Skip to main content
  1. Home
  2. Computing
  3. News

Supermicro investigation: no spy chips found on our motherboards

By
Computer motherboard stock photo
Fancycrave.com/Pexels

Computer hardware manufacturer Supermicro announced on Tuesday the results of an investigation into its recent motherboard security controversy.

In a letter posted on its website, Supermicro’s CEO, Charles Liang addressed recent allegations stemming from a story published by Bloomberg which reported that China’s spies had been able to insert malicious hardware into Supermicro’s motherboards during the manufacturing process. The letter went on to state that Supermicro’s investigation was conducted by a third-party investigations firm which concluded that no malicious hardware had been found on the motherboards that had been tested.

The motherboards tested included the specific type mentioned in Bloomberg’s article, motherboards that had been purchased by the companies mentioned in the article, and “more recently manufactured motherboards.”  Reuters reports that the investigation was completed by the firm Nardello & Co.

Tuesday’s letter from Supermicro also described the safeguards it has in place to prevent such security issues. The most notable of the safeguards, regarding the kind of tampering that was alleged recently, was the company’s promise that “no single employee, team, or contractor has unrestricted access to our complete board design.”

Bloomberg’s report was particularly troubling since if true, it would mean those malicious chips may have compromised the security of the data centers of Supermicro’s biggest clients, specifically Amazon and Apple.

Amazon and Apple quickly denied Bloomberg’s report in October, within hours of the story’s publication online. Apple’s statement specifically stated that it “repeatedly explained to Bloomberg reporters and editors over the past 12 months, there is no truth to these claims.”

Amazon’s response was via a blog post and swiftly denied the presence of the spy chips:

“At no time, past or present, have we ever found any issues relating to modified hardware or malicious chips in SuperMicro motherboards in any Elemental or Amazon systems. Nor have we engaged in an investigation with the government.”

Bloomberg continued to stand by its story even though calls for a retraction had been issued by Apple CEO Tim Cook and the chief executive of Amazon Web Services Andy Jassy. Bloomberg Businessweek also issued a statement soon after the article was published, saying that they were confident in their reporting and mentioned that 100 interviews and 17 individual sources confirmed their report.

Editors’ Recommendations

Topics
Anita George
Anita George
Computing Writer
Anita has been a technology reporter since 2013 and currently writes for the Computing section at Digital Trends. She began…
A dangerous new jailbreak for AI chatbots was just discovered
the side of a Microsoft building

Microsoft has released more details about a troubling new generative AI jailbreak technique it has discovered, called "Skeleton Key." Using this prompt injection method, malicious users can effectively bypass a chatbot's safety guardrails, the security features that keeps ChatGPT from going full Taye.

Skeleton Key is an example of a prompt injection or prompt engineering attack. It's a multi-turn strategy designed to essentially convince an AI model to ignore its ingrained safety guardrails, "[causing] the system to violate its operators’ policies, make decisions unduly influenced by a user, or execute malicious instructions," Mark Russinovich, CTO of Microsoft Azure, wrote in the announcement.

Read more