Samsung forecasts record $15.5B profit thanks to chips not smartphones

Samsung’s last quarter of business saw its slowest growth of profits in a year thanks to weak sales of its flagship Galaxy S9 smartphone. But the company is about much more than just phones, and that’s why it is forecasting a record operating profit of nearly $15.5 billion for its upcoming Q3 results.

The Korean firm said in a filing that it expects to revenue jump five percent year-on-year to hit 65 trillion KRW ($57.5 billion) with an operating profit of 17.5 trillion KRW ($15.5 billion), which represents a 20 percent annual jump and an 18 percent increase on the previous quarter.

Samsung’s pre-earnings filings are brief and don’t contain detailed information about the performance of its business units, thus we can’t assess demand for its high-end phones — which include the Note 9 — in the quarter that Apple unveiled its newest iPhones. But the clues suggest that it is actually the more boring (but reliable) divisions that are, once again, responsible for Samsung’s strong forecast.

Chips account for some 80 percent of Samsung’s revenue and demand for DRAM, which is important in areas such as cloud, pushed prices up during Q3 but analysts suspect that the growth won’t last.

“Its earnings appeared to have peaked,” Mirae Asset Daewoo Securities analyst William Park told Reuters. “DRAM prices are going to fall, although not dramatically, and that will negatively impact its margins.”

We’ll know more when Samsung releases its full earnings this month.

from Apple – TechCrunch https://ift.tt/2QtZWqR

Samsung forecasts record $15.5B profit thanks to chips not smartphones

Samsung’s last quarter of business saw its slowest growth of profits in a year thanks to weak sales of its flagship Galaxy S9 smartphone. But the company is about much more than just phones, and that’s why it is forecasting a record operating profit of nearly $15.5 billion for its upcoming Q3 results.

The Korean firm said in a filing that it expects to revenue jump five percent year-on-year to hit 65 trillion KRW ($57.5 billion) with an operating profit of 17.5 trillion KRW ($15.5 billion), which represents a 20 percent annual jump and an 18 percent increase on the previous quarter.

Samsung’s pre-earnings filings are brief and don’t contain detailed information about the performance of its business units, thus we can’t assess demand for its high-end phones — which include the Note 9 — in the quarter that Apple unveiled its newest iPhones. But the clues suggest that it is actually the more boring (but reliable) divisions that are, once again, responsible for Samsung’s strong forecast.

Chips account for some 80 percent of Samsung’s revenue and demand for DRAM, which is important in areas such as cloud, pushed prices up during Q3 but analysts suspect that the growth won’t last.

“Its earnings appeared to have peaked,” Mirae Asset Daewoo Securities analyst William Park told Reuters. “DRAM prices are going to fall, although not dramatically, and that will negatively impact its margins.”

We’ll know more when Samsung releases its full earnings this month.

from iPhone – TechCrunch https://ift.tt/2QtZWqR

Bloomberg’s spy chip story reveals the murky world of national security reporting

Today’s bombshell Bloomberg story has the internet split: either the story is right, and reporters have uncovered one of the largest and jarring breaches of the U.S. tech industry by a foreign adversary… or it’s not, and a lot of people screwed up.

To recap, Chinese spies reportedly infiltrated the supply chain and installed tiny chips the size of a pencil tip on the motherboards built by Supermicro, which are used in data center servers across the U.S. tech industry — from Apple to Amazon. That chip can compromise data on the server, allowing China to spy on some of the world’s most wealthy and powerful countries.

Apple, Amazon and Supermicro — and the Chinese government — strenuously denied the allegations. Apple also released its own standalone statement later in the day, as did Supermicro. You don’t see that very often unless they think they have nothing to hide. You can — and should — read the statements for yourself.

Welcome to the murky world of national security reporting.

I’ve covered cybersecurity and national security for about five years, most recently at CBS, where I reported exclusively on several stories — including the U.S. government’s covert efforts to force tech companies to hand over their source code in an effort to find vulnerabilities and conduct surveillance. And last year I revealed that the National Security Agency had its fifth data breach in as many years, and classified documents showed that a government data collection program was far wider than first thought and was collecting data on U.S. citizens.

Even with this story, my gut is mixed.

China reportedly infiltrated Apple and other US companies using ‘spy’ chips on servers

Where reporters across any topic and beat try to seek the truth, tapping information from the intelligence community is near impossible. For spies and diplomats, it’s illegal to share classified information with anyone and can be — and is — punishable by time in prison.

As a security reporter, you’re either incredibly well sourced or downright lucky. More often than not it’s the latter.

Naturally, people are skeptical of this “spy chip” story. On one side you have Bloomberg’s decades-long stellar reputation and reporting acumen, a thoroughly researched story citing more than a dozen sources — some inside the government and out — and presenting enough evidence to present a convincing case.

On the other, the sources are anonymous — likely because the information they shared wasn’t theirs to share or it was classified, putting sources in risk of legal jeopardy. But that makes accountability difficult. No reporter wants to say “a source familiar with the matter” because it weakens the story. It’s the reason reporters will tag names to spokespeople or officials so that it holds the powers accountable for their words. And, the denials from the companies themselves — though transparently published in full by Bloomberg — are not bulletproof in outright rejection of the story’s claims. These statements go through legal counsel and are subject to government regulation. These statements become a counterbalance — turning the story from an evidence-based report into a “he said, she said” situation.

That puts the onus on the reader to judge Bloomberg’s reporting. Reporters can publish the truth all they want, but ultimately it’s down to the reader to believe it or not.

In fairness to Bloomberg, chief among Apple’s complaints is a claim that Bloomberg’s reporters were vague in their questioning. Given the magnitude of the story, you don’t want to reveal all of your cards — but still want to seek answers and clarifications without having the subject tip off another news agency — a trick sometimes employed by the government in the hope of lighter coverage.

Yet, to Apple — and Amazon and other companies implicated by the report — they too might also be in the dark. Assuming there was an active espionage investigation into the alleged actions of a foreign government, you can bet that only a handful of people at these companies will be even cursorily aware of the situation. U.S. surveillance and counter-espionage laws restrict who can be told about classified information or investigations. Only those who need to be in the know are kept in a very tight loop — typically a company’s chief counsel. Often their bosses, the chief executive or president, are not told to avoid making false or misleading statements to shareholders.

It’s worth casting your mind back to 2013, days after the first Edward Snowden documents were published.

In the aftermath of the disclosure of PRISM, the NSA’s data pulling program that implicated several tech companies — including Apple, but not Amazon — the companies came out fighting, vehemently denying any involvement or connection. Was it a failure of reporting? Partially, yes. But the companies also had plausible deniability by cherry picking what they rebuffed. Despite a claim by the government that PRISM had “direct access” to tech companies’ servers, the companies responded that this wasn’t true. They didn’t, however, refute indirect access — which the companies wouldn’t be allowed to say in any case.

Critics of Bloomberg’s story have rightfully argued for more information — such as more technical data on the chip, its design and its functionality. Rightfully so — it’s entirely reasonable to want to know more. Jake Williams, a former NSA hacker turned founder of Rendition Infosec, told me that the story is “credible,” but “even if it turns out to be untrue, the capability exists and you need to architect your networks to detect this.”

Chinese chip spying report shows the supply chain remains the ultimate weakness

I was hesitant to cover this at first given the complexity of the allegations and how explosive the claims are without also seeking confirmation. That’s not easy to do in an hour when Bloomberg’s reporters have been working for the best part of a year. Assuming Bloomberg did everything right — a cover story on its magazine, no less, which would have gone through endless editing and fact-checking before going to print — the reporters likely hit a wall and had nothing more to report, and went to print.

But Bloomberg’s delivery could have been better. Just as The New York Times does — even as recently as its coverage of President Trump’s tax affairs, Bloomberg missed an opportunity to be more open and transparent in how it came to the conclusions that it did. Journalism isn’t proprietary. It should be open to as many people as possible. If you’re not transparent in how you report things, you lose readers’ trust.

That’s where the story rests on shaky ground. Admittedly, as detailed and as well-sourced as the story is, you — and I — have to put a lot of trust and faith in Bloomberg and its reporters.

And in this day and age where “fake news” is splashed around wrongly and unfairly, for the sake of journalism, my only hope is they’re not wrong.

from Apple – TechCrunch https://ift.tt/2Pbzsud

Chinese chip spying report shows the supply chain remains the ultimate weakness

Thursday’s explosive story by Bloomberg reveals detailed allegations that the Chinese military embedded tiny chips into servers, which made their way into data centers operated by dozens of major U.S. companies.

We covered the story earlier, including denials by Apple, Amazon and Supermicro — the server maker that was reportedly targeted by the Chinese government. Apple didn’t respond to a request for comment. Amazon said in a blog post that it “employs stringent security standards across our supply chain.” The FBI did not return a request for comment but declined to Bloomberg, and the Office for the Director of National Intelligence declined to comment. This is a complex story that rests on more than a dozen anonymous sources — many of which are sharing classified or highly sensitive information, making on-the-record comments impossible without repercussions. Despite the companies’ denials, Bloomberg is putting its faith in that the reader will trust the reporting.

Much of the story can be summed up with this one line from a former U.S. official: “Attacking Supermicro motherboards is like attacking Windows. It’s like attacking the whole world.”

It’s a fair point. Supermicro is one of the biggest tech companies you’ve probably never heard of. It’s a computing supergiant based in San Jose, Calif., with global manufacturing operations across the world — including China, where it builds most of its motherboards. Those motherboards trickle throughout the rest of the world’s tech — and were used in Amazon’s data center servers that power its Amazon Web Services cloud and Apple’s iCloud.

One government official speaking to Bloomberg said China’s goal was “long-term access to high-value corporate secrets and sensitive government networks,” which fits into the playbook of China’s long-running effort to steal intellectual property.

“No consumer data is known to have been stolen,” said Bloomberg.

Infiltrating Supermicro, if true, will have a long-lasting ripple effect on the wider tech industry and how they approach their own supply chains. Make no mistake — introducing any kind of external tech in your data center isn’t taken lightly by any tech company. Fear of corporate and state-sponsored espionage has been rife for years. It’s chief among the reasons why the U.S. and Australia have effectively banned some Chinese telecom giants — like ZTE — from operating on its networks.

Having a key part of your manufacturing process infiltrated — effectively hacked — puts every believed-to-be-secure supply chain into question.

With nearly every consumer electronics or automobile, manufacturers have to procure different parts and components from various sources across the globe. Ensuring the integrity of each component is near impossible. But because so many components are sourced from or assembled in China, it’s far easier for Beijing than any other country to infiltrate without anyone noticing.

The big question now is how to secure the supply chain?

Companies have long seen supply chain threats as a major risk factor. Apple and Amazon are down more than 1 percent in early Thursday trading and Supermicro is down more than 35 percent (at the time of writing) following the news. But companies are acutely aware that pulling out of China will cost them more. Labor and assembly are far cheaper in China, and specialist parts and specific components often can’t be found elsewhere.

Amazon reportedly offloaded its Chinese server business because it was compromised

Instead, locking down the existing supply chain is the only viable option.

Security giant CrowdStrike recently found that the vast majority — nine out of 10 companies — have suffered a software supply chain attack, where a supplier or part manufacturer was hit by ransomware, resulting in a shutdown of operations.

But protecting the hardware supply chain is a different task altogether — not least for the logistical challenge.

Several companies have already identified the risk of manufacturing attacks and taken steps to mitigate. BlackBerry was one of the first companies to introduce root of trust in its phones — a security feature that cryptographically signs the components in each device, effectively preventing the device’s hardware from tampering. Google’s new Titan security key tries to prevent manufacturing-level attacks by baking in the encryption in the hardware chips before the key is assembled.

Albeit at start, it’s not a one-size-fits-all solution. Former NSA hacker Jake Williams, founder of Rendition Infosec, said that even those hardware security mitigations may not have been enough to protect against the Chinese if the implanted chips had direct memory access.

“They can modify memory directly after the secure boot process is finished,” he told TechCrunch.

Some have even pointed to blockchain as a possible solution. By cryptographically signing — like in root of trust — each step of the manufacturing process, blockchain can be used to track goods, chips and components throughout the chain.

Instead, manufacturers often have to act reactively and deal with threats as they emerge.

According to Bloomberg, “since the implanted chips were designed to ping anonymous computers on the internet for further instructions, operatives could hack those computers to identify others who’d been affected.”

Williams said that the report highlights the need for network security monitoring. “While your average organization lacks the resources to discover a hardware implant (such as those discovered to be used by the [Chinese government]), they can see evidence of attackers on the network,” he said.

“It’s important to remember that the malicious chip isn’t magic — to be useful, it must still communicate with a remote server to receive commands and exfiltrate data,” he said. “This is where investigators will be able to discover a compromise.”

