Slashdot Mirror
iPods Come Complete With Windows Virus
kaufmanmoore writes "Cnet is reporting that some video Ipods made after September 12th have the RavMonE virus loaded onto it. In Apple's announcement they take a swipe at Windows security and encourage Windows users to install anti virus applications."
Apple's products are made (and to some degree, designed) in China just like everybody else's. I wonder how many other memory products (that is, USB mass storage devices) have similar issues.
THIS THING CAN TURN ON A DIME, MACROSSZERO STYLE ALSO FUCK BETA, ~NYORON
Now I come to think about the PC guy in the Mac commercials who whines about viruses on Windows systems. Steve Jobs is so keen on pointing out that Mac is free from viruses (and Windows is not), but this blunder has got to shut him up about that for a while.
Full Tilt
Apple is selling ipods with a virus on them and they're taking it as an opportunity to bash Microsoft??
I'm sorry, but that just seems ass backwards to me. This one is not Microsoft's fault, and I hope people realize that.
Everything I need to know I learned by killing smart people and eating their brains.
I'm not one to try and defend Windows security with a straight face, but this is apples fault for shipping infected ipods. They failed to protect their customers, regardless of windows lack-lustre security
5468652047616D65
If I just distributed a device with a virus on it I would not be throwing stones at the security practices of another company.
Wow, sent an e-mail as suggested when clicking on "use classic" banner, and got a fast response that addressed my msg
Wow...trying to deflect some of the blame, huh?
-Hey! Whatcha lookin' at fool? -The Duk
and this is why in the long run, apple wins? Simply because MS can't do anything like this back to Apple.
those apple people are genius'
The class of Apple to complain about Windows being susceptible to viruses that Apple Quality Control fails to catch. Maybe Apple QC should install AV as well when they develop for windows?
(emphasis added)
It's nice that they're "upset with themselves for not catching it" in the last part of that statement, but what's that first part in bold all about? Oh yeah, it's the part where they shirk complete responsibility for this by half-blaming Microsoft for the virus Apple introduced in its own hardware. It's the most half-assed way of apologizing imaginable.
In other news, rapists who blame their victims will now be in charge of issuing Apple's PR statements on their website.
No. There is no defense against an executable installed by a trusted vendor. If a virus gets installed due to user action - connecting an iPod, for example - and the user agrees to whatever official-looking prompts the installation creates, there is no reasonable security model on earth that can prevent the malicious code from running.
/" example above is a straightfoward example.
The "rm -rf
Apple is completely, unilaterally responsible, just like Sony was responsible for the CD rootkit cock-up.
I'd prefer to think along the lines of "why you can't get anybody at Apple to care." It doesn't affect Macs, after all.
Still, it does give food for thought. I can easily see it as an act of malice as much as a QA failure.
I recall a *brand new* Sandisk flash drive that loaded & installed its own software (including Skype, its own little menu system, utilities, etc.) onto my computer the moment I plugged it in.
How much would it be worth to a spammer/botnet group to infect the image that gets copied to all these devices? Enough to pay sufficiently large sums of money to subvert employees at the manufacturing plant?
It's still inexcusably sloppy of Apple, but my real concern isn't in the companies involved: It's that it will likely happen elsewhere as well. Flash drives, DVD's with 'extended' PC content... stuff like that.
Anywhere media with readable content is replicated can be a vector for viruses.
-- Sometimes you have to turn the lights off in order to see.
Then why is Apple using it? Your OS is as secure or insecure as you make it. If Apple knows what they are doing, why weren't they more secure? They are just trying to spin it. Just like Republicans trying to spin Foley's attraction to pages as something the Democrats kept secret to release during election time....only people with heavy bias will fall for it. If you make a mistake, admit it and do what you can to rectify the situation.
Support a great indie game: http://www.abaddon360.com
Because this is Slashdot and everything is China's fault.
QA?
If apple are going to make products for use with windows, then it is their responsibility to ensure that those products don't contain virii for windows systems. Suggesting that the virus being present in their product that they're shipping (regardless of the susceptibility of Windows to that virus) is the fault of Microsoft is passing the buck in a most horrible way.
The simple fact is that they choose to make their device work with Microsoft Windows systems, and they are damned sure responsible for ensuring that their device will not cause problems with those systems, regardless of the flaws or vulnerabilities of Microsoft systems.
I quite like Mac hardware and software, and have previously been glad that they may be gaining market share, but frankly if they are going to continue to market themselves by making stabs at Microsoft (and no I'm not suggesting the virus was placed intentionally), rather than by marketing their products' strengths and features, I'm not so sure I will continue to feel the same way.
Inexcusable? Hardly. It would certainly be inexcusable if they didn't take action here, but for a simple mistake? I think everyone is overstating how big a problem this is.
/were/ widespread viruses for Apple, they'd likely be just as problematic. The only thing that 'hardens' Apple against viruses, other than obscurity, is the fact that users don't run as Admin by default, so they have to type in their password for the virus to do any significant damage. Since we're training users to do this, it seems likely that a virus would still be able to wreak havoc on a Mac. We'd just call it a trojan, first.
