Guess what guys! autorun.inf is NOT specific to NTFS. My tablet came with a recovery partition - guess what - it had an autorun.inf that would run when I double-clicked the volume!
It was never specific to NTFS. Did you mean CDFS?
But we're talking about making it run when you plug in the USB device, not when you double-click on it. I think that's what formatting it with CDFS does.
Yes I meant CDFS.
No, formatting it with CDFS does not make it auto-run; it has nothing to do with the file system. Here's what happens.
Autorun is a function of the shell (typically explorer.exe). When you mount a file system
while explorer.exe is running, Explorer looks for autorun.inf and updates the display as needed. This could involve altering the shell icon for the device, or executing the autorun command specified in the .inf. Explorer.exe also changes the
default action associated with the object - if you right-click on an object in Explorer, you'll see one item is almost always highlighted. Typically this is the
Open command. However, when a file system is mounted with an autorun.inf file, Explorer sees the autorun.inf file, and adjusts its context menu so that the
AutoPlay action is the default, and when you double-click on the object, the default action is performed.
For proof, I've created a network folder called Library (I'm at work, shutup) in the public share. I created an autorun.inf file in this folder that specifies to open the command prompt (C:\Winnt\System32\cmd.exe), which you can see in my first attachment, autorun-inf-in-network-share.png. I then mapped the Library folder to the network drive H, and lo and behold, the command prompt ran when I finished the mapping. The second attachment is me right-clicking on the mapped drive in Explorer - you can see that AutoPlay is the default action, share-with-autorun.png. Finally, double-clicking on it - just like mounting it - causes to run the autoplay file. You can see this in the third attachment, autorun-cmd-prompt.png, as the command prompt started in the H:\ path, the network share where the autorun.inf file is located.
Please note that network shares in Windows are presented through the Network File System (NFS), and that the underlying physical file system is not represented to the components in the lower levels.
I hope this lesson in how Windows actually works (as opposed to speculation related to file systems) has been educational.
What would be intelligent for companies like Apple to do would be to not expose their file systems to Windows like a USB hard drive. (Note: USB hard drives are also, incidentally, autorun-enabled, and they're on FAT file systems - how do you think USB drive manufacturers push their backup/sync software to users when they pop the drive in? It's not firmware).
iago, I realize you consider yourself a security expert, but touting about how awful Windows is when you don't actually know how it works makes you lose credibility. If you like, I'll make you a FAT-formatted USB drive and mail it to you so you can plug it in Windows and watch it auto-play.