Help ATS with a contribution via PayPal:
learn more

SCI: Tech Fears Arise Over Norton and Pifts.exe

page: 32
267
<< 29  30  31    33  34 >>

log in

join

posted on Mar, 13 2009 @ 01:04 PM
link   
reply to post by tim_lopez
 


Welcome to the lions den Tim.

Now maybe you could actually go into WHY the legitimate posts were deleted PRIOR to the spamming of your forums.




posted on Mar, 13 2009 @ 01:35 PM
link   
reply to post by tim_lopez
 


That still doesn't tell us why you were deleting relevent posts BEFORE the spam attacks started. You guys seem to be pretty keen on forgetting that part, and I must say it is getting pretty old.

The spamming was a RESULT of legit posts being taken down! Please stop trying to confuse the issue by saying that spamming was the cause of this whole mess.

Kudos for coming on here, but you will have to do a little better than blame this all on a spam attack...



posted on Mar, 13 2009 @ 06:46 PM
link   
 


off-topic post removed to prevent thread-drift


 



posted on Mar, 13 2009 @ 06:59 PM
link   
Hi,

I understand why it is viewed that we took down legitimate posts. This is why I touched on this subject first in my message I posted. I've read many blogs that say they googled "PIFTS.exe" and it took them to a broken link in our forums. This was because we had multiple threads on the same subject and we merged them all in to one. When we did this, it resulted in those google result links being broken. It wasn't until suspicious activity was happening with some of the responses, that we locked the thread (this was before the larger spam attack we experienced later on). By that time, people created new threads on the same subject.

We were contacting proper people to find out more about this update. After all, we are the forum administrators/moderators - we have to contact people to get technical responses (as much as it would be nice to know everyone). I think one of our biggest failures in this, as administrators/moderators, was that we failed to communicate early on that we were looking in to it. This is something we've learned from and are correcting.

After this, was when people started claming posts were being deleted (when really they were just being merged to like-threads), so we started getting spammed. At that point, we had to act quick to remove or obscene and inappropriate content people were posted. This is what ended up causing the removal of the legitimate posts, as they were all mixed in with the spam.

Our "removal" isn't actually deleting posts, but hiding the posts from public view. We kept the posts hidden until we were able to sort through all the posts and retrieve all the legitimate posts. We restored the non-spam posts yesterday. (community.norton.com...)

I understand how people can assume after observing the broken links that we deleted posts early on. I saw the google results and saw what happened when we merged the threads. Unfortunately, things got carried away pretty quickly. In the heat of the moment, it's really difficult to understand what's going on. Our focus became "red alert" once the spam attacks started. After a few days, it's become much easier to see why things were misunderstood.

I would encourage you to also check out a blog post Dave Cole posted on our Norton Protection Blog that touches a lot on the forums and why some things happened - community.norton.com...

The subject on removing threads hasn't been something that we've been avoiding. We've actually been openly discussing this for the past couple days on our forums. We've said a lot and explained in great detail what happened and the error in posts being removed. Please join us over there. I promise that you won't feel like you're in the lions den. If you are greeted that way, please let me know so I can deal with it.

Like I said in my previous posts, we have implemented new strategies to ensure this doesn't happen again. I really encourage you to come join in the discussion on our Norton Community Forums if you have any questions. Being that I am an Administrator for Norton Community Forums, I don't spend much time on other forums. However, if you have concerns - I want to hear them and clear them up for you.

Cheers,
Tim Lopez
Norton Forums Administrator
community.norton.com...



posted on Mar, 13 2009 @ 07:02 PM
link   
Yes, I agree thanks for posting,

Now answer:

Why did you delete ligitimate posts?

Why did you need PIFTS.exe at all? (since every time you update the AV app IDs itself)

Why so long to answer?

Why was there no check on the code sent out in an update?


Thanks



posted on Mar, 13 2009 @ 07:13 PM
link   
That explains everything to me except for one or two things.
What does pifts.exe even do, and why did Yahoo Answers! take them down before the spamming too?



posted on Mar, 13 2009 @ 08:19 PM
link   

Originally posted by Nventual
That explains everything to me except for one or two things.
What does pifts.exe even do, and why did Yahoo Answers! take them down before the spamming too?


Hi Nventual,

Detailed technical information about PIFTS.exe is posted on this post - community.norton.com...

