Symantec Tells Customers To Stop Using pcAnywhere 149
Orome1 writes "In a perhaps not wholly unexpected move, Symantec has advised the customers of its pcAnywhere remote control application to stop using it until patches for a slew of vulnerabilities are issued. If the attackers place a network sniffer on a customer's internal network and have access to the encryption details, the pcAnywhere traffic — including exchanged user login credentials — could be intercepted and decoded. If the attackers get their hands on the cryptographic key they can launch remote control sessions and, thus, access to systems and sensitive data. If the cryptographic key itself is using Active Directory credentials, they can also carry out other malicious activities on the network."
Good Job Symantec (Score:5, Interesting)
According to this article [cnet.com], the source code for PCANywhere was stolen from Symantec's network in 2006. That's right . . . . 2006. Good work Symantec. It only took you 6 years.
Re:Security through obscurity? (Score:5, Interesting)
The source was stole in 2006. This means that they corrected the problems in their other products which had stolen source, but not pcAnywhere. For 5-6 years, Symantec has been selling software which was potentially compromised.
The current reported theft happened recently, but that source code came from a theft (unreported by Symantec, but known) back in 2006. That means, since 2006, Symantec has known the pcAnywhere source was stolen, knew of vulnerabilities, and chose not to fix that product. It sounds like they patched the rest of their products, though.