Everyone who owns a PC has no doubt heard of the company Symantec. The company was founded in 1982 by Gary Hendrix. It wasn't until
1991 and a successful merger with Peter Norton Computing that the
corporation became widely known to individual home PC user's, namely
for its suite of PC security software, most notably Norton Antivirus.
Over the years since then, Symantec products grew with popularity
among your average PC User - admittedly even I had a subscription
with Symantec for Norton Anti-virus at one point in time. Lately, as
you may know, Symantec has been blasted all over the news. In 2006
there are confirmed reports that a hacker successfully breached the networks of the corporation's headquarters
and downloaded several projects worth of source code relating to
current versions of some of their security software. When Symantec
announced the breach they assured customers that the simple patch or
update they released in retaliation would sufficiently fix any
exploits that could be made in the software. It wasn't until early
January 2012, last month, that Symantec made an official announcement
stating that the source code that was floating around could still
pose a threat of backdoor and allow hacker direct and full control of
a targeted system. The exploit was allegedly in the PC Anywhere
module. PC Anywhere simply allows the user to access machines
remotely.
There are even reports of a Symantec employee being tricked into
trying to bribe the hacker for return of the code. Reports say
Symantec even asked the hacker, in exchange for the measly $50K , to also make a public announcement stating they “Lied”
about the breach and did not actually have source code. The hacker released the
full source code to the public.
I find it highly questionable that after all this time Symantec
was legitimately allowed to lie in the faces of their customers, and
get away with keeping this problem covered up for so long. I
find it increasingly mind blowing that, considering all of the
failures that the security software has in terms of reliable
protection and detection of legitimate even well known threats, that
Symantec is still in the market and is still allowed to continue
its operations. It just goes to show you that being a big name in
the technology industry allows you metric-crap-tons of leeway and
wiggle room when you make mistakes.
Mal-ware, Viruses, Trojans, Root Kits, Worms, Key-loggers, Zero
Day Exploits, and other threats will always exist in this
internet and computer focused world we live in today. I believe that
Symantec should be less nervous about the release of their source
code, and more concerned with the quality of programming they are
doing. One major downfall is the fact that they purchased an already
built product that was laden with technical debt, and impossible to
re-factor due to its complexities. Instead of redesigning and compartmentalizing, they
just kept building on what was already there, which accrued the technical debt.
Another point is that Symantec, and many other big software giants
in the market today, rely on security through obscurity. Basically
the theory behind security through obscurity is that regardless of
the actual vulnerability in a system, as long as these
vulnerabilities are not known and kept hidden(or obscured),
theoretically they cannot be exploited. A good example of how this
is a bad idea could be leaving an extra key to your car in one of
those magnetic key storage containers that you can stick to your
undercarriage. Granted, you now have the added confidence of having
an extra key in case you locked your keys in your car, but now you
have added an obscure vulnerability to your car. Though nobody could
possibly know that you have a key stuck to it, it's fairly easy to
exploit if it was guessed to be there or stumbled upon.
My software engineering philosophy leans towards open source,
which also has it's benefits and risks. I feel that an open source
product,could be a big benefit because it allows more eyes on the
problems. The more eyes the better, in my opinion. Though there are
malicious intentions out there directed at open-source software,
targeting obvious vulnerabilities, similar to the Morris Worm, there
are also well intentioned hackers out there. I use hacker in a
positive connotation, to me hacker just plainly means someone who likes to
break things open, see how they work to either improve them or just
for understanding. Many people have
gotten jobs at big tech security firms after hacking systems and
pointing out flaws in a manner to entice solution.
Here are links to some of the articles I read:
http://goo.gl/fWKOs - from reuters.com
http://goo.gl/BVFhe - google news rehost from AFP.com
http://goo.gl/UOsKF - from pcadvisor.co.uk
http://goo.gl/vKU8S - email exchange article from crn.com
No comments:
Post a Comment