Watch Out !

SteveB

Well-Known Member
For viruses, worms etc...

Good practice to NOT use any thumb/USB drive as provided by a visiting LD/company, direct into your console, unless you have verified the drive is bug free.

Had this happen yesterday, when an SM from a visiting company gave me her thumb drive, supposedly with a USITT ASCII cue file to be read from my Ion. I usually use my laptop for this (which has Zone Alarm on it), but instead and to save time, decided to read the USB direct at the console. I was lucky the drive was a mess and I couldn't find the file I was supposed to find, thus loaded nothing, then took it to the laptop where Zone Alarm immediately found and quarantined a file called "worm.Win32.AutoRun.dui". Much conversation then ensued with ETC tech support about the likely hood of getting the bug into the Ion, which was un-likely.

Scared the crap out of me.

FWIW, it's a Royal PITA to have to re-image a lighting console, as essentially ETC has to send a USB bootable drive to format and re-load the OS.

EDIT: As follow up, consoles do not come with, nor can they have anti-virus software running on them, for lots of reasons

Lessened learned
 
Last edited:
Excellent Suggestion that should be written in the front of every user manual and in day one of training for each op.

Gotta keep in mind, in basic terms consoles nowadays are just computers with massively complex keyboard interfaces. You can't put a virus scanner on the console, so sweeping it on a PC is definitely a best practice my house will be implementing.
 
with out windows to run on, all of those viruses can do all of nothing.
 
with out windows to run on, all of those viruses can do all of nothing.

There are a number of consoles that run off of a stripped down version of windows!
However there are most defiantly virii that are non-windows based, there are way more mac virii than most mac users care to admit. There are also virii that don't care what OS you have, or ones targeted to various network services or particular software applications, etc.

Windows is not the root of all virii.
 
There are a number of consoles that run off of a stripped down version of windows!
However there are most defiantly virii that are non-windows based, there are way more mac virii than most mac users care to admit. There are also virii that don't care what OS you have, or ones targeted to various network services or particular software applications, etc.

Windows is not the root of all virii.

Definitely very true, several consoles that run Windows off the top of my head are, The ETC EOS/ION/Element series, Martin Maxxyz, Jands Vista consoles (not positive on this, Vista may run Linux) and pretty much any console software that runs on PC. So Martin Lightjockey, Hog iPC, the Jands Vista S3, S1 and M1 consoles, and the windows version of Chamysis MagicQ. All are susceptible to a virus and can have performance and reliability hampered and cause the failure of critical control software during a show run.

Linux and Mac software are both also susceptible to virii but there are fewer virii out there for those OSes although MacOS is getting up there now. Linux is a very niche market and there are fewer security vulnerabilities on Linux so virii are not rampant and difficult to get unless you are REALLY doing something wrong.

No matter what, any visiting USB Thumb drives should pass through a properly updated and protected PC with Anti-Virus software installed before going on to being plugged into any console. Preferably one would use the clean PC to transfer the needed file onto a KNOWN clean thumb drive.

Personally I recommend ESET Nod32 for Anti-Virus, it is one of the top rated Anti-Virus programs and also it doesn't slow down your PC like Symmantec Norton anti-virus does. This is mainly because the scanning and detection algorithms in Nod32 are written directly in assembly code and therefore run much quicker than a program written in a higher level language like C++. Whatever you do....do not run McAfee, it is by far the most terrible virus scanner on the face of the planet.
 
Don't forget that Strand consoles run on windows! I certainly don't forget with them BSoDing so often...

As for the danger of just plugging in a USB drive into the console, if the manufacturer has done their homework all autorun-esque features will be disabled on all types of drives, no other software with lower security standards will be running in the background, and the user account you're operating in will have completely locked down permissions (on palleteOS strand boards you don't even have access to the 'C drive', you're sandboxed in data partition). Navigate to the files you need and open them directly in the applicable program (not by double clicking them) and you're 100% safe, barring serious OS flaws or malware specifically targeted at your lighting board's control software. End result being that the threat is there, but there's no reason to go too much out of your way when any potential issues will be one reboot away from being solved, and you do have backups, right?
 
and you do have backups, right?

It's my understanding that users generally do not have OS backups present for the Eos/Ion/Element series and I doubt that Strand provides a complete OS either (do MA, or Barco release OS's for backup use ?). Should you need to re-load the OS, ETC will send a set of software to re-image the drive. It's possible to get the ETC OS via internet, but as ETC Tech Support explained, they prefer to not do it this way.

And FWIW, the SM in the situation of my OP got her files off a Mac. Not sure if the Win worm affects a Mac, but that's how it appeared to get on her thumb drive.

My general operating procedure is to have a visiting thumb drive opened on my laptop, where I will save the ASCII file in Ion Off-Line, then merge it with the patch and Basic config file I use for that desk. I try to always do this on a laptop as it's easier to find and manipulate files when working in Windows then on the console.

I then load to one of my thumb drives and load to console. Usually and if the company folks have their act together, this can all be done days prior to load-in if the SM can e-mail me the file. I was under the gun this particular morning and skipped my usual routine.
 
Last edited:
Thumb drives are a significant virus vector. Public machines like the photo printers at drug stores are apparently rampant with them now. I'd say, always treat thumb drives with suspicion.
 
It's my understanding that users generally do not have OS backups present for the Eos/Ion/Element series and I doubt that Strand provides a complete OS either (do MA, or Barco release OS's for backup use ?). Should you need to re-load the OS, ETC will send a set of software to re-image the drive. It's possible to get the ETC OS via internet, but as ETC Tech Support explained, they prefer to not do it this way.

And why is this? Oh right, because its a complete non-issue. CPF is dead on for the reasons why I am not worried about "getting a virus" on my consoles. Now, if it is software running on a computer that is a lot different than embedded windows, but you can't kill an EOS or GrandMA with a virus.
 

Users who are viewing this thread

Back