Software should be smarter

Earlier today, I updated a new program I’m trying out – Seesmic for Windows, which I wrote about last week.

After the installer had updated the app, I launched it but got an alert from Norton Internet Security 2010.

Up popped a security dialog saying “A program is behaving suspiciously on your computer. We recommend that you choose to block and remove it.”

As you can see in the screenshot segment (click it to see full image), it’s the Seesmic app. As I know where the app came from and I did want it to run, I chose to allow it to continue.

I’m pleased the Norton product did this: that’s what it’s there for. It’s one of the tools I use to protect me from bad stuff that might otherwise cause damage or be the means for crooks to take over the computer or steal content.

Yet I wonder whether the conditions that trigger a security alert like this need thinking about some more.

When I reviewed the complete security dialog, I noticed this description that gave a little bit of information on what attracted Norton’s attention to the app and so flag it as a security risk:

veryfewusers

These may be typical behaviours of viruses or malware. Yet aren’t they also indicative of legitimate apps that are new and don’t have many people using them yet? Especially preview versions like the current Seesmic for Windows?

I’ve marked the app as ‘friendly’ so hopefully it won’t trigger a security alert when I install the next update.

Yet what else could be done by either the application software publisher or the security software publisher, or both? Such an alert does grab your attention in a heart-stopping kind of way and might be pretty alarming to some people who would likely choose the recommended option and not run the app at all.

Maybe Seesmic should tell Symantec (the publisher of Norton Internet Security) about the new app. The information then finds its way into Symantec’s SONAR system via LiveUpdates for the Norton product and so, when you run an app that has very few users and is very new, as Norton sees it, it doesn’t set off all the alarm bells.

Software should be as smart as that surely? Or is this more about people rather than software? People are definitely smart!

Neville Hobson

Social Strategist, Communicator, Writer, and Podcaster with a curiosity for tech and how people use it. Believer in an Internet for everyone. Early adopter (and leaver) and experimenter with social media. Occasional test pilot of shiny new objects. Avid tea drinker.

  1. Loic

    hello Neville, this is very good feedback thank you, I will contact them and see what we can do. I appreciate your trust in Seesmic we are committed to never include spyware or any piece of crap in our software so you can keep trusting us.

    this is, again, precious feedback

  2. Jonathan Marks

    Had a pretty terrible experience with Norton Utilities so switched to Kaspersky which seems to sit much better with Windows. Norton would sell a two year subscription, yet the software would force you to upgrade to a new edition 12 months later. I trust Seesmic far more than I would ever trust Norton Virus products ever again. Great in the Windows 95 era, now totally off the map as far as I am concerned.

  3. Michael Lamb

    Hi Neville, i was interested in you piece and forwarded it on to one of my security clients as I felt their CEO might have some useful feedback:
    “The correct thing is for companies to submit their application’s signature to the major anti-virus vendors for inclusion in their whitelist.

    A better option would be to register a code signing digital certificate for your company with each AV vendor, and then sign your new releases and products. Then the AV vendors could just trust any applications that come from your company.” Dave Jevans CEO IronKey

    Hope you find this useful feedback Neville.

    Thanks

    Michael

  4. Gerry White

    Interesting that only 10 people with the software have Norton, I am a bit dissallusioned with the whole ‘anti’ industry, the sheer volume of cookies it flags up as being incredibly evil is worrying – the limitations on what cookies can do only means typically you get a few targetted ads, and frankly I would prefer the world to be better as a result of studying how people use websites …

    We use Kapersky at work, but it seems to slow the computer during an update – at home I have always used AVG which I am happy with.

Comments are closed.
Close