Slashdot Mirror
Major Australian Retailer Accused of Selling Infected Hard Drives
skegg writes "Dick Smith, a major Australian electronics retailer, is being accused of regularly selling used hard drives as new. Particularly disturbing is the claim that at least one drive contained malware-infested pirated movies, causing the unlucky buyer significant data loss. Apparently the Fair Trading Commissioner will be conducting an investigation."
The same way jpegs can be.
While not 'containing' the malware, some media files have a field that specifies where the codec for them can be downloaded, and some players respond to this by downloading and installing the 'codec'. Needless to say, the 'codec' installer contains the malware.
If you accept the licence agreement, it then downloads malware to your PC.
So all the "malware infested" media does is get the unsuspecting (or credulous, it's a fine line) user to download their own malware. It's not the video that contains the bad software and you'd expect any AV software to pick up on this old, old (the article is dated 2006) attack vector.
politicians are like babies' nappies: they should both be changed regularly and for the same reasons
The summary is wrong. The article says that the drive "was filled with pirated movies and which, he suspects, contained malware that corrupted his work."
He is embellishing for the media or trying to claim the dog ate his homework (or dingo ate his baby? ).
I have something in common with Stephen Hawking...
The parent couldn't be more correct.
People discount regular data files as being malicious simply because they're not labelled executables. What they don't think is that those files are opened by executables. These executables are often trusted programs which makes this an even bigger threat to a system as the malicious code can run hidden under the legitimate process and do its work. There's anything from buffer overruns to file parsing mistakes in the programs that can open them up to become a conduit for abuse.
An example of this is Adobe Reader's countless exploits with the PDF file format.
Actually, Dick Smith is a great guy. Dick Smith Electronics on the other hand has been owned by Woolworths for over 20 years now and is useless compared to its former glory.
I don't know how it is in Australia, but around here, you can return anything you bought online within 14 days and get your money back (as long as you can actually return it as you got it, so food/software etc usually not included).
What do people expect happens to stuff that gets returned? Of course it goes on sale again. Otherwise selling online would be economic suicide...
In Australia it is illegal to re-sell used returned goods as new. The goods can be re-sold but must clearly be marked as returned items, and usually a discount is offered for accepting the goods in this condition. (The discount might not be offered if the item is in high demand).
What's more if goods have been returned and the item registered or activated online or similar they are not suppose to sell the item. That is the secondary reason that computer software isn't returnable at most stores (though there are exceptions like EB games).
These posts express my own personal views, not those of my employer
Basically any file type that can have a link to a webpage embedded, I believe both .MPG and .WMV are capable of this
No, just WMV. But "intelligent" players like Windows Media Player would "helpfully" realize that a WMV file renamed to MPG, AVI etc. was actually a WMV file and play it as such anyway. There's no reason for a movie format to contain such a link, it's for DRM'd WMV files that are supposed to take you to a page explaining how to buy access to it. Whoever came up with that scheme was stupid and I don't know any other player than WMP that ever supported it, since it was 99.99% used for malware and 0.01% for legitimate uses.
Live today, because you never know what tomorrow brings
It used to not even prompt back in the day, it just automatically opened the link.
Perhaps that was only the case if you had the "download license automatically" checkbox ticked in the preferences? At any rate, you can turn this "helpful" feature off, and I always have. Though of course, this doesn't excuse MS's crappy implementation and presentation of a feature that most people won't realise is dangeous.
"Slashdot - News and Chat Sites Deviant". (Click "homepage" link above for details).
This is an incorrect assertion, an assertion my previous post debunked, but I suppose I'll re-explain:
You could have a drive full of PDFs, you could have it full of PNGs, whatever file format you'd like. You could mount the drive as noexec, however when it comes down to it, a trusted program (NOT ON THAT DRIVE) can interact with those files and since file formats can be complex AND since the programs opening them are also complex, there's a chance that the program will be vulnerable to a crafted file that tricks the program to do something that a "regular movie" or whatever wouldn't do and may not have been tested for.
If you've written a file parser of any kind, you'll see how complicated it gets in having your program code check the file for abnormalities before interacting with it. This complexity is a steep curve and all it takes is not checking an array boundary for your program to mistakenly leak data memory into its executable memory space.
The old addage plays correct here: Never trust user inputs.