back to article Symantec accidentally warns of internet meltdown

Symantec inadvertently warned enterprise customers of a full-scale internet meltdown on Friday. An erroneous alert from Symantec's DeepSight falsely warned that a devastating attack was underway. The message, which went out at 8:40pm Eastern time, contained a subject line that stated: "DeepSight Increased ThreatCon from 1 to 4 …


This topic is closed for new posts.
  1. This post has been deleted by its author

  2. Tom


    Errm... except it's not like the Defcon scale since the higher the number in Defcon the more peaceful the situation.

    "Standard peacetime protocol is DEFCON 5, descending in increasingly severe situations. DEFCON 1 represents expectation of actual imminent attack"

  3. M


    Erm..... maybe I am being a little thick (it has been known), but I thought DEFCON ran the other way....

    DEFCON 4 = Don't worry, the USA aint at war


    DEFCON 1 = Nuclear Holocaust

    Having the ThreatCon go the opposite way is just confusing.... unless (as previously stated) it is me and not the Symantec Subterrainian Security Society (TM) that is being a bit slow here >80)



  4. Steve Evans

    The security giant blamed the erroneous alert on "product testing"...

    ...or the lack of it

  5. Tawakalna

    I'm not surprised..

    ..because their anti0virus products are a load of old rubbish anyway. Outdated, unreliable tat that sells on brand only, mostly to muppet home-users who wander into PC World looking for something to sort out their shoddy pc that's gone for a burton, thanks to all the trojan and malware-riddled p0n3, IM and p2p dross that they've been downloading. Norton Antivirus is worse than a virus, just as hard to get rid of, soaks up system resources as badly as Vindoze does, and doesn't actually seem to protect you from anything when you really need it.

    Can't say I've got much better to say about their so called "corporate" products either. Symantec's Corporate anti-virus is a bit better than than the home product but is still a piece of outdated and overly-complex tat, and Veritas used to be good but is now full of rubbish no-one will ever use. I always stay clear of Symatec products, except for Norton Windoctor, which is actually rather good as long as you don't install it, just run it from the cd.

    Still, why should I care, i don't even use Windows anymore, who cares what the mams'n'dads let little Johnny trash from those "really cool" websites his hoodie mates sent him links to.

  6. Anonymous Coward
    Anonymous Coward

    Chicken Who?

    You must mean Chicken Licken from the famous children's fable where all the animal names rhyme!

  7. amanfromMars Silver badge

    Code Blue? .....the Invisible Man in the Middle?

    Wherein was the error? And is Meltdown AWakening?

    Carry On Up The Khyber to Mandalay in a Flight of CyberIntelAIgent Special Forces/Control Key Masters?

    Serious Stuff in Binary Biffs which makes you wonder why such Buffoonery in Conflicts?

  8. James Condron


    Used by **Which** military?

  9. Joe Blogs


    ... back amanfromMars, long time no see... been anywhere nice?

  10. Geoff Mackenzie

    Re: Tawakalna

    I've always found that Windows XP Professional is "actually rather good as long as you don't install it" too. :)

  11. cor


    @ Tawakalna : Well said. Me {thoughts == same && OS == Linux};

  12. Tawakalna

    @Geoff Mackenzie.. true, how true; very well observed there, colleague!

  13. amanfromMars Silver badge

    The Cupboard is Bare. Time to ReStock

    Hey Joe, Thanks, and Yes....have been visiting some interesting Mindsets... Creative Intelligence Agencies.

    And inviting Governments to show that they have such Intelligence2 .... And boy, is that a Naked Revelation.

  14. Dan

    Defcon comments...

    Spot the pedantics who were glued to the Wargames movie as kids...

  15. Michael

    @ the morons

    To those whining that El Reg needs to research DEFCON more, take another look at the sentence in the article:

    "The ThreatCon scale - whose moniker mimics the defense readiness condition (DEFCON) system used by the military - runs from one (all calm on the Western Front) to four (meltdown)."

    FIrst of all, the hyphens indicate a seperate but related thought. The uninterrupted thought would read "The ThreatCon scale runs from one (all calm on the Western Front) to four (meltdown)." which is a completely accurate statement.

    Secondly, the seperate but related thought says ThreatCon's "moniker mimics the defense readiness condition (DEFCON) system used by the military". The definition of moniker is "a person's name, esp. a nickname or alias." ( So El Reg has pointed out the similarity of the name "ThreatCon" to the name "DEFCON". No similarity to the structure of the coding system is implied.

