• All Community
    • All Community
    • Forums
    • Ideas
    • Blogs
Advanced

Not what you are looking for? Ask the experts!

Kudos0

Norton Internet Security 2009: Norton Community Watch Submissions

Norton Community Watch (N.C.W.) Submissions keep being Submitted to symantec Security Response - when the N.C.W. Feature is Turned Off.  Want to bring this to symantec's Attention so they can Fix this.  Thanks!
Thursday, November 21, 2013: The THREATCON was changed to Level 1: Normal | Tue., Nov. 05, 2013: Zero-Day Vulnerability: Microsoft Security Advisory 2896666 | Saturday, November 09, 2013: Cyber-Criminals Serve Up A Veritable Smorgasbord Of Threats For South Koreans | Wednesday, October 09, 2013: New Internet Explorer Zero-Day Targeted In Attacks Against Korea And Japan [C.V.E.-2013-3897]

Replies

Kudos0

Re: Norton Internet Security 2009: Norton Community Watch Submissions

Norton Community Watch (N.C.W.) Submissions keep being Submitted to symantec Security Response - when the N.C.W. Feature is Turned Off.  Want to bring this to symantec's Attention so they can Fix this.  Thanks!
Thursday, November 21, 2013: The THREATCON was changed to Level 1: Normal | Tue., Nov. 05, 2013: Zero-Day Vulnerability: Microsoft Security Advisory 2896666 | Saturday, November 09, 2013: Cyber-Criminals Serve Up A Veritable Smorgasbord Of Threats For South Koreans | Wednesday, October 09, 2013: New Internet Explorer Zero-Day Targeted In Attacks Against Korea And Japan [C.V.E.-2013-3897]
Kudos0

Re: Norton Internet Security 2009: Norton Community Watch Submissions

Hi Floating_Red,

How long is the duration of the submission?

"Anyone who isn't confused really doesn't understand the situation."   Edward R. Murrow
Kudos0

Re: Norton Internet Security 2009: Norton Community Watch Submissions

There may be a little bit of confusion here. So long as Community Watch is enabled, items get queued to be sent to the servers. Once you turn Community Watch off, no more items should be queued. When those queued entries get sent to Symantec can vary and may be quite a while after Community Watch is disabled.

To restate a little differently, it is expected that you may see Community Watch submissions occur once after you disable the feature but no more times after that.

Reese AnschultzSenior Software Quality Assurance Manager, Symantec Corporation
Kudos0

Re: Norton Internet Security 2009: Norton Community Watch Submissions


Phil_D wrote:

Hi Floating_Red,

How long is the duration of the submission?


Hello, Phil_D,

   Please could you explain exactly what you mean.  Thanks!

Thursday, November 21, 2013: The THREATCON was changed to Level 1: Normal | Tue., Nov. 05, 2013: Zero-Day Vulnerability: Microsoft Security Advisory 2896666 | Saturday, November 09, 2013: Cyber-Criminals Serve Up A Veritable Smorgasbord Of Threats For South Koreans | Wednesday, October 09, 2013: New Internet Explorer Zero-Day Targeted In Attacks Against Korea And Japan [C.V.E.-2013-3897]
Kudos0

Re: Norton Internet Security 2009: Norton Community Watch Submissions


reese_anschultz wrote:

There may be a little bit of confusion here. So long as Community Watch is enabled, items get queued to be sent to the servers. Once you turn Community Watch off, no more items should be queued. When those queued entries get sent to Symantec can vary and may be quite a while after Community Watch is disabled.

To restate a little differently, it is expected that you may see Community Watch submissions occur once after you disable the feature but no more times after that.


Well, a full six to seven were Submitted in one go after being Queued a few days' ago.

Will keep "an eye" on this...

