I've got a fair few clients on Endpoint, and a number using PC Anywhere, and they will be getting alternative software very shortly as there's no excuse for Symantec deceiving the media and their customers. They have certainly not contacted them as yet regards patching or reinforcing security as they've alleged they're doing in the news.
This isn't the first time elements of their code have fallen into the wrong hands. I'm not convinced that we've ever really been told the truth in the past either. Symantec refer to a loss of their code back in 2006, and alleged just a week ago that the present intrusions related to data which also dated from the same period.
A Google news search for articles in the year 2006 regarding theft of any of their code reveals precious little; but news reports reveal bickering between them and Microsoft over the way that Vista was obliging them to revamp elements of their own security and remote access software.
User Account Control had reared it's head for the first time.
Data concerning the changes Symantec implemented in 2006 would have been modified to cope with UAC in Vista, and that's not fundamentally all that different in Windows Seven.
It's not so much the anti-virus and internet security products that worry me, although the code will be doing the rounds in cyberpunk usenet groups and underground forums and Symantec's biggest worry is likely to be hackers finding ways to circumvent licensing checks.
What is more concerning is the potential for impact on PCAnywhere users. It could create the biggest ever security risk they'll face. Remote VPN, Remote Server Access Software, Remote PC Manager | Symantec pcAnywhere
The code that secures users privacy is likely to be reverse engineered to try and allow criminals to access end user computers where they can then steal personal and financial data, destroy documents and archives, implant a virus, steal passwords, creditcard details, bank urls, user details, and software & gaming serial numbers.
We're supposed to take the word of the thief that the code isn't being put out into cyberpunk land? Yeah. Right.
Symantec are expecting a full frontal assault on PC Anywhere, probably not this week or next, but in the coming months. It will be like a hacker having unrestricted access to your desktop and archives as if he were sat at your computer.
At least end users can uninstall the software to protect themselves until it becomes clear how severe the risks are.
If it were Microsoft saying they had lost crucial code relating to components that granted hackers remote access to Windows Seven PC's would you feel any more reassured?