Norton have got it very wrong with WS.Reputation.1 detection

April 15, 2017 // Posted in General, Main, Uncategorized  

Norton's WS.Reputation.1 detection Notice

Norton’s WS.Reputation.1 detection Notice

The way Norton’s WS.Reputation.1 detection works is the most ridiculous thing I have ever seen in an anti-virus protection program.

 

If someone creates a new program or a new update to an existing program, and only a few people that use Norton have the file or it has only just been built, then Norton immediately deletes it and reports it as a threat without any checks on the file for malware.

Now if that isn’t ridiculous then I don’t know what is. It means that every new program that is first added to a user’s PC that is running Norton gets flagged as a threat for no reason at all.

Here is an extract from Norton’s write-up:

“WS.Reputation.1 is a detection for files that have a low reputation score based on analyzing data from Symantec’s community of users and therefore are likely to be security risks. Detections of this type are based on Symantec’s reputation-based security technology. Because this detection is based on a reputation score, it does not represent a specific class of threat like adware or spyware, but instead applies to all threat categories. 

The reputation-based system uses “the wisdom of crowds” (Symantec’s tens of millions of end users) connected to cloud-based intelligence to compute a reputation score for an application, and in the process identify malicious software in an entirely new way beyond traditional signatures and behavior-based detection techniques.”

They themselves say that Because this detection is based on a reputation score, it does not represent a specific class of threat , So they think that the file is not necessarily a threat, but delete it any way, just in case! DUH!  That IMO, is not the way antivirus protection should work. It should only identify a real threat that can be proven as a threat, that’s how all other antivirus programs work.

So it sees how many Norton users are using the file and when it was created to make it’s decission? DUH! That means that as it is deleted immediately by Norton, the number of Norton users will never increase so the ‘Reputation’ score will never change. So how can you increase the reputation score?

I myself have recently created a new small program and had this situation with users and have had to refund their purchases because Norton says my installer is a threat. My software is checked by an independent source before distribution with 61 different anti-virus engines and all report they are CLEAN. I have been developing small software applications for 25 years and have never had any issues with my programs they are all malware free and to have Norton now start saying they are a threat is deformation of my character and must be illegal to falsely claim a developer’s products are malicious.

This ridiculous identification is ruining the reputation of small developers as every new program they develop and set up on a PC running Norton, is immediately deleted and flagged as being a threat, when there is no threat at all. Most users will believe Norton and then never take the steps (which are not simple) to get around the Norton false detection.

This needs to be addressed by Norton Now! It is ruining the good reputation of small developers because Norton is saying their software is a risk when it is perfectly safe and no risk at all.

If you are experiencing these issues with Norton please comment below.

regards

Steve

This entry was posted on April 15, 2017 at 6:46 am and is filed under General, Main, Uncategorized (Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ). You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Reply (name & email required)

%d bloggers like this: