×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Finger Pointing Over iPod Windows Virus

CmdrTaco posted more than 7 years ago | from the pop-the-corn-and-grab-a-beer dept.

293

rs232 writes sent us some choice quotes in the finger pointing over the iPod's that recently shipped with a virus on them. "It's not a matter of which platform the virus originated [on]. The fact that it's found on the portable player means that there's an issue with how the quality checks, specifically the content check, was done," Poon wrote in a blog entry. and "Steve, if you need someone to advise on how to improve your quality checks, feel free to contact me 8)."

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

293 comments

His name is Poon! (-1, Offtopic)

Anonymous Coward | more than 7 years ago | (#16536518)

That is all.

(first post?)

OK, I have to ask (0)

CiaoYunz (620693) | more than 7 years ago | (#16536532)

How can something like this happen?! I just don't get it!

Re:OK, I have to ask (5, Funny)

ColdWetDog (752185) | more than 7 years ago | (#16536570)

How can something like this happen?! I just don't get it!

Not sure exactly what you are referring to. The virus infected iPoid? That's easy, somebody got sloppy.

The inane submission (quotes from another discussion board about a quote from a blog getting posted on another submission board). That's easy too, it's Slashdot Sunday!

Re:OK, I have to ask (5, Informative)

spvo (955716) | more than 7 years ago | (#16536624)

The surprising thing is that the worst of the quotes, "As you might imagine, we are upset at Windows for not being more hardy against such viruses...", is still unchanged on the apple web page. Anyway, http://www.apple.com/support/windowsvirus/ [apple.com] has removal instructions for anyone who thinks they may have been affected by one of these ipods.

What's so bad about that quote? (2, Insightful)

Anonymous Coward | more than 7 years ago | (#16536786)

What's so bad about that quote? That it is nothing but truthful?

The fact of the matter is that Windows should be far more resilient to malicious software, regardless of whether the vector is a network, an email attachment, or a piece of Apple hardware.

Don't forget that there's nothing Apple can do but make such facts public knowledge. Considering how Microsoft limits access to the Windows source code and development process, there's basically nothing Apple could do to help improve the situation. If Microsoft's software is so readily vulnerable to exploits, then the only party to blame is Microsoft.

Re:What's so bad about that quote? (3, Insightful)

piquadratCH (749309) | more than 7 years ago | (#16536880)

What's so bad about that quote? That it is nothing but truthful?

It's truthful, but classless. Apple screws up big time, and they have no better idea than to insult Microsoft? Common, that's so cheap...

Re:What's so bad about that quote? (5, Insightful)

bealzabobs_youruncle (971430) | more than 7 years ago | (#16536966)

Hardly a cheap shot really, if the OS wasn't such an open door this wouldn't be possible. I dock a poratble hard drive and get an exploit? Not a single prompt from the OS that something is going on? An application asserts itself as a start up process with zero sanity check? If Windows treated this properly it wouldn't try to manipulate files on removable media with no input from the user. If someone could craft an auto-executing file for other OSs, on OS X it would ask me for a password at least and name the process in question; Linux would do the same thing, or just fail silently. Doesn't happen on any other platform, it is a giant shortcoming of Windows as a platform. Stuff like this was supposed to be resolved in SP2.

Sanity Clause (0)

Anonymous Coward | more than 7 years ago | (#16537216)

Everyone knows there's no Sanity Clause. I mean check.

Re:What's so bad about that quote? (2, Insightful)

nutshell42 (557890) | more than 7 years ago | (#16537242)

If someone could craft an auto-executing file for other OSs, on OS X it would ask me for a password at least and name the process in question; Linux would do the same thing, or just fail silently.

#!/bin/sh
rm -rf ~

Considering that you can generally reinstall the OS in an hour or two, for most of us this would be just as devastating as a format c: (the exception being if you share your PC with like your omg daughter who just had to click on that link becuse the picture of the pony was sooo cute, or with your l33t hax0r err son who thought he was getting the latest warez); likewise trojans etc. installed as your user will do just as much damage as if installed as root.

Re:What's so bad about that quote? (3, Informative)

nutshell42 (557890) | more than 7 years ago | (#16537276)

Oh, and if your point was that OSX or Linux wouldn't auto-execute anything instead of "wouldn't auto-execute as root", most people would click OK on a dialog that reads "Clicking the OK button below will format your harddisk. Are you sure?"

If the user is bright enough not to click OK he's also bright enough to install an anti-virus tool.

Re:What's so bad about that quote? (0)

Anonymous Coward | more than 7 years ago | (#16537280)

Uh, what the fuck man? So Apple's fuckup is now Microsoft's fuckup? Talk about zealotry.

But how is it an insult? (0, Interesting)

Anonymous Coward | more than 7 years ago | (#16537124)

But how is it an insult? It's pointing out a very real fact: Windows poorly handles malicious software. It may not be a fact that Microsoft or Windows fanatics are proud of, but nevertheless, it's still a fact.

Suppose for the moment that you have a 2" erection. If a woman tells you, "piquadratCH, you have a small cock," then it is not an insult. The fact is that you do have a small penis, and her letting you know that is not an insult, even if it makes you feel terrible.

Now, suppose that you have a 18" raging boner. If that same woman tells you again that you have a small cock, it's an insult. Why is it an insult? Because it completely contradicts the truth, which is that you do have a massive penis.

I hope you can see the difference between insults and the truth. Had Windows been a system known for its extreme security, and Apple made the same comment, it would have been an insult. But considering how poor Windows security has been for two decades now, it's not an insult, and merely the truth.

Re:But how is it an insult? (5, Insightful)

WilliamSChips (793741) | more than 7 years ago | (#16537266)

Insults don't have to be false. Actually, in general, if they're clearly false they're rarely insults.

Re:What's so bad about that quote? (3, Insightful)

thestudio_bob (894258) | more than 7 years ago | (#16537238)

Why is this classless? I finally applaud a company coming out and stating the obvious! MS opererating system is horribably insecure and easy to exploit. Sure a person can make it stronger, but the problem is that 90% of the population doesn't know how to do this. You have to be an ./ to figure it out. Why can't MS patch the holes? I wish more companies would actually put some pressure on them to fix the thing already. And maybe this media attention will help do that. And how is this "screwing up big time"? It infected less than 1% of the iPods, that's "Big Time"? Where were you when sony was making their root kit?

Sounds so familiar (3, Interesting)

PopeRatzo (965947) | more than 7 years ago | (#16537374)

When I first read that quote from Apple it really gave me the creeps.

I like Apple as a company too much to want to hear this kind of spin from them. I understand that they are embarrassed by having infected products going out to customers, but that doesn't excuse using that old Republican technique of trying to point fingers in order to deflect blame.

For example, the GOP tried to pin the entire Foley/Page sex scandal on the Democrats and George Soros, but that appears to have backfired as most people dislike that sort of scummy avoidance of responsibility. If Foley isn't writing emails and IMs trying to get into the drawers of congressional pages, there's no scandal, period. Nothing the Dems or George Soros did afterward have any bearing on that fact.

I don't want to see Apple doing that same sort of ugly spinning, but I guess that's what happens when the marketing people take over. I watched "Thank You For Smoking" last night, and the whole movie was about this very issue. It's a great flick by the way.

Re:What's so bad about that quote? (4, Insightful)

kubevubin (906716) | more than 7 years ago | (#16536972)

So, by your logic, somebody who is shot and killed is immediately at fault because he/she isn't immortal? Oh, and the killer gets to insult the victim, too!

Not the full quote (4, Insightful)

RetiredMidn (441788) | more than 7 years ago | (#16537394)

The full sentence on the Apple website as of now (leaving room for the possibility that they've modified it since the uproar) is:

"As you might imagine, we are upset at Windows for not being more hardy against such viruses, and even more upset with ourselves for not catching it."
(Emphasis mine.)

...the full interpretation being that they place more blame on themselves and/or hold themselves to a higher standard.

If the "more upset with ourselves" phrase was in the original quote and people left it out to make Apple look [more] arrogant [than they actually are], shame on them.

Re:OK, I have to ask (2, Interesting)

CDPatten (907182) | more than 7 years ago | (#16536660)

It happened because even Apple needs Windows at some point to make their products.

Appearently they used an affected windows machine at some point in the IMAGE process, and the virus infected the image. Most likely the image is built/cloned using Windows, but I won't go into that since I'm already going to be flamed for speaking against apple.

Re:OK, I have to ask (3, Insightful)

NF6X (725054) | more than 7 years ago | (#16536878)

According to TFA, the infected Windows machine was used for compatibility testing. Do you work for Apple? How do you know what kind of machines they use in their iPod manufacturing process?

Re:OK, I have to ask (1)

cnettel (836611) | more than 7 years ago | (#16537150)

Why does a machine used for a compatibility test affect the master used for new iPods? Well, obviously it either handles the master image, or the very iPod compatibility tested was then used for cloning to thousands of others.

Re:OK, I have to ask (1)

cnettel (836611) | more than 7 years ago | (#16537192)

Ignore the above. They obviously actually test a sample of the devices post-production. I'm surprised that they would actually do that against live machines with full OS setups (partly because of the obvious risks that some consistent error in that system, like a virus, affects the tested devices negatively), but I guess it might be credible that they still actually did it in that way.

Re:OK, I have to ask (4, Insightful)

1u3hr (530656) | more than 7 years ago | (#16536886)

It happened because even Apple needs Windows at some point to make their products.

It happens because Apple doesn't make their products. Subcontracters do. Apple doesn't have any factories.

It's a subtle bug, not obvious to solve (5, Interesting)

goombah99 (560566) | more than 7 years ago | (#16537232)

I've read that the underlying problem was more subtle, which might explain some of Apple's expressed frustration with MS. I can't confirm this but it may have been that the infected PC got the infection from a blank, formatted, drive from the drive manufacturer. Even if that is not true in this case, there is nothing stopping it from being true.
It's a pretty subtle bug that, until now of course, I know would have bitten me since I would not have looked for it. I, and the technicians who do jobs for me, often replace burned hard drives in my clusters and computers with units straight out of the box. In some cases we have pre-formatted hot-swap spares still in the shrink wrap sitting on the shelf waiting to go in.

On my macs and linux machines, I sometimes use external USB drives to share with Windows PCs. I don't usually reformat these specifically because I don't entirely trust that the macintosh disk formatting program will create a prisitine PC FAT format. In all likelihood it can, I just don't have the ability to know. And I have reason to doubt: past experience has shown that when one OS provider emulates another's native formats (e.g. Samba or UFS or HFS++ or ZFS or NFS) that the emulation is usually less than complete or has artifacts.

It would be a major hassle and expense, to have to reformat every drive in a rack of clusters one is upgrading. But apparently that is now the requirement to be sure the manufacturer did not ship you a virus on the "blank" harddrive.

The problem is perhaps more diabolical than it seems. Imagine some Apple engineer putting out some specs for the process standards the Chinese manufacturer must follow. He's paranoid they won't have good practices with keeping their windows boxes clean. He also wants to assure the peripheral performance is comaptible with the ipod loading software and to assure the integrity of the data transfers to the ipod. So he decides that the sure way to do this is to make absolutely certain the box has never been on the internet, and to spec every part, so the machine has to be built at the chinese factory from scratch. They then load in the special Apple approved Windows software CD with apples programs and data. Seems foolproof. But it's not.

One might argue that to actually eliminate you have to boot from a trusted CD and then format the drives. But wait, this does not solve the problem. Isn't the problem of creating a trusted CD or and ipod install the problem we started out trying to solve? So one has to some how have a system that one can trust to do this. And that system has to be available to the manufacturer. It's kinds slippery.

If you were about to suggest "well just use Linux" to format the drive, well then apparently you just emitted the same faux paux apple did. Blaming Windows for the problem.

EXACTLY! (1, Informative)

Anonymous Coward | more than 7 years ago | (#16537302)

this other post [slashdot.org] proves the point. MS managed to print virsues on one of their own CDs. Empirically it is hard to find a virginal safe point when working with Windows.

