funsec mailing list archives
RE: 13-year old boot sector virus shipped on German laptops
From: <Toralv_Dirro () McAfee com>
Date: Mon, 17 Sep 2007 23:05:36 +0100
Well, it's embarrassing enough to find such an old virus... but this is getting really speculative. Unless there is someone on this list who knows about Medions internal process to create the images (ok, creating images and using them is speculative, they may actually install Vista on each Laptop seperately, how unlikely that may be) and would like to share details with us ... :) cheers, Toralv
-----Original Message----- From: Juha-Matti Laurio [mailto:juha-matti.laurio () netti fi] Sent: Montag, 17. September 2007 23:48 To: Dirro, Toralv; Valdis.Kletnieks () vt edu Cc: funsec () linuxbox org Subject: RE: [funsec] 13-year old boot sector virus shipped on German laptops I believe that there is no an easy way and to answer to your question is difficult. The interesting thing still is how the virus found its way to the production line. And why the virus was so old (and harmless). - Juha-Matti Toralv_Dirro () McAfee com wrote:Spreading *from* a floppy is easy - try to boot from one,even failingto load an OS from the floppy will get the virus executedand allow itto write to hard disk. No matter what OS is on it. The real question that remains: Is there any step in theproduction ofthe image that does involve booting from a floppy disk at any time? Friends I consulted about that said no. All of them. Sabotage? I wouldn't rule it out.... cheers, Toralv-----Original Message----- From: Valdis.Kletnieks () vt edu [mailto:Valdis.Kletnieks () vt edu] Sent: Montag, 17. September 2007 23:21 To: Dirro, Toralv Cc: juha-matti.laurio () netti fi; funsec () linuxbox org Subject: Re: [funsec] 13-year old boot sector virus shipped on German laptops On Mon, 17 Sep 2007 21:49:37 BST, Toralv_Dirro () McAfee com said:Boot sector viruses don't spread easily (read: 'at all')under currentoperating Systems. Doesn't matter if there is a floppy or notThen how did it propagate *onto* the gold system that gotimaged tocreate the distributed image on the laptops? :)
Firmensitz: Muenchen Amtsgericht: AG Muenchen Handelsregister: HRB 144340 Geschaeftsfuehrer: Eric F. Brown, Anthony E. Ruiseal Bankverbindung: ABN-Amro Bank N.V. Konto 671 211 9006 UST-ID: DE168122444 _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- 13-year old boot sector virus shipped on German laptops Juha-Matti Laurio (Sep 15)
- RE: 13-year old boot sector virus shipped on German laptops Richard M. Smith (Sep 15)
- RE: 13-year old boot sector virus shipped on German laptops Toralv_Dirro (Sep 17)
- Re: 13-year old boot sector virus shipped on German laptops Valdis . Kletnieks (Sep 17)
- RE: 13-year old boot sector virus shipped on German laptops Toralv_Dirro (Sep 17)
- Re: 13-year old boot sector virus shipped on German laptops Valdis . Kletnieks (Sep 17)
- <Possible follow-ups>
- RE: 13-year old boot sector virus shipped on German laptops Gregory Hicks (Sep 15)
- RE: 13-year old boot sector virus shipped on German laptops Juha-Matti Laurio (Sep 17)
- RE: 13-year old boot sector virus shipped on German laptops Toralv_Dirro (Sep 17)