LONG STORY: Norton BSOD me when I use Truecrypt

And to respond to huwyngr's comment: in the end it is impossible to ensure that a fix works on every possible combination of hardware and software

That is not what I said ....

people seriously underestimate or ignore what is involved 

 I'm not going to argue about every comment I make but it is nice when I'm correctly reported.

Has this issue been fixed yet? 

Hello Goreski,

You misunderstood our workaround procedure. You are only to be provided with a NIS key for a limited time, as a replacement of your Norton Security product. This will be extended for as long as needed until the fix is released, but not more. We cannot provide both NIS and NS subscriptions simultaneously for a period of a year, nor is it needed, since I'm sure you will want to reinstall Norton Security as soon as possible. Please come back to me via private message so we can clarify any additional questions.

To the rest of the community:

I wanted to let you all know that we read every update on this thread so your messages are not ignored, nor is this issue. I've hesitated to post an update, because all I can say is reinforce what was said before: we are working to release this fix as quickly as we can, but if that helps in any way to reassure that we are actively working on this, then this is my update.

I will write a message here as soon as the update is out. We do understand the urgency and the concerns of all the affected customers. Do feel free to contact me by private message if you have any specific questions pertaining your account, or if there is anything I can help with.

I also wanted to thank the help provided by our community contributors and Gurus and thank those who have been patiently waiting for the new update.

Have a good day

Liliana, since you say that Symantec is reading this thread I figured I'd chime in.  I have been patiently waiting for a solution to this problem since I ran into it near the end of last year.  For me, I keep most of my financial records protected in an encrypted container and Truecrypt/Veracrypt are very common among security professionals.  I've even dealt with two rounds of talking with your completely uninformed and inept 'professionals' on Norton Chat who insisted they could fix the problem by remoting into my computer and then forcing me to BSOD it twice.  Only to tell me the fix was coming in 3-4 days and to be patient (this was about a month ago).

Unfortunately being the container for my financial records, it becomes more and more pressing as we get closer to tax time.  This moves the problem from mere nuiessence to libability very quickly, if not for you, then for for me.  Developing a fix is a matter of priorities.  If Symantec feels they have bigger fish to fry and this is a minor problem affeting a subset of customers that Symantec can continue to push off, I hope you will re-evaluate that assumption.

As a senior security engineer at a midsized technology company, we have about 1700 workstations and 500 servers running Endpoint Protection.  We also have enterprise vault and netbackup extensively deployed.  The reason we stick with it, is that it is reliable.  Endpoint Protection isn't the most aggressive product on the market, but our applications work when we need them to.  Employees ask me all the time what I use on my home equipment and I tell them Norton.  If the fix for this problem is moving to a different product (you've mentioned NIS) then I think you might consider that many of us will try other reputable products from a competitor instead.  Out of respect for your thread I'll leave them nameless, but most of them have no problem submitting their products for the head to head comparisons that Symantec refuses to participate in.  This small problem affecting a subset of customers is now impacting your reputation as a company.  I hope Symantec will step up and prioritize this, because there are reprocussions.

Thanks,

Andy

The original Windows EFS is very cumbersome and difficult to recover from in the event of a failure.  It does not appear that Bitlocker is affected, but Bitlocker wasn't really engineered to be used for containers.  So while they are both encryption systems, it's a bit more cumbersome than Truecrypt/Veracrypt for protecting smaller collections of files.  Bitlocker To Go might be the closest thing as it was meant for USB flash drives, but it also ties you to a Windows platform.  So should you ever need to access those files on another non-windows system you are SOL.

-Andy

Hello

A Prayer to the Norton Gods to fix the problem soon as it has been going on for a long time.

Hello

Scroll back to Liliana's posts. She provides a work around. PM her for more information.

