back to article Symantec: We've plugged up pcAnywhere holes

Symantec has said its pcAnywhere remote control software is once again safe to use, following the release of its latest security patch. The security giant made the highly unusual move last week of advising customers to avoid using older but still widely used versions of pcAnywhere as a precaution, after it emerged that the …

COMMENTS

This topic is closed for new posts.
  1. JimmyPage Silver badge
    Stop

    A stark warning

    to the dangers of offshoring ... over the past 5 years I have seen a *lot* of source code go to (and come from) places where - let's be honest - the remedy of civil enforcement for losses is dubious at best. I've always highlighted the dangers to those in power, but have been assured there's a "contract in place" to protect us.

    Has anyone successfully sued a non-EU company before ?

    And that's *before* we start looking at the data that flows out there ....

  2. Sandtitz Silver badge

    Why even use it?

    I last used pcanywhere close 10 years ago. It was a slow piece of s...oftware that had a habit of borking display drivers on Windows NT.

    So, what are the benefits of using pcanywhere over UltraVNC for ? I know it used to support serial connections and other non-IP connections but why else would anyone use it?

    1. Christian Berger

      It's over its peak

      However this is kind of software is used on Windows environments. I have worked at a company selling those environments and writing software for it. Not all of our customers had TCP/IP installed on their LAN. Even if they had, it was unlikely they used it for more than Internet and accessing network printers. Few people even had Internet beyond dialup on one PC using proprietary software from the online service.

      In the Windows world, VPNs are seen as something expensive and hard to set up, so if you are lucky, you get RAS dialup via ISDN with all the security being a password which is the same for _all_ customers of that company, and, if you are lucky, a system to dial you back.

      PCAnywhere is just so much easier to set up. You install it, tell it to listen to the ISDN card, and it works.

      1. Anonymous Coward
        Anonymous Coward

        You should join the 21st century, your nonsense was obsolete over 10 years ago.

        PC Anywhere is like an open infected sore full of puss waiting to escape.

      2. Sandtitz Silver badge

        I understand that you're proud of the German ISDN infrastructure. Things have, however, evolved a lot in the last 20 years.

        ISDN is slow nowadays. It's not built-in to any computer. It's not available on a mobile connection. POTS modems offer more flexibility and can be connected to via GSM data if all else fails. If I needed RAS dial back on Windows I would use the Windows Server RAS service, it just works. (way back on NT/2000 when I last used it)

        International ISDN connections are expensive if you need to support someone abroad. Even long distance calls are expensive if you need to connect for a few hours at a time. TCPIP is on the other hand "free".

        VPN is not hard nor expensive on Windows. Of course you can pay through the nose if you want and use complicated solutions if you want.

  3. Anonymous Coward
    FAIL

    the better questions are

    What other source-code was lost and when are they going to tell us.

    On the other hand, they may have had to download the publicly available code and compare it to their library before they could determine if it was theirs. This, to me, would be worse than having not told us 6 years ago.

  4. Anonymous Coward
    Anonymous Coward

    This probably affects few

    This software is unlikely to affect many users but it's good to know it's fixed.

  5. Henry Wertz 1 Gold badge
    Trollface

    They could just use VNC

    That way, there's no worrying about *if* your session is vulnerable to sniffing or man-in-the-middle attacks -- the whole session (including password) is in the clear, so you KNOW it's fully vulnerable! Problem solved 8-)

    1. Sandtitz Silver badge
      Facepalm

      Nope.

      Henry, the problem is solved simply by turning on the AES or RC4 or IDEA or Blowfish or whatever cipher.

      You're not the kind of person who would insult PuTTY for offering insecure telnet access?

  6. Magnus_Pym

    I hope they stole Norton too

    Then perhaps someone will be able to help them clean up the load of old toilet that is Norton Internet Security.

This topic is closed for new posts.

Other stories you might like