Symantec Norton Anti-Virus "root kit" Security Hole

mikea

Touchdown! Greaser!
Gone West
Joined
Feb 12, 2005
Messages
16,975
Location
Lake County, IL
Display Name

Display name:
iWin
Symantec Norton Anti-Virus has a "root kit" security flaw that looks really bad. You *might* be safe if you're behind a hardware firewall. At least you get to pay $30 a year for the priviledge of knowing what killed your Windows PC last week.

http://www.eweek.com/article2/0,1895,1967941,00.asp

You could get something that works as well, loads your system with less CPU-stealing crapware, and is free:
http://avast.com/eng/avast_4_home.html
 
Last edited:
Re: Symantec Norton Anti-Virus Security Hole

You know, it was just a couple weeks ago that someone was ragging on me for NOT being smart enough to keep my system updated with the latest and greatest the instant new stuff becomes available.

Modern computer software lesson #1: When something new or a new version hits the market, step back, count to 16384 and let someone else find the problems first, THEN go get the fixed version.
 
FYI if you bought the store version of this you are ok, it is the corporate versions that are at risk.

eEye said it appeared consumer versions of Symantec's Norton Antivirus software -- sold at retail outlets around the country -- were not vulnerable to the flaw, though consumers who are provided Symantec's corporate edition antivirus software by their employers for use at home may be affected.
 
Last edited:
I have a feeling it's just tied into the fact that Symantec's setup allows an administrator to "push" updates to the clients. Might look a little bit deeper into this since we have it on campus.
 
wbarnhill said:
I have a feeling it's just tied into the fact that Symantec's setup allows an administrator to "push" updates to the clients. Might look a little bit deeper into this since we have it on campus.

That is what I think the issue is related to as well.
 
Re: Symantec Norton Anti-Virus Security Hole

fgcason said:
You know, it was just a couple weeks ago that someone was ragging on me for NOT being smart enough to keep my system updated with the latest and greatest the instant new stuff becomes available.

Modern computer software lesson #1: When something new or a new version hits the market, step back, count to 16384 and let someone else find the problems first, THEN go get the fixed version.

The problem, of course, is that the software companies want to gain revenue by selling upgrades. So, companies like Symantec, Intuit, and others stop supporting older software - forcing you to upgrade whether you like it or not. And they often provide features that you don't need or use (a/k/a forced bloatware).
 
Re: Symantec Norton Anti-Virus Security Hole

wsuffa said:
The problem, of course, is that the software companies want to gain revenue by selling upgrades. So, companies like Symantec, Intuit, and others stop supporting older software - forcing you to upgrade whether you like it or not. And they often provide features that you don't need or use (a/k/a forced bloatware).

True, however so far (they'll get over this oversight eventually) they're not discontinuing support and forcing an upgrade the very instant the new version comes out. They still support older stuff well into the "oh #$*& we screwed up really bad" mass distribution phase of the upgrade process. It's much less of a hassle as an individual to wait until after their engineers and the mass population has a heart attack and fixes the problem.

Some people call that intentional delay being a caveman luddite. Some people, usually the victims, call that same delay absolutely inspired genius wisdom.
 
All software companies want to churn and burn. They need recurring revenue. Even Microsoft will "force" you to get the new Windows. Symantec effectively has NAV in a subscription model where you can't get virus definition updates when your $30 a year license expires. Because people like me after a few times refused to pay $29 for the new version to get one more color in the pie chart, Intuit has disabled online banking in older versions of Quicken. That is making me wary of putting my stuff in Quicken and Quickbooks, althought there aren't many alternatives.

There have been some EULAs, inclduing some from Microsoft that say you agree to allow to them access to disable software functionality when they choose.
 
smigaldi said:
FYI if you bought the store version of this you are ok, it is the corporate versions that are at risk.
Oh. Good info. Thanks, Scott.
 
mikea said:
All software companies want to churn and burn. They need recurring revenue. Even Microsoft will "force" you to get the new Windows. Symantec effectively has NAV in a subscription model where you can't get virus definition updates when your $30 a year license expires. Because people like me after a few times refused to pay $29 for the new version to get one more color in the pie chart, Intuit has disabled online banking in older versions of Quicken. That is making me wary of putting my stuff in Quicken and Quickbooks, althought there aren't many alternatives.

There have been some EULAs, inclduing some from Microsoft that say you agree to allow to them access to disable software functionality when they choose.

Yep, one more way of selling crippleware - and overcoming state law objections to self-help-shutoff of software.

Quicken is also shutting off .qif and standardized exchange formats. Part of the reason for that is to make it difficult or impossible to switch to another vendor's products.

BTW, I'm playing with Moneydance as an alternative to Quicken. So far, it seems to have the functionality I want. And it will run on Linux.
 
mikea said:
All software companies want to churn and burn. They need recurring revenue. Even Microsoft will "force" you to get the new Windows. Symantec effectively has NAV in a subscription model where you can't get virus definition updates when your $30 a year license expires.
It's a for-profit company, for crying out loud. Of COURSE they're in it to make a buck. Why do you guys get all riled when someone wants to get PAID for a regularly updated product? This stuff doesn't get done for free.

Microsoft just recently dropped support for older versions of Windows but Win2000 is STILL supported...six years later. And no one is charging for security or OS updates.

Symantec charges for virus signatures, yes. Consider it in parallel to insurance or vaccinations. But I've still got a few 8.0 versions of SAV/NAV floating around that I haven't gotten around to upgrading yet and guess what? Same signatures are working there, too. So upgrading is not a requirement to continue getting virus protection with SAV.
 
Brian Austin said:
It's a for-profit company, for crying out loud. Of COURSE they're in it to make a buck. Why do you guys get all riled when someone wants to get PAID for a regularly updated product? This stuff doesn't get done for free.

