HTC Android Phones Found With Malware Pre-Installed

← Back to Stories (view on slashdot.org)

HTC Android Phones Found With Malware Pre-Installed

Posted by Soulskill on Tuesday March 9, 2010 @04:45AM from the saving-users-time-and-effort dept.

Trailrunner7 writes "Security researchers have found that Vodafone, one of the world's larger wireless providers, is distributing some HTC phones with malware pre-installed on them. The phone, HTC's Magic, runs the Google Android mobile operating system, and is one of the more popular handsets right now. A researcher at Panda Software received one of the handsets recently, and upon attaching it to her PC, found that the phone was pre-loaded with the Mariposa bot client. Mariposa has been in the news of late thanks to some arrests connected to the operation of the botnet."

158 comments

Min score:

Reason:

Sort:

It's not a bug by elrous0 · 2010-03-09 04:46 · Score: 4, Funny

It's an undocumented feature!

--
SJW: Someone who has run out of real oppression, and has to fake it.
1. Re:It's not a bug by Pojut · 2010-03-09 04:48 · Score: 1
  
  It's a perfectly cromulent feature. I mean come on...malware preinstalled? That rocks tits to dust.
  
  --
  Living With a Nerd
2. Re:It's not a bug by Anonymous Coward · 2010-03-09 05:14 · Score: 1, Funny
  
  Wait a minute, I thought Android already had spyware installed...wasn't it called: Google?
3. Re:It's not a bug by Monkeedude1212 · 2010-03-09 05:29 · Score: 4, Funny
  
  You think THATS bad - I got my HTC phone with Windows Mobile 6.1 Pre Installed!
4. Re:It's not a bug by m.ducharme · 2010-03-09 05:53 · Score: 1
  
  spyware !== malware.
  My understanding was that Mariposa is a bot client, not just spyware.
  
  --
  Rule of Slashdot #0: You and people like you are not representative of the larger population. - A.C.
5. Re:It's not a bug by daremonai · 2010-03-09 06:01 · Score: 1
  
  I don't see what's the big deal here. Verizon has been pre-installing malware on all their phones for years.
6. Re:It's not a bug by Alphathon · 2010-03-09 06:07 · Score: 1
  
  Crapware maybe, but unless it's gone horribly unreported (or I just havn't noticed, being in the UK and all) they don't carry botnets
7. Re:It's not a bug by mcgrew · 2010-03-09 07:28 · Score: 1
  
  From TFS: "Security researchers have found that Vodafone, one of the world's larger wireless providers, is distributing some HTC phones with malware pre-installed on them.
  Does Sony own Vodaphone? If so you're probably right; XCP was put in music CDs on purpose. I wouldn't be surprised if this malware was put there on purpose, too, even if Sony doesn't own Vodaphone.
  Yes, I'm a cynical old fart, but that comes from getting screwed over for decades. Ah, to be young and idealistic again!
  
  --
  Free Martian Whores!
8. Re:It's not a bug by w0mprat · 2010-03-09 14:07 · Score: 1
  
  I don't get why that's worse, that's the same thing as the headline?
  
  --
  After logging in slashdot still does not take you back to the page you were on. It's been that way for 20 years.
9. Re:It's not a bug by Anonymous Coward · 2010-03-09 15:52 · Score: 0
  
  Its the "smart" in the smart phone.
Pre-installed by 0racle · 2010-03-09 04:47 · Score: 3, Funny

No user intervention, IT JUST WORKS

--
"I use a Mac because I'm just better than you are."
1. Re:Pre-installed by feranick · 2010-03-09 11:33 · Score: 1
  
  And people still thinks that Linux requires complicated command line input to work... Finally some "hard" evidence to prove them wrong.
Technically, not installed... by TheRaven64 · 2010-03-09 04:47 · Score: 5, Informative

The software in question was an autorun file, so it wasn't installed on the phone, it was just present on the phone's flash drive waiting to try to infect any OS stupid enough to automatically run programs from untrusted devices. It's not like the phone was running a botnet client and using up your data allowance sending spam, it was just a carrier.

--
I am TheRaven on Soylent News
1. Re:Technically, not installed... by clone53421 · 2010-03-09 04:54 · Score: 5, Insightful
  
  That’s a good distinction to make.
  Of course I immediately assumed they didn’t really mean “installed”, since it’s a Windows virus and an Android OS...
  
  --
  Alexander Peter Kristopeit bought his basement from his mommy for one dollar.
2. Re:Technically, not installed... by 56 · 2010-03-09 04:55 · Score: 4, Insightful
  
  Either way, that's pretty crazy. I wonder if it's a case of a rogue employee putting it there, or if it somehow got installed unntentionally by Vodafone. Or maybe the phone was used, returned, and re-sold without having the micro sd card formatted.
3. Re:Technically, not installed... by DarthVain · 2010-03-09 04:56 · Score: 2, Insightful
  
  "untrusted devices"
  Its not like this phone was bought on e-bay or some back ally. This is straight from the manufacture.
  It baffles me that products get through QA and carry viruses, Trojans or other malware, I mean come on.
4. Re:Technically, not installed... by sbeacom · 2010-03-09 05:01 · Score: 3, Insightful
  
  It's not really straight from the manufacturer is it?
  
  I'm not sure about how Vodafone works, but most carriers around here love to brand their phones. The issue it self seems to be isolated to just the Vodafone models so could it be part of the branding they do with the phones?
5. Re:Technically, not installed... by bhtooefr · 2010-03-09 05:03 · Score: 0, Flamebait
  
  The branding is done at the manufacturer, though. Silkscreening is done at the same time as manufacturer logos, and firmware preload is done at the manufacturer.
6. Re:Technically, not installed... by AndrewNeo · 2010-03-09 05:04 · Score: 2, Informative
  
  And if it's an autorun file, that means only XP and earlier, and very stupid users are vulnerable. Vista and 7 don't execute Autorun.exe by default.
7. Re:Technically, not installed... by ducomputergeek · 2010-03-09 05:08 · Score: 0
  
  People around here love to bitch about Apple and their control over their hand set, but this was one of the reasons they locked it down. Especially in the early days when it wasn't a proven platform. If the iPhone had been a free for all, malware would have quickly popped up and not only killed the iPhone, but like set all smart phones not made by RIM back a few years. But long term I think there is going to be a malware problem on Android and then the Carriers will use that as an excuse to grab back control of the platform forcing users to only use "their App store".
  And to those who say, "But don't run unsigned apps from sources you don't know". Yeah, makes perfect sense to me, but how many people do we know downloaded the prettypuppiesscreensaver.exe only to get infected with a virus? How long until we see some tweet linked to an android malware program that thousands of users install because they don't know any better?
  You know, the more I get to thinking about it, the more sense Apple's policy of no background apps becomes.
  
  --
  "The problem with socialism is eventually you run out of other people's money" - Thatcher.
8. Re:Technically, not installed... by 56 · 2010-03-09 05:08 · Score: 1
  
  my rogers htc magic has a bunch of rogers images preloaded, and several rogers bookmarks placed in the web-browser. i would be surprised if that's done by htc.
  also, i've received phones from rogers that have been bought and then returned, with the other person's content still on the sd card - as could easily have been the case with the phone in question. In my case, there were pictures of the guy's trip to new york left on the phone.
9. Re:Technically, not installed... by Anonymous Coward · 2010-03-09 05:09 · Score: 0
  
  And if it's an autorun file, that means only XP and earlier, and very stupid users are vulnerable. Vista and 7 don't execute Autorun.exe by default.
  Really? Nice. Windows is really growing up.
10. Re:Technically, not installed... by clone53421 · 2010-03-09 05:13 · Score: 3, Informative
  
  Wrong, it was replaced with Autorun.inf, and Vista/7 do execute it if you choose to “Autoplay” the device. I believe the dialog will appear first to ask you what you want to do, but “Autoplay” is the top choice and is selected by default.
  
  --
  Alexander Peter Kristopeit bought his basement from his mommy for one dollar.
11. Re:Technically, not installed... by Manax · 2010-03-09 05:16 · Score: 5, Insightful
  
  That's just ridiculous. Did you even read the summary? This isn't about you installing a trojan on your phone, or about how open the platform is or isn't. It's about it COMING FROM THE CARRIER that way. This could have just as easily happened to an iPhone and had a mac or PC virus on it...
  
  --
  "Why should I be content to simply live in this world, when I, as a human being, can CREATE it?" - Oertel
12. Re:Technically, not installed... by Viol8 · 2010-03-09 05:17 · Score: 0, Flamebait
  
  *sigh*
  Don't microsoft *ever* learn?
  Thank god I bailed out of Windows years ago.
13. Re:Technically, not installed... by nicolas.kassis · 2010-03-09 05:18 · Score: 1
  
  Just checked my HTC magic, no virus found.
14. Re:Technically, not installed... by jbeaupre · 2010-03-09 05:19 · Score: 1
  
  This has nothing to do with lockdown. It came from the manufacturer this way. iPhones can connect by USB, so the same could happen if the manufacturer were not careful.
  
  --
  The world is made by those who show up for the job.
15. Re:Technically, not installed... by gparent · 2010-03-09 05:20 · Score: 1
  
  You mean the device will autoplay if you tell it to autoplay? Oh my god!
16. Re:Technically, not installed... by Anonymous Coward · 2010-03-09 05:20 · Score: 0
  
  I used to work for a very large fast food chain, developing software for their Point-Of-Sale system. The company decided to switch from a system originally developed in-house to a third-party Windows-based system. Shortly after they set up the QA lab with the new system (over 100 machines), the entire lab (except for the few machines still running the old system) were infected with a virus, presumably brought in on someone's thumb drive.
  Anyone in the development/testing/manufacturing process could accidentally (or intentionally) install a virus into a commercial system. Of course, it pretty much has to be a Windows-based system for any actual damage to occur.
17. Re:Technically, not installed... by Anonymous Coward · 2010-03-09 05:21 · Score: 0
  
  And if that dialog came up when plugging in a new phone, I'd expect it to be installing software for the phone, so not only stupid people would be infected.
18. Re:Technically, not installed... by nicolas.kassis · 2010-03-09 05:21 · Score: 4, Informative
  
  Ok... go lookup the story about iPods loaded with trojans that got through QA. http://msmvps.com/blogs/spywaresucks/archive/2006/10/19/187622.aspx This has nothing to do with android/apple and everything to do with crappy manufacturing using infected windows PC that will infect any usb connected device.
19. Re:Technically, not installed... by clone53421 · 2010-03-09 05:22 · Score: 1
  
  Interesting. I guess the short version of it is, if you buy a phone, make sure you check it before just plugging it in and letting your computer run stuff off it without permission. You might be the unlucky one.
  Then again, you might be lucky... depending on the photos you find.
  
  --
  Alexander Peter Kristopeit bought his basement from his mommy for one dollar.
20. Re:Technically, not installed... by Anonymous Coward · 2010-03-09 05:24 · Score: 0
  
  That's fantastic! Why don't you give yourself a big pat on the back for your incredible foresight?
21. Re:Technically, not installed... by clone53421 · 2010-03-09 05:24 · Score: 2, Insightful
  
  From what you said, several things are glaringly obvious about your set-up.
  No antivirus.
  You probably didn’t disable autoruns.
  Most importantly, UNPATCHED NETWORKED WINDOWS MACHINES. Your firewall is NOT enough to protect them.
  
  --
  Alexander Peter Kristopeit bought his basement from his mommy for one dollar.
22. Re:Technically, not installed... by 517714 · 2010-03-09 05:25 · Score: 1
  
  Isn't that a bit like drawing the erroneous distinction that because Typhoid Mary was asymptomatic she was not sick? She was a vector for the disease because the disease resided within her. If the software resided on the phone it was installed.
  
  --
  The US government have made it clear that we have no inalienable rights; any we do not defend vigorously will be taken.
23. Re:Technically, not installed... by Lunix+Nutcase · 2010-03-09 05:25 · Score: 1
  
  it was just present on the phone's flash drive waiting to try to infect any OS stupid enough to automatically run programs from untrusted devices.
  Since when is my own phone an "untrusted device"?
24. Re:Technically, not installed... by ducomputergeek · 2010-03-09 05:27 · Score: 1
  
  If you read the article, it's the SD card that's infected. Which, no, wouldn't affect an iPhone since there isn't an SD slot. Question is, where did the SD card ship from? Vodoaphone or HTC?
  
  --
  "The problem with socialism is eventually you run out of other people's money" - Thatcher.
25. Re:Technically, not installed... by clone53421 · 2010-03-09 05:27 · Score: 2, Informative
  
  No... it will autoplay if you give it permission to autoplay.
  You don’t tell it to. It asks, and the default option is to allow it. All you have to do is click Ok.
  
  --
  Alexander Peter Kristopeit bought his basement from his mommy for one dollar.
26. Re:Technically, not installed... by clone53421 · 2010-03-09 05:30 · Score: 1
  
  Isn't that a bit like drawing the erroneous distinction that because Typhoid Mary was asymptomatic she was not sick?
  Um, yes, but it’s not erroneous. She wasn’t sick.
  
  --
  Alexander Peter Kristopeit bought his basement from his mommy for one dollar.
27. Re:Technically, not installed... by Cro+Magnon · 2010-03-09 05:30 · Score: 0, Troll
  
  Since when is my own phone an "untrusted device"?
  Since it came from HTC?
  
  --
  Slow down, cowboy! It has been 4 hours since you last posted. You must wait another few hours.
28. Re:Technically, not installed... by gparent · 2010-03-09 05:32 · Score: 1
  
  Just like UAC will run programs with admin privileges if you give it permission to run them.
  
  You don't tell it to. It asks. All you have to do is click "Yes".
29. Re:Technically, not installed... by TubeSteak · 2010-03-09 05:33 · Score: 4, Insightful
  
  I can't seem to get the original panda research page to open, so here's the google cache
  http://74.125.113.132/search?q=cache:http://research.pandasecurity.com/vodafone-distributes-mariposa/
  It's funny how TFA treats "a researcher" and "one phone" as "some HTC phones".
  
  --
  [Fuck Beta]
  o0t!
30. Re:Technically, not installed... by clone53421 · 2010-03-09 05:34 · Score: 1
  
  That’s why it is a trusted device.
  I trust them to build phones that are safe and to respect my privacy, and to ensure that nobody who isn’t trustworthy will get their hands on one of the phones before the customer does.
  
  --
  Alexander Peter Kristopeit bought his basement from his mommy for one dollar.
31. Re:Technically, not installed... by clone53421 · 2010-03-09 05:42 · Score: 1
  
  My point was that it will autoplay. They added a level of protection, but not much, and the default choice offered with very little fanfare will result in you being infected.
  Microsoft has at least gone to great lengths to make UAC unmistakable, inescapable, and demand your immediate and full attention. The device autoplay dialog isn’t anywhere near as scary as a UAC prompt.
  
  --
  Alexander Peter Kristopeit bought his basement from his mommy for one dollar.
32. Re:Technically, not installed... by bnenning · 2010-03-09 05:47 · Score: 1
  
  Exactly. This isn't an argument in support of Apple locking down the iPhone app store, it's an argument for preventing Macs from using flash drives. Is that what you want?
  
  --
  How to solve most of our problems: 1.Lots of nuclear plants. 2.Cure aging.
33. Re:Technically, not installed... by Dog-Cow · 2010-03-09 05:49 · Score: 1
  
  If you have no symptoms, you are not sick. It doesn't matter what viruses or bacteria you may be playing host to. That's exactly what vaccines are about: giving you immunity such that if you are infected with a virus it doesn't make you sick.
  In short: you're completely and utterly wrong.
34. Re:Technically, not installed... by clone53421 · 2010-03-09 05:50 · Score: 1
  
  The push is toward making computers smarter. Instead of waiting for the user to tell the computer what to do, it figures it out for itself and asks the user to confirm before it does it (don’t laugh, I’m being serious).
  Smarter computers make it easier for dumb people to install software and surf the web, because all they have to do is click “Ok”.
  And smarter computers also make it easier for dumb people to get infected with malware, because they’re too dumb to know when the answer should be “NO!”.
  
  --
  Alexander Peter Kristopeit bought his basement from his mommy for one dollar.
35. Re:Technically, not installed... by gparent · 2010-03-09 05:50 · Score: 1
  
  So me and AndrewNeo are right, then? Autoplay will be ran only if you select it? Good. Carry on.
36. Re:Technically, not installed... by interkin3tic · 2010-03-09 05:51 · Score: 1
  
  accidental mod correcting
37. Re:Technically, not installed... by clone53421 · 2010-03-09 05:53 · Score: 1
  
  No, you don’t have to select anything. All you have to do is click “Ok” and let the computer do what it thought was the best idea.
  Maybe you think a user is “very stupid” if they autoplay a device that’s fresh out of the box? I don’t...
  
  --
  Alexander Peter Kristopeit bought his basement from his mommy for one dollar.
38. Re:Technically, not installed... by beakerMeep · 2010-03-09 05:56 · Score: 2, Insightful
  
  Or maybe the "colleague" already had these viruses and they hopped over to the USB? Or maybe Panda just made it all up? Kinda hard to say when it's a single phone. But time to get out the pitchforks regardless! I like pitchforks.
  
  --
  meep
39. Re:Technically, not installed... by gparent · 2010-03-09 05:58 · Score: 1
  
  God damn, you don't have to be so fucking literal about everything. If the user sees "AUTOPLAY" and clicks "OK", then he selected it and approves.
  
  99% of the time the user wants to run autoplay, because he's inserting a CD, DVD or a software disk. The only valid thing to do here is to pop that menu and let him "confirm", as you said.
40. Re:Technically, not installed... by ircmaxell · 2010-03-09 05:59 · Score: 1
  
  It's an untrusted device relative to the computer. The computer doesn't know where it has been (That's why newer versions of Win and all versions of Linux ask you what to do)... YOU may trust it, but a competent programmer will not. A competent programmer will not trust ANYTHING not directly in the control of the program at all times (Don't trust anything that the user could possibly tamper with)...
  
  --
  If a man isn't willing to take some risk for his opinions, either his opinions are no good or he's no good
41. Re:Technically, not installed... by dancingmilk · 2010-03-09 06:00 · Score: 1
  
  Which is telling the computer "Yes, I want to autorun this program."
  Just because its the default option doesn't mean its bad or something. You still have to hit a button. If the user mindlessly clicks away at buttons, well thats no fault of the software. Thats just a PEBKAC issue.
42. Re:Technically, not installed... by clone53421 · 2010-03-09 06:06 · Score: 1
  
  99% of the time the user wants to run autoplay, because he's inserting a CD, DVD or a software disk. The only valid thing to do here is to pop that menu and let him "confirm", as you said.
  I agree. And if the Windows Vista/7 users are just presented an option that 99% of the time would have been correct, but in this case it infects their computer with a botnet client, please explain to me how you figure that this statement is correct:
  
  And if it's an autorun file, that means only XP and earlier, and very stupid users are vulnerable.
  
  --
  Alexander Peter Kristopeit bought his basement from his mommy for one dollar.
43. Re:Technically, not installed... by gparent · 2010-03-09 06:12 · Score: 1
  
  Except your bold "WRONG" statement applied to "Vista and 7 don't execute Autorun.exe by default.", which has nothing to do with whether a user is stupid or not. Fact is, Vista and 7 do not execute anything autorun by default. They ask you first.
44. Re:Technically, not installed... by clone53421 · 2010-03-09 06:26 · Score: 1
  
  They trusted the manufacturer to sell them a phone that won’t give them brain cancer when they hold it up against their head, and they trusted the manufacturer to sell them a phone that won’t give their computer a virus when they attach it.
  Taking a device which creates and uses radio waves and holding it up to your head is just as much a choice as clicking “Ok” when your computer asks you whether it should autoplay the device, and reasonable users don’t expect either action to result in harm to themselves or their computer.
  So basically, AndrewNeo was wrong on all counts. He said that users would have to be using Windows XP and be exceptionally stupid in order to get infected by this malware. In my opinion, reasonable users on Windows Vista/7 could still be infected.
  
  --
  Alexander Peter Kristopeit bought his basement from his mommy for one dollar.
45. Re:Technically, not installed... by Alphathon · 2010-03-09 06:26 · Score: 1
  
  Well, really it's an argument against devices having storage (be it internal e.g a hdd, or removable, e.g. an SD card) which is mountable, and having mountable storage be able to autorun. It has nothing specific to do with flash or removable storage, but storage in general. The same thing could happen on a CD if someone managed to hide it in a master copy used for production. The iPhone being closed prevents it from happening via an SD card, but if you can hide malware on it's internal memory a similar thing could happen.
46. Re:Technically, not installed... by BlackBloq · 2010-03-09 06:36 · Score: 1
  
  RTFA
  Har
  less than 1% - of the Video iPods available for purchase after September 12, 2006
47. Re:Technically, not installed... by RalphSleigh · 2010-03-09 06:36 · Score: 1
  
  Maybe, but we can only hope the user will use the menu to select import photos or invoke the phones bloated windows software package instead of autoplaying.
  Anyway, even if the user runs the autoplay, it will still need to pop a UAC prompt to do anything nasty (well install itself as part of a botnet, oh for the old days when viruses just deleted your files and popped up a dialogue saying ha ha, no UAC needed there).
  
  --
  Come as you are, do what you must, be who you will.
48. Re:Technically, not installed... by hduff · 2010-03-09 06:37 · Score: 2, Funny
  
  I see you want to install a Windows virus. Proceed?
  
