Thanks Paul, Yes indeed it looks like every single version will need to be whitelisted.
It would be interesting for us to upload every release, but it looks like it's a manual process that someone will need to take care of (at least it doesn't look like it's a scriptable API): https://submit.symantec.com/whitelist/isv/ It also looks like code signing would be an alternative, but from a quick look at the page https://submit.symantec.com/whitelist/ , this mainly looks like a process to generate business for some CA with no open alternatives. But if someone has more experience in this area, it will be interesting to hear insights. I think the most sustainable approach is if * someone volunteers to manually upload the files after new releases * or possibly (if it helps...) someone sponsors a certificate Matthias On 12/19/2016 02:36 PM, Lens Paul wrote: > Thanks Matthias, > > I just received the answer of Symantec (Norton), here are some excerpts. > > > ---------------------------- > > Upon further analysis and investigation we have verified your submission > and, as such, the detection(s) for the following file(s) will be removed > from our products: > > File name: qgis_bin.exe > MD5: 99002dab0a0525a941b4a473fe4b058b > SHA256: > 5f1fe42b904298eecbb1c0bdc3cbb4a28dcbace3b1b65a250ef800d8158a4f51 > Note: Whitelisting may take up to 24 hours to take effect via Live > Update > > > If detection persists, please contact support: > * Norton:https://support.norton.com/sp/en/us/home/current/info > > ... > > If you are a software vendor and would like to upload your software for > proactive whitelisting, please complete one of the following forms: > * If you are BCS customer:https://submit.symantec.com/whitelist/bcs > * Otherwise:https://submit.symantec.com/whitelist > > For more information on best practices to reduce false positives: > http://www.symantec.com/content/en/us/enterprise/white_papers/b-to_increase_downloads-instill_trust_first_WP.en-us.pdf > > ------------- > > Does it mean that they whitelist just one version of QGIS (in relation > with the signature MD5)? > Which means that every new version should also be submitted to them? > (luckily, the procedure is easy and not time-consuming). > > They also recommend a "software vendor" procedure, which is beyond my > understanding. > > > Regards and thanks to all the developers for the marvelous development > of QGIS, > > Paul > Le 19/12/2016 à 12:13, Matthias Kuhn a écrit : >> Thank you Paul, >> >> We have received similar reports in the past already. >> >> I think what you have done is the best approach: notify the antivirus >> producer about false alerts as a user and provide them with the required >> information (qgis-bin.exe etc.) to investigate the problem and update >> the heuristics or white list accordingly. >> >> With the information available from the general description of the >> heuristics, there is normally not a lot we can do to "solve" the problem >> from our side. If Norton asks more information, please just post again >> either on this list or on the qgis developer list. >> >> Thanks again >> Matthias >> >> >> On 12/19/2016 12:04 PM, Lens Paul wrote: >>> Hi all, >>> >>> For info to Norton Security Users, >>> >>> Using QGIS 2.18.1 on Windows 7 sp1 64 bits. >>> >>> Norton deleted twice, without warning, qgis-bin.exe + many .py files on >>> my computer + modified many registry entries. >>> >>> Message was "WS.Reputation.1", linked to the so-called SONAR function of >>> Norton Security. >>> >>> This is how it works : "WS.Reputation.1 is a detection for files that >>> have a low reputation score based on analyzing data from Symantec’s >>> community of users and therefore are likely to be security risks." >>> >>> The Norton (french-speaking) Assistance confirmed me it is a false >>> positive. I asked them to put QGIS on the White List. >>> >>> NB: this is not the first time it happens for QGIS, see: >>> https://community.norton.com/en/forums/qgis-issue. >>> >>> Afterwards, I submitted also a demand for whitelisting, as a Norton >>> user, on the Norton website >>> (https://submit.symantec.com/false_positive/standard/), where >>> qgis-bin.exe can be uploaded for testing. >>> >>> I hope this will prevent any other disturbing false positive on Norton >>> products. Any suggestion? >>> >>> Paul >>> >>> _______________________________________________ >>> Qgis-user mailing list >>> [email protected] >>> List info: http://lists.osgeo.org/mailman/listinfo/qgis-user >>> Unsubscribe: http://lists.osgeo.org/mailman/listinfo/qgis-user >> _______________________________________________ >> Qgis-user mailing list >> [email protected] >> List info: http://lists.osgeo.org/mailman/listinfo/qgis-user >> Unsubscribe: http://lists.osgeo.org/mailman/listinfo/qgis-user > > _______________________________________________ > Qgis-user mailing list > [email protected] > List info: http://lists.osgeo.org/mailman/listinfo/qgis-user > Unsubscribe: http://lists.osgeo.org/mailman/listinfo/qgis-user _______________________________________________ Qgis-user mailing list [email protected] List info: http://lists.osgeo.org/mailman/listinfo/qgis-user Unsubscribe: http://lists.osgeo.org/mailman/listinfo/qgis-user
