That Bloomberg Supply-Chain-Hack Story

Back in October, Bloomberg reported that China has managed to install backdoors into server equipment that ended up in networks belonging to – among others – Apple and Amazon. Pretty much everybody has denied it (including the US DHS and the UK NCSC). Bloomberg has stood by its story – and is still standing by it.

I don’t think it’s real. Yes, it’s plausible. But first of all, if someone actually surreptitiously put malicious chips onto motherboards en masse, we would have seen a photo of the alleged chip already. And second, there are easier, more effective, and less obvious ways of adding backdoors to networking equipment.