back to article 'Overplayed' privacy concerns rile Symantec boss

Consumers ought to accept that loss of privacy is the price they pay for using internet service, according to Symantec chief exec John Thompson. Echoing Scott McNealy's opinion that "you have no privacy, get over it," the Symantec boss expressed surprise that information such as IP addresses is regarded as sensitive. "Some …

COMMENTS

This topic is closed for new posts.
  1. Anonymous Coward
    Anonymous Coward

    Why I think Symantec are now crap

    With attitudes like that is it no wonder I have been thinking for years how little regard they have for their customer base. There was a time once when I thought everything symantec was good. Haven't thought that way for many years.

    I would like to think I can trust anti spyware companies. It seems symantec have little regard or understanding for privacy of their prospective and current customers.

  2. The Other Steve
    Flame

    What a dick!

    "If someone is searching for cancer treatments there is nothing that links that search to the health status of an individual. They could be running the search on behalf of a friend."

    So, potentially sensitive information should be classified as "not really sensitive, because there's a small possibility it might not be". That's ass backwards.

    "Thompson questioned whether there was any likelihood of harm from the release of such information"

    Then I'll happily answer him, yes Mr Thompson , yes there is. Which is exactly why the law recognises such information as being sensitive.

    "and even if you don't, cookies are placed on your machine to serve up ads by most websites"

    Not on any of the machines that I administer, and I'm sure that's true of most reg readers. That argument is straight out of the Kent Ertugrul playbook. In fact you can see it in any Phorm press release you care to look at. Coincidence ?

    "encrypted data ought not to be covered by breach disclosure laws so that firms who have protected sensitive data are not affected by the "expense and brand damage" such public notifications bring."

    Bollocks. Firstly, the loss of such data still suggests poor data protection practices, and in fact in the UK, that alone puts you in breach of the DPA* . Secondly "encrypted data" covers a lot of ground, encrypted how ? To what standard ? If companies are sure their protection scheme is secure, then they should have no difficulty revealing what it is, If some company loses my data and then says, "well look, it was on a CD, but it was encrypted using IDEA with a 1024 bit key, which we keep in a safe" I'm going to say "oh, okay then, that's pretty safe". I'm more reassured by this, not less. I notice there's a trend now to say "it was encrypted, but we wont say how, for security reasons". Any fool knows that a cryptosystem which relies upon the secrecy of the algorithm is broken. There can be no advantage in not releasing this information, unless the system is shite or non existent, and would therefore result in embarrasment.

    ""Businesses have a responsibility to protect sensitive data. The public should not expect the government to protect them," he added."

    That's a bit of a non sequitur isn't it ? I'm not all sure how the two relate. Certainly businesses have that responsibility, usually mandated by legislation, written by governments, whose job it is to prosecute businesses if, and when, they breach that legislation**.

    If governments don't exist to protect the public, then just what the hell are they for, exactly*** ?

    * Yeah, I know.

    ** ibid

    *** ibid

  3. Watashi

    Touting for government business

    There is a reason why internet software company bosses don't decide internet privacy laws, and its the same reason why the police don't decide how long criminal sentences are, why the army can't decide what wars to take part in, and why employers don't decide what counts as a minimum wage. Basically, people in positions of power have a subconscious and inescapable bias towards philosophical beliefs that benefit themselves and their organisations.

    When excessively authoritarian governments like the British New Labour one are looking for new ways to invade our privacy, what better way to tout your business than to announce to the world that you have no moral objections to snooping through citizen's private lives? Guys like this probably think their positions give them an extra insight into the moral philosophy of the relationship between the individual and the state... what they fail to realise is that the reason they are what they are is exactly the reason why they should keep their big fat f*cking mouths shut on matters that don't concern them.

  4. Anonymous Coward
    Anonymous Coward

    What ever happened to the Online Privacy Alliance?

    Remember them? The fake lobby group to head off privacy regulation by demanding 'self regulation'.... i.e. no regulation of privacy.

    ATnT and IBM and ... lots of database companies and server companies, Double click, Sun, Verizon, WhenU... weren't they the crapware company that tracks your surfing habits to serve up adverts? MPAA, etc. Zango... formerly 180solutions, another crapware company. Isn't it funny that the privacy invading companies change their names?

    http://en.wikipedia.org/wiki/Online_Privacy_Alliance

    Symantec must realize that privacy is becoming a critical issue, but if he puts his head up and tries to turn the tide, he'll only damage Symantec.

  5. Frank Thomas
    Unhappy

    Yeah, I'm gonna buy from this guy ...Right.

    He produces a bloated, ineffective, system killing peice of software that monitors everything my system does. And he doesn't respect my privacy (scratch that, he doesn't even believe I DESERVE privacy).

    Yes I think I'll give that person my money. when pigs land on mars.

  6. Solomon Grundy

    John Thompson

    Fuck John Thompson. "if you use the Internet you are observed"....Fuck you and Symantec.

    I'm observed when I go to the market too, but no one consolidates those observations and sells them to someone who comes to my door and tries to sell me something similar to what I bought at the market.

    Jesus. Just because I'm on the Internet (which I'm paying for the privilege of using) gives no one the right to observe, consolidate and sell their observations. That's the end of Symantec for me.

  7. Michael

    Consumers have no recourse against business

    If businesses are going be responsible for data protection, not the government, there must be some incentive for businesses to act. One such incentive would be some legal framework under which consumers could sue businesses that leak their data. Business leaders who say the government should stay out of this area never seem willing to have any incentive or penalty put into place for businesses that don't comply.

  8. Lol Whibley

    i like norton products

    i had one recently that was approaching the end of it's licence period and began informing the laptop user that it was detecting many intrusion attempts and fighting them off successfully. very brave software it was..

    it was an unfortunate situation really, the laptop had no connection to the outside world, either wired or wirelessly. there had not been any usb devices or other items added to it in several days. yet, it had several intrusion attempts happen to it in that state..

    I can't help but wonder how that would happen, so near to the renewal date for the software and all..

  9. Jodo Kast
    Thumb Up

    Be the first to share your IP!

    What's your IP, Boss?

  10. jake Silver badge

    Who cares what John Thompson says?

    Thompson is a Manager, not a computer/network security expert.

    Besides, when was the last time anyone with any background in computer security considered Symantec an authority on the subject? 15 years ago? Longer? And even then, they only got the "security expert" label after acquiring Norton ... and promptly squandered it away it again.

  11. Anonymous Coward
    Anonymous Coward

    Privacy

    Ok, so John Thompson leaves his office and someone follows him wherever he goes in public. The street is a public place. How soon before he gets fed up of that then?

  12. Ron Luther
    Alien

    Overplayed?

    "If someone is searching for cancer treatments there is nothing that links that search to the health status of an individual. They could be running the search on behalf of a friend."

    You're entirely right John! And if your wife is found to have searched for information on battered women's shelters? No worries there, mate. There is nothing that links her browser search back to behavior on your part. She could actually be searching on behalf of a friend. I'm sure the media would be glad to give you the benefit of the doubt.

    Gormless prat.

  13. Robert Smits

    It's why we need government protection!

    Business has a sad and sorry history of NOT protecting the privacy of it's customers. They have inadequate safeguards against loss, are not forthcoming when a loss occurs, and think it's perfectly OK to mine their customer's data for their own business purposes. Is it any wonder we feel we need government protection?

    Until he can claim 100 % of businesses are ethical, honest, and straightforward, he belongs with the Wall St spin doctors.

  14. Anonymous Coward
    Anonymous Coward

    All your info are belong to us

    "I'm observed when I go to the market too, but no one consolidates those observations and sells them to someone who comes to my door and tries to sell me something similar to what I bought at the market."

    Not unless you use one of the points cards that a lot of stores have now.

    One chain store here has started asking for your postal code when you buy stuff, even if you pay cash.

    But you can trust them, they only want to improve your shopping experience...

  15. Tim
    Flame

    CIA data loss

    "Last week I lost our agent list. Don't worry, it's encrypted and I'm the only one with the key."

    Aldrich Ames - famous quotes that never were

  16. Anonymous Coward
    Anonymous Coward

    Maybe this explains it?

    I have been thinking for years why Symantec produce such bad products. I am being serious, not sarcastic.

    They take a good product and seem to lose track of everything that made it good in the first place.

    The obvious one is the Norton products. Take a good, well respected, brand and turn it into something so utterly rubbish that most tech people wouldn't use it if it was given away free.

    I had the Symantec Internet Security Suite on my laptop when I bought it and thought I would give it a try. I haven't used it for a long time and wondered how it would work after not having touched Symantec AV for many years. IO genuinely wanted to give it the benefit of the doubt. Well After 3 weeks I had to get rid of it. Every time the computer started slowing down to a crawl and i was ready to blame Vista, I would open up Sysinternal's Process Monitor and Process Explorer to find Symantec's AV thrashing the computer to bits. A spiralling out of control memory leak, a sustained disk reading/writing etc. The software itself was always frustrating, it just didn't let me do what i wanted to do, it always seemed to tell me what was best for me.

    Take Symantec ACT as well. They buy a product that wasn't great but well liked by small companies. It was in need of an update when they bought it. They then did nothing important with it all the time they owned it. All the new features that were needed weren't addressed. All the bugs still remained and more were introduced time after time. Their support pages would often say - yes it's a bug, sorry!

    They work on the principle "Aquire, Destroy, Sell". Apart from their cash-cow, the AV side.

    But all of these failings are down to one thing - they don't care at all about their intended audience. They are so short sighted. They just want money, even if it kills off products that could have made them money.

    Therefore these comments don't surprise me and it explains a lot. Their management is completely short-sighted, don't understand the real world, live in a bubble of their own boardrooms and screw up a company because they always have this cash-cow running that provides them with the income they need.

    I have not seem anything come out of the doors of Symantec in recent years that has given me a positive experience, and now it looks like no comments produce a positive experience either.

  17. Dillon Pyron

    1040, please

    Mr. Thompson, please post your 1040s for the last few years. THEN I'll believe that you don't think privacy is important.

    Perhaps one of your less than overpaid grunts might like to do some searches from your machine. Say for "AIDS treatment" or "drug rehabilitation center" or "Thailand sex tour". Of course, it wasn't you. But now you have to explain it away..

    el Reg needs a middle digit icon. "See Figure 1".

  18. Solomon Grundy

    @Michael and Robert Smits

    You can always sue Michael; don't forget that. Legality isn't the issue - most Western countries provide mechanisms to sue any and everyone you like: assuming you have the necessary financial resources.

    @Robert Smits: Expecting someone/anyone else to protect you is how we ended up in this sorry situation. Take some responsibility and cover your own ass instead of expecting someone to do it for you.

    I'm doing OK. I get paid because I return financially reportable results. I don't have any "market" investments (my savings are gold bullion buried a National Park) and my retirement isn't dependent on anyone else's continued success. My pension is in my hand and it's not insignificant. I'm doing it, why can't everyone else?

  19. Eddie Edwards
    Pirate

    @Watashi

    "Basically, people in positions of power have a subconscious and inescapable bias towards philosophical beliefs that benefit themselves and their organisations."

    What does being in a position of power have to do with it? :p

  20. E_Nigma
    Paris Hilton

    It must be because I'm not a native speaker.....

    ... that I didn't understand this guy at all. A security company manager claiming that privacy and personal data concerns? Hello, the days of viruses that deleted your files are more or less gone, it's this data the malware writers and spammers are after.

    And slightly off topic, I must agree that Symantec seems to destroy the good products it acquires. I remember how much I loved Norton Disk Doctor and Norton Speeddisk. Also Power Quest's Partition Magic, which they haven't released a new version of ever since they bought it. Really sad.

  21. Steen Hive
    Joke

    John Thompson?

    I read that as "John Thomas" which would be in light of his bullshit, more appropriate.

    Information on individuals should be classified as the private property of that individual with no implicit consent given to commercial or state entities to use it, ever. If explicit consent for the use of sensitive information is given, that consent should be explicitly renewed after a given period or destroyed by default. Non-compliance punishable by death, or worse.

  22. andy
    Alert

    John Thompson's IP Address linked to Butt Plug Search!

    "If someone is searching for cancer treatments there is nothing that links that search to the health status of an individual. They could be running the search on behalf of a friend."

    John Thompson? or is that John Thomas?

  23. Anonymous Coward
    Anonymous Coward

    (untitled)

    I'm somewhat dismayed to see folk suggesting that protection is one's own concern, as if it is ok to exploit folk if you can get away with it. Not everyone is knowledgeable enough, or capable of protecting themselves. So does that mean, "tough", they are fair game ? Whilst protecting one's own interests is a good thing, any caring society should ensure protection for all at the level that benefits the most vulnerable. What is the point of being in society iif it is just there to exploit you, rather than benefit you ?

  24. Anonymous Coward
    Anonymous Coward

    RE: All your info are belong to us

    I don't use customer cards. When asked for a zip code at the checkout, I answer 12345 with a straight face.

    All my info are belong to me. You want it, you gotta convince me there's a good reason for you to have it - and then you'll only get what I think you need.

  25. Anonymous Coward
    Thumb Down

    What would he say if ...................

    He was followed 24 hours a day and all his conversations, movements and actions were recorded then made available to the public ? I'm pretty sure he would be one of the first to bleat then try and flog us some two penny no good software that would prevent (allegedly) that from happening.

  26. Colin Millar

    Symantec made some products that worked

    Remember CrashGuard - it prevented programmes from running because they might crash the computer

    Er yeah - that's what it did - really - it prevented programmes from running

    WTF do symantec think people use computers for? The wallpaper and screensavers?

    The really weird thing was that this was around the time of Win98 coming out and that first edition OS was the most likely thing to crash your computer

  27. Anonymous Coward
    Anonymous Coward

    Age ranges?

    I'd be interested in knowing the ages of the people voicing their concerns in either direction. Do people reach an age where you don't really care about your own privacy? I'm 35 and a few years ago I came to the realisation that my life is probably being tracked by someone somewhere for what ever reason, and nowdays don't really care so you could say my sentiments echo that of the interviewee and the Orace boss chap. You want to know what I'm up to? Just ask.

  28. andy
    Thumb Down

    maybe it's the Internet 2.0 conspiracy

    What could be underlying all of this is that governments and big business are desperately trying to sell us 'Internet 2' -- and I can only guess which side John Thompson is on.

    What this could fundamentally mean is an end to net neutrality where big businesses take priority and not all sites may be available on your ISP, blogs and websites may have to be authorised by the government or FCC etc on the pretext that it will be for our own security and everything you do will be logged and stored for use by the authorities -- moreso than now.

    I reckon John and others like him will eventually be heard to say 'hey, if you dont wanna have your ID stolen by terrorists no more, come on over to the new, safe Internet 2.0'...

    Google it.

  29. A J Stiles
    Thumb Down

    Symantec In(ternet) Security

    So IP addresses aren't sensitive information, but referring pages are?

    First question whenever a fancy web application breaks -- "Are you using Symantec?"

  30. A J Stiles
    Coat

    Postcode

    If I'm ever asked for my postcode when paying cash, I tell them "SW17 0RG". And I tell them my name is Henry Brown.

  31. Solomon Grundy

    @Jaowon

    Good for you Jaowon! Apathy is what builds nations and makes people feel great about themselves and their fellow humans.

    I'm 61 so at 35 you're obviously too experienced to understand what's going on here. Old dogs, new tricks, and all that you know.

  32. Anonymous Coward
    Anonymous Coward

    @ Solomon Grundy

    I'm being serious. One thing I have noticed is that articles of this nature seem to get less in the comments section, than other topics, and all the comments in this section (except mine) are of an opinion opposite to mine. So I'm thinking maybe I'm with a silent majority, or at least a sizeable number that can't be bothered commenting for the same reason I don't care about privacy and the lack of.

    Stick a PH article in and the number of comments will go into the hundreds :)

  33. jake Silver badge

    @ Jaowon

    >I don't care about privacy and the lack of.

    Cool! Please post your Social Security number, your bank account details, your passwords, your medical records, and the same for your .sig-other and any dependents.

    Oh, and sex-pics! Don't forget the sex-pics!

    Or maybe you'll eventually grow up.

  34. Derrill
    Unhappy

    @ Jaowon

    Please see PG's latest rant:

    http://www.vitalsecurity.org/2008/10/there-is-nothing-overplayed-about.html

    Then come back and tell us how you feel about privacy.

    And it shouldn't matter WHY you need privacy - if only a few people have some level of anonymity, then Those Who Want To Know Things will know whom to target.

    Too, the faster we relinquish our privacy, the sooner the gov't will have more complete control over us. Y'might watch Equilibrium sometime. As commentary, the movie is pure hyperbole, but it makes the point of security vs privacy very clearly, I think.

  35. Anonymous Coward
    Unhappy

    @Jaowon

    "You want to know what I'm up to? Just ask."

    Absolutely. Couldn't agree more. You want to track my searches? Parse my emails? Not a problem. I'm cool with that.

    BUT:

    1) You have to ask

    2) I have the right to say no

    3) You have to abide by my decision

    The problem is, these barstewards (with the apparent blessing of our Great Leader) seem to think that they have the RIGHT to do what the hell they like with your data and (as per this interview) anyone who dares suggest otherwise is a whining, paranoid ignoramus...

This topic is closed for new posts.

Other stories you might like