Norton 2009 SAPHIRE Revocation List

Duis mollis, est non commodo luctus, nisi erat porttitor ligula, eget lacinia odio sem nec elit. Sed posuere consectetur est at lobortis. Vestibulum id ligula porta felis euismod semper. Donec ullamcorper nulla non metus auctor fringilla. Aenean lacinia bibendum nulla sed consectetur. Cras justo odio, dapibus ac facilisis in, egestas eget quam. Cras mattis consectetur purus sit amet fermentum. Morbi leo risus, porta ac consectetur ac, vestibulum at eros. Sed posuere consectetur est at lobortis. Etiam porta sem malesuada magna mollis euismod. Cum sociis natoque penatibus et magnis dis parturient montes, nascetur ridiculus mus. Duis mollis, est non commodo luctus, nisi erat porttitor ligula, eget lacinia odio sem nec elit. Cras justo odio, dapibus ac facilisis in, egestas eget quam. Aenean eu leo quam. Pellentesque ornare sem lacinia quam venenatis vestibulum. Curabitur blandit tempus porttitor. Sed posuere consectetur est at lobortis.

So, that Update is to let the Norton Product know that that File has changed and gets re-Scanned?

Hi Floating_Red,

 

The Update is used to let the Norton Product know that a file that was previously trusted, is not tusted anymore, hence needs to be re-scanned. The file has not changed on the user’s system. I guess you wonder under which scenario a file may not be trusted anymore? A mistake for example :slight_smile:

 

 I am copy-pasting the related Q&A from Kunal’s blog…

 

Q: What if a mistake was, in fact, made?  How would you know to start scanning the file again?
A: We have implemented a revocation mechanism where clients receive a list of revoked SHA256 values via LiveUpdate. If the client has a file matching that SHA256 and is currently trusting that file, all trust is revoked, and the file is once again scanned.

  

 

Hope this helps.

 

Let me know if you still have questions.

 

Dora Karali

Sr. Product Manager, Norton Antivirus

Symantec Corporation

Hello, athena,

       So, regardless of whether the Files has changed or not, if it is un-Trusted, it will still get re-scanned, and that was what the Update does. like I mentioned in my Last Post...?

1 Like

" So, regardless of whether the Files has changed or not, if it is un-Trusted, it will still get re-scanned, and that was what the Update does."

 

This is correct. The revocation list informs the Norton Product that the file is not trusted anymore, hence it will be scanned.

 

 

Is this system foolproof? Can Norton tell if the “trusted” file was modified, for malicious purposes or was used.

Just wondering what is "Norton 2009 SAPHIRE Revocation List" Update?

 

 

Received: Tuesday, September 23, 2008

Please see the following Blog Post for information on Norton Insight (previously called SAPHIRE):

http://community.norton.com/norton/blog/article?message.uid=20642

 

Hopefully, this will give you more "insight" into this update. Thanks!