Wednesday, January 25, 2012

Symantec advise users to disable pcAnywhere

According to a white paper released by Symantec, the source code to various of its produces that hacker group Anonymous recently threatened to disclose was stolen in 2006, and users are advised to disable pcAnywhere until further notice. Specifically, the paper states:

"pcAnywhere is a product that allows for direct PC to PC communication and this does expose some risk if the compromised code is actually released."

This seems to imply that pcAnywhere is based on security through obscurity. (Presumably, the same security risk actually exists, albeit to a lesser extent, whether or not somebody releases the source code: whatever information is in the source code is in principle available by reverse engineering the compiled code.)

To me, the event underlines at least two lessons:

- this is precisely what may happen if you rely on security through obscurity
- if you have some security-sensitive source code stolen, "right now" would be a good time to review the stolen code, rather than 6 years later...

Or is there something about the content of the white paper and the incident in general that I'm misunderstanding?