I just found a windows worm on a USB memory stick I inserted into my Ubuntu computer... I have no real fears for my Ubuntu system so no worries on that front. However this is somewhat more of an ethical question... This almost certainly came from a specific windows workstation I used the USB stick in a while ago. Do I have a moral duty to inform all the other users of that workstation that they are almost certainly infected? (Assuming that I can track them down easily which I can in this case.) Or should I not bother on the basis that they will have been exposed to 10s of other malwares in the last couple of months anyway? P.S. I am posting this into the security section since the people posting there will presumably have come across similar situations at some point in time or may do in the future.

Yes. You do have a duty.

You do not have the moral responsibility, but it might be nice.
If you all work for the same company, it would probably be in your best interest.

You do not have the moral responsibility, but it might be nice.
If you all work for the same company, it would probably be in your best interest.

This. A better idea would be to inform the IT guys, so they can handle it if you are not in IT yourself.

This. A better idea would be to inform the IT guys, so they can handle it if you are not in IT yourself.

Good advice, you get a good feeling for doing the right thing, the IT people get firm evidence of an infection they may wish to fix.
Better drop them an email describing how you came across this odd bit of code prior to handing them the infected memory stick, after all you do not wish to be caught wandering about the building with an infected USB memory stick do you?

Send the IT department a letter asking how to get the worm working. You have tried everything, and still you can't make it run in Ubuntu.

Send the IT department a letter asking how to get the worm working. You have tried everything, and still you can't make it run in Ubuntu.

lol. +1.

After a couple of months I think they'd be aware of it anyway but no harm in following some of the suggestions here.

Make sure you've gotten rid of it from the USB dongle, though, as any Win machine you plonk that in to will probably get infected. Yes, doesn't effect your Ubuntu, but you can certainly pass it on (via email to a Win machine and any number of scenarios where you are passing info on to a Win machine).

Personally, if I found out you knew of the infection and didn't tell IT so they could do something about it, I would be pretty angry. This is not something to keep to yourself.

Just forward the file to the IT department via email and be sure to upload a copy of it to your central file server for safe keeping.

Just forward the file to the IT department via email and be sure to upload a copy of it to your central file server for safe keeping.

Hmmm. Very droll (and funny!).

Don't do this. Not wise.

Any time handling a computer virus, like transferring it to IT, make it very clear that what your transferring is a virus or malware, and encrypt the virus with simple password and include that password in the email so the IT guys can view it when its safe.

In a corporate environment the IS security policy and in particular the incident response section or separate policy is what defines how you react/respond/deal with it.

Do nothing but contact your IT Dept or whoever deals with these issues.

Do not propagate it, store it or try to do anything other than contact those who deal with such matters.

Any time handling a computer virus, like transferring it to IT, make it very clear that what your transferring is a virus or malware, and encrypt the virus with simple password and include that password in the email so the IT guys can view it when its safe.

In all the places I have worked, and some had >100,000 employees, not a single person in IT would be able to handle a virus file without messing up the whole company system.

In all the places I have worked, and some had >100,000 employees, not a single person in IT would be able to handle a virus file without messing up the whole company system.

+1

I am in such a large environment and my IT department is nothing more then a triage center.

The outsource everything. This vendor for hardware, that vendor for this software package, that vendor for antivirus/security, etc, etc. ...

99.9 % of what they do is review, enter into, and enforce / follow through on contracts.

Very little is done in house and they would never analyze a virus, they would send an email to the appropriate vendor and almost certainly wait weeks / months for an update to the software package.

+1

I am in such a large environment and my IT department is nothing more then a triage center.

The outsource everything. This vendor for hardware, that vendor for this software package, that vendor for antivirus/security, etc, etc. ...

99.9 % of what they do is review, enter into, and enforce / follow through on contracts.

Very little is done in house and they would never analyze a virus, they would send an email to the appropriate vendor and almost certainly wait weeks / months for an update to the software package.
So what do you suggest to do in this situation?

So what do you suggest to do in this situation?

Well, I think one is morally obligated to report malware as it affects us all. A compromised machine can be used as anything from a spam bot to an entry for intruders to bot nets.

In a corporate environment I leave these issues to IT. It is their responsibility and I do NOT want to be blamed for a problem. I find if you do NOT REPORT you can be blamed. Even if you are innocent, failure to report the incident will reflect poorly on you.

As to the issues of IT, I point out the potential cost savings of alternate solutions to both management and IT. If they choose not to act, that is their choice, but I feel I fulfilled my obligation to the organization.

So what do you suggest to do in this situation?

In my workplace they have their own IT person they call in when something goes awry. I consider myself accountable to my colleagues and the organization's clients, keeping the lines of communication open and "going through channels" if necessary when something needs attention.

Counterpoint / Devil's Advocate: We can learn from recent related news items.
http://www.huffingtonpost.com/mobileweb/2013/01/22/hamed-al-khabaz-expelled_n_2526074.html

I would relate that story to your dilemma by saying that sometimes when you report a bug/virus/etc. you may get blamed for subsequent problems. Totally depends on your station at this facility and the competence of the IT staff.

If you choose to report it cover your ***. Don't relay the actual infected file to anyone. You don't want to be blamed for spreading or deploying it. Make sure you haven't been doing anything dubious that they will find in the logs ifthey choose to launch an investigation. Assume you will be under a microscope until it's resolved.

Counterpoint / Devil's Advocate: We can learn from recent related news items.
http://www.huffingtonpost.com/mobileweb/2013/01/22/hamed-al-khabaz-expelled_n_2526074.html

I would relate that story to your dilemma by saying that sometimes when you report a bug/virus/etc. you may get blamed for subsequent problems. Totally depends on your station at this facility and the competence of the IT staff.

If you choose to report it cover your ***. Don't relay the actual infected file to anyone. You don't want to be blamed for spreading or deploying it. Make sure you haven't been doing anything dubious that they will find in the logs ifthey choose to launch an investigation. Assume you will be under a microscope until it's resolved.

This. Better to cover your butt than become the fall guy.