Lolicon:

It would be nice if Norton could stop treating us like idiots. Truecrypt is not to blame. I've tried FolderLocker encryption and that too results in a BSOD when I try and use it. I don't know if Norton doesn't communicate with their entire consumer service staff or if Norton is just incompetent, but I am tired of seeing Norton blame Truecrypt when it's obvious that this impacts other encryption software. The work around is easy(disable auto protect and sonar since one of those two are causing this), but it gets tedious after a while and becomes pointless when Norton decides to reactivate the options. 

This (admittedly long) thread has already clearly pointed out the problem is with MANY encryption packages - TrueCrypt, VeraCrypt, SafeHouse, i.e probably any program that tries to mount a virtual disk/drive.  So we have long ago established that it is not limited to TrueCrypt.

Furthermore, while I may have missed some things along the way, I do not recall a single instance where Norton blamed TrueCrypt.  If they have done so, then I too would take umbrage at that. But I don't recall that ever happening?

Again, none of this is meant to exonerate Norton for what indeed seems an inordinately long time to fix this now well-known issue, but let's keep our facts straight at least.

floplot:

Hello

That was not the work around suggested by Liliana.

We should really stop calling this a "workaround". It's as much of a workaround as using a competitor's product with a free trial period. In fact, a prominent competitor offers a 60-day trial period for their "Internet Security" suite. At least with that, we get current technology, as opposed to last year's technology from Norton.

Secondly, asking a customer to uninstall the current version, re-install the last year's version, talking to someone to get the license extended, and THEN when the issue is fixed (hopefully before the end of 2015) re-installing the new version is not really a "workaround" in the traditional sense. If that's the case, then the competitor also offers a "workaround" for Norton's BSOD defect (and for 60 days!). 

What's most annoying about this situation is the lack of information. As paying customers, we expect a company like Norton to be more upfront regarding WHEN we can expect a solution. We all know that there are major and minor release cycles (and continuous cycles in some companies), where the dates are usually pretty well-defined. And at this point, the PM and the front-end support should have a pretty good idea (>80%) of whether the fix is going to be in the next patch and WHEN it's going to be. Pushing this information under the carpet is not very good.

For some of us, buying a different subscription from another company for $50-70 is not as bad as the time wasted in having to hunt down these issues. It simply isn't worth the time. In the future, please just be more up front about these kind of issues (and proper prioritization by the PM and timely releases of fixes would be a bonus!).

Thanks.

I am so frustrated now. I had this problem since 12/18/2014 and made my first post in this forum. Since then I have been quite, just follow this forum and hoping it will be fixed soon. I appreciate Liliana's suggestion and provides a temporarily "solution". All this time I have mounted TrueCrypt volume in read mode and turn off Norton if I want to update data.

I myself is a software developer for 30+ years, I understand the process to fix bug, regardless how obvious or simple the bug may be, Murphy's law always right. You just have to test it again and again, which takes time.  I am not criticizing it takes such a long time and still not having a fix, but I am frustrated by not knowing what to expect. l wish Norton would just give us an estimate such as 1Q, 2Q  ..... and update us frequently, so I can plan my work accordingly.

GeneJockey:

I know there are a lot of pretty good suites out there but I don't have real-world experience with many of them. Norton has always been a "comfortable" choice for me. But maybe all things must pass. 

      If I am even allowed to ask this in a Norton forum, for those who either have or are contemplating a switch of products, may I ask what you are leaning towards? 

I'm guessing specifying another company's product is against the rules and would get the reply removed and user possibly banned. However I would recommend you check out the head to head tests at av-comparatives.org and av-test.org. There are a number of products that report excellent performance and capability.

-Andy

I would like to remind the Norton staff that many of us spend hours figuring out what was the cause of our BSOD failures... Myself I installed a new drive two days before Norton started causing forced reboots... I never gave a thought that Norton was the culprit... and thus spent a couple hours trying to figure out what was wrong.  Since I do not use Truecrypt every day, I logically thought the new drive had problems though it worked normally for two days.  I was on the verge of returning it or sending it off for exchange when I used Truecrypt and bam - BSOD failure with the new drive removed. But even then I had to methodocially troubleshoot my system step by step.  Since Norton NIS worked fine, as had all Norton products for years with Truecrypt, Norton Security was the last thing on the long list of testing.

