Home page logo
/

dailydave logo Dailydave mailing list archives

Symantec AV source compromised and the questions it raises
From: Mohammad Hosein <mhtajik () gmail com>
Date: Sat, 7 Jan 2012 02:24:55 +0330

"Sadly, we'll likely never know the answer."
how come ? attackers can easily post details on how they compromised the
targets and to whom they belong and considering there could be a couple of
names and , perhaps , some phones or emails included in such leak , it
shouldnt be hard to connect the dots . the cybergames between Pakistani and
Indian groups is going on for a very long time now and although people in
forums and tweets are already making conclusions about the nature of this
specific attack i'd be skeptic about it considering all that's happening
around the world , say , the close ties between India and Israel , China's
attempts to build military bases in Pakistan seeing the danger of U.S
getting closer and the shit coming with these sorts of deals . i can not
care less about the release of Symentec's products and if it has
particularly any impact on its users . instead i'm wondering since both
Pakistan and India have serious realworld Nuclear Arsenal ,and both
countries were subject to very radical attacks of different types , this
could be the start of a whole new serious concern

On Sat, Jan 7, 2012 at 12:24 AM, William Arbaugh <warbaugh () gmail com> wrote:

Security Week ran a story that Symantec's AV source was obtained (and soon
to be released) via a compromise of an Indian Military Intelligence server.
http://www.securityweek.com/symantec-investigating-possible-theft-norton-av-source-code

Symantec issued a statement that the compromise and eventual release of
the source does not place customers at risk since the source is 4+ years
old.   http://www.facebook.com/Symantec/posts/10150465997682876

Really? I guess they don't reuse code across product generations like most
vendors.

http://www.neowin.net/news/windows-has-a-17-year-old-un-patched-vulnerability

The interesting question, however, is to whom in the Indian government did
Symantec provide the source? I understand that major corporations provide
source to a number of governments for a variety of reasons- mostly for
sales and export approval. But did Symantec give it to the Indian Military
Intelligence, or did the Indian intel community obtain it from another part
of the Indian government? If the later, then any source provided to the
Indian government is in Indian intel's hands. Sadly, we'll likely never
know the answer.
_______________________________________________
Dailydave mailing list
Dailydave () lists immunityinc com
http://lists.immunityinc.com/mailman/listinfo/dailydave

_______________________________________________
Dailydave mailing list
Dailydave () lists immunityinc com
http://lists.immunityinc.com/mailman/listinfo/dailydave

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault