Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
×
Australia Data Storage Hardware

Major Australian Retailer Accused of Selling Infected Hard Drives 128

skegg writes "Dick Smith, a major Australian electronics retailer, is being accused of regularly selling used hard drives as new. Particularly disturbing is the claim that at least one drive contained malware-infested pirated movies, causing the unlucky buyer significant data loss. Apparently the Fair Trading Commissioner will be conducting an investigation."
This discussion has been archived. No new comments can be posted.

Major Australian Retailer Accused of Selling Infected Hard Drives

Comments Filter:
  • Standard Practice (Score:5, Interesting)

    by acehole ( 174372 ) on Friday December 23, 2011 @03:10AM (#38469188) Homepage

    Seems standard practice with a lot of stores. Someone takes something back because they don't want or need it for whatever reason, the shop will just shrinkwrap it up again and the next buyer is none the wiser. I'm surprised that it hasn't happened sooner.

    On another note, so how exactly can a video file (pirated movie or not) be 'malware infested'?

      • Re:Standard Practice (Score:4, Informative)

        by petes_PoV ( 912422 ) on Friday December 23, 2011 @03:21AM (#38469252)
        From the first article your link points to:

        If you accept the licence agreement, it then downloads malware to your PC.

        So all the "malware infested" media does is get the unsuspecting (or credulous, it's a fine line) user to download their own malware. It's not the video that contains the bad software and you'd expect any AV software to pick up on this old, old (the article is dated 2006) attack vector.

    • Re: (Score:3, Informative)

      by Threni ( 635302 )

      The same way jpegs can be.

      • Re:Standard Practice (Score:5, Informative)

        by KXeron ( 2391788 ) <kxeron@digCOFFEEibase.ca minus caffeine> on Friday December 23, 2011 @04:02AM (#38469410) Homepage

        The parent couldn't be more correct.

        People discount regular data files as being malicious simply because they're not labelled executables. What they don't think is that those files are opened by executables. These executables are often trusted programs which makes this an even bigger threat to a system as the malicious code can run hidden under the legitimate process and do its work. There's anything from buffer overruns to file parsing mistakes in the programs that can open them up to become a conduit for abuse.

        An example of this is Adobe Reader's countless exploits with the PDF file format.

        • by Kjella ( 173770 ) on Friday December 23, 2011 @06:59AM (#38470058) Homepage

          Which is also why SQL injection attacks exist, everything you send to the server is data. If you take that data and execute it as code, well duh you've just created an exploit. Never, ever trust anything coming from the user.

    • by Anonymous Coward

      On another note, so how exactly can a video file (pirated movie or not) be 'malware infested'?

      By containing code that exploitable video players load into memory, and somehow manages to change that info into an executable status, and then somehow executes the code. But that's only one possibility.

    • Re: (Score:2, Informative)

      by Anonymous Coward

      While not 'containing' the malware, some media files have a field that specifies where the codec for them can be downloaded, and some players respond to this by downloading and installing the 'codec'. Needless to say, the 'codec' installer contains the malware.

      • While not 'containing' the malware, some media files have a field that specifies where the codec for them can be downloaded, and some players respond to this by downloading and installing the 'codec'. Needless to say, the 'codec' installer contains the malware.

        by some you mean WMV and Windows media player, NO OTHER files do that.

        • While not 'containing' the malware, some media files have a field that specifies where the codec for them can be downloaded, and some players respond to this by downloading and installing the 'codec'. Needless to say, the 'codec' installer contains the malware.

          by some you mean WMV and Windows media player, NO OTHER files do that.

          True... if you get a dodgy MKV and open it up in VLC, it doesn't attempt to load a fake codec; it just uses exploits in VLC to gain VLC-level access to your system. You never have the option to back out before the malware is downloaded.

          That doesn't really make MKV containers safer than WMV containers.

