Does anyone happen to know whether namecoind is detected by Norton Antivirus? I've received a report suggesting that it may be the case. I know namecoind connects to IRC to bootstrap, and contains the code to mine currency, both of which may be associated with botnets by incompetent antivirus programs. I don't have access to Norton to test this... so I'm curious.
Thanks.
EDIT: Oh, how fucking wonderful is this. Norton identifies ANY UNKNOWN FILE as a virus. Check it out:
https://www.virustotal.com/en/file/a395 ... 390638359/
http://www.symantec.com/security_respon ... 08-1854-99
http://community.norton.com/t5/Norton-3 ... -p/1003769
http://community.norton.com/t5/Norton-I ... d-p/616601
http://www.codeandweb.com/blog/2012/06/ ... developers
http://www.mindworkshop.info/windows/th ... -positive/
Apparently Norton will silently quarantine or delete any unknown executable file that it sees, including namecoind. This would explain the massive trouble my beta tester went through on Thursday, where Convergence for Namecoin wouldn't work until he reinstalled it with Norton disabled. How in the fuck is Norton still in business with ridiculous business practices like this?
namecoind issues with Norton Antivirus?
-
- Posts: 2001
- Joined: Tue Jun 05, 2012 6:25 am
- os: linux
-
- Posts: 801
- Joined: Sun Aug 18, 2013 8:26 pm
- os: mac
Re: namecoind issues with Norton Antivirus?
Bucket-loads of money.biolizard89 wrote: Apparently Norton will silently quarantine or delete any unknown executable file that it sees, including namecoind. This would explain the massive trouble my beta tester went through on Thursday, where Convergence for Namecoin wouldn't work until he reinstalled it with Norton disabled. How in the fuck is Norton still in business with ridiculous business practices like this?
Try this ツ.
DNS is much more than a key->value datastore.
-
- Posts: 2001
- Joined: Tue Jun 05, 2012 6:25 am
- os: linux
Re: namecoind issues with Norton Antivirus?
Reportedly it takes 1-2 weeks for Symantec to whitelist something, which means any security updates to Namecoin would have to wait 1-2 weeks for the whitelist. That's not acceptable, the only acceptable solution is to tell people to disable Norton.indolering wrote:Bucket-loads of money.biolizard89 wrote: Apparently Norton will silently quarantine or delete any unknown executable file that it sees, including namecoind. This would explain the massive trouble my beta tester went through on Thursday, where Convergence for Namecoin wouldn't work until he reinstalled it with Norton disabled. How in the fuck is Norton still in business with ridiculous business practices like this?
Try this ツ.
-
- Posts: 801
- Joined: Sun Aug 18, 2013 8:26 pm
- os: mac
Re: namecoind issues with Norton Antivirus?
After reading deeper into some of those threads, others claim that this isn't a blanket rule applied to ALL new software, as some claim. I'm also reading reports of the .3 series using IRC for bootstrapping. The rebase would help as would signing the binaries which, to be fair, we should be doing anyway
Of course charging us for the right to distribute software is utter bullshit but ....
Of course charging us for the right to distribute software is utter bullshit but ....
DNS is much more than a key->value datastore.
-
- Posts: 2001
- Joined: Tue Jun 05, 2012 6:25 am
- os: linux
Re: namecoind issues with Norton Antivirus?
I am certain that the problem doesn't involve IRC; Googling for the specific virus name listed for Symantec on a VirusTotal scan of namecoind.exe (latest version on namecoin.info) demonstrates that the issue is Symantec's reputation system, not an IRC heuristic. It is very possible that Symantec has problems with other Bitcoin-related binaries due to IRC, but that's not the problem that my beta tester encountered.indolering wrote:After reading deeper into some of those threads, others claim that this isn't a blanket rule applied to ALL new software, as some claim. I'm also reading reports of the .3 series using IRC for bootstrapping. The rebase would help as would signing the binaries which, to be fair, we should be doing anyway
Of course charging us for the right to distribute software is utter bullshit but ....
Signing binaries with GPG or something is fine. Unfortunately signing Windows binaries in the way Symantec understands, to my knowledge requires a CA cert, which is both insecure and overpriced. There are also some reports that even signed binaries can trigger the reputation detection.