Security Information Vulnerability Research Security Blog

The Dark Side of Symantec

January 12th, 2006 by , Filed under: Full Disclosure, Privacy, Virus

The Genesis song “Jesus he knows me” has the line “Just do as I say, don’t do as I do” about a priest that does everything for money except what he’s suppose to…

Well it seems that Symantec is like that priest. It seems that they created an hidden directory in Windows that nothing can find it.

They hidden the folder by using Norton Protected Recycle Bin to a folder named NProtect.

Now on that folder they placed files that they did not want others to delete. Or in other words: They created a rootkit.

The person that discovered this rootkit is Mark Rosonovitch that also found the Sony rootkit.

And if you really want to remove it (why should you? don’t we want to have rootkits on our system?!), Symantec released a “fix” for this vulnerability.

Now I have an open suggestion for law enforcement and legislators out there: Please define such acts like Sony’s and Symantec as a crime and fine Sony and Symantec for it.

Share
  • David

    Don’t install Symantec then, there’s an EULA in the beginning..

  • m1sha

    the folder is hidden the NProtect Recycle bin isn’t and what it is and what it does isn’t…very plain when you install, and sets up a desktop icon (very well hidden so far) tons of help file info on what it is…..does, how to “view” the files in the folder. View the files..oh, you can view them..yes, grasshopper you can view them..right click the icon on your desktop the one hidding in plain sight and click explore….or click properties and then the Protection tab and clear the “enable protection” tab and you can easily disable NProtect…damn that’s sneaky isn’t it….give me a break..but then that would make nearly as sensational an article now would it

  • sunshine

    Sensational? That’s for Ren and Stimpy.

    Fact, Symantec used rootkit technology.
    Fact, Bad Guys could abuse it.
    Opinion, nothing bad about using the technology itself.
    Fact, Symantec declared this a Bad Thing when they issues a FIX.

    Now, not claiming rootkit technology can’t be used for some.. useful purposes… but…

    They used rootkit technology in a bad way… or why issue a fix?

  • Lynn

    I hve been a Nortons cusomer for 15 years. They mess my computer up so much in 4 days, you can not even imagine@ DO NOT LET THEM HAVE REMOTE ACCESS TO YOUR COMPUTER, I had to do a complete system recovery and lost everything!! Their Tech support sucks. All they want is your money!!!! BEWARE

  • Share







  • Categories


Security RSS Subscribe