iPod Some iPods ship with a Windows virus

[theheadguy]

In regards to the joke, it's certainly a lame one. Upset at Windows for not being good at defending itself against viruses?

It's Apple's responsibility to ship a clean product, period.

People paid hundreds of dollars for these products. What a lame joke to read after they are infected by Apple's product.

 

[madmax_2069]

like it say's in the TOS, apple isn't responsible for this. I am also thinking it was a QC pc that had a virus/trojan and it transmitted to the ipod when it was tested. People lighten up, people make mistakes and apple has provided a solution to the problem. Any one that don't run a anti-virus or the like on the PC used for the net is just down right stupid. if people ran AV software (like they should) then this would not have been hard to fix without apple's help.

 

[grail]

Lesson to learn?

This incident tells me that the lesson to learn is that any testing for Windows compatibility must absolutely be done in a clean-room. Lock down the Windows machine used for testing, certify that people accessing it have no devices connected to it other than the product they're testing. Don't network the machine. Reghost it every day from a known good image. Don't test multiple clients' products on the same test station - that device from manufacturer X that came with a trojan on the hard drive will end up infecting the other manufacturers' devices (iPod, Zune, iRiver).

Yes, the fault lies with the Windows software not being robust just as much as the fault lies with the assembly line staff for not keeping the Windows machine clean. Windows comes "virus ready" out of the box, and this needs to be taken into account as part of any procedure that involves Windows machines.

The expression of dismay at Windows not being robust can be interpreted as an expression of frustration at the amount of work that needs to be done to keep a Windows machine clean. It may seem to be a snipe or cheap remark, but to me it's a symptom of the underlying problem - Windows is just plain difficult to keep clean.

 

[Snowy_River]

Honestly I think someone or a few someones at Apple need to be fired. The very idea of quality control, in software and hardware, is basically nonexistent at Apple these days.

And how does your comment fit with the fact that Apple got the second highest reliability rating in the industry? I'd say they've actually got some pretty good QC on their hardware. And from what I can see in the software industry, in general, they're ahead of the curve there, too.

 

[sassy410]

This is bad bad news for companies' security. The threat endpoint devices pose is pretty scurry! GFI just issued an article in response to this Apple ipods shipping out with malware issue... it's at: http://www.gfi.com/news/en/ipodvirus.htm - seems like threats are rising and keep on rising!

 

[mystereo]

McAfee released a removal tool to get rid of this virus.

 

[Snowy_River]

This is bad bad news for companies' security. The threat endpoint devices pose is pretty scurry! GFI just issued an article in response to this Apple ipods shipping out with malware issue... it's at: http://www.gfi.com/news/en/ipodvirus.htm - seems like threats are rising and keep on rising!

You call this an "article", but it's really little more than a piece written to promote one of GFI's products. I think that, while the article makes some good points, there is a degree to which this is similar to the AV companies writing articles about the fact that viruses are possible for Macs, when the last proof-of-concept virus came out, and saying that all Mac users should buy AV software. Oh, and here's a link to ours!

I'd take that article with a good sized grain of salt.

 

[matticus008]

The expression of dismay at Windows not being robust can be interpreted as an expression of frustration at the amount of work that needs to be done to keep a Windows machine clean. It may seem to be a snipe or cheap remark, but to me it's a symptom of the underlying problem - Windows is just plain difficult to keep clean.

Not to mention that even if you do everything right and take every reasonable precaution, you're not 100% protected. That's not exclusive to Windows--every OS has this inherent problem. But Windows requires 2-3 additional products to keep it in the ballpark with other modern OSes with regard to security, only one of which can be explained as being mostly a consequence of Windows popularity (adware/spyware removal).

[...]there is a degree to which this is similar to the AV companies writing articles about the fact that viruses are possible for Macs, when the last proof-of-concept virus came out, and saying that all Mac users should buy AV software. Oh, and here's a link to ours!

