Steve Riley on Security

Formerly of Microsoft's Trustworthy Computing Group.

iPods spread disease?

iPods spread disease?

  • Comments 9
  • Likes

Well well. Looks like a few new iPod owners are getting infected when they attach their players to their computers. I'll quote the first paragraph from Apple's web site:

We recently discovered that a small number - less than 1% - of the Video iPods available for purchase after September 12, 2006, left our contract manufacturer carrying the Windows RavMonE.exe virus. This known virus affects only Windows computers, and up to date anti-virus software which is included with most Windows computers should detect and remove it. So far we have seen less than 25 reports concerning this problem. The iPod nano, iPod shuffle and Mac OS X are not affected, and all Video iPods now shipping are virus free. As you might imagine, we are upset at Windows for not being more hardy against such viruses, and even more upset with ourselves for not catching it.

So Apple has a quality-control problem, and they blame it on Windows? They mention that decent AV software would catch the virus, but then they become oblivious to the irony that they themselves apparently don't run any?

What's even more inaccurate in Apple's claim is that the malware isn't an actual virus. Rather than exploiting a code vulnerability to spread, it relies instead on a common configuration vulnerability -- the gullibility of humans. To encourage spreading, it creates an autorun.inf file, entices the user to execute the worm, and then looks for any mappped drives and drops itself on whatever it finds. I continue to maintain that autorun has no purpose on business computers and you should disable it at the domain level.

Apparently, someone at Apple fell for the dancing pigs and subsequently infected the equipment used in the manufacture of certain iPods. Ignoring their own problems, Apple finds it easier to blame Microsoft. That's right, blame is always preferable over responsibility.

Comments
  • Perhaps the iPod development team only uses Mac OS X?

    whatever the case, there is no excuse for shipping a virus.

  • Malware that replicates and needs user interaction to do so, is generally classified as a virus.

    Malware that replicates and needs NO user interaction to do so, is generally classified as a worm.

  • Tony - if the iPod development team only uses Mac OS X, how did they manage to copy a Windows virus on to the iPod devices?

    As has been pointed out elsewhere, this means that not only were Apple (or their contractors) convinced that the Mac was not the best machine to use to populate their iPod images, but also that they didn't run a current anti-virus package on those machines, and they ran as administrator, rather than a restricted user. Oh, and of course that they shared data from external sources to the network containing their production machines.

  • A nice screenshot of the worm:

    http://blaugh.com/2006/10/18/iworm/

  • hey this seams to get a common problem in manufacturing: a few days ago there was this trojan "qqpass" on a mp3-player at McDonalds JP.

    s this world going crazy or has every firm sourced out its quality control?

    regards, cwoller

  • To the person who wrote a criticism: yes I deleted your first comment and the one you just posted. I have no problem with constructive criticism. However, both your comments were rather generic, not mentioning specifically what you wanted to discuss. Furthermore, they were anonymous. If you want to have a serious discussion regarding something you think I'm incorrect about, I welcome that, but please be specific and let me know who you are. Also, don't you think private email is a better vehicle for that, rather than a public blog comment?

  • I am impressed that this comment was published immediately, without screening.

    I hope it was not any problems with a Blackberry device that resulted in that the one week old comment was not published. In that case I am the one to blame, and I have to say I am sorry for some of the comments above.

    The essence of my old comment is that Windows OS is the most widely spread one (so far), so everone knows that it is likely to be the primary target of people who wish to spread malicious code.

    I am also very satisfied with my Apple Nano, although I do not like any larger company trying to force a customer into various ways of using one vendor only. A personal decision to boycott all Sony products as far as possible after a new DVD copyright protection software´in Europe causing PC problems that Sony does not compensate customers for, did unfortunately not leave many other alternatives than Apple´s Ipod.

    I hope to use my PC for various things at home, as I presently use my PC for watching digital TV (I do not have a separate TV). I just miss a wireless flat screen for it which nobody seemed to have any recommendations for solving at Tech Ed 2006 in Boston...

    I hope mobile phones will cover lots of uses in the future, as I do not like having so many different things as vendors attempt to get customer to buy. It would be great with mobile phones providing "push e-mail" functionality (including Calendar and Contacts) and navigation system functionality with built in GPS support in addition to web surfing including multimedia possibilities (like watching TV). I really like a navigation system that I experienced while visting some Japanese friends in Helsinki:

    http://www.navicoretech.com

    So there are still a lot of market possibilities, especially if you start caring more about your female customers as well.

  • Yes, you are right. I might very well have missed to publish my name with the one week old comment, as writing comments on a Blackberry device is only relatively fast.

  • Great post, explained really well and I could really understand. Thank you.

Your comment has been posted.   Close
Thank you, your comment requires moderation so it may take a while to appear.   Close
Leave a Comment