Computer manufacturer Supermicro is still trying to lay to rest reports that the Chinese government tampered with its equipment to spy on Western cloud users. The San Jose-based company published a letter this week claiming that independent tests had cleared its equipment of any compromise.
Supermicro sells data centre computers to Western customers using components made by contractors in China. It has spent the last two months denying that Chinese subcontractors have been secretly embedding microscopic chips onto its motherboards that enable it to remotely control the computers’ operating systems and watch what they’re doing. In the
letter, posted on the company’s website, president and CEO Charles Liang along with two senior vice presidents said that the company had completed an independent audit to look for malicious hardware on its motherboards. It found nothing, it said. This latest missive follows a
letter to customers issued on 18 October 2018 that condemned a
story published by Bloomberg on 4 October 2018. The story claimed that the Chinese government had coerced contractors to implant tiny monitoring devices on motherboards sold to Supermicro. Apple and Amazon, which Bloomberg said knew about the compromised motherboards, both denied the tampering claims along with the manufacturer shortly after the story was published. Bloomberg didn’t back down, though. The company claimed in a story on 9 October 2018 that a security expert, Yossi Applebaum, had discovered embedded monitoring devices in the ethernet connectors on Supermicro motherboards sold to a major US telco. However, in neither story did it publish hard evidence such as photos or analysis data to support its claims. Mind you, Supermicro didn’t publish the evidence in this latest report either.