The best part of these ads is that buying their AV software doesn't afford you any added protection! There aren't any Mac viruses to add to their definition databases, and until they're released, all they do is filter out Windows viruses (a sensible precaution in the corporate environment, but a needless expense for the home or all-Mac small office). If and when OS X viruses hit the Internet, current Mac AV products will be as good at protecting against them as nothing at all.

 

[hulugu]

Put a sock in it. I have been running PC's with all versions of windows up to and including VISTA and NEVER run anti virus, and simply use common sense. I have NEVER, and I repeat, NEVER had a virus / trojan / worm. I keep my system updated, and run a Free online virus scan from trend micro about once a month.

Good for you. Of course, this is the same logic that assumes since you've never been in a car accident you don't need to wear a seatbelt.

The other possibility is your computer is part of a Russian zombie-net and you just don't know it, since you have no real ability to even know if you've been attacked. Some of the newest attacks are surprisingly subtle.

 

[northboundkeith]

I bought on of these troubled Ipods as a birthday gift for a friend. The virus has screwed up his dell computer and a $500 dollar digital camera. I have spent about 5 hours trying to apply the virus fixes to his computer with no successes because the computer just keeps shutting down.

Today I call Apple support for some help and they told me to call Dell.

So i bought a $400 gift for a friend that destroyed over $1000 bucks in Hard Drive and Camera. Is Apple responsible for any of this? Makes me think twice about buying any more Ipods. Now my friend needs a new computer, and he was originally thinking he would buy a Apple, but now he has his doubts.

 

[hulugu]

I bought on of these troubled Ipods as a birthday gift for a friend. The virus has screwed up his dell computer and a $500 dollar digital camera. I have spent about 5 hours trying to apply the virus fixes to his computer with no successes because the computer just keeps shutting down.

Today I call Apple support for some help and they told me to call Dell.

So i bought a $400 gift for a friend that destroyed over $1000 bucks in Hard Drive and Camera. Is Apple responsible for any of this? Makes me think twice about buying any more Ipods. Now my friend needs a new computer, and he was originally thinking he would buy a Apple, but now he has his doubts.

How did the virus screw up the camera?

 

[northboundkeith]

it has corrupted all the files on it. so granted, if I can get his computer swept without it crashing I can fix the camera.

 

[balamw]

How did the virus screw up the camera?

It probably didn't, but it might well have messed up the camera's memory card which presented itself as a removable USB mass storage device, and thus a vector for propagation of this virus.

And this is ultimately why I believe that Apple should share in the responsibility, that a larger share of responsibiliy lies with the end user and Microsoft that allowed this to happen in the first place.

Even if the virus is found on the iPod it's hard to be absolutely sure that it originated there and not on some other USB mass storage device that was connected to the machine, unless the machine is running AV protection and detects the virus first and only when the iPod is connected. Of course in that case no harm would be done.

e.g. can you be 100% sure that it was the iPod and not the camera's flash card that originally contained the virus? (Even if the flash card is not new to the system, the virus may already have been lying there dormant and propagating in the background until it was activated.)

I do wish that Apple would be a bit more proactive about this, but I don't think they should do much more than offer to take the affected iPod back and replace it (if the user desires) and maybe give the user a small gift card to iTMS for their grief.

B

 

[hulugu]

it has corrupted all the files on it. so granted, if I can get his computer swept without it crashing I can fix the camera.

As far as I can tell, the removal process shouldn't be that difficult. Annoying as hell, but the camera and computer still work. Correct.

Question for anyone who was affected, shouldn't AV software be scanning new USB drives? Otherwise the next thumb drive could bring a similar infection.

This whole thing was a screw-up by the iPod factory, but I can't believe that people aren't scanning new devices as a common practice. People are going to get bit again.

 

[hulugu]

It probably didn't, but it might well have messed up the camera's memory card which presented itself as a removable USB mass storage device, and thus a vector for propagation of this virus.

And this is ultimately why I believe that Apple should share in the responsibility, that a larger share of responsibiliy lies with the end user and Microsoft that allowed this to happen in the first place.

