Slashdot Mirror

← Back to Stories (view on slashdot.org)

Symantec Looks Into Claims of Stolen Source Code

Posted by samzenpus on from the all-your-code-are-belong-to-us dept.

wiredmikey writes "A group of hackers claim to have stolen source code for Symantec's Norton Antivirus software. The group is operating under the name Dharmaraja, and claims it found the data after compromising Indian military intelligence servers. So far it's unclear if the claims are a significant threat, as the information posted thus far by the hackers includes a document dated April 28, 1999, that Symantec describes as defining the application programming interface (API) for the virus Definition Generation Service. However, a second post entitled 'Norton AV source code file list' includes a list of file names reputedly contained within Norton AntiVirus source code package. Symantec said it is still in the process of analyzing the data in the second post." Update: 01/06 07:05 GMT by S : In a post to their Facebook page, Symantec has now said some of their source code was indeed accessed, but it was four or five years old.

6 of 116 comments (clear)

  1. Why does the Indian military have the source???? by Anonymous Coward · · Score: 4, Interesting

    Wow, so the Indian military works with major US vendors like Norton to spy on their own people (and I assume other countries people since it will be the same source????)

    I assume they have the source code so they can insert extra bits and dispatch spyware the next time Norton auto-updates?

    You get an auto-update, they get a spyware app into your PC. Is that it?
    I don't think the scandal here is that the source code was stolen, it is a scandal that Norton cooperates will military spyware!!

  2. Re:Huh, and this does...? by bmo · · Score: 3, Interesting

    They don't.

    1. Write virus code
    2. Load up a machine with the top 10 virus scanners.
    3. Load your virus code
    4. Let them scan.
    5. If they detect it, modify code and go to 3 else 6
    6. Release the hounds.

    --
    BMO

  3. Re:Bleh! by MightyMartian · · Score: 3, Interesting

    Ghost was a decent product. I stopped using it years ago in favor of Clonezilla.

    --
    The world's burning. Moped Jesus spotted on I50. Details at 11.
  4. Re:Offshoring by jaa101 · · Score: 3, Interesting
    It doesn't sound like this falls into the offshoring category to me. Since the military is involved I guess they demanded the source to assure themselves that there were no backdoors. It doesn't seem an unreasonable step for any government (even/especially in the US) to take before using your software in a security context.

    The fun is in considering what recourse Symantec has. If they didn't have some really expensive penalty clause in the non-dislosure agreement that will have been involved here they'll be kicking themselves right now. They'll also be wishing they gave themselves some way to identify the source of the leak. Their smart move would have been to insert some minor changes, e.g., to indentation or comments, to make each version released to third parties unique and therefore traceable.

  5. Re:Bleh! by Spy+Handler · · Score: 4, Interesting

    I also use clonezilla alot, and I agree it's a good product in terms of function. But it has the shit-worst user interface ever (for something that's at least moderately popular). Its UI looks like a badly copied version of the text menu from the mid-90's Slackware installer, I swear.

  6. Re:A little perspective by Lumpy · · Score: 4, Interesting

    And both STILL are garbage. we saw a 200% speed increase on ALL our corperate Windows machines when we switched from SEP to the enterprise offering from ESET. The change was so dramatic that most of us did not believe that the ESET software was running.

    Honestly, SEP and Norton both needs to have even more rewrites because it's the joke of the Enterprise world in regards to performance and reliability.

    --
    Do not look at laser with remaining good eye.