Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

There's a couple surreal quotes in here. Like asking the Chinese Ministry of Defense to comment.

"A Symantec spokesman said that, as a matter of policy, the company does not comment on its customers."

Uh huh. Even when it's the customer doing the asking? Way to hide behind the policy.



About Symantec's technology, it is worth noting that antivirus scans are based on identifying malware in one place, then being able to recognize that malware everywhere. This does not particularly help you recognize malware that was custom made to only be installed in one location. Particularly not when the people who were making that malware themselves have access to your anti-virus scans prior to deployment and can verify on their own computers that you do not detect them.

Therefore there is no surprise that Symantec failed to provide any meaningful protection during this attack. They know this. But they hardly want to admit it in front of all of their customers.


But see, the thing is, that's not what it says on the box. http://us.norton.com/antivirus/

"It's okay to blink, because we never do – SONAR technology and live 24x7 Threat Monitoring watch over your PC for any suspicious behavior to quickly identify threats."

"Protection from the future, available today – our exclusive reputation and behavior antivirus technology are so advanced that they can stop online threats that bad guys haven't even created yet."


Yes. And if you engage in suspicious behavior like connecting to a botnet and then spewing spam, SONAR likely figures out that something is wrong.

But remote command and control through a covert channel can be done in ways that do not look particularly suspicious. And a sophisticated attacker should be assumed to know what behaviors SONAR is looking for.


Symantec (or any software company) isn't going to comment to a reporter about why it's product didn't perform adequately, regardless of whether it's related to that reporters parent organization.

If a reporter asked Oracle for a comment every time Tumblr went down because of something related to MySQL (I have no idea if Tumblr actually runs MySQL, that's just a hypothetical), the best they'd hear is "We don't comment about specific customer information."


Surely the Times could waive whatever privacy rights they have? Your example would be more on target if Oracle told Tumblr that they couldn't comment.

What I'm getting at is, "We don't want to comment on our product." is a lot closer to the truth, they're just trying to weasel out of saying that.


Edit: It took me so long to write that that you edited your comment before I finished. ;) I think we're in agreement.

It's not really about privacy (which was why when I saw the quote in the article, I giggled, and thought "That reporter's being funny"), it's about the fact that Symantec isn't even in a position to have a comment about it.

If they were super on the ball and forthcoming, they might comment "We make software which is designed to protect users from the overwhelming majority of malware and viruses. There does not exist any solution which can completely guarantee safety from infection, but we have detected and stopped billions of threats."

Don't get me wrong, the AV industry (actually much of the security industry) should be embarrassed by how fundamentally primitive things are; it's a bunch of horseshit.

But they have absolutely nothing to gain by commenting about it, it would be walking into a hornet's nest. So they get to deflect it by saying they won't comment on a customer issue.


Sorry, I added the second part a little later.


When newspapers are making the news, they often write about it in the third person, as if they were writing about any other newspaper. Symantec would not give the NYT a quote on the record about this. It doesn't mean Symantec wouldn't give the NYT details off-the-record. The comment in the article was a response to a question from a reporter, not the Times' security chief.

For instance a few weeks ago the Washington Post broke a story about how the Washington Post was considering a pay wall.


If the CIO asks, then Symantec will probably comment, under condition that it doesn't get reprinted.

If a reporter is fishing for a quote, they won't get anything special.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: