×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Photo Kiosks Infecting Customers' USB Devices

kdawson posted more than 3 years ago | from the thumb-drive-condoms-in-aisle-four dept.

Security 288

The Risky Biz blog brings news that Big W, a subsidiary of Woolworths, has Windows-based Fuji photo kiosks in at least some of its stores that don't run antivirus software, and are therefore spreading infections, such as Trojan-Poison-36, via customers' USB storage devices. Here is the account of the original reporter. "It's not just the lack of AV that's the problem... it appears there's been zero thought put into the problem of malware spreading via these kiosks. Why not just treat customers' USB devices as read-only? Why allow the kiosks to write to them at all? It would be interesting to find out which company — Fuji, Big W, or even some other third party — is responsible for the maintenance of the machines. It would also be interesting to find out if there are any liability issues here for Big W in light of its boneheaded lack of security planning."

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

288 comments

Every input is bad... (5, Insightful)

maweki (999634) | more than 3 years ago | (#32808148)

Did they not learn this in programming school? Does not every programming tutorial and system administrator handbook start with this?
The first thing I learned (fortunately not the hard way) was, that, nevermind the specs, input is allways malformed, user input doubly so...

System Administration 101

Re:Every input is bad... (3, Interesting)

Z00L00K (682162) | more than 3 years ago | (#32808528)

In addition to that - disable the autorun feature in the kiosks - that's probably the most likely reason why they are infected.

U3 is also a culprit here.

Re:Every input is bad... (4, Insightful)

Fluffeh (1273756) | more than 3 years ago | (#32808812)

I work at Woolworths (The parent company), and I really wonder if I start blowing my trumpet about this, will:
a) Anyone in management have a clue what this means.
b) Anyone be able to track down someone who can actually DO something about it.
c) (sadly) whether anyone will actually care enough to make a change for the better.

Tomorrow morning's agenda...

Re:Every input is bad... (0)

Anonymous Coward | more than 3 years ago | (#32808882)

LOL, no.

Re:Every input is bad... (2, Insightful)

maweki (999634) | more than 3 years ago | (#32808884)

d) I guess you will get fired for not complying to some company policy you have... (the smart money is on Rule 1 "don't speak up when knowing better than management")

Re:Every input is bad... (4, Interesting)

erroneus (253617) | more than 3 years ago | (#32808592)

No, they don't teach that any longer. I was up on my soap box on the issue and the general response was "but that just introduces bloat!" and was modded troll. I seriously couldn't believe what I was seeing. The fundamentals have been forgotten or ignored lately. It explains a lot. These same people were telling me that "regex" is better than the primitive methods I described for input validation -- the primitive methods I described were to be simple, compact and likely in assembler. I was like "what do you think a "regex" does? Magic? It does the very same thing I described but in a higher-level language. These people all believe in the magical black box.

Re:Every input is bad... (4, Insightful)

stephanruby (542433) | more than 3 years ago | (#32808890)

These same people were telling me that "regex" is better than the primitive methods I described for input validation -- the primitive methods I described were to be simple, compact and likely in assembler.

Let me guess: (1) the software in question was a blogging program much like wordpress (in other words, you must feel that the context of the situation wasn't relevant to your thesis and didn't even need to be shared with us), (2) the kids you were talking may have known about "premature optimization" but were far too young to explain that concept adequately to you, and (3) those same kids didn't know what an assembler was either, that's why they didn't make fun of you for pretending to know how to program in "assembler" instead of ***assembly***.

Re:Every input is bad... (1)

xous (1009057) | more than 3 years ago | (#32808704)

Heh. This was never even mentioned in my college "Computer Analysis/Programmer" course. The whole thing was pretty much a joke from my POV. My favorite thing to do was break my teachers example applications with no code access. It was absolutely hilarious to school the teacher on data validation when that is what she was supposed to be teaching the class. I mean who the hell thinks poping up a a damned message box on the key up event that tests for '', 'abcdef...' (yes, I'm fucking serious her tests were exclusive instead of inclusive) is a good idea. (A simple copy and paste skips validation)

Original Reporter? (0)

Anonymous Coward | more than 3 years ago | (#32808154)

Original Reporter? I reported this to Woolworths in January. Not only that, it appears to be affecting independent camera stores with similar systems too.

IT runs FUCKING WINDOWS MAN !! (-1)

Anonymous Coward | more than 3 years ago | (#32808164)

It's bad, man, it's real bad !! Woolworth's? What fucking country still has the old store? Africa? Windows and Woolworth's. Made for each other.

Re:IT runs FUCKING WINDOWS MAN !! (0, Funny)

Anonymous Coward | more than 3 years ago | (#32808552)

You're just bitter because the idiots running Woolworths UK couldn't make it competitive enough to stay open so now you have to stalk kids at pick-n-mix's elsewhere perv-boy.

