It looks like you're using an Ad Blocker.

Please white-list or disable AboveTopSecret.com in your ad-blocking tool.

Thank you.

 

Some features of ATS will be disabled while you continue to use an ad-blocker.

 

SCI: Tech Fears Arise Over Norton and Pifts.exe

page: 23
267
<< 20  21  22    24  25  26 >>

log in

join
share:

posted on Mar, 10 2009 @ 06:34 PM
link   
reply to post by Zepherian
 







What do you need big guy...

A signed confession by the CEO of Symantec?


That would work, unless he resides in Guantanamo...





All right... Most of you guys are already there.

You've only got to get one more detail thru your thick skulls...

If you spam your OWN boards... And in your 'official' responses FOCUS ON THAT... Then you have a faite accompli effective coverup.

It's all about post facto misdirection/redirection...

You dig?

(Come on... You can do it.
)




posted on Mar, 10 2009 @ 06:34 PM
link   
I love how the article on pc world doesn't even touch upon the real issue most people have with pifts.exe



posted on Mar, 10 2009 @ 06:37 PM
link   
reply to post by golemina
 


What in the earth are you talking about? I have no idea what that post is trying to say, either about me or about the issue in hand.

Some clarification please, as this post is totally out of context with the thread and apparently gibberish.



posted on Mar, 10 2009 @ 06:37 PM
link   
I used Norton for less than a week. Its such a resource hog! And its absolutely horrible trying to full remove the damn thing!



posted on Mar, 10 2009 @ 06:41 PM
link   
djzombie -> It has happend before and will happend again. Trend Micro did it in 2005, and Norton in 2009. Errors do happen.
Ive been reading on this topic ALL day on different forums, and still dont know what to think of it.

Trend Micro - Computerworld

Id like to think that it will become this major new topic, but im thinking this isnt all that big at all.
Symantec deleting posts - Well it got out of hand, and they just wanted to clean it up and everyone went nuts, i followed the thread on 4chan before it got deleted, and they started to plan an "attack" on the symantec forum, getting as many as possible to make accounts and start making threads about this pifts.exe

Like many others have said, wait it out and see what happens. people should be able to find somekind of information now, giving them an idea of whats going on, and deny it from getting access to the internet till further notice.



posted on Mar, 10 2009 @ 06:45 PM
link   
reply to post by Zepherian
 



What in the earth are you talking about? I have no idea what that post is trying to say, either about me or about the issue in hand.

Some clarification please, as this post is totally out of context with the thread and apparently gibberish.


Your request for more specificity... lacks the necessary specificity.

(Idioms... So literal. They are a blessing and a curse.
)

I'd tell you to reread the thread... But at 23 pages and counting, I'm not that much of a sadist.

My basic theme is the crime fits the personality.


Point to the part that confuses you.


PS. Like WAITING is going to shed any light. The only piece missing is a disassembly of the actual code. There is so much filler in a WinBlows exe that there isn't really a lot of code to dissect...


[edit on 10-3-2009 by golemina]



posted on Mar, 10 2009 @ 07:08 PM
link   
SOP in software security is to protect your customers by keeping silent, until you have a fix. You do not publicize the problem till you can defend against it. Otherwise you are telling all the bad guys about an opportunity to roll your customers.

Silence from software security types should not be assumed to be guilt.
They may be unable to speak without jeopardizing customer security.

It is possible and a frequent occurance.



posted on Mar, 10 2009 @ 07:14 PM
link   
I like how now the official line is "well 4chan raided us and so we had to delete everything" when they knew full well that legitimate threads were being removed long before /b/ got hold of it.
In all seriousness it wouldnt be too difficult to fake a lot those Anon posts either just to get the ball rolling, kind of like the police plants you always find at peacefull protests who start hurling rocks at the police to give them an excuse to wade in with horses and batons.



posted on Mar, 10 2009 @ 07:20 PM
link   
reply to post by Cyberbian
 


In this case the actions of the file in question speaks volumes about their silence. It is fishier than the Tsukiji fish market in Tokyo..

They are having an 'ooooooh $%t we dropped the ball' moment, and are trying to formulate a response. Kinda like NIST and the 9/11 lie.



posted on Mar, 10 2009 @ 07:22 PM
link   
Someone with norton do a virus scan after they block PIFTS.EXE to see what happens. Might see something interesting pop up that Norton was previously letting through



posted on Mar, 10 2009 @ 07:22 PM
link   

Originally posted by GhostR1der
there is no need for that program pifts.exe to contact that particular server, collaborate data and the various changes it makes.


that's actually an excellent technical point. When a security program acts like spyware, why the HECK would anyone want it? It's a resource hog, we all know that, and here they go adding another do-dad who's purpose MIGHT be a lot of things, but none of them seem to be providing end user security.



posted on Mar, 10 2009 @ 07:25 PM
link   
Poster from /g/ who asked for /x/'s help here.