Thursday, November 21, 2013: The THREATCON was changed to Level 1: Normal | Tue., Nov. 05, 2013: Zero-Day Vulnerability: Microsoft Security Advisory 2896666 | Saturday, November 09, 2013: Cyber-Criminals Serve Up A Veritable Smorgasbord Of Threats For South Koreans | Wednesday, October 09, 2013: New Internet Explorer Zero-Day Targeted In Attacks Against Korea And Japan [C.V.E.-2013-3897]
Kudos0

Re: Norton Internet Security 2009: Norton Community Watch Submissions

Hi Floating_Red,

By duration I mean this:

Far the past few days I have had Community Watch turned off, yet I still see the CW entry under CPU usage:

Duration: 00:00:01    Ran During Idle: Yes    Status: Complete

"Anyone who isn't confused really doesn't understand the situation."   Edward R. Murrow
Kudos0

Re: Norton Internet Security 2009: Norton Community Watch Submissions


Phil_D wrote:

Hi Floating_Red,

By duration I mean this:

Far the past few days I have had Community Watch turned off, yet I still see the CW entry under CPU usage:

Duration: 00:00:01    Ran During Idle: Yes    Status: Complete


Sorry.

Yeah, mine is currently at 00:00.01.

Thursday, November 21, 2013: The THREATCON was changed to Level 1: Normal | Tue., Nov. 05, 2013: Zero-Day Vulnerability: Microsoft Security Advisory 2896666 | Saturday, November 09, 2013: Cyber-Criminals Serve Up A Veritable Smorgasbord Of Threats For South Koreans | Wednesday, October 09, 2013: New Internet Explorer Zero-Day Targeted In Attacks Against Korea And Japan [C.V.E.-2013-3897]
Kudos0

Re: Norton Internet Security 2009: Norton Community Watch Submissions

This has already been solved in a thread. You could have used the search feature instead of spamming the board.

Windows 7 Ultimate x64 SP1 -- NIS 21
Kudos0

Re: Norton Internet Security 2009: Norton Community Watch Submissions

Just got more N.C.W. Submissions with N.C.W. Off.
Thursday, November 21, 2013: The THREATCON was changed to Level 1: Normal | Tue., Nov. 05, 2013: Zero-Day Vulnerability: Microsoft Security Advisory 2896666 | Saturday, November 09, 2013: Cyber-Criminals Serve Up A Veritable Smorgasbord Of Threats For South Koreans | Wednesday, October 09, 2013: New Internet Explorer Zero-Day Targeted In Attacks Against Korea And Japan [C.V.E.-2013-3897]
Kudos0

Re: Norton Internet Security 2009: Norton Community Watch Submissions

You have any more "Pending" NCW submissions in Security History?
=\
Kudos0

Re: Norton Internet Security 2009: Norton Community Watch Submissions


Tech0utsider wrote:
You have any more "Pending" NCW submissions in Security History?
No; it says "Submitted".
Thursday, November 21, 2013: The THREATCON was changed to Level 1: Normal | Tue., Nov. 05, 2013: Zero-Day Vulnerability: Microsoft Security Advisory 2896666 | Saturday, November 09, 2013: Cyber-Criminals Serve Up A Veritable Smorgasbord Of Threats For South Koreans | Wednesday, October 09, 2013: New Internet Explorer Zero-Day Targeted In Attacks Against Korea And Japan [C.V.E.-2013-3897]
Kudos0

Re: Norton Internet Security 2009: Norton Community Watch Submissions

Just dropping in, so I apologize if I missed something at the start.  Is it possible that this submission is just the completion of data collected before you turned it off?
mijN360 2013, v.20.1.0.24; Win7 Pro, SP1 (32 bit), IE 9, Firefox 14, No other active securityware
Kudos0

Re: Norton Internet Security 2009: Norton Community Watch Submissions

Hi All

Have a look at this thread it was to do with me removing Quicktime but community watch still sending stuff a few weeks later http://community.norton.com/norton/board/message?board.id=nis_feedback&message.id=19606&query.id=375383#M19606 hope it gives you some insight!!