Windows autorun viruses are like vuvuzelas. (5, Insightful)

ivucica (1001089) | more than 3 years ago | (#32808166)

Windows autorun viruses: Annoying if you use Windows, easy to ignore if you don't.
Vuvuzelas: Annoying if you watch soccer, easy to ignore if you don't.

Re:Windows autorun viruses are like vuvuzelas. (-1, Offtopic)

upyourshomo (1803732) | more than 3 years ago | (#32808184)

yep, I'd love to effectively silence you by shoving a huge wang in your mouth. Preferably horse or mule size.

Re:Windows autorun viruses are like vuvuzelas. (-1, Offtopic)

aussieslovethecock (1840034) | more than 3 years ago | (#32808188)

i put my penis in your mouth, then I pull it out... put my penis in your mouth, then I pull it out... repeat.

Re:Windows autorun viruses are like vuvuzelas. (0)

Anonymous Coward | more than 3 years ago | (#32808332)

You could have caught that loop earlier ... unless you're prefetching.

Re:Windows autorun viruses are like vuvuzelas. (-1, Offtopic)

love2putmypenisthere (1804486) | more than 3 years ago | (#32808276)

I, nor anyone else except your Torvalds' dick sucking fanboi mods, give two shits (or fucks) that you use linux and watch NFL. The fact that you're not modded off-topic for this ridiculous, ignorant, fucking post is extremely fucking sad to me. In conclusion, I'd like to say...
1. FUCK YOU
2. You are worthless
and
3. I hope that every computer you ever use from now on instantly has a catastrophic hard drive failure. That way, I will never, EVER, have to read another post generated by your worthless, idiotic mind.
Regards,
Your mom.

Re:Windows autorun viruses are like vuvuzelas. (-1, Troll)

Anonymous Coward | more than 3 years ago | (#32808286)

clearly off topic, plz mod down.

While we're tossin' around analogies... (3, Funny)

denzacar (181829) | more than 3 years ago | (#32808526)

Just like with STDs, you can still be a carrier even if you yourself don't suffer from the symptoms.

And just like with STDs, infecting other people while claiming that you are "immune" kinda makes you a jerk.
No pun intended.

Re:While we're tossin' around analogies... (2, Funny)

Anonymous Coward | more than 3 years ago | (#32808712)

STDs: Annoying if don't read slashdot, easy to ignore if you do.

Read-only switch for USB sticks? (2, Interesting)

Errol backfiring (1280012) | more than 3 years ago | (#32808170)

I never encountered a USB stick with a read-only switch. Floppies had them (although they only "communicated" a read-only setting and could not enforce it). SD cards have them, but no USB stick I ever saw had one. Why? Such a switch on a digital device can really enforce the read-only setting.

Re:Read-only switch for USB sticks? (3, Informative)

Lennie (16154) | more than 3 years ago | (#32808182)

I have seen USB-sticks with a read-only switch, so they do exist.

Re:Read-only switch for USB sticks? (5, Insightful)

Tim C (15259) | more than 3 years ago | (#32808208)

I've seen them, but that's not the point - the point is that the kiosk itself should be mounting the stick as read-only regardless of how the stick itself is configured. There should be absolutely no way for the kiosk to write to the stick; otherwise you risk an error (or something malicious, as in this case) wiping out the customer's data or (again, as in this case) potentially infecting their machine.

Re:Read-only switch for USB sticks? (5, Informative)

Anonymous Coward | more than 3 years ago | (#32808232)

virus.code

line 1: remount USB write enabled

Re:Read-only switch for USB sticks? (0)

Anonymous Coward | more than 3 years ago | (#32808250)

My first thought exactly

Re:Read-only switch for USB sticks? (3, Insightful)

Bert64 (520050) | more than 3 years ago | (#32808486)

Mounting the stick readonly is to protect yourself against liability more than anything else (what if your kiosk corrupts the customers filesystem or deletes their files?)
On the other hand, you could use a hardware reader which is designed to be read only so the software cannot write to it regardless... If the customer inserts a CDROM there is no chance of it being written to if the kiosk doesn't have a writer device.

Preventing anything malicious from executing in the first place is another matter entirely, and also needs fixing.

Re:Read-only switch for USB sticks? (1)

put_it_down (1847636) | more than 3 years ago | (#32808642)

It might be a good idea to avoid giving virus writers crowd sourcing ideas. Just a thought.

Re:Read-only switch for USB sticks? (1)

Errol backfiring (1280012) | more than 3 years ago | (#32808248)

You are right off course. But looking at every USB stick I have, I see that I could not even prevent their infection.

Re:Read-only switch for USB sticks? (0)

Anonymous Coward | more than 3 years ago | (#32808314)

There should be absolutely no way for the kiosk to write to the stick

True enough. I'm not entirely sure what the kiosks would need to put on the sticks anyhow.

Also, these kiosks are connected to the internet? I guess? Not sure how the trojans are getting on it.

