Slashdot Mirror
iPods Come Complete With Windows Virus
kaufmanmoore writes "Cnet is reporting that some video Ipods made after September 12th have the RavMonE virus loaded onto it. In Apple's announcement they take a swipe at Windows security and encourage Windows users to install anti virus applications."
Apple's products are made (and to some degree, designed) in China just like everybody else's. I wonder how many other memory products (that is, USB mass storage devices) have similar issues.
THIS THING CAN TURN ON A DIME, MACROSSZERO STYLE ALSO FUCK BETA, ~NYORON
I'm not one to try and defend Windows security with a straight face, but this is apples fault for shipping infected ipods. They failed to protect their customers, regardless of windows lack-lustre security
5468652047616D65
If I just distributed a device with a virus on it I would not be throwing stones at the security practices of another company.
Wow, sent an e-mail as suggested when clicking on "use classic" banner, and got a fast response that addressed my msg
Wow...trying to deflect some of the blame, huh?
-Hey! Whatcha lookin' at fool? -The Duk
and this is why in the long run, apple wins? Simply because MS can't do anything like this back to Apple.
those apple people are genius'
The class of Apple to complain about Windows being susceptible to viruses that Apple Quality Control fails to catch. Maybe Apple QC should install AV as well when they develop for windows?
"it was traced to a particular Windows machine in the manufacturing lines of a contract manufacturer " and "Very few units actually went through that particular station"
Why is a Windows machine ever connected to an iPod during manufacturing? I'd think for a high volume product like the iPod, there would be dedicated disk duplicators to format/populate the drives, and testing would likewise be done with purpose-designed hardware. Using a Windows PC to do either seems like a crude, inefficient way to do things.
"National Security is the chief cause of national insecurity." - Celine's First Law
(emphasis added)
It's nice that they're "upset with themselves for not catching it" in the last part of that statement, but what's that first part in bold all about? Oh yeah, it's the part where they shirk complete responsibility for this by half-blaming Microsoft for the virus Apple introduced in its own hardware. It's the most half-assed way of apologizing imaginable.
In other news, rapists who blame their victims will now be in charge of issuing Apple's PR statements on their website.
What I find interesting is the potential for this type of distribution to be the vector for a zero-day exploit.
Imagine the scenario: an unscrupulous individual happens across an unannounced vulnerability, and develops an exploit. Rather than building it into a worm/botnet replication mechanism, he finds a way to load it onto a consumer electronics device (mp3 player, flash drive, camera, etc) and lets the well-established merchandise distribution network take it from there. Weeks/months later, at a predetermined time, an attack can be launched simultaneously from hundreds/thousands of locations, and we have a nasty problem on our hands.
An object at rest cannot be stopped!
Not only that, since the problem was "traced to a particular Windows machine in the manufacturing lines of a contract manufacturer that builds the iPods for Apple," I would think that if they're going to talk so high-and-mighty against Windows that they would be smart enough not to use Windows as part of their manufacturing process.
Seems like just another bad attempt at deflection.
I never stated that either. My point was that he can't complain about viruses on Windows computers now that he's helped spreading it. Excuse me for not being clear enough.
Full Tilt
They didn't blame Microsoft for their failure to stop the iPods from shipping, but there is a certain element to truth to the statement. If you take away the fact that Apple is involved and look at it--a technology product was infected with malware because a Windows PC on the production line was infected and it wasn't caught in time.
The number of Windows machines on production lines in China is staggering--and if Windows had better security, the spread of viruses and malware wouldn't represent such a massive threat. Simple acts like requesting permission to install new software, etc. would go a long way toward cutting this off. Windows, left to its own devices, happily installs crapware without user intervention or notification, and that makes it harder to KNOW when your computer has been compromised.
So yeah, Microsoft is dumb in this capacity, but it's still Apple's responsibility.
I'd prefer to think along the lines of "why you can't get anybody at Apple to care." It doesn't affect Macs, after all.