Cheers Mo Windows 7 64 bit, NIS2013
Kudos0

Re: Norton Internet Security 2009: Norton Community Watch Submissions


mijcar wrote:
Just dropping in, so I apologize if I missed something at the start.  Is it possible that this submission is just the completion of data collected before you turned it off?

See Post 11 and rest of Thread for more details; it has all been explained before and I don't feel like explaining it again when it has already been expalined.  :)

Thursday, November 21, 2013: The THREATCON was changed to Level 1: Normal | Tue., Nov. 05, 2013: Zero-Day Vulnerability: Microsoft Security Advisory 2896666 | Saturday, November 09, 2013: Cyber-Criminals Serve Up A Veritable Smorgasbord Of Threats For South Koreans | Wednesday, October 09, 2013: New Internet Explorer Zero-Day Targeted In Attacks Against Korea And Japan [C.V.E.-2013-3897]
Kudos0

Re: Norton Internet Security 2009: Norton Community Watch Submissions

And still getting Submissions.
Thursday, November 21, 2013: The THREATCON was changed to Level 1: Normal | Tue., Nov. 05, 2013: Zero-Day Vulnerability: Microsoft Security Advisory 2896666 | Saturday, November 09, 2013: Cyber-Criminals Serve Up A Veritable Smorgasbord Of Threats For South Koreans | Wednesday, October 09, 2013: New Internet Explorer Zero-Day Targeted In Attacks Against Korea And Japan [C.V.E.-2013-3897]
Kudos0

Re: Norton Internet Security 2009: Norton Community Watch Submissions

Floating_Red, what submissions are you seeing? Do you look at the thread that TomiRed referred to where it says you will continue to see it running but nothing is actually submitted?
Reese AnschultzSenior Software Quality Assurance Manager, Symantec Corporation
Kudos0

Re: Norton Internet Security 2009: Norton Community Watch Submissions


reese_anschultz wrote:
Floating_Red, what submissions are you seeing? Do you look at the thread that TomiRed referred to where it says you will continue to see it running but nothing is actually submitted?

Just did.

And I have double-checked; Files are still being Submitted because there is a lot of File Information in the Submission Details in the History.

Thursday, November 21, 2013: The THREATCON was changed to Level 1: Normal | Tue., Nov. 05, 2013: Zero-Day Vulnerability: Microsoft Security Advisory 2896666 | Saturday, November 09, 2013: Cyber-Criminals Serve Up A Veritable Smorgasbord Of Threats For South Koreans | Wednesday, October 09, 2013: New Internet Explorer Zero-Day Targeted In Attacks Against Korea And Japan [C.V.E.-2013-3897]
Kudos0

Re: Norton Internet Security 2009: Norton Community Watch Submissions

Thanks for the additional information Floating_Red. We've gone beyond my knowledge of the feature and I've asked somebody more knowledge to help research this.
Reese AnschultzSenior Software Quality Assurance Manager, Symantec Corporation
Kudos0

Re: Norton Internet Security 2009: Norton Community Watch Submissions

FloatingRed, could you copy your Community Watch log here into a post, so that we know exactly what we're talking about?
Windows 7 Ultimate x64 SP1 -- NIS 21
Kudos0

Re: Norton Internet Security 2009: Norton Community Watch Submissions

The research on this was a bit confusing but we found one component that can queue a lot of submissions and they can won't get dequeued some times for a number of days. We are researching ways to prevent this sort of confusion for the next major product release.
Reese AnschultzSenior Software Quality Assurance Manager, Symantec Corporation
Kudos0

Re: Norton Internet Security 2009: Norton Community Watch Submissions


reese_anschultz wrote:
The research on this was a bit confusing but we found one component that can queue a lot of submissions and they can won't get dequeued some times for a number of days. We are researching ways to prevent this sort of confusion for the next major product release.

Good to see you got back to me.

But the Submissions queuing up will still Submit, even although the N.C.W. was Turned Off.