          The big issue here is that a lot of people look at WMV/MKV/PDF/DOCX/etc. as "file formats". In fact, these are all "container formats" that interact with a specific API, and can contain multiple documents tha

    • Comment removed (Score:5, Interesting)

      by account_deleted ( 4530225 ) on Friday December 23, 2011 @04:01AM (#38469406)
      Comment removed based on user account deletion
      • Re:Standard Practice (Score:4, Informative)

        by Kjella ( 173770 ) on Friday December 23, 2011 @04:36AM (#38469524) Homepage

        Basically any file type that can have a link to a webpage embedded, I believe both .MPG and .WMV are capable of this

        No, just WMV. But "intelligent" players like Windows Media Player would "helpfully" realize that a WMV file renamed to MPG, AVI etc. was actually a WMV file and play it as such anyway. There's no reason for a movie format to contain such a link, it's for DRM'd WMV files that are supposed to take you to a page explaining how to buy access to it. Whoever came up with that scheme was stupid and I don't know any other player than WMP that ever supported it, since it was 99.99% used for malware and 0.01% for legitimate uses.

        • by mcgrew ( 92797 ) *

          Whoever came up with that scheme was stupid and I don't know any other player than WMP that ever supported it, since it was 99.99% used for malware and 0.01% for legitimate uses.

          It had legitimate uses???

          The same problem exists with WiMP and MP3s. MP3s don't support DRM, WMAs do. So you can imbed a trojan link in the WMA file, rename it MP3, and WiMP will play the song AND the malware. Like you say, no other media player does that, and I see no legit use for it EXCEPT malware.

          Maybe Norton or McAfee paid MS f

      • Re:Standard Practice (Score:4, Interesting)

        by mlts ( 1038732 ) * on Friday December 23, 2011 @11:24AM (#38472192)

        I don't know if they will get with fines (most of the time, playing the three monkey game will be enough to avoid civil/criminal charges.)

        However, this is a lesson to everyone: After buying any new storage media, completely erase it first. This is something I try to keep the habit of doing, be it a USB flash drive, a SD card for my phone, external hard disks, or an internal HDD of a new PC.

        The best utility, hands down, is HDDErase because it tells the drive controller to do the dirty work and erase everything, including the host protected area, sector relocation table, etc. I then follow it up by a DBAN, or at least a dd if=/dev/zero of=/dev/sdwhatever. If one can't do an ATA erase, then zeroing it out with a couple passes is the next best thing.

        If only on Windows, encrypting the disk with BitLocker, then running the format command will help. The format command in Vista and newer checks to see if the previous data was a BitLocker volume, and if so, scrub away the remnants of the old volume keys. You can use TrueCrypt and create a dummy volume for the same result.

        I erase data before using a drive for three reasons:

        First, to exercise the drive and all accessible sectors, so the drive relocates marginal stuff immediately. In the old days, you could periodically low level format a HDD which would shrink the drive's capacity, but extend the life of the drive by cleaning out the relocation table and making it ready for handling new defects encountered. However, new drives don't have this, so the next best thing is to test all sectors before use.

        Second, there have been cases of people facing criminal and civil charges for data on their storage media that wasn't theirs... it came with the device. Whether this is true or not can be debated, but it is best to not let it happen in the first place.

        Third, there is always the chance of malware be installed somewhere along the supply chain. By completely zeroing it out from the MBR to the last sectors, this threat is mitigated for the most part.

        This also shows another sad fact. There are a number of "computer repair" places that are pretty shady. I'm sure most readers of /. can likely do better than a lot of repair joints.

        • or at least a dd if=/dev/zero of=/dev/sdwhatever

          I'm not sure if this method can be recommended. At least for me it has always been very slow (maybe 10MB/s), I still wonder why. It seems that the disk keeps seeking all the time (not going track-by-track). DBAN does it right. I've been trying tweaking the dd parameters (such as adding bs=512), but no bonus.

