Finger Pointing Over iPod Windows Virus

rs232 writes sent us some choice quotes in the finger pointing over the iPod's that recently shipped with a virus on them. "It's not a matter of which platform the virus originated [on]. The fact that it's found on the portable player means that there's an issue with how the quality checks, specifically the content check, was done," Poon wrote in a blog entry. and "Steve, if you need someone to advise on how to improve your quality checks, feel free to contact me 8)."

Brilliant

When I first heard about this, I thought brilliant. What better way for Apple to demonstrate how prone to viruses windows machines are, than to put a virus on an ipod that only affects windows machines.

Who cares?

Who cares how it happened? It's Apple's problem. It's Apple's fault. End of discussion. Apple's comment was childish and absolutely un-called for. Apple should apologize publically, announce that they will improved their QA, and move on.

Re:Who cares?

Yeah, Apple should now come out and say how they made huge quality control improvements by removing all Window's machines from their production line and replaced them with Mac's and Linux machines. Brilliant!

Re:Who cares?

There will be problems, but you pay them the money for it, so it's their problem. If you buy a toaster, and it catches on fire, and the company says, "It's the fault of Taiwan Wire, Inc. who provided us with faulty wire", who is going to be blamed? It's the fault of the toaster company, because they used defective materials. In this case, it's the fault of Apple, because one of their vendors/manufacturers screwed up. People aren't concerned with the thousands of steps it takes to get to the iPod, nor should they be. That's what manufacturing companies do. They put together hundreds if not thousands of components together, and the final product is what you're buying. You're not buying wire, and an LCD screen and buttons and batteries and paint and plastic. You're not buying transporation from China to the US. You're not buying trucking services. You're not buying packaging. You're not buying pallets to put the cases of boxes on. You're not buying warehouse space. You're not buying ink to print the packaging. You're not buying silicon for the circuit boards. You're not buying iron to make the steel headphone jack. You're buying an iPod.

Re:Who cares?

What!?

That's like saying, "Only a tiny percentage of criminals use guns. But one hundred percent of the cops they shoot will be injured or killed unless they have third-party protection (in the form of a bullet-proof vest). Therefore the fault lies with cops for not wearing bullet-proof vests."

It doesn't matter that Windows is vulnerable. Its still Apple's fault that they shipped a product that will damage the data on my PC. The responsibility lies on Apple's poor QA process that allowed this kind of damaging infection to get on their product.

Re:Who cares?

From www.apple.com/support/windowsvirus [apple.com]:

We recently discovered that a small number - less than 1% - of the Video iPods available for purchase after September 12, 2006, left our contract manufacturer carrying the Windows RavMonE.exe virus. This known virus affects only Windows computers, and up to date anti-virus software which is included with most Windows computers should detect and remove it. So far we have seen less than 25 reports concerning this problem. The iPod nano, iPod shuffle and Mac OS X are not affected, and all Video iPods now shipping are virus free. As you might imagine, we are upset at Windows for not being more hardy against such viruses, and even more upset with ourselves for not catching it.

I don't see anything childish about that. Maybe if you selectively edit a quote from the above by removing it from its context, you can get something arguable. But in context, no.

For those that do not think Windows viruses are a big problem, consider my experience as a tech. I re-install Windows on clients computers due to viral infections at least once or twice a week. Generally these are older computers they have not had me work on and have failed to heed my advice w.r.t. needing anti-virus software on a Windows computer (same does not apply to the Mac OS X computers I work on). You know what really sucks, once the anti-viral software is installed and made effective (auto-scanning of every file that is touched) the whole system slows down. What could have been a relatively fast Windows computer is made slower just by having to have commercial anti-virus software (don't talk to me about OSS solutions, these installs have to be idiot proof with auto-scheduling, active scanning, and so on). Argh.

Re:Who cares?

I disagree; it's very childish. Any adult should know it's "fewer than 25 reports", not "less".

