周四彭博社发布爆炸性报道后，苹果和亚马逊都强烈否认其服务器被中国间谍破坏的说法。该报告称，间谍通过将“一粒米”大小的微芯片**中国**的服务器（这些科技巨头的基础设施的一部分），得以渗透到中国一些最大的科技公司。该报告称，这些公司是自己发现芯片的，并通知了美国当局，但苹果和亚马逊都反驳说，故事中引用的任何说法实际上都是有根据的。

这些答复非常详细，逐点否定了彭博社的报告。这是这些公司很少做的事情。在发现安全漏洞或公众强烈反对之后，大多数声明只承认这些担忧，并代表消费者隐私做出模糊承诺。

例如，在Celebgate iCloud漏洞包括名人**泄露后，苹果的回应只是一个小小的愤怒和对任何安全漏洞的简单反驳。2014年，研究人员发现，亚马逊网络服务（AWS）上的网站有可能泄露信用卡号等敏感信息，这是一个单独的、但同样有害的漏洞。亚马逊对Heartbleed的回应很简单，“AWS知道OpenSSL中的Heartbleed Bug（CVE-2014-0160），正在调查任何影响或需要的补救措施。我们将在获得更多详细信息后发回。”

但在这种情况下，苹果和亚马逊都否认了这一点。据这些公司称，这种渗透从未发生过，他们告诉彭博社这一点已经有很长时间了。

以下是亚马逊、苹果和中国服务器**商Supermicro发布的回复中的一些要点：

亚马逊

It’s untrue that AWS knew about a supply chain compromise, an issue with malicious chips, or hardware modificati*** when acquiring Elemental. It’s also untrue that AWS knew about servers containing malicious chips or modificati*** in data centers based in China, or that AWS worked with the FBI to investigate or provide data about malicious hardware.

We’ve re-reviewed our records relating to the Elemental acquisition for any issues related to SuperMicro, including re-examining a third-party security audit that we conducted in 2015 as part of our due diligence prior to the acquisition. We’ve found no evidence to support claims of malicious chips or hardware modificati***.

苹果

Over the course of the past year, Bloomberg has contacted us multiple times with claims, sometimes vague and sometimes elaborate, of an alleged security incident at Apple. Each time, we have conducted rigorous internal investigati*** based on their inquiries and each time we have found absolutely no evidence to support any of them. We have repeatedly and c***istently offered factual resp***es, on the record, refuting virtually every aspect of Bloomberg’s story relating to Apple.

. . .

On this we can be very clear: Apple has never found malicious chips, “hardware manipulati***” or vulnerabilities purposely planted in any server. Apple never had any contact with the FBI or any other agency about such an incident. We are not aware of any investigation by the FBI, nor are our contacts in law enforcement.

超微粒

While we would cooperate with any government investigation, we are not aware of any investigation regarding this topic nor have we been contacted by any government agency in this regard. We are not aware of any customer dropping Supermicro as a supplier for this type of issue.

. . .

Furthermore, Supermicro doesn’t design or manufacture networking chips or the associated firmware and we, as well as other leading server/storage companies, procure them from the same leading networking companies.

这些断言让****专家质疑到底是谁在说真话。如果彭博社的报道属实，亚马逊和苹果似乎在撒谎，并否认了潜在的****风险。

防病毒和网络安全公司F-Secure的硬件安全主管安德里亚·巴里萨尼（Andrea Barisani）说：“如果有什么不同的话，那就是官方对这一事件的否认，而且缺乏技术细节，从技术角度来看，并不真正有利于得出结论。”当然，有可能发起供应链攻击，从而影响COTS（商用现货）硬件的安全性，尽管这会造成明显的实施困难。”

国会中没有人要求对这些指控进行调查，但共和党和民主党都对中国在国内使用硬件持谨慎态度。

最终，这一具体指控遭到明确否认，可能需要进一步调查。深入调查这一潜在攻击并不是国会议员第一次批评美国使用中国硬件。今年夏天，参议员们以****为由，决定对一项必须通过的国防授权法案进行修正，禁止**官员和承包商使用另外两家中国**商（中兴通讯和华为）的产品。