SoylentNews is people
SoylentNews
A mid-2016 security incident led to Apple purging its data centers of servers built by Supermicro, including returning recently purchased systems, according to a report by The Information. Malware-infected firmware was reportedly detected in an internal development environment for Apple's App Store, as well as some production servers handling queries through Apple's Siri service.
An Apple spokesperson denied there was a security incident. However, Supermicro's senior vice-president of technology, Tau Leng, told The Information that Apple had ended its relationship with Supermicro because of the compromised systems in the App Store development environment. Leng also confirmed Apple returned equipment that it had recently purchased. An anonymous source was cited as the source of the information regarding infected Siri servers.
[...] A source familiar with the case at Apple told Ars that the compromised firmware affected servers in Apple's design lab, and not active Siri servers. The firmware, according to the source, was downloaded directly from Supermicro's support siteāand that firmware is still hosted there.
Source: ArsTechnica
(Score: 1, Insightful) by Anonymous Coward on Monday February 27 2017, @12:32AM (4 children)
If this is true, then Supermicro cannot be trusted.
(Score: 0) by Anonymous Coward on Monday February 27 2017, @07:00AM (3 children)
Heinleins razor seems important to remember here: You have attributed conditions to villainy that can simply result from stupidity.
(Score: 2) by maxwell demon on Monday February 27 2017, @08:00AM (2 children)
So you would knowingly buy from a vendor whom you know to be stupid enough to allow the computers to come preinstalled with malware?
The Tao of math: The numbers you can count are not the real numbers.
(Score: 0) by Anonymous Coward on Monday February 27 2017, @04:41PM (1 child)
Would you buy from a vendor that charged twice the money for the same server? Your boss may care more about saving money. And even if you went with Dell or HP, you wouldn't have any guarantees that the product is malware free.
(Score: 2) by bob_super on Tuesday February 28 2017, @07:17PM
But it would be 'Murican malware!
(Score: 4, Insightful) by jasassin on Monday February 27 2017, @12:37AM
I'd like to know what the malware did, and how they detected it. Why is the firmware still on the sight?
Hmmmm...
jasassin@gmail.com GPG Key ID: 0xE6462C68A9A3DB5A
(Score: 3, Interesting) by Anonymous Coward on Monday February 27 2017, @12:41AM (6 children)
Apple is well known to be a horrible company to sell to. They will tear up contracts at the slightest provocation, don't believe in negotiated settlements, demand special snowflake treatment to the point of having products redesigned for them - oh, unless it's the other way around, then everybody is expected to pucker up and get smoochy with their big, greasy butthole. They make Donald Trump look like a reasonable and friendly counterparty for vendors - it's that bad.
What's different here is that supermicro is being honest about what happened. Apple hates their suppliers even being known - so supermicro are burning a bridge here.
Honestly, I suspect that supermicro's people have found Apple such a monumental, vast pain to deal with that they've figured it's a customer that it's better not to have.
I have direct, personal, first-hand knowledge of Apple's business practices from more than one of my employers over the years. It has reached the point that I actively recommend that my employers steer clear of them, and if Apple for some weird reason comes cap-in-hand, get the contract tied up by the most savage, blood-sucking lawyers they can afford.
(Score: 2, Insightful) by Anonymous Coward on Monday February 27 2017, @01:58AM
Replace every apple reference in there with walmart and you have described two of the largest companies in the world.
I have been saying this to people for years Apple is not a company to be trusted (my stories go back to the mid 90s). MS is good/'bad' at what they do but they learned at the hands of a true Sith master, Apple. The GUI wasnt the only thing MS copied.
(Score: 3, Interesting) by Snotnose on Monday February 27 2017, @02:09AM (2 children)
I worked at Qualcomm in, I dunno, '05 or '06 when we got a supersekrit assignment to look into what it would take to add some special features to our chips, both hardware and software. We were told explicitly, several times, to not discuss this with anyone not in the room, not even our wives.
Turned out the chip was going to go into the original iPhone. I don't know how or why Qualcomm lost the deal, but for 3 weeks it was a major PITA.
When the dust settled America realized it was saved by a porn star.
(Score: 1, Informative) by Anonymous Coward on Monday February 27 2017, @02:32AM
I worked at qcom too at the same time. It was not that big of a secret ;)
As to why? Jobs played us. He already knew which chips were in. He was using us to negotiate a better price.
(Score: 2) by FatPhil on Monday February 27 2017, @03:27PM
Great minds discuss ideas; average minds discuss events; small minds discuss people; the smallest discuss themselves
(Score: 2) by Nobuddy on Monday February 27 2017, @04:52PM (1 child)
Seems odd that holding a business partner to the terms of the contract is viewed as malicious and unfair in todays business world. Why have a contract at all if you never intended to hold up your end?
(Score: 0) by Anonymous Coward on Monday February 27 2017, @07:47PM
Because you have absolutely no clue if the other party intended to hold up their end in this case, and businesses usually go to great lengths to do so?
Because business conditions change, and companies that want to be in business with one another recognize that?
Because you don't bankrupt your business partner, and you should be smart enough to know when your deal is so razor-thin that will happen?
Because good will in business is a tangible thing and sometimes it's better to keep good will going than take someone's last dollar?
Because malicious and unfair are the norm for today's business contracts, and the world does not have to be that way?
Because one that will do anything, at any cost, to stay at number one will sooner or later get covered in number two?
Because someone has understood the words, "I desire mercy, not sacrifice?"
Because businesses do not hurt. People do?
(Score: 2) by butthurt on Monday February 27 2017, @12:42AM
for those who aren't subscribers to The Information:
https://arstechnica.com/information-technology/2017/02/apple-axed-supermicro-servers-from-datacenters-because-of-bad-firmware-update/ [arstechnica.com]
https://9to5mac.com/2017/02/23/apple-server-vendor-security-issues/ [9to5mac.com]
http://appleinsider.com/articles/17/02/23/server-firmware-security-incident-in-2016-forced-apple-to-sever-ties-with-vendor-super-micro [appleinsider.com]
https://www.macrumors.com/2017/02/23/apple-ends-relationship-with-super-micro/ [macrumors.com]
http://www.bizjournals.com/sanjose/news/2017/02/24/apple-super-micro-computer-aapl-smci.html [bizjournals.com]
http://news.softpedia.com/news/apple-ends-contract-with-server-company-after-finding-security-issues-513293.shtml [softpedia.com]
(Score: 0) by Anonymous Coward on Monday February 27 2017, @08:42AM (3 children)
I wonder if Tau Leng knows who did it
(Score: 0) by Anonymous Coward on Monday February 27 2017, @02:20PM (2 children)
I'm sure those sneaky chinamen infected their own equipment via a malicious pact with the pinko commies in china to steal even more IP. The biggest disappointment in IT is the fact that we worry about US surveillance while completely forgetting that most if not close to all of our IT components are made in commie land. One day those gooks are going to phone it in and destroy our economy and the US, a war without ever firing a single shot. Then they get to strut around, with their racist yellow pride, yelling china #1! I hope Trump manages to fix the greedy fucks who export our manufacturing to hostile 3rd world shit holes. Fuck china. And fuck the greedy cunts who send our jobs there. I hope we send their economy down the crapper first and let half a billion of them starve to death. Too many of em anyway.
(Score: 1) by Frost on Monday February 27 2017, @02:27PM
China is second world, not third world.
The three worlds [wikipedia.org]
(Score: 0) by Anonymous Coward on Tuesday February 28 2017, @04:54PM
Sounds like grandpa...
(Score: 3, Interesting) by TheRaven on Monday February 27 2017, @09:38AM
sudo mod me up
(Score: 0) by Anonymous Coward on Monday February 27 2017, @03:52PM
well, have those jackasses replaced the alleged compromised firmware on their site and updated their site/employee roster not to be so easy to compromise? have they been investigated by SAGs? sick of most hardware vendors.
(Score: 2) by rts008 on Monday February 27 2017, @09:48PM
I knew Apple were assholes, but to delete a supplier?
Supermicro better hope someone cares enough to undelete/restore them. It's hard to exist and do business when you've been deleted!
*watches out window to see if anyone crawls out of the trashcan*
It's past time to upgrade my firewall...