It appears that the power of corruption and the criminals have now invaded the security guardians. As per the news report, Norton a well known company in the Anti Virus software business is added to the download of Norton 360. This is a crypto miner that would mine Ethereum which is fungible with Bitcoin and other crypto currencies.
Though Norton claims that it is an opt in feature and can be turned off, in reality it is stated that it is difficult to remove. We all know that all users are not alert enough to filter such unwanted software at the time of downloading.
It is unfortunate that anti virus companies which were identifying Crypto Miners as “Potentially Unwanted Program” have now yielded to the power of the corrupt. Norton would be collecting 15% mining fee and use the resources of the users in terms of computing power and electricity to generate this revenue.
This is a completely unacceptable behaviour for a security company. For long time, common man as been alleging that anti virus companies themselves spread the virus and then sell removal tools. Norton has gone one step further to join hands with the “Computer Contaminant” manufacturers to promote Computer contaminants.
India is in the verge of declaring Crypto Currencies illegal and ITA 2000 already has a provision under Section 43 read with Section 66 to consider installation of any program without proper consent as a criminal offence. Even the DPA 2021 has introduced a provision for certification of software to ensure any malicious codes to be present in any software.
Hence the Norton Service is a challenge to the “Opt-in” provision and the sanctity of the consents obtained, whether they are truly well informed consent as per the standards of contract under Section 14 of Indian Contract Act (Refer section 11 of DPA 2021).
I urge CERT-IN to send an advisory to the public about the danger of installing Norton 360 and also advise all Government Agencies to refrain from using Norton Services.
By associating with the Currency of the Criminals, Norton has lost the credibility as a trusted security company and it has to be red-flagged for security purposes.
Naavi
