Re: Symantec CEO Warns of Drop in Internet Use

[InfoSec News <isn () c4i org>]

Forwarded from: security curmudgeon <jericho () attrition org>

: http://www.eweek.com/article2/0,4149,1390273,00.asp
:
: November 19, 2003
: By Dennis Fisher
:
: LAS VEGAS - If software vendors and security companies don't get their
: act together and start producing better products, users will begin
: dropping off the Internet out of sheer frustration, predicted John
: Thompson, chairman and CEO of Symantec Corp., in his keynote speech at
: Comdex here Wednesday.
:
: Thompson challenged vendors to begin turning out more secure software
: solutions and to take the initiative in trying to protect customers from
: attackers and themselves. If that doesn't come to pass, then Internet
: users—especially less savvy consumers—will reduce the amount of time
: they spend on the Internet and only use it when they absolutely need to.

Symantec PCAnywhere Chat Client Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/9052

Symantec PCAnywhere Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/9045

Symantec Norton Internet Security Error Message Cross-Site Scripting
http://www.securityfocus.com/bid/8904

Symantec AntiVirus For Handhelds Scanning Bypass Vulnerability
http://www.securityfocus.com/bid/8639

Symantec Norton AntiVirus Device Driver Memory Overwrite Vulnerability
http://www.securityfocus.com/bid/8329

Symantec Quarantine Server Disconnect Denial Of Service Vulnerability
http://www.securityfocus.com/bid/8306

Symantec NAVCE Failure To Scan Floppy Disks Vulnerability
http://www.securityfocus.com/bid/8077

Symantec Security Check RuFSI ActiveX Control Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/8008

Symantec Enterprise Firewall HTTP Pattern Matching Evasion Weakness
http://www.securityfocus.com/bid/7196

Symantec Norton Internet Security ICMP Packet Flood Denial Of Service
http://www.securityfocus.com/bid/6598

Symantec Enterprise Firewall RealAudio Proxy Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/6389

Symantec Java! JustInTime Compiler Command Execution Vulnerability
http://www.securityfocus.com/bid/6222

Symantec NAVCE Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/5966

Multiple Symantec HTTP Proxy Denial of Service Vulnerability
http://www.securityfocus.com/bid/5958

Multiple Symantec HTTP Proxy Information Disclosure Vulnerability
http://www.securityfocus.com/bid/5959

Symantec VelociRaptor Denial of Service Vulnerability
http://www.securityfocus.com/bid/5909

Multiple Symantec Product Weak TCP Initial Sequence Number Vulnerability
http://www.securityfocus.com/bid/5387

Symantec Norton Personal Firewall/Internet Security 2001 Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/5237

Symantec Norton Personal Firewall 2002 Portscan Protection Bypass Vulnerability
http://www.securityfocus.com/bid/4521

Symantec Raptor / Enterprise Firewall FTP Bounce Vulnerability
http://www.securityfocus.com/bid/4522

Symantec Norton Personal Firewall 2002 Fragmented Packet Vulnerability
http://www.securityfocus.com/bid/4545

Symantec Norton AntiVirus NULL Characters Incoming Email Protection Bypass Vulnerability
http://www.securityfocus.com/bid/4242

Symantec Norton AntiVirus Non-RFC Compliant Email Protection Bypass Vulnerability
http://www.securityfocus.com/bid/4243

Symantec Norton AntiVirus Excluded Filetype Email Protection Bypass Vulnerability
http://www.securityfocus.com/bid/4245

Symantec Norton AntiVirus Conflicting MIME Header Vulnerability
http://www.securityfocus.com/bid/4246

Symantec Ghost Corporate Edition 7.0 Plain Text Credentials Vulnerability
http://www.securityfocus.com/bid/4181

Symantec Norton Antivirus LiveUpdate Plaintext Credentials Vulnerability
http://www.securityfocus.com/bid/4170

Symantec Enterprise Firewall Notify Daemon SNMP Data Loss Vulnerability
http://www.securityfocus.com/bid/4139

Symantec Enterprise Firewall SMTP Proxy Information Leak Vulnerability
http://www.securityfocus.com/bid/4141

Symantec Norton Antivirus LiveUpdate Host Verification Vulnerability
http://www.securityfocus.com/bid/3403

Symantec Norton Antivirus LiveUpdate DoS Vulnerability
http://www.securityfocus.com/bid/3413

Symantec Ghost Configuration Server DoS Attack
http://www.securityfocus.com/bid/2570

Symantec pcAnywhere Port Scan DoS Vulnerability
http://www.securityfocus.com/bid/1150

Symantec pcAnywhere Weak Encryption Vulnerability
http://www.securityfocus.com/bid/1093

Symantec Mail-Gear Directory Traversal Vulnerability
http://www.securityfocus.com/bid/827

Hrm?

: "There is no cost [to send spam]; therefore, people send all kinds of
: junk. Service providers can fix this by changing the economics of the
: situation," he said. "Don't rely on legislative initiatives. A simple
: technology solution solves this problem. You know what's coming through
: your network. If someone is sending 100,000 e-mails, block them. I don't
: understand why you need to appeal to the government."

Great theory, but I wonder. If the solution is SO easy, and requires
e-mail senders to pay for each outgoing email, why hasn't Symantec
developed the solution? If it is that easy, then Symantec could easily
jump into a billion+ dollar cash cow.



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.