Wired.com has a disturbing article about the aftermath of the Slammer worm, and more specifically Symantec's involvement. The article claims that Symantec identified the worm and its effects hours before everyone else, and then did... nothing. Well, that's not fair. They did share the information, it's just that they only shared it with those who subscribed to its private security service. What they didn't do, according to the article, was let everyone else know, "[withholding] information . . . for hours after spotting it."
The article is rife with community criticism of Symantec, including one quote that suggests if the assertions are true, Symantec is "just as responsible for the damages done by the worm as the author." But are the assertions true?
I'm hardly a fan of Symantec (in fact, I've taken to substituting the word "Norton" for the word "suck" in IM conversations, as in "Oh, man, one of our servers just crashed." "Really? NORTON." It's fun, you should try it. UPS is a good alternative.) but going over the times in the article, this just doesn't seem to add up to much. Here are some quotes to illustrate my point:
OK, so let's review here. The worm "debuted" at 9:30 p.m. PST. Of course, it's likely that it was released into the wild sometime before that, and just took a little while to get bad enough for people to notice it. The alternative is that Symantec knew about the worm before it was in the wild, and then called attention to this fact by sending out a private security release before the worm was a threat, which would be awfully stupid. I'll go ahead and give them the benefit of the doubt on this one.
So the worm came out around 9:30 p.m. PST, and Symantec sent their release at around 9:00 p.m. PST. Meanwhile, "the rest of the Internet" noticed the worm at a little past midnight EST. EST is three hours ahead of PST, so 9:00PM PST is 12:00AM EST, and "approximately 9 p.m. PST" is within spitting distance of "shortly after midnight EST."
Of course one could argue the intent was still there, but with the exact release time of the worm in question, it's just as easy to suppose that Symantec was preparing a public release of some sort, but got scooped by "the rest of the Internet" and chucked it.
Perhaps I'm missing something, but I don't think so. Still, Symantec probably does deserve some trouble: They wrote that insidious piece of code that takes up tens of megabytes of hard drive space, megabytes of RAM, and a fair chunk of CPU cycles and Internet bandwidth. Damn you, Norton Anti-Virus!
|Nvidia Titan V brings the power of Volta V100 to desktops||122|
|Thermaltake's Nemesis Switch has enough buttons for all your macros||10|
|Zotac Gaming MEK1 PCs have the requisite pieces of flair||5|
|Toshiba's latest hard drives store 14 TB without shingles||57|
|Friday deals: a motherboard trio, a cheap CLC, and a rodent||11|
|GeForce 388.59 drivers are ready for the Titan V apocalypse||5|
|Lite-On MU-X SSDs continue the affordable NVMe onslaught||37|
|Chrome 63 puts bad sites in solitary confinement||18|
|Empty your iPhone onto the Adata i-Memory AI720 drive||12|
|Can I borrow one when you pull the trigger? ;)||+28|