Thanks Paul,

Yes indeed it looks like every single version will need to be whitelisted.

It would be interesting for us to upload every release, but it looks
like it's a manual process that someone will need to take care of (at
least it doesn't look like it's a scriptable API):

It also looks like code signing would be an alternative, but from a
quick look at the page , this
mainly looks like a process to generate business for some CA with no
open alternatives.
But if someone has more experience in this area, it will be interesting
to hear insights.

I think the most sustainable approach is if

 * someone volunteers to manually upload the files after new releases
 * or possibly (if it helps...) someone sponsors a certificate


On 12/19/2016 02:36 PM, Lens Paul wrote:
> Thanks Matthias,
> I just received the answer of Symantec (Norton), here are some excerpts.
> ----------------------------
> Upon further analysis and investigation we have verified your submission
> and, as such, the detection(s) for the following file(s) will be removed
> from our products:
>     File name: qgis_bin.exe
>     MD5: 99002dab0a0525a941b4a473fe4b058b
>     SHA256:
> 5f1fe42b904298eecbb1c0bdc3cbb4a28dcbace3b1b65a250ef800d8158a4f51
>     Note: Whitelisting may take up to 24 hours to take effect via Live
> Update
> If detection persists, please contact support:
> * Norton:
> ...
> If you are a software vendor and would like to upload your software for
> proactive whitelisting, please complete one of the following forms:
> * If you are BCS customer:
> * Otherwise:
> For more information on best practices to reduce false positives:
> -------------
> Does it mean that they whitelist just one version of QGIS (in relation
> with the signature MD5)?
> Which means that every new version should also be submitted to them?
> (luckily, the procedure is easy and not time-consuming).
> They also recommend a "software vendor" procedure, which is beyond my
> understanding.
> Regards and thanks to all the developers for the marvelous development
> of QGIS,
> Paul
> Le 19/12/2016 à 12:13, Matthias Kuhn a écrit :
>> Thank you Paul,
>> We have received similar reports in the past already.
>> I think what you have done is the best approach: notify the antivirus
>> producer about false alerts as a user and provide them with the required
>> information (qgis-bin.exe etc.) to investigate the problem and update
>> the heuristics or white list accordingly.
>> With the information available from the general description of the
>> heuristics, there is normally not a lot we can do to "solve" the problem
>> from our side. If Norton asks more information, please just post again
>> either on this list or on the qgis developer list.
>> Thanks again
>> Matthias
>> On 12/19/2016 12:04 PM, Lens Paul wrote:
>>> Hi all,
>>> For info to Norton Security Users,
>>> Using QGIS 2.18.1 on Windows 7 sp1 64 bits.
>>> Norton deleted twice, without warning, qgis-bin.exe + many .py files on
>>> my computer + modified many registry entries.
>>> Message was "WS.Reputation.1", linked to the so-called SONAR function of
>>> Norton Security.
>>> This is how it works : "WS.Reputation.1 is a detection for files that
>>> have a low reputation score based on analyzing data from Symantec’s
>>> community of users and therefore are likely to be security risks."
>>> The Norton (french-speaking) Assistance  confirmed me it is a false
>>> positive. I asked them to put QGIS on the White List.
>>> NB: this is not the first time it happens for QGIS, see:
>>> Afterwards, I submitted also a demand for whitelisting, as a Norton
>>> user, on the Norton website
>>> (, where
>>> qgis-bin.exe can be uploaded for testing.
>>> I hope this will prevent any other disturbing false positive on Norton
>>> products. Any suggestion?
>>> Paul
>>> _______________________________________________
>>> Qgis-user mailing list
>>> List info:
>>> Unsubscribe:
>> _______________________________________________
>> Qgis-user mailing list
>> List info:
>> Unsubscribe:
> _______________________________________________
> Qgis-user mailing list
> List info:
> Unsubscribe:
Qgis-user mailing list
List info:

Reply via email to