Re: "Mac vs. PC counseling ad, part 2"

Therapist: "Okay, now it is time to address frustrations. Mac, express a frustration about PC. "
Mac: "I'm really upset that you proved vulnerable to the virus we somehow loaded onto our flagship product."
Therapist: "I see. PC, express a frustration about Mac."
PC: "Mac, Why did you try to get me sick in the first place?"

Therapist: "Mac, maybe you'd better come in twice a week to deal with your anger-displacement issues."

Daaamn!

Oh SNAP! Steve Jobs got TOLD, son. Damn, that burn was off the heezy, fo'-sheezy! Now he needs to come back with "Yo, Poon. I improved your MOM's quality control." HOT DAMN!

Re:Daaamn!

crap... that was WAAAAY over my head.

I need to brush up on my dumbass-a-nese.

:-)

Um, no

Only a very small number of a specific model of iPod were affected by these Windows viruses. The entire blame rests with the factory making the iPods for Apple and putting the software image Apple prepared in advance not following good practices with respect to how they set up the empty drives before Apple's software went on them. The problem has been entirely fixed and you cannot even buy one of these infected iPods in the retail market today.

In other words, this is old news. And the size of the problem (the number of units affected) was so small, I would put good money down that we would not even know about the existence of this Windows virus problem if Apple had not disclosed it.

Well, that's what happens..

.. when you outsource your operations to McDonalds.

ill-advised comment, but not Apple's fault

Apple shouldn't have seemed to blame Microsoft, it's true. That's gotten the Windows partisans all riled up, although if you read what Apple wrote, they didn't explicitly blame Microsoft, just expressed annoyance -- and they expressed more annoyance with themselves for not noticing.

And everybody's blaming them for not noticing. But if you think about it, it was a pretty absurd thing for them to have had to "notice". As I understand it, the virus was implanted by one infected machine among a number of machines at a Chinese manufacturing shop they'd contracted iPod manufacture to. Apple said, "here's a thing that looks like an external disk: please put these bits on it for us". A simple and straightforward enough task, one would think -- but in a world where autorun exists and is or has been enabled by default, perhaps not so straightforward.

It's as if I had a letter to mail to 1000 of my customers, and I took one original down to my friendly print shop and asked them to make 1000 copies, and I or the print shop used an automated machine to fold the 1000 copies and stuff them in envelopes and mail them, and only after they were mailed out and opened by my customers did we start discovering that for some strange reason 1% of them had "FUCK YOU, ASSHOLE" overprinted on page 2. And then found out that the "strange reason" was that one of the copy machines at the print shop, among the several that the print shop divided my job among, was "infected" by a "virus".

If that happened to me, I'd be annoyed, too. (It'd be even more annoying if I were accused of ignorance for not having protected myself against this "obvious" threat, that evidently everybody else knows about and makes allowances for.) And I know my response would not be to ask the print shop to be more careful next time, or to run an "antivirus" soluton, or something. I'd take my business elsewhere, and more importantly insist that my future printing contractors use a different brand of copier, one that's not susceptible to preposterous failure modes like that, because even if there is some alleged way of papering over that particular flaw, who knows how many other equivalently egregious bizarre flaws it's got that haven't been discovered and papered over yet?

Re:ill-advised comment, but not Apple's fault

From what's been announced, the disk duplication step of manufacturing was fine. Ironically, it sounds like the virus got onto the iPods as a post-manufacturing quality check where the manufacturer connected a few iPods to PC's to check them, and some of those iPods got infected from an infected PC. But this apparently affected a very small number if iPods.

To keep this in perspective, in 1995, the first Word macro virus -- now called Concept -- was massively distributed by Microsoft on a CD-ROM called Microsoft Windows 95 Software Compatibility Test. The shipment went to hundreds of companies in August 1995. And MS has distributed viruses on CD's to huge numbers of their customers numerous times. (http://www.soci.niu.edu/~crypt/other/onestop.htm, http://www.f-secure.com/v-descs/wazzu.shtml [f-secure.com], http://pcworld.com/article/id,101930-page,1/articl e.html [pcworld.com]) So while I am sure that MS' quality control has gotten better, I think that MS isn't in much of a position to play "holier than thou" on the issue of distributing viruses in their products.

Re:ill-advised comment, totally Apple's fault

The buck stops with the label on the cover. Sorry, whoever you contract to do stuff with is your business; when you're selling something with your trademark on it, any problems are between YOU and the CUSTOMER. In Apple's case, their problems are between APPLE and the CUSTOMER. Blaming third-parties, whether those contracted to, or those completely uninvolved (Microsoft), is just unprofessional. I know Apple was itching to score points at an easy target like Microsoft, but guys: this is a screwup, APPLE's name is on the front, not whatever podunk assembly in the Hunan Province, and not Microsoft. Even a "minor" attack like, "Bad Microsoft, Worse Us" is out of place in PR copy. Leave that bit of trollwork to professionals, like Dvorak.

Re:ill-advised comment, totally Apple's fault

The buck stops with the label on the cover... any problems are between YOU and the CUSTOMER.

Absolutely agree. So the remaining question is: aside from the ill-advised potshot, has Apple done right or wrong by those customers? Have they (a) disavowed all responsibility, told customers it's their problem, told them to go talk to the "podunk assembly plant in Hunan Province" if they need help, or (b) done everything they can to mitigate and prevent future recurrences of the problem?

Re:ill-advised comment, totally Apple's fault

The difference is that Dell's press releases don't mention Sony batteries, but _their_ batteries, which Sony happened to manufacture. Ford sold trucks with Goodyear-branded tires, and recalled same.

I repeat, for those fanboys who are hard of hearing: it's the job of the professional media trolls to place the blame. Apple coulda scored tons by just profusely apologizing for the Windows virus getting into their distribution system. There are plenty of press hacks who will "go the extra mile" and explain why Windows sucks. This has nothing to do with fanboys and everything to do with business sense. Sorry, Apple screwed up. Don't cry too much, or your tears might crack your G4 cube.

Reality check

It's not just the iPod, viruses on shipped hardware seem to be getting more common. For example see below. Can't give other documented articles, but remember similar cases this past year. Anyone? The swipe at Microsoft sounds a lot like Jobs, looks like his personality has infected the company too. But Apple could win this by instating new controls over subcontractors and making a PR campaign in which they force them to use Macs or otherwise emphasize steps they've taken to minimize infection from Microsoft-based hardware. :)

Quote from article [digitalmusicnews.com]:

Earlier, McDonald's and Coca-Cola faced a similar problem in Japan during an MP3 player giveaway, though the events are unconnected. The iPod virus only affects Windows machines, and does not alter the behavior of the portable device itself or Mac operating systems.

It's Microsoft's problem

The blame for this lies entirely at the feet of Microsoft.

Who created the Operating System which will execute arbitrary code -- for that matter, arbitrary code which ought to require administrator privileges -- without the say-so of the user? Microsoft did.

That is the problem. For sure, they had a reason to do that -- they wanted to hide "difficult" decisions from the user in order to make their operating system beginner-friendly. Their model seems to be "Programmers know what they are doing, users don't." Unfortunately for everyone concerned, that has well and truly bitten them in the arse.

If Vista is more secure than Windows XP, then it will necessarily be harder to use. The only way it could be more secure than XP while remaining as easy to use, is if only certain trusted parties are allowed to write software for it. (Which is effectively what you've almost got with some OSes; anyone is allowed to write software, but software distributors -- who may well be independent of the software creators -- maintain a catalogue of what is "safe", based on their own judgement after reading the Source Code. Tech-savvy users can check the Source Code for themselves. Non-tech-savvy users know they can rely on the software distributor's judgement. Any distributor who does a bad job by distributing dangerous software loses custom.) But that would create a monopoly, or at best a cartel.

