

Anonymous releases stolen Symantec source code - __david__
https://thepiratebay.se/torrent/7014253

======
1880
Relevant:

"Symantec was prepared for the code to be posted at some point and has
developed and distributed a series of patches since Jan. 23rd to protect
pcAnywhere users against known vulnerabilities." [1]

If I am understanding this correctly, there were existing _and known_
vulnerabilities that are being patched _now_ because the source was published?

It looks like open source _does_ make software more secure :)

[1]: [http://www.symantec.com/theme.jsp?themeid=anonymous-code-
cla...](http://www.symantec.com/theme.jsp?themeid=anonymous-code-claims)

~~~
lt
I think there's a good chance that these patches are for backdoors that would
be discovered looking at the source.

I await for someone brave enough to get the source and publish a security
analysis.

~~~
joejohnson
If there are backdoors which would be exposed by viewing the source, then
Symantec is using security through obscurity.

------
sev
I'm not sure I understand the motive of this, other than saber rattling. Are
they really fighting for everything to be open sourced to this extreme extent?
Or should we assume this is the "script-kiddie" arm of Anon doing this as
opposed to the more "noble"[1] work we see sometimes?

[1]debatable, and none of the above is necessarily what I believe

~~~
IgorPartola
The motive was apparently blackmail and an attempt to shake down Symantec for
$50k: [http://gizmodo.com/5883024/hackers-publish-symantecs-
source-...](http://gizmodo.com/5883024/hackers-publish-symantecs-source-code-
after-50000-extortion-attempt-fails)

~~~
libraryatnight
Though on twitter, Anonymous says it was Symantec trying to bribe them:
[https://twitter.com/#!/YourAnonNews/status/16689812134180454...](https://twitter.com/#!/YourAnonNews/status/166898121341804544)

~~~
kooshball
I dont know where you got that from. If you read the email thread it's clear
Anon was asking for money from the beginning. It's clear extorsion. How is
that at all Symantec trying to bribe them?

------
Turing_Machine
I guess I'm surprised that anyone is still using it, given the proliferation
of FOSS VNC software and the fact that both OS X and Windows now have their
own remote desktop capability. Does pcAnywhere offer advantages over these?

~~~
bwarp
It has the same advantage that any paid anti-virus has over a free one i.e.
some sense that because you've paid for something it must be better. Or in
plain English, no advantage at all.

The irony is that Windows has had damn near perfect remote desktop support
since 2002. How they've hung on for 10 years is beyond me.

------
mofle
Would be very informative if someone would write a blog post about their
findings in the source code.

------
jetsnoc
Wow! I'm intrigued and curious by what the "time bomb word docs" might
contain. I don't really want the feds knocking on my door! Guess I will have
to take a pass pulling this source code apart.

------
Intermernet
Honestly, a quick poll, does anyone actually still use PC Anywhere?

~~~
greatquux
I have one customer that uses it to remotely access Bloomberg terminals
because the Bloomberg software can detect if you're connecting via remote
desktop and bar access to it. Of course, after this, I'll be transitioning
them to VNC...

------
plasma
I hope whoever's blackmailing Symantec get jailed.

------
derleth
So is Anonymous going to be the Malcolm X to RMS's Martin Luther King, Jr.?
Shift the Overton Window to make the GPL look like the most moderate,
reasonable option?

~~~
tsotha
There's a big, big difference between making the code you write freely
available and stealing other peoples' code in order to make it public.

~~~
blasdel
Yes, quite like the difference between nonviolent protest for integration and
armed militant separatism as independent attempts at dissolving the white
man's oppression of african-americans.

You missed his analogy completely.

~~~
tsotha
No I didn't. He was trying to imply these things are somehow poles on the same
scale. They're not. For one thing, FOSS is already seen as perfectly
reasonable by everyone but PR flacks from Microsoft and Oracle.

It's more like your idiot kid brother robs a bank, and now nobody in the
neighborhood trusts you any more.

~~~
derleth
Have you read any of Stallman's more political and moral manifestos?

------
angersock
Anonymous: The militant wing of the FSF?

"Ve vill free all ze codes! Open zource everyzing!"

In all seriousness, though, this is not helping the community or fellow anons.

~~~
metajack
What in the world do you think this has to do with the FSF? How is releasing
proprietary code at all similar to open sourcing it?

I'm really failing to understand how you made this association or why you
think their intent was driven by desire to expose all code. From the torrent
description it appears they are trying to out something that Symantec did
wrong, not simply release the code.

~~~
angersock
They opened the source to the world, did they not?

(yes, yes, I know the difference, but in the right light this is funny, no?
Releasing the source code has gone beyond mere piracy to active liberation!)

~~~
rbanffy
If you know the difference, why mention the FSF?

Not only this code is not free, it's toxic. If anyone does or wants to work on
free or open source software, I suggest not even looking into this codebase.

~~~
angersock
So, kind of like the GPLv3 or AGPLv3?

~~~
libcee
i realize that copyleft proponents and permissive license proponents tend to
have different views, but painting everyone that disagrees with you as
"zealots" and taking cheap pot shots like the ones you see increasingly on hn
is pretty intellectually dishonest.

everyone knows that open source has successfully overshadowed free software.
no need to continue to marginalize them more than has already been done, you
win. they'll try forever to be taken seriously, and everyone will try very
hard to miss the point.

also, while a lot of people on hn seem to think that permissive licensing is
the only way to do it, most copyleft proponents do think there is a place for
permissive licensing. so pretending it's the people calling for more than one
solution "zealots" is especially silly.

tl;dr but as long as you outnumber them, you can tell everyone they're the
zealots, and as long as you outnumber them you can win the argument (the
accusation) by popular support. 100 million open source advocates can't be
wrong, (and even if they were, who cares?)

------
marcloney
Curiously, this comment thread distinctly shows the two groups of people
currently on HN - preconventional & postconventional.

------
gumbo
I've gone throught the email conversation, i feel like they didn't really just
wanted the money. A blackmailer don't just ask:

"SO - you told us a week ago that you've being requesting a response from Fin
dprtmnt. We got no answer for the below question so far: ?How much do you
consider ENOUGH to pay us in order to work all the issues out?

"

He know what the value of what he got.

