Dell revamps hardware testing in wake of malware issue

Company has added 16 additional steps to weed out hardware issues

A sequence of errors led to Dell's delivery of motherboards with malware and the company is in the process of overhauling its testing process to resolve issues before dispatching hardware to customers, it said on Thursday.

Dell on Wednesday said that some replacement motherboards for PowerEdge servers may have contained the W32.Spybot worm in flash storage. The malware issue affected a limited number of replacement motherboards in four servers, the PowerEdge R310, PowerEdge R410, PowerEdge R510 and PowerEdge T410 models, the company said.

"There was a sequence of human errors that led to the issue, That being said, we have identified and implemented 16 additional process steps to make sure this doesn't happen again," said Dell spokesman Jim Hahn.

Hahn did not provide additional details on the steps being added to track and resolve such issues. But he said that all affected motherboards had been removed from the service supply chain. Current antivirus software with updated signatures would flag the malware's presence and users would have to be running an unpatched version of Windows 2008 or an earlier version of the OS.

A Dell quality management specialist wrote in an e-mail that the code was accidentally introduced during the manufacturing process of the server motherboards. The code was detected on the embedded server management firmware during internal testing by Dell.

Motherboards come with flash storage -- typically NOR flash -- that stores the BIOS, which provides the instructions to boot the system, said Gregory Wong, president of Forward Insights. Flash is a nonvolatile form of memory that can retain data even after a computer is shut down.

Flash on motherboards are susceptible to the same kind of malware infections that USB flash devices are prone to, said Simha Sethumadhavan, assistant professor of computer science at Columbia University. This incident shows how hardware, either flash or a processor, if hacked, can be used as a way to transmit malware.

"All software runs on hardware. If the processor is hacked then it can subvert all software countermeasures. Since hardware is the root of trust, attacks on hardware are potentially more dangerous," Sethumadhavan said.

Motherboards also could have solid-state drive units for data storage, said Jim Handy, director at Objective Analysis, a semiconductor research company. But instructions to start a system originate from a NOR flash chip, which would also imply that the malware is "pretty small," Handy said.

"This flash is the one that holds your BIOS and it can be updated online. If proper security precautions are not in place, the flash chip is every bit as capable of containing a piece of malware as is the hard-disk drive," Handy said.

Columbia's Computer Science Department uses Dell PowerEdge R410, but was not affected by the issue, said Daisy Nguyen, IT director for the computer science department at Columbia University. Nguyen said Dell offers competent products and the malware issue won't affect the department's decision to purchase products from the company.

"Dell immediately admitted to the problem," Nguyen said. The company also moved quickly to resolve the issue, she said.

Nguyen said that Dell has agreed to try and send some samples of the motherboards with malware so the university can research the issue as part of an investigation into securing hardware systems.

Tags LinuxserversDrivesstoragehardware systemsComponentsoperating systemsnon-WindowsMotherboardsmalwareDellColumbia Universitysecurity

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Agam Shah

IDG News Service

Comments

Comments are now closed.

Latest News Articles

Most Popular Articles

Follow Us

GGG Evaluation Team

Kathy Cassidy

STYLISTIC Q702

First impression on unpacking the Q702 test unit was the solid feel and clean, minimalist styling.

Anthony Grifoni

STYLISTIC Q572

For work use, Microsoft Word and Excel programs pre-installed on the device are adequate for preparing short documents.

Steph Mundell

LIFEBOOK UH574

The Fujitsu LifeBook UH574 allowed for great mobility without being obnoxiously heavy or clunky. Its twelve hours of battery life did not disappoint.

Andrew Mitsi

STYLISTIC Q702

The screen was particularly good. It is bright and visible from most angles, however heat is an issue, particularly around the Windows button on the front, and on the back where the battery housing is located.

Simon Harriott

STYLISTIC Q702

My first impression after unboxing the Q702 is that it is a nice looking unit. Styling is somewhat minimalist but very effective. The tablet part, once detached, has a nice weight, and no buttons or switches are located in awkward or intrusive positions.

Resources

Best Deals on GoodGearGuide

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?