Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Symantec Looks Into Claims of Stolen Source Code

samzenpus posted more than 2 years ago | from the all-your-code-are-belong-to-us dept.

Security 116

wiredmikey writes "A group of hackers claim to have stolen source code for Symantec's Norton Antivirus software. The group is operating under the name Dharmaraja, and claims it found the data after compromising Indian military intelligence servers. So far it's unclear if the claims are a significant threat, as the information posted thus far by the hackers includes a document dated April 28, 1999, that Symantec describes as defining the application programming interface (API) for the virus Definition Generation Service. However, a second post entitled 'Norton AV source code file list' includes a list of file names reputedly contained within Norton AntiVirus source code package. Symantec said it is still in the process of analyzing the data in the second post." Update: 01/06 07:05 GMT by S : In a post to their Facebook page, Symantec has now said some of their source code was indeed accessed, but it was four or five years old.

cancel ×

116 comments

Sorry! There are no comments related to the filter you selected.

Nope.. (5, Insightful)

Anonymous Coward | more than 2 years ago | (#38606916)

Who would want anything they make?

Re:Nope.. (1)

Anonymous Coward | more than 2 years ago | (#38607068)

Who would want anything they buy?

FTFY

Re:Nope.. (5, Funny)

Enigma23 (460910) | more than 2 years ago | (#38607280)

Maybe they're white hat hackers who will return the code in a vastly less bloated form?

Re:Nope.. (1)

helix2301 (1105613) | more than 2 years ago | (#38608512)

Yesterday Symantec released there PGP source code to the world maybe that was not source code they wanted. Maybe they will rewrite Nortain 360 rename it to Nortain 180 and make it better and less bloated. Lately there home products are so junk and way over priced.

Re:Nope.. (0)

Anonymous Coward | more than 2 years ago | (#38608802)

Lately ? There ?

Re:Nope.. (0)

Anonymous Coward | more than 2 years ago | (#38609848)

Junk is right. Who needs animation and color changing in an AntiVirus program (really, I don't need the flip animation of the window and I don't care about custom colors)? Did they fix the LiveUpdate issue of not being able to install virus definitions even when they are downloaded again? High CPU usage warning... because of the system resources it is hogging. At risk, because LiveUpdate is buggy and the program is putting the system at risk.

Re:Nope.. (1)

oztiks (921504) | more than 2 years ago | (#38607386)

Update says 4 or 5 years ago, which one is it!? Don't you people timestamp your version trees?

Besides other than virus updates I'd suspect not a hell of a lot of the core would of changed, shrugging it off "oh it was old code who cares" inst fooling me ... j00r b4s3 belongs too ...someone I guess ... heh :)

Re:Nope.. (0)

Anonymous Coward | more than 2 years ago | (#38607464)

"would of"

Re:Nope.. (2)

oztiks (921504) | more than 2 years ago | (#38607506)

I'm working with an iPad here!! it's hard enough to type comments alone rather than having to check my grammar as well!

Re:Nope.. (0, Insightful)

Anonymous Coward | more than 2 years ago | (#38608010)

Maybe you shouldn't buy expensive shiny toys.

Re:Nope.. (-1)

Anonymous Coward | more than 2 years ago | (#38608832)

Maybe your dad should have pulled out.

Re:Nope.. (1)

yakatz (1176317) | more than 2 years ago | (#38610026)

The Symantec FaceBook post answers that:
The source code is from two different products, one four years old, one five years old. One of them is discontinued.
https://www.facebook.com/Symantec/posts/10150465997682876

Re:Nope.. (4, Funny)

GameboyRMH (1153867) | more than 2 years ago | (#38608436)

Imagine the poor black hat who only got this turd as loot. It's like breaking into a bank vault and finding out that it only had some smelly bath mats inside.

Re:Nope.. (2)

Reverand Dave (1959652) | more than 2 years ago | (#38610080)

That's what I was thinking. To me it seems like breaking into a sewage treatment plant.

Re:Nope.. (2)

mortonda (5175) | more than 2 years ago | (#38608904)

Norton has long outclassed virus makers in terms of damage it does to a computer system; Now the virus makers know how to cause as much damage too!

Re:Nope.. (0)

Anonymous Coward | more than 2 years ago | (#38608986)

The malware writers have a lot to learn from Norton Antivirus.
They try so hard to do on purpose what it does as a side effect.

Re:Nope.. (1)

AmiMoJo (196126) | more than 2 years ago | (#38609140)

To find ways of disabling or otherwise breaking it, to make their viruses immune to one of the most popular AV products.

