Dell, they’re the company that got a lot of attention in the business world for a model of manufacturing and delivery that would make any industry proud. But perhaps the time for Dell’s pride has passed.
We start off Dell’s new world of woes with their shipping motherboards infected with malware. Yes, that’s right. The Dell PowerEdge R310, PowerEdge R410, PowerEdge R510, and PowerEdge T410 server motherboards recently shipped to customers after service calls for faulty hardware turned out to be infected with the W32.Spybot worm. The computer virus was hidden in the onboard flash storage and would infect unprotected Windows machines if Dell Update Packages for Unified Server Configurator (USC) or 32-bit Diagnostics were executed. Though Windows Server 2008 (and presumably Windows Vista and Windows 7, should anyone ever install those on these server motherboards) theoretically are safe thanks to Microsoft’s recent additions to security in Windows, there are no guarantees. Especially with older versions of Windows. And doubly especially should you for some reason not be running your typical security suite including anti-virus software.
The worm is hiding in the flash memory itself, suggesting that a simple firmware update would not actually clean the infected mobos. Also suggesting that disabling autorun or otherwise preventing this “drive” from mounting would protect anyone with an infected part.
No other Dell motherboards are infected, including Dell’s production stock. Only their replacement service parts were infected. No non-Windows operating systems are vulnerable, so you *nix users are completely safe, as usual. And, of course, the infected mobos are now pulled from their supply chain.
Dell blames “human error” of course. (As if it could be anything else?) They are giving no explanations, and they’re mostly on the hush-hush about it all, only phoning affected customers. No letters. No official webpage detailing the risk and its mitigation. Loverly.
Fortunately it’s an old worm, and protection against it is pretty much a given these days. You’d really have to be trying or completely oblivious to get infected with that one.
As bad as that is however, that’s not all. As research into it revealed some documents unsealed after a lawsuit with Dell over allegedly known problems with its OptiPlex boxes, 11.8 million of them, shipped between May of 2003 and July of 2005. An internal review by none other than Dell itself had discovered that 97 percent of these boxes would fail in less than three years because of faulty capacitors from Nichicon. (Bad caps again? Really?!)
Dell further compounded the OptiPlex problem by replacing the motherboards with the bad caps with, yes, you guessed it, the very same line of motherboards with the very same leaking capacitors, almost guaranteed to fail.
That’s actually kind of expected, all considered. There was a really bad stretch of faulty capacitors, rumor has it due to industrial espionage stealing an incomplete formula and selling it to a large number of manufacturers. And of course one tends to replace parts with the same parts.
No, what made this one especially litigious was that, according to the New York Times, Dell not only knew of the problem and refused to toss their stock of faulty mobos, but they even told their own employees, “Don’t bring this to customer’s attention proactively,” and, “Emphasize uncertainty.“ The official Dell word on the bad mobos even went so far as to state to lawyers, “We need to avoid all language indicating the boards were bad or had ‘issues’.”
All this from the darling Dell.
Is it any wonder why I choose to build my own PCs with my own selection of parts then?