Kaspersky Lab is engaged in the worst form of attention mongering: spreading fear and uncertainty through misleading headlines.

They’ve posted a virus news article which claims that they’ve “discovered” the first virus for the iPod … which has been picked up and further exaggerated in what I consider some of the worst reporting ever.

The horrible TTN article actually states that “researchers at security firm Kaspersky Lab developed a virus which can infect Apple’s popular portable media player, the iPod” and goes on to note that the so-called virus only affects iPods running iPodLinux …

In fact, this is not a virus, but merely a proof of concept of some ELF infection code which, when executed on a linux computer will infect ELF files. The fellow free0n (who does not, as far as I can tell, work at Kaspersky []) really didn’t do a whole lot more than port the code to iPodLinux and modify the messages being displayed.

Not an iPod virus.

The “iPod Oslo” doesn’t copy itself into ELF files, it merely causes them to display a message instead of behaving as they should, so it barely classifies as an infector, and certainly cannot spread to other files, meaning you must (manually) execute the infector on each machine you want to infect. As a proof of the concept that programs can be written which could infect files on iPodLinux it’s not a bad start … but it’s certainly not what we would consider a virus.

In other words (for those of you not following the technical jargon): it doesn’t copy itself into other files, therefore, it’s not a virus. It’s also not a worm: it doesn’t copy itself to your computer when you plug in and synchronize the iPod (which is certainly something that would be scary). Finally, it’s not a trojan (it doesn’t masquerade as something else), and it doesn’t even include a mechanism for copying the infector onto the iPod from your computer … nor for executing it once it gets there. It’s simply a proof-of-concept: a virus could be written for (iPod) Linux. Yeah. I think we all knew that — the only question there is: do you have to be running as root in order for it to work?

On top of all of those things that it does not do there’s one more thing: It doesn’t run on your iPod. That is, unless you’ve hack your iPod and installed iPodLinux … this program and it’s potential future variants will not even be able to run on your iPod even if you manually copy them onto it.

But Kaspersky said it was

Just to be clear: although TNN made it worse by crediting Kaspersky with developing this program, it’s very clear that both the original blog post by the Kaspersky Lab employee that “discovered” the application and the news release both identified this as an iPod virus … and while they were careful to mention that it doesn’t pose a real threat, and that in fact you have to first install Linux on your iPod … the bottom line is that Kaspersky and TNN created deliberately misleading headlines to draw attention to a story that I wish I hadn’t even bothered to read.