Norton Users Worried By PIFTS.exe, Stonewalling By Symantec 685
An anonymous reader writes that "[Monday] evening, on systems with Norton Internet Protection running, users began to see a popup warning about an executable named PIFTS.exe trying to access the internet. The file was shown to be located in a non-existent folder inside the Symantec LiveUpdate folder. There were several posts about this to the Norton customer forums asking for help or information on this mysterious program. The initial thread received several thousand views and several pages of replies in a few short hours before being deleted. Several subsequent posts to the Norton forum were deleted much more quickly. These actions — whether actively covering up, or simply not well thought through — have spurred people to begin crafting conspiracy theories about the purposes of this PIFTS program. I for one am blocking the program until more information becomes available." The current top link on Google for "PIFTS.exe" links to one of these deleted questions on Norton's support boards, which sounds innocent enough: "I searched this forum but did not see PIFTS.exe. Any idea what this is?"
use a better os (Score:3, Insightful)
Re:use a better os (Score:2, Insightful)
you could always use a system where you dont need norton.
I know, because Macs and Linux NEVER can get malware; they are perfect like that. http://www.internetnews.com/dev-news/article.php/3601946 [internetnews.com]
Re:law enforcement back door (Score:5, Insightful)
That sounds a little too much like "James Bond" to me, mr anonymous poster. I think we should wait until someone disassembles it and looks at what it's doing.
Just be honest and forthcoming! (Score:2, Insightful)
Re:use a better os (Score:5, Insightful)
You should run a virus scanner, just to keep from accidentally forwarding viral crap to other people. Infected files and attachments, etc. And assuming you're safe is equally foolish. I run plenty of security software on my linux boxes.
Norton, however, is a turd. Anyone who runs Norton gets what they deserve. It's like a parasite that eats cycles for no reason, and cannot be removed without killing the host.
Re:Rootkit? (Score:5, Insightful)
Re:law enforcement back door (Score:5, Insightful)
I call shenanigans. This comment has all the earmarks of an urban legend. An anonymous post claiming to have insider knowledge from another anonymous post.
Why would a third party "security" product require a secret law-enforcement backdoor? The FBI, CIA, NSA, etc. would simply have Microsoft provide a backdoor into ALL of Windows. They wouldn't waste time with a commercial product that only some Windows users install. Why go that route when going the MS route would ensure a backdoor into all systems and not just a very small subset of systems?
CIPAV is not something added willy-nilly into commercial applications. It's basically an extremely well designed rootkit that the FBI, etc. targets against specific users & computers by tricking users into installing it. (social engineering, etc.)
Re:Any idea what it is? (Score:5, Insightful)
I can think of a dozen unix/linux rootkits without even trying. Just because it's harder to install them, doesn't mean it's impossible. If you think you don't need to run any sort of security software (not Norton, of course, because they suck), then one day you're going to have a very very rude awakening.
Re:Any idea what it is? (Score:5, Insightful)
The second that Linux gets above a 50% market, it will also be targeted by viruses, and anti-virus will then be a must for Linux.
So, unless we want that to happen: Keep quiet and enjoy your virus-free Linux.
Re:Probably just some anonymous report sender (Score:4, Insightful)
More information on this (Score:1, Insightful)
Re:Any idea what it is? (Score:5, Insightful)
It's a clue for you to stop using a platform where you must run anti-virus software and to finally switch to something better and come to the 21 century of computing.
I've been using Linux not quite as long as some, but probably longer than most. Quite probably longer than someone, like the parent poster, who has a Slashdot user ID five times larger than mine, especially since I lurked on Slashdot for a few years before getting an account. For me, Linux has been my primary computing platform for over 15 years, and, before then, it was Unix, or, prior to that, one of the DEC predecessors leading back to the early 80s. I have used machines running ITS, one of the first timesharing systems, when they were still contemporary.
That said, I'm tired of this dribble. Unix (in the industrial versions) had / has nearly no viruses or malware because there were very few people using it in total numbers. There was and continues to be little to be gained by writing a virus for these systems: no press coverage, no botnet of millions of computers. It doesn't pay. It isn't worth the effort. Same for Linux: the market is still too small. Same used to be true for MacOS, but that's starting to change as it increases in popularity.
Contrast this with Windows boxes that are so ubiquitous that a half-talented virus writer has a decent chance of getting their malware into hardened sites like the Pentagon through social vectors (eg, an absent-minded worker who uses a USB key on both home and work computers by mistake).
Linux has no viruses because the market is too small. To think that it is immune to attack from malware is naive at best, and, more probably, self-deceptive. If Linux starts to enjoy 10, 20 or 30 percent market share, we will see Linux-targeted malware become a common nuisance. We already see Firefox-specific browser exploits (but for Windows boxes). FOSS isn't somehow magically immune from nuisance teenage activity or out-and-out criminal intent.
So, please, enough of the holier-than-thou attitude.
Re:law enforcement back door (Score:1, Insightful)
Not saying that GP is not a hoax, but...
Why go that route when going the MS route would ensure a backdoor into all systems and not just a very small subset of systems?
Because Microsoft probably has more money and lawyers to throw around than the FBI etc.? Antivirus companies are smaller and therefore probably easier to bully around.
Re:use a better os (Score:3, Insightful)
Re:Windows Users Beware... (Score:5, Insightful)
Posting on Norton's forums is a fundamental human right?
Re:Any idea what it is? (Score:5, Insightful)
> Linux has no viruses because the market is too small
Well, even assuming this is the only reason (a bit questionable due to the situation with web servers), exploits usually are not particularly portable. And since each distribution compiles their own version, Linux reaching 50% market share actually might _not_ be enough, but what you would need might actually be a _single version_ of a _single distribution_ reaching 50%, which is far less likely.
Re:Windows Users Beware... (Score:2, Insightful)
Re:Rootkit? (Score:4, Insightful)
Oh, that would be hilarious ... if it wasn't true.
People never quite understand that the government has the most to gain by making things illegal. Not only do they get fines and other penalties from those who are in that industry, but it allows them to keep the market value overinflated and they can squeeze out any other big players by simply leaking information on them to local law enforcement or other federal agencies.
There's nothing like having a C130 loaded with guns or drugs (or both), and simply saying "You don't see this plane. It was never here." You only hear about the ones where the planes have crashed inconveniently in the wrong place, and the site wasn't able to be isolated before the news leaked.
Really, it does give some control, and an acceptable covert budget. Things are going to be smuggled in anyways, why can't the gov't make a profit on it? :)
Excuse me. There's a black van outside, and some nice man knocking on my door.
Hello?
[thud]
Re:Windows Users Beware... (Score:4, Insightful)
Well now if it's not what they did, they are certainly planning the next one!
Re:law enforcement back door (Score:3, Insightful)
This is why we need additional mod options. I have points, but there's no option for "Interesting, if it's true" or "thanks for the info, but since there's no way to validate, caveat reader."
It's really easy to get bullshit modded up because of the number of people who say "I didn't know that, thanks". How many of the +4 so far are "+1 because it's true" vs. "It's news to me"?
Re:Windows Users Beware... (Score:1, Insightful)
Re:Windows Users Beware... (Score:3, Insightful)
>>>you agreed to their TOS which probably state they can censor anything they want and ban anyone they want for any reason.
True. And the same applies when you enter into China, but I'm not aware of anyone who thinks China's Internet Firewall censorship is acceptable practice. Infringement of a human right is infringement regardless if the perpetrator is China or Norton.
Re:Windows Users Beware... (Score:5, Insightful)
Welcome to Slashdot - you must be new here. Let me fill you in on how things work hereabouts.
1. Free Speech applies to everything, all of the time, and you don't have to take responsibility for either your words or your actions, unless you are "Teh Man".
2. The higher your UID, the more likely that you believe in 1. with religious fanaticism.
3. Spelling and grammar don't count, no matter how poor.
4. Neither do organization or coherence: You don't have to make sense, you just have to include enough buzzwords and generalities to sound good.
5. Google is good.
6. Apple is better.
7. Information wants to be free as in beer, and you're entitled to everything for free.
8. Copyright is an obsolete concept, unless you're referring to the GPL.
9. Microsoft is always evil.
10.Novell sold out.
There you go! That's about all you need to know to fit in here. So, turn off your brain, spout a few platitudes, and bask in the warmth of the resulting karma.
Re:pot! kettle! black! (Score:3, Insightful)
ever try getting a response from the slashdot crew?
Ever had a thread deleted by the Slashdot crew?
Precisely.
-FL
Re:Windows Users Beware... (Score:3, Insightful)
Re:Rootkit? (Score:4, Insightful)
Have we learned nothing from Sony's stupidity?
They never went bankrupt or even suffered a financial loss. Nobody got fired for it, nobody went to jail for it, so I'd say they did learn from XCP.
They learned that placing rootkits on ordinary peoples' computers has no consequences whatever. Why not do it, particularly if you lack ethics or morals?
Re:Windows Users Beware... (Score:5, Insightful)
In defense of a rational understanding of human rights abuses:
Norton isn't not keeping you from critiquing them anywhere else. Not on Slashdot, not on your own webpage, not out in the street, not via pamphlets or street marches, not anywhere else, not at all. Norton isn't beating down Slashdot to revoke your UID and retroactively delete every comment you've made. Norton isn't erasing your existence, making an example out of you, disappearing you, or destroying your life over this.
Norton DOES NOT HAVE THE POWER TO CENSOR, and you're a fool if you follow Commodore64_Love by equating Norton with China, North Korea, or any of the numerous and viable human rights watch hotspots on the planet. Norton doesn't come anywhere near the kind of awful, degrading, threatening, chilling power that a genuine censoring government can wield in the night.
Norton simply refuses to propagate other people's speech that coincidentally sabotages their business. Since they provide that opportunity on their servers, they have the right to oversee speech on the site they pay for and manage.
Norton is not even spitting distance from looking at the closest edge of the slippery slope on the horizon. Norton is exercising its right over the property it actually owns: the bits n' bytes that live on the hard drives on their servers. Nobody else's.
Lord know I don't respect Norton, but they're not setting the world ablaze with their fascist thugs. They're just being jerks toward their customers, and that is -- rightly -- not a crime. When they start kicking down doors, then I'll worry.
Re:Windows Users Beware... (Score:4, Insightful)
If I go onto a Disney children's forum and post nothing but swear words, and Disney deletes it, is that censorship too?
It's their right to do so, but this does not make it "not censorship", whether they remove the post entirely, *** over the swear words, or replace them with gumdrops and candy canes.
Re:Any idea what it is? (Score:3, Insightful)
Wrong. As another response points out, with linux's extremely high penetration in the server market, where servers tend to have a ton more bandwidth (and confidential data, for that matter), linux should be the primary target for viruses.
But for various reasons (non-mono-culture, in addition to better default security in the OS *and* most apps written for it) the best way found so far to hijack linux machines is attempting to crack common username+password combinations.
If you have any linux box with SSH open to the internet, you should know that these password attacks happen non-stop, all day every day. On every linux box I've admined. So the demand is obviously there, but the OS and the security culture around the OS is making it much more difficult.
Of course there's also a large difference between attacking desktops and servers, since desktop attacks often require user interaction, and server attacks have to be automated. But it's still easy to think back and notice a trend in even automated exploits on windows servers, where there haven't been (successful?) exploits on linux boxes.
Essentially, linux is secure enough that the only successful method of attack so far has been the user-stupidity point-of-entry, bad passwords.
Two of the biggest reasons linux has proved so (relatively) impermiable are the lack of a software mono-culture, and the existence of an easy target in Windows.
Even when Windows Server has had a smaller share of the server market, it's still been targeted by numerous (successful) automated attacks.
(and just to repeat the obvious, no OS is impossible to write viruses for or otherwise exploit, and I'm sure there are viruses for every OS out there. The real question is how many successful large scale attacks have there been on each - and successful large scale attacks have as much to do with monoculture and time-to-patch as any internal OS security policies)
(also it looks like my slashdot ID is lower than yours, do I win the EPEEN contest?)
And this is what RMS keeps talking about (Score:4, Insightful)
When you use proprietary software, you don't really know what's happening on your system.
If somebody happened to notice a suspicious process on a Linux box, it'd have been the question of 15 minutes to figure out what package the file belongs to, get the source, take a look at it, and find out what it does and why is it there.
Instead what we have here a mess with some people coming up with conspiracy theories, Norton refusing to acknowledge the issue, and people trying to figure out what this thing does by looking at the output of strings without much success so far.
Things are much easier when source is available.
Re:Rootkit? (Score:5, Insightful)
Peter Norton came from the mainframe world and created useful utilities for the end user of PCs and compatibles. He was a solid programmer and created a solid company. Symantec purchased him and his competition. We no longer have utilities designed by these companies.
Instead we have a company using his name. That's it. There really is no Norton any more. It's barely even a brand.
I tell people that when comparing the free antivirus utilities vs. the paid take the free, as long as they are of reputable means. The reason is that the antivirus side of things is pretty straight forward. Free does a very good job these days, and no matter how you look at it you always need a compliment of utilities anyway (e.g., Spybot S&D 1.6.2, Ad-Aware 2008 (the latest version is unstable), Windows Defender, and AV such as AVG 8).
The paid commercial product has to compete with these free competent products (and I should know I use them to clean computers every day). When the paid commercial products are released they full of bloat and attempt to integrate themselves do deeply into the OS, so much so that they become the cure worse than the disease.
Not only that the commercial products have tended over time to make customers paranoid. They need to to keep them purchasing their products. A realistic schedule for scanning, once you know your system is clean, along with continued updates for the OS, is all you need--you can be certain you don't need a paranoid schedule such as every day, every week or even every two weeks.
The flip side is that if you get so relaxed about your security you won't do it at all.
Stay away from Norton and McAfee. They are bulky, they are paranoid about their own customers constantly requiring verification of subscription just to get updates (McAfee anyone?).
Stay away from the gimmick. Do you need that toolbar? The 3rd or 4th one in your IE, or even FF? If you don't understand what the toolbars are doing you shouldn't be installing them. What are they doing? They want you to log in, just like Google and Yahoo. They want to track you and your web pages for targeted ads. I'm not saying that Google and Yahoo are gimmick software used to bait you to install malware, but I am saying that there are plenty of them that do and they are taking their directions from the likes of Google and Yahoo. The more toolbars you have the more search engine choices you install. Choose one and stick to it. Stay away from anything that's a gimmick because it is bound to get you in trouble. Windows itself never pops up a dialog box saying to buy this or that software product. Those are fake. Downloading codecs from an innocent site can also get you in trouble and you should set your system to ensure that you don't automatically download codecs.
The bottom line is that commercial software is bloated and creates paranoia, and for good reason--they die as a company if you don't resubscribe. The free products do just as good a job as the commercial. And you can't get away with just one product to defend your system anyway. It takes a compliment of them. Stay away from the gimmick. Uninstall your extraneous toolbars (or all of them for that matter). Your web browser is to browse pages not to be served ads or to be tracked by a product that you don't know is tracking you.
Re:Windows Users Beware... (Score:3, Insightful)
And the foreign and Chinese companies who provide the equipment that runs the Firewall find it acceptable enough to sell to the people who run it.