  --
  "I believe in Karma. That means I can do bad things to people all day long and I assume they deserve it." : Dogbert
49. Re:Technically, not installed... by clone53421 · 2010-03-09 06:39 · Score: 2, Insightful
  
  First of all, please learn the difference between <strong> and <a href="">. One is bold, the other is a reference.
  Secondly, the “default” choice is still to execute the autorun. You just have to click Ok before it will perform the default action. I never said it autoruns without any prompting whatsoever; it prompts, and the default (highlighted) option is to autorun.
  It’s no different from installers that bundle the Google toolbar and the install option is checked by default. It’s no different from online forms where the “sign me up for your mailing list” option is checked by default.
  Yes, the user can manually override it, but they must have a reason to know that the “default” option is unwise. “Install the Google toolbar” is descriptive of what will happen. “Keep me informed of future products and special purchases” is descriptive of what will happen. “Autoplay” is not descriptive of what will happen in this case, because users expect a new hardware device to install itself when you plug it in and autoplay it. Installing malware is not something they’d expect.
  
  --
  Alexander Peter Kristopeit bought his basement from his mommy for one dollar.
50. Re:Technically, not installed... by clone53421 · 2010-03-09 06:43 · Score: 1
  
  Typical device installation process: Insert, wait for the hardware drivers to install, Autoplay, confirm UAC, wait until the software drivers install.
  You just don’t expect your new hardware to come bundled with malware. It’s that simple.
  Hell, I never install the software packages that come with cameras, etc. You don’t need them, they’re bloated, all of the things you just said. But people who do install them are “stupid”? No, I wouldn’t call them that.
  
  --
  Alexander Peter Kristopeit bought his basement from his mommy for one dollar.
51. Re:Technically, not installed... by gparent · 2010-03-09 06:44 · Score: 1
  
  First of all, please learn the difference between <strong> and <a href="">. One is bold, the other is a reference.
  Don't act like an idiot, it's obvious what I meant.
  
  Secondly, the “default” choice is still to execute the autorun. You just have to click Ok before it will perform the default action. I never said it autoruns without any prompting whatsoever; it prompts, and the default (highlighted) option is to autorun.
  So AndrewNeo was right then, not wrong. Jesus. I'm pointing how how you contradicted yourself within one sentence and you wrote an essay about the semantics of autorun.
52. Re:Technically, not installed... by clone53421 · 2010-03-09 06:46 · Score: 1
  
  Well, that’s not exactly what it says... and I certainly wouldn’t expect the Autoplay on a new phone to be a virus, straight out of the box. Bloated and unnecessary, yeah, which is why I probably wouldn’t install it... but not malware. I’m no dummy, but even I wouldn’t expect that.
  
  --
  Alexander Peter Kristopeit bought his basement from his mommy for one dollar.
53. Re:Technically, not installed... by nicolas.kassis · 2010-03-09 06:51 · Score: 1
  
  And the vodaphone HTC magic might be as small a share of the whole market. My HTC Magic (rogers, canada) doesn't not have this issue.
54. Re:Technically, not installed... by Anonymous Coward · 2010-03-09 06:52 · Score: 0
  
  see also http://apple.slashdot.org/story/06/10/17/2148237/iPods-Come-Complete-With-Windows-Virus
55. Re:Technically, not installed... by clone53421 · 2010-03-09 06:54 · Score: 0, Offtopic
  
  Don't act like an idiot, it's obvious what I meant.
  No... you used all caps, so I wasn’t sure. I merely said he was wrong.
  
  So AndrewNeo was right then, not wrong.
  Oh for crying out loud. No, he was wrong. Do you not understand the word “default”? It doesn’t mean the computer won’t ask. It means you’ll have to tell it otherwise if you don’t want the “default”, and whether that means holding down Shift (in Windows XP) or clicking “Cancel” in Vista or 7, the “default” is still to autoplay. They just made it a lot more obvious how to prevent the default from happening (nobody even knew that you could avoid the default autorun by holding down shift).
  Vista and Windows 7 do not immediately run the autorun, without asking you at all like Windows XP did. That’s an improvement. However, the option to run the autorun is still the DEFAULT option.
  
  --
  Alexander Peter Kristopeit bought his basement from his mommy for one dollar.
56. Re:Technically, not installed... by cbiltcliffe · 2010-03-09 07:16 · Score: 1
  
  Most importantly, UNPATCHED NETWORKED WINDOWS MACHINES.
  Not necessarily.
  Some of these types of programs run a single install on the server, which is accessed by all clients over the network.
  Meaning, the actual application is loaded from the network drive, not just the data files.
  If somebody brought in an old-school file infector, stuck it in the USB port of the server, and ran it on the server, then every exe on the server could be infected. Especially active ones. It would be easy to see the app being run on the server in a development environment. Then, the first time any client machine runs the app, it's infected, too, even with all security patches in place.
  Of course, it still means the app has to run as administrator, which is equally stupid, but also easily done in a dev environment.
  
  --
  "City hall" in German is "Rathaus" Kinda explains a few things......
57. Re:Technically, not installed... by Anonymous Coward · 2010-03-09 07:17 · Score: 0
  
  No, he was right. He said it doesn't execute it by default. It doesn't. It ASKS you if you want to execute it. However, in enterprises this is generally turned off. We still have some XP machines (18,000 or so) although we are mostly Vista (70,000 or so) - and autorun, autoplay and the like are all turned off. oh, and users aren't administrators either.
58. Re:Technically, not installed... by 56 · 2010-03-09 07:21 · Score: 2, Funny
  
  It was a bunch of pictures of this guy and his girlfriend in new york. there was also short video of him playing a guitar with his shirt off - i shit you not. i returned the phone and bitched the rogers guy out, and i got a $50 gift card. i now order my phones directly from rogers over the phone and then have them shipped to rogers video stores, instead of buying the phones in stock at rogers-licensed stores.
59. Re:Technically, not installed... by gparent · 2010-03-09 07:23 · Score: 0, Offtopic
  
  Vista and 7 don't execute Autorun.exe by default.
  They do not execute Autorun.exe (or inf, w/e) by default, they ask if you want to execute the default. In the world of autorun, that is a massive difference.
  
  Once again, AndrewNeo is right: Windows Vista and 7 do not execute *anything* by default, unlike XP. They *ask* if you want to execute.
60. Re:Technically, not installed... by Anonymous Coward · 2010-03-09 07:44 · Score: 0
  
  iPhone/iTouch disallows USB mass storage mode -- so no, it couldn't have.
61. Re:Technically, not installed... by magus_melchior · 2010-03-09 08:10 · Score: 1
  
  I think in a mass-production environment (or even a repair/refurbish shop), an electronic device that can only format microSD cards would be great at combating this vulnerability. Maybe a PROM and a flash drive interface. This way, you never hook up the flash card to a possibly-infected PC, and the device itself has no operating system to speak of, it's just a device that electronically formats the bits on the card.
  I'm probably being hopelessly naive, but that sounds like a great project. If you could miniaturize it so it fits inside a mobile phone, you could integrate it as a remote-wipe or remote-kill (rewrite everything in flash with zeros) for those corporate smartphones that need the security.
  
  --
  "We are Microsoft. You shall be assimilated. Competition is futile."
62. Re:Technically, not installed... by Manax · 2010-03-09 08:19 · Score: 1
  
  Touche'. I don't have an iPhone, but I'm surprised it doesn't... How the heck do you get data on or off the damn thing??
  