Re:Read-only switch for USB sticks? (1)

shadowknot (853491) | more than 3 years ago | (#32808586)

Some kind of simple write blocking solution is what's needed. Tableau [tableau.com] are the kings of write blocking so I'm sure the company constructing these kiosks could do a deal with them for some kind of solution [tableau.com] .

Re:Read-only switch for USB sticks? (1, Informative)

Anonymous Coward | more than 3 years ago | (#32808304)

The older USB sticks had them quite often; haven't seen one with a RO switch for about 3 years now.

Re:Read-only switch for USB sticks? (1)

LinuxIsGarbage (1658307) | more than 3 years ago | (#32808524)

You can always use an SD card. Obviously I wouldn't trust my sole copy of my photos in a card in a kiosk, but you can use it as a read only card.

Re:Read-only switch for USB sticks? (2, Interesting)

Errol backfiring (1280012) | more than 3 years ago | (#32808690)

Are you sure? According to this site [fencepost.net] , the SD write protect switch does not protect anything, just like the old floppies. It only communicates intent.

Windows Read-only mode. (0)

WarJolt (990309) | more than 3 years ago | (#32808200)

Windows doesn't have a way to mount as read-only.

Re:Windows Read-only mode. (0)

Joce640k (829181) | more than 3 years ago | (#32808268)

Sure it does...rigth click on any folder, select "properties", go to the "security" tab and knock yourself out with all the options.

Re:Windows Read-only mode. (3, Insightful)

pinkushun (1467193) | more than 3 years ago | (#32808384)

Can you click faster than that Trojan, before it can infect your writable device? I doubt that, Speedy Gonzales. To mount read-only is divine.

Re:Windows Read-only mode. (1, Informative)

Anonymous Coward | more than 3 years ago | (#32808272)

yes it does:
in the Registry path HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\StorageDevicePolicies
create a DWORD called WriteProtect with a value of 1.

this should make widows mount all usb disks read-only

Re:Windows Read-only mode. (0)

Anonymous Coward | more than 3 years ago | (#32808554)

... and any reasonable virus that wants to spread by usb-drives will just change the same registry entry back to 0.

Re:Windows Read-only mode. (1)

dermoth666 (1019892) | more than 3 years ago | (#32808636)

Only because they've been so idiot to run the kiosk as an administrator!

With its default permissions, HKLM cannot be altered by normal users, and I don't see why a kiosk would need any additional privileges.

Re:Windows Read-only mode. (3, Funny)

Anonymous Coward | more than 3 years ago | (#32808880)

Are you sure that Windows is ready for the desktop? I'm not sure my grandmother could handle that...

Re:Windows Read-only mode. (0)

Anonymous Coward | more than 3 years ago | (#32808302)

Why use Windows, known for this invulnerability, when Linux could have made the job ? Lasyness. I've benn through this process :)

Re:Windows Read-only mode. (0)

Anonymous Coward | more than 3 years ago | (#32808366)

Why use Windows, known for this invulnerability, when Linux could have made the job ? Lasyness. I've benn through this process :)

Why use a best-guess, known for this vulnerability, when a spellchecker could have done the job correctly? Lazyness. I've been through this process :).

Re:Windows Read-only mode. (0)

Anonymous Coward | more than 3 years ago | (#32808544)

Linux don't need no malware. Updates seem to brake OS quite easy by just installing. Not saying Windows updates could not ripple OS, but more often than linux counterparts, they don't. Just my own exprience.

Re:Windows Read-only mode. (5, Informative)

Rogerborg (306625) | more than 3 years ago | (#32808328)

Wow, it took me all of 30 seconds to find evidence that you're a lazy raging retard who shouldn't be trusted with a calculator, let alone a general purpose computing device [helpwithwindows.com] . I know that's a long name for the link, but I really felt it needed to be said.

One more reason not to use Windows. (-1, Troll)

gox (1595435) | more than 3 years ago | (#32808220)

I wouldn't mind if it dumped all the world's infections on my stick.

Just saying...

Re:One more reason not to use Windows. (4, Funny)

Rogerborg (306625) | more than 3 years ago | (#32808350)

I wouldn't mind if it dumped all the world's infections on my stick.

Must... resist... "yo momma" joke.

How much storage space do you mind losing to viruses though? Windows viruses. Come on, unleash your anger!

Responsibility (5, Interesting)

Anonymous Coward | more than 3 years ago | (#32808226)

I would guess Fuji is responsible for these machines. I work for Target, and ALL equipment, kiosks included, in our Kodak labs are serviced by Kodak field techs.

Incidentally, we are allowed to connect guests' media to the kiosks ONLY, never directly to any other lab workstation, because the kiosks are (or at least are supposed to be) far better locked down, including treating all media as read-only.

Just burn a CD (5, Informative)

Spy Handler (822350) | more than 3 years ago | (#32808252)

Just burn a CD and give it to them. Blank CDs cost like 10 cents each if you buy a spindle, and you don't have to worry about them losing your USB drive or infecting it.

Re:Just burn a CD (0)

mikael_j (106439) | more than 3 years ago | (#32808308)

You still have a CD/DVD-ROM drive in your computer? Well ok, my iMac still has a DVD-ROM burner but every other computer I've got doesn't (although I keep a couple of old spare CD-R/RW drives around in storage just in case).

Re:Just burn a CD (0)

Anonymous Coward | more than 3 years ago | (#32808400)

Most better PCs still have them, only crappy mini-towers leave them out.
Hell, I even still have a floppy drive in my PC (although I had to put that in myself).

Re:Just burn a CD (1)

jridley (9305) | more than 3 years ago | (#32808520)

Still need to install my OS from somewhere. I've had bad luck installing from USB thumb drives (as in, I can never get it to work). My last attempt was installing OpenSuSE and it failed to boot.

Re:Just burn a CD (1)

zaphod777 (1755922) | more than 3 years ago | (#32808656)

They utility included in Ubuntu works pretty well to put an ISO on a USB drive even if said ISO is Windows ;-)

Re:Just burn a CD (0)

Anonymous Coward | more than 3 years ago | (#32808786)

In some countries you pay a MAFIAA tax on blank cds, eg switzerland. I will never again burn any cd.

Use file permissions. (4, Informative)

jack2000 (1178961) | more than 3 years ago | (#32808292)

More people need to know about this:
You can make your usb stick immune to all autorun viruses. Simply make an empty autorun.inf file on the usb stick, set file permissions for username " everyone " to Full control: Deny all.
Now noone can delete, write, rename that file and viruses aren't smart enough yet to take over control or delete permissions on the file. The file system on the stick would have to be ntfs. If the file system on it is fat32 you'll need to run from cmd
convert Z: /FS:NTFS /X
Where Z is the partition letter of your usb stick. You can also disable autorun on all partitions using TweakUI

Re:Use file permissions. (4, Interesting)

twisteddk (201366) | more than 3 years ago | (#32808364)

And what makes you think that the Kiosk software can read a NTFS USB drive ?
While I cannot speak for the specific types of machines mentioned in the article, I DO know that a lot of the local machines over here are using some funky Linux flavor (presumably to keep costs down), running off flash ROM. And they generally expect you to deliver the data in a FAT32 partition if you provide a USB drive.
Then again, if the software is Linux, Then there usually isn't that much of a problem with viruses hopping from one device to the next, I'd wager.

Re:Use file permissions. (1)

jack2000 (1178961) | more than 3 years ago | (#32808372)

Requiring people to use fat32 is a little barbaric. Why would anyone have to be forced to use a file system without file permissions or password encryption is beyond me.

Re:Use file permissions. (1)

twisteddk (201366) | more than 3 years ago | (#32808430)

I dont know. I would guess that it has to do with what they can make work in a machine that's only supposed to cost some hundred $. I'm guessing it's a way to cut costs not having to pay for a license to read/write to NTFS devices. Unless MS is starting to give away those licenses for free now ?

Re:Use file permissions. (1)

zaphod777 (1755922) | more than 3 years ago | (#32808686)

The driver included in most Linux distros these days can read it fine. But it is not perfect since Microsoft has released documentation on the NTFS file system it is only reverse engineered. However it is good enough to read from a USB drive for pictures. Why are these things not running Linux? It would be perfect for it. The only thing I can think is if they use some obscure printer that there is no driver in Linux.

Re:Use file permissions. (4, Interesting)

Bert64 (520050) | more than 3 years ago | (#32808514)

Blame Microsoft...
There are plenty of open royalty free filesystems out there, but MS refuse to implement them and want you to pay royalties to use their own filesystems instead, so people use fat32 because its the least patented of the few filesystems MS do bother to support.

No, not so much (2, Interesting)

Sycraft-fu (314770) | more than 3 years ago | (#32808866)

MS does nothing to stop you from implementing any file system you like in Windows. In fact, they've got documentation on how to do it. It's called the Installable Filesystem Kit, which is part of their driver development kit. You can easily write your own file system drivers for Windows.

As an example have a look at http://www.fs-driver.org/ [fs-driver.org] . They've got an ext2 driver for Windows. Install it, and ext2 is a file system Windows understands and works with, just like any other. There are others too, there is a commercial HFS (Mac) IFS if you need it.

The problem is not that MS won't allow people to implement other file systems on Windows, they allow it easily. The problem is people are not at all interested in doing so. MS themselves are not that interested because they have a good file system. If you read the info on BTRFS it's goals read like an NTFS feature list. NTFS does what tehy want for a modern filesystem for their computers. For simpler devices, there is exFAT and FAT32. They need nothing else.

