I wanted to test the Safe Web with Phishing Protection, so I found an un-Safe Web Site and Clicked on it. While, when I Clicked on it, that the Norton Tool Bar Turned to a Red X, I was surprised to see that it did not Block the Site. This is a serious error and if symantec do that get this Fixed, I may not be Re-newing my Subscription. I saw this Issue in the Safe Web Beta, and it looks like nothing was done about it.
16.5.0.134; other Versions may also be Affected
Message Edited by Floating_Red on 03-06-2009 12:22 AM
The SafeWeb site safety determination techniques involve examining many locations on a given website. The particular page you are accessing on a site may not be unsafe, but we aim to provide you with information about the overall site safety.
The SafeWeb functionality has not changed the other portions of Norton's realtime layered protection that are able to:
- block real-time webpage-delivered threats (also known as drive-by downloads)
- block display of suspected and known phishing pages (and allow users the option to continue to the site)
Thank you,
Matt Powers
Symantec Corp.
Hi, Matt,
But why allow Users to view Web Pages of a Dangerous Web Site, even if the Page the User is on, is not a Fake one? Also, what happens if that Fake Web Page does have some hidden Malware that symantec has not picked up? or if that "clean" Web Page becomes a Threat Web Page and symantec does not pick up on this? I don't like this approach; it was better that the whole Web Site got Blocked. I am focusing on Antiphishing and Safe Web, and not Intrusion Prevention Signatures, e.t.c..
I do not trust Phishing Protection in Norton 2009 Products any more; I am as well as just Turning Off Anti-Phishing as it is not Blocking Fake Web Sites. Why can't symantec make Phishing Protection like in Norton 2008 Products where it actually Blocked Fraudulent Web Sites!!
NIS 2009 is based on NIS 2008 antiphishing technology. Are you seeing a particular type of problem not detecting phishing sites?
In addition to reporting here, you can certainly use the "Report Site" link under the "Norton" button in the toolbar to directly submit website URLs you are finding to be not properly detected.
NIS 2009 is based on NIS 2008 antiphishing technology. Are you seeing a particular type of problem not detecting phishing sites?
In addition to reporting here, you can certainly use the "Report Site" link under the "Norton" button in the toolbar to directly submit website URLs you are finding to be not properly detected.
Thanks,
Matt Powers
Symantec Corp.
First of all, I am well aware that Users came "Report Site" under the "Norton" button.
Secondly, I thought the Anti-Phishing has "'Intelligent' Analysis" as well as the Black List...
Thirdly, the one I was on at the weekend, which caused me a lot of problems, was Detected as Safe from symantec! The other two had the Red X in the Tool Bar, but was still let through.
Stop taking risks, symantec, and just Block the whole Web Site if it is Fake!
Message Edited by Floating_Red on 03-10-2009 12:17 AM
I wanted to test the Safe Web with Phishing Protection, so I found an un-Safe Web Site and Clicked on it. While, when I Clicked on it, that the Norton Tool Bar Turned to a Red X, I was surprised to see that it did not Block the Site. This is a serious error and if symantec do that get this Fixed, I may not be Re-newing my Subscription. I saw this Issue in the Safe Web Beta, and it looks like nothing was done about it.
16.5.0.134; other Versions may also be Affected
Message Edited by Floating_Red on 03-06-2009 12:22 AM
I am using Linkscanner Pro that does check in realtime sites for threats. So, when I google a search, I know that any site deemed a threat is blocked by Linkscanner. It shows up as a red X just like Safe Web does.
I just viewed a Screen Shot on Google which was part of a "Fake" Web Site - which Norton did not Block. The red X came on the Norton Tool Bar and the Safe Web Report came down which said "1 Threat" was on the Web Site and had the yellow ! (Caution); surely it should have the X (At Risk). Norton Anti-Phishing does not seem to be working for me.
Also, the red X is Displayed on the Norton Tool Bar, the "Report Site" is greyed-out.
Message Edited by Floating_Red on 03-22-2009 11:23 PM
Sites are "marked dangerous" by Site Safety, but not blocked under NIS 2009.