All in all, the hours troubleshooting my main computer system, hours with Norton Support, then searching  to find this Forum and realize it was indeed a KNOWN Norton failure... and having to downgrade to Norton NIS 2014, then another hour with Norton Support once the NIS expiration date magically and unexpected changed to 30 days.... I've lost quite a few hours all because Norton has a product that is defective and destructive.

That Norton has known about this problem for months is disturbing to us all.  That unknown others may be having the BSOD failure and not know it is caused by Norton should by itself be of great concern to Norton. Any such failure in a mass commerical 'protection' program should have been patched in days, not months. Yes testing takes time.  But it does NOT take months. Norton has a large and expert staff.... they know how to patch their software, and how to test it. Every company produces failures from time to time.  Fixing them quickly is how superior companies keep their reputation and their customers.

Imagine your financial data is protected by Truecrypt (or other such software) and now you cannot retrive it, update or modify the encrypted data, and yes folks it's Tax-Time... realizing the fault is with Norton is NOT self evident. 

Everyone in this forum is computer literate and knowledgeable, so image if you will, what a normal computer user faces in just trying to figure out what the hell is happening with BSOD failures caused by Norton.  When the BSOD failure happens on my computer it is stated that it is a Plug and Play failure, there is no indication what so ever the fault is with Norton Security. 

So please Norton staff, fixing our problem is URGENT, not secondary.

The few of us here on the Forum are the lucky ones who figured out Norton was to blame.  And we have by the grace of Liliana at Norton, a work-around by returning to an old Norton product. But there are many many others out there who are experiencing the Norton BSOD and just do not have the savvy to trace it down to Norton. That Norton is causing the problem IS NOT SELF-EVIDENT to the normal computer user.

Again: Fixing problems quickly is how superior companies keep their reputation and their customers.

regards to all...

Michael Gore
San Francisco

Hello phoeniynx

I am not a Symantec employee. I am another user like you are a user. I don't make Symantec's policies or come up with anything. I am just trying to help you users by trying to get a Symantec Employee involved in this thread and in that way get Symantec more involved in finding a solution to this problem. This is a user to user forum. Since I am a Guru, I did get Liliana involved in this thread and she is doing what she can to get this fixed. Her posts explain how things work.

Here is, what I actually did to finally solve the problem:

No major company who had sold you the software would make a big fuss not to pay back the purchase price to you (against invalidating the license, so you would have to purchase an alternative product; and there do exist many of them). They do not want to lose single customers, and would not risk any lawsuit. The anti-virus software market is not at all narrow, and companies from many countries compete on this market, take e.g. K******y from Russia, F-S****e from Finland or G-D**a from Germany as serious competitors, all of them selling world-wide. Thus, Symantec and any major company selling their products will not have any interest in ruining their reputation in this competitive environment.

I wrote a letter (yes, on paper!) to the seller of the Software, which was, in my case, Amazon Media EU S.à r.l., Luxembourg, demanding them to deliver a software version free of defects. In the European Union, the seller of any product has to guarantee that it is free of defects, regardless of whether he is producer or not, and that right cannot be derogated by any terms and conditions. However, according to the law, the seller has to be given the chance to deliver a product which is free of defects, which I did by that letter. Some call center agent called me up to inform me that Amazon would not code the product (which I know), and that they thus cannot deliver a product free of defects (which is clear). As I explained the situation, and made clear  that I would claim warranty rights - even in court, if necessary -, Amazon agreed to pay back the complete purchase price.

The advantage of using those rights is that the statutory and non-derogatory warranty rights against the seller last for six months since delivery (and two years, when the buyer can prove that the defect was an initial defect, which is assumed during the first six months period).

To be fair, Symantec in Dublin (which I had also written to) also had offered me to reimburse me with the full purchase price. Since Amazon was first, and I did not want to get back more than what I had paid, I asked Symantec not to pay, which they had confirmed.
 

