Analysis Of Symantec's Stance On Censorship

robochan writes "According to this report in the Sydney Morning Herald, Chief Operating Officer of Symantec, John Schwarz, was quoted as 'calling for laws to make it a criminal offense to share information and tools online which could be used by malicious hackers and virus writers.' This article takes a look at the negative affects and also a couple of recent examples of "censorship legislation" backed by the COO of Symantec, and what little effect it has had on criminals, while having a substantial affect on responsible citizens."

A clarification

[Chairboy]

An important clarification from an article on this subject a few days ago:

http://www.smh.com.au/articles/2003/09/12/106326 85 53158.html

Asked whether Schwarz would like to clarify whether he had really meant that full disclosure should be legislated against, Symantec's Asia-Pacific public relations group manager Lindy Yarnold did not directly deal with the query but said: "Symantec fully supports information sharing on threats and vulnerabilities and believes it is an important tool for consumers and IT professionals to gain a measure of early warning of potential attacks."

Re:I can respect that but!

[jonblaze]

The only reason the supreme court doesn't want to speak out, is to avoid individual justices being labeled as "Liberal" and thereby attracting the attention of the conservative horde. Who would demand the resignation of the justice, and if they were to resign, everybody would be royally screwed. The only difference between Roe V. Wade being the law of the land, and Bush's brand of christian (psychotic) conservatism is ONE VOTE on the supreme court.

Conservatives (and liberals) can "demand the resignation of the justice" all they want, but there is only one constitutional procedure for removing Justices from the Supreme Court, and it is quite onerous. See Art. II, sec. 4.

As for your other assertion that "one vote" is all that is needed to overturn Roe, perhaps you'd like to vote-count Planned Parenthood v. Casey, and rethink your position.

A reply from Symantec on Bugtraq

[biftek]

From this thread on Sept 12 (love the slow Australian IT press):

I am posting this In reference to the recent Wired article which Richard Smith posted to this list. Symantec fully supports information sharing on threats and vulnerabilities and believes it is an important tool for consumers and IT professionals to gain a measure of early warning of potential attacks.

The Bugtraq mailing list, maintained as an independent entity under the SecurityFocus brand, remains one of the most respected and open sources for security information and early alerting by security professionals worldwide and full disclosure is *critical to the integrity of the Bugtraq community*.

With regards to cyber crime we need more and higher quality resources for law enforcement to work on computer forensics, and we need cooperation from government and industry to assist prosecutors in building cases against attackers.

Given the increase in the number of security threats and the availability of online tools we also believe that the industry should focus on training and educating todaya(TM)s youth about the ethics of computer crime and its affects and impact on victims.

These are not simply my words but also an official Symantec statement.

Cheers,
-al

Alfred Huger
Senior Director Engineering
Symantec Security Response

Apparent Misquote

[KrispyKringle]

It's probably worth pointing out that this discussion took place on Bugtraq, the Symantec-owned full-disclosure mailing-list, a few days ago. Apparently, this is more of a misquote than anything. See http://www.securityfocus.com/archive/1/337333.

Re:Burglary Tools

I may even USE the exploit to patch SSHD on my system.