Slashdot Mirror

← Back to Stories (view on slashdot.org)

Creative Zens Ship with Worms

Posted by ScuttleMonkey on from the egg-on-your-face dept.

An anonymous reader writes "Engadget reports about 3700 Creative Zen "Neeons" shipped with a virus. The virus in question was the W32.Wullik.B@mm worm. Creative released a statement today to help consumers pinpoint the possibly effected devices."

27 of 354 comments (clear)

  1. Product Liability by Monte · · Score: 5, Interesting

    Ouch - that's going to be a black eye. Although it isn't the first case of software shipping with malware, IIRC there was some kid's game on CD that included a Bonus Virus inside.

    Now a comment and a question for the peanut gallery - it's always been a pet peeve of mine that software companies aren't held to any real sort of accountability for shipping product that is clearly flawed. They hide behind the "shrink wrap" license, and (at least IMHO) get away with murder. Imagine if GM or Ford or Daimler-Chrysler put such a waiver of liability on a sticker on the doors of their new cars. The courts would tear them a new one so fast it'd be like lightning.

    The question - what sort of liability does Creative have in this case, and what's fair recompense for shipping a clearly flawed product where said flaw has the possibility of harming the user's computer, data integrity and / or privacy?

    How much is enough? Should Creative be given a hard enough pranging to get the attention of other software manufacturers?

    Personally, I say "Yes". GM spends a hell of a lot of time and energy making sure their brakes work, I'd like to see software companies (and you all know exactly who I've got my sights on here) make sure they ship product that isn't horribly broken right out of the box.

    1. Re:Product Liability by LordSnooty · · Score: 5, Insightful

      It's a fair point, but I suppose a key difference is that if the car makers released a defective product, people could die because of it. Having to re-install Windows is a pain, sure, but no-one dies.

      Cue posts about hospitals running Windows... ok, in certain circs there is a valid agrument. I don't think you can stretch it to cover the average Joe. A refund might be nice, though.

    2. Re:Product Liability by sdpuppy · · Score: 3, Insightful
      >Cue posts about hospitals running Windows... ok, in certain circs there is a valid agrument. I don't think you can stretch it to cover the average Joe. A refund might be nice, though.

      Perhaps. But a computer virus can infest many many systems.

      A car accident can only propagate so far. Just hope that someday when one of us is in the hospital, a virus doesn't get into their system and scramble our info in the data base or delay a blood transfusion.

    3. Re:Product Liability by saider · · Score: 3, Insightful

      Not true at all. There have been cases in history where hardware could fail because of a certain execution in software. So, what if your Operating System causes a hardware fault.. Say a flaw in windows causes a certain part of the motherboard to over heat and it causes a fire which burns a house down and kills two adults and 3 children. Should they be liable then?

      The hardware manufacturer. At no point should safety be driven by software. The hardware should be designed so that any exception cases do not produce a safety hazard. If a hardware manufacturer placed a product into the market and one of the machine states would cause a hazard, they would be liable. If the hardware can burn, shock, or do anything hazardous, it is up to the hardware to mitigate that problem.

      --


      Remember, You are unique...just like everyone else.
    4. Re:Product Liability by FictionPimp · · Score: 4, Insightful

      no your looking at it all wrong. When a car is broke, people die. But when a computer is down people lose money. Which one is worse in the corp eye again?

    5. Re:Product Liability by hotdiggitydawg · · Score: 5, Funny

      Or add "Do Not Resuscitate" to your patient record. Or replace all instances of "appendectomy" with "gender reassignment surgery". Or... hang on, my tinfoil hat is slipping...

    6. Re:Product Liability by TheViewFromTheGround · · Score: 3, Interesting

      Though very rarely, strange shit like this happens. I had a friend brought home his clothes from the laundromat compressed together in big bags. The clothes (particularly the metal pieces) were hot enough from the drying that they set fire to the bags, which should have burned out but set fire to some paper, which resulted in his apartment slowly catching fire. The resultant fire and (mainly) smoke damage, his lack of insurance, and his slum-lord renter meant his family almost wound up homeless. Shit happens, but weird shit happens, too.

