Krypt3ia

(Greek: κρυπτεία / krupteía, from κρυπτός / kruptós, “hidden, secret things”)

Forest for the Trees… And Other Aphorisms for BUY A CLUE

with 11 comments

Look It’s A Birdie!

Ok, so everyone is all over this YamaTough extortion/bribery/leakage thing but I have not seen anything really about the elephant in the room. Everyone is all over the fact that the code has been leaked, that a faux Indian twitter acct is boasting all the time about being smarter than everyone, and that Symantec is full of shit trying to catch them/him in an extortion scheme by posting pastebin’s of email encounters by the players.

*blink*

Ummm… So… Yeah, uhhh.. the hack that the code came from was back in 2006 right? So, tell me.. Where has it been lo’ these many years? Who had it? Who hacked Symantec in the first place?

*Anyone?… Anyone?… Bueller?*

Bait and Switch

So Yama had some code that was probably given to him/them by “someone” recently to be used in any way they like. Yama and the skidz then decide to release that data to the world and attempt to shame Symantec (a company btw probably on the AntiSec hit list) and sow FUD about their already quite shitty (trust me) AV systems.

Hrmmmm…

Ok, well, the code is in the open now… OH NOES! But wait… What’s that niggling little voice yelling in the background?

Oh yeah.. SYMANTEC WAS COMPROMISED IN 2006!

So once again, I ask you.. Where has that code been all this time that Symantec had no idea it had been taken? Oh, and also, if they did not know they were hacked in 2006, what makes you all think that the rest of their code over the years has not been in the hands of those who hacked it back in 06?

*Do you see where I am going with this? Think chess here…*

Those who have had access likely were the types to either be nation state.. OR.. Selling the access to nation state actors. Who else would keep this quiet for soooo long huh? I mean all of you out there in the know, do you remember anyone spilling the beans that the source for Symantec was available? Personally, I think that the malware dev’s out there chose the BIGGEST target for AV (and we all know just how popular Symantec is don’t we?) and hacked it discreetly to gain access to code and develop malware that would avoid NAV altogether right?

Hello Mr. Elephant…

Seeing the Trees for the Forest

So, unless the facts are much more convoluted here and that there is a lot of lying going on (well, there is but you know, base facts here) then this stuff has been in the hands of someone.. Someone who probably did naughty things with it (Chairman Meow maybe? or Ol’ Pooty Poot?.. Or.. Ooh Israel perhaps?) Haven’t you all wondered about just how much malware lately seems to be able to switch off NAV altogether? Place itself in the whitelist area?

Yeah…

Meh, maybe it’s just me and my tinfoil hat paranoid tendencies eh?

Say… Isn’t that elephant’s trunk rooting around in Symantecs pocket?

Look at the birdie! Look at the birdie! LOOK AT THE GOD DAMNED BIRDIE!

K.

Written by Krypt3ia

2012/02/08 at 14:45

Posted in Lulz, YamaTough

11 Responses

Subscribe to comments with RSS.

  1. Seriously, what value have you added with your rant. Did it make you feel better, does it make you feel more powerful?

    Comments from people like you is why the internet is full of trash.

    If you are going to criticize a company or product e.g.”sow FUD about their already quite shitty (trust me) AV systems” back it up with some facts. Don’t put a disclaimer of “trust me”. give us a reason to trust you.

    Just because you have a website and the freedom to write what ever goes through your head, does not make you a trustworthy person.

    Even if you had a bad experience with a product, it doesn’t make it shitty. Did you have training on this product? Did you know how to use it properly?

    If you think you can do a better job, why are you not developing your own AV systems?

    Collective Grooves

    2012/02/10 at 05:53

  2. I would say a code leak from 2006 is not that big of a deal. As you state, malware devs are constantly creating new malware that I believe causes symantec to constantly change it’s code anyways. I’m not the biggest fan of them, but a leak from 2006? Big deal. Obviously this Yama guy has an an inflated sense of self and tries to put too much importance on what he did (like most of antisec). Malware devs have been working their way around most AV companies for years, so yeah, 2006, that’s old news, I’m sure malware devs have probably worked their way around more recent code.

    Erthwjim

    2012/02/10 at 06:37

  3. Ok then, how about I have managed an enterprise with their shitty product and it was the suck? Go back to your two thousand dollar faceyspace machine at Mac.

