China Reportedly Snuck Spy Chips Onto Apple, Amazon Servers

Bloomberg says spies in China managed to add a chip to servers Apple, Amazon, government agencies, and other companies were using. The chips were found on Supermicro server and were no bigger than a grain of rice. They let the People’s Liberation Army, and presumably other government agencies capture data and even remotely control compromised servers. From Bloomberg’s report:

The attack by Chinese spies reached almost 30 U.S. companies, including Amazon and Apple, by compromising America’s technology supply chain, according to extensive interviews with government and corporate sources.

Apple vehemently denies the report and calls out what it says are factual errors. The other companies deny the report, too. Apple stopped buying Supermicro servers in 2016 after discovering an unrelated security issue. Amazon bought Elemental Technologies, the company that wrote the software running on Supermicro servers, to run on its own custom designed hardware. Either China pulled off the most amazing hack ever: altering server hardware during manufacture for espionage, or Bloomberg and its sources got the story completely wrong.

A Terrific Review: Apple Watch Series 4

Jason Snell, at Six Colors, has written up a very nice review of the Apple Watch Series 4.  Notable is the assessment of which previous generation owners should upgrade to Series 4. And he doesn’t forget to note: «Apple also won’t let you buy a Stainless Steel model unless you buy the cellular edition. That double penalty means you can’t get a stainless Series 4 for less than $699.» Check it out.

Silicon Valley is Suddenly Pushing Privacy Laws. Don't Believe It.

Neema Singh Guliani points out that just because Silicon Valley companies are suddenly pushing for privacy laws after all of these years, that doesn’t mean they have our best interests in mind.

After years of claiming they could self-regulate, the tech industry is suddenly receptive to the idea of federal privacy legislation. But don’t let this post-Cambridge Analytica “mea culpa” fool you into believing these companies have consumers’ best interests in mind. Far from it.

This seeming willingness to subject themselves to federal regulation is, in fact, an effort to enlist the Trump administration and Congress in companies’ efforts to weaken state-level consumer privacy protections.

More Streaming Services Mean More Piracy

A Global Internet Phenomena report shows that piracy is increasing thanks to a deluge of streaming services. They all have compete with Netflix and it ends up being the exact same situation we had with television providers.

“More sources than ever are producing «exclusive» content available on a single streaming or broadcast service—think Game of Thrones for HBO, House of Cards for Netflix, The Handmaid’s Tale for Hulu, or Jack Ryanfor Amazon,” Sandvine’s Cam Cullen said in a blog post.

“To get access to all of these services, it gets very expensive for a consumer, so they subscribe to one or two and pirate the rest.” Cullen said.

The Facebook Hack Betrays Trust in Single Sign On Services

The recent Facebook hack means that we probably shouldn’t rely on single sign-on services like Facebook and Google anymore.

If they had taken more care with their implementation of Facebook’s Single Sign-On feature—which lets you use your Facebook account to access other sites and services, rather than creating a unique password for every site—the impact could have largely been limited to Facebook. Instead, hackers could potentially have accessed everything from people’s private messages on Tinder to their passport information on Expedia, all without leaving a trace.