Hackers Nab Norton Antivirus Source Code
Hackers Nab Norton Antivirus Source Code
Posted 01/06/2012 at 12:39pm
| by Brad Chacos
14
Comments
Print
Who watches the watchmen? Alan Moore took a long, hard look at that question in the classic Watchmen graphic novel, but today we finally got a firm answer – at least if by “watchmen” you mean “computer security companies.” Symantec got the virtual equivalent of egg in the face after an Indian hacking group going by the name of “The Lords of Dharmaraja” managed to get their digital hands all over the Norton antivirus source code.
Actually, as embarrassing as it is, the theft isn’t as bad as it sounds. According to The Register, Norton confirmed that the hackers indeed had a portion of source code, but from a 2006 enterprise version of the software, not anything recent or consumer-focused.
“This does not affect Symantec's Norton products for our consumer customers,” Norton said in a statement to the website. No current versions of enterprise software are considered vulnerable either, and at this time, Symantec doesn’t believe any customer data was stolen.
So how’d it happen? That’s up in the air. All Symantec will own up to is that the breach occurred from a third party, not its own servers. Still, plenty of people must be might red-faced right about now.
More like this
14
Comments
Comments are closed on this article
aarcane
January 06, 2012 at 3:16pm
If norton security was worth half the code in their repository, it would be open for public review at the very least. The fact that they don't make it publically available indicates that they KNOW of security vulnerabilities in their code base and don't want them known to potential CRACKERS, or worse and more likely, that they suspect possible vulnerabilities but don't know how or where to fix it.
If they truly had confidence in their product's abilities, they'd open up the source to public scrutiny. (Though I do understand why it's not open sourced completely. Not like there aren't dozens if not hundreds of companies using an open source business model effectively)
frizzly
January 07, 2012 at 3:04pm
any code can be hacked and or modified. it is better to be safe than sorry. it is all a matter of security.
blkpanthr
January 06, 2012 at 3:45pm
Thats a bit harsh...
There is allot of IP involved with the old code, some of it may carry forward in the new code base.
They are certainly not going to give up trade secrets...
thetechchild
January 06, 2012 at 6:27pm
Oh really? So if I watch a movie, I don't see the "trade secrets" they used to make it a good movie? Or if I watch a "making of" documentary? And why do patents require that you submit a design that is publically available for viewing?
warptek2010
January 07, 2012 at 1:21am
Have you ever saw what the movie industry calls a daily? Basically, it's a snippet of un-edited, un-processed film of a scene shot that very day. No music soundtrack, no sound effects, no SFX, no color processing, nothing but 100% raw footage. You would not even recognize a daily of one your own favorite films.
blkpanthr
January 06, 2012 at 9:53pm
because in a movie you are viewing the "End Result", not the process used to make it.
Just like in AV, you see the end result: the notification, not the process used to get there...
In a documentry, u see the apartatus used, you dont see the editing, or the specific process used for the CGI...
kixofmyg0t
January 06, 2012 at 2:56pm
They got part of the source code to the old bloated Norton?
Thats cute.
Doesnt matter in reality. The current Norton was built from scratch back in 2010.
eikichi
January 06, 2012 at 1:13pm
It would be a cleaver twist if Norton cooked this up himself (or faked it) in order to pressure enterprise customers still running older Norton AV suites to finally update their service contracts.
blkpanthr
January 06, 2012 at 1:33pm
i doubt very seriously there are many enterprise customers still running it.
Most companies take anti-virus/security very seriously...
PS: fix the damn spam! the spam is now replying to other spam. Its completly made the track function a pain in the ass.
Brad Chacos
January 06, 2012 at 1:30pm
That would be clever, but I have to ask: conspiracy theory much?
Cleaver
January 06, 2012 at 12:45pm
If anyone is still rocking Norton 2006, then they probably deserve to have their security comprimised anyway.
Connect with MaximumPC
Featured Content
The gang discusses the GTX 690, Trinity, Ivy Bridge, Amazon, big-box stores, MMOs,...
This month's issue
Feature
Build a PC On Any Budget
Feature
Cloud Services Showdown
How-To
Encrypt Your External Drive
Build It
Upgrade an X58 Rig
Most Commented Articles
Latest Max PC Tweets
- maximumpc: Original RickRoll Video Returns to YouTube After 24-Hour Copyright Hiatus http://t.co/MaH9Sxyy1 day 14 hours ago
- maximumpc: Corsair has decided not to go forward with its $78 million IPO, citing weak equity market conditions http://t.co/A5a4DAzj1 day 14 hours ago
- maximumpc: Want to work at Maximum PC? Our Online Managing Editor, Alex, is moving away, so we need a new one. http://t.co/9Z7JCh0E3 days 11 hours ago
