In the security hot seat - Interview with Tim Mather
Results 1 to 9 of 9

Thread: In the security hot seat - Interview with Tim Mather

  1. #1
    Senior Member
    Join Date
    Mar 2004
    Posts
    510

    Post In the security hot seat - Interview with Tim Mather

    \"You got a mouth like an outboard motor..all the time putt putt putt\" - Foghorn Leghorn

  2. #2
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,190
    Hmmmmmmmmmm,

    We have our National elections coming up shortly, so I suppose I am in hyper cynical mode

    / me thinks: "He eats too high off the hog.............someone wrote it for him"

    c'mon, at his level you are not responsible...........you delegate, then spend your life playing office politics...............or are things so much different in the US than over here?

    Don't get me wrong, the article in itself is interesting because you can be sure that it is Symantec's "corporate take" on things.


  3. #3
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    Zero-day attacks seem to be getting nearer to becoming a reality. How should we address this?
    *COUGH*.... Bullshit question.... utterly ridiculous and uninformed(?) answer...

    Mather: Oh, that's very real. And it's not just the fact that an attack is out, and there isn't a patch for it. It's the fact that the exploit already exists, and nobody knows the vulnerability was there. If you look at the threat lifecycle here, there are two time lags. First, the time when a vulnerability is discovered and a patch made available. Second, the time the vulnerability is discovered--which may not be the same as the time it's announced publicly--to when the exploit is available. And this is the one that is shrinking. A zero-day exploit is the exploit arrives before the vulnerability is even announced. It used to be that the patch beat the exploit. The time difference between the two has shrunk substantially. And now in many cases, you're lucky if the patch actually beats the exploit, let alone the time it takes to apply the patch which, in an enterprise, can be considerable.
    There are numerous examples of "zero days" out there throughout the history of remote attacks. At least he know the definition.... The question was a rubbish question and he should have "hit it out of the park". As it was his best response was weak at best... and he's the CSO of Symantec.... I hope his security skills exceed his communication skills...

    There were other "softballs" thrown at him to and he _could_ have been a much better interviewee... But he isn't... Frankly, I'm unimpressed by him as a corporate figurehead.... I really hope he is better than he comes across.... But then again I lost a lot of faith in Symantec's bloatware a long time ago....
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  4. #4
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,190
    Hey Tiger~

    I never came across a senior executive giving a magazine interview without seeing all the questions up front?


  5. #5
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    ... and that was the best he could do.....

    I'm sorry, (no I'm not), Symantec _used_ to be a good product.... No longer....
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  6. #6
    Senior Member
    Join Date
    May 2003
    Posts
    1,199
    Ive said it before, and Ill say it again.

    Symantec is to anti-virus what AOL is to the internet.

    It is a huge name that too many people think is the end all, when in fact it is substandard and bloatware.
    Everyone is going to die, I am just as good of a reason as any.

    http://think-smarter.blogspot.com

  7. #7
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    Ahhh... It _used_ to be pretty good....

    I remember back in 1991 or 1992... Yes, I'm reminiscing...

    Stoned, (the virus), was on the receptionist's computer... It was broken, but it was there in the boot sector and showed itself. I decided to go and buy the only publicly availabe, (without those high speed dial ups to BBS's we had back then), anti-virus solution in the local store... Norton AV, (this was just before McAfee who I already knew about but wouldn't have dealt with if he was the only game in town). Now Frisk was out there but at work we had no modems so downloading his AV, (F-Secure it is now... I seem to remember it was different back then), wasn't an option.

    Having installed it and run the detection it told me it found "Stoned". So I told it to fix it.... It failed dismally... Looking at the boot sector it was clearly still there and Norton even told me that too... In panic and fear - the receptionist was also the typist that typed all the documents and thus they were at risk on her box because the backup was _huge_ on 5 1/4" floppies I called Norton....

    Suffice it to say we were lucky.... The _only_ reason Stoned was broken was exactly the same reason Norton couldn't fix it... It was an NEC drive that had a different sector size than the other common drives and Stoned and Norton relied on the sector size to be "common". The tech talked me through a replacement of the boot sector using Debug and it worked perfectly....

    I still use a couple of Symantec products... mainly because they are "mainstream" and if I have to change staff I would expect a new employee to be familiar with their networked products rather than some "proprietary" thing....

    They _were_ good... Their growth has caused them to try to create "the be all and end all" of products... In doing so they messed up their product.... Oh well..... Didn't IBM do something similar?
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  8. #8
    Banned
    Join Date
    Jan 2003
    Posts
    30
    There are numerous examples of "zero days" out there throughout the history of remote attacks. At least he know the definition.... The question was a rubbish question and he should have "hit it out of the park".
    Well look at AO as a fine example of what you've just posted. Truely the only person who seems to be active in the "security field" is Tony. And all we've ever seen from him is his BS articles with his name and photo plastered on it. This is only good in comparison to alot of other stuff that ends up here.

  9. #9
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,190
    Hey Tiger~,

    Somewhere I have NAV 1.0 on a 5.25"................it claims to detect all 760 known viruses

    It used to be a good product....................

    I also remember using McAfee.............I would get this packet of update floppies once a month from Holland

    Ahhhhh................"the old days"


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •