I feel like episodes like this give Anonymous a bad name...[ sic ;) ]....not that their name/reputation is so stellar in the first place.<p>But this isn't Hacktivism or whatnot. This is pure outright theft and extortion. It's not "fight the man" or "prevent censorship" or even WikiLeaks-style "information wants to be free".<p>It's profit-motivated organized crime syndicates trying to extract some $$ from a company. They hacked Symantec because the virus-writers of the world want to be able to write more viruses so they can infect more machines and create more botnets and send more spam and/or do more phishing...and make more money. That's it.<p>It's frustrating because part of the problem with a group like Anonymous is that you don't get to declare who is and who isn't a part (by definition).<p>I suppose human nature is human nature - in the real world or online, the same scenarios play out time and time again....
The source was leaked last night: <a href="http://thepiratebay.se/torrent/7014253/Symantec_s_pcAnywhere_Leaked_Source_Code" rel="nofollow">http://thepiratebay.se/torrent/7014253/Symantec_s_pcAnywhere...</a><p>Has anyone heard of an official response from Symantec?
So what's the legal environment around downloading the now-leaked source? I have to say I'm pretty curious about the code quality and possible backdoors...<p>Are there even protections for the press in this case? Or is every who pulls this torrent guilty of receiving stolen property or something along those lines.<p>Excuse my ignorance, but frankly I'd like to poke around.
According to this source, Symantec's reply was law enforcement posing as Symantec:<p><a href="http://blogs.computerworld.com/19695/antisec_leaks_symantec_pcanywhere_source_code_after_50k_extortion_not_paid" rel="nofollow">http://blogs.computerworld.com/19695/antisec_leaks_symantec_...</a>
I know nothing about antivirus software, but isn't security software supposed to be open? Otherwise, it's just security through obscurity. It sounds to me like Symantec just wants to hide all their vulnerabilities.
AnonymousFlorida's side of the story:<p>- in 2006, anon members steal Symantec source for the lulz<p>- Symantec contacts the FBI and sets up a pretty transparent attempt to sting those responsible<p>- Anonymous punishes Symantec for the sting attempt, after some internal debate, by releasing the source as a torrent<p>Has the ring of truth to it, IMHO.
This will set a bad precedent for such things (unless it is orchestrated as a sting operation).<p>If genuine, it would be interesting to know the primary motivation -- does Symantec not want the world to see its source because it is afraid its competition will steal its ideas ("our source code is full of awesome ideas") or its source code is pretty bad, sloppy, with backdoors for Uncle Sam that will pretty much shame the company ("our source code is awful and we'll be embarrassed if it was revealed").
5 year old code poses a security threat to PCAnywhere users? All the more reason to not use any of their products. Source code should never pose a security risk.
@AnonymousFlorida says "Anonymous NEVER asked for money"<p>Really?<p>"How much do you consider ENOUGH to pay us in order to
work all the issues out"<p>"we shall give you our account number within the LR system and you send money from your LR acct to ours"<p>Considering these snippets from the email exchange, what am I not understanding about the claim that they did not ask for money?
<i>Yamatough demanded that Symantec transfer the money via Liberty Reserve, a payment processor based in San Jose, Costa Rica. But Thomas appears reluctant, calling it "more complicated than we expected." Thomas instead suggests using PayPal to transmit a $1,000 test as "a sign of good faith." Yamatough rejects that offer, saying, "Do not send us any money (we do not use paypal period)</i><p>Could someone comment on how it is possible to use Liberty Reserve to receive money anonymously?<p>The stakes are really high for getting caught, and receiving the money is the weakest point for the hackers. So I'm curious why Liberty Reserve is the payment processor of choice for these cyber-criminals.
At this point Symantec has probably come to the conclusion that their source code is compromised. I don't think it’s possible for them to assume that anon won't use the source for themselves. The whole thing is a sting operation. If it wasn’t then Symantec’s future is dependent on an agreement that has no way of being verified. Anon probably knows this too and there just having a laugh.
Anonymous say it was Symantec trying to bribe them.<p><a href="https://twitter.com/#!/YourAnonNews/status/166898121341804544" rel="nofollow">https://twitter.com/#!/YourAnonNews/status/16689812134180454...</a>
This makes Symantec look a lot worse than "Anonymous" IMO. Symantec is supposedly a reputable computer software company. The fact that they have to resort to legal means to secure their own source code is not a positive indication that they do a good job.
These people need to be found and they need to go to jail for a very, very long time. The best possible response from the hacker community is to help dig these people out of their caves and turn them in.<p>Why?<p>Because this represents yet one more step towards the criminalization of the Internet. And this provides yet more fuel for politicians to get behind nonsense like SOPA. Keep this up and the Internet as you know it today will not be for long. There is no possible good outcome from these kinds of actions.<p>Either we police our own ranks or they will do it for us. The difference is that politicians will use a sledge-hammer for surgery rather than a scalpel. Be the scalpel.