Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Forgot your password?
Close
typodupeerror
×

iPods Come Complete With Windows Virus 672

Posted by ScuttleMonkey from the nyah-nyah dept.
kaufmanmoore writes "Cnet is reporting that some video Ipods made after September 12th have the RavMonE virus loaded onto it. In Apple's announcement they take a swipe at Windows security and encourage Windows users to install anti virus applications."
This discussion has been archived. No new comments can be posted.

iPods Come Complete With Windows Virus More

iPods Come Complete With Windows Virus

Comments Filter:

  • Re:Good job, Jobs! (Score:3, Informative)

    by sl3xd ( 111641 ) * on Tuesday October 17, 2006 @07:37PM (#16478065) Journal
    You realize that the virus does nothing on a Mac, right? To a mac, it's just a file.

    To Windows, it's a virus.

  • Re:Good job, Jobs! (Score:0, Informative)

    by Anonymous Coward on Tuesday October 17, 2006 @07:38PM (#16478077)
    its a windows virus you jackass

  • nah, this has happened before (Score:3, Informative)

    by User 956 ( 568564 ) on Tuesday October 17, 2006 @07:47PM (#16478215) Homepage
    iPods Come Complete With Windows Virus

    It's not an outsourcing problem, because a lot of people are also reporting this "Windows" virus showing up on their mac when they run the BootCamp installer.

  • Re:Good job, Jobs! (Score:5, Informative)

    by eebra82 ( 907996 ) on Tuesday October 17, 2006 @07:48PM (#16478231) Homepage
    I never stated that either. My point was that he can't complain about viruses on Windows computers now that he's helped spreading it. Excuse me for not being clear enough.

  • Re:secret weapon (Score:4, Informative)

    by nwbvt ( 768631 ) on Tuesday October 17, 2006 @08:05PM (#16478453)

    "Simply because MS can't do anything like this back to Apple."

    Sure they can. Ship a version of MS Word with a virus embedded that targets Macs (yes they do exist, though the small market share makes them much less common). And if they are willing to bring back the Mac Internet Explorer, they can 'accidentally' leave open a security flaw that allows even more viruses in.

    I think MS wins hands down as one of Apple's main selling points is that fewer viruses are written for Macs than for Windows. But the more stories that break that include the words "Apple" and "Virus" in the headline, fewer people will believe that and just stick with Windows (yes we can hold out hope that they will move to Linux, but I wouldn't bet on it).

  • Re:Also shows... (Score:5, Informative)

    by Anonymous Coward on Tuesday October 17, 2006 @08:05PM (#16478461)
    "Maybe Apple QC should install AV as well when they develop for windows?"

    I heard (from a reliable source inside Apple) that the virus was preinstalled from the disk manufacturer when they formatted the drives. *shudder* You can see where this can go.

  • Re:Upset with Windows? (Score:5, Informative)

    by Anonymous Coward on Tuesday October 17, 2006 @08:06PM (#16478467)
    There is no such thing as autorun on OS X. If you really have managed to get a script to run automatically as soon as the volume that contains it is mounted, you are exploting a bug somewhere. Please file a bug report.

  • Re:Good job, Jobs! (Score:1, Informative)

    by BigBir3d ( 454486 ) on Tuesday October 17, 2006 @08:45PM (#16478945) Journal
    I am both a Mac user (g3 iBook) and a PC user (dude, I got a Dell).

    And there is stuff in the wild against OS X:

    http://www.macrumors.com/pages/2006/02/20060216005 401.shtml [macrumors.com]

    http://www.macrumors.com/pages/2006/02/20060216234 239.shtml [macrumors.com]

    http://www.symantec.com/security_response/writeup. jsp?docid=2006-021614-4006-99 [symantec.com]

    It is rather weak, but out there.

  • Re:Also shows... (Score:0, Informative)

    by BaCkBuRn ( 621588 ) * on Tuesday October 17, 2006 @08:52PM (#16479025) Homepage Journal
    Ever heard the phrase "The buck stops here"?

    Reguardless of who put the virus on the device; Apple is responsible.

  • Re:Come again?? (Score:5, Informative)

    by QuantumG ( 50515 ) <qg@biodome.org> on Tuesday October 17, 2006 @09:06PM (#16479195) Homepage Journal
    Not one that's ISO 9000 certified you havn't. Apple has never done the necessary paperwork to get Macs into this market. They don't care about this market. Now they've been bitten on the ass by this stance. That's the irony, aint it sweet.

  • Re:Come again?? (Score:4, Informative)

    by QuantumG ( 50515 ) <qg@biodome.org> on Tuesday October 17, 2006 @09:09PM (#16479231) Homepage Journal
    The rules were made up by those lovely people at the International Standards Organisation. Apple has never gone through the process to get Macs certified as ISO 9000 approved manufacturing components. They focus on the home and small office market, they don't care about this stuff.

  • Re:Upset with Windows? (Score:3, Informative)

    by entrylevel ( 559061 ) <jaundoh@yahoo.com> on Tuesday October 17, 2006 @09:15PM (#16479289)
    I'm sorry, you are absolutely correct. I had this set up for so long I forgot what I did: Folder Actions. My face is red!

    I still think the thinly-veiled insult is uncalled for when Apple directly creates a security risk.

  • Re:Also shows... (Score:4, Informative)

    by fatphil ( 181876 ) on Tuesday October 17, 2006 @09:32PM (#16479455) Homepage
    That's not how manufacturing works at all in the real world. Most initialisation of such devices is done using Windows machines.

    However, they shouldn't be writing files to a filesystem to initialise the devices, they should be writing a version-controlled quality-controlled filesystem itself. And there's no point blaming the Chinese contractor, I'm sure they were just following the Apple procedure, sloppy as it is.

  • Re:Osx isn't virus/worm free (Score:2, Informative)

    by Anonymous Coward on Tuesday October 17, 2006 @09:57PM (#16479719)
    The description of OSX.Leap.A. [sophos.com]:
    The OSX/Leap-A worm spreads via the iChat instant messaging system, forwarding itself as a file called latestpics.tgz to contacts on the infected users' buddy list. When the latestpics.tgz archive file is opened on a computer it disguises its contents with a JPEG graphic icon in an attempt to fool people into thinking it is harmless.

    This is not a real virus. It's a hybrid between Trojan horse and a worm. The victim must un-tar the software to find an application disguised as a JPG file with the Preview icon. Then it used iChat to try to spread itself. Though Sophos categorized it as a worm on the account that it tried to spread itself, you actually needed to consciously un-tar and double-click the app. Sophos is selling security solution for OS X and it makes less impact to call this a Trojan horse.

  • Re:Also shows... (Score:3, Informative)

    by pyite ( 140350 ) on Tuesday October 17, 2006 @11:36PM (#16480517)
    Or has the default FS on the iPod changed?

    Yes, I believe so. My nano (from December 2005) has never been plugged into anything but my Mac and it is Windows formatted. On the other hand, my original 3rd Gen is HFS+. That was real fun when I ran Linux on my PowerBook. Worked better than expected, actually.

  • Re:Also shows... (Score:1, Informative)

    by Anonymous Coward on Wednesday October 18, 2006 @12:26AM (#16480837)
    I've worked for governement agencies, private companies and am now in academia. In ALL environments, the IT indoctrination beat everyone over the head with basic security practices including NEVER ASSUME NEW MEDIA IS FREE OF MALWARE. Just yesterday I had to do UVa's annual IT-user-best-practices-recert and this was one of the questions. It would seem this IS an accepted practice.

  • Re:It's python, portable (Score:3, Informative)

    by astrosmash ( 3561 ) on Wednesday October 18, 2006 @12:40AM (#16480905) Journal
    So it's really not about platform security but about platform popularity. If Mac had the same market share as Windows we'd see a Mac worm in this case now.

    Well, not really. OS X doesn't have any sort of Autorun functionality like Windows, so it's far, far easier to write a simple worm like this one on Windows and have it be effective. You could write one for OS X, but it would never get executed automatically; hardly a worm.

    Also, that fact that it's a python script doesn't say anything about its portability. It's obviously using Win32 bindings to read and write to mapped network shares.

  • Re:Osx isn't virus/worm free (Score:1, Informative)

    by Anonymous Coward on Wednesday October 18, 2006 @12:48AM (#16480953)
    I don't know for sure since this wasn't really spreading. However, I'd not be surprised if it has a .jpg name extension. Mac OS X hides .app name extension from users, so foo.jpg.app will be seen as foo.jpg by users and masking it with a Preview icon is simply a matter of copy and paste in the Get Info window. However, most of Mac OS X applications are in the form of bundles/packages, i.e. directories - where the executables and all resource files are kept - that are represented as single files (that's why it was tar-red and gzip-ped). A right click (or control-click) will show "Show Package Content" option, and an ls -l in the Terminal shows drwxr-xr-x. The final damning evidence is that Finder will identify them as Kind: Application.