The intelligence community is said to be still investigating after it first detected the Chinese spying effort, some three years after it first opened a probe. The investigation is believed to be classified — and no U.S. intelligence officials have yet to talk on the record — even to assuage fears.

China reportedly infiltrated Apple and other US companies using ‘spy’ chips on servers

from Apple – TechCrunch https://ift.tt/2IDlhvi

Someone recreated Apple’s new campus with 85,000 LEGO bricks and it’s excellent

2018 has been a good year for ridiculous, gargantuan LEGO builds. Just weeks ago, there was that life size, driveable LEGO Bugatti.

Now someone has gone and built a mega-sized recreation of Apple’s new Cupertino “spaceship” campus – otherwise known as Apple Park.

Coming in at roughly 85,000 pieces, the build took designer Spencer_R a little over two years to complete, with many of those hours spent poring over drone footage of the campus’ construction. At 6.8×4.5 ft, it’s bigger than most kitchen tables. Spencer says it weighs around 78 pounds.

Beyond the massive circular building that serves as the build’s primary feature, tons and tons of tiny details accent the brick canvas: its got the glass-walled Steve Jobs Theater, the hundred-year old Glendenning Barn that was disassembled and rebuilt on the property, the employee parking garages, the visitor center, and even some tiny employee basketball/tennis courts for good measure.

Oh, and trees. Lots, and lots, and lots of trees. 1,646 trees in all, by Spencer’s count.

This is hardly Spencer’s first time recreating a mega building — he’s done custom creations of everything from the Eiffel Tower to the Rockefeller Center. With that said, he notes that Apple Park is “nearly as large as all of [his] other LEGO skyscraper builds combined”

[gallery ids="1726783,1726757,1726762,1726766,1726763,1726760"]

For more build details, you can tap through Spencer_R’s gallery/build notes here. Thank you to Fabrizio Costantini for letting us use these photos.

from Apple – TechCrunch https://ift.tt/2CsYfHr

China reportedly infiltrated Apple and other US companies using ‘spy’ chips on servers

Ready for information about what may be one of the largest corporate espionage programs from a nation-state? The Chinese government managed to gain access to the servers of more than 30 U.S. companies, including Apple, according to an explosive report from Bloomberg published today.

Bloomberg reports that U.S-based server motherboard specialist Supermicro was compromised in China where government-affiliated groups are alleged to have infiltrated its supply chain to attach tiny chips, some merely the size of a pencil tip, to motherboards which ended up in servers deployed in the U.S.

The goal, Bloomberg said, was to gain an entry point within company systems to potentially grab IP or confidential information. While the micro-servers themselves were limited in terms of direct capabilities, they represented a “stealth doorway” that could allow China-based operatives to remotely alter how a device functioned to potentially access information.

Once aware of the program, the U.S. government spied on the spies behind the chips but, according to Bloomberg, no consumer data is known to have been stolen through the attacks. Even still, this episode represents one of the most striking espionage programs from the Chinese government to date.

The story reports that the chips were discovered and reported to the FBI by Amazon, which found them during due diligence ahead of its 2015 acquisition of Elemental Systems, a company that held a range of U.S. government contracts, and Apple, which is said to have deployed up to 7,000 Supermicro servers at peak. Bloomberg reported that Amazon removed them all within a one-month period. Apple did indeed cut ties with Supermicro back in 2016, but it denied a claim from The Information which reported at the time that it was based on a security issue.

Amazon, meanwhile, completed the deal for Elemental Systems — reportedly worth $500 million — after it switched its motherboard provider away from Supermicro.

Supermicro, meanwhile, was suspended from trading on the Nasdaq in August after failing to submit quarterly reports on time. The company is likely to be delisted.

Amazon, Apple, Supermicro and China’s Ministry of Foreign Affairs all denied Bloomberg’s findings with strong and lengthy statements — a full list of rebuttals is here. The publication claims that it sourced its information using no fewer than 17 individuals with knowledge of developments, including six U.S. officials and four Apple “insiders.”

You can (and should) read the full story on Bloomberg here.

from Apple – TechCrunch https://ift.tt/2IAXKuV

Apple’s Tim Cook talks privacy, user data in China and banning Alex Jones

Notoriously secret on one hand, Apple has never been one to shy away from speaking its mind on matters of principle. During this current period of societal tumult, the $1 trillion company has more to answer for than ever.