Or instead of making fake AV software just make real AV software using the stolen code and sell that. The fake AV software scams only work because the likes of Norton are just as bad when it comes to scary warning messages and demands for payment, so they probably only need to change the logo and card processing URL.

Re:Nope.. (1)

VGPowerlord (621254) | more than 2 years ago | (#38609326)

Who would want anything they make?

I don't know about the actual product, but I hear The Daily WTF [thedailywtf.com] wanted to look at the code.

Huh, and this does...? (1)

Midnight_Falcon (2432802) | more than 2 years ago | (#38606920)

Hrm, I didn't know hackers even needed to look at the source code in order to make viruses that get around Symantec AV....

Re:Huh, and this does...? (3, Interesting)

bmo (77928) | more than 2 years ago | (#38606978)

They don't.

1. Write virus code
2. Load up a machine with the top 10 virus scanners.
3. Load your virus code
4. Let them scan.
5. If they detect it, modify code and go to 3 else 6
6. Release the hounds.

--
BMO

Re:Huh, and this does...? (1)

Midnight_Falcon (2432802) | more than 2 years ago | (#38607056)

Oh yes! Hmm, well, I suppose I should start using Rogue Antispyware or Windows AntiVirus 2011 -- they're able to "secure" up your system despite Symantec's presence 99% of the time!

Symantec released a more up to date statement... (5, Informative)

Anonymous Coward | more than 2 years ago | (#38606922)

...on Facebook (yeah, I dunno). http://www.facebook.com/Symantec/posts/10150465997682876

Symantec can confirm that a segment of its source code used in two of our older enterprise products has been accessed, one of which has been discontinued. The code involved is four and five years old. This does not affect Symantec’s Norton products for our consumer customers. Symantec’s own network was not breached, but rather that of a third party entity. We are still gathering information on the details and are not in a position to provide specifics on the third party involved. Presently, we have no indication that the code disclosure impacts the functionality or security of Symantec’s solutions. Furthermore, there are no indications that customer information has been impacted or exposed at this time. However, Symantec is working to develop remediation process to ensure long-term protection for our customers’ information. We will communicate that process once the steps have been finalized. Given the early stages of the investigation, we have no further details to disclose at this time but will provide updates as we confirm additional facts

Why does the Indian military have the source???? (4, Interesting)

Anonymous Coward | more than 2 years ago | (#38606934)

Wow, so the Indian military works with major US vendors like Norton to spy on their own people (and I assume other countries people since it will be the same source????)

I assume they have the source code so they can insert extra bits and dispatch spyware the next time Norton auto-updates?

You get an auto-update, they get a spyware app into your PC. Is that it?
I don't think the scandal here is that the source code was stolen, it is a scandal that Norton cooperates will military spyware!!

Re:Why does the Indian military have the source??? (4, Insightful)

Aighearach (97333) | more than 2 years ago | (#38607088)

Indeed, a lot of people seem to missing the bombshell here.

Re:Why does the Indian military have the source??? (1)

Thane2600 (1158225) | more than 2 years ago | (#38607194)

The bombshell is that Norton has been creating viruses all along... Shit, I've been watching too much X-Files.

Re:Why does the Indian military have the source??? (1)

thej1nx (763573) | more than 2 years ago | (#38610998)

The only bombshell here is that you fail to realize that Indian military wouldn't trust foreign companies like Norton, Symantec etc. without having access to source code, to ensure there is no key-logger style functionality etc. transmitting sensitive stuff to USA spy agencies.

Re:Why does the Indian military have the source??? (5, Informative)

nmb3000 (741169) | more than 2 years ago | (#38607282)

Wow, so the Indian military works with major US vendors like Norton to spy on their own people (and I assume other countries people since it will be the same source????)

I assume they have the source code so they can insert extra bits and dispatch spyware the next time Norton auto-updates?

You get an auto-update, they get a spyware app into your PC. Is that it?
I don't think the scandal here is that the source code was stolen, it is a scandal that Norton cooperates will military spyware!!

Wow, +4 already? The tinfoils must be up and about today.

Believe it or not, most major software vendors have licenses and policies in place (e.g., Microsoft [microsoft.com] ) to allow sensitive institutions (governments, defense contractors, etc) access to their source code. The primary reason is actually the opposite of what you say. Customers such as the Indian government want to be able to see what's actually in the code before they agree to buy and install it on their own systems and network.

Think of it as the 1% always getting to run open-source software because they have the clout to demand it (and under strict a NDA).