Hi, Compumind,
If the Web Sites were Marked as "Dangerous", which clearly show they have Threats on them, then why are the Marked "Dangerous" and not "Warning" and why were they not Blocked?
And Second: If they are Marked as "Dangerous" ("!"), why does that Icon "!" not show up in the Norton Tool Bar, as currently the "X" does?
We should detect and block all the sites in 2009 that we did in 2008. There is certainly no reduction in detection or blocking. In 2008 we blocked confirmed phishing pages and still do. If it's a suspected phishing site, but we don't know for certain, or if our SafeWeb service ranking says it's a malicous site, we pop-up a warning, but don't put up an actual block page.
Not blocking based on SafeWeb ranking has been a hot topic on the forums and we will continue to revisit what we should be blocking. Since it was our first release with SafeWeb, we choose to not use it to generate block pages, and get a chance to get community reaction to the rankings. Many people seem to be sharing your opinion that a pop-up is insufficient, and that we should be much more forceful in responding to our own rankings.
We should detect and block all the sites in 2009 that we did in 2008. There is certainly no reduction in detection or blocking. In 2008 we blocked confirmed phishing pages and still do. If it's a suspected phishing site, but we don't know for certain, or if our SafeWeb service ranking says it's a malicous site, we pop-up a warning, but don't put up an actual block page.
Not blocking based on SafeWeb ranking has been a hot topic on the forums and we will continue to revisit what we should be blocking. Since it was our first release with SafeWeb, we choose to not use it to generate block pages, and get a chance to get community reaction to the rankings. Many people seem to be sharing your opinion that a pop-up is insufficient, and that we should be much more forceful in responding to our own rankings.
So, symantec thought a pop-up was enough; who on Earth thought that up with this being a huge problem and it ever-growing?
Customers buy Security Software with Anti-Phishing to Block the Fraudulant Web Pages and Web Pages which have not be Analysed yet. With Web Pages not being Analysed yet, there should still be a Full-Page Block explaining that this is a Suspected Phishing Web Site and it should be Sent to symantec Security Response, with this also being explained - like in 2008. And the same should go for Fake Web Sites, only explaining that they are Fake and you should Not Visit them. In the Suspicious Phishing Site, the Option should be given to "View the Web Page Anyway" Link.
There seems to be two issues raised in this discussion thread:
1) Why does Norton Safe Web rate some unsafe sites as yellow and some as red?
2) Why does Norton Safe Web not display an interstitial warning/blocked page when user navigates to a “red” site?
Let me try to address these two questions:
1) Norton Safe Web rates Web sites by checking for many types of security and ecommerce threats including browser exploits, malicious downloads, direct links to other unsafe sites, made-for-ads sites, sales of counterfeit goods, etc. Our rating engine assigns a rating for each site based on the threat analysis and takes into account several factors such as type(s) of threats detected, threat density, estimated number of users that have been infected by the site, etc. In short, whether the site should deserve a “red” versus a “yellow” site rating is determined based on many factors.
2) The current version of Norton Safe Web focuses on Web site reputation based on frequent analysis of Web sites. The goal is to warn users against sites that have not done a good job at protecting its visitors from online threats. The “red” rating and the drop-down warning from the Norton toolbar serve to let users know that there is an increased risk of getting infected if visiting the site. Think of it as an early warning system.
We will continue to monitor feedback from users like you to determine what improvements we should make to Norton Safe Web.
I just watched the "Identity protection" video from this Web Link: http://www.symantec.com/norton/internet-security. The video states that it "Blocks" harmful Web Sites which is mis-leading information.
Also, why is a one Web Site with "One Computer Threat" given a Red "X", and yet one Web Site with Three Computer Threats and one Identity Threat is only given a Yellow "!"?
Focusing on Number One: Isn't the "!" meant to be for Annoyance Factors? Then why is it that when one Web Site has one Threat on it that the Red "X" is Displayed, yet when another Web Site has five Threats on it, it only has the Yellow "!"? And by Threats, I mean Threats, such as Downloader, Downadup, e.t.c., and not Annoyance Factores such as Tool Bars, for example. Surely all Web Sites with Threats on them should Display the "X"?
