namecoind issues with Norton Antivirus?

[biolizard89]

Does anyone happen to know whether namecoind is detected by Norton Antivirus? I've received a report suggesting that it may be the case. I know namecoind connects to IRC to bootstrap, and contains the code to mine currency, both of which may be associated with botnets by incompetent antivirus programs. I don't have access to Norton to test this... so I'm curious.

Thanks.

EDIT: Oh, how fucking wonderful is this. Norton identifies ANY UNKNOWN FILE as a virus. Check it out:

https://www.virustotal.com/en/file/a395 ... 390638359/
http://www.symantec.com/security_respon ... 08-1854-99
http://community.norton.com/t5/Norton-3 ... -p/1003769
http://community.norton.com/t5/Norton-I ... d-p/616601
http://www.codeandweb.com/blog/2012/06/ ... developers
http://www.mindworkshop.info/windows/th ... -positive/

Apparently Norton will silently quarantine or delete any unknown executable file that it sees, including namecoind. This would explain the massive trouble my beta tester went through on Thursday, where Convergence for Namecoin wouldn't work until he reinstalled it with Norton disabled. How in the fuck is Norton still in business with ridiculous business practices like this?

[indolering]

Apparently Norton will silently quarantine or delete any unknown executable file that it sees, including namecoind. This would explain the massive trouble my beta tester went through on Thursday, where Convergence for Namecoin wouldn't work until he reinstalled it with Norton disabled. How in the fuck is Norton still in business with ridiculous business practices like this?

Bucket-loads of money.

Try this ツ.

[biolizard89]

Apparently Norton will silently quarantine or delete any unknown executable file that it sees, including namecoind. This would explain the massive trouble my beta tester went through on Thursday, where Convergence for Namecoin wouldn't work until he reinstalled it with Norton disabled. How in the fuck is Norton still in business with ridiculous business practices like this?

Bucket-loads of money.

Try this ツ.

Reportedly it takes 1-2 weeks for Symantec to whitelist something, which means any security updates to Namecoin would have to wait 1-2 weeks for the whitelist. That's not acceptable, the only acceptable solution is to tell people to disable Norton.

[indolering]

After reading deeper into some of those threads, others claim that this isn't a blanket rule applied to ALL new software, as some claim. I'm also reading reports of the .3 series using IRC for bootstrapping. The rebase would help as would signing the binaries which, to be fair, we should be doing anyway

Of course charging us for the right to distribute software is utter bullshit but ....

[biolizard89]

After reading deeper into some of those threads, others claim that this isn't a blanket rule applied to ALL new software, as some claim. I'm also reading reports of the .3 series using IRC for bootstrapping. The rebase would help as would signing the binaries which, to be fair, we should be doing anyway

Of course charging us for the right to distribute software is utter bullshit but ....

I am certain that the problem doesn't involve IRC; Googling for the specific virus name listed for Symantec on a VirusTotal scan of namecoind.exe (latest version on namecoin.info) demonstrates that the issue is Symantec's reputation system, not an IRC heuristic. It is very possible that Symantec has problems with other Bitcoin-related binaries due to IRC, but that's not the problem that my beta tester encountered.

Signing binaries with GPG or something is fine. Unfortunately signing Windows binaries in the way Symantec understands, to my knowledge requires a CA cert, which is both insecure and overpriced. There are also some reports that even signed binaries can trigger the reputation detection.