      • by rtb61 ( 674572 )

        Flip side of this, which you ignore is willingness to accept returns and provide a full or partial refund. Obviously to provide a full refund, that item that was returned has to go somewhere, can't bin it and, can't sell it as second hand and loose money.

        People get really annoyed when companies won't accept returns and provide refunds, people get really annoyed when they end up buying someone elses return, hmm, I believe it's what's called a 'catch 22' http://en.wikipedia.org/wiki/Catch-22_(logic) [wikipedia.org].

        So w

    • It's not standard practice by most retailers, just a few dodgy ones and quite frowned upon by the ACCC. JB Hi-Fi have been caught [accc.gov.au]doing it with mobile phones.

    • There have been stories about this kind of thing happening before. Nothing new.
  • Nothing new (Score:5, Interesting)

    by StefanWiesendanger ( 687733 ) on Friday December 23, 2011 @03:18AM (#38469224)
    I once bought various "new" components from a shop here in Switzerland and after assembling my PC, I was surprised that it booted up with Windows without me installing anything yet... it even contained some PGP keys of the company how bought the disks before me and returned them (and yes, of course I got in contact with them and told them). Well, it had the nice effect for me that in the end I got all the components for free ;-)
    • by mwvdlee ( 775178 )

      Which company would return harddisks without properly erasing them first?
      Obviously the shop that sold the parts as new isn't particularly bright, but the company who owned the disks prior has some significant security issues.

      • Yeah absolutely - especially since it was running Windows 98 or so (don't remember exactly, long time ago)... i.e. no proper file system security *and* they had PGP keys on that system...
        • Often companies have a contract with a supplier to do maintenance... in these cases, it'd be a case where the computer went in for maintenance or replacement, the data got copied onto the new PC, but the local tech forgot to wipe the old components before putting them back up for sale. Since it wasn't their company, and "nobody's going to notice", they didn't bother with the extra effort involved.

          This usually happens when something blows on the motherboard and the fix is a complete replacement of the syste

  • Not really "Techxperts" anymore, can't even wipe a simple hard drive before reselling it >.>
    • There really hasn't been any technical knowledge in these stores for more than a decade

      • Quite true, maybe they should think of changing their slogan then or shutting down. Changing the slogan doesn't cost jobs however is Dick Smith even worth keeping?
  • Maybe not infected (Score:4, Interesting)

    by MichaelSmith ( 789609 ) on Friday December 23, 2011 @03:20AM (#38469250) Homepage Journal

    I recall from the article that the disk was definitely second hand because it had a whole lot of movies on it (free!) but the guy who reported it to the media made a big song and dance about how the files "appeared corrupt" and "could have infected his system". None of which impresses me much. He could use a secure OS. Other retailers sell stuff which has been returned by customers. DSE should have formatted the disk, and they are at fault for that reason.

    IIRC the reason he went to the media was that he is promoting an album or something and this was a golden opportunity to get his face and T shirt on TV.

    • by Anonymous Coward

      >DSE should have formatted the disk, and they are at fault for that reason.

      Not quite.

      The core problem is that DSE (and others) are passing off used returned goods as new. That's illegal.

      Customers are finding out and it's become a media storm because they're finding the previous owner's stuff on the phone or hard disk.

    • by rev0lt ( 1950662 )
      And what technical marvelous is that "secure OS" you mention?
      You know, he could have just plugged the drive and tried to boot from it. A boot virus could easily wipe out every available drive before prompting a "system not found" error. You could even hide it on a brand-new formatted drive, since the bootsector is the first sector and usually the first cylinder (currently usually sectors 0-63) is reserved. How will your "secure OS" protect you against that?
      • he could have just plugged the drive and tried to boot from it.

        He didn't. He was pissed because he tried to play a movie file and it didn't work.