For the same reason it's always happened... (3, Interesting)

Anonymous Coward | more than 7 years ago | (#16536674)

Profit.

More specifically, it's because both Apple and Microsoft need to cut corners on their products to make a suitable return.

Microsoft ends up releasing low-quality software that has serious security glitches. Such glitches allow for malicious software to easily harm systems and propagate throughout networks.

Apple, on the other hand, cuts down the quality of their hardware manufacturing processes. And with that decrease in quality, we see incidents like this happening.

Notice that some of the highest quality and most secure software products are those developed by organizations that have little care for outrageous profit. I'm talking about OpenBSD, for instance. Instead of focusing on matters of financial accounting, they focus on putting out damn fine software. Security problems of this magnitude become a once-in-a-lifetime occurrence for a project like OpenBSD, as they end up putting many measures in place to prevent repeats.

Re:For the same reason it's always happened... (4, Insightful)

nine-times (778537) | more than 7 years ago | (#16536790)

Apple, on the other hand, cuts down the quality of their hardware manufacturing processes. And with that decrease in quality, we see incidents like this happening.

This isn't a "hardware manufacturing" problem. The iPods got hooked to a Windows machine, probably during some QA process, and got infected. The hardware is fine.

Re:For the same reason it's always happened... (1)

fastgood (714723) | more than 7 years ago | (#16536816)

Microsoft ends up releasing low-quality software that has serious security glitches.

Not anymore. Microsoft announced it will fully spend 4 years [microsoft.com] on its next XP Service Pack to make it really safe and secure.

Hmmm, SP1 in no longer supported and 2008 is an awful long time from now to still run SP2 ... maybe we should just get Vista in 2006!

Re:OK, I have to ask (3, Informative)

nine-times (778537) | more than 7 years ago | (#16536762)

I can think of two basic ways this could happen. First, it could be sabotage. Some guy might be infecting these things with a virus for some reason. It doesn't seem like an effective way to spread viruses, though. But you know, maybe there's just some guy at the iPod factory who is a dick and thinks it's funny to put viruses on them.

The other way I can imagine this could easily happen to a small number of iPods is if there's a QA process that involves hooking a random sample of iPods to Windows machines, and some worker was using one of these machines had managed to get it infected with a virus. It could even come from a machine that is supposed to scan for viruses, if the virus scanner was compromised or out-of-date.

If you RTFA (which is short), it indicates which of the two Apple believes happened.

Brilliant (5, Funny)

Slimnaper (971797) | more than 7 years ago | (#16536536)

When I first heard about this, I thought brilliant. What better way for Apple to demonstrate how prone to viruses windows machines are, than to put a virus on an ipod that only affects windows machines.

Re:Brilliant (0, Offtopic)

CDPatten (907182) | more than 7 years ago | (#16536636)

The true brilliance is this article wasn't posted in the "Apple" section on slashdot.... so now we may see some intellectual and honest debate about the topic.

Hmmmm! (0)

Anonymous Coward | more than 7 years ago | (#16536546)

It would appear that I have nothing of interest to offer nor anything insightful to add to these comments.

Re:Hmmmm! (-1, Offtopic)

Anonymous Coward | more than 7 years ago | (#16536562)

So? That's never stopped anyone before....

Re:Hmmmm! (0)

Anonymous Coward | more than 7 years ago | (#16536720)

Precisely.

Re:Hmmmm! (0)

Anonymous Coward | more than 7 years ago | (#16537018)

You must be a regular here. ;)

Who cares? (5, Insightful)

NineNine (235196) | more than 7 years ago | (#16536552)

Who cares how it happened? It's Apple's problem. It's Apple's fault. End of discussion. Apple's comment was childish and absolutely un-called for. Apple should apologize publically, announce that they will improved their QA, and move on.

Re:Who cares? (4, Funny)

thestudio_bob (894258) | more than 7 years ago | (#16536650)

Yeah, Apple should now come out and say how they made huge quality control improvements by removing all Window's machines from their production line and replaced them with Mac's and Linux machines. Brilliant!

Re:Who cares? (1)

Jack Pallance (998237) | more than 7 years ago | (#16536776)

there's an issue with how the quality checks, specifically the content check, was done

They are talking about Microsoft's QC checks (or lack thereof) for Windows, right?

Re:Who cares? (3, Insightful)

NineNine (235196) | more than 7 years ago | (#16536896)

Again: who cares? It doesn't matter what they use to make their products. The point is that the end product not only should work, but should NOT cause additional damage to other products that people already own.

Re:Who cares? (1)

thestudio_bob (894258) | more than 7 years ago | (#16537198)

Agree, but when you introduce other variables into the equation, especailly variables that you don't directly control, then there will always be problems. The real lesson, is if they fix it or not. If it doesn't kill you it makes you stronger. With your logic we SHOULD be blaming MS for not making their OS 100% secure from virus' before shipping it... oh wait we're already doing that.

Re:Who cares? (3, Informative)

jbengt (874751) | more than 7 years ago | (#16537128)

They said they use the MS Windows machines to test compatibility issues, doesn't sound like they could get rid of them completely, as long as there's a need to connect iPods to macines with MS OSs.

Re:Who cares? (2, Insightful)

Anonymous Coward | more than 7 years ago | (#16536712)

It is Apple's problem and was a bit childish, but that doesn't neutralize their point.

I've never had a virus on any personal machine, and the only ones I've ever had happen were 0-day expolits that were impossible to prepare for in a permissive network environment (i.e., where the ones transmitting viruses were folks I *HAD* to give permission to, or shut down the program in its entirety...and we have killed areas of our business where we couldn't provide the service AND securely provide for our clients).

At the same time, I now use entirely a Mac outside of work for personal use, and my side business runs on a few Linux servers. None of them have ever been compromised, and I do very little to secure them. At least in comparison to what I have to do with my Windows boxes. No tweaking the Firewall every few weeks, no having to fiddle with the virus checker -- especially when I find out the commercial product my employer uses site wide could easily be compromised to send viruses in the form of updates to every computer in the company -- no having to shut down vital services because even the OS Manufacturer can't figure out how to make them safe.

