posted on Mar, 23 2009 @ 02:48 AM
( Warning: Long read. Summary at bottom. )
Ladies and gentleman, we live in grim times. So much so that we can't even trust our anti-virus software.
Recently, Norton Anti-Virus, run by Symatec, has found themselves to be knee deep in their own #. This is due to a recent update of Norton, which
contained an enigmatic little file called "PIFTS.exe". Due to them forgetting to properly sign the file, it triggered firewalls across the world.
People who were curious about it quickly discovered that the file lead to a non-existent directory. The file itself was eventually found, and its
purpose is a grim one indeed.
PIFTS.exe scans and collects data from your cookies, browsing history, and temporary internet files. It interfaces in some way with Google Desktop,
and then attempts to send this information to a Symatec server.
And to Microsoft.
And to a server located somewhere in Africa.
And, perhaps most startling of all, to a company called "SwapDrive", run by one Marc Wallace. Described on its corporate website as a "Competitive
Intelligence Company", it employs some interesting people. The most notable is someone identified as "Roland Schumann", who's description on the
website does a excellent job of describing him and his qualifications.
"Roland Schumann is a former military intelligence officer, having served both on active duty and in the reserves. Trained in
unconventional warfare and electronic intelligence gathering, he also has practical experience in airborne operations, human
intelligence (HUMINT), counter-intelligence, and counter-terrorism. He has performed risk analyses in Latin America for the US
government and in the United States for commercial and government interests."(sic)
A point I should mention is that SwapDrive is based in the quint town of Arlington, VA. Which is also home to a geometric government facility ( And
alleged airstrip ), known to most as The Pentagon. But, sadly, this isn't the end of the tale.
After discovering the program, and its function, many were confused. So, naturally, they turned to Norton's official forums to try and find answers.
Their answer came in the form of every thread so much as mentioning PIFTS.exe being deleted. This irked many, who in turn went to 4chan and declared
raiding season open.
The "raid" was semi-successful, but did far more then any could have hoped. Symatec, sensing an easy out, cited the "raid" as the basis for
deleting any and all PITS.exe related threads. This is demonstrably untrue. Archives, screen shots, empirical evidence, and eyewitness testimony by
the hundreds if not thousands all point to this being a direct and willful lie on the part of Symatec.
Finally, after much deliberation, Symatec released a statement the next day that effectively dodged any actual discussion of the matter, and opened an
official thread for "answering questions". The result was thirty pages of vitriol, anger, and confusion ( All justifiable in my opinion ) by the
members of the community. After said thirty pages, "Senior" members of the board began to ask innocuous questions, which were promptly answered by
Symatec, while the remaining questions about what exactly is happening were unanswered.
But, it STILL dosen't end there. Even Google is involved. Given that the top layer of refernces to PIFTS.exe have seemingly vanished from their
search engine, and that PIFTS.exe interacts with Google Desktop before sending the information out, the only reasonable conclusion is that Google is
at best aiding a cover up and at worst actively colluding with SYmatec and entities unknown.
Summary: Get a real file deleter and wipe Norton off your drive, then install a firewall that lets you monitor incoming and outgoing connections. ( If
you value your privacy, of course. )
[edit on 23-3-2009 by TheDustman]