lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <E924F679D556A345B865717377DCDFC4036F0878@ROKEMAIL.staff.ad.cqu.edu.au>
From: b.griffin at cqu.edu.au (Brad Griffin)
Subject: Trivial Bug in Symantec Security Products

 

-----Original Message-----
From: full-disclosure-bounces@...ts.netsys.com
[mailto:full-disclosure-bounces@...ts.netsys.com] On Behalf Of Gregh
Sent: Tuesday, January 04, 2005 6:33 AM
To: Disclosure Full
Subject: Re: [Full-Disclosure] Trivial Bug in Symantec Security Products



> 
> Somehow, Symantec engineers have not implemented a mechanism to
disallow a
> user from installing the patches via changing the date on their
computer
> back to when the original program was installed and then running the
> "Intelligent Updater." 

****
You think THAT is bad? Up till NIS2005 which I haven't tested so cant
say if it does or doesn't, you could install Nortons, run the year and
then wipe your machine and reinstall all then install Nortons again and
get yet another full year licence without paying a cent, over and over
and over. In short, buy once and never pay again.

Greg.
****

Well, yep. How exactly would you expect to implement a block if the
system sees the software as being installed for the first time? I guess
you must be thinking along the lines of "shouldn't Symantec place a date
check in the installer so that if the software is for example two years
old, it will not install period?" However, in the case of OEM software,
this could end up being an issue for those who buy old stock items, or
are buying end of run OEM systems.

Sil's comment relates to something that can be fixed easily with little
or no issues for legitimate users.


Cheers,
Gryph


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