Full Disclosure: RE: Trivial Bug in Symantec Security Products

["Brad Griffin" <b.griffin () cqu edu au>]

-----Original Message-----
From: full-disclosure-bounces () lists netsys com
[mailto:full-disclosure-bounces () lists netsys com] On Behalf Of Gregh
Sent: Tuesday, January 04, 2005 6:33 AM
To: Disclosure Full
Subject: Re: [Full-disclosure] Trivial Bug in Symantec Security Products



> Somehow, Symantec engineers have not implemented a mechanism to
disallow a
> user from installing the patches via changing the date on their
computer
> back to when the original program was installed and then running the
> "Intelligent Updater." 
****
You think THAT is bad? Up till NIS2005 which I haven't tested so cant
say if it does or doesn't, you could install Nortons, run the year and
then wipe your machine and reinstall all then install Nortons again and
get yet another full year licence without paying a cent, over and over
and over. In short, buy once and never pay again.

Greg.
****

Well, yep. How exactly would you expect to implement a block if the
system sees the software as being installed for the first time? I guess
you must be thinking along the lines of "shouldn't Symantec place a date
check in the installer so that if the software is for example two years
old, it will not install period?" However, in the case of OEM software,
this could end up being an issue for those who buy old stock items, or
are buying end of run OEM systems.

Sil's comment relates to something that can be fixed easily with little
or no issues for legitimate users.


Cheers,
Gryph

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html