Forgot your password?
typodupeerror
HP Network Security IT News

HP Ships Switches With Malware Infected Flash Cards 50

Posted by samzenpus
from the bad-switches dept.
wiredmikey writes "HP has warned of a security vulnerability associated with its ProCurve 5400 zl switches that contain compact flash cards that the company says may be infected with malware. The company warned that using one of the infected compact flash cards in a computer could result in the system being compromised. According to HP, the potential threat exists on HP 5400 zl series switches purchased after April 30, 2011 with certain serial numbers listed in the security advisory. This issue once again brings attention to the security of the electronics supply chain, which has been a hot topic as of late."
This discussion has been archived. No new comments can be posted.

HP Ships Switches With Malware Infected Flash Cards

Comments Filter:
  • Isit made in CHina? (Score:4, Interesting)

    by Spy Handler (822350) on Wednesday April 11, 2012 @05:21PM (#39649807) Homepage Journal
    is it?
  • by Anonymous Coward on Wednesday April 11, 2012 @05:24PM (#39649833)

    Hello? Quality Control? Are you there?

    • That's not completely fair. QC's main function is to make sure the product works as advertised - and the switch does work correctly. It just has a few extra files on an internal bit of memory - not visible to the outside world in normal product use.

      This sounds more like a failure in the manufacturing process - either (a) the malware was on the golden copy that was generated by HP (which would be an engineering failure made in the USA), or (b) the malware got added by the fabrication house (which would be
      • by Darinbob (1142669)

        As this sounds, problems only occur if you take the compact flash out of the switches and use them with a computer which could be infected by the malware (ie, a pc). The switch itself is not damaged by the malware, it's just an extra file that is ignored by the firmware.

    • by Anonymous Coward

      It could have been worse, the flash card could have been infected with their new printer OS, the switch would keep asking you for a new Ethernet cable even though you just installed a fresh one and boot up time would last 10-20 minutes as it cycled all the status lights 100 times just to make sure they are working then would require a bloated software program to work, only to find out the windows 7 computers won't work with the switch half the time because of the software. And if your lucky the switch won't

    • by gl4ss (559668)

      yep it's there. but quality control is just "do all the stuff that was on the document" so nobody can be blamed.

    • Hello? Quality Control? Are you there?

      Not yet; you have to remember the time difference when calling Shenzhen.

    • > Hello? Quality Control? Are you there?

      This is a huge failure of the Chinese quality control. If they had done everything right, this malware would have gone undetected.


      --
      All that is necessary for Apple to triumph is for Google men to do nothing.
  • You say malware... (Score:4, Interesting)

    by samazon (2601193) on Wednesday April 11, 2012 @05:25PM (#39649841)
    The lack of detail regarding the malware (I keep typing maleware for some reason?) makes me want to jump to conclusions. The most fun one has to do with a bored programming intern and pornography, the least interesting is "they screwed something up and are blaming it on someone else."
  • by samazon (2601193) on Wednesday April 11, 2012 @05:28PM (#39649871)
    "The flash card wouldn't do anything on the switch itself but "reuse of an infected compact flash card in a personal computer could result in a compromise of that system's integrity," HP warned in a bulletin issued on Tuesday." http://www.theregister.co.uk/2012/04/11/hp_ships_malware_cards_with_switches_oops/ [theregister.co.uk] I think is a LOT more concise and explanatory of the issue.
    • by quarmar (125648)

      The switches probably run Linux internally, so the malware wasn't noticed by QA. Take the card out of a switch and stick it in your Windows PC, and the issue surfaces.

    • So the HP warning supposes:
      1. Average Joe employee has physical access to the switches.
      2. AJ will be motivated to make off with a component from the switches.
      3. AJ will happily stick the purloined part into a Windows PC.
      4. The Windows PC will auto play the contents.

      That sounds about right.

      • I could see some IT guy sticking the flash card into an win2k or XP machine to duplicate it onto another card. Maybe an old laptop that they kept burried in a drawer in their datacenter because it has a serial port...
  • by it0 (567968) on Wednesday April 11, 2012 @05:29PM (#39649889)

    Malware sure is expensive these days!

    Remeber kids, the best things in live are for free

  • by rts008 (812749) on Wednesday April 11, 2012 @05:42PM (#39650031) Journal

    I have admiration and sympathy for IT shops that truly try to set up and maintain a secure, productive network. At times, it must seem that EVERYONE and everything are working against you, and your just bashing your head against a wall.

    A ready made, turn-key botnet slave in a box, direct from your hardware vendor! Oh Joy! ;-)

    • by Anonymous Coward

      A ready made, turn-key botnet slave in a box, direct from your hardware vendor! Oh Joy! ;-)

      RTFA or do not post. It was a freaking cheapo flash card from the pachinko loona electric corp .tw that is the problem. You can bet that HP got them dirt cheap. The switch itself is not the problem as the firmware just reads the MS fat file system that the flash card uses and no doubt just stores log data and the like on an external flash. I can just as easily put that same infected flash card on my Linux firmware TV or blueray player and not have problems or even stick into my laptop (which runs Linux) an

      • Honestly, I'd be more worried about the fact that my not-at-all-cheap(and in many environments, not redundant, except at key points, definitely not for individual workstations) switches are booting from a dirt cheap flash card that's had its image loaded with verification so lousy that it missed the viral payload...

        I've have a fair number of cheap and nasty flash cards die on me, and that'd be a whole lot more annoying if there were a few grand worth of switch wrapped around the card when it happened(tho
        • I would have thought part of the manufacturing process would have been dd-ing the card with a fresh layout... forget they are cheap cards - electronic parts are cheap, especially in wholesale and the fact your Alcatel/Cisco/Procurve hardware probably got their $.00001 resistors and surface mount diodes from the same place. ... nothing should have survived the write / verify of the media during their final manufacturing/QA process.
      • by rts008 (812749)

        RTFA or do not post. It was a freaking cheapo flash card from the pachinko loona electric corp .tw that is the problem.

        Well, I did RTFA.

        So, are you saying that a flash card is not part of the hardware? Is the card software or firmware, or is actually a piece of hardware?
        Did not HP supply this 'cheapo flash card' with the switch?

        So, really, just what is your objection to my comment?

        Increase your level of education and improve your reading comprehension to at least a high-school level, or do not post. ;-)

    • by cosm (1072588)

      A ready made, turn-key botnet slave in a box, direct from your hardware vendor! Oh Joy! ;-)

      If you had made last Tuesdays' 2:30 you'd have known that this is a new solution from our vendor to provide ubiquitous control and synergistic integration!

  • ...still exist!?
  • having your machines infected with the virus or having spent money on a HP layer 3 switch.
    • HP ProCurve switches are among the best the industry has to offer. Not all gigabit switches are the same. Reliability, warranty, support, and internal throughput are all important aspects when choosing a switch.

      • by cbope (130292)

        I run a 16-port Gigabit HP ProCurve switch at home, because I was tired of the crappy quality of consumer-level, "disposable" switches. It's built like a tank and has throughput numbers far higher than consumer-level gear, plus I don't need to worry about either the switch failing after 1.5 years of 24/7 operation, like consumer gear. I have had failures from every major consumer brand of switch or router over the past 12 years or so, D-Link, Netgear, Linksys, etc. I expect my HP switch to last at least 10

  • How's that working out? Hewlett and Packard would cry if they came back to see what you've done to their baby.

NOWPRINT. NOWPRINT. Clemclone, back to the shadows again. - The Firesign Theater

Working...