1. 7
  1.  

  2. 13

    I still don’t think this story is real. This is comparing third-hand information to hard denials from Apple, Amazon, FBI, NSA, DHS and ODNI. There should be millions of these devices in supply chains. Why can’t anyone produce a tear down or a report documenting exactly what was inserted, how it works and where it came from?

    In 2018 we all panicked, then every company cited in the story issued hard “we have examined the devices in our supply chain and found nothing” statements. Then another long piece is published that is still incredibly poorly sourced with zero evidence.

    1. 3

      I agree, without very clear evidence from third parties it’s hard to believe this. Even if the reports of the US Air Force briefing that guy are correct, the US government has a long history of using the mostly uncritical press as a propaganda machine through “leaks” and influence peddling.

    2. 6

      Must be nice for Bloomberg to get vindication for their widely disbelieved reporting in 2018.

      1. 3

        That’s what Bloomberg would like but it seems as if the number of people who called bs on the original story before but are now suggesting this new story changes anything (as opposed to adding more fuel to the bs fire) doesn’t seem to be very high.

      2. 6

        Maybe building an entire computer from FPGAs is a better idea than I expected.

        1. 12

          What bothers me with this article is use of the word “Chinese”. I also see articles with “Russians” and “Iranians”. However, I never see an article with “Americans” or “US” doing the hacking (as they certainly do, many Snowden’s leaks confirm it). It’s always either NSA or some agency, and I found that disingenuous, since the former style puts emphasis on the whole nation, while the later just hides behind abbreviations and agencies. Words are important for shaping our relationships, and this style just deepens the gap between various nations.

          1. 0

            The assumption is that most things are done by Americans, so when you describe something that they’ve done you need not include the ostensibly redundant “Americans”. (Yep, I’m American, and am unfortunately guilty of this from time to time. Apologies on behalf of myself and my parochial fellow citizens.)

            1. 4

              That’s only your assumption as an American, I personally don’t have that in my mind when I read articles and do roll my eyes when someone ends up being US-centric (lots of US podcasts are guilty of this).

              1. 1

                (lots of US podcasts are guilty of this)

                Heh, most of them are expecting your culture (school,law enforcement,government..) to be the same as the american one. It’s annoying.

                1. 0

                  This was an American blogger, and my point was that many Americans (and a few others) do this. Hence my reference to “my parochial fellow citizens”.

            2. 5

              One of the comments links to Matt Tait’s walkthrough of the claims on Twitter: individual sources, and how specific they were likely to have been: https://twitter.com/pwnallthethings/status/1360234953011851264

              1. 1

                That makes way more sense, along with this just being some hokey pump and dump stock scheme. Can’t say I really trust bloomberg at all since they’re doubling down on this china hack. Put up one hacked board as evidence or shut up is my pov.

              2. 3

                I smell a short seller.

                1. 2

                  So he flipped his opinion on China doing the same thing America does, after a statement from an executive of the american competitor CISCO, which is based on their american military contacts. During a time the US decided to keep their trade war with china.

                  I don’t even know what is real. How about they focus more on chinas concentration camps, that would help people and isn’t some myth.

                  1. 2

                    Can be folded into https://lobste.rs/s/nqmqm7/chinese_supply_chain_attack_on_computer

                    Not a huge fan of paywalled content personally.

                    1. 2

                      https://github.com/iamadamdev/bypass-paywalls-chrome Title reads “Chrome” but works in Firefox as well.

                      1. 1

                        Why fold it if it’s not the same article?

                        1. 3

                          It’s the same subject.

                          If it were the same article I would have flagged it as dupe.

                          1. 1

                            OK I see, the other article is literally an analysis of the one I posted. Fair enough I guess, but I hadn’t read the article mentioned in the other thread or found this one through it, so I did not know.