Slashdot Mirror

← Back to Stories (view on slashdot.org)

HP Admits Selling Infected Flash-Floppy Drives

Posted by CmdrTaco on from the yeah-oops-sorry-our-bad dept.

bergkamp writes "Hewlett-Packard has been selling USB-based hybrid flash-floppy drives that were pre-infected with malware, the company said last week in a security bulletin. Dubbed "HP USB Floppy Drive Key," the device is a combination flash drive and compact floppy drive, and is designed to work with various models of HP's ProLiant Server line. HP sells two versions of the drive, one with 256MB of flash capacity, the other with 1GB of storage space. A security analyst with the SANS Institute's Internet Storm Center (ISC) suspects that the infection originated at the factory, and was meant to target ProLiant servers. "I think it's naive to assume that these are not targeted attacks," said John Bambenek, who is also a researcher at the University of Illinois. Both versions of the flash-floppy drive, confirmed HP in an April 3 advisory, may come with a pair of worms, although the company offered few details. It did not, for instance, say how many of the drives were infected, where in the supply chain the infections occurred or even when they were discovered."

6 of 110 comments (clear)

  1. Dear Smart People, by publicopinion5 · · Score: 2, Funny

    I'm one of those people who doesn't really belong on slashdot due to my outrageously inadequate computer skills. I just appreciate the actually intelligent discussion devoid of complete morons that I couldn't find anywhere else. But question for the people who do belong here: how is deliberately infecting your own products even close to a good idea? I can't imagine this is going to get half the press it deserves, but if this somehow got out past computernerdland (no offense meant), wouldn't that turn millions of people off of buying HP? I feel like I'm missing something here.

    1. Re:Dear Smart People, by Silver+Sloth · · Score: 1, Funny

      intelligent discussion devoid of complete morons Sorry, this is /. you're talking about, isn't it. Ah, you must be from Bizarro world.
      --
      init 11 - for when you need that edge.
  2. Re:In case anyone wonders by Cheesey · · Score: 4, Funny

    When I tried to install XP, I found it could recognise a USB drive. It would even allow me to install Windows onto it! But it wouldn't read the SATA drivers off it. I needed to find a working floppy disk in order to get those drivers onto the machine!

    Reminded me of Slackware back in the mid 90s. It's just as well most Windows users get the OS preloaded by the PC manufacturer. If they all had to install it themselves, surely most would give up and install Linux instead. The installer boots from the CD and includes all the drivers? What crazy person thought of that insane idea.

    --
    >north
    You're an immobile computer, remember?
  3. Re:Security improvements by SEMW · · Score: 5, Funny

    Unfortunately, you can't use the Group Policy Editor on Windows XP Home Edition. Who in their right mind would have XP Home edition installed on an HP ProLiant Server?
    --
    What's purple and commutes? An Abelian grape.
  4. It wasn't me...it was the one armed HP server! by insanemime · · Score: 2, Funny

    See Honey, it's HP's fault that porn was on our computer! All 3 terrabytes of it...nasty bugs. *whistles innocently*

  5. Re:In case anyone wonders (OT II) by Anonymous Coward · · Score: 1, Funny

    Someone's going to reply "blah blah chain of supply blah blah limited liability" Naw, I'm just going to reply 'offtopic' since your post had nothing to do with GP's comment...