Hmm. Sony, now Symantec.
Take note, when kids and hackers do this kind of thing, it's a felony. When a large corporation does it, they issue an apology.
http://www.extremetech.com/article2/0,1697,1910217,00.aspSymantec Corp. has fessed up to using a rootkit-type feature in Norton SystemWorks that could provide the perfect hiding place for attackers to place malicious files on computers.
The anti-virus vendor acknowledged that it was deliberately hiding a directory from Windows APIs as a feature to stop customers from accidentally deleting files but, prompted by warnings from security experts, the company shipped a SystemWorks update to eliminate the risk.
Symantec, of Cupertino, Calif., is the second commercial company caught in the flap over the use of rootkit-type techniques to hide files on computers. Rootkits are programs that are used to give a remote user access to a compromised system while avoiding detection from security scanners.
Music company Sony BMG faced a firestorm of criticism after anti-rootkit scanners fingered the use of stealthy rootkit-type techniques to cloak its DRM scheme. After malicious hackers used the Sony DRM rootkit as a hiding place for Trojans, the company suspended the use of the technology and recalled CDs with the offending copy protection mechanism.
A spokesman for Symantec referenced the Sony flap in a statement sent to eWEEK, but downplayed the risk to consumers. "In light of current techniques used by today's malicious attackers, Symantec re-evaluated the value of hiding the [previously cloaked] directory. Though the chance of an attacker using [it] as a possible attack vector is extremely slim, Symantec's update further protects computers by displaying the directory," the spokesman said.
He explained that the feature, called Norton Protected Recycle Bin, was built into Norton SystemWorks with a director called NProtect that is hidden from Windows APIs. Because it is cloaked, files in the NProtect directory might not be scanned during scheduled or manual virus scans.
"This could potentially provide a location for an attacker to hide a malicious file on a computer," the company admitted, noting that the updated version will now display the previously hidden directory in the Windows interface.
Read the rest of this eWEEK story: "Symantec Caught in Norton 'Rootkit' Flap"
Copyright (c) 2006 Ziff Davis Media Inc. All Rights Reserved.