Norton Malware alert in the nrf Connect for SDK in the VS Code

Hi,

This seems to be a problem with false positive in Norton. I am afraid we cannot do much about that on our end, but perhaps contact them?

This is the list that what happended until now.

Do you believe that every item in the list are Norton "false positive"?  Does the Teams responsible for the nrf Connect SDK do a "virus/malwre scan" in the content before release it?

Well, I am not very confortable now but I putted the "c:\ncs\*" in the Norton Whitelist.  I would like to be sure that this nrf Connnect SDK is safe.  

I am waiting your answer.

Regards,

Claudio

This is the list that what happended until now.

Do you believe that every item in the list are Norton "false positive"?  Does the Teams responsible for the nrf Connect SDK do a "virus/malwre scan" in the content before release it?

Well, I am not very confortable now but I putted the "c:\ncs\*" in the Norton Whitelist.  I would like to be sure that this nrf Connnect SDK is safe.  

I am waiting your answer.

Regards,

Claudio

I see. My only suggestion is disabling Norton while building and contacting Norton about these false positives so that they can look into it.

I already did the Norton disable scan  for "C:\ncs\*", but you didn´t answer my question:  Do you scan for virus/malware before the content is released?

Hi,

Nordic does not scan for virus/malware. Toolchain comes directly from upstream Zephyr with some added nordic tools, and is zipped and published without any changes to the existing tools.

PS: For reference, only 3 of 72 tools flag riscv64-zephyr-elf-cpp.exe as suspissious.