Security firm Symantec withheld information about at least one big cyberthreat for hours after spotting it, possibly harming millions of Internet users. Symantec claims to have identified the Slammer worm that ravaged the Internet during the last weekend of January hours before anyone else did. Symantec then shared the information only with select customers, leaving the rest of the global community to get slapped around by Slammer. In a Feb. 12 press release about its DeepSight Threat Management System, Symantec boasts that the company "discovered the Slammer worm hours before it began rapidly propagating … then delivered timely alerts and procedures (to DeepSight users), enabling administrators to protect against the attack." Security experts are angry that Symantec did not publicly release any information the company had regarding Slammer. http://www.wired.com/news/infostructure/0,1377,57676,00.html
Hang about, they're not a public service. Good publicity - Symantec put their customers first. /me updates viri defs/
Precisely. Symantec doesn't have to say anything to anyone. If they told their customers and no one else, good for them. And if they knew about the worm, but had no way of stopping it, it really didn't matter. The best they could've done was tell the other antivirus companies so they could update their definitions, which would be bad business. As for the idea that they are an accessory to the crime by not telling everyone about it... Symantec isn't like a witness to a crime. They're more like a private hospital. If you don't pay to go into their hands, you can go to the public hospital which is a lower-grade.
