Symantec Users Get Busy!
After a hiatus for a while because of health problems, I thought to start the New Year by getting back to keeping everyone up to date on happenings in the computer world. Today, I wanted to bring everyone up to date on things Symantec.
I do want to be upfront though. I am NOT a fan of Symantec Corporation and its products. In the beginning, the company was a very good company which did a lot of things right and well at the same time. It cared about its customers, engaged with them directly and often, and was quick to address problems with their products.
However, the company starting buying up other companies under current chairman and former CEO John Thompson, to drive up its share price to please Wall Street and which also began to affect the development of its basic products where today none of them would I consider a well-done professional product. We at CEBUG have been privileged in the past to have had Symantec sponsor and conduct a few of our user group meetings, but that was another time and since then so has my drop in the confidence of their products which comes after a period of some decline.
Now Symantec has been in the news quite a bit lately because of a series of network breeches in which code has been stolen and compromised. As some readers are aware, Symantec over time, like nearly all AV vendors, has been guilty of publishing bad AV definition updates and has also been guilty of being slow to publish timely updates to their products. This has also translated into slow and, in my view, non-essential updates to the AV product engines along with their other software products. They have also killed off some decent small business products because of demand which I have always thought was more of a poor marketing effort to push those products.
Now comes reports that several of Symantec’s products source code has been published to the web by hackers such as Anonymous for what appears to be extortion for either personal gain, or corporate embarrassment. What has come to light is that Symantec has either offered, or been forced by, foreign governments to make available their security products source code over time. Recently, it was revealed that one country's military was hacked and the Symantec source code was stolen. On top of this, Symantec has admitted that its own network has been broken into by hackers and source code has been stolen. What is incredible about this is that Symantec knew of the network attack 6 YEARS ago!
At the present time, Symantec is telling its customers that all of the source code was old and is not of any consequence. However as we all know, product source code is not completely rewritten when new versions are made available, and old code has a habit of creeping back into new products. Symantec has made the statement that the problem was related to one specific product, but as time has slipped by, we are finding out that many of Symantec’s security products are included in these hacking attempts.
So this all boils down to what has been compromised. What I will restate is that old source code exists in all current and newly developed products, everyone has to take these threats seriously. I would NOT take the vendors’ assurances that they have the problems under control seriously either. The products known to be compromised are the PCAnywhere and Norton SystemWorks. The Norton AV products are also considered to have been hacked and the End Point Protection was recently patched because users reported that malware was being sent from their networks being protected by the End Point product.
Many of us in the computer field have come to the conclusion that the time has come for users to take stock of their Symantec products and seriously consider replacing them with other vendor's competing products. As most people who know me know that I have a short list of vendors that I recommend for these kinds of products, I recommend you check on my website or make a call so you can deal with this problem now. You cannot put this off much longer. Review what you have on your computers and networks, and start removing Symantec products to better protect your data, identities, and other important files.