EditorsAbout the SiteComes vs. MicrosoftUsing This Web SiteSite ArchivesCredibility IndexOOXMLOpenDocumentPatentsNovellNews DigestSite NewsRSS

08.06.14

Symantec Deserves a Ban in China for Not Reporting US Government Back Doors

Posted in Microsoft, Security, Windows at 10:29 am by Dr. Roy Schestowitz

Tick the box to ban

Symantec logo

Summary: Symantec, a Windows insecurity firm, is miserably trying to divert attention away from reports about distrust that led to a ban in China

According to many reports this week [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16], China does not trust some US- and Russia-based companies to take care of ‘security’ in China. It’s about time.

Reports focus on two firms, but another one is seemingly affected (Symantec). While Kaspersky (which we occasionally mention here) does not deny the claims, Symantec does strike back and “Says its Products are Still Allowed in China”. This is a cleverly-worded denial. Some products are definitely banned, but the “Security software developer Symantec Corporation denied its software has been banned in China.” Symantec merely says or emphasises that not everything is banned.

Just to be more specific: “It is important to note that this list is only for certain types of procurement and Symantec products are not banned by the Chinese government.”

Kaspersky is hyping up security threats at the moment and Symantec is trying hard to dodge the negative publicity because trust is fundamental to their sales. Symantec, which has strong Microsoft connections and disdain for FOSS, should not be trusted if China does not trust Microsoft (we already know how China feels about the ‘new’ Microsoft). To quote an IDG report:

Symantec and Kaspersky Lab have become the latest tech firms to be kicked off the Chinese Government’s approved list, according to an unconfirmed report in the country’s media.

The People’s Daily newspaper broke the news at the weekend in a report that claimed that local supplies including Qihoo 360, Venustech, CAJinchen, Beijing Jiangmin and Rising would from now on be the preferred software for antivirus duties.

The news seems to have surprised both firms, which have until now have been approved suppliers for desktop security.

Symantec has been overlooking government back doors such as the ones Microsoft puts in place and lets the US government know about. This is an older debate which made a comeback amid NSA leaks (other antivirus makers seemingly exempt government malware and such, e.g. Stuxnet). Here is Wall Street’s press coverage:

That’s a lesson that Microsoft and Symantec are learning right now. An antivirus company from Silicon Valley, Symantec competes in China against local favorites like Beijing-based Qihoo 360 Technology. According to reports by Bloomberg News and the Chinese media, China has instructed government departments to stop buying antivirus software by Symantec and its Moscow-based rival, Kaspersky Lab. Symantec software has backdoors that could allow outside access, according to an order from the Public Security Ministry. Not coincidentally, Qihoo’s New York-traded shares rose 2.7 percent yesterday, following reports of the move against Symantec and Kapersky.

Well, good for them. After being cracked by the NSA they need to secure their systems by better identifying possible moles (in the software sense).

Dan Goodin, who typically slams FOSS over security issues (less severe than in proprietary software), finally writes about Microsoft’s best known back doors that it tells the NSA about (Goodin does not mention the NSA connection):

There’s a trivial way for drive-by exploit developers to bypass the security sandbox in almost all versions of Internet Explorer, and Microsoft says it has no immediate plans to fix it, according to researchers from Hewlett-Packard.

The exploit technique, laid out in a blog post published Thursday, significantly lowers the bar for attacks that surreptitiously install malware on end-user computers. Sandboxes like those included in IE and Google Chrome effectively require attackers to devise two exploits, one that pierces the sandbox and the other that targets a flaw in some other part of the browser. Having a reliable way to clear the first hurdle drastically lessens the burden of developing sophisticated attacks.

What can Symantec do to stop this other than suggest abandoning Windows (its bread and butter)? Symantec must have known about back doors in the form of IE vulnerabilities, but did it properly protect China from it? No, Symantec makes money from the prevalence of Windows and the company’s management is deeply connected to Microsoft’s.

Share this post: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Reddit
  • co.mments
  • DZone
  • email
  • Google Bookmarks
  • LinkedIn
  • NewsVine
  • Print
  • Technorati
  • TwitThis
  • Facebook

If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

Pages that cross-reference this one

What Else is New


  1. South Korea's Government Will Show If Microsoft Loves Linux or Just Attacks It Very Viciously Like It Did in Munich

    Microsoft's hatred of all things GNU/Linux is always put to the test when someone 'dares' use it outside Microsoft's control and cash cows (e.g. Azure and Vista 10/WSL); will Microsoft combat its longstanding urge to corrupt or oust officials with the courage to say "no" to Microsoft?



  2. Links 19/5/2019: KDE Applications 19.04.1 in FlatHub and GNU/Linux Adoption

    Links for the day



  3. The War on Patent Quality

    A look at the EPO's reluctance to admit errors and resistance to the EPC, which is its very founding document



  4. Watchtroll, Composed by Patent Trolls, Calls the American Patent System “Corrupt”

    Another very fine piece from Watchtroll comes from very fine patent trolls who cheer for Donald Trump as if he's the one who tackles corruption rather than spreading it



  5. Unified Patent Court Won't Happen Just Because the Litigation Microcosm Wants It

    Unified Patent Court (UPC) hopefuls are quote-mining and cherry-picking to manufacture the false impression that the UPC is just around the corner when in reality the UPC is pretty much dead (but not buried yet)



  6. Links 17/5/2019: South Korea's GNU/Linux Pivot, Linux 5.1.3

    Links for the day



  7. Q2 Midterm Weather Forecast for EPOnia, Part 4: Happy Birthday to the Kötter Group?

    This year the Kötter Group commemorates the 85th anniversary of its existence. But is it really a cause for celebration or would a less self-congratulatory approach be more fitting? And does it create the risk that a routine tendering exercise at the EPO will turn into Operation Charlie Foxtrot?



