Slashdot Mirror
Norton Users Worried By PIFTS.exe, Stonewalling By Symantec
An anonymous reader writes that "[Monday] evening, on systems with Norton Internet Protection running, users began to see a popup warning about an executable named PIFTS.exe trying to access the internet. The file was shown to be located in a non-existent folder inside the Symantec LiveUpdate folder. There were several posts about this to the Norton customer forums asking for help or information on this mysterious program. The initial thread received several thousand views and several pages of replies in a few short hours before being deleted. Several subsequent posts to the Norton forum were deleted much more quickly. These actions — whether actively covering up, or simply not well thought through — have spurred people to begin crafting conspiracy theories about the purposes of this PIFTS program. I for one am blocking the program until more information becomes available." The current top link on Google for "PIFTS.exe" links to one of these deleted questions on Norton's support boards, which sounds innocent enough: "I searched this forum but did not see PIFTS.exe. Any idea what this is?"
That sounds a little too much like "James Bond" to me, mr anonymous poster. I think we should wait until someone disassembles it and looks at what it's doing.
Cory Doctorow talking about cloud computing makes as much sense as George W Bush talking about electrical engineering.
You should run a virus scanner, just to keep from accidentally forwarding viral crap to other people. Infected files and attachments, etc. And assuming you're safe is equally foolish. I run plenty of security software on my linux boxes.
Norton, however, is a turd. Anyone who runs Norton gets what they deserve. It's like a parasite that eats cycles for no reason, and cannot be removed without killing the host.
ad logicam Claiming a proposition is false because it was presented as the conclusion of a fallacious argument.
If it is a rootkit, having it evade a well know commercial virus scanner would be no real surprise. Most are still using signatures for finding sequences of *known* code, and a rootkit can pretty much lie and tell the virus scanner anything it wants as far as any bits of memory on the computer, code or data. Signatures are a failure, and any virus scanner that doesn't give that up and move on to a heuristic approach is doomed to failure too. Covering up the fact that you don't know what bits of code to look for is about all they can do right now. In a couple days they might get a copy of it, run it through IDA Pro, generate a signature, and finally push it out to all the infected PS's on the Internet. Its really a sad paradigm. The only sure fire way is to have the OS integrity itself to be self verifying but too many people are afraid of loosing control over their system to some type of DRM'ed OS. Or in having system failures that can't even be patched or changed due to draconian measures internal to the OS. There is a middle ground but so far no one is going there. This should be built in, not an add-on after market chewing gum and bailing wire solution like virus scanners are. Time for Microsoft and/or Symantec to buy a clue. Rootkit or not, Symantec needs to get their act together.
I call shenanigans. This comment has all the earmarks of an urban legend. An anonymous post claiming to have insider knowledge from another anonymous post.
Why would a third party "security" product require a secret law-enforcement backdoor? The FBI, CIA, NSA, etc. would simply have Microsoft provide a backdoor into ALL of Windows. They wouldn't waste time with a commercial product that only some Windows users install. Why go that route when going the MS route would ensure a backdoor into all systems and not just a very small subset of systems?
CIPAV is not something added willy-nilly into commercial applications. It's basically an extremely well designed rootkit that the FBI, etc. targets against specific users & computers by tricking users into installing it. (social engineering, etc.)
The second that Linux gets above a 50% market, it will also be targeted by viruses, and anti-virus will then be a must for Linux.
So, unless we want that to happen: Keep quiet and enjoy your virus-free Linux.
It's a clue for you to stop using a platform where you must run anti-virus software and to finally switch to something better and come to the 21 century of computing.
I've been using Linux not quite as long as some, but probably longer than most. Quite probably longer than someone, like the parent poster, who has a Slashdot user ID five times larger than mine, especially since I lurked on Slashdot for a few years before getting an account. For me, Linux has been my primary computing platform for over 15 years, and, before then, it was Unix, or, prior to that, one of the DEC predecessors leading back to the early 80s. I have used machines running ITS, one of the first timesharing systems, when they were still contemporary.
That said, I'm tired of this dribble. Unix (in the industrial versions) had / has nearly no viruses or malware because there were very few people using it in total numbers. There was and continues to be little to be gained by writing a virus for these systems: no press coverage, no botnet of millions of computers. It doesn't pay. It isn't worth the effort. Same for Linux: the market is still too small. Same used to be true for MacOS, but that's starting to change as it increases in popularity.