Conclusion: (1) You are not bound to one single product, even not to one single product from one producer, (2) (a) if you seriously demand your money back, (b) claim your legal rights (which apply in your jurisdiction, and which you should know), (c) do not believe that all "terms and conditions" are valid before the law, and (3) if you can stand one or two rather explanatory than tricky call center agent calls, you will get your money back, without having to rely on some "voluntary money-back schemes" or any other generousity; (4) in particular, Symantec's reaction did not appear to me to be aggressive, formalistic or "evil" in any other way.

Symes2011  I agree that four months is too long for a fix to this problem. I have been a programmer, system analyst and database administrator in my career. I can tell you without a doubt that it should not take this long to fix this problem. An update broke this. The update changed code. Examine the changed code and determine what broke Norton's interaction with encryption software. Frankly I do not believe that they are working on this. Our next step should be to inform potential buyers of this problem in reviews on the major sellers. I purchased Norton Security before the update that broke this but buyers should be informed of this bug and the length of time it has been without a fix. 

This comment is completely besides the point...

I for one am very disappointed by Norton...

I recognize that the problem came after an update of Norton, and not after an update of TrueCrypt,

but the stability of integrated softwares is in the target, I think. Maybe she don't remember that an encryption solution is already included - so I let me remember it to her.

Anyway, to use a deep encryption third-part performing software, and in the same time demanding to a security program to decrypt it - I guess on an old Atom CPU computer - appears to me as a mad use of a computer.

@Bohr-Oppenheimer:

Always think about that: free software are given, i.e.: without a promised service after that.

In exactly this thread, many users complain about "promised service" for software which is not free.

Except if you are a secret security agent, in which case you would need a TrueCrypt without a commercial company affiliation.

There are many commercial and also private users who process data which must not be available to unauthorized persons. They might contain personal secrets (e.g. banking or other access codes), commercial secrets (e.g. drafts for new products under development or internal financial data which competitors must not know), data protected by law (e.g. data of employees, health data), or data which have to be protected in order to protect other people (e.g. data which journalists receive from contact persons - in particular in countries where freedom of press is limited). And there are enough incidents of attempts to get unauthorized access to such data. Not only "secret security agents" might decide to choose some encryption software which is not the on-board software delivered in a bundle with the operating system.

I have not read all the introductive text, but it appears to me obvious that too much encryption by definition cannot be supported by Norton, because unreadable softwares are potential threats.

Nobody here in this forum knows the technical details of the bug. But, however, a bluescreen is not a feature, but always a bug. And antivirus software produced by competitors, and also some antivirus software produced by Symantec (NIS), can handle TrueCrypt and other encryption software which leads to a bluescreen while using Norton Security.

Is there any way I could get a partial refund now that my time to get a full refund has passed?

Nobody here will be able to give you legal advise, in particular, as you have not stated which jurisdiction you are living in, what more or less fancy "terms and conditions" the seller and Symantec have tried to use in your case (when selling the software to you), and, what is most important, if such "terms and conditions" are valid or not according to the applicable law. In my case, some pressure had helped (for details see one of my earlier contributions), and I got my money back.

Hi Danmaor,

I read your previous well written post, and had much respect for you from this time. Only a question about it: Is there really a guarantee from unfree software companies, or rather from the law about them, even against any error - it appears to me as incredible to anticipate any error from some interaction, by example ?

And if we subtract the time spend for the pay-back, it is as the product was not totally paid back. Assuming it take a little hour to speak with call centers, with a small rate of 20€/hour, there should be a basic standard additional interest.

danmaor:

@Bohr-Oppenheimer:

Always think about that: free software are given, i.e.: without a promised service after that.

In exactly this thread, many users complain about "promised service" for software which is not free.

Except if you are a secret security agent, in which case you would need a TrueCrypt without a commercial company affiliation.

