For decades I’ve been asking whether we can trust Chinese companies to be our sole sources for memories, processors, and other electronic components. This report from Bloomberg has provided the answer:
In 2015, Amazon.com Inc. began quietly evaluating a startup called Elemental Technologies, a potential acquisition to help with a major expansion of its streaming video service, known today as Amazon Prime Video. Based in Portland, Ore., Elemental made software for compressing massive video files and formatting them for different devices. Its technology had helped stream the Olympic Games online, communicate with the International Space Station, and funnel drone footage to the Central Intelligence Agency. Elemental’s national security contracts weren’t the main reason for the proposed acquisition, but they fit nicely with Amazon’s government businesses, such as the highly secure cloud that Amazon Web Services (AWS) was building for the CIA.
To help with due diligence, AWS, which was overseeing the prospective acquisition, hired a third-party company to scrutinize Elemental’s security, according to one person familiar with the process. The first pass uncovered troubling issues, prompting AWS to take a closer look at Elemental’s main product: the expensive servers that customers installed in their networks to handle the video compression. These servers were assembled for Elemental by Super Micro Computer Inc., a San Jose-based company (commonly known as Supermicro) that’s also one of the world’s biggest suppliers of server motherboards, the fiberglass-mounted clusters of chips and capacitors that act as the neurons of data centers large and small. In late spring of 2015, Elemental’s staff boxed up several servers and sent them to Ontario, Canada, for the third-party security company to test, the person says.
Nested on the servers’ motherboards, the testers found a tiny microchip, not much bigger than a grain of rice, that wasn’t part of the boards’ original design. Amazon reported the discovery to U.S. authorities, sending a shudder through the intelligence community. Elemental’s servers could be found in Department of Defense data centers, the CIA’s drone operations, and the onboard networks of Navy warships. And Elemental was just one of hundreds of Supermicro customers.
We can’t. Read the whole, lengthy thing. Apple has got to be quaking in its boots.
Over the period of the last 40 years we have allowed one product after another, one industry after another, to vanish from the United States in favor of Taiwanese, then mainland Chinese sources. Memories were an early casualty. The microprocessors.
This story is a cautionary tale. There are security reasons if no others for us not to allow that to happen.
Update
Related to the above, from Forbes:
A long-awaited White House report on the state of the U.S. industrial base finds that “all facets of the manufacturing and defense industrial base are currently under threat,” and warns that entire industries vital to national security are facing “domestic extinction.”
The report, which was directed by an executive order that President Donald Trump signed on July 21, 2017, took a year to complete, involving a dozen federal agencies and 300 workers. Its findings were distilled down to 50 pages plus appendices summarizing the stresses eroding U.S. industrial strength. Many of the recommendations derived from the analysis are contained in a classified (secret) annex — some of which are already being implemented.
The White House decided to release the report after financial markets had closed on Thursday evening. Although its findings are not likely to move markets, they present an alarming picture of U.S. industrial decay driven by both domestic and foreign factors.
The report begins by identifying five “macro forces” causing weakness in industries important to national security: unpredictable federal funding, poor government business practices, predatory behavior of other nations, erosion in traditional manufacturing industries and inadequate investment in critical skills. It then lays out ten “archetypal” risks caused by the macro forces, such as diminished industrial capacity, declining competition and dependence on offshore sources for key items.
That’s all so obvious it’s hardly worthy of a report. As fellow St. Louisan Yogi Berra put it, in theory there’s no difference between practice and theory but in practice there is. There are more considerations in trade than a little efficiency or a little additional GDP.
Trust the Chinese? Sure! And don’t worry about those rare earths, either. Saving the planet and all that……..
After the last 3 weeks, I am cautious about the veracity of the article.
The sources are anonymous; Supermicro, Amazon and Apple all vehemently deny the events as described occurred. And Apple says they are not under a government or multi company gag order.
The only piece of information supporting the article is Supermicro got delisted from Nasdaq due to non-compliance with reporting regulations this year.
But there will be consequences. The technical feat is plausible and given the lack of trust between China and the US; the motivation exists to do such a thing on both sides. There is a world where in 5 -10 years trade between the countries consist only of things that do not contain microchips or software.
Apple would say that, wouldn’t they? This story has the ability to put Apple out of business. If the U. S. government and a good chunk of Fortune 500 companies banned the use of Apple products by its employees for company or personal use for security reasons, something completely within their power, companies that do business with the federal government or those companies would follow suit.
Also; we need a public investigation into the allegations. Either the substance is true and the US needs to change its procurement, trade practices enforceable by law; or its false and the US says so; lest it poison a tense relationship over false accusations.
You know, this highlights a broader issue often cited on this blog. Relatively speaking, China is our biggest threat. Not that Russia doesn’t spy, cheat steal. (Not that we don’t). But China is the most aggressive. And after all, what does Russia have to offer other than oil. This has been going on for quite some time, but is particularly problematic today with the collusion hysteria.
BTW – my wife traded out of all her Apple stock.
PSS – we have only availed ourselves of Chinese manufacturing in two of the companies we have owned, and we’ve owned quite a few. Thieves. They are plainly and simply thieves.
But I could argue Apple’s board and executive management has put itself under huge liability by issueing such categorical denials. Public companies are not allowed to issue statements they know are materially false.
The American industrial base was also built on theft of secrets throughout the 19th Century, and the British in the 16th and 17th Centuries. That’s how countries develop. The surprise would be that it isn’t happening.
That it is to be expected does not mean our government should be encouraging it, and American officials and business leaders have clearly been doing so for decades. The most generous interpretation of their allowing this situation to continue for long as it has is that they simply don’t care.
That is generous. The more likely explanation is that they’re benefiting financially and/or politically from it.
Stupidity is also likely. It doesn’t need to be just one of those.
I’ve told this story before but it bears repeating. Just a little under 40 years ago I sat in the boardroom of my Fortune 500 employer. They wanted me to go to China to head up their engineering operation over there, part of their expanding Chinese operations. Not one of them knew the first thing about China. As gently as I could I explained the basics to them. They would be required to take on a Chinese partner. There would be compulsory transfer of technology. There was no barrier to their Chinese partner walking across the street and manufacturing products identical to theirs under their own name. As a foreign company they had little recourse to the courts. Since the currency wasn’t convertible there was no way they could take profits out of the country.
All that they could see was the headline “1 billion population”. I also tried to explain that a customer was somebody with money who had the the power to make purchase decisions. That meant that the Chinese market was actually a couple of hundred party officials. Things have changed somewhat in China since then. For one thing there are a lot more people with money. But the Chinese market still isn’t what American managers tend to think it is.
I left the company (on my own steam) shortly thereafter.
Who could not see this coming. Any Bible thumping, gun toting, Walmart shopper knows it is probably not a good idea to give your house keys to the town thief, no matter how nice he/she is. It takes a mighty big brain to be this stupid.
Now, could somebody explain why letting the US steel industry relocate to China is such a good idea? Please, include your IQ.
Meh. Some people made a lot of money by moving everything to China. Now they want to make sure they dont pay any taxes on that money, permanently. We should have stopped with Mexico. That would have provided more jobs there, so fewer illegals, and if it was ever an issue, it would be a lot easier to invade them rather than China.
Steev
I can’t speak to the specifics of this case, but what is alleged fits the MO of previous Chinese efforts – efforts that led the DoD and intel community to greatly restrict sourcing for IT equipment.
Amazon web services prudent third party scrutiny of these devices may mean that the chicanary was not unprecedented or unexpected. May just mean that we’re onto their games and have been for a long time.
Even if that’s true, I’d still make them pay the price by shifting the business elsewhere. AMS can’t just be secure, but must avoid even the hint of poor security.