Contrast this with Windows boxes that are so ubiquitous that a half-talented virus writer has a decent chance of getting their malware into hardened sites like the Pentagon through social vectors (eg, an absent-minded worker who uses a USB key on both home and work computers by mistake).
Linux has no viruses because the market is too small. To think that it is immune to attack from malware is naive at best, and, more probably, self-deceptive. If Linux starts to enjoy 10, 20 or 30 percent market share, we will see Linux-targeted malware become a common nuisance. We already see Firefox-specific browser exploits (but for Windows boxes). FOSS isn't somehow magically immune from nuisance teenage activity or out-and-out criminal intent.
So, please, enough of the holier-than-thou attitude.
Put my fist through my alarm clock with its ding-dong death inside my ear. - The Blackjacks.
Posting on Norton's forums is a fundamental human right?
> Linux has no viruses because the market is too small
Well, even assuming this is the only reason (a bit questionable due to the situation with web servers), exploits usually are not particularly portable. And since each distribution compiles their own version, Linux reaching 50% market share actually might _not_ be enough, but what you would need might actually be a _single version_ of a _single distribution_ reaching 50%, which is far less likely.
Welcome to Slashdot - you must be new here. Let me fill you in on how things work hereabouts.
1. Free Speech applies to everything, all of the time, and you don't have to take responsibility for either your words or your actions, unless you are "Teh Man".
2. The higher your UID, the more likely that you believe in 1. with religious fanaticism.
3. Spelling and grammar don't count, no matter how poor.
4. Neither do organization or coherence: You don't have to make sense, you just have to include enough buzzwords and generalities to sound good.
5. Google is good.
6. Apple is better.
7. Information wants to be free as in beer, and you're entitled to everything for free.
8. Copyright is an obsolete concept, unless you're referring to the GPL.
9. Microsoft is always evil.
10.Novell sold out.
There you go! That's about all you need to know to fit in here. So, turn off your brain, spout a few platitudes, and bask in the warmth of the resulting karma.
Peter Norton came from the mainframe world and created useful utilities for the end user of PCs and compatibles. He was a solid programmer and created a solid company. Symantec purchased him and his competition. We no longer have utilities designed by these companies.
Instead we have a company using his name. That's it. There really is no Norton any more. It's barely even a brand.
I tell people that when comparing the free antivirus utilities vs. the paid take the free, as long as they are of reputable means. The reason is that the antivirus side of things is pretty straight forward. Free does a very good job these days, and no matter how you look at it you always need a compliment of utilities anyway (e.g., Spybot S&D 1.6.2, Ad-Aware 2008 (the latest version is unstable), Windows Defender, and AV such as AVG 8).
The paid commercial product has to compete with these free competent products (and I should know I use them to clean computers every day). When the paid commercial products are released they full of bloat and attempt to integrate themselves do deeply into the OS, so much so that they become the cure worse than the disease.
Not only that the commercial products have tended over time to make customers paranoid. They need to to keep them purchasing their products. A realistic schedule for scanning, once you know your system is clean, along with continued updates for the OS, is all you need--you can be certain you don't need a paranoid schedule such as every day, every week or even every two weeks.
The flip side is that if you get so relaxed about your security you won't do it at all.
Stay away from Norton and McAfee. They are bulky, they are paranoid about their own customers constantly requiring verification of subscription just to get updates (McAfee anyone?).
Stay away from the gimmick. Do you need that toolbar? The 3rd or 4th one in your IE, or even FF? If you don't understand what the toolbars are doing you shouldn't be installing them. What are they doing? They want you to log in, just like Google and Yahoo. They want to track you and your web pages for targeted ads. I'm not saying that Google and Yahoo are gimmick software used to bait you to install malware, but I am saying that there are plenty of them that do and they are taking their directions from the likes of Google and Yahoo. The more toolbars you have the more search engine choices you install. Choose one and stick to it. Stay away from anything that's a gimmick because it is bound to get you in trouble. Windows itself never pops up a dialog box saying to buy this or that software product. Those are fake. Downloading codecs from an innocent site can also get you in trouble and you should set your system to ensure that you don't automatically download codecs.
The bottom line is that commercial software is bloated and creates paranoia, and for good reason--they die as a company if you don't resubscribe. The free products do just as good a job as the commercial. And you can't get away with just one product to defend your system anyway. It takes a compliment of them. Stay away from the gimmick. Uninstall your extraneous toolbars (or all of them for that matter). Your web browser is to browse pages not to be served ads or to be tracked by a product that you don't know is tracking you.
You can lead a man with reason but you can't make him think.