
Google: Symantec antivirus flaws are 'as bad as it gets' - AJAlabs
https://www.engadget.com/2016/06/29/google-symantec-antivirus-flaws-are-as-bad-as-it-gets/
======
dang
[https://news.ycombinator.com/item?id=11998774](https://news.ycombinator.com/item?id=11998774)

------
quantumhobbit
Symantec really needs to be made a example of. If there aren't serious
consequences for this inability to create secure security products, companies
will continue to get rich off of creating insecure software. Symantec fixed
the bug this time but I doubt they will create more secure software in the
future.

~~~
CiPHPerCoder
Boycott anti-virus software. An afternoon spent on
[http://decentsecurity.com/introduction/](http://decentsecurity.com/introduction/)
is better for Windows security than any AV product.

Keep everything up to date. Use password managers and two-factor
authentication.

Most malware comes from ad networks right now, so use uBlock Origin. HTTPS
Everywhere should go in every intsall of Chrome and Firefox.

[https://paragonie.com/blog/2015/06/guide-securing-your-
busin...](https://paragonie.com/blog/2015/06/guide-securing-your-business-s-
online-presence-for-non-experts)

~~~
throwanem
> An afternoon spent on
> [http://decentsecurity.com/introduction/](http://decentsecurity.com/introduction/)
> is better for Windows security than any AV product.

Sad when a single person who runs a joke Twitter account (@SwiftOnSecurity)
can do better than an entire multibillion-dollar industry...

~~~
CiPHPerCoder
I talk to the person behind SOS regularly. They are actually quite brilliant
and very passionate about consumer security.

The premise of Decent Security (and the fact that there's no name or
monetization strategy attached to it) is why they can do better. They're not
trying to sell you anything. They're trying to help people take control of
their own systems.

------
Aelinsaar
To be honest, it really is. In the non-digital world, it would be the
equivalent of finding out that a company which provides security services, had
accidentally allowed its services to be provided to kidnap or kill their own
principles.

------
rusabd
"Doctors are gentlemen and a gentleman's hands are clean" again

------
AJAlabs
Guess who will be working late patching Anti-virus software tonight.

------
AJAlabs
Very surprised this affects Mac OS.

"The bugs affect Norton Antivirus on Mac and Windows, Endpoint and numerous
other Symantec products"

~~~
vkou
Why would this be surprising? It's a buffer overflow in a program with root
access.

Is there something about Macs that prevents buffer overflows?

