Earlier today, I updated a new program Iâ€™m trying out â€“ Seesmic for Windows, which I wrote about last week.
After the installer had updated the app, I launched it but got an alert from Norton Internet Security 2010.
Up popped a security dialog saying â€œA program is behaving suspiciously on your computer. We recommend that you choose to block and remove it.â€
As you can see in the screenshot segment (click it to see full image), itâ€™s the Seesmic app. As I know where the app came from and I did want it to run, I chose to allow it to continue.
Iâ€™m pleased the Norton product did this: thatâ€™s what itâ€™s there for. Itâ€™s one of the tools I use to protect me from bad stuff that might otherwise cause damage or be the means for crooks to take over the computer or steal content.
Yet I wonder whether the conditions that trigger a security alert like this need thinking about some more.
When I reviewed the complete security dialog, I noticed this description that gave a little bit of information on what attracted Nortonâ€™s attention to the app and so flag it as a security risk:
These may be typical behaviours of viruses or malware. Yet arenâ€™t they also indicative of legitimate apps that are new and donâ€™t have many people using them yet? Especially preview versions like the current Seesmic for Windows?
Iâ€™ve marked the app as â€˜friendlyâ€™ so hopefully it wonâ€™t trigger a security alert when I install the next update.
Yet what else could be done by either the application software publisher or the security software publisher, or both? Such an alert does grab your attention in a heart-stopping kind of way and might be pretty alarming to some people who would likely choose the recommended option and not run the app at all.
Maybe Seesmic should tell Symantec (the publisher of Norton Internet Security) about the new app. The information then finds its way into Symantecâ€™s SONAR system via LiveUpdates for the Norton product and so, when you run an app that has very few users and is very new, as Norton sees it, it doesnâ€™t set off all the alarm bells.
Software should be as smart as that surely? Or is this more about people rather than software? People are definitely smart!
[Blog] Software should be smarter http://tinyurl.com/ygamo6d #fb #in
Hobson: Software should be smarter: Earlier today, I updated a new program Iâ€™m trying out â€“ Seesmic for Windows… http://bit.ly/5FmG4m
hello Neville, this is very good feedback thank you, I will contact them and see what we can do. I appreciate your trust in Seesmic we are committed to never include spyware or any piece of crap in our software so you can keep trusting us.
this is, again, precious feedback
You’re very welcome, Loic. Hope a conversation with Symantec proves fruitful. Meanwhile, on with trying out Seesmic for Windows!
Software should be smarter – http://ow.ly/FgGC
[…] This post was mentioned on Twitter by Neville Hobson and prblogs, PIXEL FARM. PIXEL FARM said: Software should be smarter – http://ow.ly/FgGC […]
Had a pretty terrible experience with Norton Utilities so switched to Kaspersky which seems to sit much better with Windows. Norton would sell a two year subscription, yet the software would force you to upgrade to a new edition 12 months later. I trust Seesmic far more than I would ever trust Norton Virus products ever again. Great in the Windows 95 era, now totally off the map as far as I am concerned.
Hi Neville, i was interested in you piece and forwarded it on to one of my security clients as I felt their CEO might have some useful feedback:
“The correct thing is for companies to submit their application’s signature to the major anti-virus vendors for inclusion in their whitelist.
A better option would be to register a code signing digital certificate for your company with each AV vendor, and then sign your new releases and products. Then the AV vendors could just trust any applications that come from your company.” Dave Jevans CEO IronKey
Hope you find this useful feedback Neville.
Interesting that only 10 people with the software have Norton, I am a bit dissallusioned with the whole ‘anti’ industry, the sheer volume of cookies it flags up as being incredibly evil is worrying – the limitations on what cookies can do only means typically you get a few targetted ads, and frankly I would prefer the world to be better as a result of studying how people use websites …
We use Kapersky at work, but it seems to slow the computer during an update – at home I have always used AVG which I am happy with.