A mid-2016 security incident led to Apple purging its data centers of servers built by Supermicro, including returning recently purchased systems, according to a report by The Information. Malware-infected firmware was reportedly detected in an internal development environment for Apple’s App Store, as well as some production servers handling queries through Apple’s Siri service.
An Apple spokesperson denied there was a security incident. However, Supermicro’s senior vice-president of technology, Tau Leng, told The Information that Apple had ended its relationship with Supermicro because of the compromised systems in the App Store development environment. Leng also confirmed Apple returned equipment that it had recently purchased. An anonymous source was cited as the source of the information regarding infected Siri servers.
Apple has used a variety of other companies’ server hardware—since the company got out of the server business itself and never used its own in datacenters—including servers from HP and storage from NetApp. A few years ago, Apple added Supermicro as a supplier for some of its development and data center computing infrastructure.
But Apple has been squeezing the cost of its data center supply chain and moving toward more custom hardware much like the other cloud giants. In August of 2016, Digitimes reported Apple was increasing its orders for full-rack systems from the integrator ZT Systems and adding the China-based Inspur as a server supplier.
Leng told The Information that Apple was the only company to report the firmware issue, and he said the servers are used by thousands of customers. He asserted that when his company asked Apple’s engineers to provide information about the firmware, they gave an incorrect version number—and then refused to give further information.
Update: A source familiar with the case at Apple told Ars that the compromised firmware affected servers in Apple’s design lab, and not active Siri servers. The firmware, according to the source, was downloaded directly from Supermicro’s support site—and that firmware is still hosted there.
Apple issued the following official comment:
Apple is deeply committed to protecting the privacy and security of our customers and the data we store. We are constantly monitoring for any attacks on our systems, working closely with vendors and regularly checking equipment for malware. We’re not aware of any data being transmitted to an unauthorized party nor was any infected firmware found on the servers purchased from this vendor.
Use Server app to administer a remote server
Learn how to install Server app on an administrator computer that uses macOS. Then, use it to administer a remote server that uses macOS Server.
Before you install Server app, you must turn on remote administration on your server.
Turn on remote administration
- On your server, open Server app.
- In the sidebar, select the server.
- Select Settings.
- Select the “Allow remote administration using Server” checkbox.
Install Server app
- On your administrator computer, sign in to the Mac App Store. Use the same ID that you used to buy the app.
- On the Purchases tab, find Server app.
- Click Install.
Set up Server app
- On your administrator computer, open Server app.
- When you see the “Welcome to Server” window, don’t click Continue. Instead, click Manage, then choose Connect to Server.
- If your server appears in the list, choose it and type the administrator name and password.
- If your server doesn’t appear in the list, click Other Mac, then click Continue. Type the server’s host name or IP address.