        • by rev0lt ( 1950662 )
          Yes I know he didn't. I was just mentioning how silly is the idea that a "secure OS" (whatever that means) or preformatting could prevent a this kind of things from happening.
          • Preformatting the device would erase any malware which might have been on it. A secure OS would prevent the installation of any malware infected files which it might load. Obviously the secure OS doesn't help you if it is not running.

            • by rev0lt ( 1950662 )
              Actually, preformatting wouldn't necessarily erase malware from the boot sector, that would only be true if the bootsector were to be rewritten with clean data. And no OS is secure, security is not a trait, is a process. Of course some OS'es are more resilient than others, but that doesn't mean they are "secure".
  • by Anonymous Coward

    Not to defend the stores' oversight, but this particular store, had a rather generous return policy of 14 days no questions asked pretty much. Therefore, many people where purchasing TV sets, cameras, and whatever other good they sold, to use over a sport final weekend, or holiday, then return the item for a full refund. No intention of actually keeping the good they purchased.

    • It is the retailer's choice to offer a "no questions asked" return policy. It is irrelevant that many customers abuse such a policy. When the store offers such a policy, it assumes the all risks involved because of "no questions asked". It is unethical (and also illegal) for them to pawn off that risk on unsuspecting customers who are paying full retail price and expecting new products.

      What they should have done is to refurbish the goods (add new shrink-wrap, reformat memory sticks and hard drives, reset ph

  • (AU retail giant) Woolworths-owned Dick Smith Electronics has - in our experience - several times shelved and sold "repaired" returned items (usually on a "take it or leave it basis" when stocks run low after an advertised "sale" (or did they -only- have such used gear on-hand from the start of the "sale").

    Items we've seen & rejected out-of-hand:

    - ASUS netbooks (in this case, shown as non-functioning "demos" & their boxes had NO indication of any repair or refurbishment by the maker; ONLY after bein

  • by jamesh ( 87723 ) on Friday December 23, 2011 @03:40AM (#38469336)

    DSE distributing pirated media? I'm sure the recording industry will be very interested to hear about this...

    • by Occams ( 2422082 )
      Australians have forgotten that Dick Smith got his first big break in business by dumping cheap 27 MHz CB radios on the Australian market. He acquired bulk lots of them because they had been rejected by the FCC as being unsuitable for the USA market. They were equally unsuitable for Australia, and banned by the spectrum regulator, but Dick mounted a lobbying campaign and coerced the government into lowering its standards.
      • that and phones (the old land line ones) when it was illegal for anyone other than Telstra (oops sorry Telecom Australia (or was it even the Government Post Office back then?)) to to sell usable land line phones. Just like the CB radios they were advertised as being for "hobby purposes only" . Of course everybody did plug their DSE phones in and use their CB radios...

        two things to remember though
        1: this was when Dick Smith actually owned the business, the current DSE has nothing to do with him and
  • ?malware-infested pirated movies? !

    Really? Isn't that why we use VLC instead of media player?

  • by zAPPzAPP ( 1207370 ) on Friday December 23, 2011 @04:13AM (#38469446)

    I don't know how it is in Australia, but around here, you can return anything you bought online within 14 days and get your money back (as long as you can actually return it as you got it, so food/software etc usually not included).
    What do people expect happens to stuff that gets returned? Of course it goes on sale again. Otherwise selling online would be economic suicide...

    • Re:14 days return (Score:5, Informative)

      by syousef ( 465911 ) on Friday December 23, 2011 @04:34AM (#38469516) Journal

      I don't know how it is in Australia, but around here, you can return anything you bought online within 14 days and get your money back (as long as you can actually return it as you got it, so food/software etc usually not included).
      What do people expect happens to stuff that gets returned? Of course it goes on sale again. Otherwise selling online would be economic suicide...

      In Australia it is illegal to re-sell used returned goods as new. The goods can be re-sold but must clearly be marked as returned items, and usually a discount is offered for accepting the goods in this condition. (The discount might not be offered if the item is in high demand).

