It looks like you're using an Ad Blocker.

Please white-list or disable AboveTopSecret.com in your ad-blocking tool.

Thank you.

 

Some features of ATS will be disabled while you continue to use an ad-blocker.

 

Symantec Antivirus zero day exploit

page: 1
3

log in

join
share:

posted on Oct, 23 2021 @ 03:31 AM
link   
Hello happy people!
I want to start off by telling a story (bear with me).

Back in late 2003 when I was still in the Air Force I met a guy in a yahoo chat room. I was a lonely, single guy with only 1 or 2 trusted friends so - what can I say? This was my life.
But also I think you have to remember that back in the late 90's and early 2000's yahoo was still kind of a big deal at the time.

We had similar gaming interests and became friends online. So we would commonly private message each other back and forth about what was going on in our lives.

He was a programmer that worked for small private firm - mainly working on a contractual basis. He would often talk about how he hated his job and the people he worked for but how he needed the money.

One evening in late 2003 we were messaging back and forth and he was pretty hammered (had a few too many drinks).

I brought up antivirus asking him what was a good option for a new computer. He started telling me all this information that I had no business knowing. Much of it I still don't remember. BUT he claimed that contained within Symantec antivirus was a zero day exploit. I kept pressing him on the issue trying to get more information but he was being very cryptic.

He never outright "Told" me that it was there at the request of the US Government but he DID imply it, indirectly.
It really messed me up for a day or so. I discussed it with a trusted buddy of mine but it never went any further.

Our consensus was that it HAD to be fake.
He didn't even work for Symantec, after all (Obviously, looking back, things make a lot more sense).

Then the news came out about Stuxnet, then later Snowden, etc..
Personally, I don't think he was involved with Stuxnet - although it is possible. Looking back, I now think he was involved with something deeper en-grained in Symantec that may still exist (which, itself, is pretty scary).

Nowadays, we find ourselves in a modern world wholly reliant on trusting devices and applications - So much so that we, inherently, create the vulnerabilities we would rather avoid. In a world dominated by TikTok, Facebook, Snapchat, etc.. This is the nature of the beast whether we like it or not - and Whether we know about it or not.

It's now much easier to use a trusted app on a mobile device than spending years developing and perfecting a string of code to deliver a payload. Those with malicious intentions now have more avenues open to them as a side-effect of our cultural and technological evolution.
What is certain is that we definitely aren't going to be out of the woods anytime soon.

BUT everytime I hear mention of Snowden I get this sinking feeling in my gut.
Not just because of what we now know about government surveillance.. But because of those unseen, "gears" in the machine that sit there gathering dust in the depths of the code that we have no idea about.

The deepest, darkest secrets of the government are always going to be classified. Especially, if those secrets continue to provide a tactical and/or strategic advantage (or a perceived advantage) over one's adversaries.

From a government standpoint you would want to insert zero day exploits somewhere that would give you "keys to the kingdom" so to speak.
If you can directly gain access via an exploit, one would want this exploit to be widespread and somewhere that is always going to be trusted by the users without question. Computer security/antivirus software is the ideal way to accomplish this.

I now believe this is one reason all government computers have used Symantec antivirus since 2000 or so.
It provides a wider "NET" for gathering data/information.

-ChriS



posted on Oct, 23 2021 @ 03:52 AM
link   
Owned by Broadcom Corporation, Chinese masters in control of all of US secrets.



posted on Oct, 23 2021 @ 06:19 AM
link   
a reply to: BlasteR
For the science forum, this is a rather speculative post regarding a source which provided no verifiable details.
So there's really not much to go on to investigate the veracity of the claim.

We can however discuss plausibility of such actions. Before the Snowden leaks I think most people thought the claims of government spying were mostly paranoia and often dismissed.

Then the Snowden leaks happened, and it was shocking to see that the spying was even more widespread than even some of the conspiracy theorists imagined it was. And just as we were starting to come to grips with the idea that the spying was worse than we ever imagined it was, we were hit with even more news after the Snowden leaks that it was even worse than that, the NSA had managed to invade the firmware of the world's hard drives. The firmware controls the drive and is generally inaccessible to the ordinary user, so it's not like ordinary users can erase the firmware or the exploits it contains, without killing the hard drive.

Moscow-Based Security Firm Reveals What May Be The Biggest NSA "Backdoor Exploit" Ever


originally posted by: SkepticOverlord
This looks like the NSA has created a permanent, non-removeable zero-day exploit on millions of computers around the world.

This is as bad as it gets.
So that permanent, non-removeable zero-day exploit was actually installed on the firmware, which is a hard thing to do, so if they can do that, it's certainly plausible they can plant zero-day exploits in software which is an easier thing to do.

