Norton is facing criticism for including a crypto miner alongside its Norton 360 security software. Activists like Cory Doctorow have claimed that the company “sneakily installs cryptomining software on your computer” and skims a commission on profits, and outlets like PCMag, Krebs on Security, and Digital Trends have also written about users expressing frustration trying to uninstall it. While there’s more than a grain of truth to these claims, we dug into it ourselves and found they’re being blown out of proportion.
Last summer, Norton very publicly announced it was adding a crypto miner to its Norton 360 security suite, pitching it as a safer alternative to trying to install complex, “unvetted” mining programs from the internet. It was initially only available to a limited number of users, but now seems to be available to anyone who installs the program — but in the six or so months since the announcement, there hasn’t been much discussion about the software until this week.
This is fucking wild. Norton "Antivirus" now sneakily installs cryptomining software on your computer, and then SKIMS A COMMISSION. https://t.co/6s2otyCd78— Cory Doctorow (@doctorow) January 4, 2022
Now, it’s suddenly the center of a backlash, with some Twitter users accusing Norton of installing a crypto miner on users’ computers without any warning. In a very technical sense, that’s true — my colleague Sean Hollister installed a copy of Norton 360 for himself and did indeed find that the mining app NCrypt.exe was included in the program’s directory.
However, that doesn’t mean that Norton will automatically start mining on your computer, as some seem to believe. Norton’s FAQ says that it won’t mine without permission and that “in addition to having a device that meets system requirements, you must also turn on Norton Crypto on your device.” Sean says that as far as he could tell, this appeared to be true; the feature didn’t surreptitiously activate after he installed Norton. It didn’t open until he asked it to.
The TL;DR is that yes, Norton does install a crypto miner with its software, without making that clear in the initial setup process. But it isn’t going to do anything unless you specifically opt in, so it’s not a situation where you’ll install the security suite and instantly start seeing your computer lag as it crunches crypto in the background.
A NortonLifeLock spokesperson also told The Verge in an email that you can completely remove NCrypt.exe by temporarily turning off Norton’s tamper protection feature, and then deleting the executable. We confirmed that ourselves, and it could be good news for anyone worried about Norton remotely activating the feature.
We asked Norton if it would make a pledge that the feature would always be opt-in, and spokesperson Spring Harris told us that “[the] feature requires special device hardware and user consent to function. We are transparent about how our software performs on user devices and we have no intention of changing this.”
None of this is to defend Norton’s inclusion of a crypto miner in its security suite — it’s simply to explain what is and isn’t happening.
As mentioned before, we installed Norton ourselves to get first-hand experience with the miner. While the service may be opt-in, Norton isn’t making it hard to find — when Sean installed the software, its control panel had a big green banner at the top with the text “Turn your PC’s idle time into cash.” Clicking the “show me how” button shows you a slideshow about the feature, a large “Agree and get started” button, and some smaller text letting you know that the feature you’re turning on is Norton Crypto.
After you turn on Norton Crypto, it’ll set up a wallet for you, and immediately start using your computer’s GPU to mine Ethereum (its system requirements say you need an Nvidia or AMD card with at least 6GB of memory). Any earnings will be periodically deposited in the wallet set up for you, and once you reach a minimum threshold you’ll be able to withdraw your earnings to Coinbase.
Norton has incentive to get people using the feature. As BleepingComputer pointed out when it tried the software last year, Norton takes a whopping 15 percent of any earnings you make from mining. Without diving too deep into how mining works, Norton Crypto’s terms of service (PDF) say it’s running a mining pool, which combines everybody’s computing power to increase the chances of mining a block — when that happens, everybody who contributed power gets a share of the reward. It’s that reward from which Norton is taking its cut.
Pool operators do often take a cut or fee for bringing everyone together. However, the fees are usually closer to 1 or 2 percent, which is obviously significantly lower. And, of course, there’s the elephant in the room: anyone using Norton’s software to mine has already paid the company a subscription fee for its security software (and after we purchased a copy, we also had to provide our payment information so that it could automatically renew itself every year).
Is the reward from mining good enough that you can ignore the high fees, or consider them a convenience cost for not having to figure out how to join a pool on your own (which is usually a reasonably technical process)? We tried it out for ourselves, measuring electricity consumption using a Kill-A-Watt power meter. The results? With the current difficulty of mining a block and Ethereum prices, we completely broke even for what we earned versus what we paid for power. In real numbers, a night of mining on an RTX 3060 Ti netted $0.66 cents worth of Ethereum and cost $0.66 in off-peak electricity. Norton took all the profit.
Given The Verge’s policy against holding cryptocurrency, we’ll be immediately divesting the fraction of an ETH we earned in our test.
Even if you had stronger mining hardware and cheaper electricity, Norton’s model could end up being a rough deal. It deposits your cut of Ethereum into your Norton Crypto wallet, but if you want to use it or exchange it for fiat currency you’ll have to cash it out — currently, the only option for that is by transferring it to a Coinbase account. However, doing so will incur a transaction fee (also known as a gas fee) that’s charged by the Ethereum network itself. That could mean that you’d have to mine a lot of crypto before it’d make financial sense to withdraw it from your Norton wallet.
The deal looks a lot better from Norton’s end, though — as is often the case with crypto, scale is key here. While using the feature may not be particularly profitable for any one individual, if a lot of people try it out, Norton’s cut could add up to a significant sum. Whether it’ll be enough to make up for the PR hit the company’s taken from this feature is hard to say — but even ignoring Twitter, the users on Norton’s own Crypto forum don’t seem to be particularly happy with how it’s been going.