      What's more if goods have been returned and the item registered or activated online or similar they are not suppose to sell the item. That is the secondary reason that computer software isn't returnable at most stores (though there are exceptions like EB games).

      • by ledow ( 319597 )

        Same in the UK.

        You can resell it, you have to marked it as returned, and basically the seller has to take the loss of whatever they get returned. It works on the basis that returns are such a small percentage of items, of little value to someone wishing to scam them, and represent such a small fraction of their costs, and *STILL* can be resold for even the same price so long as they are clearly marked that it's not an issue.

        Go read any EU trading law. It's all in there.

    • by Calydor ( 739835 )

      Of course it gets sold again.

      But under no circumstances should it then be advertised as 'new', ie. fresh from the factory and never been used as that is blatantly false advertising in bad faith.

    • by deniable ( 76198 )
      They can't sell it as new. They mark it as returned stock. Places like Dick Smith even have stickers they use to mark such stock. I see it on lots of DTV antennas at the shop across the road. Maybe Dick Smith should be more like Dick Smith and properly label returned goods.
  • by Anonymous Coward

    Lets not forget that the company that owns and manages DSE is Australia's third largest employer Woolworths LTD.

  • People can't even take short-cuts properly!

    I guess the kind of person who takes shortcuts can't be bothered to do it properly - short-cutting the short-cut.

    But I suppose that those who can take short-cuts properly don't get spotted....

  • DSE = Radio Shack (Score:5, Interesting)

    by ukoda ( 537183 ) on Friday December 23, 2011 @04:27AM (#38469496) Homepage
    For those who don't live in Australia or New Zealand DSE is like Radio Shack but has suffered a worse decline in to just another appliance store. Like Radio Shack DSE used to sell electronic components to the general public and like Radio Shack they have shifted focus to selling appliances. The biggest difference is that if you spend long enough looking it is still possible to find and purchase a resistor at Radio Shack, but at DSE you can't anymore. While the staff at DSE are nice enough people they are low paid drones who often would not think of issues such as formatting returned media. While there may be a company policy on the issue it is probably just one of dozens the staff are meant to follow but, as minimum wage workers, may forget or ignore.
    • Most DSE stores do still carry a few components, including resistors. It's just that you have to look quite hard.

      Down the back.
      In the dark corner.
      Behind the door on the right.
      Marked beware of the leopard.

      Just keep looking, they are there somewhere.

      Jaycar seems to be doing quite well here in Christchurch, they just moved into a much larger store, same stuff, just more of it.

      • Jaycar / Soanar / Electus seem to be getting bigger and bigger. Farnell is also a good choice in Australia. They were recently bought out by element14 who now offer free express shipping to major cities. Minimum order is $10 though.

    • by Anonymous Coward

      Just go to Jaycar (Or buy online @ jaycar.com.au) for all of your electronics needs, going to Dick Smiths is like going to K-Mart for a "big screen" TV or a name brand appliance.

  • by Anonymous Coward on Friday December 23, 2011 @04:27AM (#38469498)

    ...this kind of thing was prevalent throughout the company. We would frequently be expected to sell used and returned stock without being given any real freedom in regards to marking it down. This led to a culture of lying to customers, especially in cases where it was not evident that the stock had been used.

    Of course, used stock would be sold as new to customers all the time.

    It even extended to returns on products that were in sealed packaging, despite having a clearly posted 14 day no questions asked refund policy we would be expected to tell customers that we wouldn't provide a refund, even if it was something that wasn't functioning as the customer expected (although within manufacturers specs).

  • by lucidlyTwisted ( 2371896 ) on Friday December 23, 2011 @06:24AM (#38469920)

    Well, a friend. Their HDD had died and they asked me what to do. "Buy a new one" says I. Turns out they had no back-ups of pictures etc, so I offered to try a recovery (no promises and I warned them everything could be lost). Anyhoo, the recovery worked with the failed HDD working as a slave to the new one. I picks up loads of deleted pictures and felt rather chuffed with my little self.

