Norton 360 Now Comes With Crypto Mining Capabilities And Sketchy Removal Process
from the tales-from-the-crypto dept
If you're in the IT industry, as I am, and you come across someone talking about using Norton or Symantec antivirus software, as I occasionally do, it typically sends you diving for your calendar to check what year we're in. The a/v provider, once dominant in the space, has since built a reputation for itself as bloated software that is mostly effective at grinding your computer to a halt. Whether or not that reputation is deserved, the company has also had issues in the past with users claiming an inability to fully remove Norton software when attempting an uninstall. So, a checkered recent past is the point.
Which makes Norton the perfect antivirus company to rollout an update to its Norton 360 platform to allow customers to mine Ethereum with its software!
What is Norton Crypto?
Norton Crypto is a feature made available in Norton 360 which you can utilize for mining cryptocurrency when your PC is idle. Currently, Norton Crypto is limited to users with devices that meet the required system requirements.
Now, the FAQ has, as its second bullet point, a notification that this is all opt-in... but I am 99% sure that wasn't there when I first viewed it. (Editor's note: Sure enough, Wayback Machine shows that the page did not originally say that it was only opt-in -- though it also does not say that it's only opt-out). Shame on me for not grabbing a screenshot to be sure, but there were plenty of folks on Twitter who read through it and took this all as sneaky and opt-out.
This is fucking wild. Norton "Antivirus" now sneakily installs cryptomining software on your computer, and then SKIMS A COMMISSION. https://t.co/6s2otyCd78
— Cory Doctorow (@doctorow) January 4, 2022
Now, about that cut that Doctorow references. The FAQ notes that there is no software licensing fee needed to utilize this feature. It's included in your Norton 360 subscription. However, Norton also takes a 15% cut of all cryptocurrency that is mined by the user's computer. Twitter had much to say about this as well. Some see this as mostly a free money-grab by Norton, getting a 15% cut when nearly all the mining work is being done on its customers' computers. Others pointed out that, based on the price of Ethereum, current mining rate projections, and the cost of energy... using this software might actually be a net-negative revenue generator for anyone using it, due to the increase in energy consumption to keep an otherwise idle machine spending GPU cycles to mine crypto.
And still others have pointed out that there are already complaints from users of the platform over, you guessed it, a convoluted process for uninstalling the feature from their computers.
However, according to mAxius and other users, there is no way to fully opt out of the program, and you actually have to dig into NCrypt.exe in your computer’s directory to delete it.
That may not seem like a big deal, but Norton has a rocky relationship with its user base, and the company has seen controversy in the past for poor transparency and not entirely deleting files when uninstalled.
So, in summary, Norton proudly announced that it was adding a feature for users to repurpose antivirus software to mine cryptocurrency, which likely wasn't clearly labeled as an opt-in feature, in order to take a 15% cut from its own customer base when its used and which it made difficult to actually uninstall if a customer wants to be rid of it.
I'll give Norton this, at least: this is all very on-brand.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: cryptomining, ethereum, minining, norton 260, norton crypto, opt-in, opt-out, skimming
Companies: norton
Reader Comments
Subscribe: RSS
View by: Time | Thread
Not a good look
A crypto mining program that's incredibly difficult to remove, is likely to cost the computer's owner more than it benefits them but serves as a free source of money to the program owner sure sounds like something you'd want an anti-virus/malware program to find and get rid of, not install alongside with.
[ link to this | view in chronology ]
Symantec...trying to be the AT&T of software.
[ link to this | view in chronology ]
Re:
Symantec - ridding itself of those pesky subscription revenue streams, one customer at a time.
[ link to this | view in chronology ]
Aside from everything else that's wrong with this, that sentence is a crime against the English language, logic, and common sense. Never mind "required requirements", what the fuck does it even mean? It's only currently limited to users with devices that meet the system requirements? In the future, is it not going to be limited to users with devices that meet the system requirements? And wouldn't that mean that, you know, they're not actually requirements?
[ link to this | view in chronology ]
Re: Requirements
I think that sentence translates to "Required requirements are required".
[ link to this | view in chronology ]
Re: Re: Requirements
"Required requirements are required".
That's because they were acquired on the quiet.
[ link to this | view in chronology ]
I'm wondering how long it will take for other AV vendors to put in a signature that flags Norton AV downloads as a virus due to the presence of a cryptominer.
I'm pretty sure that most if not all of the reputable AV manufacturers wouldn't even consider bundling a cryptominer of all things in their install package. Is it possible that someone's shorting Norton stock with this 'feature?'
[ link to this | view in chronology ]
Re:
A long time probably, but not because it'd be the wrong thing to do, but because it would unleash a flurry of lawsuits from NortonLifeLock Inc.
[ link to this | view in chronology ]
Re:
Norton Virus should've honestly been flagged as malware ages ago. The cryptomine is just more of the same.
[ link to this | view in chronology ]
Re:
Probably never, considering the number of tech illiterate judges who would totally see this as a competitor trying to impede their competition unfairly.
[ link to this | view in chronology ]
Re:
Well see Malwarebytes in court again soon enough.
[ link to this | view in chronology ]
Since it's inception, I have thought that norton/symantec have just been extremely well-marketed viruses.
This move really just strengthens that notion.
[ link to this | view in chronology ]
Re:
Eh, if they're viruses, they're social media viruses, spreading from mouth to ear.
... hmm... that's the description of memes, isn't it.
[ link to this | view in chronology ]
The Targets,...
I trust it is obvious that Norton is targeting the young, infirm, and elderly who are "using" PCs,... "using" as defined as leaving on all the time, only checking an email, recipe, or FriendFace, then leaving unattended 'til the morrow,... basically <1-5% of the vast resource available in modern PCs; and with the hope the aforementioned are too ignorant(lacking knowledge) to realize the leach installed.
[ link to this | view in chronology ]
Oh boy, I sure don't see this ending with tens of thousands of schools, charities, churches, hospitals and small businesses ending up with massive power bills and burnt out equipment because greedy IT people turned on crypto mining on as many computers as they can in the hopes that nobody would notice.
[ link to this | view in chronology ]
Norton Software?
[ link to this | view in chronology ]
Re: Norton Software?
Not because it stopped working on January 1, 2010?
[ link to this | view in chronology ]
sighs heavily
Wow... I remember when the name Norton meant the best utilities for your computer.
[ link to this | view in chronology ]
Re:
Was it even good 20 years ago?
[ link to this | view in chronology ]
Re: Re:
Yeah it was still pretty good even then. But TAC does mention the utilities in general, and they had some pretty sweet utils. Especially pre-NT.
[ link to this | view in chronology ]
Not "anyone", but just some people. There are still lots of apartments that include electricity with the rent. (In Ontario, Canada, as an example. While landlords could theoretically put anti-mining clauses in new leases, they can't do a thing about old ones—they're not even allowed to consider utility costs anymore when applying for "above-guideline" rent increases, thanks to a former politician whom people blamed for high electricity prices and thus higher rent. Anyway, the whole reason it's included is because those apartments have no separate meters, so it's not like anyone could prove anything. I'm really surprised we don't hear landlords bitching about this.)
A corollary, though: people using resistive electric heat can mine effectively for free during cold weather (with possible downsides of poor heat locality and circuit utilization).
[ link to this | view in chronology ]
Cryptoshit keeps cryptoshitting all over the place. Between this and Square Enix saying that they think people playing games for fun should be a thing of the past as they shill NFTs, this year is off to a good start for idiocy and greed, particularly in the blockshit space.
[ link to this | view in chronology ]
Re:
The end goal for Squenix, Ubisoft and others is to have games be moneymaking and content engines like Roblox, where they don't need to pay most of the people working on their product, they have an army of underage serfs producing most of the content in the hopes of making money at some point down the line. Millions of kids more time, effort and real world money into the system gambling on collectable items, which are NFTs in all but blockchain usage. On the rare occasion they code something that makes them enough in game currency to cash out, nine times out of ten they'll pour it straight back into the game because they have poor judgement, being kids and all, with the company getting a big cut of every single transaction. It's bleak as f**k.
These companies don't want to make games, they want to be IP farms where the players do everything they should be paying professionals to do, while they sit back and watch the cash roll in. They'll still find ways to slash their workforces once a year, even when running largely on user contributions, because capitalism.
[ link to this | view in chronology ]
Re: Re:
And now Konami, of course, is getting into the NFT garbage. I’m not surprised with Konami, of course, but it’s still saddening. What else is truly saddening and maddening is the fact that Peter Molyneux’s new blockchain bullshit game has gained traction in spite of Molyneux being a pathological liar. Then there’s Kickstarter acting like the blockchain will magically make it better when they’ve provided zero use cases for how it will improve.