  --
  "Why should I be content to simply live in this world, when I, as a human being, can CREATE it?" - Oertel
63. Re:Technically, not installed... by Anonymous Coward · 2010-03-09 08:30 · Score: 0
  
  Maybe companies that make various devices with firmware or built in memory really need to check the computers they use to image their device software for viruses and other malware. Knowing how some corporate networks are managed, crap like that getting in there wouldn't surprise me. Barring infections as the cause, also make sure that the employees tasked with installing the initial software are paid well enough so you don't end up other security breaches and inside jobs that could seriously hurt the company reputation.
64. Re:Technically, not installed... by PeanutButterBreath · 2010-03-09 08:34 · Score: 1
  
  How the heck do you get data on or off the damn thing??
  You don't need to do that.
65. Re:Technically, not installed... by clone53421 · 2010-03-09 09:12 · Score: 1
  
  You’re misunderstanding the meaning of “default”. If prompts, messages, or warnings do come up, the default option is what is performed if I click “Ok” without selecting something different.
  You can prevent the “default” autoplay in Windows XP by holding down the Shift key.
  You can prevent the “default” autoplay in Vista/7 by clicking “Cancel” or choosing a different option in the prompt.
  But in both cases, the default is to autoplay the device. One method of circumventing the default is simply much more obvious and user-friendly than the other.
  
  --
  Alexander Peter Kristopeit bought his basement from his mommy for one dollar.
66. Re:Technically, not installed... by clone53421 · 2010-03-09 09:16 · Score: 1
  
  In the world of autorun, that is a massive difference.
  Not as massive as you make it out to be. This seems like a no-brainer: yeah, install the drivers. So asking the person does virtually no good in this particular case.
  
  --
  Alexander Peter Kristopeit bought his basement from his mommy for one dollar.
67. Re:Technically, not installed... by Anonymous Coward · 2010-03-09 09:17 · Score: 0
  
  what do you expect from Vodafone actually? I mean they are big so why should they care.
  Their service sucked big time before and now they also help infect machines of gullible that use this crappy service.
68. Re:Technically, not installed... by clone53421 · 2010-03-09 09:22 · Score: 1
  
  Windows Vista and 7 do not execute *anything* by default, unlike XP. They *ask* if you want to execute.
  And the default (pre-selected, highlighted) choice is to execute it.
  By the way, XP does not execute anything by default, either. It asks you if you want to execute. If you are holding down the Shift key, that means “no”. If you aren’t, that means “go ahead”. It’s just more obscure and less user-friendly than Vista is, and most people don’t realise they had a choice. But then, if they had wanted a choice, they could have learned how to avoid the autoplay: most users don’t want a choice, and given a choice they’ll just click Ok and go with the default option.
  
  --
  Alexander Peter Kristopeit bought his basement from his mommy for one dollar.
69. Re:Technically, not installed... by am+2k · 2010-03-09 09:23 · Score: 1
  
  The apps that need that kind of thing (like ebook apps) usually just open an HTTP server on the phone you can connect to from your computer over the network.
70. Re:Technically, not installed... by gparent · 2010-03-09 10:35 · Score: 1
  
  Quit digging, XP executes it by default - You can prevent it from doing so, but it will execute it unless you know some arcane shortcut that no one knows exists. In Vista/7, the default is to ASK. And it doesn't do *anything* unless you tell it to. That's a WORLD of difference.
71. Re:Technically, not installed... by clone53421 · 2010-03-09 11:21 · Score: 1
  
  First of all, I didn’t say there was no difference between XP and Vista. There is. Vista asks. That’s a difference. But the default option is still to execute the autorun. It just asks you before it goes ahead and does the default.
  Second, you’re still not understanding the full meaning of “default”. Yes, it asks by default now, and XP didn’t. But the prompt that it displays when it asks also has a “default” option, and that default is to execute the autorun.
  
  --
  Alexander Peter Kristopeit bought his basement from his mommy for one dollar.
72. Re:Technically, not installed... by ZosX · 2010-03-09 15:57 · Score: 1
  
  That's all pretty easy to do. All rogers has to do is come up with some custom firmware and inject it back to htc. You really think rogers has a screen printing department where their phones get printed with the logo? All that crap is done at the manufacturer so it goes into a factory sealed box. When you order 10,000 phones, you do get the option to customize your order.......
  
  --
  zosxavius photography
73. Re:Technically, not installed... by gparent · 2010-03-09 16:18 · Score: 1
  
  I understand that, I just differentiate between "executing without asking" as a default and "executing after asking" as a default.
74. Re:Technically, not installed... by Dahan · 2010-03-09 17:43 · Score: 1
  
  No, it's quite obvious that you're the one with the misunderstanding.
75. Re:Technically, not installed... by Anonymous Coward · 2010-03-09 20:30 · Score: 0
  
  It was always autorun.inf (the executable used was just typically named autorun.exe). Since around at least Windows 95... and I don't think Windows 3.1 really supported CD-ROMs all that much.
76. Re:Technically, not installed... by hesaigo999ca · 2010-03-10 01:33 · Score: 1
  
  That is the distinction we need people to understand, unfortunately, not many want to spend the time to get to know this, and the fact the phone is still good, they would bring it back and ask for a new one instead.
77. Re:Technically, not installed... by clone53421 · 2010-03-10 01:42 · Score: 1
  
  No. There is still a default option, and the default option is still to autoplay. It just asks you first now.
  I don’t see why everyone has to be so damn obtuse over this. If I showed you an autorun prompt and asked you what the default option was, you’d tell me it’s the highlighted option, which happens to be to autoplay the device.
  
  --
  Alexander Peter Kristopeit bought his basement from his mommy for one dollar.
78. Re:Technically, not installed... by webreaper · 2010-03-10 20:10 · Score: 1
  
  RTFA, and you'll see it was a refurbished handset. And the article summary is misleading when it says "is selling phones with". This was one instance, one device.
79. Re:Technically, not installed... by Your.Master · 2010-03-10 21:55 · Score: 1
  
  Okay guys, here's where you two are talking past each other:
  
  Vista and 7 don't execute Autorun.exe by default.
  So yes, the default option on the modeless dialog prompt is essentially autorun, and in one parsing of the sentence, you can validly say that yes, the default is to execute autorun. So clone53421 has a bit of a point.
  However I'm pretty much certain that what that sentence actually means is that the Vista and 7 do not just execute autorun without you touching it. The default referred to here is to throw up the dialog instead of to run autorun. That dialog has a default of autorun. In that sense, gparent is right.
  The problem is that we have two levels of the word default.
  Can we have peace now?
  The "user clicks okay", to be pedantic, was wrong on both sides, because the dialog looks like this, with no OK button: http://htstechtips.com/wp-content/uploads/2009/05/vista-autoplay-dialog-box.jpg or http://i.technet.microsoft.com/cc137730.fig01(en-us).gif etc.. XP had an okay button, but that's not what either of you were talking about.
80. Re:Technically, not installed... by clone53421 · 2010-03-11 01:03 · Score: 1
  
  The "user clicks okay", to be pedantic, was wrong on both sides, because the dialog looks like this, with no OK button... XP had an okay button, but that's not what either of you were talking about.
  You’re right; I was thinking of the XP dialog when I said that. The Vista dialog doesn’t have an Ok button, but pressing “Enter” can still substitute for clicking an actual button.
  
