Symantec Y2.01K bug still stymies customers

eh?

gotta be something else or something bloody stupid. "2010" > "2009" in string comparisons. only perhaps if they were comparing "0" with "9" will they have a problem.

is required.

How can it be so hard to correct something like this? It should be a one-line fix unless their date handling is incredibly sloppy. Though the fact that this bug happened at all kind of suggests that it is.

Bzzt! Wrong!

Why we tossed Symantec products 6 years ago...

Errors in article

2009 is less than 2010 under string compare since in position 3 you have 0 which is less than all other digits. I presume the string compare was working on 9 and 10 in which case the latter is less than the former.

No surprise

This is no surprise. SEP is a bug ridden turd that performs badly and is annoying to use. The only reason we use it is because we are forced to.

Left as an exercise for the reader

Devise "a string compare function that interpreted 2010 as being earlier than 2009", given the additional constraint that it presumably must also give 2008 < 2009 and 2009 = 2009. (The latter constraint precludes simply returning a random result, which must by now be what Symantec's customers believe was happening.)

Oh, wait, I've just figured it out. They're reading the dates from right to left, so we have ...

0102 < 9002

8002 < 9002

etc

...so if Symantec's customers just sit out the next decade, they'll be fine come 1 Jan 2019. OK I'm kidding, but you have a go. Just *how* can you write a string comparison with the behaviour claimed by Symantec?

A far more likely explanation is that the bug gets all year comparisons wrong, or simply ignores years, but was written within the last 12 months and released without even the most elementary "new year" testing. As a result, the bug is seen for the first time on customer systems on a day when all the developers are on holiday.

Symantec Bug Fix Imminent

I received an email from Symantec last night to say that a fix to the Y2.01K bug would be released via LiveUpdate over the weekend. Apparently there will be no requirement to do anything with systems as the update will be applied by LiveUpdate and will correct the issue.

We'll have to wait and see if this is really true!!

Not only ridiculous..

...the offered explanation is also preposterous (in that word's original sense).

Just as glad I dropped them years ago

They off-shored all their support and forgot about programming and installation reliability. I was forever having problems with their stuff killing itself and their only answer was "uninstall and re-install". now that might have been interesting if their uninstall worked the way it should have worked, but it never did. Their "clean-up" program didn't clean out all the old crap from various folders and the registry so cleanup and uninstall never worked right. the final straw was right after i renewed my subscription to their crap service and a couple of weeks later an update killed it. that was the end and i've never looked at it again.

false sense of security

I needed/wanted to run a suspicious looking executable. I used ESET to manually scan it. It found nothing. Later when I scanned the trojan this executable unpacked, again it found nothing.

It was my own fault for trusting the virus scanner, yes. But had I not had a virus scanner, I would have been a helluva lot more careful.

Adding more code (with potential security holes of its own) surely is not the way to go as far as protection is concerned. Padding exploits is the only recourse.

Oh... I better upgrade to Linux, because surely there is no such thing as mysterious trojans there... Is there? (the way some Linux-heads act, it would be natural to assume this to be the case)

Evolution is to blame

Now we know what happened to the Mayans; they evolved into Symantec.

Obviously it was a lesser branch of Mayan culture that favoured 2010 as the end of the calendar rather than 2012, but still...

One of Microsofts's lesser know subsidiaries

I beleive they are still part of the MS empire.

But this is p&*s poor work. Should have been caught in testing (actually they should not have hired a programmer who would *make* that kind of mistake).

Why the hell are they coding their own date compare functions?

That's what libraries are for. And who the hell handles dates as strings except for displaying?

I did some coding back when a 286 was a top of the line machine, and 20MB was the harddisk you got in one (if you had the cash). For space reasons date storage was confined to 2 bytes: 5 bits for days, 4 for months, 7 for years with 1900 as the base year. And with the day in bits 0..5, etc, you could simply compare dates (insofar that was necessary, most was just date stamping) as unsigned words. Worked just right. Later we went with modified Julian date (because date comparisons, and especially date distances became relevant), which took four bytes. Just a few lib functions to convert to and from Julian. Date calculations are easy as pie that way.

If Symantec is reinventing that wheel, they're total fuckers. But we knew that already

Hard to fix?

@Pablo - poor/sloppy design, implementation and documentation can make problems like this difficult indeed to resolve, as any developer can attest. Not to mention the lack of proper testing which let a bug like this get out to the customers. Big FAIL for Symantec.

@AC - "uninstall and re-install" is the go-to response for many (all?) support desks, even when you tell them you already did it with no benefit. Apparently there is no plan B. Another Big FAIL to them, along with my undying contempt.

title required...answers on a postcard

SEP 11.0 i have at work is now working ok - was knackered until that point however.

Not usre why they could not support 2010 date the issues over the other peoples "2016" would have been down to maybe a Hex issue - as 10 in hex is 16

It's not just Symantic ...

... last week SpamAssassin was scoring email dated 2010 as "in the future" (generally a good indicator of spam). The initial "fix" has to change the regular expression such that the bug will come back to haunt us in 2020!

Is this issue not related to the othe year 2.01K problems?

While I'm sure the information above is useful, is the root cause not similar to the other year 2.01K problems reported already?

The underlying issue has been data stored as BCD - when 9 changes to 10, all of the integer compare functions stop returning the expected result.

PMSL!!!

PMSL, people use Symantec products still?! PMSL ROFL!!! Don't people learn? ROFL ROFL ROFL.

Answer to a question

There are several people assuming a string-comparison of a date as "2009" should < "2010", but there are several programming languages that have multiple date-comparison functions built in. VBA (if you've ever worked in M$ Access databases) has a string-to-date type function that has a cut-off date around 1910 or so. So, if you put in "10/20/25" it would translate out to 20 Oct 1925, but if you put "10/20/05" it would translate out to 10 Oct 2005, instead of 1905. If Symantec's lib function translates "01/01/10" to 01 Jan 1910, instead of the expected 2010, it could be a date interpreter and NOT the comparison function that is the root cause.

Just a thought.

FAIL (but I'll let you decide for who)