It looks like you're using an Ad Blocker.
Please white-list or disable AboveTopSecret.com in your ad-blocking tool.
Thank you.
Some features of ATS will be disabled while you continue to use an ad-blocker.
SCI: Tech Fears Arise Over Norton and Pifts.exe
page: 16share:
I'm surprised there's been no response to the idea of a class action law suit against symantec for violating their own terms and conditions.
Is this out of the question? Is there no legal recourse?
Is this out of the question? Is there no legal recourse?
Symantec. A conspiracy theory.
I've followed this thread all day, and I'm going to add a conspiracy theorists sort of opinion based on the goings on.
1) Symantec is way to desperate to cover this up. This seems way more urgent than a hacked .exe or just some random data mining. To go so overboard as to instaban forum users is something I have only seen when a forum admin was found out to be a registered sex offender and his administrator friends clamped down on the information banning everyone that brought it up. This sort of behaviour is prima face red flag, it's cause for serious investigation. Were this a common or garden cock up the repair work would be more relaxed, as it is you can smell fear, even over the internet.
2) There is a link on this thread to a research paper about a PIFT. If the correlation to this incident is valid, and as a conspiracy theory it is valid untill some other reality is proven which makes it invalid, we have a serious issue potentially brewing. It is no secret the new world order folks want to shut down freedom of speech and put the herd back into the digital pen, and PIFT, as per the paper linked here, fits that sort of model. 'User non interests' reeks of double speech for automated censorship. To me it seems like there is a long term plan to use system software as a delegation of the security state to automatically monitor and censor the types of documents a user is accessing on his machine. Remember, there is a war on for your mind. If you don't believe this you're a bit out of place in ATS, most of us realise this scenario, of elitist powermongering and repression, is a constant historical trend.
3) Typical debunker posts have appeared in this thread. The signs are very recent join dates (a couple of them today) and the usual "I'm an expert" spiel, followed by a debunking of the whole PIFT situation, saying it's legitimate, saying it was an update, yadda yadda. The usual polluting of the knowledge stream, which is typical of elitist mass manipulation tactics, happening with other key areas like chemtrails, biological warfare, 911, and so on. They are organised to take down certain online topics, and there is some sign they have been somewhat active on this one. Not too high profile, because the topic itself is fairly technical.
The above is a subjective opinion. I'm leaning towards a coverup of malware which would link up to the secret government infrastructure, to the NWO data manipulation operations. But I do leave the option that I am wrong on the table.
Although I'm not wrong that often, thanks to synchronicity, bare this in mind.
[edit on 10-3-2009 by Zepherian]
I've followed this thread all day, and I'm going to add a conspiracy theorists sort of opinion based on the goings on.
1) Symantec is way to desperate to cover this up. This seems way more urgent than a hacked .exe or just some random data mining. To go so overboard as to instaban forum users is something I have only seen when a forum admin was found out to be a registered sex offender and his administrator friends clamped down on the information banning everyone that brought it up. This sort of behaviour is prima face red flag, it's cause for serious investigation. Were this a common or garden cock up the repair work would be more relaxed, as it is you can smell fear, even over the internet.
2) There is a link on this thread to a research paper about a PIFT. If the correlation to this incident is valid, and as a conspiracy theory it is valid untill some other reality is proven which makes it invalid, we have a serious issue potentially brewing. It is no secret the new world order folks want to shut down freedom of speech and put the herd back into the digital pen, and PIFT, as per the paper linked here, fits that sort of model. 'User non interests' reeks of double speech for automated censorship. To me it seems like there is a long term plan to use system software as a delegation of the security state to automatically monitor and censor the types of documents a user is accessing on his machine. Remember, there is a war on for your mind. If you don't believe this you're a bit out of place in ATS, most of us realise this scenario, of elitist powermongering and repression, is a constant historical trend.
3) Typical debunker posts have appeared in this thread. The signs are very recent join dates (a couple of them today) and the usual "I'm an expert" spiel, followed by a debunking of the whole PIFT situation, saying it's legitimate, saying it was an update, yadda yadda. The usual polluting of the knowledge stream, which is typical of elitist mass manipulation tactics, happening with other key areas like chemtrails, biological warfare, 911, and so on. They are organised to take down certain online topics, and there is some sign they have been somewhat active on this one. Not too high profile, because the topic itself is fairly technical.
