Forgot your password?
typodupeerror
IBM Security It's funny.  Laugh. IT

IBM Distributes USB Malware At Security Conference 73

Posted by kdawson
from the just-testing-ya dept.
bennyboy64 and other readers let us know that IBM sent out an email to all attendees to the Australian Computer Emergency Response Team (AusCERT) 2010 conference, warning them that some of the USB drives handed out to delegates contained malware. Fortunately it was old malware, which all anti-virus products have detected since 2008. Two years ago telecommunications company Telstra distributed malware-infected USB drives at the same conference.
This discussion has been archived. No new comments can be posted.

IBM Distributes USB Malware At Security Conference

Comments Filter:
  • wtf? (Score:4, Insightful)

    by Pojut (1027544) on Friday May 21, 2010 @08:37AM (#32291690) Homepage

    Seriously. Come on IBM. You're one of the biggest names in the industry, you hold thousands of patents...and you can't ensure you give devices that have already been secured to conference goers? ::obligatory::

    We can go to the moon...

  • Re:wtf? (Score:3, Insightful)

    by jamesh (87723) on Friday May 21, 2010 @08:57AM (#32291858)

    Seriously. Come on IBM. You're one of the biggest names in the industry, you hold thousands of patents...and you can't ensure you give devices that have already been secured to conference goers?

    My first assumption (without RTFA) is that they would have outsourced it.

  • All Anti-virus ? (Score:4, Insightful)

    by JavaBear (9872) * on Friday May 21, 2010 @08:58AM (#32291878)

    If all Anti-virus products have detected this one since 2008 it obviously begs the question, why didn't IBM's?

  • Re:wtf? (Score:0, Insightful)

    by alfredos (1694270) on Friday May 21, 2010 @09:17AM (#32292082)

    While I won't justify IBM's goof, it's fair to say that slips like this happen. What can you do about it? Set up a procedure so that everything going out the door has to pass certain checks? I dare say that the solution would be much worse than the problem.

    Besides, it makes for a nice Slashdot discussion with jokes and all.

  • by istartedi (132515) on Friday May 21, 2010 @10:33AM (#32293160) Journal

    So many USB sticks come with pre-loaded crapware/malware. In the office we would stick them in Linux machines and format them from there. If you stuck it in a Windows machine without formatting it, you spent the rest of the day auditing your machine and puzzling over what might be left on it.

    The OPPORTUNITY is for a company to brand itself based on NOT HAVING CRAP on their sticks. I'm thinking Pure USB would be a nice name for such a product. I know I'd chose that over anything else if they were comparably priced. Don't get greedy and charge a premium for that. Just outsell the competition. I can't believe the kickbacks from crapware authors are that valuable.

  • by EvilIdler (21087) on Friday May 21, 2010 @10:35AM (#32293190)

    The parent post is modded funny, but I'm sure Joe's breaking an NDA! :P

  • Re:wtf? (Score:1, Insightful)

    by Anonymous Coward on Friday May 21, 2010 @11:23AM (#32293852)

    How would you scan a USB drive without first sticking it into a computer?

A method of solution is perfect if we can forsee from the start, and even prove, that following that method we shall attain our aim. -- Leibnitz

Working...