New Computer Already Infected?

[FredOnline]

http://www.independent.co.uk/life-st...x-8139437.html

[drew]

Wow thanks for sharing this. Very important to know.

Quote:

Hackers have uploaded viruses which can help them
steal people's personal data on to millions of PCs
and laptops before they are even taken out of the box,
Microsoft has admitted.

The company said it found malware which allows
would-be criminals to remotely switch on and
control cameras and microphones, among other devices,
on machines which were still factory sealed.

The software is loaded with counterfeit copies
of Microsoft Windows, the company said.

Why do we even allow criminals to do these nasty things

I hope as many as possible read that link that FredOnline gave us
and then share the link and warn their friends and work mates.

[Tsunami]

Why do we allow them? Because they are not allowed to do these things, but it is extremely hard to stop it.

First of all, a specialised person knows how to keep his identity private. Thus the maximum you can do is file a complaint against an unknown person. Also, some governments hire these folks to work for them to try to access data of unallied nations' databases.

I have worked as technical support person for an anti virus company. It was clear enough that many such companies create hoaxes themselves to try to push people buying their products.

The web is a parallel to the real world. Criminality exists all over the world. Why do we allow it? Because we realise we cannot stop it. I fear the same goes for the online world. The only way to really control a system is by using an intranet rather than an internet, and allow access only to carefully selected people.

[chrisretusn]

This not my reason for doing this, but it would serve me well in this scenario. I will not buy a box with pre-installed Windows unless I get the installation disk with it. This is so I can wipe it and just install Windows from the installation disk. Normally it gets wiped anyway and Linux is installed.

[n5bb]

The main point here is that if the deal seems too good to be true, you are dealing with counterfeit products. I don't understand the word "admitted" in that article. Microsoft "discovered" criminal activity by others in a sample of 20 PC's purchased in computer sales malls in China. All were supplied with counterfeit Windows software, one had active viruses, and three others had inactive viruses installed.

It is unlikely that you would encounter such a situation in a western country through a reputable retailer. The damage to the reputation of the retailer would be extreme if such a problem was revealed.

The major problem in western countries right now seems to be Android applications which contain viruses. My employer won't allow Android devices inside our corporate domain due to this well-know issue. Unfortunately, open systems can have more security issues than closed ones due to the difficulty in trusting the source and supply chain.

In some locations medicine distribution has the same difficulties, with drugs which don't work or have dangerous impurities common when an insecure distribution chain is used.

Bill

[Tsunami]

Not wanting to turn this into a "made in China" versus a "made in (western country)" debate but a colleague once told me that in the EU some USB sticks are sold with software on it that some anti virus machine wrongly mistake to be a worm.

Also, a PC shop here in "western" EU once repaired a PC of my family with illegal Windows copies because it would be too hard and expensive to put legal ones on it. The thing is: my family never knew about this until a year later the PC made an alarm that the software could not be updated due to not being legal. Only then the PC repair store admitted to have used illegal and unlicensed copies on the PC.

Just saying we should not generalise that false products or infected products are typical to one country or area.

[David]

Quote:

Originally Posted by Tsunami

Just saying we should not generalise that false products or infected products are typical to one country or area.

Why not, when such instances are very often the case!

I even had a Dog that was infected with disease, due to eating contaminated pet food.

[Tsunami]

Quote:

Originally Posted by David

Why not, when such instances are very often the case!

I even had a Dog that was infected with disease, due to eating contaminated pet food.

Because some stuff made in China is actually very good. Of course it should be said when a problem arises, but we should avoid generalising. That of course, without censoring or ignoring a problem, just saying we should not tag an entire nation's products as bad or unreliable.

Nigeria is known for internet scams, but there's genuine Nigerian businesses and people sending mails daily too. They don't deserve to be tagged equally as the ones who send around spam.

I have been robbed when I was in Poland on holiday. However, I have had the pleasure of working with several extremely friendly and helpful Polish people. I'd never say Polish people are thieves just because 1 guy robbed me. To generalise would hurt and wrongfully tag the countless of honest and friendly Polish people.

Obviously though, those hackers in the opening post are a totally different case and don't deserve to be tagged equally as the honest folks working for these companies.

A lot of "Chinese" IT products are by the way created in North Korea. As odd as this may sound, North Korea has excellent IT staff and has a lot of people studying IT. They are obviously cheaper workforces so many things they create are then shipped to China and sold as if they were "made in China". So if you buy an infected PC from China, it may not be a Chinese cyber criminal who did the damage.