Also FAT is so widely supported because it is old (lots of things support it, so more things continue to support it, etc, positive feed back) and simple. For embedded devices, simplicity of a file system can be very important. You do not want the overhead associated with more complex file systems. As a simple example the exfat.sys driver in Windows 7, which supports all FAT systems (including 32, 16, and 12) is 200k. The ntfs.sys driver that supports NTFS is 1.6MB. Now please note that the size difference isn't the issue, it is just indicative of the complexity. NTFS requires a lot of processing, as do most good modern desktop file systems. FAT is just a linked list more or less. It is extremely simple to implement.

For that matter the original FAT is also the ISO/IEC 9293 standard.

But please, don't let the facts get in the way of your two minutes of hate.

Re:Use file permissions. (1)

BandoMcHando (85123) | more than 3 years ago | (#32808646)

I kinda have to use FAT32 on USB disks (including a 250GB one - amusing that I have to use Linux to partition/format it), purely because I want to use them to play back video on a Playstation, so no NTFS support there.

Re:Use file permissions. (3, Interesting)

ledow (319597) | more than 3 years ago | (#32808664)

The word "pointless" comes to mind. First, any decent virus that *wants* to can just disable your protection immediately. Literally one line of code. I would be shocked if the virus-libraries that are out there don't already have a set of routines where you just pass it a filename that you *want* to write and it does all the fancy trickery to try to write to that file no matter what (e.g. mount the media, relax permissions, make the current user owner, overwrite the file entry entirely etc.) and then possibly even clean up any "changes" after it's done its job (e.g. restore permissions). Relying on the fact that you haven't seen a virus that knows how to change permissions on a file that stands between you and infection is *stupid*. Viruses, almost by definition, act with full administrator privileges by extremely cleverly executed buffer overruns and other attacks. You really think that a non-permissioned (but permissionable) file can't be accessed/changed automatically by something *TRYING* to write that file by an administrator privilege program written by the same person?

Your "solution" is a temporary, ineffective workaround to stop a single USB device from having its autorun information changed if the "attacker" puts zero effort into it and doesn't use quite obvious and simple code to take account of *any* possible situation that one of it's victims may have (i.e. don't expect everyone to write-protect their autorun.inf, but do expect *every* write access to fail and keep trying different ways to get them to work). Saying that you're then "immune" to all autorun viruses is stretching it a bit. It's only as secure as the fact that the virus respects the disk as an NTFS structure, uses the standard NTFS routines to access it, is running as a user that can't modify the permissions (unlikely by that point) and doesn't bother to just blindly wipe permissions on any file it wants to write to. Also, NTFS USB sticks? Yeah, right. About as popular and readable in random machines as ext4 ones. And to be honest, just making it an ext2-disk with the ext2fs driver probably renders it MORE immune to autorun.inf creation/execution.

The "solution" to this is to not have autorun enabled on your USB drives at all. WHY? What is the purpose? To save you a double-click. That's it. And it opens up arbitrary execution to any device that poses as a USB stick (even my 3G modem has writable USB storage, so I'd have to apply the same principle to this and every other device that I autorun - my phone, my 3g modem, my external hard drive, even ordinary USB devices are coming with "driver" partitions that install the drivers from an autorun partition on the device on first use). Or I could just switch autorun off. If the USB stick is compromised, then it's compromised. No amount of fancy permission-fixing will fix that and it's just as likely that a virus hunts down my JPG's and inserts some payload that crashes certain JPG-reading applications. Or just modifies the MBR so that if I leave it in it will autoboot and silently infect my PC. Or infect anything else executable / readable on the stick. It overwriting my autorun.inf is the LEAST of my worries and much more easily and permanently fixed by a built-in Windows option on a per-PC instead of per-stick basis.

Don't let things automatically do stupid shit like auto-update and/or auto-run without you knowing what they're doing.
The problem with viruses these days is not the viruses - it's the *stupid* and *ridiculous* attitude to an unknown third-party running arbitrary code on the machine that holds your banking details, etc. "Oh, I got a virus the other day but I think I cleaned it off", people running with viruses without realising for months, if not years, and people thinking that anti-virus does *anything*. Don't half-arse it. If you're smart enough to disable autorun, do that. If you think your USB sticks stand a risk of being infected, wipe them before you put them anywhere else (by inserting into an autorun-disabled or, better, Linux machine and formatting them). I work in a school - I have dozens of "sacrificial" USB sticks that people can use. Everytime someone asks for one, they get a "fresh" one. When it's returned it's put into a different pile and once a month I go through and format all those that have come back to me - the chances are they have *something* on them.

Disable Autorun and other stupid programs (Adobe Photo Downloader comes to mind). Write protect your media if you don't want changes made (SD cards do not have a hardware write-protect, just for those that do that - SD card writability is nothing but a software flag given by the tab on the card. There is no requirement for the PC/card reader/disk access software to respect it at all). If you can't write-protect it, use a sacrificial USB stick for that purpose - costs pence, gives you an extra copy of your data, stops you risking your USB sticks / SD cards in some high-traffic kiosk that probably is as grubby as hell inside, and you can verify if your data was modified or just format the damn thing if you're uncertain.

