• All Community
    • All Community
    • Forums
    • Ideas
    • Blogs
Advanced

Not what you are looking for? Ask the experts!

Kudos0

Archive.org's "wayback machine site" (waybackmachine.org) branded an attack site by Norton?

I've used Archive.org for years to check previous versions of websites I've worked on and with.  It uses waybackmachine.org to find and display past site versions.  I just checked it this morning and NIS 2011 is claiming it's an attack site.  Is this correct?

http://safeweb.norton.com/report/show?url=http:%2F%2Fwaybackmachine.org%2F

I have a hunch the issue is that waybackmachine.org has archived some sites that had previously turned out to be attack sites.  But that isn't an excuse to brand waybackmachine.org as itself an attack site anymore than it would be right to brand Google.com as an attack site for having cached pages that might have malicious code in them...

Replies

Kudos0

Re: Archive.org's "wayback machine site" (waybackmachine.org) branded an attack site by Norton?

Basically, you proceed if you think it's worth the risk.

Kudos0

Re: Archive.org's "wayback machine site" (waybackmachine.org) branded an attack site by Norton?


TheRyanable wrote:

Basically, you proceed if you think it's worth the risk.


Umm... but it isn't a risk.  That's the point.  Maybe you don't mind your AV software branding harmless sites as "attack sites" but I certainly do.  For that matter, as a webmaster I think it's a terrible practice to brand harmless sites as "attack sites".  How would you like it if someone tacked a sign up in front of your place of business telling your customers "Warning: this store is contaminated with the plague?  Would your response be "Basically, my customers will come in if they think it's worth the risk"?

Kudos0

Re: Archive.org's "wayback machine site" (waybackmachine.org) branded an attack site by Norton?


Zookeeper wrote:

I have a hunch the issue is that waybackmachine.org has archived some sites that had previously turned out to be attack sites. 


Okay, would it be acceptable to tack up a sign at my place of business that says, "Everything's fine, except right over in that corner where I've got the plague stored away?"

Kudos0

Re: Archive.org's "wayback machine site" (waybackmachine.org) branded an attack site by Norton?

OK then, I guess that Google.com should be labled as an attack site as well since it no-doubt not only unwittingly links to sites that are attack sites, but also caches their pages - essentially what Archive.org does. 

So, does Norton have the cajones to label Google an attack site under the exact same standard as they label Archive.org?  I kinda doubt it.

Kudos0

Re: Archive.org's "wayback machine site" (waybackmachine.org) branded an attack site by Norton?

Okay, I don't know what to tell you. Have you tried to contact Symantec directly? They're very helpful and can probably provide an answer.

I don't think it's a matter of fighting with wayback or google as much as it is probably a threat assessment that was made and acted on. Yes, google caches their pages and there is definitely malicious code somewhere in the vastness of all that, but there is a world of difference between the two.

But also there's nothing preventing YOU from going to that site. And if you owned the site, there are many ways to get in touch with Norton to resolve the issue.

So unless it's something other than "bag on Norton" time, I guess that's as far as I'm willing to go with this thread.

Kudos0

Re: Archive.org's "wayback machine site" (waybackmachine.org) branded an attack site by Norton?


TheRyanable wrote:

So unless it's something other than "bag on Norton" time, I guess that's as far as I'm willing to go with this thread.


It's not "bag on Norton".  It's "a Norton customer reporting a bad practice of Norton".  Is this the wrong place to talk about this (here in Norton's forums)?  Or are we just supposed to embrace false-positives as acceptable? 

You're right, there's nothing actually preventing me from going to that site.  Strictly speaking, there's nothing preventing me from ignoring any false-positive.  I just don't think that the antivirus product that I paid for should be giving me false reports about a long established safe site.  But if you don't care about false positives or care whether or not your security product is making false accusations against safe sites then "Okay, I don't know what to tell you."

Kudos0

Re: Archive.org's "wayback machine site" (waybackmachine.org) branded an attack site by Norton?

Zookeeper,

Your link shows that the site is rated safe by Norton, so I'm not sure what site rating you are taking issue with.  The only related site that I could find is classic-web.archive.org,, apparently a mirror site for The Wayback Machine, which is rated dangerous - but it is hardly a case of a few links to malicious sites.  It's more like a buffet of malware, including some of the worst threats imaginable, such as Virut.  Norton cites 166 threats, some of them quite horrible, so I wouldn't second guess the rating for this site.

http://safeweb.norton.com/report/show?url=http:%2F%2Fclassic-web.archive.org%2F

Accepted Solution
Kudos0

Re: Archive.org's "wayback machine site" (waybackmachine.org) branded an attack site by Norton?


SendOfJive wrote:

Your link shows that the site is rated safe by Norton, so I'm not sure what site rating you are taking issue with.   


At the time I posted it was being rated as an attack site.  Note the three reviews to the right on that page (you may need to scroll down to see them).  I didn't write any of those but clearly others found the same problem.   Note that the most recent review was 18 days ago (as of May 6) so the report was corrected in the last two weeks or so.

Looks like Norton has recognized that they were in error with their earlier rating.  Glad to see they've fixed it! 

Kudos0

Re: Archive.org's "wayback machine site" (waybackmachine.org) branded an attack site by Norton?


Zookeeper wrote:

TheRyanable wrote:

So unless it's something other than "bag on Norton" time, I guess that's as far as I'm willing to go with this thread.


It's not "bag on Norton".  It's "a Norton customer reporting a bad practice of Norton".  Is this the wrong place to talk about this (here in Norton's forums)?  Or are we just supposed to embrace false-positives as acceptable? 

You're right, there's nothing actually preventing me from going to that site.  Strictly speaking, there's nothing preventing me from ignoring any false-positive.  I just don't think that the antivirus product that I paid for should be giving me false reports about a long established safe site.  But if you don't care about false positives or care whether or not your security product is making false accusations against safe sites then "Okay, I don't know what to tell you."


I give you a soft round of applause, my friend. Your rhetoric is astounding.

This thread is closed from further comment. Please visit the forum to start a new thread.