    "You seems to have made loads of friends on that Egypt trip." I say.
    "Never been to Egypt." they reply.

    It takes 5 seconds for me to twig that donkey-boy here had done the recovery on the wrong HDD and more stuff was still being found. School reports, banking spreadsheets, tonnes of stuff. Not really what one expects to find on a "new" HDD. Once I had the pictures recovered from the correct drive (and backed-up) my friend took the "new" HDD back to the shop for a bit of a word.

    Selling hooky equipment to a police officer? Not one of the storekeeper's greatest ideas. And for the previous owner, there was enough information on there for someone to do them serious ill. Luckily for them, my friend made the storekeeper physically destroy the drive (and got a full refund).

    There's no issue with selling 2nd hand kit, just advertise it as such and make sure it's properly wiped first.

    • What's scary is that people who sell their pc's or just dump them in the street are keeping data intact on their hard drives Some go to the trouble of doing a high level format thinking they're safe (big mistake) whilst others only do a standard secure erase which does nothing to ensure that personal data can't be recovered. Is it any wonder that identity fraud is now rampant because of the stupidity and sheer ignorance of people using computers and mobile devices.
      • by fnj ( 64210 )

        Depends on what you mean by secure erase.

        sudo dd if=/dev/zero of=/dev/sda

        With respect, and as long as there is no disk error during the operation (as evidenced by "<correct # bytes> copied" at the end), if you don't think that's a secure erase, you're in la-la land. Definitely secure enough for warez, and probably even secure enough if they were money-and-resources-no-object state or military secrets. Obviously I mean secure enough in terms of function, if not meeting bure

      • by mcgrew ( 92797 ) *

        I doubt that much of the ID fraud comes from old hard drives. Phishing, cracking web sites, especiall dumpster diving for paper records, are where the ID theft is happening. I'd say that 99.999% of the time, a high level format would be sufficient.

  • What I do when returning hardware is write "USED" or "DEFECTIVE" in permanent marker on the item being returned (or in the manual, if writing on the hardware is not possible). Hopefully this will tip off the next person who unknowingly buys the item if the store decides it can get away with just putting it back on the shelf.
  • And not have the techs be techs like how geek squad used to be.

    Now days way to be come a tech or keep the job at a store is to get your numbers of Extended Warranties (some times even having to lie about what it covers), high cost cables , other ad ons, rip off software and more.

    http://consumerist.com/2011/06/staples-canada-accused-of-selling-computers-with-old-user-data-on-hard-drive.html [consumerist.com]

    http://iworkatpencils.blogspot.com/ [blogspot.com]

    http://consumerist.com/2008/12/staples-give-us-80-weve-already-set-up-all-the-laptops [consumerist.com]

  • some time earlier this year I bought a games console from DSE which when unpacked showed obvious signs of usage. Trying to register it on line a few days later I found that the particular unit had already been registered and, in fact, as it as I found out later, turned out had been originally registered just over a year before old. No joy from DSE staff about this so called "new" console nor did they inform me about the 14 day no fault return else I would have just dumped it on them and got a new one or a
  • malware-infested pirated movies, causing the unlucky buyer significant data loss

    Why the hell would you want to execute a movie? The data loss is due to the device being bad, if it has been returned it was likely because of a reason.

  • As a ex RadioShack employee, years ago I was forced to sell used and returned computers for full price. On the fly I came up with "We sell used computers AT NEW PRICES!" Nothing says it was New, it was ASSUMED by you that it was.
  • This is something all major Australian retailers do, i've brought products from major retails (JB-HIFI) and the manual had thing actually written on it. Its sad. I think the the retailers think that people are still dumb, and dont know how to use their products so they just repackage them for the next person to buy and have problems with.

Some people manage by the book, even though they don't know who wrote the book or even what book.

Working...