Your computer might not hold anything "secure" but mine damn well does. Not only do I not trust any device at all (even ones opened from a new packet), if I found out that you had an infected stick that you were about to give me (and I pretty much guarantee that it wouldn't be able to transfer to my computer anyway and I don't even *have* antivirus), I'd refuse to even *touch* the stuff on it or anything else you sent me until I could certify your PC's were clean again. And even then I'd be heavily suspicious and take extra precautions with *everything* you sent me from then on. Don't fuck about with things when they have potentially complete access to your PC, your data, any network you plug them into, etc. You might think it's nothing, but I damn well don't. Half-arsed measures like this just make people get into the "Oh, I ran a scan after suspicious activity and there was no warning, so I carried on" mindset.

Surely the title of this article should be... (5, Interesting)

ewrong (1053160) | more than 3 years ago | (#32808322)

"Customers USB Devices Infecting Photo Kiosks".

Security strategy (1)

dimethylxanthine (946092) | more than 3 years ago | (#32808324)

I wonder how many of those booth designers fail to protect their own piece during promiscuous relationships. Are they're too naive to think most people run, much less bother to update their own AV software? They clearly haven't gone out much or been responsible enough at it... FAIL.

Readonly kiosk (0)

Anonymous Coward | more than 3 years ago | (#32808376)

shouldn't the kiosk be readonly too?

Re:Readonly kiosk (1)

zaphod777 (1755922) | more than 3 years ago | (#32808726)

I remember in College we used a program called "Deep Freeze" on the Lab computers. It had a stock image on it and every time the machine got rebooted it would go back to the original state. I think that combined with software that saves all of the transactions on a server that is protected should be fine. But they should really run some form of Linux if they can.

Yeah, so? (5, Interesting)

Anonymous Coward | more than 3 years ago | (#32808386)

I used to work on similar kiosks a few years back, those also had no AV, but usually that wasn't a problem.
They ran a hardened win2k, no network services, autorun disabled, afair execution for all drives but C: disabled.
So how the f* would they get infected in the first place?
Lazy techs, at least that was the #1 cause for troubles for back then, everything from re-enabling services to installing 3rd party RA software with no/weak passwords...

I also want to know if they copy my pics! (4, Interesting)

ciaran_o_riordan (662132) | more than 3 years ago | (#32808398)

The kiosk situation is generally lousy.

Do they keep a copy of all my pics?

They make a copy (they have to, to display thumbnails), but is it temporary or permanent ("To improve the quality of our service...").

There should be a law prohibiting the keeping of copies without express permission, and they shouldn't be allowed to make unrelated functionality dependent on the user agreeing to let them keep a copy.

Copyright law might work here, but I imagine the kiosk companies have found a way around that. Maybe there's a "Terms of user" stick on the back of the machine mentioning that they keep copies, etc.

Re:I also want to know if they copy my pics! (0)

Anonymous Coward | more than 3 years ago | (#32808522)

They probably keep a copy of your pics along with your payment details to send to the authorities if your pictures look too racy. I would not be surprised if that was made the law.

Re:I also want to know if they copy my pics! (5, Interesting)

tqft (619476) | more than 3 years ago | (#32808580)

I know BigW keep them for up to a week - stuck disk in all the thumbnails up and I asked - how long do you keep them? Up to a week as customers often come back. Can you delete them for me now? No.

I haven't been back there to have photo's printed. and any shop - i grab just the pics I want printed and put them on an sd card and put that in.

Why feed the Beast more than it needs to? If we don't make the data available, the Beast can't eat it.

Re:I also want to know if they copy my pics! (1)

ciaran_o_riordan (662132) | more than 3 years ago | (#32808670)

That's what I do too, and it reduces the problem for us, but I usually think about these issues from the point of view of what's necessary to protect my less-technical family and friends.

Re:I also want to know if they copy my pics! (1)

brunes69 (86786) | more than 3 years ago | (#32808590)

Er, why do you think they make a copy to display thumbs? Your home PC does not have to do this.

Re:I also want to know if they copy my pics! (1)

ciaran_o_riordan (662132) | more than 3 years ago | (#32808658)

It at least has to copy them into volatile memory (RAM). Whether it makes a copy on a hard disk is an implementation issue, but the user can't know the implementation, so we can't make assumptions about it not making such copies.

Re:I also want to know if they copy my pics! (1)

Waccoon (1186667) | more than 3 years ago | (#32808604)

I used to work in a photo store. On the Kodak Picturemaker we used to use, the admin interface required a password not only to print, but also to recall previous orders. Also, the machine only saved orders for one day.

Of course, that machine was based on a Sun SPARCstation. It's been a while since I've worked retail.

