10-01-2012 03:42 PM
I represent a tax software developer with about 30,000 firms as regular customers. Recently, we've received a spike in complaints from our users that Norton Internet Security is scaring our customers away from downloading our product because the WS.Reputation.1 message.
This message apparently informs people that our software is not trusted because we're not known by Symantec as a trusted developer and the file hasn't been downloaded enough. Apparently a major factor of what is trusted is the number of downloads for that particular file name. Every time we update the program, which is often, there is a new file name and apparently our reputation "score", as Symantec calculates it, gets reset to zero. Even though we've been around since 1989.
Symantec recommends we get a digital certification, which we already have, apply to have our programs whitelisted, and submit false positive reports when there is one, all of which we've tackled.
Will it make a difference? We'll see. But my question is: If a developer the size of Microsoft changes a download's filename slightly, does Symantec give it a reputation of zero like it seemingly does to us?
I'm curious to know if big companies are treated differently than small ones, in this regard.
Solved! Go to Solution.
10-02-2012 05:31 AM
[a very unofficial response]
So far as I know the process of vetting software is the same regardless of developer. The major difference that users see is that it takes longer for a small developer's wares to become common enough to get a green light due to the smaller market.
With the recommendations that you have been given I would hope that the problem is minimal in the future.
Please keep us posted
10-02-2012 09:30 AM
Thanks for your quick reply. I can see how market size impacts how quickly something is deemed safe. Unfortunately the market we're talking about seems to include ALL software from ALL developers. That's great for multi-billion dollar corporations like Microsoft. That's bad for small, specialized developers like us even though we are well established in our market.
I wish something could be done for companies like us so that we're not presumed to be virus merchants until we reach a certain global market share, which will never happen. Particularly when it seems that each update file starts with a zero reputation score. Is that assumption wrong? Also:
1) Does digital certification make a difference as far as Norton's Reputation warning is concerned?
2) Does Norton check its whitelist for the Reputation warning?
3) Does Norton consult false positive reports for the Reputation warning?
If the answer is yes to the above questions, then I'm confident we can avoid the warning in the future. If the answer is no, then it seems Norton has put us at a competitive disadvantage against big software developers.
Just yesterday, a customer got the Reputation warning from her Norton Internet Securities and wanted a refund, even though the file she was attempting to download was clean. We tried to tell her about false positives, but she says is worried there might still be a virus in there since she saw the scary message from Norton. This customer has purchased software from us every year for several years, but not anymore.
10-02-2012 09:33 AM
Symantec considers many attributes beyond just popularity when determining a file's reputation. The fact that a file originated from a company serving Norton users and a history of releasing clean software can factor into this rating. This determination is made by an automated process, and applies to 100s of thousands of developers, both big and small. I will send you a PM to gather a few additional details, and we should be able to get things resolved.