    Krypt3ia

    2012/02/10 at 10:43

  4. JD. I agree, the point though was that if they did not know they were hacked in 2010 (as claimed) then who’s to say all along they haven’t as well. Of course escrow of their source is out there as well, so meh. I think Yama is a poser and that in fact pretty sure this source was given to him/them… No big deal. What is a big deal to me is that no one has said anything about the other side of this whole debacle.

    Krypt3ia

    2012/02/10 at 10:48

  5. Wow you managed an enterprise. Whoopi Doo. Guess what so have I and so have millions of others.

    You make comment to NAV. If you were managing an enterprise, you would have been using SAV or SEP. NAV is a consumer product where as SAV and SEP are commercial products.

    Just because you had a bad experience with the product. How does that give you the right to comment without backing up your comments without any facts?

    Why don’t you tell everyone what some of these issues were that made it difficult to manage? This would add more credibility to your “Trust Me” line as it would justify your opinion.

    And seriously if all you can come back with is “Go back to your two thousand dollar faceyspace machine at Mac.” then you are a child with an over inflated ego who thinks they know it all.

    Collective Grooves

    2012/02/10 at 12:30

  6. Wow, you got me… So, Symantec stock holder or employee?

    Krypt3ia

    2012/02/10 at 12:41

  7. I remember when this came out. I thought it was big. I was concerned because an enterprise that I was connected with was running it to protect thousands of people. The story died though, quick. Some stuff came out that it was not a big deal, and I, having taken it to the network admin, that we should look at it, and consider another av solution -sorta felt like there was egg on my face.

    There’s another story here, IMO, about how even IT pros sometimes let the media guide them into deciding what’s important, and what isn’t, especially when it comes to listening to black hat thinkers.

    I listened out for news about that code, and always heard the feds had it – that it was being used JUST like the German electronic spy/ surveillance story that hit recently. In fact, when that hit, I wondered then if it was related. For what any of that is worth…just thoughts of a mere housewife.

    skullaria

    2012/02/10 at 18:58

  8. BZZZZZZ Wrong Again – none of the above.

    I am just someone who is sick and tired of people who post trash.

    No getting back to your story. Yama first claimed that they hacked in to the Indian Military and found source code from Symantec and other software vendors. For me personally I am more concerned about what else they took given India is a nuclear nation. If we are to believe the “Media” that Yama was trying to extort money from Symantec to not publish the source code, can we also begin to believe that they may sell of information that they have gathered from their hack in to the Indian military to the highest bidder with more sinister motives?

    It is obvious that Yama has it really in for Symantec, perhaps he is an ex employee, but what is he trying to gain from this? His first comments were about the Indian government and their attempt to spy on their people, but now his focus has shifted. What is his motivation? Is he an hacktivist or is he just out to try and make a name for himself and a quick buck?

    For me I really don’t care about a software company with 6 year old source code, I am thinking the worst case scenario here and the affects it could have.

    Collective Grooves

    2012/02/11 at 01:22

  9. @Collective Grooves Jesus Christ you mean theres a difference between commercial and consumer products? An there I was thinking thats what the consumer was doing watching the commercial and buying the product.

    NAV I take it you mean Norton’s in that regard, lets not beat about the bush, it’s shit, it’s failed me on numerous occassions that I can count off the top of my head.. Nortons followed closely by 360 an lets be honest it’s not even calling itself Nortons anymore now its Symantic.

    Upon restarting the computer after installing or upgrading to Symantec AntiVirus Corporate Edition 8.0, you see the error message “Symantec AntiVirus Realtime Protection failed to load.” Well that must fill your consumers with faith in the final product!

    Edward Nasthton

    2012/02/24 at 20:48

  10. @Collective Grooves just type in “crap anti-virus” on a Google search and you’ll soon get a clear picture of how the consumer really feel’s, all those negative comments must be the 99% who dont buy a repeat sub-scription and end up going to a rival vendor, one of the reasons I went with and still use Frisk because as far as I am cocerned every other product is crap and being draconian I do not feel flexable enough to employ something I know will fail long term and thats why my OS of choice is Gnu/Linux.. It doesnt need an anti-virus but I have to employ one to scan all the Samba NTFS Shares attached to all those pathetic windows boxes. (oh I love Windows!)

    Edward Nasthton

    2012/02/24 at 20:57

  11. This is called the get a clue collection:



    What is it exactly, not much, just that guy from Offensive Security Labs presenting his presentation at Shmoo Con entitled “I PISS ON YOUR AV!”

    Edward Nasthton

    2012/02/24 at 21:13


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: