Security and quality assurance experts reacted negatively to Apple Computer's efforts Tuesday to blame manufacturing problems that resulted in iPod MP3 players shipping with a virus that affects Microsoft's Windows operating system.
Security professionals, including Microsoft's own product release virus scanning chief, called Apple's efforts to deflect blame onto Microsoft misleading and said the batch of factory-infected iPods reveals a troubling lack of thoroughness in the company's manufacturing process.
On Monday, Apple released a statement on its Web site noting that a "small number of video iPods shipped with a Windows virus," which the company identified as RavMonE.exe. The number of affected iPods is small -- less than 1 percent of all Video iPods available for purchase after Sept. 12, 2006, the company said in its statement, adding "as you might imagine, we are upset at Windows for not being more hardy against such viruses, and even more upset with ourselves for not catching it."
That statement drew criticism from security experts, including Jonathan Poon, the man in charge of scanning Microsoft products for viruses before they ship.
"It's not a matter of which platform the virus originated [on]. The fact that it's found on the portable player means that there's an issue with how the quality checks, specifically the content check, was done," Poon wrote in a blog entry.
James "Randy" Abrams, who held Poon's job for more than a decade at Microsoft and is not director of technical education at ESET, agreed.
"The Apple iPod incident was not about Microsoft having a hardy operating system, it was all about security and process," Abrams told InfoWorld in an e-mail message.
Viruses on Microsoft's network weren't unusual when Abrams was testing that company's products before shipping them, he said.
"I released software in an environment surrounded by Windows machines. Many machines on the corporate network were infected. We never introduced a virus into the software in the release or manufacturing processes because we had a professional understanding of what it took to release what we were supposed to," he said.
"That Apple would blame Microsoft demonstrates a lack of understanding of remedial security and manufacturing processes. Virus was only a symptom of the problem. Apple didn't know what they were shipping," Abrams said.
Greg Joswiak, vice president of iPod product marketing at Apple declined to comment in detail about the iPod infections, but did acknowledge that around 25 systems were infected by a Windows system that was used during manufacturing to test compatibility with the devices. The RavMonE virus did not spread to the system through a network connection, but was installed by a peripheral device, he said.
Joswiak declined to speculate on whether the worm was intentionally introduced, or whether it was spread from an iPod to the machine.
He did, however, defend the company's manufacturing and quality control procedures.
"It was an exception to our process," he said. "We believe we have a good process and we're going forward."
Read up on the latest ideas and technologies from companies that sell hardware, software and services. Multiple suppliers - a common culture
Master Data Management and Accurate Data Matching
Master Data Management as “Plan B”: Why Your Data Warehouse, CRM, ETL and EII Solutions Are Better with MDM
Providing Business Continuity and Disaster Recovery for Microsoft Cluster Server and Windows Server 08 Failover Clustering Apps
IDC Report: Managed Communications - Delivering on a Holistic ICT Vision
Reducing the risk of insider abuse
Business Processes and Customers - Difficult Domains to Integrate
The business justification for data security
Zones provide focussed content from Computerworld and leading technology partners.
Comments
Post new comment