I don't think you deserved the downvotes as I felt somewhat the same way. Part of that comes from the reporting, which appears to have been done by someone who doesn't understand the things he's reporting on (or, at least, some of the people quoted are saying things that are nonsense that someone outside of our industry wouldn't necessary recognize)
i.e. "had a chip encrypted on the motherboard that would record all the data"
... one does not simply ... encrypt a chip ...
With these kinds of explanations or statements used as evidence, it's frustrating trying to figure out what "really happened". Personally, I don't doubt there's something to all of this. It's a "real threat" as has been reported; whether or not it's "theoretically real" or "actually used" isn't that relevant: if it's a "real threat" someone has figured out precisely how to do it or has seen it (or close-enough variations of the "it") being done that it's worth taking action.
My hunch is that it's a firmware-related hack; no hardware added to the boards. The article talks around BIOS and such, indicating that some of the code involved was inserted by employees directly connected to the company. It explains the lack of photographic evidence--what's the evidence[0]? And wouldn't the attacker prefer it that way? It also helps explain the "encrypted chip" -- perhaps code, encrypted on the chip (decrypted/executed at boot) was what was intended by that statement[1].
[0] Disassembled code on Github would have been nice, but the US government isn't likely to drop that.
[1] And maybe it was said in that bizarre manner intentionally, who knows?
i.e. "had a chip encrypted on the motherboard that would record all the data"
... one does not simply ... encrypt a chip ...
With these kinds of explanations or statements used as evidence, it's frustrating trying to figure out what "really happened". Personally, I don't doubt there's something to all of this. It's a "real threat" as has been reported; whether or not it's "theoretically real" or "actually used" isn't that relevant: if it's a "real threat" someone has figured out precisely how to do it or has seen it (or close-enough variations of the "it") being done that it's worth taking action.
My hunch is that it's a firmware-related hack; no hardware added to the boards. The article talks around BIOS and such, indicating that some of the code involved was inserted by employees directly connected to the company. It explains the lack of photographic evidence--what's the evidence[0]? And wouldn't the attacker prefer it that way? It also helps explain the "encrypted chip" -- perhaps code, encrypted on the chip (decrypted/executed at boot) was what was intended by that statement[1].
[0] Disassembled code on Github would have been nice, but the US government isn't likely to drop that.
[1] And maybe it was said in that bizarre manner intentionally, who knows?