Wired.com has a disturbing article about the aftermath of the Slammer worm, and more specifically Symantec's involvement. The article claims that Symantec identified the worm and its effects hours before everyone else, and then did... nothing. Well, that's not fair. They did share the information, it's just that they only shared it with those who subscribed to its private security service. What they didn't do, according to the article, was let everyone else know, "[withholding] information . . . for hours after spotting it."
The article is rife with community criticism of Symantec, including one quote that suggests if the assertions are true, Symantec is "just as responsible for the damages done by the worm as the author." But are the assertions true?
I'm hardly a fan of Symantec (in fact, I've taken to substituting the word "Norton" for the word "suck" in IM conversations, as in "Oh, man, one of our servers just crashed." "Really? NORTON." It's fun, you should try it. UPS is a good alternative.) but going over the times in the article, this just doesn't seem to add up to much. Here are some quotes to illustrate my point:
OK, so let's review here. The worm "debuted" at 9:30 p.m. PST. Of course, it's likely that it was released into the wild sometime before that, and just took a little while to get bad enough for people to notice it. The alternative is that Symantec knew about the worm before it was in the wild, and then called attention to this fact by sending out a private security release before the worm was a threat, which would be awfully stupid. I'll go ahead and give them the benefit of the doubt on this one.
So the worm came out around 9:30 p.m. PST, and Symantec sent their release at around 9:00 p.m. PST. Meanwhile, "the rest of the Internet" noticed the worm at a little past midnight EST. EST is three hours ahead of PST, so 9:00PM PST is 12:00AM EST, and "approximately 9 p.m. PST" is within spitting distance of "shortly after midnight EST."
Of course one could argue the intent was still there, but with the exact release time of the worm in question, it's just as easy to suppose that Symantec was preparing a public release of some sort, but got scooped by "the rest of the Internet" and chucked it.
Perhaps I'm missing something, but I don't think so. Still, Symantec probably does deserve some trouble: They wrote that insidious piece of code that takes up tens of megabytes of hard drive space, megabytes of RAM, and a fair chunk of CPU cycles and Internet bandwidth. Damn you, Norton Anti-Virus!
|AMD drops prices on the Radeon RX 460 and RX 470||9|
|Reports: Radeon RX 470D is a budget Polaris card for China||2|
|Examining reports of slow write speeds on the 32GB iPhone 7||18|
|Cellular Insights dissects iPhone 7 Plus modem performance||10|
|Deals of the week: scads of high-performance storage and more||7|
|Tobii's Eye Tracker 4C knows where your head is||0|
|GeForce driver 375.57 is prepared for Titanfall 2||6|
|Phanteks Eclipse P400 gets a tempered glass option||0|
|Radeon 16.10.2 drivers add support for October's big games||10|
|A real "console monitor" would be 720p @ 30 Hz ;P||+58|