Submitted by From eWeek: “Symantec Corp. has admitted to using a rootkit-type feature in Norton SystemWorks that could provide the perfect hiding place for attackers to place malicious files on computers. The anti-virus vendor acknowledged that it was hiding a directory from Windows APIs as a feature to stop customers from accidentally deleting files but, prompted by warnings from security experts, the company shipped a SystemWorks update to eliminate the risk.”
Symantec Caught in Norton ‘Rootkit’ Flap
About The Author
Adam Scheinberg
Technology Executive • Web Developer • Father • Foodie • Music Snob • OS enthusiast
Follow me on Mastodon @[email protected]
Welcome the age of the manufacturer deciding what is right for you, what you are allowed, and not allowed to do with your files, and what how you operate your computer.
Being caught is just a slap on the wrist for Norton, it won’t stop their encroaching ways.
This is the exact reason why so many people have distrust for proprietary software vendors.
What else is hiding in there?
Symantec used to be a good company with good products.
This is also a classic of example of what goes wrong when good intentions are applauded without regard for the results.
It would be more accurate to say that Symantec bought good companies that were producing great software which they then proceeded to ruin. I don’t know of any other company with such a track record for destroying good programs.
Microsoft has a pretty bad track record with buying and destroying programs as well – though afaik they’ve improved some quite a bit as well.
I won’t argue with you on that one. As for Symantec, I Beta Tested for a number of the companies they bought out and so continued to test the products under Symantec. Almost every one of the programs went from best of breed to worst in short order. I finally quit testing for them when a number of the bugs I reported were not fixed by the time the next major release came out. I submitted one bug that they never even acknowledged or ever fixed. It was getting frustrating testing programs and getting free software that I would not put on my computer.
Anyway, I hate to see the Norton name used by this company anymore. At one time the Norton name stood for some of the best software tools in the business.
I loved nortons products till we switched to win98/fat32
I loved McAfee av till 6.0
Both have become obnoxious and opressive to run.
but then… “as security threats have evolved, so have we. You can either hand control over to US(who have YOUR best interests at heart) or THEM.” Sound famailiar? I’m not buying that, and I’m not buying from them, either.
According to:http://www.cnn.com/2006/TECH/internet/05/25/antivirus.flaw.ap/index…
it seems that Norton Internet security 2006 is not affected but merely the corporate antivirus+ software.
According to:http://www.cnn.com/2006/TECH/internet/05/25/antivirus.flaw.ap/index…..
it seems that Norton Internet security 2006 is not affected but merely the corporate antivirus+ software.
No, that’s a completely seperate security flaw than this one.
…prompted by warnings from security experts…
That should tell you something right there. The lights are home but nobody is home.
What really disgusts me is that Apple Stores have Semantics’ malware prominently displayed right next to Mac hardware, like we really need it on Mac OS X.
It’s caused more problems for us that anything it’s designed to protect us from.
http://www.macfixit.com/search.php?companyID=255
It’s caused more problems for us that anything it’s designed to protect us from.
Yeah right like the CPU paste as in 82 Degree Celcius CPU heat problem: (read:MacBook Pro).
Every major piece of code has bugs,flaws and vulnerabilities and thus 0days.
The heat paste has been found not to be the problem. That news hit yesterday. The SMC Firmware Update fixes the temp problem, which was apparently a case where the Mac engineers chose quiet over cool. By cranking up the fans, it’s slightly “fannier,” but certainly cooler.
which was apparently a case where the Mac engineers chose quiet over cool.
Didn’t they evaluate the outcome of their settings before the MacBook Pro’s hit the shelves?I mean a extreme high CPU temperature can’t hardly be overlooked.I’m glad they solved the issue though.
Didn’t they evaluate the outcome of their settings before the MacBook Pro’s hit the shelves?
I couldn’t say, because I don’t know, but apparently the measure of heat above the keyboard is not accurate. The heat is pulled AWAY from the CPU, so it’s not really the CPU that is that hot, but rather, the exhaust.
The heat is pulled AWAY from the CPU, so it’s not really the CPU that is that hot, but rather, the exhaust.
This is all off-topic, I suppose, but are you trying to say that the exhaust is hotter than the CPU? Sounds like a violation of the physics/thermaldynamics to me.
are you trying to say that the exhaust is hotter than the CPU?
I’m not an engineer, just a robot repeating what I read. In order to keep the CPU cool, fans push/pull heat away from it. The CPU maintains a lower temp, but continues to heat the air around it, which in turn, is pushed out of the chassee. Maybe I’m wrong, but I’m pretty sure that’s what I read yesterday.
I believe MarkJensen is correct in that thermodynamics does not allow for cooling systems to be more than 100% efficient. Thus the CPU will always be hotter than the cooling units unless you are using an actively cooled (water cooled plate, peltier, etc) system that uses additional energy sources to cool themselves. The heat pipes used in modern laptops are pretty efficient though and can move heat away from the CPU through the chassis quite nicely. Keep cool folks…
exactly how is Symantec/Notron supposed to stop CPU temp. problems?
exactly how is Symantec/Notron supposed to stop CPU temp. problems?
By being so good it doesn’t have to run at all, silly!
(it’s a joke)
I guess that puts Norton into the Malware cathegory.
Can you imagine NAV trying to clean up it self?
Edited 2006-05-26 18:18
You’d have to download a specific removal tool from the site because the virus engine in norton couldn’t handle the job. And of course, your machine would BSOD when the download was at 98%. (read: blaster32)
So…”they” ruined the internet (malware, viruses, adware…obnoxious ads, etc)…now “they” are ruining software…so you can’t trust ANYONE. This is completely out of hand…when you can’t trust a company that’s supposed to be protecting you from the same stuff it is itself.
I personally think that the proprietary software industry will eventually alienate everyone….Linux and Open Source won’t become dominant because it’s so GOOD, but it’s because that maybe, just maybe, they can be trusted.
Can they be? Who knows….this is making me sick to my stomach….
Ok…the question is this, and I don’t know because I don’t use this product. Does the manual for the user clearly state that there is a hidden directory? Does it clearly state for the user, so that he KNOWS that this exists and what the reason is? If not…then it’s sneaky and shitty. Period.
If they were HONEST (and maybe they were, if someone can answer the question in the affirmative), then OK…I can see that their “reason” might make sense, even though it’s kind of a put-down to users…sayting that we are too stupid to know what we are deleting…but at least they told us….but if they didn’t. Forget it. No more Norton products EVER….EVER. Period. They are screwing themselves.
Here is a call for full disclosure. ALL software should tell EXACTLY WHAT and WHERE EVERY FILE…EVERY DAMN FILE does and where it goes….in a manual or some documentation. Period. Open Source does by proxy..look at the source code…but proprietary stuff should tell the end user EVERYTHING about the software he is putting on his computer. Period.
I am so mad….I’m sorry…I’ll shut up now…
This software obviously does its job extremely well in this case the intent might just be to prevent users from uninstalling it, afterall, if the user can replace their software with that of a competitor then why can’t a virus do the same. When your license runs out you’ll have to jump through some serious hoops in order to install AVG in its place, or you can just pay norton again.
Symantec products were loaded down with little more than malware by way of digging too deeply into system internals for a decade.
Nice to have it confirmed – Let’s face it, Symantec and/or Nortons has been coasting on reputation ALONE since 1995 – as their products simply have not been worthy of the reputation and praise that’s been heaped on them… Quite often screwing up computers WORSE than the Viruses/Worms/Malware/unoptimized filesystems their software is supposed to prevent.
“Let’s face it, Symantec and/or Nortons has been coasting on reputation ALONE since 1995”
Unfortunately Peter Norton has had nothing to do with the software since Symantec bought them out. They have the right to use, (or in this case misuse), the Norton name to their hearts content.
this is good for mcaffee. It will increase its sales and the trust of those affected companies.
I keep running linux.
-2501
I don’t know of any other company with such a track record for destroying good programs.
Corel and Microsoft
>> I don’t know of any other company with such a track record for destroying good programs.
Corel and Microsoft
Let’s be fair – at least Microsoft destroys THEIR OWN software, and don’t go out of their way snatching up smaller companies then ruining the products.
While Symantec has done little else.
Don’t forget MS destroyed FOX pro.
Which product did Corel buy and ruin? Or was it one of their own (in which case, which one)?
Symantec has always just sucked, I stay away from it like the plague. I use Avast anti-virus, it’s free for home users too! You just have to register for a license.