and there is an even greater cost to 1) not working collegially with the NatSec agencies to maintain secrecy or plausible deniability on critical matters, and 2) destroying instantly your customers' trust in your ability to maintain their data privately, the immediate result of confirming in full the story.
As mentioned above, 1) these denials can be later parsed and opened up as necessary with significantly less reputational damage, and 2) they contain some interesting specifics that can make them strictly true but quite misleading, e.g., "Apple has never found malicious chips, 'hardware manipulations' or vulnerabilities purposely planted in any server" might more accurately read "someone else found these..."
fermienrico|7 years ago
Don’t put too much emphasis on big Corp and their “credibility”.
toss1|7 years ago
As mentioned above, 1) these denials can be later parsed and opened up as necessary with significantly less reputational damage, and 2) they contain some interesting specifics that can make them strictly true but quite misleading, e.g., "Apple has never found malicious chips, 'hardware manipulations' or vulnerabilities purposely planted in any server" might more accurately read "someone else found these..."