HP trojan foiled by Linux - updated 2x

HP trojan foiled by Linux - updated 2x

Summary: HP-hired investigators searching for the source of boardroom leaks allegedly tried to plant a trojan horse program on a CNET reporter's laptop, but the attempt failed. Updated: At first I thought it failed because the reporter was running Linux instead of Windows but it turns out we don't know yet what she was running.

SHARE:
TOPICS: Software
20

HP-hired investigators searching for the source of boardroom leaks allegedly tried to plant a trojan horse program on a CNET reporter's laptop, but apparently the attempt failed because the reporter was running Linux instead of Windows, according to Groklaw's Pamela Jones [see update below]. Details are sketchy but the New York Times reported:

The detectives also tried to plant software in the computer of a CNET reporter that would communicate back to the detectives, people briefed on the company review said... Representing themselves as an anonymous tipster, the detectives e-mailed a document to a CNET reporter, according to those briefed on the review. The e-mail was embedded with software that was supposed to trace who the document was forwarded to. The software did not work, however, and the reporter never wrote any story based on the bogus document.

CNET is the parent company of ZDNet.

Update 9/19: Pamela's article was a little ambiguously worded, and it has definitely been updated since I first read it. Here's what it says now with additions in italics:

I hope it didn't work because the reporter used Linux, and so it was ineffective. But maybe it just malfunctioned. Or maybe their hope that she'd mail it to the leaker was foiled because she never sent it. In any case, it didn't work. Also no story was written using the bogus tip. That is because reporters are not stupid. It's a job requirement.

So I'm not sure any more whether or not the reporter in this case was really running Linux. I'll try to find out more and update the entry again. It's true though that most malware is written to target Windows, and running Linux (or MacOSX) is one way to reduce (but not eliminate) your exposure. Sorry for any confusion. -Ed

Update 9/19 pm: Pamela sent me a nice note and apologized for the confusion. It turns out she has no info about the operating system. She was just trying to inject a humorous knock against Windows and I mis-interpreted it. PJ has revised her article 4 times now, and I've revised mine 2 times, yet neither of us knows what OS the reporter (Dawn) was running. I sent Dawn a note but haven't gotten a response yet. Odds are it will turn out to be Windows.

Topic: Software

Ed Burnette

About Ed Burnette

Ed Burnette is a software industry veteran with more than 25 years of experience as a programmer, author, and speaker. He has written numerous technical articles and books, most recently "Hello, Android: Introducing Google's Mobile Development Platform" from the Pragmatic Programmers.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

20 comments
Log in or register to join the discussion
  • Hmmm... Isn't that a FEDERAL OFFENSE?

    It seems to me that PHISHING is a Federal Offense in the US. Isn't someone going to JAIL for that??

    In fact, the P.I. firm should lose its license for that...
    scomanjim
    • if the MPAA can get away with hacking to stop infringement, surely little

      ol' HP (and it's agents) can do the same.

      it's only fair.

      so what if the poor innocent reporter get's its privacy violated.

      in a digital world, how can we be sure about anything being private?

      and is privacy really a God-given right?

      :)

      .
      wessonjoe
  • I smell a lawsuit in the making!

    I don't care WHO they are or the intentions behind it..... They need
    to be made an example of.
    crash89
    • Isn't that a bit extreme?

      I mean, running Linux may get Steve upset but [i]suing[/i] over it?
      Yagotta B. Kidding
      • Now THAT'S Funny!

        NT
        crash89
      • I salute you!!!

        nt
        Hrothgar - PCLinuxOS User
    • Screw the lawsuit, fire up the electric chair! ]:)

      If we're going to make examples, we an example that says we're [i]deadly[/i] serious; Not just about the identity fraud, but the spyware and domestic spying issues as well.
      Mr. Roboto
  • come on now.

    it doesn't say foiled by Linux; its says "hope it was foiled by linux". crikey, thats a bit of a streach, wouldn't ya think??

    surely you have more information than the flimsy groklaw article to substantiate your headline?
    huh99
    • Irresponsible is a better word.

      The Groklaw article never claimed to be more than an editorial riff on a New York Times article. PJ's full statement was:

      > I hope it didn't work because the reporter used
      > Linux, and so it was ineffective. But maybe it
      > just malfunctioned. Or maybe their hope that
      > she'd mail it to the leaker was foiled because
      > she never sent it. In any case, it didn't work.

      I had problems with that story because I've learned to distrust the Times to the extent that using it as a sole source for something like this before corroborating sources appear seems risky. I didn't want to (but finally did) say something because I can remember the situation of and her understandable reaction to being stalked by SCO and essentially defamed by Maureen O'Gara. I'm surprised she watches her language at all about something like this which is so similar.

      "Flimsy" I suppose is a reasonable description of her story. "A bit of a stretch" is not a reasonable description of this one. As part of what is openly an opinion piece, PJ speculated about 3 reasons it may not have worked. This blog has taken one speculation and presented it as fact sourcing her. This is starting to show up on Google News. Even if he has more information this irresponsible and flabby column isn't helping his credibility.
      jplatt39
  • Message has been deleted.

    Mingyueny
  • That's not what PJ said!

    What she said was that she *hoped* it was because the reporter had been using Linux. It was a techie joke (and very characteristic of PJ's sense of humour). Not many Trojans are effective against Linux, you see...

    As this article is now doing the rounds on Digg, it would be a good idea to correct it before it gets out of hand!

    Regards,
    -cybervegan
    cybervegan
    • Both articles have been updated

      Thanks for pointing that out. PJ has updated her article to make it more clear that it was speculation on her part that the reporter was running Linux, so I've updated mine too. If I find out anything definite I'll update it one more time.

      BTW I don't like it when people update their articles without clearly indicating what was changed. I rarely change things once they're posted but I'll always strive to make changes bold or italics or something so you can see the history in mine.

      I considered adding a question mark to the title, but I felt that would be too much revisionist history. Sorry for any confusion.

      Even if it turns out the reporter was running Windows the other parts of the story about the trojan attempt have not been called into question as far as I know.
      Ed Burnette
      • No change to the Groklaw article

        Hi Ed,

        I read the article when it was brand new - I saw it come up on a refresh after I read the comments on the previous article, and it read that way from the start. ;-) As I said, it's PJ's sense of humour, which we all know and love.

        I've followed Groklaw pretty closely for the past 3 years, and I've never seen PJ alter an article without indicating her changes with "UPDATED" in the title, and in the appropriate place in the text. If she'd changed the article, she *would* have indicated it, honestly!

        Thanks for making your article clearer ... and with good humour too.

        regards,
        -cybervegan
        cybervegan
  • Why go to PJ?

    Here I am reading a blog about a CNET reporter and what he did and didn't do on ZDNet, a subsidiary of CNET. The blogger's source? Pamela Jones of Grokster! Aren't journalists supposed interview sources? Shouldn't ZDNet bloggers have an in with CNET reporters? Why has no one at ZDNet just asked the CNET reporter what happened?
    slopoke
    • Using PJ as a source

      I've found Groklaw to be a pretty good source for things like this. It's not like CNET posted the name of the reporter and offered interview opportunities or anything like that. Even David Berlind quoted PJ's article and the NY Times for his blog on the subject (http://blogs.zdnet.com/BTL/?p=3628).
      Ed Burnette
      • Not Knocking PJ

        I have nothing but respect for Groklaw (Don't know where I came up with Grokster yesterday) and think PJ does a brilliant job of gathering information. My only question was why no one at ZDNet (including DB) made the jump to find the name of the reporter involved (Dawn?) and talk to her directly. PJ obviously managed it and she doesn't work for the same parent company.
        slopoke
        • No inside information

          Most of the people like me who blog at ZDNet have no connection to the company other than the blog. By the way, a news story came out today with some more details, see: http://news.zdnet.com/2100-9584_22-6117497.html .
          Ed Burnette
  • jumping to conclusions.

    "It's true though that most malware is written to target Windows, and running Linux (or MacOSX) is one way to reduce (but not eliminate) your exposure. Sorry for any confusion. -Ed "

    Reducing malware by running Linux or OS X does not mean Linux and/or OS X are more secure.
    Linux and/or OS X could have more malware problems if developers targeted these OS's.
    zzz1234567890
    • Security of Linux and MacOSX

      I agree, in theory, that if more crackers targeted Linux and/or MacOSX then inevitably they would suffer from many more malware problems than they do now. But the last time I checked, there are far more exploits in the wild targeted towards Windows. What's more important to you, possible exploits or real exploits?

      FWIW, I still run Windows myself, so I must think that the benefits outweigh the risks or that the risks can be mitigated enough. Or maybe I'm just addicted to plug-n-play commodity device support.
      Ed Burnette
    • "Reducing malware by running Linux or OS X "

      you any relation to LD? Or No_Ax? Perhaps Southern Bride?
      The only thing more pathetic than ABMers squealing with delight at every flaw in MS products is the unending bleating of the sheeple saying "It's all about market share!"
      Really? Prove it. PWN a few non-server linux boxen.
      No?
      Stop whining.
      handydan918