The above is a subjective opinion. I'm leaning towards a coverup of malware which would link up to the secret government infrastructure, to the NWO data manipulation operations. But I do leave the option that I am wrong on the table.
Although I'm not wrong that often, thanks to synchronicity, bare this in mind.
[edit on 10-3-2009 by Zepherian]
reply to post by Zepherian
Nice one man. I also joined today. But i think there is something really fishy with that file. Luckily i use McAfee
Nice one man. I also joined today. But i think there is something really fishy with that file. Luckily i use McAfee
Originally posted by theyknowmyname
I found this on the norton site. I searched with no .exe extention. I wonder if it's the same file?
community.norton.com...
That seems a bit odd dont ya think?
'Hey, Us mac users didnt get this file...are we going to?'
Kinda sounds like something injected from Symantec itself to elude the possiblity that this file is malicious and is spying on its users.
When I get home all Symantec apps are being removed, and may Fdisk to be sure. Gotta love a proper backup system
Originally posted by CaptainCaveMan
The problem is not symantec or swapdrive.
The problem is the COO Ronald Schumann and CTO Marc Wallace of symantec.
Its like they are running there own little side business.
Which could be involved in selling peoples information to the pentagon.
This could be why, there was no announcement.
Perhaps the CEO and board, doesn't even know.
Both these guys have long military involvement and history's in electronic intelligence.
But mostly Schumann.
I wouldn't trust him.
I'm with you - It really does look like these folks are doing some serious snooping -
It's very suspicious that these guys are part of this group. Something stinks!
reply to post by Cyberzone
Yeah, it is likely that this is the case. Heck, my company happens to have a Quest Comm circuit and one of our offices is within a mile of the W.H. Does that make my company some shell for a 3-letter agency? Nope, just a boring old company....
Anyway, I am glad that this anomalous file is getting so much attention. We need to have the user community involved in order to ensure privacy and integrity is being maintained in cyberspace.
As a side note, if any of you folks that find this kind of program/app threat analysis interesting, or fun, I strongly urge you to get involved in an information security group. ISC^2, sans, or just google your local university computer science department. The gov't actually needs the support and help of the user community when it comes to internet security. Believe it or not, internet crimes (mostly id theft) account for a very large revenue stream for organized crime outfits including our favorite boogy men ("terrists"). CorpGov is not going to be able to fight these battles alone, and we cannot ensure privacy and integrity unless we are the ones involved in the research and development being performed. Trust me, several people in gov't would much rather compromise privacy in order to combat the 'bad guys' on the internet so the user community must be involved to balance this desire and to make sure efforts to combat hackers and underground crime syndicates do not take away the freedoms of good law-abiding citizens.
Are you afraid of government IT becoming Orwellian? GET INVOLVED
That is just my 2 cents anyway.
[edit on 10-3-2009 by nydsdan]
[edit on 10-3-2009 by nydsdan]
Yeah, it is likely that this is the case. Heck, my company happens to have a Quest Comm circuit and one of our offices is within a mile of the W.H. Does that make my company some shell for a 3-letter agency? Nope, just a boring old company....
Anyway, I am glad that this anomalous file is getting so much attention. We need to have the user community involved in order to ensure privacy and integrity is being maintained in cyberspace.
As a side note, if any of you folks that find this kind of program/app threat analysis interesting, or fun, I strongly urge you to get involved in an information security group. ISC^2, sans, or just google your local university computer science department. The gov't actually needs the support and help of the user community when it comes to internet security. Believe it or not, internet crimes (mostly id theft) account for a very large revenue stream for organized crime outfits including our favorite boogy men ("terrists"). CorpGov is not going to be able to fight these battles alone, and we cannot ensure privacy and integrity unless we are the ones involved in the research and development being performed. Trust me, several people in gov't would much rather compromise privacy in order to combat the 'bad guys' on the internet so the user community must be involved to balance this desire and to make sure efforts to combat hackers and underground crime syndicates do not take away the freedoms of good law-abiding citizens.
