Jump to content
IGNORED

Norton ConnectSafe Categorizes AtariAge.com as Scam Site


Frankie
 Share

Recommended Posts

I use Norton ConnectSafe DNS entries for my local home network. It has recently categorized atariage.com as a Scam Site.

 

I would ask that anyone reading this send an email to connectsafe_dispute@symantec.com with the

subject "Norton Connect Safe web category dispute" and voice your opinion that AtariAge.com is NOT a scam site.

 

 

To see for yourself - http://54.200.80.90/?nxdomain=http%3A%2F%2Fwww.atariage.com%2F&msgID1=11404318&AddInType=2&PlatformInfo=DNSA&Version=3.0.5&blockedDomain=

 

Frank

  • Like 5
Link to comment
Share on other sites

Yes, this is the same crap they have on their "Safe Web" product. There is a single false-positive in the attachment for this post:

 

http://atariage.com/forums/topic/214909-bb-with-native-64k-cart-support-11dreveng/

 

This attachment does not contain any malware or viruses or anything like that. It's a version of batari Basic and it's mostly source code and some command-line utilities. Uploaded nearly four years ago by a long-time and upstanding member of the community.

 

..Al

  • Like 7
Link to comment
Share on other sites

And unbelievably, still flagged by three AVs according to VirusTotal. Apparently those AVs still have not heard of mingw32 yet.

 

Antivirus software is garbage. False positives occur all the time and if you're hit as an innocent third party there's generally nothing you can do about it.

  • Like 8
Link to comment
Share on other sites

Norton's products are rubbish anyway. Just how and why their AV and security suites get retail exposure in acutal stores is a mystery to me... really, they're just running on the reputation they had in the 1980s.

The hilarious part of the whole thing is that free solutions can be had covering all the bases they do, and other companies like Avast make vastly superior products at a fraction of the price.

  • Like 6
Link to comment
Share on other sites

And unbelievably, still flagged by three AVs according to VirusTotal. Apparently those AVs still have not heard of mingw32 yet.

 

Ah, you must have been scanning the file itself. I was scanning AtariAge.com with an URL scan. Apparently their URL scan doesn't go to the linked file level.

 

I just scanned the file myself and it came out with ten hits. I don't know if there are different versions of the file posted in the thread or not; I just scanned the one from the first post.

 

post-6369-0-19807100-1493099172_thumb.png

Edited by MrFish
Link to comment
Share on other sites

phaeron nailed it. The problem is the AV manufacturers triggering on mingw32 compiled programs. (mingw32 is an open source compiler for producing Windows programs. I use this because it's free, and because I cross-compile the programs on my Linux system.) Mingw32 executables even seem to have false positives on "hello world".

 

Virus writers routinely obfuscate their payloads, so AV manufacturers seem to now latch on to the only things that aren't changing - the common shared routines, etc, in the binaries.

 

To try and help AA get off the blacklist, I've moved these programs to my own hosting.

  • Like 5
Link to comment
Share on other sites

It's not just mingw32. I had to change the Registry key for my programs a few years back because a virus scanner started detecting use of the Registry key Software\Freeware as a trojan, an utterly stupid detection rule.

 

Antivirus vendors routinely lack even the most basic of safeguards in their detection engines and release processes. How do you make an AV that quarantines c:\windows\system32\user32.dll, when it is a known critical Windows DLL in a known location with a verifiable Microsoft signature?

  • Like 4
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...