Poster from /g/ who asked for /x/'s help here.

Fascinating, they call it a simple update? It is not.

The program analyzed:

anubis.iseclab.org...

It clearly goes through and scrapes your history, temp files, cookies, etc, and it tries to contact a shady online storage place they recently acquired. Let's do a lookup on swapdrive! 67.134.208.160:80 is where PIFTS.exe asks to connect to.

Domain Name: SWAPDRIVE.COM

Administrative Contact:
Wallace, Marc
Web Data Group, LC



posted on Mar, 10 2009 @ 07:27 PM
link   

Originally posted by MoothyKnight
Someone with norton do a virus scan after they block PIFTS.EXE to see what happens. Might see something interesting pop up that Norton was previously letting through


Ive got Norton 360 on 3 of my 5 machines, two of which run my online radio stations and not a single one of them have this pifts garbage everyone is talking about.

My machines with Norton updated this morning and no popups came up asking to allow this file access.

I just ran a virus scan on all 3 as you requested, nothing.

I am behind 5 hardware firewalls and two of those are industrial type routers, so nothing can come in or go out unless I specify it can.

I suspect that maybe there is alot of people going to sites they shouldnt be and ending up with this exe because of such surfing activity?

All quiet here, all clean here.


Cheers!!!!



posted on Mar, 10 2009 @ 07:36 PM
link   
reply to post by RFBurns
 


That is because you have Nortons 360.

It only affects 2006/2007.



posted on Mar, 10 2009 @ 07:39 PM
link   
Unfortunately this did not post correctly when I posted it and the Majority of it did not show up when I posted it.... Coincidence? so I deleted the whole thing

-Kdial1



[edit on 10-3-2009 by kdial1]



posted on Mar, 10 2009 @ 07:41 PM
link   

Originally posted by fooffstarr
reply to post by RFBurns
 


That is because you have Nortons 360.

It only affects 2006/2007.


Thats good. So if everyone who is crying wolf would update their Norton then there would be no huff and puff and blow the house down scenario.

So why all the fuss over this by users of other AV programs?

Just to ride the tide and enjoy the glide?

Well its been an interesting event to watch anyway. Almost like watching a pack of bugs scattering when the light comes on!!



Cheers!!!!



posted on Mar, 10 2009 @ 07:46 PM
link   
reply to post by Cyberbian
 


I think you're mixing up the words silence and silencing. They're not only not saying anything, they're stopping US from saying anything.



posted on Mar, 10 2009 @ 07:46 PM
link   
It is important that we get this information out to everyone out there we know if in fact this is being used for intelligence gathering. This would be the biggest conspiracy and biggest form of the federal government gone rampant ever. I urge everyone to research as much as possible on this and do not let them cover this up with a cover story. Get to the bottom of this right now. I had a longer post I wrote 5 minutes earlier than this one but unfortunately it was deleted and or did not post correctly.

Keep up the good work everyone, it is up to us to uncover this. The MSM will have no part of this. I pray for United States of America and all of her citizens.

DON'T TREAD ON ME!!

-Kdial1



posted on Mar, 10 2009 @ 07:47 PM
link   
God i cant believe nones are finding that really scary




Click on " Competitive intelligence." Interesting! They talk about military intelligence gathering right on the page. So this "update" is scraping internet history and temp data and trying to contact a company who does online storage with shady ties to intelligence gathering. If it is datamining, Americans need not be surprised, we had AT&T do it on our phones and some act as if our computers are immune. Hey, let's look more into one of the owners of Swapdrive in the Web Data Group! There are more interesting people than Marc Wallace.


that update is is looking for your internet history and NONES are finding it scary, it contact a shady military stuff and NONES cares

i posted a tracert map with the destiantion route and NONES said anythings

like "oh ok its cool guys , Symantec is (snip) us in the (snip) , how fun!"


(ha finally some peoples are wakin up)

[edit on 10-3-2009 by OTTOKARMA]
Mod Edit: Profanity/Circumvention Of Censors – Please Review This Link.



[edit on 10-3-2009 by asala]



posted on Mar, 10 2009 @ 07:51 PM
link   
The previous post about the file padding is incorrect, what it shows is the program at sometime gets passed to UpdateResource, presumably something in the file changes. Possibly depending on local language settings etc.

If you want a read up on why it has PADDINGXX, look here:

www.codeproject.com...

I have a copy of the program now so I will look at what it does exactly tomorrow.

Looking at the site posted earlier that shows registry, file access etc. That is not necessarily norton accessing those files. That could be performed by other libraries that the file needs to open a network connection to send it's data back to the stats.norton.com. I guess those sites list those file accesses as they are listing everything that gets accessed while the sample.exe process is live.




top topics



 
267
<< 20  21  22    24  25  26 >>

log in

join