[AccessD] Latest Outrage from Symantec

Benson, William (GE Global Research, consultant) Benson at ge.com
Mon Apr 16 10:34:42 CDT 2012 

The key to your unhappiness:

"I'm not about to spend 4 minutes of my precious time on this earth trying to please"


Sorry to say it. I'd spend the 4 minutes, or the 40 - and bill my client, saying that it was done for their convenience. And if they didn't like it they should switch to a non-Norton's product.



-----Original Message-----
From: accessd-bounces at databaseadvisors.com [mailto:accessd-bounces at databaseadvisors.com] On Behalf Of Rocky Smolin
Sent: Monday, April 16, 2012 10:45 AM
To: 'Access Developers discussion and problem solving'
Cc: 'Off Topic'
Subject: [AccessD] Latest Outrage from Symantec

So I uploaded the installable exe of my MRP system to a folder on my website for a new customer to download - my standard procedure which has been working well for many years.
 
He called a couple minutes ago saying Symantec had detected a virus.  Not possible, of course.  I asked him what Symantec said and he said WS.Reputation.1. 
 
I looked it up.  You won't believe this:
http://www.symantec.com/security_response/writeup.jsp?docid=2010-051308-1854
-99
 
Apparently, my 'reputation' with Symantec isn't good enough to pass their gatekeeper.  The gatekeeper " uses "the wisdom of crowds" (Symantec's tens of millions of end users) connected to cloud-based intelligence to compute a reputation score for an application, and in the process identify malicious software in an entirely new way beyond traditional signatures and behavior-based detection techniques."
 
"Symantec's reputation technology system tracks the attributes of software files (applications, drivers and DLLs) from multiple sources, including: 



*	Anonymous data contributed by tens of millions of Norton
<http://www.symantec.com/about/profile/policies/ncwprivacy.jsp> Community Watch members
*	Anonymous data contributed by enterprise customers in a data
collection program tailored to large enterprises
*	Data provided by software publishers"

"The reputation-based system uses "the wisdom of crowds" (Symantec's tens of millions of end users) connected to cloud-based intelligence to compute a reputation score for an application, and in the process identify malicious software in an entirely new way beyond traditional signatures and behavior-based detection techniques. 

The system considers many aspects of a file, including file age, file download source, digital signature, and file prevalence. These attributes are combined using a proprietary algorithm to determine a file's safety reputation. The system maintains a rating for all files rather than just malicious files. Each software file is given a GOOD, BAD or SUSPICIOUS rating. 

Symantec's reputation-based security engine continuously monitors all files and over time a file's reputation may change."
 
Of course, since each exe file I send has the user's company name as part of the file name, it will never have enough users to gain a 'reputation'.  
 
Of course there are detailed (not) instructions on the site for software developers on which hoops to jump through in order to appease the Symantec gatekeepers.  I'm not about to spend 4 minutes of my precious time on this earth trying to please these blockheads.
 
In a stunning breakthrough defying all the laws of physics, Symantec has devised a system that both sucks and blows at the same time.
 
Rocky Smolin
Beach Access Software
858-259-4334
www.bchacc.com <http://www.bchacc.com/> www.e-z-mrp.com <http://www.e-z-mrp.com/>
Skype: rocky.smolin
 
 
 
-- 
AccessD mailing list
AccessD at databaseadvisors.com
http://databaseadvisors.com/mailman/listinfo/accessd
Website: http://www.databaseadvisors.com

More information about the AccessD mailing list