Today marks the one-year anniversary of Bloomberg’s publication of a story about Chinese intelligence intercepting the supply chain of Supermicro, a company which has built and sold servers to Amazon, Apple, the U.S. Department of Defense, and dozens of other companies. Apparently, they developed a chip that looked identical to a rice-sized standard component placed along the main power lines of a server; the implanted chip ostensibly contained a processor and networking capabilities and could, theoretically, act as a backdoor for Supermicro servers.
It sounded like the information security scoop of the decade — except there’s virtually no proof that any of it is true. Unfortunately, a year later, we’re still no closer to understanding what happened with this story. Most upsetting is that we don’t know the truth here in any capacity.
This is a story that should have embarrassed Bloomberg into proving it or retracting it but the rest of the media have, for the most part, sadly moved on from it.