The worst part

The worst thing is how long ago they were warned about it. Posts in Apple's forums were within a day or two of when it started happening. I posted about it here http://www.pirate-king.com/episode/1436 [pirate-king.com] weeks before it hit the major news outlets.
I even talked to the editors at The Register about the story.

Simple fix

I used to work for a small company that made CD-ROM's
Only after we recieved 3000 copies of our free handout Amsterdam nightlife CD-ROM did we discover that there was a windows virus on all of them.
We simply slapped a "MAC only" sticker on them and handed them out!

And in retalliation

Microsoft will ship it's upcoming media player "Zune" with Mac OS 7 (or System 7) viruses, trying to prove that Mac users (of 10 years ago) are susceptible to viruses and that it's all Apple's fault for how they got on there and how insecure the Mac OS really is.

Virus transport by iPod

Did somebody miss the real news story?

Can Someone Tell Me

How exactly can a Windows virus jump from a Windows computer on to an iPod (completely different architecture), then back onto a Windows computer? Is there some MAJOR similarities between the two architectures, or is it that there's absolutely no way this could have been an accident?

Re:Can Someone Tell Me

It doesn't.

Since the device appears like a hard-drive to Windows, Windows will run any code set to auto-execute as soon as the disk is plugged in. The ipod just acts as a carrier in this instance.

It appears that one of the QA machines used to test windows compatibility had the virus on it, so when the randomly-sampled fully-finished ipod was plugged in for a QA compatibility test, the virus was uploaded onto the ipod's hard disk by Windows, and just sat there waiting until it was plugged into another Windows PC. None of this involves any activity by the ipod itself, it's all being done by Windows.

Not that I think Apple's comment was all-that-great, and they'll have to deal with the fall-out, but I could see Apple being just a tad frustrated about this...

Simon.

Asking for It

"As you might imagine, we are upset at Windows for not being more hardy against such viruses..."

In other words: don't blame me, she was asking for it!

Finger pointing

The whole thing is sort of stupid. It is Apple's fault, it is their product and by selling it to you took responsibility to support it. An example is the Dell battery recall; Sony produced the defective batteries, but it is Dell's responsibility to provide a recall system since they sold you the laptop.

Apple is keeping mum about it; there is a link from the main support page, but it's pretty small. But this is just stupid:
"As you might imagine, we are upset at Windows for not being more hardy against such viruses, and even more upset with ourselves for not catching it."

That is inane. Blame Windows. And the whole even more upset with ourselves for not catching it is a poor way to cover it. That is like ford saying "A limited number of tires on Mustangs will spontaneously fail, causing a serious accident. As you might imagine, we are upset at drivers for not being more durable during such a crash, and even more upset at ourselves for not catching it"

Apple should apologize, improve the QA, and take responsibility for the problems the viral iPods have caused.

Now, when did viruses become a new threat?

I remember picking up "The Giant Black Book of Computer Viruses" from the library in the early 90s; all of those listed pre-dated Windows. Apple is crying, "What? There are viruses?" as if this is some sort of recent development. What exactly am I missing?

Their QA cetainly sucks

I've just had my replacement iPod fail exactly as the first one did. On both, iTunes just finished loading my music, said it was safe to disconnect, and the units started boot cycling and can't be got out of it. Anyone else have a similar issue with one of the new 80GB video iPods?

Could be a lawsuit....

Although it wasn't many people, so it probably won't happen, this sounds like a perfect lawsuit. Like a computer version to having pieces of glass in your food...... Sounds like it could be won if damages occurred. Apple is lucky it wasn't worse, or this could have become a legal problem for them.

It's both parties fault

Seriously, if Windows was more secure then it would be safe, even in the test labs, and since Apple admits to knowing this, they should in their labs have active security measures against such problems, if they're gonna offer their product on the Windows platform as well.

lame

Common, your product gets infected because of some slopiness, and you blame another company??

If Jobs doesn't like it, then stop making the iPod work on Windows. How would he like it if all of a sudden the iPod would be "disabled" by MS? He'd sue the living hell out of them (and for good reason).

Take the responsability for the screw up and fix it.

Use professional tools

Obviously Windows shouldn't be used in a production environment, given its susceptibility to this sort of thing. The real mistake was Apple allowing their contractors to use unprofessional tools. In the future hopefully they'll insist on the use of Macs or Linux, or embedded systems.

Begs the question (in my mind) of how much it costs our economy to be reliant on Windows.

Why not prepare on OS X?

For one thing, though I just bought an 80GB iPod, this didn't affect me, since the first thing I did was attach it to my G5 at work, so it was re-formatted into HFS the moment I started up iTunes.

But, I have to wonder why Apple prepares them on Windows machines in the first place. OS X has native support for FAT32 filesystems, so why not just prep them on OS X in the first place? And furthermore, why even have HFS iPods anyway? FAT32 iPods work fine on OSX.

I know E.Coli is not a virus but still...

Don't you think it's the same kind of situation?
A small number of shipped product managed to get shipped infected with E.Coli.

The spinach company regrets that certain people were not more hardy to E.Coli infestation and regrets them not figuring it out before it happened.

Yet for some reason I don't see people defend them. I wonder why. Maybe because love for Mac stuff is bigger than love for Spinach :)

Apple should never have let a McWindows box touch

...the iPod in the productline. And it is their fault for not using a Mac or Linux box to test the iPod after every Microsoft Windows box 'touched' the iPod before boxing it up.

Shame on Apple. ;-/

LoB

It's not the first time

I remember back in the pre OS X days, at Apple's World Wide Developer's Conference, they put some CDs in our tote bags with Macintosh viruses. They discovered it after we got the bags, but the first day. All the sessions started with a big slide warning about the bad CDs.

Even worse, I once worked for a company that sent out a press release with a Microsoft Word virus. Sending a virus in a press release not good marketing.

It's a sad world, isn't it?

This is analagous to th city of Cupertino missing a terrorist arrest and then blaming New York City for being such a common target for terrorism....

And we wonder why we've been dealing with viruses for so long without a real solution being created....

Macworl.UK interview with Greg Joswiak

The Windows machine that did the damage is used as part of the quality control process, "a final test station", Joswiak explained. [macworld.co.uk]

IOW the quality control (using Windows PCs) was the problem, so how could it be the solution?

Tempest in a teapot?

I realize that people who make their living by promoting the use of Windows would take exception to the snide tone of the press release. But isn't this instance of infection almost a nullity? I went to the bother of reading a few articles about the specific virus involved and although it is annoying to have it present at all it looks rather toothless in this circumstance. When you connect an iPod to a PC or Mac it shows up as a drive but customarily you only interact with it through iTunes which will not propagate the virus. Since the iPod appears as a USB drive it doesn't implement the auto-launch capability when it mounts so the user has to actually find and mindlessly launch the virus. I'm sure there are people dumb enough to do this but combined with the scarce presence it all seems like much ado about very little. Is there a greater risk than I've inferred?

No kidding.

I bought a home theater system from Amakon and it came packed with explosives. Ofcourse, Amakon is upset that my home is not fireproof, and weren't aware that I am allergic to explosives.

If I were Microsoft

I'd be shipping the Zune with software which displays pictures of big hairy windows developers arses which only appear on OSX.

Good solution really, not a virus, not spyware, and they haven't got any software for OSX which prevents DevArses from appearing on their designer 32" LCD displays.

Mac Fanboy says Apple stuffed up

I agree, Apple cocked up here. The thing that craps me off the most about iPod is I have to format it to suit the PC at work if I want to use it on both the office poo box and my mac at home. Therein lies the problem. If the iPod Doze installer included a driver for HFS+ disks, viruses would have to be a little cleverer to work with iPod. Having to format as a FAT32 disk makes me feel dirty ;-)

Overaction by the press is normal but...

