IBM Distributes USB Malware At Security Conference

← Back to Stories (view on slashdot.org)

IBM Distributes USB Malware At Security Conference

Posted by kdawson on Friday May 21, 2010 @12:33AM from the just-testing-ya dept.

bennyboy64 and other readers let us know that IBM sent out an email to all attendees to the Australian Computer Emergency Response Team (AusCERT) 2010 conference, warning them that some of the USB drives handed out to delegates contained malware. Fortunately it was old malware, which all anti-virus products have detected since 2008. Two years ago telecommunications company Telstra distributed malware-infected USB drives at the same conference.

7 of 73 comments (clear)

Min score:

Reason:

Sort:

wtf? by Pojut · 2010-05-21 00:37 · Score: 3, Insightful

Seriously. Come on IBM. You're one of the biggest names in the industry, you hold thousands of patents...and you can't ensure you give devices that have already been secured to conference goers? ::obligatory::
We can go to the moon...

--
Living With a Nerd
1. Re:wtf? by jamesh · 2010-05-21 00:57 · Score: 2, Insightful
  
  Seriously. Come on IBM. You're one of the biggest names in the industry, you hold thousands of patents...and you can't ensure you give devices that have already been secured to conference goers?
  My first assumption (without RTFA) is that they would have outsourced it.
2. Re:wtf? by alfredos · 2010-05-21 01:17 · Score: 0, Insightful
  
  While I won't justify IBM's goof, it's fair to say that slips like this happen. What can you do about it? Set up a procedure so that everything going out the door has to pass certain checks? I dare say that the solution would be much worse than the problem.
  Besides, it makes for a nice Slashdot discussion with jokes and all.
3. Re:wtf? by Anonymous Coward · 2010-05-21 03:23 · Score: 1, Insightful
  
  How would you scan a USB drive without first sticking it into a computer?
All Anti-virus ? by JavaBear · 2010-05-21 00:58 · Score: 3, Insightful

If all Anti-virus products have detected this one since 2008 it obviously begs the question, why didn't IBM's?
Opportunity to be had by istartedi · 2010-05-21 02:33 · Score: 3, Insightful

So many USB sticks come with pre-loaded crapware/malware. In the office we would stick them in Linux machines and format them from there. If you stuck it in a Windows machine without formatting it, you spent the rest of the day auditing your machine and puzzling over what might be left on it.
The OPPORTUNITY is for a company to brand itself based on NOT HAVING CRAP on their sticks. I'm thinking Pure USB would be a nice name for such a product. I know I'd chose that over anything else if they were comparably priced. Don't get greedy and charge a premium for that. Just outsell the competition. I can't believe the kickbacks from crapware authors are that valuable.

--
For all intensive purposes, "whom" is no longer a word. That begs the question, "who cares"?
Re:It's takes 12-24 months for IBM IT to ok update by EvilIdler · 2010-05-21 02:35 · Score: 3, Insightful

The parent post is modded funny, but I'm sure Joe's breaking an NDA! :P