Even if the virus is found on the iPod it's hard to be absolutely sure that it originated there and not on some other USB mass storage device that was connected to the machine, unless the machine is running AV protection and detects the virus first and only when the iPod is connected. Of course in that case no harm would be done.

e.g. can you be 100% sure that it was the iPod and not the camera's flash card that originally contained the virus? (Even if the flash card is not new to the system, the virus may already have been lying there dormant and propagating in the background until it was activated.)

I do wish that Apple would be a bit more proactive about this, but I don't think they should do much more than offer to take the affected iPod back and replace it (if the user desires) and maybe give the user a small gift card to iTMS for their grief.

B

This seems like such a huge vector, I can't believe AV software isn't set to scan these new devices. Why wouldn't you scan you buddy's thumb drive, iPod, etc?
Frankly, part of the lesson here is people were complacent and AV software still isn't good enough to protect the average user.

 

[balamw]

This whole thing was a screw-up by the iPod factory, but I can't believe that people aren't scanning new devices as a common practice. People are going to get bit again.

That's essentially what I'm saying above. If your system isn't already protected against this, you could be in for a world of hurt if you buy any device that presents itself as a USB mass storage device. And there are plenty of those.

EDIT: Lots of viruses/trojans/spyware have been propagating though SMB/CIFS network file shares for the past few years, so it's not a stretch to imagine the same viruses propagating on "sneakernet" shares like USB drives.

What I still don't understand about this w.r.t iPods is that I thought they shipped with disk access turned off by default so how does this thing get activated. still

B

 

[northboundkeith]

I really cant believe they told me to call Dell, and on the other hand Im not sure I can stomach dealing with Dell's tech support. Maybe Im wrong on that one.

What should I do?? I cant run the stinger program on there for long cause the computer keeps shutting down. I feel like I have made progress, but Im not sure how long it will take to sweep the whole machine with it always shutting down.

Im not good in these situations so bear with me...

Should I.
1. Keep trying to sweep with Mcafee Stinger and hope eventually it cleans the hard drive? Then of course move on to the camera and the Ipod.

or..

2. Most of what he wants to keep is on the ipod in music or photos...so what if I (Ive never done this but think I can) delete his hard drive and then reinstall his XP etc etc.

I hear what you guys are saying about responsibility etc, but Apple has sold millions of Ipods for their convenient consumer use. The average consumer cant deal with this kind of stuff...I will definitly NEVER buy a ipod as a gift for someone again.

 

[iMeowbot]

What I still don't understand about this w.r.t iPods is that I thought they shipped with disk access turned off by default so how does this thing get activated. still

At least on the Mac, when an iPod gets plugged in, it is briefly mounted as a disk before iTunes kicks in and makes a decision about keeping it there. If iTunes isn't running yet when the iPod is plugged in, it can even briefly appear in the Finder until iTunes is fully up.

 

[srf4real]

Doesn't bother me... I'm a purist.

Kudos to the disgruntled help - brilliant!

 

[balamw]

Im not good in these situations so bear with me...

Should I.

I hate to say it, but this is really another significant weakness of Windows.

Troubleshooting/fixing things when the stuff hits the fan is made really hard by the Windows PC's general inability to boot from external media (unless you build your own live CD with Bart PE or something like that).

Here's what I would do, but I have access to the IT lab at work and have lots of computers at home I can work with:

Remove the HDD from the infected PC and place in a USB enclosure.

Buy a new HDD (< $100 gets you a huge drive these days) and re-install XP to that, apply all security patches and make sure you have an up to date anti-virus program on the PC. Make sure you create a non-privileged account to use for the next step.

Try to recover the data from the HDD you removed earlier on the newly hardened system.

B

 

[northboundkeith]

ummm, yeaahhh.

thats way over my head. but thank you for the advice.

I really cant help but feel screwed by apple here. I thought I would buy my friend a nice gift and it has wrecked his puter.

 

[Snowy_River]

ummm, yeaahhh.

thats way over my head. but thank you for the advice.