      --
      Online citizen journalism from the inner city: The View From The Ground
  2. I swear I'm not a grammar geek by coshx · · Score: 5, Informative

    but shouldn't it be affected?
    the possibly effected devices means the devices that possibly came into existence because of the worm.

    1. Re:I swear I'm not a grammar geek by Fred_A · · Score: 4, Funny

      Haven't you noticed yet that on the Intarweb you can use any vowel in place of any other ?

      --

      May contain traces of nut.
      Made from the freshest electrons.
    2. Re:I swear I'm not a grammar geek by geminidomino · · Score: 3, Funny

      Well, when a mommy iPod and a daddy iPod love each other very much...

  3. Why do I somehow think that.. by postgrep · · Score: 5, Funny

    iPod and Mac zealots are now going to proclaim that "iPods don't get viruses!" ?

    1. Re:Why do I somehow think that.. by Henriok · · Score: 5, Informative

      "Do mac users run virus scanners often?"

      There are quite a lot of Mac users that have anti virus installed. Mostly because they fall for the virus hysteria in the Windows centric press, and thinks that it applies to them too, but also because they don't want to risk sending a virus infected document or mail to a Windows user by mistake. Even if the virus didn't infect the Mac itself.

      "How do they know if they have viruses that aren't commonly known yet?"

      There are exactly zero known viruses for Mac OS X right this minute. If one would emerge it will be commonly known in the Mac community quite fast. It is a closely knit community after all.

      "I keep virus scanner running on my linux machines just in case, and it disinfects few files every now and then."

      Prudent, but it's mostly for the benefit of your Windows friends.

      --

      - Henrik

      - when the Shadows descend -
  4. Not the first, won't be the last by jarich · · Score: 5, Funny
    Microsoft did this a few years back if memory serves.

    When you run Windows, you must run anti-virus ~all~ the time!

    --
    Agile Artisans
    1. Re:Not the first, won't be the last by jarich · · Score: 5, Informative
      Flamebait?

      When I see the "quality" of /. comments, especially compared to just a year or ago, I realize it's populated with the younger generation, but things like this confirm it.

      It's not flamebait, you just don't remember it happening. I wasn't referring to Windows itself.

      Here are a few examples:

      http://www.idg.co.nz/cw.nsf/0/CC256D400014E76CCC25 6A3A00806895?OpenDocument&Type=Column&More=Virus/ Microsoft makes the virus news section too, with confirmation that it shipped some hotfixes infected with the rather nasty (but old and well-detected by antivirus software) FunLove virus

      http://news.com.com/2100-1001-935994.html/ Microsoft accidentally sent the virulent Nimda worm to South Korean developers when it distributed Korean-language versions of Visual Studio .Net

      It doesn't MS is evil, it means they are human. Any company that ships tons of software will ~eventually~ make a mistake.

      Today it's Creative's turn.

      --
      Agile Artisans
  5. Probably... by Knome_fan · · Score: 4, Funny

    because you are desparately trying to start a flamewar?

  6. That's why Win32 in a factory is a bad idea by SysKoll · · Score: 4, Interesting
    This is exactly why having windows machines in a production process is a bad idea. You never know when a worm, virus, trojan or other beast is going to interfere with your fabrication, the files or the hard disk imaging.

    IBM is running its new 90-nm microelectronics fab (in Fishkill, NY) entirely on Linux. So if it's feasible for a plant of that complexity, it should be feasible for a small assembly plant such as Zen Creative's.

    --

    --
    Mad science! Robots! Underwear! Cute girls! Full comic online! http://www.girlgeniusonline.com/

  7. homophones by ajs318 · · Score: 5, Funny

    Scrawny man in PE kit, about to lift a small weight: "Will this affect me?"

    Muscular man, lifting two larger weight with each hand: "Look at the effect it had on me!"

    From a poster in the Remedial Studies unit at my secondary school.

    --
    Je fume. Tu fumes. Nous fûmes!
  8. They not only didn't virus check... by term8or · · Score: 3, Funny

    These people don't even know how to grammer check their press release...

    It was verified that it is the possibility the extermination possible worm type virus of the risk which is called to the player itself of Creative Zen of the digital audio player who it was produced was shipped from shipment preparation and late July this each time in our company Neeon "W32.Wullik.B@mm" having mixed low.