Occupy Microsoft!

Re:Why does the Indian military have the source??? (2, Interesting)

Anonymous Coward | more than 2 years ago | (#38607354)

I've always wondered about the efficacy of such programs. Yes they do have a license, but for obvious reasons the # of people that have access to it are much less than the number of developers, and not only that, the different organizations that have access to it are probably very limited in their ability to communicate, which means that you have a large number of people who each have to analyze large amounts of source, so their ability to really get a deep understanding of any individual part of the code is probably somewhat limited.

Now compare this with open source, even though the # of eyes may be about the same(and yes I'm realistic, only a very, very tiny % of people actually comb through the source of an open source project, even a project like Linux), the ability to coordinate and specialize is much greater. I doubt there are very many people who pore through every change in the Linux kernel(aside from Linus of course), instead what you get is people who are very familiar with certain parts of the source and thus are more aware(and may have even been consulted on) changes in the code. Not to mention they can actually submit code themselves.

Paraphrase (0)

Anonymous Coward | more than 2 years ago | (#38607370)

To paraphrase your comment:

"If you think the Military attacks, then you're wearing a tin-foil hat. Military only defends."

I think I pretty much summed up your comment. They have been given something they can use as a weapon. You assert that they would never use that as a weapon, only as defense. The rest of your comment tries to paint anyone that thinks otherwise as the fringe (tinfoil hat) view of, erm, the 99% of the population.

You might want to draft that last part better, since 99% of people probably do think Military machines attack using any weapons given to them.

Re:Why does the Indian military have the source??? (0)

Anonymous Coward | more than 2 years ago | (#38607864)

The funny thing is, it doesn't really matter, if the source code is clean. Software can still be bugged, unless they compile it with their compilers:

http://cm.bell-labs.com/who/ken/trust.html

Re:Why does the Indian military have the source??? (1)

funfail (970288) | more than 2 years ago | (#38608484)

They also ask for the source code of the compiler, which compiles itself, which compiles the AV source...

Re:Why does the Indian military have the source??? (0)

Anonymous Coward | more than 2 years ago | (#38608504)

Yeah, even if they did it wouldn't help. When the binary is infected, you no longer need the "infecting part" in the source code. Recompiling the compiler whith bugged compiler would readd the stuff without it being in the source code of the compiler anymore.

Re:Why does the Indian military have the source??? (1)

Zarjazz (36278) | more than 2 years ago | (#38608600)

Believe it or not, most major software vendors have licenses and policies in place (e.g., Microsoft [microsoft.com] ) to allow sensitive institutions (governments, defense contractors, etc) access to their source code. The primary reason is actually the opposite of what you say. Customers such as the Indian government want to be able to see what's actually in the code before they agree to buy and install it on their own systems and network.

Yes, this explanation is valid and almost certainly the main reason why this happens. But the fact that any institution can then exploit any bugs they do find is hardly something that can be ignored.

Re:Why does the Indian military have the source??? (5, Informative)

rgbrenner (317308) | more than 2 years ago | (#38607296)

Wow... so many assumptions in one post.

Don't you think the Indian military needs anti-virus software? Don't you think they would need to examine the source code before running software from an American company on potentially sensitive systems? And don't you think Symantec would give it to them to secure the contract?

Cyberwarfare, Indian Army Gears Up (1)

Anonymous Coward | more than 2 years ago | (#38607344)

http://articles.timesofindia.indiatimes.com/2010-07-19/internet/28273582_1_cyber-security-cyber-warfare-cryptographic-controls

You can claim "trust us, we're the military and we don't do this", but in the next breath they are declaring cyber-war.

So no, I would have to be an idiot not to see the connection, and the original story of the hack was very careful to point out that the hack had revealed several US corporations had provided the source code to their products to the Indian military.

You can say they needed to do that to make the sale, however in doing so, they've opened their products to an unnecessary attack, which means they've opened my PC to an unnecessary attack. I don't trust the Indian military not to misuse Symantec's source code against other Symantec customers. As a professional network admin, I'd be a fool to.

If cyberwarfare is real then Symantec works for the enemy. They made that choice.

Re:Why does the Indian military have the source??? (1)

drinkypoo (153816) | more than 2 years ago | (#38608486)

Yes, no, and no, in that order. Truly sensitive data should be on air gapped machines protected from careless media insertion and you don't need AV there.

Re:Why does the Indian military have the source??? (4, Informative)

darkmeridian (119044) | more than 2 years ago | (#38607340)

Actually, they probably want to audit the code for backdoors and other security vulnerabilities before deploying the software on their systems. A whole bunch of governments got snookered when Cryto AG [wikipedia.org] sold closed-source encryption software with a backdoor that allowed the US government to easily break their communications. In particular, the NSA was rumored to have backdoored Crypto AG systems since the fifties, allowing the US government to spy on communications from such warm and fuzzy countries as Iran.

Re:Why does the Indian military have the source??? (1)

mortonda (5175) | more than 2 years ago | (#38608930)

Ok, so they can audit the source code. Do they actually build the whole thing from this code themselves? With what compiler? I don't think having the code helps them much in this regard...If a hidden compiler trojan were to truly exist, THIS is where I'd expect to find it. It would be simple for MS to include a trojan in the compiler they give, or give binaries that don't match the source code...

Re:Why does the Indian military have the source??? (1)

b4dc0d3r (1268512) | more than 2 years ago | (#38609264)

Source sharing is essentially public knowledge, it has been around for a long time. Long enough to assume that's why they have the code.

What the recipients do with the source has not been disclosed to my knowledge.

I would assume it's up to the recipient to figure out what to do with it, and make sure that is allowed in their contract (Microsoft allegedly tries to negotiate a "come and read it yourself" kind of access so you can't build or copy it, or leak it, after Mainsoft's reported partial leak). Hopefully they do exactly what you describe. But I doubt anyone from any group that has source code is going to tell you what security measures they use.

Re:Why does the Indian military have the source??? (1)

AHuxley (892839) | more than 2 years ago | (#38608004)

Some local long term http://en.wikipedia.org/wiki/Magic_Lantern_(software) [wikipedia.org] ?
i.e. keystroke logging software that was safe from some anti-virus companies.

Re:Why does the Indian military have the source??? (0)

Anonymous Coward | more than 2 years ago | (#38608112)

More likely the reason they have the source code is to satify themsekves that US government has not inserted malware/trapdoor software in the code.

Re:Why does the Indian military have the source??? (0)

Anonymous Coward | more than 2 years ago | (#38608220)

There isn't actually anything like closed source, the source code for almost everything is available at a fee, even the windows source code.

Re:Why does the Indian military have the source??? (0)

Anonymous Coward | more than 2 years ago | (#38608426)

You got it all wrong! The Indian military writes the code for Symantec. Doesn't that explain everything?

Bleh! (5, Funny)

SeaFox (739806) | more than 2 years ago | (#38606948)

Stealing source code from Symantec is like stealing your neighbor's garbage.

Re:Bleh! (1)

mcavic (2007672) | more than 2 years ago | (#38607058)

Ghost is a decent product (not great, but very useful). I stopped using NAV years ago because of the bloat.

Not Merely Bloat (0)

DERoss (1919496) | more than 2 years ago | (#38607144)

Bloat would merely mean an inconvenience, possibly the need to install a larger and faster hard-drive. However, my favorite independent computer shop informed me that Norton Anti-Virus was the cause of overall performance degrading on my Windows XP along with too-frequent "blue screens of death".

The computer shop advised me to obtain the freeware versions of AVG Anti-Virus and Malwarebytes. They install both on all new PCs they sell. They assert that no one anti-virus package can detect all threats.

The freeware version of AVG Anti-Virus runs continuously and automatically in the background and updates daily. The freeware version of Malwarebytes requires manual launching for each scan; you need the purchase-ware version for automation.

Re:Bleh! (1)

organicstanna (2461136) | more than 2 years ago | (#38607154)

I enjoy ghost, i find it quite useful. specialy version 8 (dos) for cloning drives. its fantastic!

Re:Bleh! (3, Interesting)

MightyMartian (840721) | more than 2 years ago | (#38607230)

Ghost was a decent product. I stopped using it years ago in favor of Clonezilla.

Re:Bleh! (4, Interesting)

Spy Handler (822350) | more than 2 years ago | (#38607288)

I also use clonezilla alot, and I agree it's a good product in terms of function. But it has the shit-worst user interface ever (for something that's at least moderately popular). Its UI looks like a badly copied version of the text menu from the mid-90's Slackware installer, I swear.

Re:Bleh! (1)

shione (666388) | more than 2 years ago | (#38609156)

I would so mod you up if I could. Out of all the open source software that I have used and all the non open source stuff, clonezilla has got to win the cake for the most ghastly interface. Not only is it confusing and long winded but the fonts they have chosen has got to be the most awful that could only be topped if someone picked the disn3y font.