Still, it does give food for thought. I can easily see it as an act of malice as much as a QA failure.
I recall a *brand new* Sandisk flash drive that loaded & installed its own software (including Skype, its own little menu system, utilities, etc.) onto my computer the moment I plugged it in.
How much would it be worth to a spammer/botnet group to infect the image that gets copied to all these devices? Enough to pay sufficiently large sums of money to subvert employees at the manufacturing plant?
It's still inexcusably sloppy of Apple, but my real concern isn't in the companies involved: It's that it will likely happen elsewhere as well. Flash drives, DVD's with 'extended' PC content... stuff like that.
Anywhere media with readable content is replicated can be a vector for viruses.
-- Sometimes you have to turn the lights off in order to see.
I agree with you, although... I have to wonder, how did it get on the iPod in the first place? If you look at the W32/Rjump worm you can see that it spreads itself by copying itself to mounted removeable storage drives.
Perhaps someone tested a prototype on an infected windows machine, to make sure some minor manufacturing change didn't bork the device. Then after working on it a bit they got it to work, copied the image over, and all of a sudden you have iPods being pumped out of the factor with a virus on them. Clearly just a guess, but if something similar to that happened and I was Apple I'd sure as hell be pissed that Windows lack of security caused my hardware devices to get factory shipped with a virus on them.
Note that this scenario is supported by TFA: "Joswiak said it was traced to a particular Windows machine in the manufacturing lines of a contract manufacturer that builds the iPods for Apple."
In that context, Apple has every right to be irritated. Either way though you're right, it's a pretty stupid PR move to make a comment like that. They should just apologize, fix the problem, and move on.
If apple are going to make products for use with windows, then it is their responsibility to ensure that those products don't contain virii for windows systems. Suggesting that the virus being present in their product that they're shipping (regardless of the susceptibility of Windows to that virus) is the fault of Microsoft is passing the buck in a most horrible way.
The simple fact is that they choose to make their device work with Microsoft Windows systems, and they are damned sure responsible for ensuring that their device will not cause problems with those systems, regardless of the flaws or vulnerabilities of Microsoft systems.
I quite like Mac hardware and software, and have previously been glad that they may be gaining market share, but frankly if they are going to continue to market themselves by making stabs at Microsoft (and no I'm not suggesting the virus was placed intentionally), rather than by marketing their products' strengths and features, I'm not so sure I will continue to feel the same way.
That's like MacDonald's importing meat infected with Mad Cow Diease, then blaming the FDA for not catching it.
Bad analogy. It's like McDonald's (no a) selling burgers infected with MCD, and then blaming the humans for being vulnerable to it. Except that unlike humans in the real world (who are all susceptible to MCD), the humans in this crazy analogy universe have a choice between different bodies: one that's not only vulnerable to MCD, but every other disease out there, and has to be constantly immunized against them, and even then performs terribly, stops breathing and loses conscienceness occasionally, and is ugly to boot; and a few other bodies that are naturally immune to every known disease, are stronger and live much longer, don't need sleep, and are very attractive. Only the idiots who chose the ugly, disease-infested bodies get MCD so McDonald's justifiably tries to assign them some of the blame for making a bad choice.
Especially not when you live here...
There is no such thing as autorun on OS X. If you really have managed to get a script to run automatically as soon as the volume that contains it is mounted, you are exploting a bug somewhere. Please file a bug report.
So now Apple needs a commercial where the Mac guy is picking up biohazardous waste while wearing a virus-proof bunny suit and "accidentally" spilling it on the PC guy who's just laying there in his beach clothes enjoying himself.
Crack - Free with every butt and set of boobs
Inexcusable? Hardly. It would certainly be inexcusable if they didn't take action here, but for a simple mistake? I think everyone is overstating how big a problem this is.
/were/ widespread viruses for Apple, they'd likely be just as problematic. The only thing that 'hardens' Apple against viruses, other than obscurity, is the fact that users don't run as Admin by default, so they have to type in their password for the virus to do any significant damage. Since we're training users to do this, it seems likely that a virus would still be able to wreak havoc on a Mac. We'd just call it a trojan, first.
And before people start saying, "Well if it was Microsoft, we'd be jumping down their throats about this!" consider that Apple isn't exactly a company with a long history of security flaws.
I do think that the statement "As you might imagine, we are upset at Windows for not being more hardy against such viruses" is absurd. If there
I guess Autorun on by default is another flaw in Windows, but I wasn't aware that USB devices would autorun by default. Are iPods presenting themselves as CDRoms now?
Seriously. People look at a company like Apple and they imagine that there's some middle-aged guy in a turtleneck personally checking every iPod and somehow he slipped up and missed this. Nope. It's some grunt in a factory somewhere trying to meet a quota, and of course they're going to cut corners. Apple hasn't screwed up yet--we'll have to see how they handle this situation to find out whether their actions are "inexcusable."
Your script will not propogate itself; will not use up my computer's resources; will not open a backdoor to allow others access to my information, bandwidth and/or processor cycles. How come people always cite an unintended "rm -rf /" as the most terrifying and catostrophic event ever? I backup my data. I'd rather suffer your script than have an undetected MS virus, worm or rootkit.
Ludwig Wittgenstein
Next PC vs Mac commercial, the Apple version:
PC is wearing a "boy in the plastic bubble" suit, wandering around with a bottle of Formula 409, obsessively wiping down everything he sees. Mac casually strolls up from behind and taps PC on the shoulder of his bubble suit. PC shrieks and starts spraying and wiping the suit. Mac asks what's up, PC starts babbling "Viruses...viruses are everywhere. Anything I touch might kill me. Never clean enough...never...clean...enough". Mac sadly shakes his head and wanders off.
Next PC vs Mac commercial, the Microsoft version:
Mac walks over to PC and offers to let PC listen to Mac's iPod. PC puts on the headset, starts tapping his feet and snapping his fingers, then suddenly flops onto his back, goes into convulsions, and dies. Mac slinks off the stage, looking embarassed and guilty. James Earl Jones voiceover grimly intones "iPods kill - buy a Zune".
A marriage is always made up of two people who are prepared to swear that only the other one snores.
But in the end, it's an Apple product and Apple is responsible. Sure, mistakes happen, and they did apologize, I'll give you that. The little jab at Microsoft was completely uncalled for, though. It makes Apple look far worse in my eyes than the accident did in the first place.
Not one that's ISO 9000 certified you havn't. Apple has never done the necessary paperwork to get Macs into this market. They don't care about this market. Now they've been bitten on the ass by this stance. That's the irony, aint it sweet.
How we know is more important than what we know.
The rules were made up by those lovely people at the International Standards Organisation. Apple has never gone through the process to get Macs certified as ISO 9000 approved manufacturing components. They focus on the home and small office market, they don't care about this stuff.
How we know is more important than what we know.
ITs great. Apple blames Windows for the Virus...but who put it on th ipod?
A Good Troll is better than a Bad Human.
I'm sorry, you are absolutely correct. I had this set up for so long I forgot what I did: Folder Actions. My face is red!
I still think the thinly-veiled insult is uncalled for when Apple directly creates a security risk.
Karma: Incomprehensible (Mostly affected by posting at +5, reading at -1, and metamoderating everything unfair.)
Less expensive, maybe a little bit, but a Yugo is less expensive than a Ferrari too! Just look at how much more you get: FireWire! Magnetic power cords! Genius bars! And isn't it worth a few more bucks to make your factory snappier?
Besides, there are plenty of factory applications for Mac! There's AssemblyLine...
Super AssemblyLine...
*whisper* Photoshop...
</fanboy>
Visual IRC: Fast. Powerful. Free.
Bullish Machine Tzar
I know iTunes is a crappy application (on Windows), but I don't know if I'd go so far as to call it a virus...