Incorrect. They find it acceptable to profit from the government's ambitions. In a corporation, ethics are not part of the bidding process. Ethics is PR's problem.
Re:Windows Users Beware... (Score:3, Insightful)
>>>If I go onto a Disney children's forum and post nothing but swear words, and Disney deletes it, is that censorship too?
Of course it's censorship.
Whether or not it's justified censorship is another matter. But that's not the question you asked, is it? Anyway in my humble opinion Norton's censorship of pifts.exe posts is not justified. The manager in charge is trying to stuff muzzles into forums participants' mouths.
Re:Windows Users Beware... (Score:5, Insightful)
There's a difference between censorship on a private message board operated by a private company, and censorship by a state with authority over its citizens. But that seems to be a really hard concept for the average internet user to grasp.
Corporations are legal entities which only exist because the state creates the framework which allows them to exist. They are not human beings (created by God etc) with an independent existence.
There is a difference between censorship practiced by a private individual who has an inherent natural ability to control things in his possession and is also liable without limit for any harm he may cause to others and a corporation which has no ability or power to do anything whatsoever except what the State gives to it, and limited liability towards the owners.
It is an act of congress which allows corporations to exist. That act should not result in a violation of the bill of rights. And if it does, it certainly can not be justified merely by saying it is the consequence of the act of congress and not congress itself which violates the bill of rights. That would be like saying "I didn't kill you, it was the bullet that flew out of my gun that killed you".
I would argue that when a corporation of people attempt to violate the human rights enumerated in the constitution of the United States, the US government has a constitutional obligation to revoke its legal protections of that body of people. In effect the limited liability corporation would revert to a partnership with full liability to all its owners (shareholders).
I would argue that any corporation of private individuals that goes to the People of the Unites States (the government) seeking limited liability for its members (shareholders) is also promising to uphold the Constitution of the United States.
Re:Windows Users Beware... (Score:5, Insightful)
And if it is a businesses right to delete comments they want deleted, as they stated in the terms that all posters agree to, it isn't censorship either. If I go onto a Disney children's forum and post nothing but swear words, and Disney deletes it, is that censorship too?
Yes, it's censorship. Please regard the dicntionary:
To Censor [merriam-webster.com] :: to examine in order to suppress or delete anything considered objectionable [censor the news] ; also : to suppress or delete as objectionable [censor out indecent passages]
It has nothing to do with morals or laws. It's a term with a definition. Societies determine if it's a "good" or a "bad" thing based on the situation.
BUG NORTON UNTIL THEY ANSWER (Score:3, Insightful)
Symantec Corporation
20330 Stevens Creek Blvd. Cupertino, CA 95014
tel +1 408 517 8000
fax +1 408 253 3968
Make their lines so busy they don't have a choice but to answer us.
Re:Windows Users Beware... (Score:3, Insightful)
Yeah, and they don't want you revealing any criminal actions of theirs on their site and to their customers.
What? You say it's not a criminal action? Prove it! If it isn't, why are they hiding?
(Yeah, I'm being unfair. I've despised Norton for multiple years...into decades now.)
OTOH, if some company puts up a PUBLIC bulletin board for discussing their product, then it shouldn't be used to hide their deficiencies. If it is, then it sounds like fraud to me. And that is criminal (even if it doesn't tend to get prosecuted when committed by large corporations).
Re:Windows Users Beware... (Score:3, Insightful)
The fact that you agreed to allow yourself to be censored doesn't mean it's not censorship.
Re:Windows Users Beware... (Score:4, Insightful)
>>>the corporation should inherit (where applicable) the rights of its founders
And the workers are treated like cattle - "human resources". Sorry but I don't consider a corporation anything other than a non-free state, and when you enter that "state" you lose several of your rights - like freedom to speak, or freedom to drink beer on weekends (else you get fired when the boss sees the photo on your facebook page), or .....