Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.
Security Response

Watching Them Watching Us Watching Them

Created: 12 Oct 2006 07:00:00 GMT • Updated: 23 Jan 2014 18:56:08 GMT
Peter Ferrie's picture
0 0 Votes
Login to vote

Some time ago, the author of W32.Gatt had posted a comment on his Web site that said he read my blog entry aboutthis particular virus. From there on in he assumes that we visit hispage often. In fact, we have no need for it—customers are doing thatfor us.

We receive samples almost as soon as they appear on any Web site,anywhere in the world, and we are notified about curious comments likethat one. To quote the virus author's entry: "Interpretation without acontext of information." Well, exactly. Interestingly, while the authorclaims that Symantec was wrong about why the source was not released,he does not tell us why the source wasn’t released. It must be quitesensitive, maybe even better than my reason, but until we know, I'llstick with my reason.

As far as putting as much effort as possible into proof-of-conceptstuff, this virus required little effort at all. However, we alwaysrespond to such things quickly, because customers might think thatantivirus vendors are not prepared to handle viruses for new platformsand that the gap in protection could be serious for them. A quickresponse to threats on new platforms allays the fears of thosecustomers, at least until the next time.