I really cant help but feel screwed by apple here. I thought I would buy my friend a nice gift and it has wrecked his puter.

This seems so far beyond what every description of this virus indicate that I have to suspect that something else is going on. Even if getting infected with the virus was the proverbial straw that broke the camel's back, it seems likely that it was just that, the final straw but not the absolute source of the problem.

Also, while I can understand your reaction, I think that you're letting your reaction carry you away. To use an analogy, as many people are enjoying doing in this thread , it's like getting in an accident 5 minutes after buying a new car, and therefore concluding that you never want to try to drive again. A bit extreme.

 

[wnurse]

I think I'm going to scream. Microsoft deserves every negitive jab, ridicule, flaming, and more for selling defective and dangerous software and refusing to fix it. Their arrogance pisses me off. There is no company in the history of this country that deserves to go down in flames than Microsoft. They're worse than Enron. They have cost this country more money, people's sanity, jobs, personal privacy, that's it is ubelivable they still exist.

It isn't Apple's fault that Windows is so shamefully vunerable and viruses so ubiquitous. They wrote ***** software and pawend it off on the public and you all continue to defend it by using Windows and accepting this situation. You get a virus you deserve it. Tell Microsoft you refuse to be the victim of their incomptancy by refusing to buy their products. Use Linux, use Unix, use a freaking Amiga for all I care. Until you do they will continue to sell you crap and you will continue to deserve what you get.

Apple made a mistake, they admitted it, and put the blame where is belongs -- Microsoft.

The fact that after six years OS X still doesn't have one virus proves it can be done! Not one people! How many years will it take until you all start to understand that Windows is a horribly written piece of ...?

Why should Apple or anyone have to deal with this ridiculous situation? Microsoft is a plague and needs to be burned and destroyed. Break the damn company up and be done with it.

First, the blame for the virus is not with microsoft. What if drunks always bought fords and caused accidents, would the blame be with ford or the drunks?.

Secondly, microsoft do not make viruses, virus writers do. A virus can be made for any operating system. It's clear you are not aware of this or you wouldn't have posted that OS X doesn't have one virus (it actually does). Where have you been all this time, don't you know OS X has had virus written for it already??.

third, Microsoft windows ships without viruses. It is responsibility of windows users to buy AV product (as many people in this thread are so fondly of pointing out). I see people pointing out that if you own windows and not an AV, then you are stupid and it's your fault you are infected.. so I guess Apple is stupid then. Either for owning a windows PC without AV or for subcontracting to a builder that owns a windows PC without AV. Can't have your cake and eat it too.

Why does apple or anyone have to deal with microsoft problem?.. they don't actually.. there are many choices. The fact is, apple chose to deal with the problem. Microsoft did not put a gun to their heads and told them to make a windows compatible ipod.. they could have been content with the small market share an apple only ipod would have resulted in. Instead, they decided they wanted to increase ipod share and make windows compatible ipods, thus they decided to deal with all the problems associated with windows. Is microsoft responsible for apple wanting to use their products?. Is microsoft now in the business of guranteeing their competitor profits and growth?. It is inherently apple responsibility to ensure that their end product is free of defect, no microsoft.

So go ahead, scream. It might do you some good.

 

[balamw]

It is inherently apple responsibility to ensure that their end product is free of defect, no microsoft.

So go ahead, scream. It might do you some good.

Again, this is a problem of degrees. Apple's product is only defective in the presence of another defect that is only present in certain installs of the Microsoft supplied OS. They can't test for all possible combinations.

Viruses and trojans can even infect a small number of "well protected" systems from detection of the virus in the wild to the time the definitions are updated to catch the new virus.) This virus doesn't even use the network or e-mail to propagate, so having a system that is not networked isn't a good method of prevention...

I agree fully that Apple bears some responsibility, but this doesn't absolve the end-user and Microsoft of their share.

B

 

[schatten]

...microsoft do not make viruses, virus writers do.

Well, that depends on your definition of "virus." I've seen some MS software with some pretty virus-like M.O.'s ;-)