Welcome to WebmasterWorld Guest from 54.167.10.145

Forum Moderators: incrediBILL & lawman

Message Too Old, No Replies

Symantec: Stop Using pcAnywhere Over Hack

     
9:15 am on Jan 26, 2012 (gmt 0)

Administrator from GB 

WebmasterWorld Administrator engine is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:May 9, 2000
posts:22287
votes: 236


Symantec: Stop Using pcAnywhere Over Hack [reuters.com]
Symantec Corp took the rare step of advising customers to stop using one of its products, saying its pcAnywhere software for accessing remote PCs is at increased risk of getting hacked after blueprints of that software were stolen.

The announcement is the company's most direct acknowledgement to date that a 2006 theft of its source code put customers at risk of attack.

Symantec said it was only asking customers to temporarily stop using the product, until it releases an update to the software that will mitigate the risk of an attack.

6:35 pm on Jan 26, 2012 (gmt 0)

Senior Member

WebmasterWorld Senior Member rocknbil is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Nov 28, 2004
posts:7999
votes: 0


So . . . the "blueprints" were stolen in 06 and they're saying now it is dangerous. For a company that thrives on updates, I would think a 2006 breach would be rendered useless somewhere around spring of 07. lol
6:41 pm on Jan 26, 2012 (gmt 0)

Administrator from GB 

WebmasterWorld Administrator engine is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:May 9, 2000
posts:22287
votes: 236


That's what I was thinking. It doesn't look good.
6:44 pm on Jan 26, 2012 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Dec 15, 2003
posts:2606
votes: 0


Just another reason I will warn people not to use their crappy software, and not just until they release an update for this one thing.

It is so bloated and I can't count how many computers I have had to repair from a virus or similar when the computer had some flavor or another of their virus protection.

I am surprised they are able to stay in business. If a real world security monitoring company had the same issues I have seen with Symantec then no one would use them.
8:10 pm on Jan 26, 2012 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Jan 30, 2006
posts:1599
votes: 1


pcAnywhere has been a security flaw since 1999, you hook that up anywhere and you might as well be waving a big flag and telling everyone to c'mon in!
8:30 pm on Jan 26, 2012 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:May 24, 2002
posts:894
votes: 0


The theft did not happen in 2006 but recently.

Here's an earlier report from Reuters (Fri Jan 6, 2012) Symantec: parts of antivirus source code exposed [reuters.com]
6:32 pm on Jan 27, 2012 (gmt 0)

Senior Member

WebmasterWorld Senior Member rocknbil is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Nov 28, 2004
posts:7999
votes: 0


That article doesn't even mention pcAnywhere. But it does allude to OTHER products. From the horse's mouth [symantec.com],

Symantec can confirm that a segment of its source code has been accessed. Upon investigation of the claims made by Anonymous regarding source code disclosure, Symantec believes that the disclosure was the result of a theft of source code that occurred in 2006. Since 2006, Symantec has instituted a number of policies and procedures to prevent a similar incident from occurring.


Policies. LOL . . . SHENANIGANS I say, SHENANIGANS!
9:43 am on Jan 28, 2012 (gmt 0)

Senior Member from LK 

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month

joined:Nov 16, 2005
posts:2417
votes: 17


If their code is not secure if leaked, its bad code.

Other people can right secure code and deliberately make the source available,