It seems like the writer has a personal stake in the idea that Apple can do no wrong, therefor Bloomberg must be lying.
As an example they claim 10 reasons not to believe Bloomberg and cite two other pieces they have wrote, both proclaiming apples innocence.
They literally give the same reason multiple times, and the reason is little more than "Apple wouldn't lie!". Apple has been caught lying in the past about other things like battery life.
>Apple has been caught lying in the past about other things like battery life.
That's a stretch to say that they were lying. They weren't lying about the battery life nor did they claim that they weren't changing the clock speed of the device. They simply claimed to have different motivation for doing so (namely, to keep older phones from completely turning off) than what others assume was the motivation (intentionally slowing phones to gain more sales).
Correct me if I'm wrong, but isn't that the response they gave after years of flat-out denials? You may not consider that the same thing as lying, but it's in the same family.
Not really. Based on your follow-up responses, it seems that you're conflating the slowdown on older hardware running new software versions (which is standard with any software update as new features will never run as quickly on older hardware as they would on new hardware) with the throttling done for older batteries. This wasn't done intentionally to slow down the devices so that people would buy newer models it was done for the opposite reason - to extend the daily longevity of phones whose batteries were nearing an efficiency target where they would require service. The mistake Apple made was not directly stating that this was being done to conserve battery life as the alternative was for the phones to simply shut down completely.
> I don't believe so - I don't think they ever explained that older phones were being throttled, but I don't think they denied it in the face of accusations, did they?
My memory is that it was common knowledge for several years that upgrading the OS to a version more than 3-4 years past the hardware release would cause a dramatic performance hit. For as long as I had access to an iphone, that was a known issue, as in, many people with older iphones would agree, any apple forum would have topics about it. Maybe it got more press coverage in the year leading up to the admission. Maybe there were multiple factors and the one they admitted became prominent in that year.
Oh sure, newer versions of iOS used to slow things down, but there are two separate issues.
1. Do increasingly heavy OS releases slow older machines (yes. Though ios12 has reversed this trend.)
2. Does iOS deliberately throttle older machines.
The latter is the particular issue. It relates to 2 or 3 iPhone models with only when they have dodgy batteries, so I don’t think the accusation of generally nerfing old phones really holds.
I do agree, however that Apple absolutely should have made it clear what was happening. Very poor communication, but not, I think malicious
You are right but arguing semantics. They kept the same battery life true but they did this by slowing the phones below the specs they advertised, thats plain lying.
It took a year of people calling them out before they admitted it. True they never admitted to lying, but they did admit the year long omission, they just claimed it as a feature, classy.
You have batteries that decay and processors that scale; It's a feature of the processor that it scales down to protect the battery. If they were the only one in the industry that did it, or it didn't make longevity and safety sense, then maybe not mentioning "we prevent your device from randomly dying or catching on fire as much as the next device" is normal.
I don't see many devices using lipo that sell the feature "we prevent your device from catching on fire by killing it"; though they hopefully all have thermal shutoffs.
I'm not arguing semantics. I'm arguing that they weren't lying. They never stated that they weren't lowering the clock speed when the batteries started to degrade. This may be poor communication on their part but it's not like they ever denied that they were actively doing something to prevent phones from shutting off when they couldn't maintain the power levels needed. Nearly every other manufacturer also does this and those that don't suffer from batteries that shut off randomly or catch fire. It's an issue that's just a physical limitation of battery technology right now.
The word "lying" to me (whether by omission or not) insinuates that the intent was malicious and used to cover up or misstate something with the purpose of misleading consumers. That's not what happened here. The intent wasn't malicious but, rather, to extend the lifetime of batteries that, because of the laws of thermodynamics and physics, were getting to the point where they couldn't sustain performance. They absolutely should have communicated somehow that this was the reason they were doing this but they never denied that this is what was happening because it was assumed that this was common knowledge for LiPo batteries.
The article is a clunky representation of the original material. I would highly recommend listening to the podcast that is being quoted from [0]. It is only 20 minutes long, and both the interviewer and the named source Joe Fitzpatrick have thoughtful commentary on the matter.
This. Also, Bloomberg's report is not specifically targeted at Apple. It seems, that it's being attacked here only because Apple is mentioned in it, and the author tends to trust Apple more than Bloomberg.
