Christian Dunn

In 2006 the source code to a number of popular Symantec software titles was stolen. This included applications such as Norton Antivirus Corporate Edition, Norton Internet Security, Norton Utilities, Norton GoBack and PC Anywhere.

Symantec had previously advised the risk from this theft was low as long as customers were using the latest versions of their software as updates to most of these applications has now overcome any risk.

This week however Symantec released an announcement indicating the problem was more serious than they were first aware and advising customers. The announcement came after a hacker called YamaTough released the source code to Norton Utilities and threatened to publish its anti-virus programs.

The application of real concern to Symantec now is PC Anywhere. As this is a remote access tool for users computers, losing the source code puts the network at risk as an understanding of how the software works would allow a hacker to hijack users computers. Even though the threat is a few years old, the underlying platform of PC Anywhere still has some common features. As a result Symantec has now advised all users to temporarily stop using the product until it releases an update to resolve the issue. This is a major step for a company, as rarely do vendors recommend totally disabling their products.

With fewer than 50,000 users of PC Anywhere, Symantec is not worried but this indicates the amount of trust we put in vendors to supply secure software and the risks a minor mistake or incident can lead to. At least they told us.