BA,

I'm not fussing about paying for an upgrade. I neither want nor need an upgrade - and if I do, then I'll fork over.

What I am complaining about is disabling features in the software that were provided and sold to me originally with no termination date. Since the file formats on internet downloads remain the same, Intuit could simply continue access to the referring server (their version of name server) as opposed to disabling it under the older versions. Or allow the references to download sites to be stored within the local version of Quicken (which is, as best I can tell, is what Moneydance does).

There simply is no reason for me to upgrade Quicken based on my usage - the ONLY reason for upgrade is that I am forced to because Intuit has chosen to disable the internet functionality (that was a selling feature included in the software to start with). There is no technical reason that the download feature need be disabled, other than to sell new copies of the software that further lock you into their platform. In some places, what Intuit has done would be called "fraud" in that they sold a product that would have a functionality and they've chosen to disable it. There is no work required on Intuit's part to keep the functionality.

As for Norton, fine, sell the virus subscription. There is work that goes into keeping the database updated, etc. As you note, it is still possible to download definitions, even for a version that is no longer supported.
 
wsuffa said:
I wasn't addressing your post nor the Intuit strategy. Personally, I gave up on them a while ago but it's their product and their license to do with as they please. Some will upgrade, some will forego the missing features and others, such as yourself, will move to a different platform.

Personally, I hire accountants for that stuff. :D
 
Re: Symantec Norton Anti-Virus Security Hole

wsuffa said in part..

wsuffa said:
The problem, of course, is that the software companies want to gain revenue by selling upgrades. Companies like Symantec stop supporting older software - forcing you to upgrade whether you like it or not. And they often provide features that you don't need or use (a/k/a forced bloatware).

There is a LEGAL way around it. Do like I do. I have my 120 gig H.D. partitioned so my "C" partition @ 8 gig's holds my WIN 2000 Pro O.S. only. All my other programs are on my other partitions. Once a year I "Format C" (I'm told you should do this once a year anyways).. and re-install 2000 Pro.

There's only a couple of programs that I have to re-install by hand, Norton Anti-Virus being one of them.. while the rest of what I have is pick up and linked into the registry on the O.S. re-install.

Seeing I bought Norton Anti-Virus ver 4.0 in, I believe 1997.. and am the ORIGINAL owner, under the license agreement there is NOTHING that says I can't re-install Norton on my computer to my harts content. Once installed I go to the automatic virus definition update and.. wa-la! Updated and good for the next year. Been doing this for the past several years with a couple of my programs.

I've read the Symantec License & Warranty that came with the software.. and there is NOTHING in there that forbids me from doing the above. The only three things it explicitly says I can't do are: 1.) Install on more than one computer, 2.) Give a copy to someone else, or 3.) Install it on a network.

There ya go folks..

Dakota Duce

"May All Your Flights Be Of Good Weather!"
 
Re: Symantec Norton Anti-Virus Security Hole

Dakota Duce said:
wsuffa said in part..



There is a LEGAL way around it. Do like I do. I have my 120 gig H.D. partitioned so my "C" partition @ 8 gig's holds my WIN 2000 Pro O.S. only. All my other programs are on my other partitions. Once a year I "Format C" (I'm told you should do this once a year anyways).. and re-install 2000 Pro.

There's only a couple of programs that I have to re-install by hand, Norton Anti-Virus being one of them.. while the rest of what I have is pick up and linked into the registry on the O.S. re-install.

Seeing I bought Norton Anti-Virus ver 4.0 in, I believe 1997.. and am the ORIGINAL owner, under the license agreement there is NOTHING that says I can't re-install Norton on my computer to my harts content. Once installed I go to the automatic virus definition update and.. wa-la! Updated and good for the next year. Been doing this for the past several years with a couple of my programs.

I've read the Symantec License & Warranty that came with the software.. and there is NOTHING in there that forbids me from doing the above. The only three things it explicitly says I can't do are: 1.) Install on more than one computer, 2.) Give a copy to someone else, or 3.) Install it on a network.

There ya go folks..

Dakota Duce

"May All Your Flights Be Of Good Weather!"

The newest versions of Symantec use "product activation", so you can't get around it on the newer ones.
 
Re: Symantec Norton Anti-Virus Security Hole

wsuffa said:
The newest versions of Symantec use "product activation", so you can't get around it on the newer ones.

That's why I stayed away from Windows XP and a lot of other newer software.. "product activation". As long as you install/use one of the older non-activated software programs you're O.K.

As one of the other posters said previously.. most of the "newer?" programs are nothing more than the old program with a different look and twist on them. Results? You're paying for all that "new?" whiz-bang, which adds nothing anyways.

Even then, there's still a way around upgrading your Anti-Virus deffinition files without having to "Format C" or buy the upgrade.. but it's a pain in the *** to do it. You just replace your old outdated definition file with a more updated one. The only problem with that is you have to do this several times a year to keep it up to date. I find it easier just to do the "Format C" and after install of my original Norton set it to automatic updates. Keeps me good for a year that way.. plus "Format C" cleans up any O.S. problems I might have had.

Dakota Duce

"May All Your Flights Be Of Good Weather!"
 
Re: Symantec Norton Anti-Virus Security Hole

Dakota Duce said:
....As long as you install/use one of the older non-activated software programs you're O.K.
....

Using older versions of Anti-Virus (AV) software, especially Norton, is like not using AV at all. Between 2003 and 2006, the NAV software engine changed several times to include the testing of SPAM and other malware components. 2004 and previous versions of NAV do not test for the newer threats, even though the signature files may be included in the updates.
 
Back
Top