Re:Bleh! (2)

bejiitas_wrath (825021) | more than 2 years ago | (#38607310)

The old DOS Norton Utilities was a awesome product, with the Norton disk editor and other cool features, their products now are just bloat and nothing else. using common sense on the Internet can keep you safer than this product.

Re:Bleh! (0)

Anonymous Coward | more than 2 years ago | (#38607328)

meeh OSS rocks! :P

Re:Bleh! (2)

dissy (172727) | more than 2 years ago | (#38608278)

Ghost was a decent product. I stopped using it years ago in favor of Clonezilla.

Seconded. Clonezilla is an excellent Ghost replacement, and I even started getting the windows-only admins I work with turned on to it!

If anyone is looking for an open source "corporate back-end Ghost", check out the FOG project [fogproject.org] . I've just begun deploying the infrastructure needed for it, but lets one backup and reimage a computer remotely using an awesome network boot method.

They both take a little bit to get used to, but it's no worse then getting used to or working around the problems and quirks of Ghost (Like restoring a C: drive image to a secondary HD, and having it retain the D: or E: letter, and thus windows refusing to boot)

Re:Bleh! (2)

nmb3000 (741169) | more than 2 years ago | (#38607302)

Stealing source code from Symantec is like stealing your neighbor's garbage.

Hey, maybe if the source is published publicly, some bright person(s) can improve it and issue a "fork" of Symantec's code :)

All they probably have to do is remove a few speed up loops [thedailywtf.com] !

Re:Bleh! (1)

Cro Magnon (467622) | more than 2 years ago | (#38608998)

Don't insult my neighbors. Some of their garbage is decent.

It's for Norton 2006, which is significantly old. (1)

Anonymous Coward | more than 2 years ago | (#38606956)

Unless their newer antivirus programs are nothing more than updated virus definitions, it shouldn't really bother Symantec.

Re:It's for Norton 2006, which is significantly ol (1)

Joe_Dragon (2206452) | more than 2 years ago | (#38607092)

It may still the same code base that makes Norton run real slow it in.

Re:It's for Norton 2006, which is significantly ol (1)

angus_rg (1063280) | more than 2 years ago | (#38609232)

Recent versions allow quarenting on behaviors, like flashxxx.ocx tries to write to c:\windows\.... Figure out the function hook, and you can bypass these actions before they occur.

In addition, any encryption keys embedded would be fair game. possibly allowing to impersonate a live update server.

Reasons it's not relevant:
Any decent virus writer has disassembled it more than a Jetta in your average chop shop.

Corporate IT departments rarely read Vendor best practices and miss the boat on writing to system directories, registries, and other common ways to infect a machine.

Impersonating/Man in the middle attempts with encryption keys are a PITA to employe, more effort than anyone skimming account numbers would care to carry out. Now targeted attacks are another story.

A sane point of view (1)

NSN A392-99-964-5927 (1559367) | more than 2 years ago | (#38606972)

At least we will get some great versions of Norton Total Internet Security 2013 floating about now.

Security by Obfuscation (1, Insightful)

hashless (1833294) | more than 2 years ago | (#38606982)

This is yet another reason why reliance on closed-source security software is risky.

Re:Security by Obfuscation (1)

SpaceLifeForm (228190) | more than 2 years ago | (#38607028)

True. But maybe this will result in a better product.

Re:Security by Obfuscation (1)

LordLimecat (1103839) | more than 2 years ago | (#38607260)

The only open-source AV I am aware of-- ClamAV-- lacks real time scanning, and is generally awful. The version that supports real time scanning-- MoonSecure-- is apparently very much alpha, and has a high risk of ruining your machine.

Ill take the closed-source Security Essentials, thanks.

Heck even the best virus removal tools out there-- Kaspersky's tools, Combofix, GMER-- are closed source.

Re:Security by Obfuscation (0)

Anonymous Coward | more than 2 years ago | (#38609584)

After the snort company guys bought ClamAV, they offer a sister product with is pretty much ClamAV with realtime scanning. It's not open source, but free of charge, and as far as I can understand it still uses the open source stuff underneath. It's called Immunix.

Outsourcing (-1, Flamebait)

muphin (842524) | more than 2 years ago | (#38606984)

that's what happens when you outsource your programmers to India.

Re:Outsourcing (2)

TechMouse (1096513) | more than 2 years ago | (#38607568)

that's what happens when you outsource your programmers to India.

The Indian military outsources to India? Impressive.