It was only one model of the iPod line and only those that were produced over a very limited time period. Unlike the problems with Windows which include EVERY version of Windows ever produced. What it says to me is if a major manufacturer can't maintain a clean windows machine what hope does the consumer have? Switch now.

Re:OK, I have to ask

How can something like this happen?! I just don't get it!

Not sure exactly what you are referring to. The virus infected iPoid? That's easy, somebody got sloppy.

The inane submission (quotes from another discussion board about a quote from a blog getting posted on another submission board). That's easy too, it's Slashdot Sunday!

Re:OK, I have to ask

No, it wasn't a virus for the iPod. It's a windows virus sitting on the iPod's filesystem.

Completely different beast.

Re:OK, I have to ask

The surprising thing is that the worst of the quotes, "As you might imagine, we are upset at Windows for not being more hardy against such viruses...", is still unchanged on the apple web page. Anyway, http://www.apple.com/support/windowsvirus/ [apple.com] has removal instructions for anyone who thinks they may have been affected by one of these ipods.

Re:What's so bad about that quote?

Hardly a cheap shot really, if the OS wasn't such an open door this wouldn't be possible. I dock a poratble hard drive and get an exploit? Not a single prompt from the OS that something is going on? An application asserts itself as a start up process with zero sanity check? If Windows treated this properly it wouldn't try to manipulate files on removable media with no input from the user. If someone could craft an auto-executing file for other OSs, on OS X it would ask me for a password at least and name the process in question; Linux would do the same thing, or just fail silently. Doesn't happen on any other platform, it is a giant shortcoming of Windows as a platform. Stuff like this was supposed to be resolved in SP2.

Re:What's so bad about that quote?

Oh, and if your point was that OSX or Linux wouldn't auto-execute anything instead of "wouldn't auto-execute as root", most people would click OK on a dialog that reads "Clicking the OK button below will format your harddisk. Are you sure?"

If the user is bright enough not to click OK he's also bright enough to install an anti-virus tool.

Re:What's so bad about that quote?

Not necessarily. I've had people ask me if it is okay to type in a password for various things. Anytime I help someone with OS X, I tell them to think about what they are doing whenever it brings up a dialog box asking them to do something.

I helped one of my friends who was very scared of computer a couple years back. I setup a limited access account in OS X and told them to try to mess it up, change the background, mess with all the preferences and just click on things and see what happens. I came back a week later and all the settings were changed. She didn't necessarily like all the settings, but when I actually setup her permanent account, she was much less fearful of changing settings. At this point, I told her to think twice about typing in a password when it asks. She has done very well and I haven't had to help her out with a computer at all in three years. She went from being scared of changing anything to pretty independent and safe at the same time.

So, my point is that there are a lot of people that do actually pay attention to these dialog boxes. I'd much rather have a few dialog/password boxes that are actually relevent than none. At least there is a chance that the person will think about it. Assuming people will click through the dialog without thinking is a rather negative view of users.

Re:What's so bad about that quote?

It doesn't matter what the operating system is; if it's XP, Vista, OSX, Linux, the next Windows or even the next, it's Apple's responsibility to put checks in place to prevent such things from happening. This is just as much Apple's fault (more so in my opinion) as it is Microsoft's. What if the reverse had been true? What if the Zune shipped with OSX viruses, I bet the tune of Apple would be completely different.

No, it's a cheap shot

If I make a product that screws up something in a typical environment that it's supposed to be in, then it's my fault and no one else's, no matter how cruddy that environment is. This isn't like an unknown flaw or something that's unforseen. Windows is what it is, and if a known shortcoming isn't worked around by your product, then your product is at fault.

Re:What's so bad about that quote?

Although it's true that windows has security flaws, this is true of most platforms. For instance if Apple had released a worm that exploited SSH instead, would we be arguing who's fault it was?

I'm sorry but as a developer myself I see this as extremely irresponsible. Admiting your faults is a core fundamental of software, you acknowledge and adjust. You don't finger point or make excuses for your own blunder, that's what amateurs do.