The blockchain space is loaded with nonsense and scams, as Mike proclaims, but the nonsense and scams are the only things that ever gain any traction because they’re the only ones with any miniscule promise of return on investment. Promises of “good” projects are eternally far off, or thinly veiled B.S. like Filecoin and Chia, which just replace the graphics cards with hard drives.
It also feels like end-users of games and services are on their own this time. Fight For The Future shilling for NFT games and the EFF looking for a crypto shill while [NFTs are made of their members’ faces](https://twitter.com/davidgerard/status/1477705714000879616], and Mozilla getting into the crypto shit as well…
It never stops, users and consumers are largely on their own, and it’s just another dose of feeling powerless in the midst of corporations and big money controlling damn near everything.
[ link to this | view in chronology ]
Re: Re:
There's this persistent idea that game development is a moneymaker industry, and/or that it's sustained by passionate people. It's technically true... just not across the ecosystem.
The truth is that any major project is built on the back of countless sweatshop workers, and they usually don't get to reap the benefits of what they've contributed to. Roblox was game development trends taken to its extreme conclusion - terrible working hours, unpaid overtime in the name of crunch, and the lingering dream of being able to get to a point where you make major creative decisions that give you the high of making an actual difference.
[ link to this | view in chronology ]
Hmmm...this might help to explain why suddenly, about two years ago, I started seeing Junk/spams admonishing me to "renew (my) Norton antivirus", just "click here". I had Norton for about ten minutes, probably around five or more years ago; I removed it immediately upon discovering it would not allow me to access the Internet (!). I had a brief experience soon after with Avast, which disallowed several Windows maintenance functions; I swore it off upon learning that Avast technical people were rude idiots. I would also watch Avast for this sort of thing, as I note two or three times per year, expected ritual C-Cleaner updates will try their damnedest to sneak Avast onto your machine, whether you want it or not. Do that to a couple hundred-thousand home machines & pretty soon you're talking Real Bitcoin!
[ link to this | view in chronology ]
Re:
Fun Fact: Avast is controlled by the chinese government (seriously) its T&Cs state that they are allowed to scan then copy and keep ANY documents on your PC and for the price of free software, you give them the copyright of any document or file you own, that they can then use for any business purpose they want without compensating you
[ link to this | view in chronology ]
I used to really love Norton, going way back to my MS-DOS days. I stopped being tempted to return when they pulled that weird auto-renew thing a few years ago.
In retrospect, it seems as though it really went south when it bought (merged with?) Lifelock, an outfit that always struck me as selling buckets of air. Maybe the Lifelock folks took over?
[ link to this | view in chronology ]
Taking bets it mines even if you turn it off, just changes the Wallet to one owned by Norton.
They've ALWAYS been shady af.
Same with McAfee and its "accidental" building of a datacenter, followed by 'accidental' activation of millions of webcams and 'accidentally' recording and storing the footage outside of US and EU jurisdiction.
[ link to this | view in chronology ]
I'm hearing that Norton's response is that the cryptominer is "integral" to the function of their software, and that they're deleting peoples' posts on how to disable it.
[ link to this | view in chronology ]
Avira is now introducing cryptominers as well.
[ link to this | view in chronology ]
Re:
You shouldn't be surprised, it's also owned by NortonLifeLock aka Symantec since last year. NortonLifeLock owns Norton, LifeLock, Avira, Thawte, Fireglass, Brightmail and MER. I predict we will soon see cryptominers in products from those companies too.
If you use products from any of the above companies I'd suggest you go and find alternatives.
[ link to this | view in chronology ]
If you're as excited about the new NFT system as I am, I recommend reading it alongside me. With https://chainers.io/, you can get a unique opportunity to create your own content in game form very easily and quickly, which is very interesting and unique because no other solution exists. As a result, it appears to be very promising, and I hope to be able to devote sufficient time to filling my niche in this industry.
[ link to this | view in chronology ]
Lost Coin Recovery Agency
It's a sad experience to lose your money to these wallets...I lost mine to Paxful in Dec 2021. A huge amount was stolen but I was lucky to recover it back after weeks of mails with no positive response from Paxful. I finally met a tech guy who tracked and recovered my trading $ with my stolen coin. If you have a similar issue, you can reach out: Jimfundsrecovery at consultant dot com.
[ link to this | view in chronology ]