Glad I dumped it...
It caused enough battery drain without it doing so intentionally.
Norton antivirus's inbuilt cryptominer has re-entered the public consciousness after a random Twitter bod expressed annoyance at how difficult it is to uninstall. The addition of Ncrypt.exe, Norton 360's signed cryptocurrency-mining binary, to installations of Norton antivirus isn't new – but it seems to have taken the non- …
It looks like Peter has since he sold the company in 1990 been a philanthropist. No naughty stuff listed in his Wikipedia entry:
So taking 100% of the profits from surreptitiously installing a bitcoin miner is bad, but taking 15% is not bad?
There's no point in them saying 'but it's opt-in' or 'but we tell you during install'. They know full well that it's going to be ignored. And because it's not a normal part of any security suite, who would expect it to be there anyway? I know I wouldn't. It's disingenuous and they know it.
Typical of that poisoned brand anyway. For the last 18 years or so, it's been a scam. I remember I bought Norton 2003 for resale to customers and it was just about OK. After that, it got to be the resource hog and scam-monster it is today.
It's been a long time since I ran into a PC with Norton on it. But was/is Norton the one you have to sign into your online account to find out if your antivirus is about to expire?
I really found that annoying when I'm fixing a PC and can't tell the user they need to upgrade their antivirus soon. I never recommended Norton because of that.
It used to tell you how many days were remaining on your subscription at the bottom of the My Norton window, now it just says whether it's active or not. You have to click on it to take you a panel with the expiry date
Yes, because people buying powerful hardware will not at all mind that 60% of the power they purchased will be going towards "mining" funny money pyramid scheme bullshit.
The entire professional world has lost its mind (along with the rest of us). NASA lost the Shuttle to beancounters, Internet companies are losing it to marketroids.
STOP HIJACKING MY PC WITH YOUR BULLSHIT EXCUSES !!
IT'S MINE, NOT YOURS !!
Please excuse this outburst of bombastic bob-levels, I'm off to get myself a whisky to calm me down.
Nurse ? Mine's the one with the flask of JD in the inner pocket.
Never mind the computing resources it uses – the literal power is a potential real-world problem. Having been playing RDR2 quite a lot over the "festive" season* I was actually able to see the difference in my electricity bill resulting from the additional ~120W used by my graphics card running at full tilt rather than just ticking over (it also kept my feet warm). If you're paying the electricity bill, mining on non-specialist hardware in the UK is probably a net cost at the moment.
(*Due to a positive Covid test and mandatory self-isolation.)
> been playing RDR2
I loved him and CDP0 in Star Walls.
I didn't realise you could play him now -- you must be quite small.
> mandatory self-isolation
I saw all those UK protestors on the news demanding isolation for every house to save the endangered climate change. So they succeeded and it's mandatory now? Does this mean you've saved climate change from extinction?
----> icon
"(it also kept my feet warm)"
As my contribution to reducing my carbon footprint my laptop is left running all day - as background heating while the gas central heating is turned off. Room temperature of 10C requires wearing three pairs of socks in my hiking boots - indoors. My electricity supplier prides itself on renewable sources. During the summer the gas boiler pilot can be switched off too as mains tap water is "warm" enough***.
***back to my childhood conditions.
IT'S MINE, NOT YOURS !!
Careful now ... you don't own any software (even linux stuff is riddled with stuff you don't own). if you have a fruity machine .. they 'think different' about ownership. and even if you built your own box from parts : you don't own the bios, drive firmware ,mouse and keyboard firmware and many other hidden bits and bobs.. and do you really know what that supervision processor is doing in your intel chip ?
Unless you soldered the thing together from blank parts and wrote (or only use open source firmware) , someone has his sticky fingers in it...
Let us agree to disagree.
First of all, I'm not talking about software. That's a minefield I will not go into. But the hardware is MINE. There is no discussion about that and I don't need to know about hidden bits and bobs to know that I bought it with my money and it BELONGS TO ME.
Just like my car. I have no notion of automotive engineering, but if I want to put a spoiler on it, it is MINE, so I can.
You, however, have no right to hop over and install a spoiler without my permission. Yet, because we're talking about software in the end, Norton believes that it does have permission.
Well it doesn't.
Not in my world.
There's a local "character", Disco Kenny(*), with whom conversation is interesting. A regular interjection in his word stream is "World's gone mad, mate". I see
offering Ethereum mining as part of its antivirus suite
and find myself agreeing with him.
(*) Google for more information.
This post has been deleted by its author
From the GSD entry GSD-2022-1000002 (https://github.com/cloudsecurityalliance/gsd-database/blob/main/2022/1000xxx/GSD-2022-1000002.json)
Norton AntiVirus now includes an Ethereum crypto miner that has several problems including deceptive rewards program and difficulty in uninstalling it.
Norton keeps 15% of all Ethereum mining proceeds and "pays" the remainder into a users "Norton Crypto Wallet" which is hosted by Norton. It should be noted that the Norton Crypto Wallet cannot be used to make Ethereum transactions, but can only be used to transfer value to a Coinbase account once a certain minimum threshold of value is accrued. The Norton crypto mining and Norton Crypto Wallet are effectively a gift card system where the money can be withdrawn, but not unless a certain balance is available. It should also be noted that the Norton Crypto mining software is reportedly very difficult to uninstall, requiring administrative level privileges, and even then reports indicate effective removal is difficult.
I’m currently at CES, showing some new technology.
I thought the only virus-related thing that would intrude on my week would be this covid thing that seems to be popular right now, but noooo….
We have a number of PCs and laptops here to run our presence - digital signage, tech demos etc - and on at least half of them I’ve had to waste my time removing Norton or McAfee products, on account of their mania for popping up on the screen at inopportune times - “Would you like to renew your subscription?”, “Install our browser plugin?” etc etc. Aaargh. If I could get hold of the eejit that prepped these machines…
We have a number of PCs and laptops here to run our presence - digital signage, tech demos etc - and on at least half of them I’ve had to waste my time removing Norton or McAfee products, on account of their mania for popping up on the screen at inopportune times - “Would you like to renew your subscription?”, “Install our browser plugin?” etc etc. Aaargh. If I could get hold of the eejit that prepped these machines…
I sympathise, I once manned a stand at a trade show and found myself unable to play the video files I had been supplied with. This was because some idiot had done them as an incompatible format for the flat screen tv we had. I spent the last of the set up/construction days converting the files on the worlds slowest phone (mine) because the laptops hadn't arrived by that point. MD turned up midway through the day and asked what I was up to. I explained and he sighed got his phone out, dialled a number and said to whoever answered it "We employ idiots in your department" then hung up.
He had apparently called the Marketing Director and berated him. The marketing team had been the ones who supplied the videos. Despite them having been told the model of the TV and the formats supported they'd ignored it. MD then called to find out where the laptops were. He liked my ingenuity in using my phone to convert the files in the absence of anything else. Then he went off for a good lunch at the nearest decent pub and left me to my own devices and my own lunch.
Heh heh. That’s genius, and I’m sure it made you popular with the marketing director!
I did a show in London once where as our local VP arrived to do his tour of the very expensive booth, I was up a stepladder gaffer-taping CAT5 cables to the booth structure. The reason why, I had to explain to him, was that the numpties who’d built the booth had laid out all the cabling on the ground, to every location where it’d be needed. And had then built the entire booth right on top of the cables. Crushing every single one. When we were allowed onto the booth, scant hours before go-live, I wasted precious time terminating, testing, rejecting, re-terminating, etc etc, before realizing the root cause.
Didn’t allow myself to get too cross with the stand builders though. Never argue with a man who has a nail-gun, claw-hammer, and knuckle tattoos. Oh, and who is busy rolling up acres of temporary carpet for disposal…
Luckily Amongst all the other cables in my bag I had an OTG one. The metal covered USB stick really got hot doing it. I remember trying various different unusual methods to cool it with available materials. Marketing were not the most popular bunch in the company. I’ve seen a couple of crushed (and one sliced clean in half) network cables in my time and I know what you’ve been through
Sorry. Is this an early April Fools Day joke?
From experience, there isn't any processor time left after Norton starts doing its "security" tasks anyway. And surely no one with a powerful machine installs this? I only ever find Norton\McAfee on the low hanging fruit where it comes "for free" with the machine...
Just so many questions as to who thought this was a good idea? Wow!
"Norton 360's... cryptominer... is tricky to delete"
When I was on tech support, removing Norton in any part or form was 'tricky' at the best of times.
In many cases, it was necessary to download a specific removal tool from Norton directly to get it off (and there were several variants even of that). And things got a whole lot worse if someone had activated that ridiculous system Norton had at one time which took over the boot process. That thing was quite capable of bricking someone's machine if it went titsup (and it quite often did).
When that happened, the only way of helping people was to send them the necessary boot disk (also from Norton) that alleged to put things right and remove it completely. Back then (early noughties) people tended to have one computer so only the one means of accessing the internet to download anything.
As an aside, I get a giggle when I clear out my spam folder periodically and scan down the list of subject headers: 'LAST WARNING: Your Norton Subscription is About to Expire' or 'Your Norton Subscription Has Expired'. Also McAfee.
Yeah, right. Like I have ever had any Norton installation files on any machine I've owned.
If anyone ever called about the Norton Suite preinstalled, I told them not to activate it, to delete it, and get AVG Free instead.
AVG Free is owned by Avast, who have also just been bought by NortonLifeLock, and which is also including it's own cryptominer software. The same company is also in talks with Avira I believe, anyone want to bet what will happen if they buy them as well?
Norton antivirus'sThe Register's inbuilt cryptominer...
https://www.theregister.com/2017/04/01/invisible_bitcoin_paywall/
There was once a rumor that most of the computer viruses were written by the AV companies themselves to generate sales. A kind of standover operation.
I think we have proof here that this is really true. For once, the paraniod were really correct.
Anyone think that the Norton name has any residual goodwill left? Peter Norton himself, yes, but the software bearing his name?
"There was once a rumor that most of the computer viruses were written by the AV companies themselves to generate sales"
No. The rumour, since apparently backed up by evidence, was that they were written by one specific AV company - McAfee. Or Kaspersky, if you were an anti-Russian racist who believed what John McAfee told you.
"Anyone think that the Norton name has any residual goodwill left?"
Fans of old English motorbikes?
There was a time when a Norton Utilities floppy was really useful. I believe I've even got a dusty copy of Peter Norton's MS-DOS book somewhere (probably alongside "Programming the Microsoft Mouse" ...). The rot set in when he sold to Symantec (1990 according to the font of all knowledge) who, even then, had built a reputation for bloat and system hogging and were only installed by lazy corporates and IT numpties.
The Ghost partition or whole disk erase could be booted off a W98 floppy. Very useful to wipe disks before returning kit to IT support - who tended just to reprime the disk for another user.
Still use it occasionally with a USB floppy or bootable CD - as long as the BIOS disk controller can be set to "IDE". Use BCWIPE and ERASER too - but they tend to be restricted to use on a dedicated PC.
"There was a time when a Norton Utilities floppy was really useful."
Indeed....I remember getting hold of Norton Utilities v4.5 (this is pre-Symantec) - SpeedDisk was a great defragger, Norton Disk Doctor saved me (and some work PCs) a few times, plus lots of other "neat" programs that had simple functions missing from DOS which was very basic
And then there was PC Tools and Xtree....both great file/disk managers...and you could fit them all of them on a single 1.2Mb 5 1/4" floppy too.
There has been malware that installs bots on computers for a long time. Anti-malware programs like Norton try to block them, often with success. In this case Norton is installing a bot that works for Norton. Yes, the owner of the Norton license gets most of the money, but that does not change the fact that Norton is using its customers' computers to make money via crypto mining. This is a clear conflict of interest. At the very least, the opt-in policy should be much more explicit, and the executable should not even be downloaded unless the user explicitly agrees.