There are many commercial and also private users who process data which must not be available to unauthorized persons. They might contain personal secrets (e.g. banking or other access codes), commercial secrets (e.g. drafts for new products under development or internal financial data which competitors must not know), data protected by law (e.g. data of employees, health data), or data which have to be protected in order to protect other people (e.g. data which journalists receive from contact persons - in particular in countries where freedom of press is limited). And there are enough incidents of attempts to get unauthorized access to such data. Not only "secret security agents" might decide to choose some encryption software which is not the on-board software delivered in a bundle with the operating system.

I have not read all the introductive text, but it appears to me obvious that too much encryption by definition cannot be supported by Norton, because unreadable softwares are potential threats.

Nobody here in this forum knows the technical details of the bug. But, however, a bluescreen is not a feature, but always a bug. And antivirus software produced by competitors, and also some antivirus software produced by Symantec (NIS), can handle TrueCrypt and other encryption software which leads to a bluescreen while using Norton Security.

Thank you for your answer, especially your second paragraph even about some points I did not thought about. You're great! 

@Bohr-Oppenheimer:

Only a question about it: Is there really a guarantee from unfree software companies, or rather from the law about them, even against any error - it appears to me as incredible to anticipate any error from some interaction, by example ?

Surely, not every disfunctionality can be regarded as a defect, but a substantive disfunctionality can. And my position is that we are talking about a substantial disfunctionality here. As I feel quite sure that there is no judgment of any higher court in the world where the court had decided about "Norton BSOD me when I use Truecrypt", no lawyer in the world could give you any guarantee on the outcome of legal proceedings.

And please do not forget, I was talking about purchasing the software when it was already defective in the latest updated version (with the bug). So I only had to find arguments that the software which I had bought is originally defective. Usually, the seller cannot be held responsible for updates. Thus, for example, if you buy a smartphone, the seller is only responsible for its functioning at the time it is taken out of the box. As I said, Norton Security was defective when it came out of my box. So I did not have to worry about that point.

With antivirus software, I think there are reasons to claim a difference to my smartphone example: Without updates, the software is useless. So you buy the software core engine, as it is (and which you indeed may use indefinitely), and you also enter into a services contract, to update antivirus definitions, and the engine code, to the latest requirements - those updates are not provided out of generosity (different to the smartphone example), but essential. But whom are you entering the services contract with? It would rather not be the seller, but the producer of the software. The seller only conveys the contract with the producer to the buyer. So, in case it is an update which causes problems, the contract terms with the producer are applicable. They may or may not contain fancy rules ("provided as is", "without any guarantee", "law of the State XY applies", "arbitration in wonderland"), but those terms may not be valid.

And here, it depends on the legal order of your jurisdiction. In jurisdictions with strong consumer protection, as e.g. the EU, the producer's lawyers could write anything into the terms, but, however, they would not be able to arrange non-liability for providing defective updates as services. In other jurisdictions, ideas like "if you are contracting with an unreliable partner, it is your problem" might prevail.

And it is also true that the effort which has to be taken is a relevant factor. In my case, I could simply sue the seller and Symantec at the law court just around the corner, for nothing more than a nominal fee, which I would even be reimbursed in if I win, and without having to take and pay an extra lawyer.

Having said all this, the answer to your question is: "It depends". :-)

List of reported NORTON SECURITY (after the v22.1.0.9 update 12/11/2014) BSOD and rebooting Software problems in just this single Thread...

Note: all worked well under prevous Norton versions. Thread started December 13, 2014

Truecrypt disk encryption

Kaspersky Kryptostorage

VeraCrypt 1.0e

Boxcrypt and BoxCryptor

Cryptainer

SoftPerfect RAM Disk

TNTDrive

Steganos Safe V16

SafeHouse

Symantec Encryption Desktop - Powered by PGP (v10.3.2MP7)

Livedrive encryption

MS Office 2010  (uses a virtual drive)

various Cloud Storage drives

I'm sure there are more in other threads...

Interesting -- I must see what ISC has to say ...

Noted this:

Microsoft has issued advice about ways to remove the vulnerability from some of its software but said applying these fixes could cause "serious problems" with other programs. It said it was working on a separate security update to remove the vulnerability.