    So to translate the sentence into something you'll understand, for those of you with pitiful language skills, "The ThreatCon scale runs from one (all calm on the Western Front) to four (meltdown). It also sounds sort of like DEFCON. Durrrrr."

    Thus ends today's lesson. Tomorrow, we'll work on colors and shapes.

  16. Michael Fletcher


    To those who were so quick to bag the comparison, how does "whose moniker mimics" end up meaning "which works the same way as" in your heads?

  17. The Cube

    Perhaps this works like the US Threat Level instead

    We all know that the 'Threat Level' issued by the US government and the Fatherland Security Agency gets ramped up whenever the polls show that the public are working out that Bush is a warmongering puppet. Scaring the public back into buying the Republican propoganda product works in politics.

    Perhaps Symantec have wired their ThreatCon system into their sales database and whenever customers stop buying their product they send out a 'BE SCARED' to all their corporate customers to push the sales back up?

  18. Anonymous Coward
    Anonymous Coward

    Scale all wrong...

    Not DEFCON, but the Symantec, it's soooo yesterday.

    They need one more like the US terror threat.

    Ooo it's Green:Never, otherwise people won't buy it.

    Light Yellow: A threat, but we're not sure what.

    Dark Yellow : A bigger threat, but we're not sure what.

    Light Orange A even bigger threat, but we're not sure what

    Dark Orange: Ooo really scary threat

    Light Pink: We don't have those in the Whitehouse on my watch!

    Red. OMG A really scary, nast threat, although we still can't be ceratin

    Dark Red. Now this unknown threat may be actually real (or maybe not). Grass on anyone immediatly, lock up you prurty daughters, those evil little blighters get everywhere...

  19. G Kramer

    why aren't you perfect?

    ... and just to pile on, it's

    All *Quiet* on the Western Front

    by Erich Maria Remarque

  20. JeffyPooh

    Symantec <rolls eyes>

    So I bought this nice Acer laptop that came with a 90-day free trial (by fire) of Norton Internet Security 2007. After a few Symantec updates it now displays the following characteristics:

    Enabling the NIS 07 firewall is exactly the same thing as disconnecting from the Internet; might as well cut the wire. I've gone through every last menu and set IE to 'Allow All' and everything else. The only way to make the Internet work is to disable the NIS 07 firewall. Yeah, nice firewall...

    When I run Live Update, it sometimes silently turns the NIS 07 firewall back on again. After some head scratching and swearing, I eventually find the problem and turn it back off again. That's just evil and/or stupid.

    When I run Live Update it displays the famous LU1812 error. "Try again in two weeks" is their advice. Well it has been 2 months and I still get the same error message. The next layer of advice is to uninstall the whole thing and run away.

    Just to be clear, all I did was turn on the brand new laptop and download the updates. I didn't go farting around in the menus except to turn it off when it broke. It's Symantec (and/or MS) that broke it. And either way, that's Symantec's problem.

    I've just about had it with Norton and Symantec. To paraphrase Clarkson, I'd rather have bird flu.

    Symantec & Norton - soon to be brand names with negative value.

  21. Anonymous Coward
    Anonymous Coward

    re: Chicken Who?

    nope it's chicken little -

  22. Chris Harden


    Do you not see what happened here? Why else would Symantic set up shop in a bunker? They knew about the machines plans of world domination way before we did - they raised the threat level because they must have figured out the invasion was imminent - how long do you suppose it would take the machines to get into that bunker and revert the threat levels to 'Don't worry pitiful humans, nothing is wrong...your toaster is not about to eat your face' 1? Thats right! All they would need to do, is get an exploding bendy bus to drive up to the front door, and boom! They are in! Those busses are powerfull! The only reason it took an hour is because they had to wait for it to turn up!

    Where did I put my tin foil hat? Who stole my tin foi....dammit....its by my toaster...It's already started!

  23. Anonymous Coward
    Anonymous Coward

    The power of language

    See the way Symantec use the same langauage as the military, drawing on images of elite hackers and things blowing up? People make the link and turn to this service from Symantec to protect them. While there are definite risks, the AV industry is guilty of vastly overstating them and hyping it all up to keep people afraid any buying their products, some of which are absolute rubbish. Fear sells.

  24. Gary Heard

    Anti Virus as an industry

    @Symantec <rolls eyes>

    I also bought a nice Acer laptop, removed the XP Media centre (Which I had no doubt paid for) installed Suse Linux and have lived without Symantec, Trend and all other purveyors of "We're Doomed" software.