  --
  Alexander Peter Kristopeit bought his basement from his mommy for one dollar.
Easy way to stop this from happening by grahamsaa · 2010-03-09 04:54 · Score: 4, Insightful

I'm personally getting fed up with companies that allow this to happen. If companies that distribute devices that come pre-loaded with malware were fined heavily for each instance, they'd likely hire a few good devs and QA people to ensure that this sort of thing doesn't happen again.

There's absolutely no excuse for this. If you contract out development or manufacturing and that leads to this kind of security risk, there's still no excuse. Unfortunately as of right now there are few if any consequences associated with this type of negligence -- which means that companies aren't going to do much to improve their security practices.

--
Facts have a liberal bias.
1. Re:Easy way to stop this from happening by bill_mcgonigle · 2010-03-09 05:17 · Score: 1
  
  If companies that distribute devices that come pre-loaded with malware were fined heavily for each instance
  Nice try - we've invented class-action lawsuits to protect the corporations from this problem. And corporations, as currently constituted, make sure nobody is actually liable for anything* they do.
  I mean, not 'we', but the corporations. Or, um, the government. Sorry I get so confused these days where the lines are.
  * for very large values of 'anything'.
  
  --
  My God, it's Full of Source!
  OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
2. Re:Easy way to stop this from happening by thePowerOfGrayskull · 2010-03-09 05:21 · Score: 1
  
  Of course there are consequences. There's a huge PR hit, lost sales, the expense of remediating this -- including the class-action suit that's quite likely to follow. There's also a loss of consumer and business trust. Competitors can capitalize on this very easily, compounding the cost.
  This is a self-correcting situation. Government fines not required.
3. Re:Easy way to stop this from happening by grahamsaa · 2010-03-09 05:33 · Score: 1
  
  There will almost certainly be no class action lawsuit. The average consumer doesn't know about these kinds of exploits, and most certainly does not care. That also means that there will be no significant PR hit. If this were self correcting behavior we wouldn't be seeing stories at least once a month about a high-profile company shipping infected hardware to customers. The reason this kind of thing keeps happening is that the consequences you mention are incredibly minimal, if there are consequences at all.
  
  Government intervention usually isn't needed in areas that the general public understands well. It is precisely because the public does not understand security risks that the government should be involved.
  
  --
  Facts have a liberal bias.
4. Re:Easy way to stop this from happening by Anonymous Coward · 2010-03-09 06:00 · Score: 0
  
  There's absolutely no excuse for this.
  Nonsense. I came up with several:
  1) My dog ate the QC test procedure.
  2) The QC staff got stuck in traffic.
  3) It was the new guy's fault.
  4) Bob filled out the old TPS reports instead of the one with the new cover sheet.
  See? There are excuses for this.
5. Re:Easy way to stop this from happening by thePowerOfGrayskull · 2010-03-09 06:31 · Score: 1
  
  Then let competitors educate consumers. "Did you know that the HTC phone can install viruses on your computer?" As long as they stick entirely to the facts, there's nothing preventing this.
6. Re:Easy way to stop this from happening by dbcad7 · 2010-03-09 09:55 · Score: 1
  
  And you do not find it suspicious at all that the the person this happened to works for the anti virus company whose software found this ?... If some random person, who happened to have some random anti virus program, of which was supplied by a company he did not work for, discovered this then it would be different.. I have zero trust in the honesty of major anti virus companies, let alone some smaller company that few people have heard of till now.. Thank god he had this great new anti virus program.
  
  --
  waiting for ad.doubleclick.net
7. Re:Easy way to stop this from happening by Mana+Mana · 2010-03-09 18:17 · Score: 1
  
  Cher Wang get off your ass and fix this! Or are you too busy basking in your fortune making skills and the ?fud? storm apple unleashed on you and how that fouled up your American, OEM business?
  Dazzle me.
Please by oldhack · 2010-03-09 04:54 · Score: 5, Funny

Linux is not a malware. Such smear tactic at slashdot must stop.

--
Fuck systemd. Fuck Redhat. Fuck Soylent, too. Wait, scratch the last one.
1. Re:Please by ElectricTurtle · 2010-03-09 05:00 · Score: 1
  
  Apparently you think the Mariposa botnet is a... Linux distro? What are you smoking?
  
  --
  I support the Slashcott and will not be reading or commenting from 2/10/14 to 2/17/14. Beta is steaming pile of dog shit
2. Re:Please by Anonymous Coward · 2010-03-09 05:08 · Score: 0
  
  They weren't talking about linux, they were talking about Android's JVM. :D
3. Re:Please by OzPeter · 2010-03-09 05:09 · Score: 2, Funny
  
  Apparently you think the Mariposa botnet is a... Linux distro? What are you smoking?
  Probably something similar to the (now ex-) QA employees
  
  --
  I am Slashdot. Are you Slashdot as well?
4. Re:Please by Dishevel · 2010-03-09 05:19 · Score: 2, Funny
  
  Whoosh
  
  --
  Why is it so hard to only have politicians for a few years, then have them go away?
You know Android has hit the big leagues by 0xdeadbeef · 2010-03-09 04:55 · Score: 5, Insightful

When people are trying to slander it. They're blaming everyone under the sun, when the most likely vector is a store employee who simply plugged the device into a computer and copied the file to the flash drive.
1. Re:You know Android has hit the big leagues by ducomputergeek · 2010-03-09 05:19 · Score: 2, Funny
  
  The bigger problem is that this is HTC, who also produces the Nexus for Google proper. Even if the attack vector was an employee at the store, it gives people a moment of pause. When was the last time you saw a Blackberry, Palm, Nokia, LG, Windows Mobile, or iPhone distributed with Malware from the store? (Other than anything with vCast)
  
  --
  "The problem with socialism is eventually you run out of other people's money" - Thatcher.
2. Re:You know Android has hit the big leagues by Sockatume · 2010-03-09 05:20 · Score: 1
  
  It's also conspicuous that it's only the Vodafone version of the handset, which suggests the fault lies much further down the chain than HTC.
  
  --
  No kidding!!! What do you say at this point?
3. Re:You know Android has hit the big leagues by 0xdeadbeef · 2010-03-09 05:28 · Score: 1
  
  It's also conspicuous that is one phone from one employee of company that is hawking its own anti-malware software.
  Did they not even think of buying more phones to confirm it? Shouldn't they, you know, be helping the cops deal with it before they warn whoever put it there?
4. Re:You know Android has hit the big leagues by noidentity · 2010-03-09 05:31 · Score: 1
  
  Yes, but it says phones. No way the headline and summary would be referring to just one phone like that. No way at all.
5. Re:You know Android has hit the big leagues by PPalmgren · 2010-03-09 05:32 · Score: 1
  
  Wish I had mod points for the vCast slam. I laughed for a good minute or two.
6. Re:You know Android has hit the big leagues by 0xdeadbeef · 2010-03-09 05:45 · Score: 1
  
  If you define "malware" to include naughty pictures taken by previous owners of supposedly "new" phones, then the answer is "all the freakin' time".
  I keed. We all know that the employees at mobile phone outlet stores are all bright citizens of upstanding character who would never do anything immoral or illegal. They are, after all, the strongest link in the chain from manufacturer to customer.
7. Re:You know Android has hit the big leagues by julesh · 2010-03-09 06:04 · Score: 1
  
  Yes, but it says phones. No way the headline and summary would be referring to just one phone like that. No way at all.
  One article clearly is talking about only one phone. The other is quite obviously getting its info from the other, and the expansion from "phone" to "phones" is not justified. I.e. somebody read too much into the first article and is assuming that this is not an isolated occurrence.
  Now, admittedly, for the phone that an employee of an antivirus company purchases to be the only one unlucky enough to be infected by a virus seems highly unlikely... but this may well be a local issue.
8. Re:You know Android has hit the big leagues by tholomyes · 2010-03-09 06:39 · Score: 1
  
  Parent forgot their tags.
  
  --
  When did the future switch from being a promise to a threat? -C. Palahniuk
Now THAT's Multitasking! by WrongSizeGlass · 2010-03-09 04:57 · Score: 2, Funny

Enough said.

Queue the parade of iPhone drummers.

BTW, I wonder if this is one of the patents Apple is suing over
1. Re:Now THAT's Multitasking! by genghisjahn · 2010-03-09 05:10 · Score: 5, Funny
  
  Unfortunately, as an iPhone user, if I want to get malware my only option is to get it through the app store.
  
  --
  Sorry about the mess.
2. Re:Now THAT's Multitasking! by Anonymous Coward · 2010-03-09 06:26 · Score: 0
  
  don't worry it comes standard with most (all?) apple products and is called 'bonjour '
3. Re:Now THAT's Multitasking! by PitaBred · 2010-03-09 07:00 · Score: 1
  
  "Cue". As in, signal to start. "Queue" is an in-order line of some sort, like the queue for an amusement park ride.
  
  --
  My blog. Good stuff (when I remember to update it). Read it.
4. Re:Now THAT's Multitasking! by fm6 · 2010-03-09 07:32 · Score: 1
  
  And even then, the malware has to be G-rated, since Apple really cares about you.
5. Re:Now THAT's Multitasking! by _Sprocket_ · 2010-03-09 07:49 · Score: 1
  
  On the plus side, you can talk on the phone while your malware is busy updating to it's CC server. Unfortunately, you have to choose between the malware and playing Monopoly, though.
6. Re:Now THAT's Multitasking! by cbiltcliffe · 2010-03-09 07:58 · Score: 1
  
  ....like the queue for an amusement park ride.
  Or the queue of iPhone drummers..... :)
  
  --
  "City hall" in German is "Rathaus" Kinda explains a few things......
7. Re:Now THAT's Multitasking! by CyberSaint · 2010-03-09 10:13 · Score: 1
  
  Personally I'm all for lining them up... right in front of a firing squad... is there an app for that?
8. Re:Now THAT's Multitasking! by Anonymous Coward · 2010-03-09 14:34 · Score: 0
  
  I realise you are obviously making a joke, however I just thought it worth mentioning that the only way to get this malware onto a PC is to FIRST enable the phone to be a USB drive (when it is shipped, plugging it into a usb port will only charge it, the pc wont be able to see it at all). To do this you need to turn "debugging" mode on. (Settings->Applications->Development->USB debugging).
  Without doing this, the virus would never see the light of day (unless the SD card was removed and inserted into another device, which was then accessed by a windows PC).
Android does by Anonymous Coward · 2010-03-09 04:58 · Score: 0

iPhone users still waiting on the port, but Android does.
When, where, how... by clone53421 · 2010-03-09 05:02 · Score: 1

Since this appears to be a lone incident, it’s obvious that it didn’t come “straight” from the manufacturer, and it might not even be their fault.
Then again... if a lot more of these infected phones start turning up, there probably is an infected computer somewhere at the manufacturer and the phones are being plugged into it in the process of setting them up.
First order of importance, of course, is to send somebody to the end of the assembly line and start checking random phones right before they’re boxed.

--
Alexander Peter Kristopeit bought his basement from his mommy for one dollar.
Sue the company by WindBourne · 2010-03-09 05:03 · Score: 1

You know, I find it amazing. China continues to load this spy bots on goods destined for the west. Yet, SO many westerners continue to buy it. Here is a thought. QUIT BUYING IT, or SUE THEM. If you start suing the company for infecting your window systems, then companies will quit producing in China OR they will start caring about SECURITY.

--
I prefer the "u" in honour as it seems to be missing these days.
1. Re:Sue the company by clone53421 · 2010-03-09 05:05 · Score: 1
  
  You can’t sue a Chinese company, so I assume you mean the US company that imported the stuff? You’d have to show them to be grossly negligent, I think, and simply importing goods from China isn’t grossly negligent until this sort of thing is much more widespread. If you know that imported goods from China are probably loaded with spyware, then yeah, importing them and then distributing them without checking them would be negligent, but we’re not there yet.
  
  --
  Alexander Peter Kristopeit bought his basement from his mommy for one dollar.
2. Re:Sue the company by fortyonejb · 2010-03-09 07:14 · Score: 1
  
  Technically HTC is Taiwanese, which although it is near China, it is NOT China. The Taiwanese are not known to be causing the same issues that the Chinese are.
3. Re:Sue the company by WindBourne · 2010-03-09 07:57 · Score: 1
  
  Yes, HTC is Taiwanese, BUT, I saw elsewhere that the phones was made in Mainland China.
  
  --
  I prefer the "u" in honour as it seems to be missing these days.
4. Re:Sue the company by Khyber · 2010-03-09 08:16 · Score: 1
  
  "You can’t sue a Chinese company, so I assume you mean the US company that imported the stuff? "
  You don't do much international business, do you? Yes you can sue a foreign company.
  *goes back to dealing with China on an RMA*
  
  --
  Still waiting on Serviscope_minor to wake up to fucking reality and realize that Jessica Price isn't going to fuck him.
5. Re:Sue the company by clone53421 · 2010-03-09 09:17 · Score: 1
  
  Good luck making them pay you.
  
  --
  Alexander Peter Kristopeit bought his basement from his mommy for one dollar.
I have one of these by Myion · 2010-03-09 05:06 · Score: 1

As a long-term customer of vodafone I never experienced or even expected this level of incompetence from them before. I also bought a HTC Magic from them and feel like suing them right now.
1. Re:I have one of these by Arthur+Grumbine · 2010-03-09 05:44 · Score: 1
  
  I also bought a HTC Magic from them and feel like suing them right now.
  Dear Sir,
  We applaud your noble sentiments, and encourage any and all litigation for any offenses, real or imagined. We assure you that, with the proper degree of zeal, any country, can be transformed into an environment that encourages the unbridled growth of our industry.
  Sincerely,
  Every Lawyer Not In The Beautifully-Litigious United States
  
  --
  Now that I think about it, I'm pretty sure everything I just said is completely wrong.
Impressive! by AliasMarlowe · 2010-03-09 05:06 · Score: 2, Interesting

Windows malware preinstalled on a Linux device?
Is it WINE-compatible, and can WINE even be installed on Android phones?

--
Those who can make you believe absurdities can make you commit atrocities. - Voltaire
1. Re:Impressive! by nicolas.kassis · 2010-03-09 05:15 · Score: 1
  
  Doesn't need too, the android device acts like a usb disk when attached to a PC. Add that to auto start and boom, you are infected.
2. Re:Impressive! by g253 · 2010-03-09 08:30 · Score: 1
  
  Althoug it doesn't auto-mount. At least if you use the usb cable to recharge it at work or something, you're ok.
Malware? by Anonymous Coward · 2010-03-09 05:07 · Score: 0

Windows for phones is malware?
dacoda by dacoda · 2010-03-09 05:07 · Score: 1

What can these Malware possibly do to my phone?

Hotel,Resort,Accommodation, Package Tour
1. Re:dacoda by peragrin · 2010-03-09 05:18 · Score: 1
  
  Nothing however when you plug it into your windows box that computer will be infected.
  Sexond if that kind of virus can slip through what other virii will make it on to the phone?
  And to join the parade of apple fans. Isn't thatwhy mounting the phoneas a drive is dangerous?
  
  --
  i thought once I was found, but it was only a dream.
2. Re:dacoda by SnarfQuest · 2010-03-09 05:21 · Score: 1
  
  Worse case: It can install Windows on your phone, so that it can run.
  Note: In this case, the virus is the least of your problems.
  
  --
  Who would win this election: Andrew Weiner vs Andrew Weiner's weiner.
3. Re:dacoda by Anonymous Coward · 2010-03-09 05:22 · Score: 1, Insightful
  
  This malware makes you post a bullshit link to your travel site that nobody cares about. Looks like you're infected.
4. Re:dacoda by mrsurb · 2010-03-09 15:07 · Score: 1
  
  And to join the parade of apple fans. Isn't thatwhy mounting the phoneas a drive is dangerous?
  No, that is why mounting the phone as a drive AND EXECUTING WHATEVER CODE IT TELLS YOU TO is dangerous.
Patented! by chill · 2010-03-09 05:26 · Score: 1

So, is THIS what Apple was suing HTC over at the International Trade Commission? Does Apple have a patent on preloaded malware on smartphones?

--
Learning HOW to think is more important than learning WHAT to think.
1. Re:Patented! by genner · 2010-03-09 05:36 · Score: 2, Funny
  
  So, is THIS what Apple was suing HTC over at the International Trade Commission? Does Apple have a patent on preloaded malware on smartphones?
  If they do I'm sure Microsoft can claim prior art.
2. Re:Patented! by kimvette · 2010-03-09 05:50 · Score: 1
  
  No, it does not come preloaded, but there's an app for that.
  
  --
  The Christian Right is Neither (Christian nor right). See: Matthew 23, Matthew 25, Ezekiel 16:48-50
3. Re:Patented! by RMH101 · 2010-03-09 22:38 · Score: 1
  
  look, man, if you know about this, you've obviously signed the NDA, so just shut up about it until WWC, yeah?
Aha, it's an ad for Panda software by noidentity · 2010-03-09 05:36 · Score: 4, Insightful

Following the linked article, and following that to the original post, we find that first off, it's a single phone, not more than one that had this malware, and we are informed of the software that detected this, coincidentally the commercial product the researchers are working on:

The interesting thing is that when she plugged the phone to her PC via USB her Panda Cloud Antivirus went off, detecting both an autorun.inf and autorun.exe as malicious

I'm rushing out today to buy this software that can do such feats as detecting this malware. They have a Linux version, right?
1. Re:Aha, it's an ad for Panda software by adolf · 2010-03-09 06:03 · Score: 1
  
  They have a Linux version, right?
  Yes.
  
  --
  Kid-proof tablet..
2. Re:Aha, it's an ad for Panda software by Anonymous Coward · 2010-03-09 20:40 · Score: 0
  
  Wait, how do they detect autorun.inf (a plain text file that isn't executable, and only contains an instruction to run the other file - and possibly a few text strings for menu options, and a file name for an icon) as malware?
  Are they going to start detecting images as malware next time?
Oh? by SmallFurryCreature · 2010-03-09 05:49 · Score: 2, Insightful

I agree it has nothing to do with Android, but that case had most certainly something to do with Apple. They use those crappy manufacturing facilities to save a few bucks and then save even more by not doing proper QA.
And before you claim how innocent and harmless this is, consider what is happening to Toyota. Or the numerous quality issues with products from China and god knows how many more places. In order to maximize profits (because you can't claim cost savings are passed onto to the consumer with Apple products) they cut corners everywhere and sooner or later something has to give.
And long after guy who got the bonus for cutting costs has left, the shit starts to happen. Toyota used to be the largest and fast growing, with the economy not affecting it nearly as much as the other car makers. Now it can't shift its cars. And the money for huge cash injections has already been spent. This might end up hurting Toyota, and for what? A few cents more to the stock holders.
It will be interesting to find out how this phone got its extra payload, but ultimately the story will be, lack of quality control. And someday your life may depend on cut rate QA.

--

MMO Quests are like orgasms:
You may solo them, I prefer them in a group.
C'mon slashdot. 1 phone, uncorroborated by beakerMeep · 2010-03-09 05:52 · Score: 4, Insightful

Dont go the way of kdawson, soulskill.

Next we'll be reading stuff like "My best friend's sister's boyfriend's brother's girlfriend heard from this guy who knows this kid who's going with the girl who saw Ferris pass out at 31 Flavors last night. I guess it's pretty serious. He might have Mariposa, or Confiker or something. Better get Ferris some AntiVirus software from PandaAV"

--
meep
Re:C'mon slashdot. 1 phone, uncorroborated by kseise · 2010-03-09 06:32 · Score: 1

Excellent point. Do you think anyone will pay attention to common sense though? Let's see how many they shipped and how many had the same little package installed. This should be relatively easy to trace.
Re:C'mon slashdot. 1 phone, uncorroborated by _Sprocket_ · 2010-03-09 08:23 · Score: 1

I'm always torn on these sorts of things. I agree with the idea of adding a grain of salt to these sorts of things. But at the same time, it gives us all a chance to weigh in and/or be exposed to stories that might make the rounds through other channels (I know, I know, "Other-news-aggregation-site had it first"). And while I sometimes tire of the noise, I also tend to find it more useful to be forearmed when said noise makes it in to some meeting or discussion and I don't feel broadsided by it.
It *has* happened before by DrYak · 2010-03-09 08:41 · Score: 1

When was the last time you saw a Blackberry, Palm, Nokia, LG, Windows Mobile, or iPhone distributed with Malware from the store?
It has happened before. And on a much bigger and worst scale.
Today's situation is only about 1 single infected phone (Did it got plugged into an infected machine at the store ? Was it deliberate by one employee ?)
On /. we already did have stories of virus pre-loaded Apple iPods and and McDonalds MP3 players.
They got windows machine infected which were used a part of their standard QA/Test procedure to test the hardware before shipping it.
Thus *whole batches* of product got infected from that windows testing machine.

--
"Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]
Really misleading headline. by Anonymous Coward · 2010-03-09 10:28 · Score: 0

That's a really bad headline.
The story says ONE phone had an infected MEMORY CARD.
That's not even close to the implications made by the story's headline wording.
Shame on you, /. editors.
Also not HTC by mjwx · 2010-03-09 17:04 · Score: 1

It's about it COMING FROM THE CARRIER that way. This could have just as easily happened to an iPhone and had a mac or PC virus on it...
The virus itself was on the SD card. Anyone who uses android know that the storage an unhacked Android device connects to your PC is the SD card (Samba mounts /SDCARD/ this cannot be modified without rooting your phone). The virus is not the responsibility of HTC or Vodafone unless HTC or Vodafone but the person who put the software on the SD card. Seeing as this only seems to affect Vodafone Magic's I think Voda should be singled out, not HTC and this is probably just an 3rd world nation factory worker using an infected PC to create the master image.

--
Calling someone a "hater" only means you can not rationally rebut their argument.