NerdNOS.net Logo

Symantec reveals security issues with PCAnywhere and corporate priorities.

Symantec has released confirmation that the hacker group Anonymous has copies of the source code to some of their products.

anonymous


Having the source code to a companies product can allow you to read through the code and find ways to bypass certain mechanisms in the program or even exploit the way the computer handles the program itself. Read up on buffer overflows if you are missing the point here.

Think of it this way, a prison is designed to be hard to break out of. It certainly becomes easier when you have the blueprints in front of you. It doesn't necessarily mean that there is a secret hole but you can plan out an attack on the weak spots if there are any.

Now the good news. The software that was affected was 2006 versions of the Norton Antivirus/Internet Security. Everyone has long since been updated from this.

pcanywhere


The bad news is two part. PCAnywhere is a Remote Administration Tool, essentially a RAT trojan similar to Netbus and Sub7 that you install on your own system to use your PC from, well, anywhere. Having knowledge of how your antivirus works is bad enough but having knowledge of a RAT that a lot of people use is almost too easy.

This editor ladies and gentlemen used to be a hacker. I circumvented my fair share of security systems and PCs in my day. The end goal of attacking a persons PC was to install a RAT so you can log in again and again and do things from that PC as a proxy. If you wanted to launch a new virus into the wild you did it from compromised systems like this. Having knowledge of how antivirus systems worked back then would have been a huge step to making that task easier. Remember what I said about blueprints to the prison.

Symantec however managed to lose the source code to PCAnywhere, a RAT, to Anonymous. This skips the whole problem of getting your malicious RAT undetected by your victims PC because PCAnywhere is a trusted application. Having someone log in and do things with the PC is what it was designed for.

Now you can argue that having the source code, the blueprints to the prison, doesn't mean anyone was at risk. This is true. The programs could have been coded properly with no loopholes.

Here's where it gets good.

As soon as Symantec learned Anonymous had the source code to those applications, they started releasing patches to fix vulnerabilities. This is good right? Listen carefully "AS SOON AS THEY LEARNED SOMEONE KNEW, THEY FIXED IT". This means that Symantec knew there were problems with the code, yet did not release patches for it. They knew about security vulnerabilities and yet instead of patching it they let it go up until the point they heard someone knew about them...for 6 years.

Think about it.

Imagine the prison has a secret tunnel that the warden knows about, to use it all you have to do is know where to look. Now imagine that the warden suddenly finds out that a group of inmates has known about the tunnel for 6 years and he suddenly decides to close it. What questions are you left with?

While no longer a hacker, this editor programs software used on networks now. I wouldn't like someone having my source code because that's my livelihood. However, I have the sense enough to know how to program without leaving big lazy holes in the software and hoping nobody knew the way around it. Properly coded software is perfectly safe to use even if the whole world can see the source code. Use Linux as an example.

Written by Ghost on 2015-01-22 18:20:37

Login to NerdNOS
Username:  
Password:  
Register with NerdNOS