No, I don't have to deal with this fucking bullshit at home, and my T1 at home connected to my servers are open wide and I have logs showing thousands of attempts a day. The only reason I picked up a hardware firewall is because its much faster at discarding phoney requests than the other servers.

As such, many of us who don't have to deal with viruses on a daily basis laugh at those that do. I gotta say, the gain in productivity in not having to tweak shit made up for the price disadvantage of the Mac. I bring in my personal laptop to my day job and get far more...most of the time, my PC is shut off except when I need to offload a compile. And all the other developers laugh at me, except when the company is down to wipe everything and I'm still working. I've been known to throw out childish retorts as well and feel justified for them. You pick an inferior platform to base your life and business around, simply to save a few bucks and I'm going to laugh at you and make fun of you when you are inconvienced by something that can't effect me because I did my research and adjusted.

I'm sorry, but the more I think about it, Apple might have been shooting themselves in the foot with the comment, but they are absolutely right to say so and have no need to apologize to the sheep that goes with 'good enough'.

Re:Who cares? (5, Insightful)

Anonymous Coward | more than 7 years ago | (#16536718)

From www.apple.com/support/windowsvirus [apple.com] :
We recently discovered that a small number - less than 1% - of the Video iPods available for purchase after September 12, 2006, left our contract manufacturer carrying the Windows RavMonE.exe virus. This known virus affects only Windows computers, and up to date anti-virus software which is included with most Windows computers should detect and remove it. So far we have seen less than 25 reports concerning this problem. The iPod nano, iPod shuffle and Mac OS X are not affected, and all Video iPods now shipping are virus free. As you might imagine, we are upset at Windows for not being more hardy against such viruses, and even more upset with ourselves for not catching it.
I don't see anything childish about that. Maybe if you selectively edit a quote from the above by removing it from its context, you can get something arguable. But in context, no.

For those that do not think Windows viruses are a big problem, consider my experience as a tech. I re-install Windows on clients computers due to viral infections at least once or twice a week. Generally these are older computers they have not had me work on and have failed to heed my advice w.r.t. needing anti-virus software on a Windows computer (same does not apply to the Mac OS X computers I work on). You know what really sucks, once the anti-viral software is installed and made effective (auto-scanning of every file that is touched) the whole system slows down. What could have been a relatively fast Windows computer is made slower just by having to have commercial anti-virus software (don't talk to me about OSS solutions, these installs have to be idiot proof with auto-scheduling, active scanning, and so on). Argh.

Re:Who cares? (4, Funny)

fossa (212602) | more than 7 years ago | (#16537322)

I disagree; it's very childish. Any adult should know it's "fewer than 25 reports", not "less".

Re: "Mac vs. PC counseling ad, part 2" (4, Funny)

TaoPhoenix (980487) | more than 7 years ago | (#16536812)

Therapist: "Okay, now it is time to address frustrations. Mac, express a frustration about PC. "
Mac: "I'm really upset that you proved vulnerable to the virus we somehow loaded onto our flagship product."
Therapist: "I see. PC, express a frustration about Mac."
PC: "Mac, Why did you try to get me sick in the first place?"

Therapist: "Mac, maybe you'd better come in twice a week to deal with your anger-displacement issues."

Re:Who cares? (2, Insightful)

contrapunctus (907549) | more than 7 years ago | (#16536882)

You're right, everybody should move on. And the rest of the sentence you refer to reads:
"...and even more upset with ourselves for not catching it." which should take care of the rest of your points.

The Blame Game ... (0)

Anonymous Coward | more than 7 years ago | (#16537300)

Just like those unnamed laptop companies should just recall those exploding batteries and not mention $sys$SONY

ugh (0)

Anonymous Coward | more than 7 years ago | (#16536554)

Great, add to the finger-pointing.

This isn't news.

Let the flamewar begin.

Daaamn! (4, Funny)

commisaro (1007549) | more than 7 years ago | (#16536556)

Oh SNAP! Steve Jobs got TOLD, son. Damn, that burn was off the heezy, fo'-sheezy! Now he needs to come back with "Yo, Poon. I improved your MOM's quality control." HOT DAMN!

Um, no (5, Insightful)

Anonymous Coward | more than 7 years ago | (#16536568)

Only a very small number of a specific model of iPod were affected by these Windows viruses. The entire blame rests with the factory making the iPods for Apple and putting the software image Apple prepared in advance not following good practices with respect to how they set up the empty drives before Apple's software went on them. The problem has been entirely fixed and you cannot even buy one of these infected iPods in the retail market today.

In other words, this is old news. And the size of the problem (the number of units affected) was so small, I would put good money down that we would not even know about the existence of this Windows virus problem if Apple had not disclosed it.

Thank you for posting this... (1)

T.Louis (1015101) | more than 7 years ago | (#16536698)

... because this is just ridiculous. Wonder when this will pop up in Microsoft marketing "iPod vs Zune" - 'Zune does not contain viruses like iPod'. Media never stops to amaze me.

Re:Thank you for posting this... (1, Interesting)

Anonymous Coward | more than 7 years ago | (#16536854)

I can see the marketing material now: "Zune does not contain Mac viruses!" with no mention of the fact there are no significant mac viruses anymore.

Even with that, there is something for all the Microsoft Zune supporters to be aware: Watch out or you might get Zuned! [michaelrobertson.com]

--

ill-advised comment, but not Apple's fault (5, Insightful)

ummit (248909) | more than 7 years ago | (#16536696)

Apple shouldn't have seemed to blame Microsoft, it's true. That's gotten the Windows partisans all riled up, although if you read what Apple wrote, they didn't explicitly blame Microsoft, just expressed annoyance -- and they expressed more annoyance with themselves for not noticing.

And everybody's blaming them for not noticing. But if you think about it, it was a pretty absurd thing for them to have had to "notice". As I understand it, the virus was implanted by one infected machine among a number of machines at a Chinese manufacturing shop they'd contracted iPod manufacture to. Apple said, "here's a thing that looks like an external disk: please put these bits on it for us". A simple and straightforward enough task, one would think -- but in a world where autorun exists and is or has been enabled by default, perhaps not so straightforward.