    OK. The actual problem is probably not serious as far as I can tell, since running the virus software is not automatic on installation (which I bet is done by a super user or admin). But really, this is not professional and someone ought to get the sack. And the person who wrote the press release ought to be retrained as a petrol station attendant.

    --



    "As a writer / novelist you might want to spellcheck your sig. :) " - AC
  9. I guess Zen doesn't run Linux by AndroidCat · · Score: 5, Interesting

    Come to think of it, how does this worm manifest itself on a player device?

    "W32.Wullik.B@mm is a mass-mailing worm that attempts to send itself to all the contacts in the Outlook address book. The worm makes numerous copies of itself in random locations, and moves to a new location when Windows Explorer browses to the folder from which it runs. It can spread to floppy disks and shared network drives under some conditions.
    I doubt it executes on the player itself. Can it infect the PCs that you connect the player to for syncing?
    --
    One line blog. I hear that they're called Twitters now.
  10. Just wondering.... by someone300 · · Score: 4, Insightful

    Is this virus on the software/driver CD or the actual device itself?

    If it's on the device, how is it running on the zen, since I'd imagine the zen doesn't run windows, and how does it get from the zen to the operating system? (Wouldn't a zen be just like a bulk transfer device or something, and require the user to download and run the virus from it?)

  11. oopsies by theheff · · Score: 3, Interesting

    It'll be interesting to see how both the consumer and the company react to this situation and to see how public this could get. If damage is actually done here from the defect, who would be liable? Oh the joys of transitioning into the digital age...

  12. In related news... by Anonymous Coward · · Score: 5, Funny

    The author of W32.Wullik.B@mm is suing Creative Zen for copyright infringement under the DMCA.

  13. The consumers won't be amused.. by manavendra · · Score: 3, Insightful

    ..for a product vying a piece of personal hdd-based players dominated by iPod, this is bad news.

    Creative may try to position itself as the player with replaceable battery (hence longer life), has few more quirks (such as allowing you to move files across computers, rather than going the iTunes way), however, iPod still remains the benchmark in usability and style (the USP of iPod).

    Till they manage to one-up the market leader with innovative design or something special, such glitches will always render it as also-ran

    --
    http://efil.blogspot.com/
  14. Okay, a link to the original without babelfish by Joseph_Daniel_Zukige · · Score: 3, Informative

    For those who, like me, prefer reading intelligible Japanese over machine translation, here.

    Once upon a time I remembered that %2f was slash and %3f was question mark, etc.

  15. Not just Windows by RAMMS+EIN · · Score: 4, Interesting

    ``This is exactly why having windows machines in a production process is a bad idea.''

    Although Windows has a deserved reputation for being susceptible to viruses and break-ins, this problem is not unique to Windows. Any software written in unsafe languages (like C and C++) is bound to contain exploitable vulnerabilities. Any system that allows the user to run software that they bring to it is susceptible to trojans.

    AFAIK, no current operating system is both usable and provides adequate protection mechanisms against viruses. A fine-grained permission system might help, though. Allow the MP3 player's software access to your music directory, but nothing else. Allow the word processor access to your documents directory, but nothing else.

    I wrote a utility called chrootexec that allows you to run a program in a chroot jail (it cannot access files outside that directory). It's basically the same as the chroot command, except that you don't need to be root to use it (but it does have to be installed suid root to work).

    However, some programs (file managers come to mind) need access to many directories to be useful. These will still be exploitable.

    --
    Please correct me if I got my facts wrong.
  16. Re:Yay for machine translation... by MadCow42 · · Score: 5, Funny

    >> the quality of the so-called "translation" spat out by Babelfish make me feel a lot better about my long-term job security...


    It don't make me feel so goods about you job security. q:]

    --
    I used to have a sig, but I set it free and it never came back.
  17. Poorly edited news post by theraccoon · · Score: 5, Informative
    The author of the post and the editor who posted it both failed to mention that this only affects models shipped in Japan. The link to the creative page is a babelfish translated website! Plus, the engadget page says that in order to become infected, you'll need to "go running conspicuous applications found on your device".

    Why does this sound like some Mac/iPod anonymous fanatic kicking dust?