It's not stealing! (1, Interesting)

Anonymous Coward | more than 2 years ago | (#38606988)

Since the original source code wasn't destroyed and is still in the hands of Symantec, and the hackers merely made an identical copy without permission...

then it's not theft, it's copyright infringement.

I don't understand the implied risk (2)

msobkow (48369) | more than 2 years ago | (#38607032)

Does the code include the keys that would be needed to inject bad/malware virus definitions, causing user's machines to delete files that weren't viruses? Does this open up some sort of command-and-control channel over users machines aside from that risk?

Re:I don't understand the implied risk (1)

msobkow (48369) | more than 2 years ago | (#38607048)

Or are the crackers just counting coup for filching the source code?

And yes, I'm one of those pedantic buggers who insist that they're crackers, not hackers. Crackers steal and do damage; hackers study out of curiousity.

Re:I don't understand the implied risk (1)

Aighearach (97333) | more than 2 years ago | (#38607104)

The implied risk is that the Indian military is conducting industrial espionage against the US, and then storing their bounty on internet connected computers for all the world to crack and steal.

Offshoring (4, Insightful)

happyhamster (134378) | more than 2 years ago | (#38607086)

>>The group is operating under the name Dharmaraja
>>...compromising Indian military intelligence servers.

Dear Corporations, "Investors", and CEOs,

Please do not hesitate to keep offshoring every bit of information and technology to the third world. The things you've seen so far are mosquito bites compared to the crap that will hit the fan if you keep "enhancing profits" for another decade or even less.

Respectfully,
Software Developer, a.k.a. the guy who actually has to work for a living.

Re:Offshoring (3, Interesting)

jaa101 (627731) | more than 2 years ago | (#38607240)

It doesn't sound like this falls into the offshoring category to me. Since the military is involved I guess they demanded the source to assure themselves that there were no backdoors. It doesn't seem an unreasonable step for any government (even/especially in the US) to take before using your software in a security context.

The fun is in considering what recourse Symantec has. If they didn't have some really expensive penalty clause in the non-dislosure agreement that will have been involved here they'll be kicking themselves right now. They'll also be wishing they gave themselves some way to identify the source of the leak. Their smart move would have been to insert some minor changes, e.g., to indentation or comments, to make each version released to third parties unique and therefore traceable.

Re:Offshoring (1)

LS (57954) | more than 2 years ago | (#38607624)

To be fair though, Symantec does do quite a bit of offshoring, with development offices in Beijing and Chengdu, amongst other places in Asia.

Re:Offshoring (0)

Anonymous Coward | more than 2 years ago | (#38607808)

Yes. Because this kind of thing never would happen in a "first world" country.

Re:Offshoring (0)

Anonymous Coward | more than 2 years ago | (#38609992)

However, if your coworkers are using their downtime on Facebook, YouTube, or Googling coworkers for dirt on company time using company machines (and that one is lawsuit potential it's an illegal background check), then maybe offshoring isn't so bad.

I mean, yeah there's a risk of their technology being intercepted, yeah, it gets rid of jobs that are not offshored, but if those workers have that much downtime they should be reassigned to another position to be productive or else their position has been obsoleted and they may be better off laid off but with a severance package and with job transition assistance rather than collecting their salary for minimal work.

Why steal snake oil from Symantec? (1)

Anonymous Coward | more than 2 years ago | (#38607172)

Just like watching adds for "My Clean PC" the whole computer virus industry is a scam in the first place. It all originates from the fact that someone tried to sue the pants of Microsoft about file system maintenance utilities...and in return for not going all the way and taking Microsoft to the cleaners the folks just shook hands and made a deal to leave some security crumbs for the offended corporation.

The end result was the scam about operating system security, when in reality the solution was to lock down modifications to the core system in the first place. The same way Unix does. That way all that would ever run when installed by a user would be sandboxed away from the system. The whole Windows registry policy setup and binaries having the ability to splatter dlls in \system is just plain stupid and every one with a brain knows this. Yes weld the hood shut and just allow access to functions...if the user installs malware then no problem just off the crap.

Windows has been ever so slowly coming around to this but there is still the need to appease the A/V industry ...I wonder when the gentleman's agreement will finally end. Windows could have become a secure operating system a long ago but there is a very good reason why Win98 and XP were Swiss Cheese ..it was completely deliberate!

Snake oil plain and simple and the average joe user doesn't even realize how much of a scam the Windows A/V industry really is, and how it has held back many advancements in web computing. The computer security scam will be the final nail in the coffin of the home PC industry. Hell they are all trying to get in on the tablet industry and claiming that you can infect Android ...what a bunch of scam artists! If a user installs malware then so what...who the hell needs a utility to remove cruft other than when using Windows? And even now Windows 7 is still better at keeping the /system free of nasty binaries. But this does not matter because the home pc is in reality suffering a horrible death. My prediction is that within 3 years Apple will outsell HP, Dell, and everybody else in the home computer market. And I am certainly no fan of Apple and their hyped up crap OS.

Re:Why steal snake oil from Symantec? (1)

kodiaktau (2351664) | more than 2 years ago | (#38607306)

See story from http://tech.slashdot.org/story/12/01/05/1736245/windows-8-to-include-built-in-reset-refresh [slashdot.org] . We should double fear this one - not only will someone download crap, now they can reset their box with a push button.

Re:Why steal snake oil from Symantec? (1)

zero0ne (1309517) | more than 2 years ago | (#38607430)

Just like how System Restore works SOOOO well to protect you from infected...

Give it 6 months, and there will be a whole group of maleware that can break through to those "clean" files, so when you reset your computer, you stay infected.

Re:Why steal snake oil from Symantec? (1)

kodiaktau (2351664) | more than 2 years ago | (#38607554)

I have been waiting for MS to install this http://www.youtube.com/watch?v=wvsboPUjrGc [youtube.com] feature to scare the viruses away.

Re:Why steal snake oil from Symantec? (0)

Anonymous Coward | more than 2 years ago | (#38608062)

Can you post again, but now in English?

Re:Why steal snake oil from Symantec? (0)

Anonymous Coward | more than 2 years ago | (#38608252)

Can you post again, but now in English?

I am the reincarnation of James Joyce so lookout you might not be able to understand my freight train of thought without understanding that it is written in for while loops of object oriented subjective opinion. Put in your own commas please!

DOOM! (0)

Anonymous Coward | more than 2 years ago | (#38607184)

They're going to release norton as a virus! It'll be the worst one yet!

Hell just installing it now is worse than most viruses! And way harder to actually get rid of!

The world is gonna grind to a halt!

Update: Symantec Confirms Hackers Accessed Code (1)

wiredmikey (1824622) | more than 2 years ago | (#38607198)

Update: It wasn't Norton, it was older versions of their Enterprise protection:

http://www.securityweek.com/symantec-confirms-hackers-accessed-source-code-two-enterprise-security-products [securityweek.com]

Re:Update: Symantec Confirms Hackers Accessed Code (1)

PessimysticRaven (1864010) | more than 2 years ago | (#38607408)

Great.

So they stole source code from the older version, which is probably the last time it was useful? (unlikely.)

This is what the Mayans predicted! (1)

GrumblyStuff (870046) | more than 2 years ago | (#38607208)

Computers all over the world will be infected with Norton by December and human civilization as we know it will cease to exist!

Hunh? (3, Funny)

symbolset (646467) | more than 2 years ago | (#38607212)

Stealing Symantec's source code is like stealing Typhoid Mary's soup.

Re:Hunh? (3, Funny)

expo53d (2511934) | more than 2 years ago | (#38607836)

I would be interesting to run grep through the source code. Bet you would find lines like:

# This part slows down the computer if the license is not renewed

Re:Hunh? (1)

Jahava (946858) | more than 2 years ago | (#38608674)

I would be interesting to run grep through the source code. Bet you would find lines like:

# This part slows down the computer if the license is not renewed

... and being written in a scripting language probably doesn't help either!

Re:Hunh? (1)

laejoh (648921) | more than 2 years ago | (#38608730)

For better or worse, also try this: $grep "SCO" -iR /tmp/symantec.source.code

Re:Hunh? (1)

angus_rg (1063280) | more than 2 years ago | (#38608970)

# This part slows down the computer if the license is not renewed

Nah. That would indicate they wrote it in Perl, and perl is fast at finding things. Oh wait, it could also mean TCL.....

Re:Hunh? (0)

Anonymous Coward | more than 2 years ago | (#38609262)

I know you were joking, but the small company my family owns uses Symantec AV. I've been annoyed at slow startup times so I set about to figure out what actually causes the problem. I've disabled and re-enabled all the different scanning options, The one that slows down the computer the most is the one that guards Symantec itself.

On a pentium 4, it's the different between waiting about 4 minutes or a few seconds to open a program.

Symantec slows everything down as part of normal operations. Not renewing your license causes some things to not work and is therefore slightly better, actually.

Re:Hunh? (1)

phorm (591458) | more than 2 years ago | (#38610270)

I think that's a "feature" of the AV whether or not your license is renewed...

Breach of Indian military? (0)

Anonymous Coward | more than 2 years ago | (#38607346)

Just hope they didn't get any more sensitive data [wired.com]

Awesome (5, Funny)

zerojoker (812874) | more than 2 years ago | (#38607436)

Finally someone can write a working uninstaller!

Re:Awesome (1)

ibsteve2u (1184603) | more than 2 years ago | (#38607928)

lolll...you beat me to it, so I most humbly applaud your display of perceptive intellect.

Here's to a brighter future! (3, Funny)

BagOCrap (980854) | more than 2 years ago | (#38607754)

Hope these hackers can turn the source code into something useful.

A little perspective (2, Informative)

Anonymous Coward | more than 2 years ago | (#38608114)

A lot of Symantec haters out there. Funny

Lets put some things in to perspective here.

1. Norton is a consumer product. SEP is the enterprise product - Two very different products with very different code and both have been re-written a couple of years ago. (Works a lot better than before and is less "bloated")
2. I would very much doubt that a government defense organization would be purchasing a consumer product like Norton.
3. The segments of code found are from SAV (last rolled out apporximatley 5 years ago and does not exist anymore ) and SEP 11 (released 4 years ago and is no longer sold as SEP 12.1 is the current version and this was re-written to include new technology)

Re:A little perspective (4, Interesting)

Lumpy (12016) | more than 2 years ago | (#38608706)

And both STILL are garbage. we saw a 200% speed increase on ALL our corperate Windows machines when we switched from SEP to the enterprise offering from ESET. The change was so dramatic that most of us did not believe that the ESET software was running.

Honestly, SEP and Norton both needs to have even more rewrites because it's the joke of the Enterprise world in regards to performance and reliability.

Re:A little perspective (1)

L4t3r4lu5 (1216702) | more than 2 years ago | (#38610220)

I've had NOD32 at home for years. I wish I could install it at work. However, thanks to kickbacks to the local government, Sophos consistently quote 50% lower than I can get any competing product for.

Pisses me the fuck off.

Norton (0)

Anonymous Coward | more than 2 years ago | (#38609388)

I bought Norton to go with my brand new copy of vista ultimate. I am short like close to 500.00 bucks when I leave the store.
Install Norton CD key dont work. fuck I am pissed someone key generator has used my key. Then Vista my hard drive fails are the two related was fine on XP.
So I have to get work done. Plug in a external hard drive Vista cant install to it. Put a copy of Kubuntu in the drive installs to external just fine.
Then I get a VM going and install Vista to it. Now vista running from external hard drive get my work done buy new hard drive install it boot up vista go to install key no longer works.
Now I have hundreds of dollars worth of no key software.

No problem dd my external to the new drive bam I am back in action.

Win 7 I am a no buy win 8 will be the same.
My Kubuntu is up to date and vista is still running after all this time.

My last new machine was 2005.
Untill Xmas now I have a race to the bottom Chiclets keyboard the sucks big wampum.
I am looking at you HP. Its falling apart already.
You know how all the keys are torn off at the store displays well they are not torn off they fall off all by themselves.
If it happens to the display it happens in real life.
Now they are under glass to prevent you from finding out not to stop the damage.
My rant pause.

Oh I bought another antivirus and it would not run at all. Their help was no help at all.
So If I pay for it and it don't work and I get it free and it does work.

Hey Microsoft really if your out there you really should include a gparted disk with your OS.
Are you afraid I might think you care about someone other than yourself?
Your partitioning software blows chunks.
Disk manager my arse.

Signed Humbly your home computer enthusiast.

Oh Norton, how things have changed (2)

AbRASiON (589899) | more than 2 years ago | (#38609796)

I've never told anyone this before, because it's horrifically tragically sad but I had a picture of Peter Norton torn out of a magazine pinned up near my PC when I was a kid 20 years ago. Yeah I was a complete nerd / geek, especially for performance and hardware.
Back then Norton utilities 6 was the absoloute bees knees, speedisk for DOS is still the most thorough defragger I know of, full with file reorder was the option, it ensured 0 files were fragmented and this was in the days that exceedingly few files on the disk were set as read only / system. It genuinely improved performance significantly.

Their tools were good for maybe 3 or 4 years more, possibly the first one or two Windows tools for 95 had some useful features lacking in the core OS but after that, what a shambles. To me, any machine with Norton utilities (Norton utilities NOT "Nortons utilities" while I'm at it) should pretty much be wiped clean :/

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>