By: Doug S (foo.delete@this.bar.bar), October 5, 2018 11:46 am
Room: Moderated Discussions
Gabriele Svelto (gabriele.svelto.delete@this.gmail.com) on October 5, 2018 1:53 am wrote:
> Doug S (foo.delete@this.bar.bar) on October 4, 2018 1:45 pm wrote:
> > If the people who know
> > something about it are keeping quiet for whatever reason
> > (maybe they later signed an NDA with the government
> > to get access to additional information, or they put a gag
> > order on them on national security grounds) then the
> > spokesperson reports a categorical denial because they don't have any information to the contrary.
>
> Or simply they don't want to lose face. Both Amazon and Apple are dealing with a lot of data that
> isn't theirs and admitting that they've been breached could have severe consequences for them.
I think what Bloomberg asserts makes Apple and Amazon come out smelling like roses...
The fact they found these issues AT ALL means they are 100% on the ball. No company can avoid having bugged hardware delivered to them, the question is whether when it happens it is found or remains undetected for years. In both cases it was detected quickly, and both acted immediately to dump the offending hardware. Each found it isolated to a small part of their overall footprint, it wasn't like it was a widespread thing. No doubt they've put processes in place to make it even more likely to be detected in the future.
How much do you think the average company does to check the hardware they are delivered? I'd guess exactly zero, except for a tiny segment of very large companies with the kind of resources and expertise that Apple and Amazon have at their disposal.
> Doug S (foo.delete@this.bar.bar) on October 4, 2018 1:45 pm wrote:
> > If the people who know
> > something about it are keeping quiet for whatever reason
> > (maybe they later signed an NDA with the government
> > to get access to additional information, or they put a gag
> > order on them on national security grounds) then the
> > spokesperson reports a categorical denial because they don't have any information to the contrary.
>
> Or simply they don't want to lose face. Both Amazon and Apple are dealing with a lot of data that
> isn't theirs and admitting that they've been breached could have severe consequences for them.
I think what Bloomberg asserts makes Apple and Amazon come out smelling like roses...
The fact they found these issues AT ALL means they are 100% on the ball. No company can avoid having bugged hardware delivered to them, the question is whether when it happens it is found or remains undetected for years. In both cases it was detected quickly, and both acted immediately to dump the offending hardware. Each found it isolated to a small part of their overall footprint, it wasn't like it was a widespread thing. No doubt they've put processes in place to make it even more likely to be detected in the future.
How much do you think the average company does to check the hardware they are delivered? I'd guess exactly zero, except for a tiny segment of very large companies with the kind of resources and expertise that Apple and Amazon have at their disposal.
Topic | Posted By | Date |
---|---|---|
Supply chains and trust | David Kanter | 2018/10/04 07:23 AM |
Supply chains and trust | Maynard Handley | 2018/10/04 08:57 AM |
Supply chains and trust | Maynard Handley | 2018/10/04 09:01 AM |
Supply chains and trust | wumpus | 2018/10/04 03:35 PM |
Supply chains and trust | Robert Williams | 2018/10/08 05:30 PM |
Supply chains and trust | Maynard Handley | 2018/10/08 06:21 PM |
Supply chains and trust | Robert Williams | 2018/10/09 08:03 AM |
Supply chains and trust | Robert Williams | 2018/10/09 08:08 AM |
Supply chains and trust | Maynard Handley | 2018/10/09 08:27 AM |
Supply chains and trust | dmcq | 2018/10/04 09:31 AM |
Supply chains and trust | Gabriele Svelto | 2018/10/04 10:32 AM |
Supply chains and trust | Brett | 2018/10/04 10:52 AM |
Supply chains and trust | Maynard Handley | 2018/10/04 11:08 AM |
Supply chains and trust | Adrian | 2018/10/04 11:36 AM |
Supply chains and trust | Maynard Handley | 2018/10/04 11:51 AM |
Supply chains and trust | Rob Thorpe | 2018/10/04 12:09 PM |
Supply chains and trust | David Hess | 2018/10/04 11:38 AM |
Supply chains and trust | Brett | 2018/10/04 11:52 AM |
Supply chains and trust | Doug S | 2018/10/04 12:33 PM |
Supply chains and trust | David Hess | 2018/10/04 11:09 AM |
Supply chains and trust | David Hess | 2018/10/04 11:03 AM |
Supply chains and trust | Doug S | 2018/10/04 12:45 PM |
Supply chains and trust | Gabriele Svelto | 2018/10/05 12:53 AM |
Supply chains and trust | dmcq | 2018/10/05 02:51 AM |
Supply chains and trust | Gabriele Svelto | 2018/10/05 03:34 AM |
Supply chains and trust | Doug S | 2018/10/05 11:46 AM |
Supply chains and trust | Gabriele Svelto | 2018/10/06 01:59 PM |
Supply chains and trust | David Hess | 2018/10/06 03:12 PM |
Supply chains and trust | J | 2018/10/04 09:24 PM |
Supply chains and trust | Andrew Clough | 2018/10/05 05:38 AM |
Supply chains and trust | David Hess | 2018/10/06 03:16 PM |
Supply chains and trust | Maxwell | 2018/10/06 03:37 PM |
Hit job on Super Micro? | Maxwell | 2018/10/04 09:46 PM |
Hit job on Super Micro? | Brett | 2018/10/04 11:55 PM |
Hit job on Super Micro? | David Hess | 2018/10/06 03:15 PM |
Supply chains and trust | Kevin G | 2018/10/04 12:47 PM |
Raptor Engineering's Raptor | Gabriele Svelto | 2018/10/05 03:42 AM |
Supply chains and trust | Groo | 2018/10/06 05:49 AM |
Supply chains and trust | David Kanter | 2018/10/06 08:04 AM |
Supply chains and trust | Groo | 2018/10/06 02:42 PM |
Supply chains and trust | David Kanter | 2018/10/06 02:46 PM |
SuperMicro boards are not made in USA | Adrian | 2018/10/06 11:08 PM |
SuperMicro boards are not made in USA | Adrian | 2018/10/06 11:28 PM |
Supply chains and trust | juanrga | 2018/10/07 06:12 AM |
Supply chains and trust | David Hess | 2018/10/06 03:24 PM |
Supply chains and trust | Wes Felter | 2018/10/07 02:35 PM |
What did the BOM entry look like? | Mark Roulo | 2018/10/04 01:21 PM |
Supply chains and trust | Maynard Handley | 2018/10/04 03:01 PM |
Supply chains and trust | dmcq | 2018/10/05 12:27 AM |
Here's what I think happened | Doug S | 2018/10/05 11:56 AM |
Here's what I think happened | Brett | 2018/10/05 03:17 PM |
FBI wants to be your first contact | ex-apple | 2018/10/05 03:41 PM |
Here's what I think happened | Doug S | 2018/10/05 09:59 PM |
Why call CIA? | David Kanter | 2018/10/06 08:01 AM |
Why call CIA? | Doug S | 2018/10/06 08:33 AM |
Why call CIA? | David Kanter | 2018/10/06 02:43 PM |
Here's what I think happened | Maynard Handley | 2018/10/05 03:23 PM |
Here's what I think happened | dmcq | 2018/10/06 03:52 AM |
Supply chains and trust | David Hess | 2018/10/06 03:34 PM |
Supply chains and trust | Groo | 2018/10/06 06:01 AM |
Supply chains and trust | etudiant | 2018/10/07 03:36 AM |