Micro Computer told customers on Tuesday that an outside investigations firm had found no evidence of any malicious hardware in its current or older-model motherboards. From a report: In a letter to customers, the San Jose, California, company said it was not surprised by the result of the review it commissioned in October after a Bloomberg article reported that spies for the Chinese government had tainted Super Micro equipment to eavesdrop on its clients.

No malicious chip -- until CPU installed!

Intel CPUs have the Management Engine which is a copy of Minix running at a lower level than you can access. Also have wifi built-in, so it can communicate with the smart meter. Don't think AMD is a whole lot better.

Sufficient proof to 'prove the negative'?

[david.emery]

On this story, and the previous stories on this topic, a lot of posters have doubted the denials from Super Micro, Apple, Facebook and the various government agencies. I suspect this independent audit won't convince them, either.

So my question for the assembled multitude is this: What would be -sufficient proof- this didn't happen? Or is this one of those things where you won't accept any explanation from "the deep state"/"vested interests"/etc?

This is a significant issue for tech in general, as we need some widely accepted way to show systems are free from hidden vulnerabilities.