In a new interview with VICE News Tonight on HBO, Apple chief executive Tim Cook talked about a slew of topics — including privacy, how the company keeps user data safe amid legal challenges and why it decided to ban notorious conspiracy theorist Alex Jones from its platforms.

Vice shared a copy of the transcript with TechCrunch. Here’s what he said:

On privacy, Cook calls for “some level” of regulation

Is the tech industry past the point of no return on matters of privacy?

“I see privacy as one of the most important issues of the 21st century,” Cook told interviewer Elle Reeve. “We’re at a stage now, where more information is available about you, online and on your phone than there is in your house. You know, chances are your phone knows what you’ve been browsing, knows your friends, knows your relationships, has all of your photos.”

“I mean just think about this and the magnitude of information — we take that very seriously,” he said.

Apple’s long taken a unique approach to privacy. It doesn’t want your data — unlike advertising giants such as Facebook and Google, Apple doesn’t do anything with your data. But data hoarding companies have come under fire for misusing or exposing user data. Is it too late to reel in these companies and give the power back to the people, with help from Congress?

“I’m not a pro-regulation kind of person,” he said. “I think some level of government regulation is important to come out of that.” Though, Cook wasn’t specific on what he wanted to see.

Cook didn’t outright name his rivals, but said that Apple takes a “collect as little as possible” approach to product design. That’s not new — Apple has done this for years.

“We’re not forming the detailed profile, and then allowing other companies to buy the opportunity to target you,” he said. “It’s not the business that we’re in.”

Is Apple losing out on the competitive edge as a result — say, for Siri compared to Alexa? “No,” said Cook. He said that the narrative that users have to give up their data to make their service better is “a bunch of bonk.”

For the most part, Apple processes user data on the device so the company never gets to see it.

Privacy is a “human right” — even in China

As a device maker, Apple is about as global as it can get — even in China, where device rivals like Google and other tech giants like Facebook have almost no footprint. But that’s cause for conflict between Apple’s privacy ideals and China’s pro-surveillance state.

Asked if privacy as a human right applies to its business in China, Cook said it “absolutely does.”

“Encryption for us is the same in every country in the world,” he said. We don’t design encryption for, you know, for the U.S. and do it differently everywhere else, it’s the same. And so to send a message in China, it’s encrypted, I can’t produce the content. I can’t produce it in the United States either.”

Earlier this year, Apple moved its iCloud encryption keys for Chinese users to mainland China to comply with the country’s new vague, confusing and often conflicting cybersecurity rules. That sparked concern because it meant China can now ask Apple’s China-based cloud partner to turn over data on Chinese customers — just like the FBI can force Apple to turn over data in the U.S. Apple had to play ball in order to keep doing business in the country — and China currently makes up close to 20 percent of Apple’s global annual revenue.

Cook defended the move, saying he “wouldn’t” accept that Chinese data stored in China makes it easier for Beijing to access that data.

“I mean we have servers located in many different countries in the world,” he said. “They are not easier to get data from being in one country versus the next. The key question is how does the encryption process work and who owns the keys, if anyone? In most cases for us, you and the receiver own the keys.”

Decision to ban Alex Jones was made “independently”

Some say Alex Jones is the last bastion of free speech. Others call him a dangerous conspiracy theory-pusher who thinks the Sandy Hook school shooting was a hoax.

This year, Facebook banned him, then Twitter and then YouTube — and also tech giants like MailChimp, Spotify and PayPal. Apple remained silent. Jones’ podcasts were still available on iTunes and his apps in the App Store. Until they weren’t.

“We don’t take a political stand,” said Cook. “We’re not leaning one way or the other.” Across Apple’s various platforms, Cook said that users “see everything from very conservative to very liberal.” And, he said, “that’s the way I think it should be.”

Cook didn’t say there was a single moment that sparked the decision, but said that he has “never” had a conversation about Jones with any other tech company.

“Why not?” said Reeve. “But why?” Cook responded. “Because it’s a huge thing!” said Reeve. Cook said that it’s important that Apple makes decisions “independently.”

Tim Cook speaks out at Fortune’s CEO Initiative on hot-button issues like immigration

from Apple – TechCrunch https://ift.tt/2QqEt1X