Is Your Brand New PC Already Infected?

Discussion in 'other security issues & news' started by LockBox, Jul 8, 2011.

Thread Status:
Not open for further replies.
  1. LockBox

    LockBox Registered Member

    Joined:
    Nov 20, 2004
    Posts:
    2,275
    Location:
    Here, There and Everywhere
    I haven't posted too much in quite some time, but this could be one the most important computer security stories that could possibly be discussed at this site.

    Is your brand new bought in USA - but imported in - PC already infected? How wide is this problem? The few anecdotal stories of late seem to be given credence with this amazing exchange in the U.S. House of Representatives.

    The full story and video (at around the 51:47 mark) is quite unsettling. Watch the hemming and hawwing before the Homeland Security official admits he is aware of this happening.

    From the front page of MSNBC:

    http://technolog.msnbc.msn.com/_new...s-pre-infected-computer-tech-entering-country
     
  2. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    I always do a clean install with a new computer anyways.
     
  3. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    I always buy my own parts, which comes without the bloatware.
     
  4. LockBox

    LockBox Registered Member

    Joined:
    Nov 20, 2004
    Posts:
    2,275
    Location:
    Here, There and Everywhere
    You know, it's one thing building your own computer. BUT, the vast, vast, VAST majority do not. We all want and NEED a safe Internet, it's not just about me, me, me. This is possibly very far-reaching. And will a clean install do anything if there's an embed somewhere else? This "stealth hardware" business is worrisome.

    This is serious stuff. We can talk about a lot of these tools we use every day until we're blue in the face. Here we are looking at an admission that Homeland Security knows that there is a problem with "sophisticated" malware embedded into computers imported into the United States from China.

    If this can't get the security community aroused, I don't know what could!
     
    Last edited: Jul 8, 2011
  5. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    It seems that the things it's talking about are preloaded malware such as keyloggers. Reformatting would remove that stuff.

    It's a big issue but no bigger than when USBs and DVDs used to be sold with malware already on them ready to run.
     
  6. LockBox

    LockBox Registered Member

    Joined:
    Nov 20, 2004
    Posts:
    2,275
    Location:
    Here, There and Everywhere
    Huh? "No biggero_O??"

    And no, it's not just about keylogging software malware (but that would be big enough.) Congressman Chaffetz's office has much more information about the extent of the threat. But getting a Homeland Security official, under oath, to admit this is nothing less than HUGE.
     
  7. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Infected floppy disks, dvd's, and USB's are fairly mainstream malware distribution methods. Infected floppy disks used to be the best way to spread malware.

    I'm just unsurprised. We dealt with those threats and we'll deal with these the same way.
     
  8. LockBox

    LockBox Registered Member

    Joined:
    Nov 20, 2004
    Posts:
    2,275
    Location:
    Here, There and Everywhere
    I am blown away that you don't see the difference between malware distributed via floppy disks/DVDs and sophisticated security breaches built into the very computers being sold online at Amazon.com or Best Buy, etc. I have to wonder.

    In my 30 years of dealing with computers (I'm 51 years old), this is the scariest threat that I have ever had to seriously consider as a possibility. And here we have a Homeland Security official on record (hesitantly) admitting that this is happening.

    Wake-up!
     
  9. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    The Homeland Security Official bit isn't that interesting.

    So, all we'd have to do to mitigate this is reinstall the OS when it comes into the country/ we get it. This doesn't sound like really nasty malware, it's not like they're embedding some hardware chip that constantly reloads the malware into the machine... perhaps I'm misinterpreting.
     
  10. LockBox

    LockBox Registered Member

    Joined:
    Nov 20, 2004
    Posts:
    2,275
    Location:
    Here, There and Everywhere
    I never imagined I would have to argue with somebody here at Wilders about whether or not this is a serious threat. I see you've been a member here for 2 months and have over 600+ posts. I've been here going on 8 years and have only 3 times that number (almost). Maybe it would help if you would kick back and listen a little without having all the answers.

    The bit about U.S. Homeland Security/Cybersecurity Division admitting he knows of this happening, you say "Isn't that interesting" to you. Please.
     
  11. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    If your argument is seniority and post count I think I've had enough of this topic. Take your own advice.
     
  12. LockBox

    LockBox Registered Member

    Joined:
    Nov 20, 2004
    Posts:
    2,275
    Location:
    Here, There and Everywhere
    You missed my point. At the rate you're going, after 7 years you'd have over 25,000 posts. I'm saying, I don't respond to every other post telling people they are wrong, I am right, etc. I've been here almost 7 years and have only 1,600 posts and that's still fairly active for anybody who works for a living. It's hard to listen to somebody tell me this isn't a problem. It looks like you appear to have all the answers without taking the time to listen to people who've been around. That's all.
     
  13. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Me either... I've asked plenty of questions here and I respect the opinions of quite a few users (though certainly not all.)

    If I think someone is wrong I won't beat around the bush, I'll tell them outright. That doesn't mean I'm not willing to hear the other side, but I don't work on the assumption that I'm incorrect -- that would lead to shortlived discussions where my original opinions aren't expressed properly and therefor aren't reconciled.
     
  14. act8192

    act8192 Registered Member

    Joined:
    Nov 9, 2006
    Posts:
    1,274
    The problem is money. Most people buy a computer with Windows, bloatware and trash installed. Most people do not get a clean disk with clean Windows. Instead, the manufacturers give out rescue disks, or recovery disks which include all that stuff one doesn't want. Buying a new, clean, unpolluted Windows that M$ issues is very expensive and for most, impractical.
     
  15. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    You can download a free copy of any Windows 7 disk and use your legit key on it.
     
  16. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    I'd bet this problem goes far deeper than the PCs themselves, like the routers and modems that come from there as well. What a weapon it will be, when every recently imported PC in the country starts with denial of service attacks.

    The sad part of the whole thing is that we have the manufacturing facilities in this country to produce PCs right here, right now. I worked at such a plant a few years back. It's closed and the business went to china. We have the resources to solve this problem right now and help the economy in the process, but someones bottom line is more important.

    The more things like this I read, the more I'm glad I've stayed on the older hardware and operating systems. I've never trusted Win-7 and now the hardware is suspect too. It seems to me that if this was untrue, they would have said so. Since they aren't denying it, and don't seem concerned enough to do anything to change the situation, it begs the question of just who would be in control of this compromised hardware. With planned obsolescense pushing people to buy these PCs, it seems that we're nothing but pawns in someone elses power game. The only question is who is really behind it?
     
  17. hpmnick

    hpmnick Registered Member

    Joined:
    Mar 24, 2011
    Posts:
    186
    another great advantage to shipping all of our technology production overseas...
    Not only have they taken American jobs, but we give them a surefire way to spy on us. Very nice...

    Also, its entirely possible for backdoors to be installed in the BIOS and firmware, allowing for covert network communications using onboard NICs and stealth disk access... Think of it like a bootkit being burned onto your computer..

    I read an article about exactly his last year..
     
  18. guest

    guest Guest

    Sounds like to me America deserves it,
    products should be built here instead,
    providing jobs in America, but I guess
    that is an outdated idea
     
  19. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    4,953
    Location:
    USA
    It's best to learn to build your own. It's easy to do. If your not sure how to do something then just search youtube for instructionals.
     
  20. Sully

    Sully Registered Member

    Joined:
    Dec 23, 2005
    Posts:
    3,719
    I would say the same, except I know the majority won't. Pity, the big companies might pay more attention to what consumers really want -- if the consumers actually knew what they wanted :D

    Sul.
     
  21. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    Absolutley correct, and how sad it is.
     
  22. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    Hmm... let em ask you one Q.

    Has any of the users here found a brand new PC( yours of your friends etc) with an installed pre-malware on it?
     
  23. jdd58

    jdd58 Registered Member

    Joined:
    Jan 30, 2008
    Posts:
    527
    Location:
    USA
    -http://old.news.yahoo.com/s/ap/20110504/ap_on_re_us/us_rental_computer_spyware-
     
  24. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    If this "malware" was sponsored or built by an adversarial nation and was part of the BIOS, firmware, etc, how would you find it? I'm not sure it's possible without some very specialized equipment and a level of skill that's beyond most coders abilities.
     
  25. jwcca

    jwcca Registered Member

    Joined:
    Dec 6, 2003
    Posts:
    722
    Location:
    Toronto
    and, if true, that would mean that the homebuilders, buying components and loading a fresh copy of Windows, won't be any more secure, not if it's a chip on the MB or in a router... most, if not all, hdwe comes from China.
     
Loading...
Thread Status:
Not open for further replies.