Cannot whitelist a falsely flagged APK

I have a Galaxy S8 and am learning how to deploy apps over Google Play. One of the things I noticed was that when I manually edited my APK to see if I could trigger an update from the play store, Norton flagged it as malware.

I assume this behavior is because of APK signing and by removing a TXT file from the APK, I effectively destroyed the signature. This is fine, but what I don't understand is why there is no option in Norton Mobile other than "delete".

I am using a paid subscription and on the desktop version, this feature exists. If Norton flags something as malware I can either whitelist it or delete it. Also, many of Norton's mobile competitors offer a whitelist option.

I don't want to have to send every file to Norton when I know it isn't malware. There really should be an option on the mobile version to whitelist a known APK.

As for children, that's what parental controls are for. 

Yes. But not all users are as knowledgeable as you. Some apps, like Norton, choose to develop for the lowest common denominator, so there is maximum protection by default. Not everyone wants or needs all the features you want or need. I have never been a fan of feature bloat. As most Android apps can be had for free, there should be no reason to include things that 95% of users would not user or even know about.

You can still post all your suggestions for the product in the Product Suggestions board I noted above. 

Thank you for the link, I will post the request.

As for children, that's what parental controls are for. NMS Already has AppLock which can be applied to NMS itself, preventing any unwanted changes

As much as I like Norton products, the mobile app seems like basic features were simply left out. There are many things the desktop version can do that could be added to the mobile version. For example, the firewall to block outbound connections (See "NoRoot Data Firewall") or a network scanner / monitor for seeing who's on your network (see "Fing").

I understand your desire for the whitelist/trust option in NMS. My concern is that that uninformed users, ie children, might just want to get this app they heard about and will blindly allow the app. Then they get affected by whatever payload might be in malicious app.  Just my 2 cents here.

Having said that, this might be a good suggestion for the Product Suggestions board https://community.norton.com/forums/product-suggestions

This is an APK that I'm testing using some developer tools in the Google Play Console. As I mentioned, I wanted to see if I could trigger an update by having the installed APK not match the APK that would be in the store.

As for the difference between desktop and mobile versions, I respectfully disagree. There is a competitor, Webroot, that offers a full featured product for Android, including the ability to "remove, ignore" and "don't detect this file again"

https://play.google.com/store/apps/details?id=com.webroot.security

I've been a Norton user since their old "NIS 2000" days (when the firewall (NPF) and antivirus (NAV) were two separate products) and really liked the granularity to which the user could take control (or not if they so chose).

I was honestly disappointed that the mobile version does not contain a firewall or the ability to whitelist files. I did find a firewall to block outgoing traffic on a per-APK basis without rooting my phone so I know this is possible (it even lets me block based on WiFi or 4G or both).

At any rate, I'm getting off-topic. At the very least, I would think the mobile product should offer a method to whitelist an APK if the user deems it is safe. As it stands now, when I receive the alert I cannot dismiss it even with persistent notifications disabled. I have to open the app, go to settings, toggle "persistent notifications" on and then off again to get rid of the notification.

MrSmite:

I have a Galaxy S8 and am learning how to deploy apps over Google Play. One of the things I noticed was that when I manually edited my APK to see if I could trigger an update from the play store, Norton flagged it as malware.

Is this app one you have developed and distributed through GP? Are you manually editing the APK on a PC then trying to manually install it using the 'allow unknown sources' in Android settings? If so, you are trying to bypass all layers of security. Not something users would be doing.  If you are testing, you are going to run into glitches like this. 

I assume this behavior is because of APK signing and by removing a TXT file from the APK, I effectively destroyed the signature. This is fine, but what I don't understand is why there is no option in Norton Mobile other than "delete".

I have no knowledge on how malware is detected, and Norton is not likely to make this proprietary information public. And I also do not know how to create an APK file. You may be correct, and again Norton would just be doing it's job and protecting users. For testing, you probably should not be just removing this txt file, but editing it to show an earlier version. 

I am using a paid subscription and on the desktop version, this feature exists. If Norton flags something as malware I can either whitelist it or delete it. Also, many of Norton's mobile competitors offer a whitelist option.

Desktop apps have the luxury of relatively unlimited memory and system resources to add all kinds of feature bloat. Mobile apps need to be lean to fit into the available resources.

I don't want to have to send every file to Norton when I know it isn't malware. There really should be an option on the mobile version to whitelist a known APK.

Again, I'm not sure what process developers use to publish their apps. It could be they just submit them to Google Play Store and they get scanned by Norton when downloaded by the end user. And the way white listing goes is by the developer sending the file to the AV company so they can scan it an ensure it is clean. That is how an app/APK becomes 'known'.