  8. Links 16/5/2019: Cockpit 194, VMware Acquires Bitnami, Another Wine Announcement and Krita 4.2.0 Beta

    Links for the day



  9. The EPO's Key Function -- Like the UPC's Vision -- Has Virtually Collapsed

    The EPO no longer issues good patents and staff is extremely unhappy; but the Office tries to create an alternate (false) reality and issues intentionally misleading statements



  10. Stanford's NPE Litigation Database Makes a Nice Addition in the Fight Against Software Patent Trolls

    As the United States of America becomes less trolls- and software patents-friendly (often conflated with plaintiff (un)friendliness) it's important to have accurate data which documents the numbers and motivates better policy; The NPE (troll) Litigation Database is a move towards that and it's free to access/use



  11. Q2 Midterm Weather Forecast for EPOnia, Part 3: “Ein kritikwürdiges Unternehmen”

    A brief account of some further controversies in which the Kötter Group has been involved and its strained relations with German trade unions such as Verdi



  12. EPO Had a Leakage Problem and Privacy of Stakeholders Was Compromised, Affecting at Least 100 Cases

    The confidentiality principle was compromised at the EPO and stakeholders weren't told about it (there was a coverup)



  13. Links 15/5/2019: More Linux Patches and More Known Intel Bugs

    Links for the day



  14. False Hope for Patent Maximalists and Litigation Zealots

    Patent litigation predators in the United States, along with Team UPC in Europe, are trying to manufacture optimistic predictions; a quick and rather shallow critical analysis reveals their lies and distortions



  15. The Race to the Bottom of Patent Quality at the EPO

    The EPO has become more like a rubber-stamper than a patent office — a fact that worries senior staff who witnessed this gradual and troublesome transition (from quality to raw quantity)



  16. Q2 Midterm Weather Forecast for EPOnia, Part 2: Meet the Kötters

    An introduction to the Kötter Group, the private security conglomerate which is lined up for the award of a juicy EUR 30 million contract for the provision of security services at the EPO



  17. Links 14/5/2019: Red Hat Satellite 6.5, NVIDIA 430.14 Linux Driver and New Security Bug (MDS)

    Links for the day



  18. Links 14/5/2019: GNU/Linux in Kerala, DXVK 1.2, KDE Frameworks 5.58.0 Released

    Links for the day



  19. Q2 Midterm Weather Forecast for EPOnia, Part 1: Urgent Shitstorm Alert

    Experts at the European Patent Office's (EPO) weather observation station have just issued an urgent alert warning about a major shitstorm looming on the horizon



  20. Patents That Were Gleefully Granted by the EPO Continue to Perish in Courts

    The decreasing quality of granted European Patents already becomes a growing problem if not a crisis of uncertainty



  21. Links 13/5/2019: ExTiX 19.5 and GNU Radio Conference 2019

    Links for the day



  22. The Microsoft Guide to the Open Source Galaxy

    Thou shalt not...



  23. Microsoft Would Kill the Goose for Money

    Microsoft is just 'monetising' Open Source by using it as 'bait' for Microsoft's proprietary software; those who we might expect to antagonise this have effectively been bribed by Microsoft



  24. Links 13/5/2019: Nanonote 1.2.0, OpenMandriva Lx 4.0 RC, and GNUnet 0.11.4

    Links for the day



  25. Professionally Incompetent EPO Management

    The EPO remains an awful employer, with top-level management largely responsible for the loss of talent and even money



  26. Links 12/5/2019: Linux 5.1.1, GDB 8.3, KStars 3.2.2 Released

    Links for the day



  27. Did Battistelli 'Steal' ~$100,000,000 Euros From the EPO?

    While enjoying diplomatic immunity the thug from CEIPI (who is back at the EPO as a jurist) passed millions if not billions (over the long run) in liabilities; this was done with total and inexcusable impunity, no effective oversight



  28. The Biased EPO Does Not Want to Hear From Anyone Except Those Who Pay the EPO

    The EPO's corruption and violations of the law are a threat to everyone in the world; the EPO only ever listens to those who pay for "access" or those who embrace the "religion" of the EPO



  29. Team UPC Has Run Out of Arguments, So Now It's Just Writing Anti-Brexit Rants With Testicles in the Headlines

    Nothing has worked for firms that crafted and lobbied hard for the Unified Patent Court (UPC); after necrophilia a new low is being reached



  30. Making the Patent System About Productive Actors (Again), Not a Bunch of Law Firms and Trolls

    The US patent system is going out of shape and out of tune, just like the EPO when Battistelli came to it, dismantling the rule of law and even judges whom he did not like


RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

Recent Posts