Symantec Norton Antivirus source code published by indian hackers pastebin.com/ciExRzr3“

— Anonymous (@YourAnonNews) January 4, 2012

In response to this warning, Symantec has issued a security white paper (pdf) recommending that all users of pcAnyhwere disable the software until further notice.

“Upon investigation of the claims made by Anonymous regarding source code disclosure, Symantec believes that the disclosure was the result of a theft of source code that occurred in 2006. We believe that source code for the 2006-era versions of the following products was exposed: Norton Antivirus Corporate Edition; Norton Internet Security; Norton SystemWorks (Norton Utilities and Norton GoBack); and pcAnywhere.”

pcAnywhere is a Norton product that allows for direct PC to PC communication.If the ctolen source code is actually released, the damage to networks that use pcAnywhere could be considerable.

More detailed information from the white paper:

Our current analysis shows that all pcAnywhere 12.0, 12.1 and 12.5 customers are at increased risk, as well as customers with prior, unsupported versions of the product. pcAnywhere is also bundled in three Symantec products, Altiris Client Management Suite and Altiris IT Management Suite versions 7.0 or later, and Altiris Deployment Solution with Remote v7.1. In addition, customers with earlier versions of Altiris suites may have opted to leverage pcAnywhere. The increased risk is isolated to the pcAnywhere components only. There are no known impacts to the rest of the components in the Altiris products or the pcAnywhere Solution component that provides integration between pcAnywhere and the Symantec Management Console. Customers should validate the remote control tools currently in use.

Embarrassing data losses by the Department of Veterans Affairs and the Internal Revenue Service have led the Office of Management and Budget to issue a memorandum on encrypting personally identifiable information when it is taken away from the office.

Agencies have until August to comply with the OMB request. This will enable them to compensate for a lower level of physical security when data leaves the confines of a secure facility.

The data security company GuardianEdge released a white paper on the topic to assist those agencies in complying with OMB.

“This White Paper is a one-stop companion guide for completing the NIST security checklist and achieving the objectives set forth by the OMB memo, providing key information about how to properly identify and protect PII in a timely and cost-effective manner,” the company said.

On the syndication side of the world, there is a new way to tag RSS feeds.

Called GeoRSS, the Open Geospatial Consortium (OGC) has developed it as a way for feed creators to place location information into those feeds.

The OGC GeoRSS White Paper discussed the proposal, and cited GeoRSS as “important stepping stone in the evolution of the geo-semantic web.”

World Wide Web inventor Tim Berners-Lee has espoused the Semantic Web concept; it also has a place in a W3C project.

That project has noted challenges exist when it comes to placing geospatial information into online content; we think those challenges will exist for GeoRSS as well.

Discuss this article with your fellow WebPros at WebProWorld.
—

Add to Del.icio.us | Digg | Yahoo! My Web | Furl

Bookmark WebProNews:

David Utter is a staff writer for WebProNews covering technology and business.