I’m better at the expository writing than I am at the news reporting, but I came across something in my random web searching that I felt should be passed on: A hacker group has stolen code from Symantec. Symantec is best known for their Norton Antivirus program, but they make other products such as a Firewall, a Security Suite, and a program called PC Anywhere.
Links to the real news stories are below, but I wanted to throw out my two cents on this whole thing: Don’t panic.
Yes, it’s scary to see a security company get infiltrated. Frankly, it’s a bit concerning for a lot of reasons. But they’re not ignoring the issue, and that’s key. Symantec is stating that the code stolen is six years old, and while that is ancient in computer terms it doesn’t mean the code is worthless because it is very likely that much of that code is still in use today.
That’s ok though. There’s still time.
Symantec is working to patch their code, and never before have so many eyes been turned to code security.
Should you worry if you use a Symantec product? No, not yet. But if you don’t see a patch soon it may be worth switching to another antivirus software.
Should I download anything that says verified by Symantec? Yes – but give it an extra scan before running it.
My friend / mom / brother / sister / uncle / alien uses Symantec, should I tell them about this? Yes, I see no reason not to.
I have this rash that I — I’m going to stop you there, this is the wrong site for that.
This will be interesting to watch over the next weeks as it all irons out.
Links to actual news writers (that are not me)
Symantec says source code stolen in 2006 hack
That stolen Symantec source code? It’s for older enterprise products
Symantec Hack: Company Admits Hackers Stole Norton Source Code In 2006
Stolen Symantec source code posted online by hacker
Full text of email extortion from hackers