It's as if I had a letter to mail to 1000 of my customers, and I took one original down to my friendly print shop and asked them to make 1000 copies, and I or the print shop used an automated machine to fold the 1000 copies and stuff them in envelopes and mail them, and only after they were mailed out and opened by my customers did we start discovering that for some strange reason 1% of them had "FUCK YOU, ASSHOLE" overprinted on page 2. And then found out that the "strange reason" was that one of the copy machines at the print shop, among the several that the print shop divided my job among, was "infected" by a "virus".

If that happened to me, I'd be annoyed, too. (It'd be even more annoying if I were accused of ignorance for not having protected myself against this "obvious" threat, that evidently everybody else knows about and makes allowances for.) And I know my response would not be to ask the print shop to be more careful next time, or to run an "antivirus" soluton, or something. I'd take my business elsewhere, and more importantly insist that my future printing contractors use a different brand of copier, one that's not susceptible to preposterous failure modes like that, because even if there is some alleged way of papering over that particular flaw, who knows how many other equivalently egregious bizarre flaws it's got that haven't been discovered and papered over yet?

Re:ill-advised comment, but not Apple's fault (0)

Anonymous Coward | more than 7 years ago | (#16536778)

Please cite the latest report on a copier infected with a virus. There ARE obvious ways of protecting against these things. Ever heard of hash functions, digital signatures?

Re:ill-advised comment, but not Apple's fault (1)

ummit (248909) | more than 7 years ago | (#16537342)

Please cite the latest report on a copier infected with a virus.

There haven't been any. That's the point of the analogy. It would be preposterous if a copier fell prey to this kind of failure more. It ought to be preposterous and unacceptable that Windows machines are so vulnerable. Why do we continue to accept it?

photocopiers on IRC! (1)

Anal Cock (1016533) | more than 7 years ago | (#16537348)

I wonder if anyone has a botnet of photocopiers yet. Nobody would suspect that! What's scary is that they could be used for corporate espionage!

Re:ill-advised comment, but not Apple's fault (4, Interesting)

laird (2705) | more than 7 years ago | (#16536838)

From what's been announced, the disk duplication step of manufacturing was fine. Ironically, it sounds like the virus got onto the iPods as a post-manufacturing quality check where the manufacturer connected a few iPods to PC's to check them, and some of those iPods got infected from an infected PC. But this apparently affected a very small number if iPods.

To keep this in perspective, in 1995, the first Word macro virus -- now called Concept -- was massively distributed by Microsoft on a CD-ROM called Microsoft Windows 95 Software Compatibility Test. The shipment went to hundreds of companies in August 1995. And MS has distributed viruses on CD's to huge numbers of their customers numerous times. (http://www.soci.niu.edu/~crypt/other/onestop.htm, http://www.f-secure.com/v-descs/wazzu.shtml [f-secure.com] , http://pcworld.com/article/id,101930-page,1/articl e.html [pcworld.com] ) So while I am sure that MS' quality control has gotten better, I think that MS isn't in much of a position to play "holier than thou" on the issue of distributing viruses in their products.

Re:ill-advised comment, totally Apple's fault (4, Insightful)

DingerX (847589) | more than 7 years ago | (#16536848)

The buck stops with the label on the cover. Sorry, whoever you contract to do stuff with is your business; when you're selling something with your trademark on it, any problems are between YOU and the CUSTOMER. In Apple's case, their problems are between APPLE and the CUSTOMER. Blaming third-parties, whether those contracted to, or those completely uninvolved (Microsoft), is just unprofessional. I know Apple was itching to score points at an easy target like Microsoft, but guys: this is a screwup, APPLE's name is on the front, not whatever podunk assembly in the Hunan Province, and not Microsoft. Even a "minor" attack like, "Bad Microsoft, Worse Us" is out of place in PR copy. Leave that bit of trollwork to professionals, like Dvorak.

Re:ill-advised comment, totally Apple's fault (5, Insightful)

ummit (248909) | more than 7 years ago | (#16536922)

The buck stops with the label on the cover... any problems are between YOU and the CUSTOMER.

Absolutely agree. So the remaining question is: aside from the ill-advised potshot, has Apple done right or wrong by those customers? Have they (a) disavowed all responsibility, told customers it's their problem, told them to go talk to the "podunk assembly plant in Hunan Province" if they need help, or (b) done everything they can to mitigate and prevent future recurrences of the problem?

Re:ill-advised comment, totally Apple's fault (1, Insightful)

Anonymous Coward | more than 7 years ago | (#16537330)

As for the responsibility of the blunder, I absolutely agree with you. The buck stops at Apple. Whoever the fault it was, Apple did contract them and put their logo on the products as the approval and sell them as their own products. Did Apple refuse the responsibility? I can't find the evidence to the contrary. They admitted the problem, apologized and provided the way to neutralize the problem.

What people do have problems with is how Apple explained the incident. To me that's a bit unreasonable. Was Dell wrong when their laptops burst to fire and specifically attributed the problem to Sony's batteries or Ford to GoodYear tires? No. Both Sony's batteries and GoodYear tires were defective. Similarly, Microsoft Windows is defective. Companies do have the right to explain how a blunder happened when assuring the customers the steps being taken to prevent the same thing from happending again.

What's so different in those cases? Sony's batteries and GoodYear tires have no fanboys. I was tempted to say it's because both Apple and MS make OSes, but both Sony and Dell make laptops too.

Re:ill-advised comment, but not Apple's fault (1)

SagSaw (219314) | more than 7 years ago | (#16536926)

It's as if I had a letter to mail to 1000 of my customers, and I took one original down to my friendly print shop and asked them to make 1000 copies, and I or the print shop used an automated machine to fold the 1000 copies and stuff them in envelopes and mail them, and only after they were mailed out and opened by my customers did we start discovering that for some strange reason 1% of them had "FUCK YOU, ASSHOLE" overprinted on page 2. And then found out that the "strange reason" was that one of the copy machines at the print shop, among the several that the print shop divided my job among, was "infected" by a "virus".

Sorry, but in the end, you just can't delegate responsibility. No matter who was at fault, it's still your company logo that appears above the "Fuck you, Asshole" bit.

Here's how things should happen to prevent the scenario you describe. The same, mostly, applies to Apple:

  1. The print shop should have a process which controls/verifies the integrety of their printing software.
  2. The first copy(s), last copy(s), and periodic random copies off of each machine should have been verified prior to being stuffed in envelopes.
  3. The first stuffed envelope(s), last stuffed envelopes(s), and periodic random samples of the stuffed envelopes should have been verified before mailing (not just for printing errors, but to ensure each envelope has the proper contents).
  4. You, the print shop's customer, should have verified that the print shop is doing the above before giving them the business.
  5. You, the print shop's customer, should have verified that the above was actually done on your order, perhaps by insisting that the print shop provide you with the samples and/or picking several random samples to check yourself.
Now, that might be overkill for a 1000-piece run of some product, but that ought to be the bare minimum for a device like the iPod which is produced in huge numbers and which is such a key product to Apple's image.

Re:ill-advised comment, but not Apple's fault (1)

ummit (248909) | more than 7 years ago | (#16536960)

Sorry, but in the end, you just can't delegate responsibility.

And where did I suggest that anyone should, or that Apple did?

Re:ill-advised comment, but not Apple's fault (1)

9mind (702505) | more than 7 years ago | (#16536932)

Good scenario and all... but most industry's have checks before the product is even shipped. The quality check should ALWAYS be the last part of delivering any product, or YES it is your fault. It's your product, and just because something got missed, doesn't make it any less your fault. When you sell a product with your brand on it, it is your responsibility to the customers, ultimately. Taking your business elsewhere? How many lost cost FAB plants do you know that Apple could just up an easily move to? It's not a print shop, and the reason Apple chose to use them is in no doubt cost/performance that then gets passed on to the end user. But yeah realistically they can just change shops...

You may disagree, but YOU chose to use that print shop. YOU chose to let them ship your product without checking it first. Thus YOU are responsible for the final product. That is standard business practice. Once you start giving corporations 'outs' around this, you start getting shoddy products. One of the many arguments against outsourcing. A recent example of taking responsibility would be the first batch of XBOX 360es that were shipped with plastic between the processor and heat sink. Did Microsoft point fingers at the assembler? Nope they identified the problem, found a solution, and promised consumers they would get them new units. Mea Culpa. Not the.. Oh it's not our fault BS!

Apple should just have said, "We have found the error, and here's the fix. If you want a new unit, here's how to get one."

Re:ill-advised comment, but not Apple's fault (1)

ummit (248909) | more than 7 years ago | (#16537016)

The quality check should ALWAYS be the last part of delivering any product

And as another poster pointed out, it was evidently during that last, random-sample quality check that the problem was introduced.

You may disagree, but YOU chose to use that print shop. YOU chose to let them ship your product without checking it first. Thus YOU are responsible for the final product.

Absolutely, as indeed Apple is for its.

Re:ill-advised comment, but not Apple's fault (1)

RonnyJ (651856) | more than 7 years ago | (#16536950)

If Apple didn't impose stringent enough checks on their contracted manufacturers, then yes, it is partially their fault.

Re:ill-advised comment, but not Apple's fault (1)

Zebra_X (13249) | more than 7 years ago | (#16537210)

This is crap.

"As you might imagine, we are upset at Windows for not being more hardy against such viruses, and even more upset with ourselves for not catching it." What part of that sentence has nothing to do with the issue at hand? OH WAIT, it is the part where they accuse Windows of not being "hardy" against a locally run EXE file. OH HA, ok, that makes it all better now doesn't it? How can you make a computer more "hardy" against locally run programs, especially ones that originate from a presumably trusted source? Auto run is actually the issue here as that is the attack vector on the windows machines - but the bigger problem is not the operating system. It is the fact that a user trusts the iPod. If a user plugs in an iPod with a malicious program on it for the first time and it asks the user for the machines admin password, how many users would provide their credentials to the malicious iPod program? Almost, everyone.

As I understand it, the virus was implanted by one infected machine among a number of machines at a Chinese manufacturing shop they'd contracted iPod manufacture to. Apple said, "here's a thing that looks like an external disk: please put these bits on it for us". A simple and straightforward enough task, one would think

What apple FAILED to do was verify that the contents of the disk are identical to the image that they were created from. It's THAT SIMPLE.

Lets re-write part of the press release statement from the perspective of Dell a few months back.

"As you might imagine, we are upset at Sony's li-ion cells for not being more hardy against regular usage, and even more upset with ourselves for not catching it."

Yeah, not going to find that in print. Why? The selection and distribution of defective batteries is a result of Dell's poor supply chain management (not really that poor), not Sony's. Sure Sony's batteries sucked, and they blow up, but you do not see Dell making snide remarks at Sony for providing the faulty battery.

In conclusion, this is Apple's problem and their Windows based customers. It is that simple.

In response to your little print shop scenario:

The difference between paper and hard drives is that the contents of the hard drives can be verified at any time, using automated tools that require little or no human intervention. Where as it is impractical to have a human read every

Reality check (4, Insightful)

mattr (78516) | more than 7 years ago | (#16536742)

It's not just the iPod, viruses on shipped hardware seem to be getting more common. For example see below. Can't give other documented articles, but remember similar cases this past year. Anyone? The swipe at Microsoft sounds a lot like Jobs, looks like his personality has infected the company too. But Apple could win this by instating new controls over subcontractors and making a PR campaign in which they force them to use Macs or otherwise emphasize steps they've taken to minimize infection from Microsoft-based hardware. :)

Quote from article [digitalmusicnews.com] :

Earlier, McDonald's and Coca-Cola faced a similar problem in Japan during an MP3 player giveaway, though the events are unconnected. The iPod virus only affects Windows machines, and does not alter the behavior of the portable device itself or Mac operating systems.

It's Microsoft's problem (2, Insightful)

ajs318 (655362) | more than 7 years ago | (#16536770)

The blame for this lies entirely at the feet of Microsoft.

Who created the Operating System which will execute arbitrary code -- for that matter, arbitrary code which ought to require administrator privileges -- without the say-so of the user? Microsoft did.

That is the problem. For sure, they had a reason to do that -- they wanted to hide "difficult" decisions from the user in order to make their operating system beginner-friendly. Their model seems to be "Programmers know what they are doing, users don't." Unfortunately for everyone concerned, that has well and truly bitten them in the arse.

If Vista is more secure than Windows XP, then it will necessarily be harder to use. The only way it could be more secure than XP while remaining as easy to use, is if only certain trusted parties are allowed to write software for it. (Which is effectively what you've almost got with some OSes; anyone is allowed to write software, but software distributors -- who may well be independent of the software creators -- maintain a catalogue of what is "safe", based on their own judgement after reading the Source Code. Tech-savvy users can check the Source Code for themselves. Non-tech-savvy users know they can rely on the software distributor's judgement. Any distributor who does a bad job by distributing dangerous software loses custom.) But that would create a monopoly, or at best a cartel.

Re:It's Microsoft's problem (1)

mh101 (620659) | more than 7 years ago | (#16537090)

The blame for this lies entirely at the feet of Microsoft.

Who created the Operating System which will execute arbitrary code -- for that matter, arbitrary code which ought to require administrator privileges -- without the say-so of the user? Microsoft did.
Uh, yeah. Apple somehow let their product get shipped out with a virus on it, and it's Microsoft's fault, because their software is the what the virus targets? As much as I dislike Microsoft and Windows, it's not their fault that someone planted a virus on iPods, and it's not their responsibility to make sure the iPods are clean when shipped.

That's like if a food company sold some food with harmful bacteria or viruses in it. Would you blame them for shipping tainted food products, or pass the blame off saying they weren't the ones who designed humans to be susceptible to illness in the first place.

Or if a mechanic didn't do a good job fixing my car and a critical part wasn't fastened good enough, is the mechanic's fault if I drive over a pothole and shake that part loose and my car stops working? Or would you say it's the city's fault for not filling the pothole fast enough? I'd be annoyed at the city for leaving the pothole there, but I would be calling up the mechanic fast, not City Hall.

Re:It's Microsoft's problem (0)

Anonymous Coward | more than 7 years ago | (#16537098)

Wasn't there something about the virus requiring user confirmation to autorun? This would be running arbitrary code with the say-so of the user. But don't let an opportunity to flame Microsoft pass you by, no matter how tenuous the link..

The worst part (1)

ChadAmberg (460099) | more than 7 years ago | (#16536788)

The worst thing is how long ago they were warned about it. Posts in Apple's forums were within a day or two of when it started happening. I posted about it here http://www.pirate-king.com/episode/1436 [pirate-king.com] weeks before it hit the major news outlets.
I even talked to the editors at The Register about the story.

Re:The worst part (0)

Anonymous Coward | more than 7 years ago | (#16537160)

I am confused. Your post is from October 3rd. Today is October 22nd. It has been less than 3 weeks and Apple has already disclosed the problem, last week.

The worst thing is how long ago they were warned about it.

Microsoft has known about the design flaws in their Windows operating systems that allow for the execution of arbitrary code for at least a decade now. This virus infection would not have occurred, in fact this virus would not even exist, if Microsoft had not fallen down (and did not continue to fall down) on the job. Your sentiment is correct, if you are referring to Microsoft.

Simple fix (5, Funny)

kop (122772) | more than 7 years ago | (#16536840)

I used to work for a small company that made CD-ROM's
Only after we recieved 3000 copies of our free handout Amsterdam nightlife CD-ROM did we discover that there was a windows virus on all of them.
We simply slapped a "MAC only" sticker on them and handed them out!

Re:Simple fix (0)

Anonymous Coward | more than 7 years ago | (#16536892)

You run a risk of being infected with more serious viruses by participating in "Amsterdam nightlife".

Re:Simple fix (1)

mh101 (620659) | more than 7 years ago | (#16536898)

How did the virus get on there? Did you guys discuss it with whoever made the CDs for you? Do you still do business with that company?

Re:Simple fix (1)

kop (122772) | more than 7 years ago | (#16536946)

The virus was on the gold master so we did it ourselves.
Just lack of experience with windows in an all mac shop.
I do think the way we "solved" the problem is very professional. ; )

Re:Simple fix (1)

Xochil (542406) | more than 7 years ago | (#16536928)

Why would you make a CD for a Media Access Controller? Don't they work much betters on Macs?

And in retalliation (2, Funny)

XNine (1009883) | more than 7 years ago | (#16536856)

Microsoft will ship it's upcoming media player "Zune" with Mac OS 7 (or System 7) viruses, trying to prove that Mac users (of 10 years ago) are susceptible to viruses and that it's all Apple's fault for how they got on there and how insecure the Mac OS really is.

Re:And in retalliation (1)

Farmer Tim (530755) | more than 7 years ago | (#16537014)

Knowing how Microsoft do things, they'd probably try to prove how insecure OS X is by including some Office trojans.

Whose Fault? (0)

Anonymous Coward | more than 7 years ago | (#16536912)

Apple really has nowhere to run for cover on this now.

Why? Bootcamp.

They are putting out an architecture that will run Windows alongside OSX; so now they have a responsibility not to _aid and abet_ destruction of a customer's info.

What that Windows OS does after they delivered it is not their lookout; but they have a responsibility to their customers to not _facilitate_ in any way _another_ vector of attack to that machine.

A fine distinction, but an important one nonetheless.

If you shouldn't be using the stick with Apple hardware that runs Wintel, then they would have had a little more wiggle room...

Can Someone Tell Me (1)

Quantam (870027) | more than 7 years ago | (#16536992)

How exactly can a Windows virus jump from a Windows computer on to an iPod (completely different architecture), then back onto a Windows computer? Is there some MAJOR similarities between the two architectures, or is it that there's absolutely no way this could have been an accident?

Re:Can Someone Tell Me (0)

Anonymous Coward | more than 7 years ago | (#16537080)

The iPod is essentially just a USB drive with playback capability. Windows iPods are formatted for FAT32, I believe.

Re:Can Someone Tell Me (1)

Quantam (870027) | more than 7 years ago | (#16537096)

Okay... so how does something that contains data execute a virus? Or was it a virus that exploits a flaw in some particular audio player to execute code?

Re:Can Someone Tell Me (1)

mh101 (620659) | more than 7 years ago | (#16537296)

Just a guess, but maybe it uses Windows' autorun "feature" to launch as soon as the iPod is plugged in to a PC.

Re:Can Someone Tell Me (4, Informative)

Space cowboy (13680) | more than 7 years ago | (#16537308)

It doesn't.

Since the device appears like a hard-drive to Windows, Windows will run any code set to auto-execute as soon as the disk is plugged in. The ipod just acts as a carrier in this instance.

It appears that one of the QA machines used to test windows compatibility had the virus on it, so when the randomly-sampled fully-finished ipod was plugged in for a QA compatibility test, the virus was uploaded onto the ipod's hard disk by Windows, and just sat there waiting until it was plugged into another Windows PC. None of this involves any activity by the ipod itself, it's all being done by Windows.

Not that I think Apple's comment was all-that-great, and they'll have to deal with the fall-out, but I could see Apple being just a tad frustrated about this...

Simon.

Re:Can Someone Tell Me (0)

Anonymous Coward | more than 7 years ago | (#16537194)

From what I have read elsewhere, it seems that the virus came on the drive from the hard drive manufacturer.

- SuperFreak

Re:Can Someone Tell Me (1)

colmore (56499) | more than 7 years ago | (#16537228)

Ipods configured on Windows machines are formatted in a Windows-compatible format (I'm about 90% sure it's Fat32). This is also the format of choice for iPods connecting to non-OS X machines in general.

Apple's QC really really should have caught this, but it's also pretty horrendous that removable storage can be automatically infected by and automatically execute any binary. I'm something of a systems guy, and I really don't have any idea how I would go about purposefully doing something like that on a Unix, even if I were just trying to get something to autorun without root access.

Asking for It (1, Funny)

Quantam (870027) | more than 7 years ago | (#16537022)

"As you might imagine, we are upset at Windows for not being more hardy against such viruses..."

In other words: don't blame me, she was asking for it!

This is Apple's failure to stakeholders (0)

maf54 (1008577) | more than 7 years ago | (#16537056)

Apple has an ethical duty to provide products that don't harm the computers of its customers. If Sony did this they would be drawn and quartered by slashgeeks. But Apple fanboys high-five eachother, saying, "Way to go Apple. This shows how bad Windows is." Stakeholders in Apple are hurt by this and I find it unprofessional of Jobs to blame Microsoft for Apple's failure.

Finger pointing (1)

Coopjust (872796) | more than 7 years ago | (#16537066)

The whole thing is sort of stupid. It is Apple's fault, it is their product and by selling it to you took responsibility to support it. An example is the Dell battery recall; Sony produced the defective batteries, but it is Dell's responsibility to provide a recall system since they sold you the laptop.

Apple is keeping mum about it; there is a link from the main support page, but it's pretty small. But this is just stupid:
"As you might imagine, we are upset at Windows for not being more hardy against such viruses, and even more upset with ourselves for not catching it."

That is inane. Blame Windows. And the whole even more upset with ourselves for not catching it is a poor way to cover it. That is like ford saying "A limited number of tires on Mustangs will spontaneously fail, causing a serious accident. As you might imagine, we are upset at drivers for not being more durable during such a crash, and even more upset at ourselves for not catching it"

Apple should apologize, improve the QA, and take responsibility for the problems the viral iPods have caused.

Bad analogy (2, Insightful)

Space cowboy (13680) | more than 7 years ago | (#16537364)

That is like ford saying "A limited number of tires on Mustangs will spontaneously fail, causing a serious accident. As you might imagine, we are upset at drivers for not being more durable during such a crash, and even more upset at ourselves for not catching it"

Apple are *not* blaming the users of the ipod (the "drivers"), they are expressing some anger at the ultimate cause of how it happened ("the tire manufacturers"), and you better believe that if tires started randomly blowing out on cars, and there was an avenue of blame available, then Ford damn well would lay that blame firmly at the tire-manufacturers feet.

Since they're also volunteering this information, announcing a way for users to completely recover ("new body cloning device" ?), and expressing even more anger at themselves for not catching it, I don't really see the big deal.

Simon

Now, when did viruses become a new threat? (1, Interesting)

BillX (307153) | more than 7 years ago | (#16537162)

I remember picking up "The Giant Black Book of Computer Viruses" from the library in the early 90s; all of those listed pre-dated Windows. Apple is crying, "What? There are viruses?" as if this is some sort of recent development. What exactly am I missing?

Re:Now, when did viruses become a new threat? (1)

Space cowboy (13680) | more than 7 years ago | (#16537404)

I think you're missing that it was a subcontractor, doing final QA compatibility testing on a random sample of finished products, using an infected PC that caused the whole problem in the first place.

Apple probably have heard about viruses, even if their own immune system seems to be holding up... They're not saying "what's a virus", they're saying "Damn, that stupid frickin contractor used an infected PC for a QA test, then shipped the device out without re-initialising the hardware. Wouldn't it be nice if everyone had as good an immune system as us and wouldn't have to worry about this stuff ? Must get better subcontractors, sorry people - here's how to fix it."

Simon.

Their QA cetainly sucks (1)

hardcode57 (734460) | more than 7 years ago | (#16537164)

I've just had my replacement iPod fail exactly as the first one did. On both, iTunes just finished loading my music, said it was safe to disconnect, and the units started boot cycling and can't be got out of it. Anyone else have a similar issue with one of the new 80GB video iPods?

Could be a lawsuit.... (1)

ShyGuy91284 (701108) | more than 7 years ago | (#16537390)

Although it wasn't many people, so it probably won't happen, this sounds like a perfect lawsuit. Like a computer version to having pieces of glass in your food...... Sounds like it could be won if damages occurred. Apple is lucky it wasn't worse, or this could have become a legal problem for them.
Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...