Säkerhetsexperten Joe Fitzpatrick är en av Bloombergs källor till uppgifterna att Amazon, Apple och Supermicro avlyssnats med hjälp av dolda kretsar. Han tar nu avstånd från uppgifterna, anser sig felciterad och han kan även visa på en mailkonversation med Bloomberg där han ställer sig mycket tveksam till uppgifterna, för publiceringen.

Joe Fitzpatrick skrev till Bloomberg att uppgifterna ““didn’t make sense”. Fitzpatrick  säger också att han är felciterad och att uppgifterna han lämnat plockats helt ur sitt sammanhang i flera fall. Här är ett utdrag Risky Business podcast:

FITZPATRICK: But what really struck me is that like all the details that were even remotely technical, seemed like they had been lifted from from the conversations I had about theoretically how hardware implants work and how the devices I was making to show off at black hat two years ago worked.

GRAY: So I guess what you are saying here is, the report, I mean all of the technical details of the report, you’d covered that ground with that reporter.

FITZPATRICK: Yeah, I had conversations about all the technical details and various contexts. But there are a lot of filters that happen, you know? When I explain hardware things even to software people, I don’t expect people to get it the first time and I don’t expect people to be able to describe it accurately all the time. So there is definitely a lot of telephone exchange happening

GRAY: OK but why did that make you feel uneasy? Could it be the case that you know that the technical things you told him lined up perfectly with the technical things that some of these 17 of the anonymous sources told him?

FITZPATRICK: You know, I’m just Joe. I do this stuff solo. I am building hardware implants for phones to show off at conferences. I’m not a pro at building hardware implants. I don’t work for any nation or any state building and shipping these as products. I feel like I have a good grasp at what’s possible and what’s available and how to do it just from my practice. But it was surprising to me that in a scenario where I would describe these things and then he would go and confirm these and 100 percent of what I described was confirmed by sources.

GRAY: And that’s what he was telling you through this process?

FITZPATRICK: That’s what I read in the article.

GRAY: OK, right. You find that a bit strange? That every single thing you seem to tell him, or a large proportion of what you told him, was then confirmed by his other sources.

FITZPATRICK: Yeah, basically. Either I have excellent foresight or something else is going on.

Notera att Fitzpatrick varit i kontakt med Bloomberg innan publiceringen och han har före publiceringen ställt sug tveksam till Blombergs uppgifter.

Risky Business 

Står fast

Bloomberg står fast vid sin ursprungliga publicering och hänvisar till sina källor. Bloomberg har även följt upp sina första artiklar i ämnet med ytterligare att avslöjande där Bloomberg hävdar att en stor amerikansk teleoperatör har hittat manipulerade servrar från Supermicro in sina serverhallar. Servrar som ska ha haft mikrokretsar för avlyssning installerade direkt i hårdvaran.

New Evidence of Hacked Supermicro Hardware Found in U.S. Telecom

Mackens Fråga: Hur snabbt brukar du uppdatera dina Apple-prylar?
Share This