As for why Yahoo Answers removed the post, I don't know. Perhaps they were witnessing unusual behavior in the entry. That's speculation though. I would contact Yahoo if you are truly interested in why it was removed.

Again, please check out the threads available in the links in my original post. We've already compiled this information for everyone.

Cheers,
Tim Lopez
Norton Community Forums Administrator
community.norton.com...



posted on Mar, 14 2009 @ 03:56 PM
link   
reply to post by tim_lopez
 


If the first posts were legitimate posts, then why hide them and merge the first ones?

I feel as if the logic does not follow. If a company did not want to seem suspicious, you would leave the few initial threads up to gather responses in those initial threads, not delete them. Then, only then, would you hide/lock any subsequent threads on the same topic/subject.

[edit on 14-3-2009 by Unlimitedpossibilities]



posted on Mar, 14 2009 @ 07:24 PM
link   
Freebase.org Blasts Norton Symantec


On March 9, 2009, Norton Internet Security users around the world encountered a suspicious message which indicated that an unsigned program, PIFTS.exe, was trying to connect to the Internet. Users quickly turned to Google where they only found other users looking for the same answers. Next they began posting questions on the official Norton Internet Security message board.

Here is where the situation quickly deteriorated. Forum moderators began pulling every single post which mentioned PIFTS or merely alluded to it. Symantec realized that they had a problem on their hands and hoped that they could keep things quiet long enough to prepare a fix. But what they failed to comprehend was that their actions to cover-up their mistake created a fertile breeding ground for misinformation and conspiracy theories. A search for "PIFTS" on their site gave but one response: "Did you mean: gifts?"

As is often the case, Symantec's cover-up was much worse than the actual crime. They could have prevented this disaster by posting an official statement immediately, not an entire day after the fact. To make matters worse, when Symantec employee Dave Cole posted the official response he tried to brush aside the mass deletion of legitimate posts regarding PIFTS with this statement:

Symantec strictly adheres to its Norton Community Terms of Service and does not delete postings unless they are in violation of these guidelines. Upon determining that our User Forums were being abused, Symantec began removing the spam posts.
Dave Cole
Senior Director of Product Management
Consumer Products and Solutions
Symantec


freebase.org...

I just want to say that I never trusted Norton, McCaffe, or any such products to begin with. Here's my list of trustworthy anti-virus/anti-spyware:

1. SUPERanti-spyware
2. Combo Fix
3. Spyware Blaster
4. AVG Anti-virus
5. Trend Micro
6. Spyware Defender
7. Advanced Care System Pro
8. A List of other spyware programs: www.kellys-korner-xp.com...



[edit on 3/14/2009 by Mr Knowledge]



posted on Mar, 14 2009 @ 10:41 PM
link   
This might be a leak into the true world of malicious software and viruses. For a while now, I have thought about how odd it is that so many "malicious" programs keep coming up - it's like 100+ new threats each day. Could this whole fiasco be Symantec's attempt to hide its involvement with people who make these malware and adware programs?

In summary, this story might be proof that anti-virus/anti-spyware/anti-malware are being funded by the same companies that build software to counter the threats they create.



posted on Mar, 15 2009 @ 12:24 AM
link   
reply to post by Dark Ghost
 


You are inevitably right in alot of ways. At least IMO.
There are a few reasons why.

Many intelligence organisations (Dept. of Homeland Security, the NSA, etc.) are constantly coming out with new "tools" for gathering information and many of these tools are designed around monitoring the internet traffic of a small percentage of domestic internet activities. These are all classified, of coarse, which means we can only speculate as to how they are doing this.

The following news story seems to confirm the reality of not only intel-gathering for our own intelligence insitutions but also intelligence-gathering being performed by private organisations like AT&T who probably have contracts with other organisations to gather information about domestic internet traffic and then send the more important data to various intelligence organisations.

AT&T is currently involved in a lawsuit regarding these very allegations.
See news story:

www.ufodigest.com...


AT&T agreed to allow large portions of sealed documents that sit at the heart of an anti-spying case against the telecom giant which alleges the company illegally installed secret surveillance rooms in its internet facilities at the behest of the National Security Agency. The case brought by the Electronic Frontier Foundation in January 2006 relies on documents provided to the group by Mark Klein, a retired AT&T technician who took three documents home with him when he retired in 2004.

