Slashdot Mirror

← Back to Stories (view on slashdot.org)

Symantec Tells Customers To Stop Using pcAnywhere

Posted by timothy on from the but-I-gotta-use-it-somewhere dept.

Orome1 writes "In a perhaps not wholly unexpected move, Symantec has advised the customers of its pcAnywhere remote control application to stop using it until patches for a slew of vulnerabilities are issued. If the attackers place a network sniffer on a customer's internal network and have access to the encryption details, the pcAnywhere traffic — including exchanged user login credentials — could be intercepted and decoded. If the attackers get their hands on the cryptographic key they can launch remote control sessions and, thus, access to systems and sensitive data. If the cryptographic key itself is using Active Directory credentials, they can also carry out other malicious activities on the network."

9 of 149 comments (clear)

  1. Way ahead of you, Symantec by elrous0 · · Score: 5, Funny

    Most /.er's stopped using your products a long time ago.

    Next up, Intel CEO admits "McAfee is just bloatware that doesn't actually do anything. To be honest, most of it just runs loops that eat up CPU, so people think it's doing something and want to buy a faster Intel CPU. It hasn't stopped an actual virus since the mid-90's."

    --
    SJW: Someone who has run out of real oppression, and has to fake it.
    1. Re:Way ahead of you, Symantec by Baloroth · · Score: 5, Funny

      t hasn't stopped an actual virus since the mid-90's."

      I wouldn't say that, it seems to do a pretty good job shutting down Windows.

      --
      "None can love freedom heartily, but good men; the rest love not freedom, but license." --John Milton
  2. Come on by jayhawk88 · · Score: 5, Insightful

    If the attackers place a network sniffer on a customer's internal network...

    You've got a hell of a lot bigger problems than pcAnywhere.

    1. Re:Come on by cduffy · · Score: 5, Insightful

      If the attackers place a network sniffer on a customer's internal network...

      You've got a hell of a lot bigger problems than pcAnywhere.

      Au contraire -- if your infrastructure isn't robust against this class of attack (all internal traffic authenticated and encrypted, particularly during password exchange), you're Doing It Wrong.

      Moreover, the concept of "defense in depth" applies -- a hard outer shell with a soft inner core means that when the eventual successful attack does happen (and it will!), the damage is that much worse. You can't have decent security if you design all the internal components assuming that the outer layer will protect them.

  3. Security through obscurity? by Sockatume · · Score: 5, Insightful

    What the story doesn't mention is that the pcAnywhere source was nicked. It sounds like Symantec was aware of the weaknesses, and chose not to act until the source was stolen and the security weaknesses became public.

    http://www.channelregister.co.uk/2012/01/18/symantec_leak_latest/

    --
    No kidding!!! What do you say at this point?
    1. Re:Security through obscurity? by jesseck · · Score: 5, Interesting

      The source was stole in 2006. This means that they corrected the problems in their other products which had stolen source, but not pcAnywhere. For 5-6 years, Symantec has been selling software which was potentially compromised.

      The current reported theft happened recently, but that source code came from a theft (unreported by Symantec, but known) back in 2006. That means, since 2006, Symantec has known the pcAnywhere source was stolen, knew of vulnerabilities, and chose not to fix that product. It sounds like they patched the rest of their products, though.

  4. Who still uses PCAnywhere? by ArcherB · · Score: 5, Informative

    I remember the first time I used it. It was a Godsend. It was so nice to simply take control and do it rather than sit there on the phone saying, "Click Start. Start. It's on the bottom left. S-T-A-R-T! No, don't type it. Click the button labeled 'Start'. No, it's not on your keyboard. No, wait. Hit CTRL-ESC. Control Escape. It's on your keyboard. Press and hold control and then press and release escape. Keyboard. It's on your keyboard. Nevermind. Do you see Start on your screen?" Even though we were connecting via dialup, it was lightyears better than trying to imagine the screen the use was describing and then describing elements of it it back to them.

    But those days are long gone. Now we have RDP, VNC, WebEx, and a host of other remote desktop utilities and protocols. There is no longer a need for PCAW.

    --
    There is no "I disagree" mod for a reason. Flamebait, Troll, and Overrated are not substitutes.
  5. Re:Good Job Symantec by elrous0 · · Score: 5, Funny

    It only took you 6 years.

    They would have gotten an email out sooner, but Norton was REALLY slowing their computers down.

    --
    SJW: Someone who has run out of real oppression, and has to fake it.
  6. Re:Finish that sentence! by alittle158 · · Score: 5, Funny

    ...you might as well consider Ethernet cables to be inherently insecure...

    Shh...don't let the people at monster cable know that. They might find a new source of revenue in "encrypted ethernet cables"

    --
    If it's not on fire, it's a software problem