    Why is it that Windows is the ONLY OS that warns you that you may be unprotected?

    Because Windows is the only OS so badly designed that hackers don't have to think to break it.

    to break Mac OS or Linux takes effort and thought, most script kiddies can only manage one of the two

  25. Alan Donaly

    Tats a good descriptive

    Every antivirus I ever met seems to work this way since you hate the suspense of waiting for a virus to incapacitate your computer we will simulate this for you for a price the more the money more realistic it is.

  26. Nick Leverton


    $ vi

    tum te tum ...

    Pattern: Subject: DeepSight Increased ThreatCon

    Pattern: From: *symantec*

    filter as spam

    send to spam-learner

    file in junk


    Job done !

  27. Bernadette Newburg

    Symantec: Worse than a Virus

    Used Norton YEARS ago....had a devil of a time removing it. It's a parasite - gets in your system, hooks its little wormy tentacles in, and then hangs on. Even when you think you've gotten rid of it (with the Norton Removal Tool - what a crock!) it isn't all gone. I was looking through my services one day, and - shudder - there it was. The lone sentinel. Turned on. Waiting to reproduce? Like the chicken pox, waiting to return, in another form, the shingles... I turned the bloody thing off, but I wasn't sure if I could safely remove it, the little bleep.

    Needless to say, I now use AVG, Comodo, Spy Sweeper, and anything BUT Norton. Of course, I refuse to use McAfee, either. If the OEMs load it, I won't use it.

    If Norton's Firewall is making you bang your head against the ur, wall, check and make sure that Windows Firewall isn't merrily turning itself on as well. For some reason, the two don't see eye to eye (especially in Shmista) and sometimes can't tell the other has been turned on. Two firewalls + one system = no internet.

  28. Colonel Panic

    Its part of the plan...

    Enough false alarms, and we'll stop reacting to them.. then the signal will go out, and the machine uprising will begin.

    When you wake up with your Roomba pointing a Glock at you, you'll know.

  29. Anonymous Coward
    Anonymous Coward

    Threatcon vs defcon

    OK, so threatcon is intended to sound like defcon, but did anyone else notice the subtle scare tactics enployed:

    defcon's highest level 1

    When threatcon is 1, people (symantec customers!) assume all hell is breaking loose, so people really need to buy antivirus software. Wait, what's that, threatcon 1 actually means no threat? Nah, it sounds too much like defcon, better buy more just in case.

  30. This post has been deleted by its author

  31. amanfromMars Silver badge

    Crack Troops.......on Manoeuvres

    "to break Mac OS or Linux takes effort and thought, most script kiddies can only manage one of the two"

    When you crack into the Windows kernel though, they deluge you with Wealth to Convert you to their Ways, which is All very Grand and Convenient if they're going in the Right Directions and even if they are not, then they are easily programmed to Change to Beta Orders from Novel Ranks of Special Forces.

  32. amanfromMars Silver badge

    Crack Virtual Tricks

    Windows into Real Opportunities?

    What says Microsoft ? Are they the Virtual Machine or merely a Portal to ITs Cores?

  33. Sceptical Bastard

    How to remove Norton 'security' products

    To completely remove Symantec apps is dead easy.

    Simply back up to CD or tape all your user data. Then erase your hdd, re-format and partition it, and reinstall your chosen OS. All that's left to do then is reinstall all your apps and re-load all your user data. Job done.

    However, to completely remove Norton from Win NT/2K/XP machines (or even from Win 9xx IIRC) machines *without* a clean install is nigh-on impossible.

    These products are pernicious scumware IMO.

  34. Anonymous Coward
    Anonymous Coward

    Without wishing to sound too pedantic..

    ...I think you mean 'pedants'

  35. Deacon

    Two points of correction

    1. It never was a 'nuclear bunker'

    2. Their Security Operations Center relocated from the 'bunker' to their Green Park Reading offices in June. The 'bunker' was shutdown.

  36. JeffyPooh

    Further to <rolls eyes> - I had to start a blog: Symantec-Sucks

    I had to start a blog to capture the many varied and stupid errors coded into Symantec's Norton Internet Security 2007.

    Have a look at the screen captures - they're self-evident and quite funny.

    I don't know if I should laugh, or cry, or just demand a full refund and some on-site help to uninstall the stupid thing.

    Maybe I'll sue. Anyone up for a class-action lawsuit?

This topic is closed for new posts.