Jim Dettman
jimdettman at verizon.net
Mon Apr 16 10:43:06 CDT 2012
Problem is, the entire industry is heading towards reputation based screening. You can't keep up otherwise. I happen to clean-up a virus incident at one of my clients last week and as part of that ran Spybot Search and Destroy; it's now up to 812,000 items it checks for and the scan took almost an hour for the entire system. Jim. -----Original Message----- From: accessd-bounces at databaseadvisors.com [mailto:accessd-bounces at databaseadvisors.com] On Behalf Of Benson, William (GE Global Research, consultant) Sent: Monday, April 16, 2012 11:35 AM To: Access Developers discussion and problem solving Subject: Re: [AccessD] Latest Outrage from Symantec The key to your unhappiness: "I'm not about to spend 4 minutes of my precious time on this earth trying to please" Sorry to say it. I'd spend the 4 minutes, or the 40 - and bill my client, saying that it was done for their convenience. And if they didn't like it they should switch to a non-Norton's product. -----Original Message----- From: accessd-bounces at databaseadvisors.com [mailto:accessd-bounces at databaseadvisors.com] On Behalf Of Rocky Smolin Sent: Monday, April 16, 2012 10:45 AM To: 'Access Developers discussion and problem solving' Cc: 'Off Topic' Subject: [AccessD] Latest Outrage from Symantec So I uploaded the installable exe of my MRP system to a folder on my website for a new customer to download - my standard procedure which has been working well for many years. He called a couple minutes ago saying Symantec had detected a virus. Not possible, of course. I asked him what Symantec said and he said WS.Reputation.1. I looked it up. You won't believe this: http://www.symantec.com/security_response/writeup.jsp?docid=2010-051308-1854 -99 Apparently, my 'reputation' with Symantec isn't good enough to pass their gatekeeper. The gatekeeper " uses "the wisdom of crowds" (Symantec's tens of millions of end users) connected to cloud-based intelligence to compute a reputation score for an application, and in the process identify malicious software in an entirely new way beyond traditional signatures and behavior-based detection techniques." "Symantec's reputation technology system tracks the attributes of software files (applications, drivers and DLLs) from multiple sources, including: * Anonymous data contributed by tens of millions of Norton <http://www.symantec.com/about/profile/policies/ncwprivacy.jsp> Community Watch members * Anonymous data contributed by enterprise customers in a data collection program tailored to large enterprises * Data provided by software publishers" "The reputation-based system uses "the wisdom of crowds" (Symantec's tens of millions of end users) connected to cloud-based intelligence to compute a reputation score for an application, and in the process identify malicious software in an entirely new way beyond traditional signatures and behavior-based detection techniques. The system considers many aspects of a file, including file age, file download source, digital signature, and file prevalence. These attributes are combined using a proprietary algorithm to determine a file's safety reputation. The system maintains a rating for all files rather than just malicious files. Each software file is given a GOOD, BAD or SUSPICIOUS rating. Symantec's reputation-based security engine continuously monitors all files and over time a file's reputation may change." Of course, since each exe file I send has the user's company name as part of the file name, it will never have enough users to gain a 'reputation'. Of course there are detailed (not) instructions on the site for software developers on which hoops to jump through in order to appease the Symantec gatekeepers. I'm not about to spend 4 minutes of my precious time on this earth trying to please these blockheads. In a stunning breakthrough defying all the laws of physics, Symantec has devised a system that both sucks and blows at the same time. Rocky Smolin Beach Access Software 858-259-4334 www.bchacc.com <http://www.bchacc.com/> www.e-z-mrp.com <http://www.e-z-mrp.com/> Skype: rocky.smolin -- AccessD mailing list AccessD at databaseadvisors.com http://databaseadvisors.com/mailman/listinfo/accessd Website: http://www.databaseadvisors.com -- AccessD mailing list AccessD at databaseadvisors.com http://databaseadvisors.com/mailman/listinfo/accessd Website: http://www.databaseadvisors.com