• New here? Register here now for access to all the forums, download game torrents, private messages, polls, Sportsbook, etc. Plus, stay connected and follow BP on Instagram @buckeyeplanet and Facebook.

PIFTS.exe

Jump to latest Follow Reply
Sort by date Sort by votes
Dryden;1425678; said:
Only Microsoft Windows would require users install a virus scanner for their virus scanner ... :hatepc:
Click to expand...


This post is begging for an xzhibit.."yo dawg I heard you like virus scanners so we put a virus scanner in your virus scanner so you can scan while you scan" picture.
 
Upvote 0
Register story parrots the conspiracy theories that Symantec's behavior on their own support forums, not to mention the PIFTS.exe file and non-existent system folder/path locations, are indicative of a company trying to hide something. Goes on to suggest the possibility (supported by many others, barring any official word from Symantec) that the company tried to smuggle a root kit or data mining utility onto end users' PCs with their last update.

Conspiracy theories fly around Norton forum 'Pifts' purge • The Register
 
Upvote 0
Washington Post's Computer Security columnist Brian Kreb gets a comment from Symantec.

Users Complain of Mysterious 'PIFTS' Warning - Security Fix

Update, 2:23 p.m. ET: Dave Cole, senior director of product management at Symantec, said the PIFTS file was part of a "diagnostics patch" shipped to Norton customers on Monday evening. The purpose of the update, Cole said, was to help determine how many customers would need to be migrated to newer versions of its software as more Windows users upgrade to Windows 7.

"We have to make sure before we migrate users to a new product that we can see what kind of load we can expect on our servers, and which customers are going to have to be moved up to the latest version of our product," Cole said.

As to why Symantec has been deleting posts about this from their user forum, Cole said the company noticed that minutes after the update went out hundreds of new users began registering on the forum, leaving inane and sometimes abusive comments.

"We want to be out there in the community, but by the same token, if we see abuse we will shut it down pretty quickly," Cole said. "There was no attempt at secrecy here, but people were spamming the forum and making it unusable to everyone."

In Symantec's defense, when I first heard about this earlier this morning, I noted privately to a couple of folks that some of the comments being left on the Symantec forum bore many of the hallmarks of "4Chan," (a.k.a. "anonymous"), a virtual community that thrives on playing practical jokes and causing trouble online. The summary about this incident posted to News-for-nerds site Slashdot this morning links to a key 4Chan forum.
Click to expand...

I call bullshit. The 4Chan idiots did spam the Norton forums, but that wasn't until after Symantec started deleting the legit posts. There's no reason Symantec couldn't leave one valid discussion thread open. If Dave Cole is asserting that every single inquiry on the matter was abuse from 4Chan, he's a liar. The whole thing also could have been quelled with a simple statement from Symantec, yet there still isn't anything on their site.

So the "official" word from Symantec is that they'll install whatever data mining applications they deem necessary on your computer in the interest of research and product development, but you're not allowed to inquire how those products work, nor are you allowed the option to refuse installation?

Is this in the EULA? Something stinks!
 
Upvote 0
Dryden;1425828; said:
I call bullshit. The 4Chan idiots did spam the Norton forums, but that wasn't until after Symantec started deleting the legit posts. There's no reason Symantec couldn't leave one valid discussion thread open. If Dave Cole is asserting that every single inquiry on the matter was abuse from 4Chan, he's a liar. The whole thing also could have been quelled with a simple statement from Symantec, yet there still isn't anything on their site.

So the "official" word from Symantec is that they'll install whatever data mining applications they deem necessary on your computer in the interest of research and product development, but you're not allowed to inquire how those products work, nor are you allowed the option to refuse installation?

Is this in the EULA? Something stinks!
Click to expand...
Even if some of the comments were deleted for abuse, surely there should have been a legitimate explanation about the file posted as soon as it was clear there was concern about it. And as you said, it's lousy policy to take information from the end user without explicit permission. Doesn't sound right at all. If I were using Norton, today would be a good day to find something else.
 
Upvote 0
Another reason I dont use Norton.

If its an .exe and wants access to the internet, its a call home/call somewhere that doesnt need to be. I could give a shit less what it is - I wouldnt want it on my machine.

edit: I thought this was cute, a tech-blog - read about, oh 2 paragraphs down past a few pictures. Apparently we've just turned into a source for software news =)

http://www.tech-linkblog.com/2009/03/conspiracy-theories-run-rampant-due-to-piftsexe.html/
 
Upvote 0
Upvote 0
Dryden;1426104; said:
Official response:

Norton product patch "PIFTS.exe" and Norton Users Forum - Norton Internet Security / Norton AntiVirus - Norton Community
Click to expand...

Not buying their response. Why would their update want to contact fucking Latvia? The destination IP is 94.427.3.74 which resolves to hs.3-74.zlkon.lv. I got the below warning after I did a "block this instance" on PIFTS.exe

Norton-alert.png
 
Upvote 0
Pretty interesting article:

Quick-moving attackers took advantage of a glitch in an update for Symantec anti-virus software, using an information vacuum that followed as an opportunity to lure panic-stricken users to websites that tried to install malware on their computers.

The glitch began around 4:30 pm California time on Monday, when Symantec engineers accidentally distributed a software update for older versions of the Norton Anti-Virus that had not been digitally signed. Symantec customers soon received ominous error messages popping up on their computer screens - so they did what good end-users are supposed to do: they went to the company's support forum to get the official word on a file called pifts.exe that was the subject of the warnings.

To the amazement of many, there were no messages. To make matters worse, there was evidence that every time a customer posted a query about the error, someone at Symantec removed it. By Tuesday morning, several websites with top billing from Google and other search engines were exploiting the confusion by promising details about the problem but pushing malware instead.

What's impressive about the scam is how quickly the miscreants seized on the completely unexpected event. Within hours, their sites had managed not only to reference pifts.exe but also to rise to the top of Google's rankings.
Click to expand...
 
Upvote 0
You must log in or register to reply here.
Back
Top