Y2.01K, The Register, and Symantec

The Register’s Dan Goodin has had a go at Symantec over their Y2.01K update problem. Anyone would think that Symantec users had been unprotected since January 1st, which is nonsense: the kludge of misdating updates so as to circumvent the bug may not be elegant, but it gets the updates onto the machine, which is what matters, and has given the company the opportunity to do what any responsible security company would do: take the time needed to produce an effective, permanent fix, rather than flying into a panic.

Effective security software is complex code often produced under time pressures, and even security programmers are human: it would be miraculous if they never made mistakes. I have heard it suggested that even journalists get it wrong occasionally, but that’s probably just a malicious rumour. 😉

David Harley FBCS CITP CISSP
Chief Operations Officer, AVIEN
Director of Malware Intelligence, ESET

Also blogging at:
http://www.eset.com/threat-center/blog
http://smallbluegreenblog.wordpress.com/
http://blogs.securiteam.com
http://blog.isc2.org/
http://dharley.wordpress.com

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.