Slashdot Mirror
Malware Distribution Through Physical Media a Growing Concern
twitter brings us a story about the increasing number of digital devices reaching consumers with malware already installed. In this case, digital photo frames from three different Sam's Club stores were found to contain the same type of malicious code. We discussed a similar problem with iPods a while back, as well as a more recent situation with Maxtor hard drives. Quoting the Register:
"While a compromise at the manufacturer is the most likely scenario, ISC's Sachs also pointed to retailers as a possible point of infection. Returned products, which could have been infected by the consumer, are frequently put back on the shelf, if they are in sale-able condition, and attackers could take advantage of a store's poor digital hygiene, he said. 'Trying to (infect a product) all the way back at the factory — getting it through all the checks and balances — would be pretty hard to do,' he said. 'But doing it at the store, where there might be loose return policies, and (where) they put it back on the shelf - you are not going to get a million infections, but you might get a person from an investment bank next door.'"
Trying to (infect a product) all the way back at the factory - getting it through all the checks and balances
... well. This whole scenario is hardly surprising.
Apparently this guy has never worked in a production firmware environment before: there are fewer checks and balances than you might think, especially because embedded-system guys generally don't have much awareness of Windows malware issues. Unfortunately, more and more embedded devices are being plugged into desktop machines, and with auto-run enabled
The higher the technology, the sharper that two-edged sword.
I've always said that autoexecuting stuff on any media inserted was the stupidest feature ever created. It's just asking for viruses to be installed. Actually strike that. It's the second stupidest thing. The stupidest thing is Windows being configured by default to restart for updates after the user doesn't respond for some very short amount of time.
Anthropic principle: We see the universe the way it is because if it were different we would not be here to see it.
I bought a new 80386 (maybe a 486 - I forget) motherboard a long time ago and it had a 5 1/4 floppy disk included with the board drivers software. It was also infected with the Michaelangelo virus. I never knew it until I saw a message on the FIDOnet BBS from some idiot in Bulgaria talking about how his virus was coming and it was going to kill everyone's computers.
I downloaded a free copy of McAffee and it found the virus on my computer as well as every floppy that I had inserted since then that wasn't write protected. McAfee's software offered to clean it but all it did was wipe out the MBR making it where I had to reformat and reinstall everything.
I told a friend at school who had just bought a similar motherboard. He broke the seal on his driver disk, scanned it, and found the virus there too. It was coming from the factory infected.
That was a lesson I will never forget and it happened almost 20 years ago.
I work in manufacturing in China, and I would not be surprised in the least to find a worker who accepted a shockingly small bribe to place malware directly into factory produced firmware. Not saying that's what happened, but I sure wouldn't be surprised if it did. I also would not be surprised to discover that a worker's Windows PC transferred its infection to the master used for production.
Shutting down free speech with violence isn't fighting fascism. It IS fascism!
The Morris Worm of twenty years ago did cause problems in the UNIX world. However, unlike Microsoft, the UNIX developers and vendors quickly fixed their software. And thus we haven't seen a single worm for UNIX systems since then, although UNIX and UNIX-like systems are the most widely used server OSes, and hence typically networked. Now contrast this to the numerous Windows-only worms that have caused billions of dollars of damages for individuals, businesses and governments around the world, and only in the past decade!
I'm not sure why you've been marked as a "troll", because what you said is completely accurate. Windows systems are more susceptible to malicious software. I'm not sure how that could be disputed. Now, things have gotten vastly better than they were when Windows 95, Windows 98 and Windows ME were developed. But even Windows XP has been widely affected by worms and malware, and Windows Vista is usually little better.
Although I'm an accountant by trade, I've worked at several companies with mixed Windows and UNIX networks. And at all of them we've had significant downtime due to Windows worms and viruses wreaking havoc on our internal networks. But I've never once, at any of those companies, heard of any downtime of the UNIX systems because of such a security threat.
Erm - a single script file can easily update thousands of different configuration files on any platform. And for all the world-famous Windows user-friendlyness, I'll take editing some bizarre Linux scripts where key=value over trying to remember hexadecimal codes for Internet Explorer registry entries :-)
Lets not overlook the dangers of having a single, unrebuildable registry for all the system settings... What happens when it gets hosed? I seem to remember that Windows 95 used to keep two copies of the registry around and could rebuild it if you deleted it. Windows XP seems to have lost that ability - I have no idea if Vista has recovered it.
Cheers,
Toby Haynes
Anything I post is strictly my own thoughts and doesn't necessarily have anything to do with the opinions of IBM.
A decade or so ago, 'UNIX security' was considered an oxymoron. If you wanted security, you ran a real OS like VMS or OS/360. UNIX had a very coarse-grained security model and the code had never been subjected to a proper audit. It's interesting how times change.
I am TheRaven on Soylent News