The is one of the reasons I use Windows Security instead of a third-party anti-malware program. Microsoft's motivation is to protect the reputation of Windows, and that's it. The third-party tools are scrambling to make a dollar and will occasionally do this sort of drive-by install.
make a simple one.
This software is licenced for usage on x machines . it is not sold : you may use it but do not own it, you cannot resell it. The program is best-effort and may not cover every possible usage case. you will not sue the manufacturer for anything that could be cause by the use or misuse of this program. The program contains technology developed and protected by various means (copyright, trademark, patents). you may not disassemble or peek under the hood (except where allowed by law) . The manufacturer certifies the program only does what is advertised and does not contain any non-declared functionality (spyware). By installing and using the program you accept these terms
what more does there really need to be in there ?
"Norton Crypto is an opt-in feature only and is not enabled without user permission."
Perhaps they can show us the dialogue where the customer sees a clear explanation of this function, and then ticks or selects to activate it? Obviously not, what they really mean is "it was buried in the EULA, which only had accept & refuse options". Honestly, who could trust such a scummy company with their IT security?
Bit like some recent TVs that pop us several EULA windows on first boot, for you to accept before you can use the TV.
But one of the EULA is for advertising, but you have to read through it to figure that out, and if accepted, it enables adverts in the EPG.
You can choose to decline that specific EULA, but how often is that ever an option? So most people assume you need to accept to continue, without realising you can actually decline and not get the adverts!
To me, these type of questions should be explicitly asked, not hidden in a block of text in the EULA.
i.e. something like:
Step 1: Do you want to enable adverts? Yes/No (or Crypto etc).
Step 2a: If No selected, don't enable and move to Step 3.
Step 2b: If Yes, show the advertising EULA, and allow acceptance or rejection.
Step 2c: If Accepted, enable adverts, go to step 3.
Step 2b: If rejected, do not enable adverts, go to step 3.
Step 3: Next part of the set-up.
Except for the basic underlying issue
Why the f*** do "I" need an EULA to use the TV I bought and legally own. Its mine. I never bought a licence to use the TV, I bought a TV.
And any EULA would be unenforceable as the EULA was never displayed at purchase. And I doubt no salesperson - ever - bought the existence of an EULA to a customers attention at time of purchase.
Over the last few years I've found it installed on enough PCs and laptops to know plenty of people still use it. Without the crypto stuff enabled, it isn't any worse a drag on resources than any other consumer AV software - if you're not still using something you built in the early 90s.
And in terms of performance/protection, pretty much all mainstream, commercial AV suites are more or less equal - which is to say slightly better than having Windows Defender but a long way short of having real endpoint s/w and h/w protection.
What I find funny though is how people are proudly stating they ditched products like Norton in comment entered using Google Chrome or Firefox.
You don't get to be superior about not installing software that makes free use of your PC when you gift tech companies all your personal information. And if you use any social media or have installed a smart device? ROFL at the people that do this and then claim they know what they're doing because they avoid McAfee or Norton.
Could a publisher as part of the subscription agreement insert an opt-out clause for GDPR for meta data and actual data, as well as the subscription itself? The customer could explicitly opt out, which would raise a defense in the event of an enforcement action.
There could be two-tier pricing, with a higher price for GDPR opt-in, and a discount for GDPR opt-out. This would, among other things, raise awareness of the cost of GDPR compliance as costs are explicitly passed along to the customer, rather than hidden by embedding it.
I did a quick search and sure enough, found Ncrypt.exe on my machine. Is it running? Not according to Task Manager or Advanced Uninstaller. Even double clicking on the file in File Explorer couldn't get it to run.Is this article about a possible tempest in a teapot? Quite possibly.
I've been running Norton since Norton Utilities v5 came out and have NEVER had any problems. Maybe it's partially because that in addition to Norton Utilities I don't click on every fool link I see or open every email I get. Or waste time downloading games or cryptomining.