I suppose this is why some paranoid people use only open-source software, where they can review the source code and compile the software from source. Even doing that requires rather high technical knowledge to be sure you don't miss anything, and of course it can take a lot of time if the code is large.

I've heard that even in some open-source software like Linux, they have somehow managed to slip in some sneaky things that people reviewing the source code may have missed (because again, it may not be obvious and if you're already dizzy from reviwing too many lines of code it would be easy to miss something sneaky).

For an example of how sneaky they can be, the NSA was participating in a committee developing encryption standards and they made some suggestions that weakened the encryption, making it less difficult for them to crack using some of their shortcuts. There wasn't much reaction to the discovery of that until the Snowden leaks when people realized the extent:

How a Crypto 'Backdoor' Pitted the Tech World Against the NSA

The Times story implies that the backdoor was intentionally put there by the NSA as part of a $250-million, decade-long covert operation by the agency to weaken and undermine the integrity of a number of encryption systems used by millions of people around the world.


Whether there's a zero day exploit in Symantec Antivirus or not I can't say. But whether such a thing is plausible based on the known history of use of other zero day exploits like those in our hard drives, I would say yes, such a thing is plausible.



posted on Oct, 23 2021 @ 09:56 PM
link   

originally posted by: BlasteR

I now believe this is one reason all government computers have used Symantec antivirus since 2000 or so.
It provides a wider "NET" for gathering data/information.

-ChriS

They don't.

I was a computer geek and worked for the government (many here can confirm this) and I can tell you flat out that we used whatever worked best. Norton, Symantec, AVG, MacAfee... often we'd use two or three simultaneously. Any geek worth their salt kept up with the developments and followed the newsfeeds from the big tech antivirus guys to see what was currently in the wild and what offered the best protection.

We were the old style geeks; not the new script kiddies, and we knew just how many holes there were.

I don't doubt that some agencies and government branches used Symantec (thanks to buyers) but people also brought in their own stuff from home (we hated that -- because often their stuff at home was virused up) and even downloaded freeware. But to say that everyone had/used Symantec, that's a definite "no."



posted on Nov, 12 2021 @ 11:34 PM
link   

originally posted by: BlasteR


From a government standpoint you would want to insert zero day exploits somewhere that would give you "keys to the kingdom" so to speak.
If you can directly gain access via an exploit, one would want this exploit to be widespread and somewhere that is always going to be trusted by the users without question. Computer security/antivirus software is the ideal way to accomplish this.

I now believe this is one reason all government computers have used Symantec antivirus since 2000 or so.
It provides a wider "NET" for gathering data/information.

-ChriS


The ultimate exploit is to intercept Microsoft Windows Update. That's such an obvious channel that it's likely multiple intelligence agencies use it.



posted on Nov, 13 2021 @ 01:59 AM
link   
a reply to: mbkennel

I have always worked on the premise that everything I do on the computer is overseen, the only safe way to send another person a message is still by Pidgeon.



posted on Nov, 21 2021 @ 01:40 AM
link   


For the science forum, this is a rather speculative post regarding a source which provided no verifiable details.
So there's really not much to go on to investigate the veracity of the claim.


The forum is "Science and Technology". Although, admittedly, there didn't seem any well-fitting location on the forum for this particular thread.

I did save a record of that old conversation at the time.
However, I lost my old PC when my apartment burnt down in '03 and lost everything I owned.

a reply to: Arbitrageur


Whether there's a zero day exploit in Symantec Antivirus or not I can't say. But whether such a thing is plausible based on the known history of use of other zero day exploits like those in our hard drives, I would say yes, such a thing is plausible.


I would agree but not just based solely on my own experience and heresay statements.
It has happened before. So there is definitely a precedent.

Apparently, according to some researchers, ransomware is becoming so rampant right now they are making enough money to "buy" zero-days.
Ransomware gangs are now rich enough to buy zero-day flaws, say researchers

These are older but pretty interesting/applicable here:
The Strange Journey of an NSA Zero-Day—Into Multiple Enemies' Hands

Norton, Symantec security software riddled with critical vulnerabilities

The Untold History of America’s Zero-Day Market


a reply to: mbkennel


The ultimate exploit is to intercept Microsoft Windows Update. That's such an obvious channel that it's likely multiple intelligence agencies use it.


Once you have a society that trusts their phones and relies on them like we do, it opens up a big hole for all sorts of malicious attacks.
Malicious code camouflaging itself within a trusted app on your mobile device is pretty tough to defend against.
Meanwhile, companies like apple are basically saying "trust us with your security".
You can't install any antivirus programs on ios that is useful.
The few security/antivirus apps available for ios are blocked from scanning anything due to Apple's pretty intense security restrictions.

-ChriS


edit on 21-11-2021 by BlasteR because: (fixed broken links)

edit on 21-11-2021 by BlasteR because: (no reason given)




top topics



 
3

log in

join