    The mp3 trojan was more sophisticated, IIRC. It played fine using MP3 players (no infection), but it hid the payload in the resource fork which got executed when double-clicked. It was a proof of concept, so there was no major infection.

  • Re:Also shows... (Score:5, Informative)

    by spectral ( 158121 ) on Wednesday October 18, 2006 @12:56AM (#16481009)
    I thought the same thing. Guess what happened when I first plugged in my SanDisk micro thumb drive? Shit got installed on my computer, that I had to specifically uninstall and then format the thumb drive (Conveniently available from the menu it installed, but still).

    NOTHING in the manual about "Oh yeah, if you plug this in to a windows PC we're running shit without telling you."

    I no longer trust "blank" media, but what can one do? Plug the hard drive in to a windows machine and format it? Woops, already fucked your computer over, since Windows will helpfully immediately run and install anything on the disk. This is a failure of Windows with autorun being on by default.

  • maybe that's why they blame themselves... (Score:3, Informative)

    by YesIAmAScript ( 886271 ) on Wednesday October 18, 2006 @01:09AM (#16481077)
    "As you might imagine, we are upset at Windows for not being more hardy against such viruses, and even more upset with ourselves for not catching it."

    They blame Windows, but they blame themselves more.

    How is this passing the buck?

  • Disk images, that's why (Score:3, Informative)

    by Moraelin ( 679338 ) on Wednesday October 18, 2006 @02:07AM (#16481375) Journal
    Dunno about Apple, but if I were mass producing those things, I would _not_ build the thing empty, connect it to a Mac by hand, transfer the stuff to it slowly via Firewire, etc. That kind of "let's connect a cable, launch this handy application and click here to transfer the files" is ok for a mom-and-pop shop, but when you're mass producing stuff you just want to shave the last penny off the manufacturing costs.

    So the way it's done is you take the working prototype, make an image of its hard drive, and write that on every hard drive before it's even assembled into the iPods.

    Think, basically, how your IT department doesn't come with a suicase full of install CDs for Windows, Word, etc, for each PC. They just make an image off one workstation and then install that on all others. Much faster.

    Same thing here, only more automated.

    So if that image was made from a HDD with the virus on it, the assembly line will mindlessly churn thousands of copies of that.

  • Re:Also shows... (Score:5, Informative)

    by PitaBred ( 632671 ) <slashdot&pitabred,dyndns,org> on Wednesday October 18, 2006 @02:26AM (#16481467) Homepage
    Pisses me off too. That's why I use TweakUI on every install of Windows I have to use and I disable AutoPlay completely. Optical discs, removable media, anything.

  • Re:Also shows... (Score:3, Informative)

    by cowbutt ( 21077 ) on Wednesday October 18, 2006 @06:18AM (#16482475) Journal
    ...or even Wordpad [google.com]!

  • Re:smells fishy (Score:2, Informative)

    by cb372 ( 974039 ) on Wednesday October 18, 2006 @06:41AM (#16482571)
    Nope, it's not fishy. It actually happened to my iPod. At the time I just thought my antivirus program was on crack, and it couldn't possibly be a real virus, so this story was quite a shock to me.

  • Re:Upset with Windows? (Score:2, Informative)

    by MacDork ( 560499 ) on Wednesday October 18, 2006 @10:41AM (#16484895) Journal

    There is no such thing as autorun on OS X

    Actually, there is, but only if you run classic in OS X. It's called Autostart in QuickTime. If you have Classic installed *and* running, it will still work. This page [mac.com] mentions it, and there used to be a test exploit page located at http://www.u-struct.com/diary/img/20020131_OSissue _E/ [u-struct.com] but it seems that link is no longer active. It's an exploit that has been known about for years, but it's very low risk now. You're only at risk if you run the Classic environment, and then it can be disabled in your classic QuickTime preferences. More information about disabling QuickTime's autostart can be found here. [iu.edu]

Slashdot Top Deals

Software production is assumed to be a line function, but it is run like a staff function. -- Paul Licker

Close