No, Your Kindle Can’t Catch a Virus
Here’s one from the history books.
This morning I came across a link to an old article by a Norton researcher. Way back in 2009, when the Kindle was still new and relatively uncommon, Michelle V. Rafter pondered the threats a Kindle might face, beit device theft, identity theft, or viruses.
If that last option sounds silly in 2014, just remember that you’re looking at it with 20/20 hindsight. In 2009 it wasn’t such a crazy idea:
When the first Kindle appeared in 2007, Jesse Vincent was curious but not convinced the e-book reader with the 6-inch black-and-white screen was worth the hefty price tag. Two years later, Amazon introduced a skinnier Kindle 2 with longer batter life, faster page refreshes and room for 1,500 books. Vincent stopped resisting. “It was appealing,” the Somerville, Mass., software developer says.
E-readers use the 3G wireless network that cell phones use, and stripped down Web browsers to connect over the Internet to e-book stores. Some devices also let you connect to a laptop or desktop computer to upload or download files. As a result, it’s conceivable an e-reader could inadvertently catch a virus or worm from an email message, file or Web page. … The reason is that hackers normally write viruses to target Windows-based computers because so many people use them, and since the number of people using Kindles and other e-readers is tiny by comparison, attacking these devices may not be as attractive right now to hackers, he says.
In case you’re interested, the Jesse Vincent mentioned in the excerpt is that same developer who ported calibre to the Kindle 2 in 2009 (he called it Savory).
It’s amazing how much things have changed, isn’t it?
Just like there was a time that many insisted that ebooks could never supplant paper books in any way, 4 years ago people worried about viruses hurting your Kindle or other ebook reader.
So far as I know that has never happened. It’s not just that I have never read about a virus being identified; I’ve never even read about a security researcher trying it just to see if it were possible, so the concerns about the issue were probably misplaced.
Four out of five experts agree that unprotected ebook reading on ebook readers is perfectly safe. And that’s good news for all of us; it means we can stop using the Kindle condoms:
P.S. Reading on smartphones and tablets, well, that’s another matter. I’m sure it comes as no surprise that these more general purpose mobile gadgets are easy targets for viruses, trojans, and other malware.
image via Gothick.org.uk
Al the Great and Powerful February 12, 2014 um 3:10 pm
I use one of those for my DX, It works a treat!
It its good protection from rain (common here) and its how I carry the DX when I fly (slung over my shoulder, under my jacket).
nikolawannabe February 12, 2014 um 3:54 pm
It is certainly *possible* to get a virus on an ereader. Most readers run modified (or even vanilla) versions of Android, which have had viruses before, and will continue to. There’s nothing about the platform which in any way excludes it.
It’s primarily that ereaders are not particularly valuable to hackers, since they would generally be wanting something they could actually make use of (such as the processing power) to do their nefarious efforts, such as spamming farms and whatnot (that’s generally what they do with your pwned desktop or laptop). EReaders are generally underpowered and frequently asleep. Not a lot to utilize there.
From a data perspective, there’s not a lot of interesting things to steal off an eReader either. Most eReader makers likely don’t store a CC on the device itself. There aren’t interesting files to grab either.
Most of what is on a reader is on the cloud. And a hack to a cloud server gets you access to a lot more interesting data from more users. Why bother?
Nate Hoffelder February 12, 2014 um 4:23 pm
It’s possible, yes, but I’ve never heard of it happening. Just about the only people interested in even attempting this trick would be someone going for a piggyback attack on another more secure system – protected servers, for example. And there are easier ways to do that; drop a few infected Flash drives in the parking lot, for example (this shouldn’t work, but it does).
Jane March 15, 2016 um 7:43 am
My kindle has acquired a virus via an infected USB key which was used with my laptop. What the virus does is hide folders and instead create shortcuts. I’ve used an short programme that a computer-savvy friend installed on my laptop which has worked in the past with a similar virus: now the shortcuts have disappeared, but the Documents folder on the kindle still isn’t showing up. It’s there, but I can’t see it: and since I load books onto kindle by downloading them (usually from project Gutenberg) to my laptop and then transferring to kindle, I’m stuck now. Any advice?
Nate Hoffelder March 15, 2016 um 8:36 am
I would recommend that you run the following procedure:
Jane March 18, 2016 um 8:02 am
Hi, thanks for the quick reply. I may be misunderstanding the link, but as I understand it, it’s telling me to
a. run a virus check on the Kindle: I’ve done this with Avast and McAfee, but they find nothing.
b. copy the files I need to keep: I can’t do this because the virus is preventing me seeing the folder they are in, which is the "Documents" folder.
c. reformat the Kindle: reformatting a USB key I understand, but reformat a Kindle? My Kindle apparently "needs" an upgrade (which I was trying to avoid) so I’ve just tried that, but it hasn’t worked – possibly because of the virus?
Wondering whether to download the software from this site – http://www.fosshub.com/UsbFix.html – or whether there is a better way to get rid of this shortcut virus.
Jane March 18, 2016 um 9:54 am
Problem solved: I downloaded http://www.kaspersky.com/antivirus-removal-tool?form=1 to scan and clean the hard disk, and then ran the command attrib -h -r -s /s /d drive_letter:\*.* to show the folders on the Kindle. Now there are a couple of files showing up on the Kindle that I don’t think were there before the virus (ENCRYP~1 and DONT_HALT_ON_REPAIR), I’m not sure whether to do anything about them or leave them there.
Henry January 30, 2017 um 3:05 pm
If a Kindle can’t get a virus, can you explain this video please? It sure looks authentic to me.
Nate Hoffelder January 30, 2017 um 3:08 pm
That is a Fire Android tablet. The above post discusses Kindle ereaders.
It’s not the same hardware.
blendenzo March 23, 2017 um 3:41 am
Nate, the user Jane reported their experience with getting a virus on their Kindle over one year ago, so I’m sort of curious why you haven’t changed the misleading title and content of this article yet. Even though it’s rare, it really is possible to get a virus on an e-ink Kindle, and it does happen to people from time to time. You and nikolawannabe are right to point out (in the comments above) that there is little to no incentive for hackers to target eReaders specifically, though, so it’s not likely to become a major problem at any time in the future.
Nate Hoffelder March 23, 2017 um 6:54 am
Because the Kindle didn’t "catch" the virus any more than a USB flash drive or an external hard disk can catch a virus. They’re storage devices that are carrying the virus from a computer.
The computer has the virus, and you can keep from spreading it by maintaining good security.
blendenzo March 23, 2017 um 4:53 pm
I see the distinction you are making, and in that sense I suppose I agree. Jane’s Kindle was affected by a virus on the computer it was connected to in mass media storage mode. The virus didn’t actually reside on the Kindle or run on the Kindle’s operating system, but rather on the laptop. The Kindle wasn’t technically infected, but it certainly was seriously affected. I don’t think most people who come across your article are going to make the same distinction, but that doesn’t change the fact that you are technically correct.
It still feels like your use of "can’t" in the title is hyperbole, though. The recent increase in worms like Mirai that target Linux embedded devices could suggest a somewhat higher cause for concern. But it’s your blog, not mine. Free speech, etc. My apologies if I seemed overly critical.