Are you afraid of government IT becoming Orwellian? GET INVOLVED
That is just my 2 cents anyway.
[edit on 10-3-2009 by nydsdan]
[edit on 10-3-2009 by nydsdan]
Originally posted by DJMessiah
reply to post by dankanight13
That was me. XD
I was trying to warn whoever is doing it.
It wouldn't surprise me if there was a new virus out there being made with the same name as the file in question.
As for now, I would suggest everyone avoid searching websites for it, until there is an explanation by Norton.
Come to think about it, maybe they are removing posts about it to prevent people from googling it....? maybe they are not as evil as they seem...
-rrr
Come to think about it, maybe they are removing posts about it to prevent people from googling it....? maybe they are not as evil as they seem...
I'd go as far as to say the opposite end of the spectrum and say that symantec is the one putting up these malicious decoy sites.
This whole thing stinks, i'm going to be very, very suspicious when they release their statement.
*squints*
*squints*
reply to post by Zepherian
My problem with your post, well one of many, is that you are saying until you have proof it isn't a conspiracy you can assume it is. Erm... it doesn't quite work like that does it...
The burden of proof should be on the accuser, rather than the defender to prove a negative. That's like me saying there is an invisible china teapot floating around Mars. We can take it as true until you can prove 100% that there isn't.
I tend to look at it if it is between conspiracy and incompetency, I'll err on the side of incompetency.
My problem with your post, well one of many, is that you are saying until you have proof it isn't a conspiracy you can assume it is. Erm... it doesn't quite work like that does it...
The burden of proof should be on the accuser, rather than the defender to prove a negative. That's like me saying there is an invisible china teapot floating around Mars. We can take it as true until you can prove 100% that there isn't.
I tend to look at it if it is between conspiracy and incompetency, I'll err on the side of incompetency.
Originally posted by rangersdad
Just some speculation here, could it be a program written by a Nigerian to gain access to your info so they can siphon your credit cards and bank accounts???
The Nigerian who sits behind me doesn't have to go through all that trouble if he wants my bank account info...but since he's a senior chemist at the company, I doubt he wants it anyway.
This circus kind of reminds me of the typical "Bad Guy" trying to take over the world. He releases a virus into the world. Only he has the antidote.
The world leaders pay him $$$ for the antidote...
Only this one back-fired on Symantec because the forum Mods was unaware of the plan...
Yes. I know. Can you blame me? I have to keep busy while we wait for something to happen....
Only this one back-fired on Symantec because the forum Mods was unaware of the plan...
Yes. I know. Can you blame me? I have to keep busy while we wait for something to happen....
Interesting the forum seems to be back online
community.norton.com...
But they are still immediately deleting threads with any mention of PIFTS and I assume still banning the people posting
They will have to answer people about this sooner or later won't they I can't wait for them to release a statement explaining this, or someone to really figure out everything PIFTS is designed to do. It will be interesting to see if people report updates to the software from them attempting to remove or modify this.
[edit on 10-3-2009 by warpboost]
community.norton.com...
But they are still immediately deleting threads with any mention of PIFTS and I assume still banning the people posting
They will have to answer people about this sooner or later won't they I can't wait for them to release a statement explaining this, or someone to really figure out everything PIFTS is designed to do. It will be interesting to see if people report updates to the software from them attempting to remove or modify this.
[edit on 10-3-2009 by warpboost]
reply to post by Gemwolf
Yeah, I'm just waiting for some update on this as well.
In the meantime, anybody reverse engineering this little guy?
Yeah, I'm just waiting for some update on this as well.
In the meantime, anybody reverse engineering this little guy?
Originally posted by SpacePunk
Oh, yeah... RE2505, the internet tough guy line forms to the left.
I'll happily join that queue with the millions of other internet users that have at one time or another lost valuable pictures/files/work thanks to your efforts.
Post from: chrysler5thavenue.blogspot.com...
UPDATE (12:02 10 March 2009):
Apparently digg.com is also covering this story up. 242 diggs and it's not on the front page.
digg.com...
There's a good discussion of this on slashdot.org, a web 2.0 social networking site for techies.
The Washington Post and The Register are covering this as well.
--------------------------------------
Edit: Also searching for Pifts on DIGG does not come up with results.
This is getting exciting!
[edit on 10-3-2009 by coolism]
UPDATE (12:02 10 March 2009):
Apparently digg.com is also covering this story up. 242 diggs and it's not on the front page.
digg.com...
There's a good discussion of this on slashdot.org, a web 2.0 social networking site for techies.
The Washington Post and The Register are covering this as well.
--------------------------------------
Edit: Also searching for Pifts on DIGG does not come up with results.
This is getting exciting!
[edit on 10-3-2009 by coolism]
Well, who wants to place bets on how long it takes ZoneAlarm to issue an "update" to their software which clandestinely allows this PIFTS.exe to
access the web sans user approval or notification?
For what it's worth, anybody still using Internet Explorer should have recieved the memo urging them to use Firefox instead. Much safer and less open to attacks, not to mention much easier to cleanse the history, cookies, and keystroke captures (ie: passwords) from.
For what it's worth, anybody still using Internet Explorer should have recieved the memo urging them to use Firefox instead. Much safer and less open to attacks, not to mention much easier to cleanse the history, cookies, and keystroke captures (ie: passwords) from.
I hate Norton. The last time I had it the computer ran at a crawl, & then it kept giving me reminders to upgrade, which I ignored because I'd decided
to switch.
About 2 days before the license expired I got a virus. The timing was a very odd coincidence indeed, and all it did was made me even more determined to get rid of it - I'm hardly likely to pay for it again if a virus got through.
I now use Eset Nod32 - it's excellent, uses few system resources & is apparently/supposedly the one that microsoft use - & it's a lot cheaper than Norton too.
About 2 days before the license expired I got a virus. The timing was a very odd coincidence indeed, and all it did was made me even more determined to get rid of it - I'm hardly likely to pay for it again if a virus got through.
I now use Eset Nod32 - it's excellent, uses few system resources & is apparently/supposedly the one that microsoft use - & it's a lot cheaper than Norton too.
Sorry if someone has already posted this but I haven't seen it:
(Emphasis added)
I'm not buying that...
Washington Post
Update, 2:23 p.m. ET:
Dave Cole, senior director of product management at Symantec, said the PIFTS file was part of a "diagnostics patch" shipped to Norton customers on Monday evening. The purpose of the update, Cole said, was to help determine how many customers would need to be migrated to newer versions of its software as more Windows users upgrade to Windows 7.
"We have to make sure before we migrate users to a new product that we can see what kind of load we can expect on our servers, and which customers are going to have to be moved up to the latest version of our product," Cole said.
As to why Symantec has been deleting posts about this from their user forum, Cole said the company noticed that minutes after the update went out hundreds of new users began registering on the forum, leaving inane and sometimes abusive comments.
"We want to be out there in the community, but by the same token, if we see abuse we will shut it down pretty quickly," Cole said. "There was no attempt at secrecy here, but people were spamming the forum and making it unusable to everyone."
(Emphasis added)
I'm not buying that...
Extra info as an addition to my previous post:
DLL names referred to in the file:
(There are other dll's that the file uses, these are merely the dll's it mentions, and I have reason to believe that these are all Symantec Norton related.)
NisProd.dll
NavUI.dll
NavProd.dll
NSWAlert.dll
NSWCfg.dll
NTPAlert.dll
NCOAlert.dll
PifEng.dll
PollMgr.dll
As for functions called upon in the process.
I think the most interesting is this one:
MessageBoxA
Messagebox, does it actually create a message box? Afaik it doesn't do anything to people, not even popping up a window. Perhaps it pops up a window if an internet connection cannot be established?
edit:
Do with these names as you wish.
Ah well perhaps I'll find time to check what it actually does.
So far all I read is still speculation, even those sites that are being posted only speak of ''African IP" "This and that is suspicious".
[edit on 10/3/09 by -0mega-]
DLL names referred to in the file:
(There are other dll's that the file uses, these are merely the dll's it mentions, and I have reason to believe that these are all Symantec Norton related.)