Have you seen an infected ATM? (2, Interesting)

pinkushun (1467193) | more than 3 years ago | (#32808416)

A couple times I have seen an ATM that has crashed, BSOD or shows a windows logon screen -- And we're supposed to trust our money with these tin can openers? WTF?!

Read-only (3, Informative)

Tuan121 (1715852) | more than 3 years ago | (#32808420)

Just a guess, but when you are selecting pictures at the kiosk you can probably also do some options such as red-eye reduction, rotating etc. I would imagine most people who do that at a kiosk would like those changes saved on the original picture on their USB drive instead of having to repeat the process at home where they might not even know how to do it.

So there is a reason for not mounting it as read-only.

Poor design.. (4, Interesting)

Bert64 (520050) | more than 3 years ago | (#32808466)

Why run windows on these kiosks? An embedded OS would be more suitable and cheaper...

Why execute anything thats stored on the usb sticks? That's just colossally stupid, i could understand if some malware was getting onto the devices by exploiting a bug in the jpeg parser or similar, but executing any code on an inserted device is just ridiculous.
Why is the inserted media not mounted read only? These kiosks only need to print photos, they don't need to write to the media.
Why is the system drive writable?
Why is the kiosk software running as a privileged user?

The idea of installing antivirus on them is a stupid one, it will increase the cost, require the kiosks to be updated somehow (either necessitating frequent engineer visits or require a network connection), and no antivirus detects everything (i often do incident response when a customer system has been compromised, in every single case there has been some kind of av product installed and it failed to detect the compromise even tho in most cases the malware installed is well known to other av products).

Also an av product may detect a false positive on a customer's media device and delete their data which could open the kiosk vendor up to potential liability.

Instead, run an embedded linux on these systems...
the frontend software is custom written anyway so could just be written for linux instead without too much difficulty..
less to go wrong since such an os could be stripped to its bare minimum
less cost - there would be no per unit licensing costs..
mount any customer supplied media readonly and noexec.
boot the os from readonly flash so the os cannot be tampered with and any problems a reboot will restore it to default/clean settings
use ram for temporary storage (or a small disk which is reformatted at boot if more storage is required) so after a power cycle, anything left on there is gone
if any persistent storage is required (eg for logs) use a remote syslog server, a receipt printer, or a small disk mounted noexec
use something like an internal readonly compact flash card for the os, when an engineer has to upgrade all he needs to is swap the card out.

Re:Poor design.. (2, Informative)

Errol backfiring (1280012) | more than 3 years ago | (#32808736)

Why execute anything thats stored on the usb sticks?

Quite simple, because Microsoft had a policy to make any data format executable. Yes, images also. And XML, off course. And CSS, even though the standard explicitly warned against that. In Microsoft's own words, to "make developers smile".

Re:Poor design.. (2, Insightful)

Anonymous Coward | more than 3 years ago | (#32808748)

"Why run windows on these kiosks? An embedded OS would be more suitable and cheaper..."

Because, while the embedded OS would be less expensive, the development costs would be far higher. Windows devs are a dime-a-dozen, not so much with true embedded developers-especially ones that have experience and know what they are doing

Why execute anything thats stored on the usb sticks? That's just colossally stupid, i could understand if some malware was getting onto the devices by exploiting a bug in the jpeg parser or similar, but executing any code on an inserted device is just ridiculous.
Why is the inserted media not mounted read only? These kiosks only need to print photos, they don't need to write to the media.
Why is the system drive writable?
Why is the kiosk software running as a privileged user?

The idea of installing antivirus on them is a stupid one, it will increase the cost, require the kiosks to be updated somehow (either necessitating frequent engineer visits or require a network connection), and no antivirus detects everything (i often do incident response when a customer system has been compromised, in every single case there has been some kind of av product installed and it failed to detect the compromise even tho in most cases the malware installed is well known to other av products).

Also an av product may detect a false positive on a customer's media device and delete their data which could open the kiosk vendor up to potential liability.

"Instead, run an embedded linux on these systems...
the frontend software is custom written anyway so could just be written for linux instead without too much difficulty..
less to go wrong since such an os could be stripped to its bare minimum
less cost - there would be no per unit licensing costs..
mount any customer supplied media readonly and noexec.
boot the os from readonly flash so the os cannot be tampered with and any problems a reboot will restore it to default/clean settings
use ram for temporary storage (or a small disk which is reformatted at boot if more storage is required) so after a power cycle, anything left on there is gone
if any persistent storage is required (eg for logs) use a remote syslog server, a receipt printer, or a small disk mounted noexec
use something like an internal readonly compact flash card for the os, when an engineer has to upgrade all he needs to is swap the card out."

This is all may be true, but you have to remember that these machines are in world-wide use. They were developed maybe 10 years ago, embedded linux was not ready for prime-time back then. Your comments show a complete lack of basic knowledge of how software is developed and used to make money for a business. Things don't bode well for you. There are such things as ROI, project schedules, manufacturing schedules and technology that affect the decisions. It's NOT just about whatever technology is available right now. Get a clue.

