I receive SONAR warnings when running an executable compiled with Delphi 2010 when :
1/ version info is included
2/ one of the standard Delphi routines is called
If I remove the standard Delphi routine call , no sonar is given.
If I don't include version information in the executable, no SONAR warning is given.
NIS 2009 did not give this problem (I installed NIS 2010 a week ago on my laptop). While NIS 2009 did not produce any error when compiling the project, NIS 2010 issued the SONAR warning (just as my regular PC did - I had NIS 2010 installed there for more than 1 month).
As far as I can tell, the SONAR is only issued on XP - not on VISTA (I have send the executable to a friend who has both XP and VISTA running, all under NIS 2010). All updates for XP and Delphi 2010 and NIS 2010 have been installed.
I am beginning to think the SONAR technology is not up to the standard as we expect from Norton.
I have three executables (showing an empty form and doing nothing) which I use to test. These have been submitted to the Norton virus center (where I received a message that no virusses where found). I just hope they will investigate the SONAR error a bit further.
It takes about 40 seconds before a warning issue is presented. If I accept the executable, the program runs fine. If I don't accept the executable, the newly created executable is deleted.
The problem is that I get this error everytime I compile and run my program - making the whole environment unusable for a developer as myself.
Turning the SONAR protection completely off is the only way to work.
I see, but you sont turn Sonar off completely! You see when the setting for Sonar is set to off, then you are turning off the "Advanced Mode", Sonar still continues to detect only the high-certainty threats and removes them. It ignores low-certainty threats.
So I think the solution you have is ok but just be aware that any other low-certainty threats will not be drawn to your attention.
The question I guess is whether the various user issues such as yours should be classified in the first place and high risk. Thats something I cant answer.
Symantec should solve the SONAR issue as soon as possible.
It's no problem for me to turn of the SONAR of NIS2010. The problem is more that I am not sure I can deliver software to my users.
It gives users a bad feeling when software as NIS suddenly flags an executable as suspicious. Being a professional developer, I could loose some of my clients this way.
I sure hope the Norton center will investigate my sample executables I have send them.
Plankton: I would prefer this thread to remain where it is (although a copy of it may be added to the hot issue).
I don't know by you, but seeing a thread with 16 pages of comments and replies, does not makes me feel like I'm going to read any of them.
If it makes Symantec take notice a bit quicker, please add it ... but reading through it (as I reluctandly did) does not give me much hope that Symantec is following this thread. Who makes it a hot topic ? Is it the number of replies, or is it been done by an employee of Symantec ?
Edelcom, Plankton already pointed you to an existing thread about this issue. As indicated in the last couple of comments (within that thread), SONAR is being strongly reevaluated. It is suggested that you add your linker to that thread so that SONAR can be aware of it in the future. A suggested workaround for the time being is to add your executable's build path to the real time exclusions.
Edit: Added "within that thread" to make the context clear.
Message Edited by reese_anschultz on 01-06-2010 10:07 AM
I don't know what you mean by 'add your linker to that thread'.
I believe he was suggesting you add Delphi 2010 to the thread mentioned by Plankton which is gathering a list of compilers which produce false positives in SONAR.
I receive SONAR warnings when running an executable compiled with Delphi 2010 when :
1/ version info is included
2/ one of the standard Delphi routines is called
If I remove the standard Delphi routine call , no sonar is given.
If I don't include version information in the executable, no SONAR warning is given.
NIS 2009 did not give this problem (I installed NIS 2010 a week ago on my laptop). While NIS 2009 did not produce any error when compiling the project, NIS 2010 issued the SONAR warning (just as my regular PC did - I had NIS 2010 installed there for more than 1 month).
As far as I can tell, the SONAR is only issued on XP - not on VISTA (I have send the executable to a friend who has both XP and VISTA running, all under NIS 2010). All updates for XP and Delphi 2010 and NIS 2010 have been installed.
I am beginning to think the SONAR technology is not up to the standard as we expect from Norton.
I have three executables (showing an empty form and doing nothing) which I use to test. These have been submitted to the Norton virus center (where I received a message that no virusses where found). I just hope they will investigate the SONAR error a bit further.