AT&T acceded to the disclosure only after the EFF threatened to ask a federal appeals court to unseal documents that had been published by Wired News and Frontline, which would have forced the company's lawyers into the embarrassing position of arguing that documents available on the internet for more than a year were secret, according to Cindy Cohn, the EFF's legal director.

Those documents, along with a signed declaration from Klein and an interpretation of the documents by internet expert J. Scott Marcus, were kept mostly under wraps by court order that applied to the parties in the case. However, Wired News was able to independently acquire significant portions of the wiring diagrams, equipment list and task orders, and published them in May 2006. Today's newly released portions of the Hepting documents confirm that the Wired documents are the same as those under seal.



AT&T likely has 15 to 20 of these rooms around the country, shipped data out of the rooms via a separate network to another location and collectively, the rooms were able to keep tabs on some 10% of the nation's purely domestic intenret traffic, according to Marcus.

The obvious and natural design for a massive surveillance system for IPO-based data, and the one most cost-effective to implement, would in my judgment be comprised of the following elements:

(1) massive data capture at the locations where the data can be tapped,

(2) high speed screening and reduction of the captured data at the point of capture in order to identify data of interest,

(3) shipment of the data of interest to one or two central collection points for more detailed analysis, and

(4) intensive analysis and cross correlation of the data of interest by very powerful processing engines at the central location or locations.


Anyway, it is not only possible that intelligence organisations can include code in other software to spy on the American people but probably likely when you think about it. The biggest LIKELY target, from a hypothetical standpoint, would be to strike a deal with manufacturers of some of the most widely disseminated software out there (anti-virus and anti-spyware programs themselves) in an effort to gather the most possible information, at will, related to American and International internet traffic.

Alex Jones talked about this back in October 2005 in this article
GOVERNMENT AND COMPUTER MANUFACTURERS CAUGHT INSTALLING HARD-WIRED KEYSTROKE LOGGERS INTO ALL NEW LAPTOP COMPUTERS!

These keystroke loggers appeared to have been engineered for the purpose of direct internet monitoring by the Department of Homeland Security. Alex Jones did investigate into the issue somewhat. But ever since this story came out I have seen nothing related to this.


A little more research, and I found that that board spliced in between the keyboard and the ethernet chip is little more than a Keyghost hardware keylogger.

The reasons a computer manufacturer would put this in their laptops can only be left up to your imagination. It would be very impractical to hand-anylze the logs, and very CPU-intensive to do so on a computer for every person that purchased a laptop. Why are these keyloggers here? I recently almost found out.

I called the police, as having a keylogger unknown to me in my laptop is a serious offense. They told me to call the Department of Homeland Security. At this point, I am in disbelief. Why would the DHS have a keylogger in my laptop? It was surreal.

So I called them, and they told me to submit a Freedom of Information Act request. This is what I got back:



Under the Freedom Of Information Act (FOIA) the only items exempt from public disclosure are items relating to "law enforcement tools and techniques" and "items relating to national security."

The real life implications of this are plain: Computer manufacturers appear to be cooperating with the Department of Homeland Security to make every person who buys a new computer subject to immediate, unrestricted government recording of everything they do on those computers! EVERYTHING!


So.. are these keyloggers real? They seem to be quite real (or at least when they were being installed by laptop manufacturers). But you can be the judge.

-ChriS

[edit on 15-3-2009 by BlasteR]



posted on Mar, 15 2009 @ 01:06 AM
link   
Why do I get the feeling Symantec has some of it's puppets scanning this thread?



posted on Mar, 16 2009 @ 11:37 AM
link   
Hi Tim, would it be possible to release software that can be completely deleted from Windows without leaving traces of itself all over the registry like a disease?

After my experience with NAV, I'd rather download antivirus tools from a Nigerian porn site pop-up _



posted on Mar, 16 2009 @ 04:48 PM
link   
Hello Tim,

I have tried to ask you these 2 questions in the norton forum but you must have missed them.

Why does the update look at your internet history and google desktop history?

And why does it send them to a Microsoft server and your own online storage service SwapDrive?

Just can't figure out why you'd need your customer's internet browsing history, cookies ect., and why you'd send that data to Microsoft and keep a copy in your massive online storage site.

Please answer these 2 easy questions. If you reply with something along the lines of we are waiting for that information, we will know something fishy is up.

Thank you Tim for coming to this forum to address this issue, look forward to a response.

Edit to add one more, DO ALL OF YOUR UPDATES ALSO UPDATE YOUR CUSTOMER'S BROWSING HISTORY THAT YOU SEEM TO BE KEEPING ON FILE??

