If this site has a beat, beyond “stuff I find interesting”, it’s roughly tech and media, which just so happens to intersect my actual career. As such, I’ve held John Gruber’s Daring Fireball in high regard for as long as it’s been a going concern — our interests obviously overlap and I will instantly cop to often poorly imitating his pioneering style.
Gruber rarely breaks news, even given his well-placed sources inside of Apple, but is instead a sharp and incisive analyst and critic. It’s a vital role, and Daring Fireball is a premier example of how a fractured internet media landscape can help drive accountability, not just contribute to division.
Beyond standbys like “claim chowder” and deciphering PR speak, Gruber’s most pointed and diligent media critique has been aimed at a two-and-a-half-year old cover story by Bloomberg Businessweek headlined “The Big Hack: How China Used a Tiny Chip to Infiltrate U.S. Companies”.
The thesis of the reporting by Jordan Robertson and Michael Riley is the Chinese government, which ultimately controls the supply chains of every major technology company in the world, has infiltrated hardware vendors and has been secretly inserting tiny chips onto circuit boards that phone home (well, phone back to China) with information that make those computers vulnerable to Chinese infiltration. The companies cited in the story — Apple, Amazon, and Supermicro — denied the claims absolutely.
From Gruber’s original post about Bloomberg’s story:
I see no way around it: either Bloomberg’s report is significantly wrong, at least as pertains to Amazon and Apple, or Apple and Amazon have issued blatantly false denials. You can, perhaps, chalk up Apple’s denial to it being written by Apple PR. I don’t think this would happen, but hypothetically this issue could be deemed so sensitive — either within the company or as a national security issue — that the people at Apple with knowledge of the situation lied to Apple PR. But in my experience, Apple PR does not lie. Do they spin the truth in ways that favor the company? Of course. That’s their job. But they don’t lie, because they understand that one of Apple’s key assets is its credibility. They’d say nothing before they’d lie.
It’s worth noting this was a huge story at the time and everyone, including Gruber, concluded that if the reporting was true, the implications were staggering. If the reporting was true.
Since the story was originally published, every company and government agency cited has denied Bloomberg’s original claim even more vehemently. Given that it’s been over two years and no independent investigation has confirmed the original story, it might be reasonable to assume Bloomberg would have issued a correction or retracted the story by now. In fact, Gruber has called for such a retraction with every link to bloomberg.com, to the point it’s become something of a running joke on the site.
Yesterday, Bloomberg published what seemed to be a coda to the original hidden microchip piece, again by Robertson and Riley, with the throwback headline “The Long Hack: How China Exploited a U.S. Tech Supplier”. The piece again returns to a claim that feels like a huge and obvious problem for our hyperconnected world: the vast majority of computers today are made in China, a dictatorship with draconian control over its own populace, and the Chinese government is inserting nearly-impossible to detect hardware on circuitboards to hack governments and giant corporations. But there’s still no actual proof of this happening, which makes the theory little more than a conspiracy.
Gruber’s assessment is scathing:
It’s a 4,000-word exercise in journalistic sophistry. It creates the illusion of something being there, but there is nothing there. The only good purpose this report could serve is as source material for a class on critical thinking.
As is this point-by-point fisking (source) by cybersecurity analyst Matt Tait, which expertly breaks down how Robertson and Riley simply failed to do the kind of basic journalistic due diligence a story like this requires. As Tait notes, the entire saga seems to have stemmed from an unrelated 2016 incident where Apple terminated its relationship with Supermicro over a security incident with their server firmware, mixed with some other rumors and wargaming exercises across various government agencies about how China might infiltrate computers.
What’s baffling is the degree to which Bloomberg has doubled, tripled, and septupled down on this story over the years, despite no actual physical evidence of any hidden microchips. Given the degree to which misinformation, not to mention active disinformation, shapes our world these days, one would hope any media organization with a reputation to uphold would guard against such deception. Until they issue a retraction, I expect the asterisks on Daring Fireball to continue.