iPod virus is no big deal


Leading security vendor Kaspersky Lab has uncovered the first ever proof of concept virus designed with the sole intention of infecting the iPod media player. Like all proof of concept viruses though, Podloso poses no real world threat to users. For a start it requires a Linux installation, not on your PC but on the iPod itself which rather limits the number of devices likely to be capable of infection. Even if this requirement is fulfilled, the virus still requires user involvement to be launched from the program demo folder. Finally, if the user does execute the Podloso file it will then scan the iPod hard drive and infect all ELF (executable and linking) files which it finds.

And the payload? Well, an infected executable will fail to run and instead launch a message display box which says “You are infected with Oslo the first iPodLinux Virus.”

So if it is relatively difficult to become infected in the first place, requires more than a little user interaction, and has a relatively harmless payload is Podloso a cause for concern? Now that is not such a straightforward question to answer. Although there is an argument to say that this is just the beginning of the iPod virus invasion, and the lack of a malicious payload this time does not mean the next one will be harmless, I am inclined to think otherwise. After all, there is no mechanism for the virus to spread because it has to be saved into iPod memory in order to infect the device, it cannot jump from one player to another and cannot be distributed piggy-backed to an audio download for example. All it does is provide those who would knock Apple, and writers about security such as myself, with something to talk about.

The biggest security threat posed by the iPod and its users, however, remains that of bringing a pocketable hard drive into an otherwise secure location and using it to remove copies of confidential data from the PCs there. Indeed, some might well also argue that the infection of some video iPods sold after September 12th last year with a virus targeting Windows computers was a bigger problem than this, because that at least was a real virus causing real problems to the connected PC.

About the Author

A freelance technology journalist for 30 years, I have been a Contributing Editor at PC Pro (one of the best selling computer magazines in the UK) for most of them. As well as currently contributing to Forbes.com, The Times and Sunday Times via Raconteur Special Reports, SC Magazine UK, Digital Health, IT Pro and Infosecurity Magazine, I am also something of a prolific author. My last book, Being Virtual: Who You Really are Online, which was published in 2008 as part of the Science Museum TechKnow Series by John Wiley & Sons. I am also the only three times winner (2006, 2008, 2010) of the BT Information Security Journalist of the Year title, and was humbled to be presented with the ‘Enigma Award’ for a ‘lifetime contribution to information security journalism’ in 2011 despite my life being far from over...

TheNNS 112 Nearly a Posting Virtuoso

if you're making a virus, might as well make it for a all ipod users.

John A 1,896 Vampirical Lurker Team Colleague

I'm not at all impressed by the designers. Although I don't know the details of iPodLinux, the fact is that it's just a special version of Linux for iPods. And since we already know of viruses that exist for Linux, it's no surprise that they were able to write a virus that functions on iPodLinux.

Like TheNNS already said, a better feat would have been for the designers to actually design a virus for the iPod OS. Now that would make headlines everywhere.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of 1.19 million developers, IT pros, digital marketers, and technology enthusiasts learning and sharing knowledge.