And before people start saying, "Well if it was Microsoft, we'd be jumping down their throats about this!" consider that Apple isn't exactly a company with a long history of security flaws.
I do think that the statement "As you might imagine, we are upset at Windows for not being more hardy against such viruses" is absurd. If there
I guess Autorun on by default is another flaw in Windows, but I wasn't aware that USB devices would autorun by default. Are iPods presenting themselves as CDRoms now?
Seriously. People look at a company like Apple and they imagine that there's some middle-aged guy in a turtleneck personally checking every iPod and somehow he slipped up and missed this. Nope. It's some grunt in a factory somewhere trying to meet a quota, and of course they're going to cut corners. Apple hasn't screwed up yet--we'll have to see how they handle this situation to find out whether their actions are "inexcusable."
Your script will not propogate itself; will not use up my computer's resources; will not open a backdoor to allow others access to my information, bandwidth and/or processor cycles. How come people always cite an unintended "rm -rf /" as the most terrifying and catostrophic event ever? I backup my data. I'd rather suffer your script than have an undetected MS virus, worm or rootkit.
Ludwig Wittgenstein
It's utterly inexcusable for Apple to take potshots at Microsoft when Apple is the one who is completely at fault.
And regardless of who's fault it is that Windows isn't secure, the question is who's in charge of IT at this factory? Is it normal to allow foreign machines on a production network? I hope not. So how did this virus even get on the network?
And if Windows isn't secure, then why is Apple using equipment that runs Windows. The last time I checked, they have a fairly decent OS of their own.
And one last thing, if all that you are doing is uploading an image to flash, then a frickin Sinclair would do the trick. Apple need not rely on Microsoft products at all.
Apple is coming off as not giving two shits about spreading a virus to their competitors equipment, and that's just wrong.
And before I get called a Windows whoreboy, I'd like it be known that in actuality I'm a linux whoreboy. I just wanted to clear that up.
But in the end, it's an Apple product and Apple is responsible. Sure, mistakes happen, and they did apologize, I'll give you that. The little jab at Microsoft was completely uncalled for, though. It makes Apple look far worse in my eyes than the accident did in the first place.
Some of my clients are manufacturers of electronic control devices. Nearly all of the testing machines are run by commodity PCs, either Windows or Linux - usually Windows. Years ago, they did use purpose built computers, however, the price of PCs has plunged relative to the alternatives.
Don't try to out wierd me, three-eyes. I get stranger things than you, free with my breakfast cereal. --Zaphod Beeblebr
Well, considering that Linux has the majority of web sites according to Netcraft, it's certainly not a "minor player".
But even so, you and your cohorts still haven't addressed the fact that there are NO viable viruses or other serious malware for the Linux or Mac platforms. With 10% marketshare between them, you'd think someone would bother to make one, just to prove it can be done. I haven't seen it yet. Your argument is all about "marketshare", but you have yet to name a single attack vector that can be used on non-MS systems, and has been proven to be vulnerable.
It's not really acceptable to just say 'hey, go out and buy some antivirus software because the products we sell have viruses'. If I buy a bloody ipod it shouldn't ruin my computer. Though I imagine they have some legal agreement stating that I can't sue for lost data if my ipod destroys my computer...
Congratulations. That's the most ignorant comment I've read in this thread so far, and let me tell you, it's up against some pretty stiff competition.
From the McAfee site linked to in TFA:
Infection occurs when a removable storage device or a mapped drive hosting a copy of W32/Rjump.worm is accessed and the user agrees to the auto run prompt for execution of the worm.
Yes, that's right, you have to agree to install the dammed thing. Now, if you plug an MP3 player into your computer and it prompts you to ok a software installation, there are only two reasons to agree to do it:
1) You trust the vendor in question, and are happy to install their software, even if you aren't too sure exactly what it is.
2)You really have no idea what this prompt is, you're not too interested either, and you just blindly click ok because you think if you don't you're new toy won't work.
Now, just supposing you were using Linux, and the phrase "click ok" was replaced with "enter root password", what would happen? I'll tell you what would happen. The same people who clicked OK would just tap in their passwords.
The problem here is not windows insecurity. The problem is that a trusted vendor was shipping infected hardware. End of story.
"I realise this is not a very popular opinion but it's the truth, and there for needs to be said" -Bill Hicks
His wont, but there's nothing special about the MachO file format that prevents viruses from hooking themselves onto the front of an application.
Let me put it this way, every single application inside your Applications folder can be modified by the primary user without any password dialogs or anything.
It is very possible to write a virus, attach to some shareware program, and when you ran it, it would infect every OSX application you have installed. Then everytime you ran iTunes, for example, it could do a lot of damage.
From http://www.ibiblio.org/pub/linux/docs/HOWTO/Advoca cy
please note it was a contract manufacturer. which means apple probably didn't regularly (if they even did) audit them. which means this COULD have been deliberate along with the possible theory of a random infection