NisProd.dll
NavUI.dll
NavProd.dll
NSWAlert.dll
NSWCfg.dll
NTPAlert.dll
NCOAlert.dll
PifEng.dll
PollMgr.dll
As for functions called upon in the process.
I think the most interesting is this one:
MessageBoxA
Windows32 API Reference
The MessageBox function creates, displays, and operates a message box. The message box contains an application-defined message and title, plus any combination of predefined icons and push buttons.
Messagebox, does it actually create a message box? Afaik it doesn't do anything to people, not even popping up a window. Perhaps it pops up a window if an internet connection cannot be established?
edit:
Do with these names as you wish.
Ah well perhaps I'll find time to check what it actually does.
So far all I read is still speculation, even those sites that are being posted only speak of ''African IP" "This and that is suspicious".
[edit on 10/3/09 by -0mega-]
new topics
-
Boston Dynamics say Farewell to Atlas
Science & Technology: 1 minutes ago -
I hate dreaming
Rant: 42 minutes ago -
Is the origin for the Eye of Horus the pineal gland?
Philosophy and Metaphysics: 2 hours ago -
Man sets himself on fire outside Donald Trump trial
Mainstream News: 2 hours ago -
Biden says little kids flip him the bird all the time.
2024 Elections: 2 hours ago -
The Democrats Take Control the House - Look what happened while you were sleeping
US Political Madness: 3 hours ago -
Sheetz facing racial discrimination lawsuit for considering criminal history in hiring
Social Issues and Civil Unrest: 3 hours ago -
In an Historic First, In N Out Burger Permanently Closes a Location
Mainstream News: 5 hours ago -
MH370 Again....
Disaster Conspiracies: 5 hours ago -
Are you ready for the return of Jesus Christ? Have you been cleansed by His blood?
Religion, Faith, And Theology: 8 hours ago
top topics
-
In an Historic First, In N Out Burger Permanently Closes a Location
Mainstream News: 5 hours ago, 14 flags -
The Democrats Take Control the House - Look what happened while you were sleeping
US Political Madness: 3 hours ago, 10 flags -
Thousands Of Young Ukrainian Men Trying To Flee The Country To Avoid Conscription And The War
Other Current Events: 16 hours ago, 8 flags -
A man of the people
Medical Issues & Conspiracies: 10 hours ago, 8 flags -
Man sets himself on fire outside Donald Trump trial
Mainstream News: 2 hours ago, 7 flags -
Biden says little kids flip him the bird all the time.
2024 Elections: 2 hours ago, 6 flags -
4 plans of US elites to defeat Russia
New World Order: 12 hours ago, 4 flags -
Is the origin for the Eye of Horus the pineal gland?
Philosophy and Metaphysics: 2 hours ago, 4 flags -
Are you ready for the return of Jesus Christ? Have you been cleansed by His blood?
Religion, Faith, And Theology: 8 hours ago, 3 flags -
Sheetz facing racial discrimination lawsuit for considering criminal history in hiring
Social Issues and Civil Unrest: 3 hours ago, 3 flags
active topics
-
The Democrats Take Control the House - Look what happened while you were sleeping
US Political Madness • 26 • : ImagoDei -
Boston Dynamics say Farewell to Atlas
Science & Technology • 0 • : gortex -
Thousands Of Young Ukrainian Men Trying To Flee The Country To Avoid Conscription And The War
Other Current Events • 30 • : Consvoli -
12 jurors selected in Trump criminal trial
US Political Madness • 96 • : WeMustCare -
Post A Funny (T&C Friendly) Pic Part IV: The LOL awakens!
General Chit Chat • 7127 • : underpass61 -
Man sets himself on fire outside Donald Trump trial
Mainstream News • 26 • : OnlyYouKnow2 -
Putin Compares Himself to Jesus Promoting Traditional Values Against the Satanic West
Mainstream News • 74 • : DumbNut -
Biden says little kids flip him the bird all the time.
2024 Elections • 11 • : Disgusted123 -
I hate dreaming
Rant • 2 • : FlyersFan -
America's Infant Mortality Rate Increases for the First Time in 20 Years
Medical Issues & Conspiracies • 22 • : BasicResearchMethods