They are not necessary lying. But Journalists (and also politicians, lawyers, etc.) have a tendency to wrap a suspicion into a conclusion. That's more deceptive than propaganda because the authors believe their conclusions. Here the trick is making the evidence unfalsifiable with solid reason. For example: the information source is classified due to national security.
Well... it does give us a possible motive for not telling the whole truth, or even lying. Not saying this is the case here, but this piece is far from objective.
"They claimed anonymous US intelligence community sources as well. Except I led the ICS threat discovery mission at the time at the NSA. And I had never heard of this attack being a cyber attack. The NSA doesn’t see everything but if the US IC is your source we would have."
He is referring to the BTC pipeline piece that these guys wrote. It claims the pipeline explosion was a cyber attack, which has never been substantiated.
Why would the the NSA ICS threat discovery lead at the time be able to confirm one way or another? It seems like either way would be a "no comment" sort of situation.
He is a SANS instructor, CEO of Dragos Inc and very well respected in the infosec community. Helpful input like this, and being an educator, is why he has that reputation.
But like, "let me confirm off hand on twitter what classified things we did or didn't do at the NSA", is exactly what you can't say. Why is he being allowed to confirm/deny specific actions of the NSA?
Sounds like Bloomberg was creating a bit of fiction about how something like this could happen and backing it into validation by sources.
Particularly damning part, to me: "I sent him a link to Mouser, a catalog where you can buy a 0.006 x 0.003 inch coupler. Turns out that’s the exact coupler in all the images in the story." Clearly they didn't have an original hacked part like some have claimed/hoped.
It seemed incredible to me that they talked about these tiny little components being added to systems that allowed the evil doer to take complete control of the system. How exactly is something with 2 connections to the motherboard going to exert dramatic influence over a CPU with 1000+ connections to the rest of the system. Some 48-56 physical address lines, 64 data lines, and etc. all being manipulated by the magic rice grain? I don't think so.
All you need to do is reflash the BMC firmware. You can do that over a SPI bus, that only requires three lines (3 SPI lines + Vcc + Vss = 5 pins, just like the part...) You don't even have to rewrite the whole firmware, just patch the one section of code that does logins and then update the checksum if there is one. The firmware that is flashed in the factory is likely pulled from a read-only media and then checked against it. If you slip this implant in, you can just have the good firmware patched X hours after first turning on. Best case, you inject your patch into the BMC firmware before anyone can update to the latest that doesn't work with your patch. The adversary can then push an update to BMC again to something that can block new, good updates from killing the backdoor. Worst case, the user updates the firmware before the exploit is run. This patch corrupts the good, new firmware and the user has to reflash it. BMC keeps corrupting so RMA the old server and get a new one, maybe this one has an implant that will patch before the user can apply a good update.
And who was their sources again that confirmed that these companies were affected, when the companies themselves and now multiple intelligence agencies say they weren't?
There was a popular story a few days ago explaining how this could have worked. You're not trying to override "1000+ connections," you're trying to influence how the system boots. If you can force the system to load a bootloader from the network instead of from ROM, you can make it do all sorts of things.
I found the attempted humorous article "Here are the subjects our [science] reporters enjoy covering the least" to be very revealing of typical reporter attitudes
> How could [discovering exoplanet] not be dramatic? If you're an actual f$@!%%# astronomer, that's how. Because then you'd feel compelled to drone on for page after page of details on the different telescopes you used, and the software pipelines the data went through, and how everything was normalized to... Exoplanets, which are BRAND NEW WORLDS UNKNOWN TO US get announced with excessive details on Monte Carlo sampling and Markov chains. I would not have thought it possible to suck the life out of stories like these, but the people who have chosen to make this their life's work manage.
In other words: "Why do these eggheads spend so much time worrying about whether the things they think they know are actually true when they could be talking about how it makes them feel?"
Seems like the "journalist" does not understand the role of academic artifacts (such as published papers) or science in general. Most academics are not trying to drive excitement in the general population with their research, but rather appeal to their peers, who by the very nature of their job must evaluate methodology and formal approaches to ascertain the quality of the findings. Sensationalizing your research before it has attained general acceptance in your discipline (or ever) might be fine with regard to PR, but terrible for your overall academic career.
> Editor's note: On a more serious note for you scientists. We love you guys, we love what you do, and we understand why these things have ended up the way they are. Thanks for being patient while we vent.
I think you are just misunderstanding discussion of why covering science is hard in a form of writing readers enjoy, for actually criticizing scientists for doing what they do.