[edit on 16-3-2009 by breakingdradles]



posted on Mar, 16 2009 @ 05:29 PM
link   

Originally posted by Blackmarketeer
Hi Tim, would it be possible to release software that can be completely deleted from Windows without leaving traces of itself all over the registry like a disease?

After my experience with NAV, I'd rather download antivirus tools from a Nigerian porn site pop-up _



I'll second this question! It's alarming that you need a removal tool to really get rid of it. Why can't the removal tool just be incorporated into the program itself or the uninstaller????



posted on Mar, 16 2009 @ 08:06 PM
link   
reply to post by tim_lopez
 




Wow it really is easy to explain this all away. You are doing your job very well Tim Lopez. Unfortunately you are not telling the truth as it happened and the PIFTS.EXE posts were not merged into one and that is not the reason why the google links were broken. I was watching this unfold from the very beginning and although that is a sound excuse it is just not true. You deleted or hid all the posts about PIFTS.EXE and there were no posts allowed on your forum regarding PIFTS until you all had come up with a game plan for explaining this away.
Anyways I don't care anymore as it seems most people have forgotten about this whole incident and are willing to believe your lies but as someone who watched from the beginning the way you handled this whole situation and the way you are still lying to people I had to reply



posted on Mar, 18 2009 @ 08:45 AM
link   

Originally posted by yeastblood
reply to post by tim_lopez
 




Wow it really is easy to explain this all away. You are doing your job very well Tim Lopez. Unfortunately you are not telling the truth as it happened and the PIFTS.EXE posts were not merged into one and that is not the reason why the google links were broken. I was watching this unfold from the very beginning and although that is a sound excuse it is just not true. You deleted or hid all the posts about PIFTS.EXE and there were no posts allowed on your forum regarding PIFTS until you all had come up with a game plan for explaining this away.
Anyways I don't care anymore as it seems most people have forgotten about this whole incident and are willing to believe your lies but as someone who watched from the beginning the way you handled this whole situation and the way you are still lying to people I had to reply


It looks ironclad to me, also. Symantec is glossing this over, with no intention of ever revealing the truth. I say we, as ATS members, should officially declare Symantec products MALWARE and boycott them (as some members already do). Even if PIFTS is harmless, Symantec mishandled the whole affair, totally unprofessional, as I see it. I have used their products in the past, but never again!



posted on Mar, 19 2009 @ 05:58 PM
link   
probably totally unrelated to the pifts file but saw this in the news today...

several customers had their credit card details stolen and sold to undercover reporters after buying norton products from symatec via their indian call centre

full story here



posted on Mar, 19 2009 @ 06:17 PM
link   

Originally posted by breakingdradles
Hello Tim,

I have tried to ask you these 2 questions in the norton forum but you must have missed them.

Why does the update look at your internet history and google desktop history?

And why does it send them to a Microsoft server and your own online storage service SwapDrive?

Just can't figure out why you'd need your customer's internet browsing history, cookies ect., and why you'd send that data to Microsoft and keep a copy in your massive online storage site.

Please answer these 2 easy questions. If you reply with something along the lines of we are waiting for that information, we will know something fishy is up.

Thank you Tim for coming to this forum to address this issue, look forward to a response.

Edit to add one more, DO ALL OF YOUR UPDATES ALSO UPDATE YOUR CUSTOMER'S BROWSING HISTORY THAT YOU SEEM TO BE KEEPING ON FILE??


Just bumping this wonderful list of unanswered questions to keep it at the forefront.

Back OT:
I own a small business with 10 - 12 computers, each running NAV. My immediate plans are to remove / replace NAV one I determine a suitable replacement app.

OK, small potatoes, but unless I know more about the info gathered, it is the very least I can do. Worthy of note is 3 computers reside in a client lounge area and clients have
unlimited access to them. Their trail (to who knows where) could be potentially incriminating.

Regards...KK

[edit on 19-3-2009 by kinda kurious]



posted on Mar, 19 2009 @ 08:57 PM
link   
If you're looking for replacement antivirus software here's a great place to start. Reliable and unbiased review of all the offerings

www.av-comparatives.org...

This is also a must see considering the topic of the thread


www.thepcspy.com...

[edit on 19-3-2009 by warpboost]





new topics

top topics



 
267
<< 29  30  31    33  34 >>

log in

join