Tag: Symantec

Conflicting views on Mac insecurity news

The Register reports that the recently discovered threats are largely academic, noting too much interaction is needed on one, and that another was released as a proof of concept out of academia itself. Meanwhile, the Wall Street Journal is all over the topic, quoting a Symantec engineer who is predicting a “gradual erosion” of OS X security as the platform continues its popularity climb.

No matter which way this issue heads, I’ll still be chuckling over one Slashdot commenter’s take on the WSJ position

“A Symantec engineer predicts a ‘gradual erosion’ of the idea that Macs are a safer operating system than Windows.

Now there’s a neutral party with no agenda when it comes to security!

Honestly, the worst Mac malware I’ve seen so far had a Symantec sticker on the box.”

This is what he was referring to.

Symantec wants to fly high financially

Of course, so does every other company, but in this case Symantec is taking it literally. They’ve hired the CFO of American Airlines, Mr. James Beer.

I am sure Symantec has “high hopes” for Mr. Beer, but I don’t get the move. Pulling an executive out of an industry (and a company) with vast problems of its own isn’t exactly my idea of chasing success with success. Symantec’s President recently and quietly resigned, and the company has lingering problems that shouldn’t be there in the face of a burgeoning market for security products.

I have to wonder…is this move one to get someone on the team that is familiar with bankruptcy-related causes? Because executives in the airline industry know bankruptcy well.

To Spend More Time With The Family

It is the classic, politically correct ending to any top executive’s resignation announcement. It is no surprise that Symantec President Gary Bloom has resigned his post, particularly after the the company has had.

I just wish an executive would come out swinging.

I am leaving because the market is hypercompetitive, our products run on a platform that is unfixable from a security standpoint, and I drink two bottles of Maalox a day.

Big companies hide files – what else is invisible?

We’ve heard plenty about the Sony Rootkit fiasco, and now we find that Symantec was using similar technology in its products, invariably to hide files they didn’t want users to delete. In Symantec’s case, there may just be some legitimate need to protect users from “fouling up their protection,” but something tells me we haven’t heard the last of this. Who is the next popular software titles developer that is going to admit they are “rooting” around on your Windows machine?

Open source getting the security hit from both ends

When I say “hit” I don’t mean getting hammered either.

Novell just announced that they are going to be releasing their AppArmor intrusion prevention software under the GPL. The product will likely get some improvements from the OS community, albeit at the expense of Homeland Security adding many line items on the Linux side of their less than accurately represented vulnerabilities list.

You gotta wonder, however, if the whole US-CERT list thing was a public relations move, as Homeland Security just made a grant to three groups to improve open source security. Yep. Over a million bucks is going to Stanford University, Coverity, and Symantec to work on OS bugs. The Stanford/Coverity bit makes total sense to me – Coverity has a service that allows you to upload your C/C++ code to their system, at which time they scrub the heck out it looking for unnecessary complexity and the potential pitfalls that go along with that. The technology, by the way, came out of Stanford. I guess Symantec is just along for the ride.

New communications trend – Instant Acquisitions

Akonix just announced that they tracked more instant message spam in 2005 than any other year since they began checking out the phenom. This news should surprise nobody, as instant messaging use is still growing strong; at major vendors of the services we’re talking double digit rates.

Timely enough, venerable security software company Symantec announced they are buying IM security vendor IMLogic. IMLogic code is injected into grandslams like Microsoft Office Live Communications Server, as well as McAfee (a Symantec preferred partner) products.

How not to sell security software

Ed Bott’s Windows Expertise site makes it clear that buying software online needs to be a bit easier. What is even more clear is that if you are buying security software, it better be crystal.

The buying process described by Ed’s cohort Carl Siechert is both convoluted and dangerous. There are a several points where I would have given up out of sheer aggravation, and several more where I would have questioned the source of what I was downloading. Most of the hoops the vendor made the buyer jump through were likely designed to protect against piracy, and/or simply give the system time to get the right license key. So be it.

The security vendor in question, Symantec. Makes you wonder whether this has something to do with their inability to make any money.

Holding my tongue on Symantec

I try touting the need for anti-virus software, no matter what platform you are on (but especially Windows…wink wink) I was a loyal user of Norton Anti-Virus on the little Powerbook, even though Symantec tripped up now and then.

But I have several conflicting data points now, and am beginning to wonder. At first glance, Norton may seem like the best of the worst, and that is certainly better than the alternative. But the company can’t seem to make much money from being at the right place at the right time, and now we find that their anti-virus software may have some serious holes. Even if the exploits are the result of hackers bored with trashing Microsoft, it pays to be fair. I found alternatives to Microsoft’s OS, so why shouldn’t I look for alternatives to Norton.

Which anti-virus does the least good?

Gotta give Mike over at Techdirt credit for picking this one up. It seems anti-virus software is susceptible to scanning flubs (like skipping malicious files altogether), due mainly to the need to scan so many files so quickly.

But one anti-virus software provider has either not been tested for the exploit, or is NOT susceptible to it.

Can’t profit from protection

Folks are getting lazy about computer protection (not that they were diligent in the first place) or everyone is moving to OS X. Either way, Symantec is not reaping the benefits of our insecure computing world. While are large part of their loss was charges related to the Veritas aquisition, analysts don’t see a silver lining in the clouds.