Not what you were looking for? Ask our experts!
Reply
Regular Visitor
chris5567
Posts: 7
Registered: ‎06-24-2011

Bug with File Insight: not detecting digital signature

NIS File Insight mistakenly flags my MSI installer as a threat by saying it has no digital signature. 

 

After NIS File Insight started flagging my MSI as a threat, i started applying the File Insight function to a series of MSIs from various publishers. It seems only heavy weight software companies (e.g. Microsoft, Sun, Norton) knew the secret way to get File Insight to recognize even the existence of a digital signature.  

 

This is obviously a bug, and, from surfing through this message board, not a new one.  Exactly two years ago, the same issue was reported with screenshots:

 

http://community.norton.com/t5/Norton-Internet-Security-Norton/Norton-Internet-Security-Cannot-Detec...

 

Can someone please look to this bug? 

Regular Visitor
chris5567
Posts: 7
Registered: ‎06-24-2011

Re: Bug with File Insight: not detecting digital signature

It's been more than a week of emails and petitions to various departments at Symantec and still no one will address my questions. The closest I got was an email suggesting that I digitally sign my file to avoid False Positives! In other words, I'm arguing with a computer or someone who doesn't read my emails.

 

This Norton File Insight is really making things difficult for me. I'm trying  to sell my software online. I duly sign my application with a certificate issued by a trusted authority after a proper background check of my business. I'm pulling my hair out. Has anyone had similar problems with Norton File Insight or the support team at Symantec?

Regular Visitor
chris5567
Posts: 7
Registered: ‎06-24-2011

Re: Bug with File Insight: not detecting digital signature

Well, I was able to get tech support on the phone. I was told that the problem is with the website - that I have to have to submit the website to Norton Web Safe for inspection.   I said that makes no sense - how does verifying a file's digital signature relate to the website it came from? The tech support person said that verification is tied to the website.

 

Even if this is true, it still makes no sense. If I had some malware, I could just get my website inspected and then post some malware for download. The better avenue is to have Norton File Insight recognize that the file is digitally signed. It is very, very rare that malware is digitally signed with a certificate issued by a trusted authority. IE9's SmartScreen filter recognizes this (and recognizes that my MSI is digitally signed). So, what's going on?

 

 

So, I'm just waiting for my website to be verified as safe and then I'll do this ridiculous test on whether Norton File Insight will verify that file is safe only because it came from a safe website.

Regular Visitor
chris5567
Posts: 7
Registered: ‎06-24-2011

Re: Bug with File Insight: not detecting digital signature

So, my website is safe according to norton, but same old nonsense with the MSI.

 

Why isn't every small software developer up in arms about this? 

SendOfJive
Posts: 10,574
Kudos: 4,675
Solutions: 759
Registered: ‎02-07-2009

Re: Bug with File Insight: not detecting digital signature

Hi chris5567,

 

You might want to look into having your software whitelisted with Symantec.  Here is the information:

 

https://submit.symantec.com/whitelist/

Regular Visitor
chris5567
Posts: 7
Registered: ‎06-24-2011

Re: Bug with File Insight: not detecting digital signature

White-listing works for about a day. As soon as I post an update to my software, the white-listing status is gone.

 

Regular Visitor
chris5567
Posts: 7
Registered: ‎06-24-2011

Re: Bug with File Insight: not detecting digital signature

I will say one thing in Symantec's defense: they do provide some good customer support. Now that I have the correct phone number, I can get to a human pretty quickly who does try and help me out. I'm waiting on a call-back from a higher-up on this issue.

Symantec Employee
jeffw
Posts: 32
Registered: ‎05-07-2010

Re: Bug with File Insight: not detecting digital signature

Hi Chris,

 

I can confirm that digital signature verification for MSI files has been added in Norton 2012.  Until it releases, there are some other steps I'd like to take to ensure that any FP problems with your software are resolved.  Can you send me a PM with details about your site and how I can download your files?

 

Thanks,

Jeff

Regular Visitor
chris5567
Posts: 7
Registered: ‎06-24-2011

Re: Bug with File Insight: not detecting digital signature

So in the meantime your product impugns the reputation of my company? This is not acceptable.  Verifying digital certificates is arguably the single-most important step in checking for malware. Malware simply are not digitally signed with certificates issued by trusted authorities.  To not check for digital certificates is a basic flaw of Norton File Insight. And come on, this is easy to fix with a patch and it's been at least two years. This is unacceptable.