Worm.com

From iPods to navigation systems, some of today’s hottest gadgets are landing on store shelves with some unwanted extras from the factory — pre-installed viruses that steal passwords, open doors for hackers and make computers spew spam.

Computer users have been warned for years about virus threats from downloading Internet porn and opening suspicious e-mail attachments. Now they run the risk of picking up a digital infection just by plugging a new gizmo into their PCs.

Recent cases reviewed by The Associated Press include some of the most widely used tech devices: Apple iPods, digital picture frames sold by Target and Best Buy stores and TomTom navigation gear.

In most cases, Chinese factories — where many companies have turned to keep prices low — are the source.

So far, the virus problem appears to come from lax quality control — perhaps a careless worker plugging an infected music player into a factory computer used for testing — rather than organized sabotage by hackers or the Chinese factories.

It’s the digital equivalent of the recent series of tainted products traced to China, including toxic toothpaste, poisonous pet food and toy trains coated in lead paint.

But sloppiness is the simplest explanation, not the only one.

If a virus is introduced at an earlier stage of production, by a corrupt employee or a hacker when software is uploaded to the gadget, then the problems could be far more serious and widespread.

Knowing how many devices have been sold, or tracking the viruses with any precision, is impossible because of the secrecy kept by electronics makers and the companies they hire to build their products.

But given the nature of mass manufacturing, the numbers could be huge.

“It’s like the old cockroach thing — you flip the lights on in the kitchen and they run away,” said Marcus Sachs, a former White House cybersecurity official who now runs the security research group SANS Internet Storm Center. “You think you’ve got just one cockroach? There’s probably thousands more of those little boogers that you can’t see.”

Jerry Askew, a Los Angeles computer consultant, bought a new Uniek digital picture frame to surprise his 81-year-old mother for her birthday. But when he added family photos, it tried to unload a few surprises of its own.

When he plugged the frame into his Windows PC, his antivirus program alerted him to a threat. The $50 frame, built in China and bought at Target, was infested with four viruses, including one that steals passwords.

“You expect quality control coming out of the manufacturers,” said Askew, 42. “You don’t expect that sort of thing to be on there.”

Security experts say the malicious software is apparently being loaded at the final stage of production, when gadgets are pulled from the assembly line and plugged in to a computer to make sure everything works.

If the testing computer is infected — say, by a worker who used it to charge his own infected iPod — the digital germ can spread to anything else that gets plugged in.

The recent infections may be accidental, but security experts say they point out an avenue of attack that could be exploited by hackers.

“We’ll probably see a steady increase over time,” said Zulfikar Ramzan, a computer security researcher at Symantec Corp. “The hackers are still in a bit of a testing period — they’re trying to figure out if it’s really worth it.”

Thousands of people whose antivirus software isn’t up to date may have been infected by new products without even knowing it, experts warn. And even protective software may not be enough.

In one case, digital frames sold at Sam’s Club contained a previously unknown bug that not only steals online gaming passwords but disables antivirus software, according to security researchers at Computer Associates.

“It’s like if you pick up a gun you’ve never seen before — before you pull the trigger you’d probably check the chamber,” said Joe Telafici, vice president of operations of McAfee Avert Labs, the security software maker’s threat-research arm.

“It’s an extreme analogy, but it’s the right idea. It’s best to spend the extra 30 seconds to be sure than be wrong,” he added.

Consumers can protect themselves from most factory-loaded infections by running an antivirus program and keeping it up to date. The software checks for known viruses and suspicious behaviors that indicate an attack by malicious code — whether from a download or a gadget attached to the PC via USB cable.

One information-technology worker wrote to the SANS security group that his new digital picture frame delivered “the nastiest virus that I’ve ever encountered in my 20-plus-year IT career.” Another complained his new external hard drive had malfunctioned because it came loaded with a password-stealing virus.

Monitoring suppliers in China and elsewhere is expensive, and cuts into the savings of outsourcing. But it’s what U.S. companies must do to prevent poisoning on the assembly line, said Yossi Sheffi, a professor at the Massachusetts Institute of Technology specializing in supply chain management.

Information provided by: Findarticles.com

ORLANDO, Fla. — Vijay Singh was forced to take four days off from practicing, which was unprecedented. He found himself atop the leaderboard one week later at the Arnold Palmer Invitational, which is not surprising in the least.

Weakened by a stomach virus that caused him to lose 18 pounds in five days, Singh recovered in time to make a strong defense of his Bay Hill title by chipping in twice Friday on his way to a 5-under 65 and a two-shot lead over Carl Pettersson.

The 45-year-old Fijian looked like the model of athleticism on a day of gray clouds and occasional rain, not even remotely resembling someone afraid to stray too far from the bathroom for four days. He had a 9-under 131 total.

Tiger Woods also looked sick, but only after watching putts come up short on shoddy greens. Woods, trying to continue a winning streak that stretches all the way back to September, had to settle for nine straight pars to close out a 2-under 68. He was seven shots behind going into the weekend.

LPGA TOUR: At Huixquilucan, Mexico, Lorena Ochoa shot a 4-over 76 — her highest score in nearly a year — in the MasterCard Classic, leaving the top-ranked Mexican star nine strokes behind first-round leader Jill McGill. Coming off an 11-stroke victory two weeks ago in Singapore in her season debut, Ochoa had six bogeys and two birdies on the hilly Bosque Real Country Club course. The 76 was her highest score since a 77 in the final round of the Ginn Open last April. McGill, the 1993 U.S. Women’s Amateur champion who is winless in 13 seasons on the LPGA Tour, eagled the 541-yard ninth hole — her last hole — for a 5-under 67. She also had five birdies and two bogeys.

CHAMPIONS TOUR: At Santa Clarita, Calif., Nick Price birdied the final hole for a 6-under 66 and a one-stroke lead over defending champion Tom Purtzer after the first round of the Champions Tour’s AT&T Champions Classic. Price, winless in 17 career starts since joining the 50-and-over tour last year, topped a leaderboard for the first time 54 Champions Tour rounds. He won 18 times on the PGA Tour, including three major victories.

Dana Quigley opened with a 68, Roberts and Graham Marsh shot 69s, and Fred Funk, Jerry Pate, Jeff Sluman, Vicente Fernandez, Andy Bean, Brad Bryant, Dave Stockton and Joe Ozaki had 70s. Gil Morgan, the 1996, 1997 and 2004 winner, shot a 73.

Copyright C 2008 Deseret News Publishing Co.
Provided by ProQuest Information and Learning Company. All rights Reserved.

Information provided by: Findarticles.com