Products that aren't designed for Windows XP or Windows 2000

Anti-Windows Catalog

We practice what we preach at Pan-Am Internet Services

Search Products By:


Written by Gordon Fecyk, 4/27/2008

What follows is a short clip of Robert Lemos' recent dire warning about Microsoft's automatic updates system, with a simple search and replace of "Microsoft" for "Symantec." Now you tell me: Who should I be more afraid of?

When Symantec releases a patch, what they are saying -- from a security standpoint -- is, 'Here is an exploit.'

This quote was purely fantasy. The real irony, is people don't need to go to this much trouble, just to exploit Symantec.

A GROUP OF FOUR COMPUTER SCIENTISTS urged Symantec to redesign the way it distributes patches, after they created a technique that automatically produces attack code by comparing the vulnerable and repaired versions of a program.

The technique, which the researchers refer to as automatic patch-based exploit generation (APEG), can create attack code for most major types of vulnerabilities in minutes by automating the analysis of a patch designed to fix the flaws, the researchers stated in a paper released last week. If Symantec does not change the way its patches are distributed to customers, attackers could create a system to attack the flaws in unpatched systems minutes after an update is released by the software giant, said David Brumley, a PhD candidate in computer science at Carnegie Mellon University.

When Symantec releases a patch, what they are saying -- from a security standpoint -- is, 'Here is an exploit.'

ROBERT LEMOS AT SECURITYFOCUS went to great lengths to point out Microsoft in his piece. Securityfocus has this track record of nitpicking Microsoft, even though their sponsor is guilty of following Microsoft's practices.

Securityfocus is "Symantec's online magazine." They make money when Symantec makes money. And Symantec makes money by selling computer security products. Yes, I know, these products fail to do their job. But that doesn't matter, because they do sell. Average users are so afraid of malware that they'll do anything for a perceived sense of security, including buying after-the-fact products like Symantec's.

Symantec has a vested interest in fear. They paid Google for keyword hits during the sulfnbk.exe hysteria in 2001 to direct panicky users to them. They pay Securityfocus today for the same reason. And Securityfocus nitpicks Microsoft because they "own" the largest part of the computer industry's market. It's just easier to target your fear campaign that way.

LIKE ROBERT LEMOS EXPLAINED, "People have been doing this for years," according to Robert Graham, the CEO of a security firm whom Lemos quoted. The only difference, is Lemos focused solely on Microsoft.

You can perform a 'mad libs' game on his article and scare anyone, not just Microsoft fanboys. You can scare Apple's users. You can scare Ubuntu Linux's users. You can scare Red Hat Software's users. You can even scare Symantec's users. Just take Lemos' article, paste it into Notepad, and perform a search and replace of 'Microsoft' for your (least?) favourite firm.

The real irony? My 'mad libs' game was purely fantasy. But people don't need to go to this much trouble, just to exploit Symantec.

Related Links:

Editor Log On:
Sign up to get an editor account.



[Catalog Home]




Product Roundups

What is the Anti-Windows Catalog?

Help for New Editors

Frequently Asked Questions

Recently Edited Categories:

Computers, Notebook

Media, Video

Game, Role Play

Scanner, ID Cards


Browse All Categories

Recent Commentaries:

The More Things Change, The More They Stay Secure

The devil you know, versus the Adobe you don't

Paying for things we get for free?

Jump! Jump! Jump! Jump! Or, Windows 8: Get Over It

Don't Fear the Start Screen

Browse All Commentaries

Pan-Am Home Page Valid HTML 4.01! All trademarks are property of their respective owners.