Thursday, November 21, 2013: The THREATCON was changed to Level 1: Normal | Tue., Nov. 05, 2013: Zero-Day Vulnerability: Microsoft Security Advisory 2896666 | Saturday, November 09, 2013: Cyber-Criminals Serve Up A Veritable Smorgasbord Of Threats For South Koreans | Wednesday, October 09, 2013: New Internet Explorer Zero-Day Targeted In Attacks Against Korea And Japan [C.V.E.-2013-3897]
Kudos0

Re: Norton Internet Security 2009: Norton Community Watch Submissions


Floating_Red wrote:

But the Submissions queuing up will still Submit, even although the N.C.W. was Turned Off.


The submissions that were queued while Community Watch was enabled will still submit, some times for many days, after Community Watch has been disabled.

Reese AnschultzSenior Software Quality Assurance Manager, Symantec Corporation
Kudos0

Re: Norton Internet Security 2009: Norton Community Watch Submissions


reese_anschultz wrote:

Floating_Red wrote:

But the Submissions queuing up will still Submit, even although the N.C.W. was Turned Off.


The submissions that were queued while Community Watch was enabled will still submit, some times for many days, after Community Watch has been disabled.


Yeah.  This happened for a good few weeks - maybe even longer I can't remember - un-til I had to un-install N.I.S. 2009 for another reason.  So, I don't know how long it would have gone on had I not un-installed N.I.S. 2009.  Maybe it would have continued on and on and on un-til I Upgraded or un-til the next Build was Released; I am sure you see what am getting at here.

Thursday, November 21, 2013: The THREATCON was changed to Level 1: Normal | Tue., Nov. 05, 2013: Zero-Day Vulnerability: Microsoft Security Advisory 2896666 | Saturday, November 09, 2013: Cyber-Criminals Serve Up A Veritable Smorgasbord Of Threats For South Koreans | Wednesday, October 09, 2013: New Internet Explorer Zero-Day Targeted In Attacks Against Korea And Japan [C.V.E.-2013-3897]
Kudos0

Re: Norton Internet Security 2009: Norton Community Watch Submissions


Floating_Red wrote:

Yeah.  This happened for a good few weeks - maybe even longer I can't remember - un-til I had to un-install N.I.S. 2009 for another reason.  So, I don't know how long it would have gone on had I not un-installed N.I.S. 2009.  Maybe it would have continued on and on and on un-til I Upgraded or un-til the next Build was Released; I am sure you see what am getting at here.


I do understand what you are saying. Not to cop out, but two different teams have researched this and this is what they are telling me. I'm only the messager :) They also have it on their radar should something else become apparent.

Reese AnschultzSenior Software Quality Assurance Manager, Symantec Corporation
Kudos0

Re: Norton Internet Security 2009: Norton Community Watch Submissions


reese_anschultz wrote:

Floating_Red wrote:

Yeah.  This happened for a good few weeks - maybe even longer I can't remember - un-til I had to un-install N.I.S. 2009 for another reason.  So, I don't know how long it would have gone on had I not un-installed N.I.S. 2009.  Maybe it would have continued on and on and on un-til I Upgraded or un-til the next Build was Released; I am sure you see what am getting at here.


I do understand what you are saying. Not to cop out, but two different teams have researched this and this is what they are telling me. I'm only the messager (??) :) They also have it on their radar should something else become apparent.


Don't shoot the Messenger...?  Hmmm... 

Message Edited by Floating_Red on 01-13-2009 12:48 AM
Thursday, November 21, 2013: The THREATCON was changed to Level 1: Normal | Tue., Nov. 05, 2013: Zero-Day Vulnerability: Microsoft Security Advisory 2896666 | Saturday, November 09, 2013: Cyber-Criminals Serve Up A Veritable Smorgasbord Of Threats For South Koreans | Wednesday, October 09, 2013: New Internet Explorer Zero-Day Targeted In Attacks Against Korea And Japan [C.V.E.-2013-3897]

This thread is closed from further comment. Please visit the forum to start a new thread.