Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Search - "symantec"
-
Last year, a customer bought a very expensive Symantec certificate for their website (that is not hosted by us).
They got the certificate and everything seemed nice. We got paid and all everything.
And yesterday, the customer called and said that their certificate has stopped working. I thought "that is strange" so I visited their site and what I saw was horrible.
The site has used and still used a Let's Encrypt certificate. The webdevs they have had not bothered to install the very expensive Symantec certificate for $1500...13 -
Here is my list of horrible techs which are common in my current and previous workplace which should be extinct ASAP:
SAP
SharePoint
Java applets
Java Swing desktop apps
C# Windows Forms desktop apps
ASP/JSP
VB
RemoteApp
Shitty insecure php web apps
Micorsoft Access DB
Windows XP
Windows Servers
Closed Linux-based appliances which lack many basic GNU software and are forbidden to tamper with
Every single Symantec product
Post yours below19 -
SSL FYI for anyone using Thawte, VeriSign, Equifax, GeoTrust, and RapidSSL Certs, Chrome will distrust next year.
https://security.googleblog.com/201...8 -
@netikras since when does proprietary mean bad?
Lemme tell you 3 stories.
CISCO AnyConnect:
- come in to the office
- use internal resources (company newsletter, jira, etc.)
- connect to client's VPN using Cisco AnyConnect
- lose access to my company resources, because AnyConnect overwrites routing table (rather normal for VPN clients)
- issue a route command updating routing table so you could reach confluence page in the intranet
- route command executes successfully, `route -n` shows nothing has changed
- google this whole WTF case
- Cisco AnyConnect constantly overwrites OS routing table to ENFORCE you to use VPN settings and nothing else.
Sooo basically if you want to check your company's email, you have to disconnect from client's VPN, check email and reconnect again. Neat!
Can be easily resolved by using opensource VPN client -- openconnect
CISCO AnyConnect:
- get a server in your company
- connect it to client's VPN and keep the VPN running for data sync. VPN has to be UP at all times
- network glitch [uh-oh]
- VPN is no longer working, AnyConnect still believes everything is peachy. No reconnect attempts.
- service is unable to sync data w/ client's systems. Data gets outdated and eventually corrupted
OpenConnect (OSS alternative to AnyConnect) detects all network glitches, reports them to the log and attempts reconnect immediatelly. Subsequent reconnect attempts getting triggered with longer delays to not to spam network.
SYMANTEC VIP (alleged 2FA?):
- client's portal requires Sym VIP otp code to log in
- open up a browser in your laptop
- navigate to the portal
- enter your credentials
- click on a Sym VIP icon in the systray
- write down the shown otp number
- log in
umm... in what fucking way is that a secure 2FA? Everything is IN the same fucking device, a single click away.
Can be easily solved by opensource alternatives to Sym VIP app: they make HTTP calls to Symantec to register a new token and return you the whole totp url. You can convert that url to a qr code and scan it w/ your phone (e.g. Google's Authenticator). Now you have a true 2FA.
Proprietary is not always bad. There are good propr sw too. But the ones that are core to your BAU and are doing shit -- well these ARE bad. and w/o an oppurtunity to workaround/fix it yourself.13 -
WHY!
Email was invented a gazillion years ago and it's still a shiit experience to setup on linux. Just give me ONE complete package!!
nooo i need to get postfix, dovecot, spamassassain mailscanner, antivirus, opendmarc, opendkim, dovecot-managesieve dovecot-sieve, roundcube, database, webserver and then i still have to configure everything and setup certs, spf, dnssec, dkimkeys on the domains, domains, mailboxes, deny weak certs etc.
I know the whole do one thing and do that one thing well but how about you just be a mailserver and do that ONE thing well without me needing to putting all of the puzzle pieces together myself! I don't want to waste time setting all this shit up. and don't even get me started on symantec and live.com and their blocking!14 -
Symantec/Norton users please patch your AV immediately, problem that's listed in CVE-2016-2208, which can help you destroy your kernel.
-
Saw a bit of chat of Windows Defender being not such a bad free product... Is anyone here like me (and old enough to be in the tech world at the time) and miss Norton's products, _before_ it was taken over by Symantec?1
-
The worst documentation has to be Veritas Backup Exec. The company bought it from Symantec, and now it's a very awkward mesh of 404'd links, ancient articles and recently made articles.1
-
Someone mentioned antivirus and custom code... it reminded me of when Symantec Endpoint Protection received an update and some of our production servers had our custom apps quarantined. We had about four servers that had most of our custom apps removed. When it happened I thought someone was monkeying with the servers (they were our task servers used for task and service jobs). It took me about an hour to realize what happened then another hour to get the SEP admins to disable it until we could get another patch. Fun day.