That's a little too purely social - a better explanation might be that scientists care a lot more about being right than the public, because if the public gets something wrong they have careful scientists to set them straight, but if the scientists collectively get something wrong they'll just be wrong forever. As a result the measures of certainty matter far more than the statements themselves, because a mild-mannered truth that is indeed true is perfectly valuable while a bombastic claim in which nobody knows how confident they should be is perfectly worthless.
Lots of lazy journalists want their subjects to write their copy for them. They prefer PR departments, marketing pros, and savvy self-promoters who do as much of the work for them as possible. My wife occasionally gets contacted by publications in her field that want to feature or just mention her work. She used to send every publication a similar blurb talking about the work in her own professional voice, but over the years she figured out that they either borrow extensively from what she sends them or don't include her at all. Now if she wants the coverage she checks out the publication and sends them something customized for their audience and writing style, and they always use it.
Did you mean to reply to the 9to5mac article about the Bloomberg hardware expert Joe Fitzpatrick concerns about the Supermicro story? If so I do not understand your comment
"They’re not outright wrong, but they are theoretical"
The source is upset that his technical jargon and long-winded explanation didn't make the final article. That's the connection to the above post. If you are a non-technical reader, and you had to read the raw transcript of a hardware guy telling you about firmware updates, you'd fall asleep. The point here is that the journalist cut out that stuff, which maybe makes the story less accurate, but the point of the story is still preserved.
That doesn't seem like a good summary. The bigger criticism is IMHO this:
> When the piece was published, he was expecting to read about how this specific hack was achieved. Instead, he said, Bloomberg appeared to be parroting the precise theory he had outlined.
I think you are misreading it. The source is upset because his long winded explanation /did/ make the article, but evidence that his explanation was anything other than theorizing did not.
he was expecting to read about how this specific hack was achieved. Instead, he said, Bloomberg appeared to be parroting the precise theory he had outlined
I don’t read that as jealousy, but surprise that his theory became fact in the story.
Yea, I did. I agree my comment was tangential to the article title, but the idea is that the overconfidence in these sorts of stories might be at least partially attributable to journalists overemphasizing importance/impact/emotions to the detriment of accuracy/skepticism. (I actually said something to this effect when I first wrote my comment, then removed it because I felt like I was editorializing too much.)
The relation of journalists to the truth is quite similar to the relation of used car salesman to road safety; I am sure every used car salesman can tell you a story about the clunker he didn't sell. (The big difference is, that for some reason newspapers don't go on and on and on about how important used car salesman are for democracy.)
"But what really struck me is that like all the details that were even remotely technical, seemed like they had been lifted from from the conversations I had about theoretically how hardware implants work"
>I sent him a link to Mouser, a catalog where you can buy a 0.006 x 0.003 inch coupler. Turns out that’s the exact coupler in all the images in the story...
I don't know much about technology journalism, but I would think that no one who is a technology reporter would make a miss like that. And even if he/she did make a miss like that, wouldn't an editor or someone higher up call that out pretty much right away?
I can't see why this story would have been put out as is without further investigation? Maybe some independent verification? I suppose there remains a slim possibility that the overarching theme of the story is true, and the reporters are simply spectacularly inept. There is also the possibility that the story is false and Bloomberg itself is spectacularly inept. Other possibilities are too terrible to contemplate. They run the gamut from simple propaganda, which is terrible, but would not be unexpected... all the way to out and out graft. ie - Some influential guy was short Apple.
Have you ever actually dealt with reporters before? From my time in science I can attest that yes, reporters very much are this dumb at times. That's the issue with anyone who's too much of a generalist.
Bloomberg is also one of the most valuable tech companies in the world. Their entire business model revolves around providing accurate financial information. We happily pay $2k per month per person for it, partly because it is such a trusted source.
Some reporters may be dumb, but if it has the Bloomberg name attached to it, and has far reaching effects in financial markets, you can be pretty confident that this wasn't just the work of some clueless reporter.
Mike Bloomberg himself stands to lose an enormous amount of money due to lost business in China, as a result of this story's publication. Whether the story is accurate or inaccurate, either way Mike is going to lose money on it. The only business-logical thing that Bloomberg could have done with this story is to sit on it. Clearly there are non-business motivations for this publication. The possibilities that immediately strike me or that an overriding incentive for this publication was provided by an outside monolithic actor or that an ethical / public interest motivation prevailed.
If the claims are to be believed, the story was 1 year in the making and used 100 separate interviews and it was worked on by a team of journalists.
I can easily imagine ONE journalist getting key facts wrong in a typical story which had to be pumped out before a deadline. I've seen it myself.
BUT this is a very major story by elite journalists with a lot to lose if they screw up. They're not "dumb" but they might have been deceived deliberately.
Whatever the case, I expect a very ugly truth will shake out eventually.
My wife went to a large journalism school, and I met many journalists-in-training.
Their failing isn't that they are dumb per se, but that they confidently believe they understand something when they have only heard the barest details. It's like they are afraid to ever say "I don't know", or question their own understanding of reality.
Being in the cryptocurrency space for half a decade and knowing the technical details regarding things like bitcoin will make it obvious that tech journalism is a glorified version of Forwarded emails your grandparents send you.
What a lot of it boils down to is that Bloomberg appears to have taken Mr. Fitzpatrick's hypotheses and speculation about the Supermicro implant, and included them in their article as if they were confirmed facts. If this is indeed the case, it calls the entire article into question.
I'm not saying it is true, but of course all parties involved will deny everything, imagine how much it would hurt them if they acknowledged they have been hacked.
There's a lot about this story that doesn't add up either. One particularly questionable bit is:
> Appleboum said one key sign of the implant is that the manipulated Ethernet connector has metal sides instead of the usual plastic ones. The metal is necessary to diffuse heat from the chip hidden inside, which acts like a mini computer.
Every RJ45 jack ("Ethernet connector") I've seen used in modern networking hardware has a metal case for EMI shielding. This isn't an indicator of compromise. Nor does this make sense as a location for an implant -- the RJ45 jack isn't in a privileged position to access information on the server, nor would a device located inside the jack be able to easily interact with the network without interfering with the real Ethernet controller.
Every RJ45 jack ("Ethernet connector") I've seen used in modern networking hardware has a metal case for EMI shielding.
Where would one acquire these metal RJ45 jacks? The ones I have are all plastic (usually clear), with the exception of the small (copper?) metal wires that transmit the signals. I am in fact looking at one right now on my desk and it's definitely not metal shielded.
This evidence does nothing to support the original chip story. An ethernet implant is completely separate and does not affect the originally reported companies.
> imagine how much it would hurt them if they acknowledged they have been hacked
We don't even have to imagine much beyond the current pain its caused Supermicro. According to that article, the stock dropped 41% last Thursday from the original article and then another 15% today (the article says 27% today, but they made some gains since the article was published).
But those were one-time breaches related to patchable software flaws, and nobody knew for sure if a national-backed entity did it (maybe except Stuxnet https://en.wikipedia.org/wiki/Stuxnet). They were not hardware and not directly linked to the Chinese government.
Apple dumped supermicro in 2017 for security issues. But Bloomberg really needs to provide some information to back up their claims, this isn't a minor issue, this is a clam of spying from China.
>Super Micro Computer Inc. SMCI, -18.58% dropped 8% in late trading Thursday after a report said Apple Inc. AAPL, +0.93% ended its relationship with the company after finding "a potential security vulnerability" in a data center server provided by Super Micro.
I tried to buy some over the weekend, because I think this will all blow over like Equifax, but I got a message saying they've been suspended from trading since August for not reporting to the SEC on time. Is it the OTC price?
Ironic that an article about how bloomberg may have misunderstood and jumbled their expert sources' info has some glaring mis-transcribed quotes!
"For example putting two pieces of silicone in a single package makes sense when one of them is flash storage and the other is a micro controller. But an experienced observer could easily jump to the conclusion that it’s a hardware implant."
yeah - silicone. but more importantly: he certainly meant IN-experienced.
The buck doesn't stop at the reporters right? They had somebody above them who gave the permission to run the story.
Also, I want to believe that they did more groundwork to establish credibility before deciding to go for it. If it turns out to be false, I wouldn't know whom to trust anymore.
This will be exactly what POTUS needs to get his AG to move against the press. He's been threatening it since before he took office. Not saying it would succeed, but I'd wager he'll try.
"This will be exactly what POTUS needs to get his AG to move against the press."
If this was anything, it would be a reason to move against China.
However, several days later, we can be fairly confident in saying it isn't any reason for the President to do anything, on the grounds that to the best of my knowledge, he hasn't done anything. (This opinion subject to change if someone cites something, of course. But I'd expect it would have come up in our HN conversations by now.) If this was a conspiracy from the government to make hay out of this news, they would have done so by now. Next day at the latest, given the speed of the news cycle nowadays. I think we can safely discard this theory now.
(I also see no reason to even suspect that the President thinks he needs some sort of additional casus belli against China. He seems to believe he's got plenty already. If such things are being faked, they aren't being faked in stories like this, but at a much different level in much different places.)
Well if you look at the US company stocks since the story (not the chinese ones) you'll see none of them had a negative day.
So either they miss-planed their "stock market" manipulation or it was not their intention...
That's flat out false. AAPL was at an all time high when this story came out and then proceeded to drop 11 pts over the next 2 days. Not evening mentioning that SuperMicro's value has halved.
Stock market manipulation doesn't mean you have to manipulate the entire $20 trillion dollar US stock market, it just means you tried to manipulate the price of a specific stock. Super Micro's stock dropped 40% based on the story. Hypothetically if someone shorted the stock and then pushed to get a story published that they knew had no basis in evidence, they would have profited handsomely and that would have been stock market manipulation.
I have been purposely misquoted several times in several California small town news agencies (their agenda almost diametrically opposed to my information), I am not particularly surprised this may be happening with Bloomberg. I have stopped responding to requests for interviews, as I am rarely informed ahead of time what the person's (or editor's) agenda may be, to decide if it aligns with what I wish to contribute ammunition/fodder towards.
I, too, wondered if this might have been planted by someone to either disrupt existing supply chains or raise awareness of this sort of vulnerability, but this makes it look more like journalistic incompetence, possibly magnified by pressure to have impact.
Why the Chinese? That makes zero sense. Much more likely the US who want more casus belli to go after China. Wouldn't be surprising at all seeing the moves by the US gov so far.
My guess is that the story was pushed by those that compete against Supermicro. Possibly due to their own security issues that have not yet been disclosed.
In a way, this resembles a technique that is sometimes (but should not be) used in the interrogation of criminal suspects: raise hypothetical questions, and then write up the replies as if they were statements/confessions of what actually happened.
Sounds like Bloomberg painted the theory they wanted to paint, and were not particularly subtle about covering there tracks. Assuming what this dude says is true, this is going to be very bad and very, very expensive for them.
>I sent him a link to Mouser, a catalog where you can buy a 0.006 x 0.003 inch coupler. Turns out that’s the exact coupler in all the images in the story.
I did a super quick search, and sure enough, yep- the images in the article are most likely a $0.38/each 0603 coupler.
I'd argue that all this backlash is justification for why we don't typically have to worry about the Gell-Mann amnesia effect. When something is egregiously wrong in the news, people talk about it, and we learn. As long as you're reading about something that will critical and knowledgeable people also reading it, then you should feel comfortable knowing that no backlash means it's probably fine.
Technical people like to talk about technical things and non-technical reporters are torn-up about it. Then some outlets have reasons to report one side not in totally good faith. Here is a prior case:
>For a journalist, the fear of getting it wrong is a mortal one. Experts loudly calling me wrongheaded were hard to shake. Many of their objections were highly technical—and I would never pass myself off as someone with an expert’s grasp of computer science. (Less than 24 hours after my piece went live, The Intercept published a very long, very detailed piece that suggested my piece was likely bunk.)…
That guy should've been more scared about getting it wrong. Every single piece of evidence pointed to his supposed secret communications channel with a Russian bank (and a random American health clinic for some reason) being the simple result of run-of-the-mill mass marketing emails for Trump hotels sent by a company that had been subcontracted to do so for years. The Intercept even managed to obtain copies of some of the emails they'd sent. A DNS covert channel of the sort being suggested would require the secret co-operation of the technical staff at a company the Trump Organization didn't even have a direct contractual relationship with - why take that risk to set up a really terrible communications channel? Multiple outlets had apparently already passed on the story because it didn't hold up - but that didn't matter, because the moment he published it went viral on social media, with the Clinton camp's tweets alone getting tens of thousands of retweets.
It would be no exaggeration to say that his decision to ignore the pesky technical objections he didn't understand and run the story anyway did permanent damage to the US political and news climate, that it made everyone's beliefs about the world a little more wrong forevermore. When Clinton's campaign tweeted to demand the FBI investigate, only one outlet - the New York Times - dared stand up and report that the FBI had already investigated and concluded all the evidence was consistent with it being exactly the boring junk email server it looked like, and people are still pointing to that article to drag the Times' reputation through the mud to this day. (Their own public editor even criticized them for questioning and not believing!)
He created a world where not believing junk emails were secret Russian communications was, to quote the recent New Yorker article, the equivalent of believing "that space aliens did this".
Though not pertinent to my original comment, that newyorker article does have a portion where experts argue that the misconfigured bulk emailer explanation which you bring-up does not hold water:
I'm saying 9to5mac as an apple enthusiast site has a reason to run the post it did and that since technical people like to talk about technical things of course there's someone connected to the story making those arguments then largely non-technical reporters have trouble making sense of it all.
Can somebody hunt down one of those motherboards maybe on eBay or in their own data centers and track down this malicious device? Putting together a test circuit that throws the BMC firmware down it and see if anything different comes out the other end should be a simple enough task.
I like the idea. But, since hardware attacks like the one proposed are usually fairly labor intensive and they really want them to remain undetected, chances are good that the altered boards were only shipped to specific high value targets.
If it's true that Amazon and Apple discovered flawed ones, all of those would have been returned to Supermicro and likely destroyed for the most part. If Supermicro was aware of the problem and ethical, they likely would have contacted other customers who they suspect could have received altered boards and replaced those boards too. I'm not saying it would be impossible to get your hands on one, but if there's any truth to this hack, I think you'd have to buy a ton of boards before you ever came across an altered one.
It doesn't seem like it would be all that labor intensive. Just change a part on the line, from what it described. I think if they were specifically targeting Apple & Amazon there would have to be someone complicit in Supermicro making sure that motherboards with the special part went to the right destinations. That seems more labor intensive than actually swapping the modified part.
> I think if they were specifically targeting Apple & Amazon there would have to be someone complicit in Supermicro making sure that motherboards with the special part went to the right destinations.
Fair enough, I guess it depends on their distribution model. When I order a macbook from apple.com, it ships from China. So, somebody there knows it's coming to me. Not that I'm a target, but I'd be surprised if they were shipping a container of servers to Supermicro and then to a customer. If Apple dropships one laptop, I assume Supermicro dropships containers.
> That seems more labor intensive than actually swapping the modified part.
Good point, assuming it was not labor intensive to modified part itself, then swapping them out on the line would be trivial.
This is the first criticism of Bloomberg's story that made a decent point (along with several bad ones). I definitely believe Apple or Amazon would lie, I definitely believe they might get told to by the feds, I definitely believe the Chinese government has at least looked into the idea of using their hold on the supply chain to get intelligence. The idea that there are much easier ways to do this, however, is an important one.
I believe Bloomberg and companies that compete with Supermicro have just as much reason, and possibly more to lie. To continue to manipulate the markets against white box vendors.
Since the lead in this story is maximally buried -
"You put hardware in a device to help you persist the software, the malware. You don’t put hardware in a device to do the whole attack, you put hardware in the device to unlock the keys, to elevate the privileges on the shell, to open the network port and then you take a software or remote approach to do the rest of the work. And I think that’s the context of that quote."
I'd have to go back and read the Apple and GCHQ (and .. was it .. Google?) denials more closely, but...
I found it really interesting how pointed and specific the denials were, rather than blanket denials or refusals to say anything.
I wonder if the technical details that were wrong in the article ended up giving cover to the denials. Maybe the hack never was in hardware, and Bloomberg totally screwed that part up, due to a misunderstanding of what it means to "manufacture a board with vulnerabilities" and that ended up giving inadvertent cover to those parties wishing to deny that a hardware hack was found in products in their datacenters?
EDIT:
Okay, maybe my theory's not so great.
>On this we can be very clear: Apple has never found malicious chips, “hardware manipulations” or vulnerabilities purposely planted in any server. Apple never had any contact with the FBI or any other agency about such an incident. We are not aware of any investigation by the FBI, nor are our contacts in law enforcement.
A pesky problem of missing paperwork. Apparently Supermicro thinks that filing quarterly and annual reports is something optional, a "nice to have" rather than a "requirement". So they haven't bothered.
Nasdaq feels otherwise, and got tired of waiting for them to get their house in order, and so delisted Supermicro.
As an example they claim 10 reasons not to believe Bloomberg and cite two other pieces they have wrote, both proclaiming apples innocence.
They literally give the same reason multiple times, and the reason is little more than "Apple wouldn't lie!". Apple has been caught lying in the past about other things like battery life.
https://9to5mac.com/2018/10/05/chinese-spy-chip/