Re:Poor design.. (1, Interesting)

Anonymous Coward | more than 3 years ago | (#32808778)

Why run windows on these kiosks? An embedded OS would be more suitable and cheaper...

No it won't be. Developers that can do development on an embedded OS are few (and very expensive), while Windows UI developers are a dime a dozen. That goes for testing, system integration and support staff as well. These kiosks are sold at a much lower volume than mass consumer electronic products so I wouldn't be surprised if the cost of the machine + OS is dwarfed by the personnel costs in developing and supporting the system.

Windows, not ready for the kiosk. (2)

Ivan Stepaniuk (1569563) | more than 3 years ago | (#32808534)

I still do not understand how people dare to deploy Windows on non-attended machines. Severe tweaking to the OS is necessary to accomplish this task successfully, at a point you would be probably violating the license you are paying for. I bet everybody reading this has seen a 'funny' dialog or information box popping up on kiosks, information screens, ATMs, etc. not to mention BSODs. A photo kiosk is the typical application for which Windows is an overkill.

Not running Linux? (-1, Redundant)

erroneus (253617) | more than 3 years ago | (#32808606)

For things like Kiosks, there really is no excuse for not running Linux. The software is free and even if you were to pay to license certain things (say, video codecs) you would still come out ahead as in Windows you'd theoretically be paying the same things. The same amount of work should go into making a stable kiosk under Windows as under Linux... but then again, perhaps they didn't put in enough work under Windows which is why this story came out in the first place... nevermind.

kiosk manufacturers are the culprits (5, Informative)

dev_eddie (827800) | more than 3 years ago | (#32808638)

I did own an Agfa Photo Kiosk. It didn't have an AV by default and it ran "Windows XP embedded edition" that prevented me from installing an AV (installers didn't allow me to do an install.). I saved a raw image of the hard disk for safety and allowed it to infect customers. It was a security nightmare. Viruses had their way into the machine, but AV software didn't. Autorun was a requirement for the kiosk software to process photos and could not be disabled.

Want it to stop? (-1, Flamebait)

WindBourne (631190) | more than 3 years ago | (#32808676)

Then if you are infected, SUE THE COMPANY. Look, this is ridiculous. Companies have a total lack of security. When they have an issue, they apologize and pass the buck (Windows is responsible; MS then denies responsibility). Once companies get hit with LARGE lawsuits, then security will jump up in priority.

Confirmation (0)

Anonymous Coward | more than 3 years ago | (#32808760)

Confirming that my USB drive was infected after using the kiosk at Kmart. When I informed the attendant he told me not to worry, those machines were being replaced anyway.

As an aside, the kiosks at my local Big W have keyboards. While they were smart enough to remove the Windows key, they did not disable the Ctrl-Esc shortcut. Quite amusing to browse Slashdot in the middle of the store.

W00t! Windows based kiosks (4, Funny)

ArsenneLupin (766289) | more than 3 years ago | (#32808824)

1. download random pic [goatse.fr] from Internet.
2. put it on stick, along with Virus
3. infect kiosk
4. from now on, kiosks substitutes customers photos with "random internet pic" from step 1 somewhere between the time the order has been validated, and when it will be printed.
5. ...
6. Sit back and watch the fun as customer comes back to pick up his photos...

Woolworths? (1, Informative)

Anonymous Coward | more than 3 years ago | (#32808846)

Didn't they go bust at the end of 2008? Oh hang on.. you don't mean *that* [wikipedia.org] Woolworths. You meant one of the other Woolworths around the world. Would have been nice if you'd mentioned which one.

What about a R-O switch? (1)

mark-t (151149) | more than 3 years ago | (#32808862)

For crying out loud - even floppies had read-only tabs. Who the f*** designs removable digital storages device without one?

I mean, that way people'd be able to secure themselves against this sort of thing, right?

So why have I never seen any USB drives that are made so that when a particular (physical) switch on it was toggled, the data on it is not modifiable by any computer it might be plugged into? It seems to me in light of this that it's a concept whose time may have likely come.

A Question (1)

Silvrmane (773720) | more than 3 years ago | (#32808876)

I'm asking this out of curiosity, as I really don't have any experience with this type of thing: How do you ensure that USB devices are read-only? Is it a hardware thing? Because if it is a software thing, then it is doomed to being circumvented by the malware. Of course, that brings up the question as to how the malware got on the machine in the first place - I imagine from autorun being on by default. Some system integrator did a lousy job setting the machines up, for sure. But the question remains - how would you protect inserted USB or SD or Flash cards from being written to at a hardware level? Sure, all of those devices have a write-protect tab on them, and as a consumer there's no way I'm putting a drive of mine into an unknown machine without turning setting the drive to "write protect" first, but then, everyone isn't me.
Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...