iEntry 10th Anniversary RSS Archive

IT Management Begins With Security
SecurityProNews > Insider Reports > Insider > Symantec Calms PIFTS Panic
Search:
[ insider_reports_insider ]

Symantec Calms PIFTS Panic



SecurityProNews
Staff Writer
2009-03-10

SecurityProNews: Insider Reports Insider Reports RSS Feed


When users of Symantec's Norton Antivirus received a strange message about an odd executable file, the panic became exponential when Symantec started actively deleting posts about it in its own support forums. And then came the real bad news.

Symantec Calms PIFTS Panic
Symantec Calms PIFTS Panic

Lesson 1: If a screw-up on your part causes the mob to panic, it's best not to feed that fear because you think the mob is being rude.

So here's how it went down. Norton users saw a pop-up warning them about how a file called PIFTS.exe was trying to access the Internet, and the dialogue box asked if they would allow the file to do so. After tracing, it became clear the file was trying to communicate with Symantec servers for an unknown purpose.

This of course leads to a certain percentage the conclusion that:

1. Symantec is spying on them for some reason.
2. PIFTS.exe is a government snoop program distributed by Symantec.

Because clearly these are the obvious, most logical, and Occam's Razor simplest solutions to the mystery, said mob and the rest of the concerned (but not that concerned) customer base took to Symantec's support forums, only to encounter an active ban on posts about PIFTS.exe, all of them aggressively deleted.

Then the Digg bury-brigade struck, Snopes.com was accused of hiding the information, and on and on into Crazy Town everyone went.

The official story from Symantec, once somebody finally got a hold of someone, was that a coder goofed on a diagnostics patch update and Norton's system caught it by mistake. As for why posts were deleted about it in the forums, Symantec's senior director of product management Dave Cole said hundreds of new registrants were spamming the forum with abusive comments. That means everybody had to stay in at recess.

The fair thing to say is that Symantec didn't yet know what was happening in the forum and took standard abuse precautions while they figured it out. The mean thing to say is that they might want to get one of their coders-not the PIFTS guy, though-to slap a message across the forum headers so nobody continues to panic and theorize.

And what happens after that? Well, the real bad guys take over, targeting search queries for PIFTS and showing up high in Google's search results before leading panicky dunces to a scareware pitch that costs them $30 and a virus install.

Pretty good day all around sounds like.

View All Articles by SecurityProNews




About the Author:
SecurityProNews is a daily online and email publication focusing on internet security issues.

More insider_reports_insider Articles

SecurityProNews: Insider Reports Insider Reports RSS Feed

Get Your Site Submitted for Free in the World's Largest B2B Directory!

Email Address:
* URL:
*
*Indicates Mandatory Field

Terms & Conditions

iEntry Featured Services: Jayde Member Services | Forums | Freeware | Advertise with Us

Contact Us | Advertise | Newsletter Archive | Sitemap | Submit an Article | News Feeds
SecurityProNews is an iEntry, Inc.® publication - 1998-2009 All Rights Reserved | Privacy Policy and Legal		 Join the WebProWorld Forums: Click Here
Virus Warnings

Subscribe to
SecurityProNews FREE!


[ more newsletters ]

Featured On:
article resources
Search Articles:
[advanced search]

WebProWorld.com
Get in-touch with industry experts and leaders
Post your site for review by expert and peers
Ask Security, IT, Development and Design questions

Free Membership: Join Now!

Visit WebProWorld.com

Titan Quest Forum
The #1 Titan Quest forum
Halo 3 Forum
The best Halo, Halo 2, Halo 3 forum
Nintendo Wii
Nintendo Wii news and views
Mac Software
The best in OS X freeware
Graphics Forum
Your source for graphic tutorials
SecurityProNews.com | Breaking eBusiness News Get Your IT Questions Answered - Click Here SecurityProNews News Feeds