CYBERTHREAT UPDATE: Doubts Swirl Around Bloomberg‘s China Chip Hack Report.

A week later, I remain deeply troubled by this story—not because of its substance, but because of its lack of substantiation. It seems a little odd that no one has reported identifying a single one of these spy chips in the wild since Bloomberg’s report appeared, no? Wouldn’t it have been easy for any companies using servers containing components from Supermicro, the company whose products were allegedly backdoored, to send an engineer into a data center, pry open a server, pluck out an offending implant, and reveal China’s alleged subterfuge to the world? Instead, we hear cricket chirps.

While this absence of evidence is not enough to debunk the report, it does raise doubts. Besides, wouldn’t it be easier for spies simply to meddle with Supermicro’s notoriously buggy firmware? This approach would achieve the same results and be far less complicated to pull off logistically.

After this long and still no physical evidence that even one of these chips exist, it’s looking more and more like Bloomberg blew it.