[David]

Quote:

Originally Posted by Tsunami

Because some stuff made in China is actually very good. Of course it should be said when a problem arises, but we should avoid generalising. That of course, without censoring or ignoring a problem, just saying we should not tag an entire nation's products as bad or unreliable.

Nigeria is known for internet scams, but there's genuine Nigerian businesses and people sending mails daily too. They don't deserve to be tagged equally as the ones who send around spam.

I have been robbed when I was in Poland on holiday. However, I have had the pleasure of working with several extremely friendly and helpful Polish people. I'd never say Polish people are thieves just because 1 guy robbed me. To generalise would hurt and wrongfully tag the countless of honest and friendly Polish people.

Obviously though, those hackers in the opening post are a totally different case and don't deserve to be tagged equally as the honest folks working for these companies.

A lot of "Chinese" IT products are by the way created in North Korea. As odd as this may sound, North Korea has excellent IT staff and has a lot of people studying IT. They are obviously cheaper workforces so many things they create are then shipped to China and sold as if they were "made in China". So if you buy an infected PC from China, it may not be a Chinese cyber criminal who did the damage.

An amazing percentage of products that are shipped into North America and Europe (from China compared to other countries) are found to be defective. Please do your own research on this (if you don't believe me) as I do not wish to post links.

This is nothing at all to do with the people (from China or anywhere else) neither It is to do with if you were robbed (regardless of where that may have happened) - please do not try to turn this thread into something that it is not!

By refusing to recognize problems with manufacturing and standards we do in fact endorse them! Turning our backs on them is no solution (period)

[dantheman]

I agree with Tsunami (not to generalize) and Martin Brinkmann has some good words for us too:

"This may look like overkill to some and I agree that the likelihood of buying a factory infected PC in many parts of the world is slim. Still, I prefer to be safe than sorry, and since it should not really take that long to scan the PC, considering that it contains only the operating system and maybe some crapware the manufacturer installed on it, it is not that much of a nuisance after all."
http://www.ghacks.net/2012/09/16/tim...ore-first-use/

p.s. i don't think Tsunami wants us to ignore the existence of real issues.

[Tsunami]

Obviously not. We should recognise the problems that exist. All I say is: let's not just start mistrusting every product coming from China because that would be the flip side of the "ignore the problem" coin. Careful shopping is recommended anyway no matter where. I mean, don't some websites trace the internet behaviour of their users, or data mine about their users? I don't know whether I would prefer to have to remove a virus from my PC or knowing my internet usage is being logged.

Also, I have worked for an anti virus manufacturer (won't give names for obvious reasons) and they admitted to the staff that when removing the program, tiny bits of software remain on the hard drive, making the new antivirus program from another manufacturer function poorly or at least hinder it during its functioning. And this was a company in the "western world".

I try to see it as "you either avoid risks and don't connect your PC to the web" or "you acknowledge the problems that exist and be careful in doing your best to not be confrontated with them". To tag one country as the source of problems would be a bit pointless IMO because unethical internet practices are a global phenomenon (by which I however do not ignore the fact that some countries have a worse track record than others)

The comparison of me being robbed in Poland was just a comparison. I could easily say Polish people are thieves, but based on 1 experience that would be a bit silly, no? If I buy a PC from China and it is infected, I will be careful with my next PC purchase for sure, but not careful as in "I will never buy anything Chinese again". Very big difference between acknowledging problems or generalising them.

In the end, unethical internet practises are a global phenomenon (with some countries worse than others) that has to be tackled globally. The problem is: is it possible to tackle it? Per problem removed you already face some newly developed malware spreading around. In my mothertongue we would call this "pouring water into the sea", as in: trying to solve a problem that is too large to be overcome. Being careful is the best thing you can do, no matter what product or what location.

[dantheman]

Tsunami,

What you said in paragraph two i've experienced in the past but had yet to come upon an explicit affirmation such as yours.

[chrisretusn]

Just to add to the discussion. It's not just China. Were I live it's quite common to end up with a bootleg software install (and an infection) after getting your computer serviced. The typical "service" is to wipe and reinstall, instead of attempting to fix.

If you buy a new computer on the other hand, you generally get a legal install. It's when you have it serviced where the problem lies. My daughter took her Toshiba laptop in for repairs up in Baguio, when she got it back, original install was gone. In it's place were bootleg copies of Windows XP, Office, Photoshop and others. None of those extras were asked for, nor with the exception of Office, were they initially installed. On top of that it was badly infected with malware. She brought it to me. It was bad, I had to wipe and reinstall. I decided to use Linux, no we have no issues.