Norton ConnectSafe Categorizes AtariAge.com as Scam Site

[Frankie]

I use Norton ConnectSafe DNS entries for my local home network. It has recently categorized atariage.com as a Scam Site.

 

I would ask that anyone reading this send an email to connectsafe_dispute@symantec.com with the

subject "Norton Connect Safe web category dispute" and voice your opinion that AtariAge.com is NOT a scam site.

 

 

To see for yourself - http://54.200.80.90/?nxdomain=http%3A%2F%2Fwww.atariage.com%2F&msgID1=11404318&AddInType=2&PlatformInfo=DNSA&Version=3.0.5&blockedDomain=

 

Frank

[Albert]

Yes, this is the same crap they have on their "Safe Web" product. There is a single false-positive in the attachment for this post:

 

http://atariage.com/forums/topic/214909-bb-with-native-64k-cart-support-11dreveng/

 

This attachment does not contain any malware or viruses or anything like that. It's a version of batari Basic and it's mostly source code and some command-line utilities. Uploaded nearly four years ago by a long-time and upstanding member of the community.

 

..Al

[phaeron]

And unbelievably, still flagged by three AVs according to VirusTotal. Apparently those AVs still have not heard of mingw32 yet.

 

Antivirus software is garbage. False positives occur all the time and if you're hit as an innocent third party there's generally nothing you can do about it.

[_The Doctor__]

so Now as a community, we must flood all av sites with false positive reports to get it removed from the list.

[Atari Nut]

Agreed

[Rybags]

Norton's products are rubbish anyway. Just how and why their AV and security suites get retail exposure in acutal stores is a mystery to me... really, they're just running on the reputation they had in the 1980s.

The hilarious part of the whole thing is that free solutions can be had covering all the bases they do, and other companies like Avast make vastly superior products at a fraction of the price.

[santosp]

I like this Scam Site.

[+MrFish]

And unbelievably, still flagged by three AVs according to VirusTotal.

 

That's odd; I just did a scan and it came up clean. Fixed already?

 

 

[DavidMil]

Seems to me that the scamming is on the other end! Buy something from Norton and see how fast they come out with an update

that you always have to pay for!

 

David

[+MrFish]

And unbelievably, still flagged by three AVs according to VirusTotal. Apparently those AVs still have not heard of mingw32 yet.

 

Ah, you must have been scanning the file itself. I was scanning AtariAge.com with an URL scan. Apparently their URL scan doesn't go to the linked file level.

 

I just scanned the file myself and it came out with ten hits. I don't know if there are different versions of the file posted in the thread or not; I just scanned the one from the first post.

 

Edited April 25, 2017 by MrFish

[_The Doctor__]

I am sure if contact is made they can explain what they believe is detected and can take a look to further assess the file.. Might be interesting to see what they dig up.

[RevEng]

phaeron nailed it. The problem is the AV manufacturers triggering on mingw32 compiled programs. (mingw32 is an open source compiler for producing Windows programs. I use this because it's free, and because I cross-compile the programs on my Linux system.) Mingw32 executables even seem to have false positives on "hello world".

 

Virus writers routinely obfuscate their payloads, so AV manufacturers seem to now latch on to the only things that aren't changing - the common shared routines, etc, in the binaries.

 

To try and help AA get off the blacklist, I've moved these programs to my own hosting.

[The Usotsuki]

"Norton Virus"

 

May have been good in the MS-DOS era, not anymore.

[phaeron]

It's not just mingw32. I had to change the Registry key for my programs a few years back because a virus scanner started detecting use of the Registry key Software\Freeware as a trojan, an utterly stupid detection rule.

 

Antivirus vendors routinely lack even the most basic of safeguards in their detection engines and release processes. How do you make an AV that quarantines c:\windows\system32\user32.dll, when it is a known critical Windows DLL in a known location with a verifiable Microsoft signature?