Re:What's so bad about that quote?

"...if the OS wasn't such an open door this wouldn't be possible."

If they had better QC in place, this wouldn't have happened. *Nix (including OSX) aren't 100% secure and never will be.

Re:What's so bad about that quote?

Bullshit. Microsoft has got nothing to do with this. Nothing! What matters is that malware found its way onto the iPods during production. It doesn't matter what the malware was, what purpose it had, or for what platform it was designed.

Putting Microsoft in the spotlight is shoehorning at best, and criminally hypocritical spin at worst, IMHO.

Sounds so familiar

When I first read that quote from Apple it really gave me the creeps.

I like Apple as a company too much to want to hear this kind of spin from them. I understand that they are embarrassed by having infected products going out to customers, but that doesn't excuse using that old Republican technique of trying to point fingers in order to deflect blame.

For example, the GOP tried to pin the entire Foley/Page sex scandal on the Democrats and George Soros, but that appears to have backfired as most people dislike that sort of scummy avoidance of responsibility. If Foley isn't writing emails and IMs trying to get into the drawers of congressional pages, there's no scandal, period. Nothing the Dems or George Soros did afterward have any bearing on that fact.

I don't want to see Apple doing that same sort of ugly spinning, but I guess that's what happens when the marketing people take over. I watched "Thank You For Smoking" last night, and the whole movie was about this very issue. It's a great flick by the way.

Re:But how is it an insult?

Insults don't have to be false. Actually, in general, if they're clearly false they're rarely insults.

Re:What's so bad about that quote?

So, by your logic, somebody who is shot and killed is immediately at fault because he/she isn't immortal? Oh, and the killer gets to insult the victim, too!

Re:What's so bad about that quote?

Hey, it works in FPSs. =)

Not the full quote

The full sentence on the Apple website as of now (leaving room for the possibility that they've modified it since the uproar) is:

"As you might imagine, we are upset at Windows for not being more hardy against such viruses, and even more upset with ourselves for not catching it."

(Emphasis mine.)

...the full interpretation being that they place more blame on themselves and/or hold themselves to a higher standard.

If the "more upset with ourselves" phrase was in the original quote and people left it out to make Apple look [more] arrogant [than they actually are], shame on them.

Re:OK, I have to ask

It happened because even Apple needs Windows at some point to make their products.

Appearently they used an affected windows machine at some point in the IMAGE process, and the virus infected the image. Most likely the image is built/cloned using Windows, but I won't go into that since I'm already going to be flamed for speaking against apple.

Re:OK, I have to ask

It happened because even Apple needs Windows at some point to make their products.

It happens because Apple doesn't make their products. Subcontracters do. Apple doesn't have any factories.

It's a subtle bug, not obvious to solve

I've read that the underlying problem was more subtle, which might explain some of Apple's expressed frustration with MS. I can't confirm this but it may have been that the infected PC got the infection from a blank, formatted, drive from the drive manufacturer. Even if that is not true in this case, there is nothing stopping it from being true.
It's a pretty subtle bug that, until now of course, I know would have bitten me since I would not have looked for it. I, and the technicians who do jobs for me, often replace burned hard drives in my clusters and computers with units straight out of the box. In some cases we have pre-formatted hot-swap spares still in the shrink wrap sitting on the shelf waiting to go in.

On my macs and linux machines, I sometimes use external USB drives to share with Windows PCs. I don't usually reformat these specifically because I don't entirely trust that the macintosh disk formatting program will create a prisitine PC FAT format. In all likelihood it can, I just don't have the ability to know. And I have reason to doubt: past experience has shown that when one OS provider emulates another's native formats (e.g. Samba or UFS or HFS++ or ZFS or NFS) that the emulation is usually less than complete or has artifacts.

It would be a major hassle and expense, to have to reformat every drive in a rack of clusters one is upgrading. But apparently that is now the requirement to be sure the manufacturer did not ship you a virus on the "blank" harddrive.

The problem is perhaps more diabolical than it seems. Imagine some Apple engineer putting out some specs for the process standards the Chinese manufacturer must follow. He's paranoid they won't have good practices with keeping their windows boxes clean. He also wants to assure the peripheral performance is comaptible with the ipod loading software and to assure the integrity of the data transfers to the ipod. So he decides that the sure way to do this is to make absolutely certain the box has never been on the internet, and to spec every part, so the machine has to be built at the chinese factory from scratch. They then load in the special Apple approved Windows software CD with apples programs and data. Seems foolproof. But it's not.

One might argue that to actually eliminate you have to boot from a trusted CD and then format the drives. But wait, this does not solve the problem. Isn't the problem of creating a trusted CD or and ipod install the problem we started out trying to solve? So one has to some how have a system that one can trust to do this. And that system has to be available to the manufacturer. It's kinds slippery.

If you were about to suggest "well just use Linux" to format the drive, well then apparently you just emitted the same faux paux apple did. Blaming Windows for the problem.

Re:It's a subtle bug, not obvious to solve

If you were about to suggest "well just use Linux" to format the drive

According to some quotes in TFA, the Windows machines are used to check for compatibility, as iPods can connect to Windows as well as Macs, not for the manufacturing process itself. Perhaps the low number of infections (said to be 5%) means only a few iPods were given that check (normal QC wouldn't require every one to be checked for a consumer item).

For the same reason it's always happened...

Profit.

More specifically, it's because both Apple and Microsoft need to cut corners on their products to make a suitable return.

Microsoft ends up releasing low-quality software that has serious security glitches. Such glitches allow for malicious software to easily harm systems and propagate throughout networks.

Apple, on the other hand, cuts down the quality of their hardware manufacturing processes. And with that decrease in quality, we see incidents like this happening.

Notice that some of the highest quality and most secure software products are those developed by organizations that have little care for outrageous profit. I'm talking about OpenBSD, for instance. Instead of focusing on matters of financial accounting, they focus on putting out damn fine software. Security problems of this magnitude become a once-in-a-lifetime occurrence for a project like OpenBSD, as they end up putting many measures in place to prevent repeats.

Re:For the same reason it's always happened...

Apple, on the other hand, cuts down the quality of their hardware manufacturing processes. And with that decrease in quality, we see incidents like this happening.

This isn't a "hardware manufacturing" problem. The iPods got hooked to a Windows machine, probably during some QA process, and got infected. The hardware is fine.

Re:OK, I have to ask

I can think of two basic ways this could happen. First, it could be sabotage. Some guy might be infecting these things with a virus for some reason. It doesn't seem like an effective way to spread viruses, though. But you know, maybe there's just some guy at the iPod factory who is a dick and thinks it's funny to put viruses on them.

The other way I can imagine this could easily happen to a small number of iPods is if there's a QA process that involves hooking a random sample of iPods to Windows machines, and some worker was using one of these machines had managed to get it infected with a virus. It could even come from a machine that is supposed to scan for viruses, if the virus scanner was compromised or out-of-date.

If you RTFA (which is short), it indicates which of the two Apple believes happened.

Re:OK, I have to ask

Some lazy asshole at the Foxconn iPod factory didn't do enough to keep their computers clean. Now Apple takes the heat. Steve Jobs is going to brutally maul and messily devour some Foxconn execs. Hell, he's still picking some out of his teeth after the Foxconn sweatshop fiasco.

I always do

I always lay the final blame on the virus writers. If I were in charge, they'd be hunted mercilessly by Special Forces units paid for by a small tax on business that would cost less than dealing with all the virus BS.

But we live in a culture that incresingly tolerates bad behavior, and blaming the victim has always been popular. Look at rape trial defense arguments back in the "good old days".

Re:What about the virus writer?

Ah, but the virus is not the burglar, but the crowbar.