Why does Norton 360 NOT warn against sites like Open Candy, and then allow it to install Conduit?

Archive
1

I bought and paid for Nero Platinum 2014.  I thought I was downloading my copy from Nero's site.  When I installed the software I found I was infected with Conduit, which to me is malware (whenit walks and quacks like malware.....): Open Candy did not warn me explicitly that it was about to inflect my computer with stuff I did not want.  Open Candy did not warn me that there are forums full of people wanting to get rid of their intrusive software.

 

I had to remove Conduit using some anti-malware software while 360 dozed on.  The reason for this was because I downloaded Nero from Open Candy's site,not Nero's and when I ticked the T&C box, I was agreeing to Open Candy's terms & conditions.  Apparently, the distribution of Nero is done by Open Candy who then bundle all sorts of unpleasant stuff with Nero without your kowledge.  This is OK in California and is seen as harmless.  I felt let down by 360 and very annoyed because it was just like someone walking into my house with his or her own key and taking a look at the contents.  Conduit may be harmless (I think not) but the same delivery process, if not checked, is an open back door to some more harmful stuff.

 

When I contacted Norton there was a lot of dry-hand wringing but very little help because this was, according to them, a legal grey area.  I do not want Open Candy and other thuggish organisations getting hold of my computer.  And so here is my proposal:

  1. 360 should immediately display the contents of any "bundle" you are about to download before you hit the download key.
  2. 360 should display a list of what is in the bundle.
  3. 360 should give a brief explanation of what each item is and if it is safe (Conduit is not safe).
  4. 360 should allow you to untick any item in the bundle so you only dowload what you want and what you paid for.

If, in my opinion, Norton does not take heed of this growing threat it will like those Detroit Dinosaurs of the 70s ignore the progress made by others.

2

Welcome,

The computing landscape is not a safe place.

Threats are being released by the thousands daily.

Vendors are looking for ways to increase their bottom line.

Some do not check as closely as others on the contents of the packages they bundle with their product.

Others may not monitor their sites well and allow rogue apps to be inserted into their download packages.

No single security program is able to protect you 100% of the time from 100% of the threats.

Symantec /Norton focuses on the threats / infections that can destroy your programs.

Other developers focus on things like malware, adware, 'crap'ware, etc.

 

I don't think that taking resources away from keeping Norton the best at what it does to do other things will help the company or the user.

Having a fully engaged chair / keyboard interface and wisely using the tools that are available will provide the best possible defense against infection.

The bottom line is still:  Infections are a matter of 'when' not 'if'!

Stay well and surf safe

3

Here is an official response in the Nero Forums concerning OpenCandy:

 

We work hard to provide some parts of our software and our trial versions to you for free. To help offset the cost of development and distribution we show an advertisement for other freely available software to you during installation. We have chosen the best platform to offer this service, OpenCandy. Their policies and offers available are simply the best in the market. These OpenCandy offers will only be shown during installation of our free software. You can choose not to accept and install any offer which is presented to you. Similarly, all software is thoroughly tested and must meet strict criteria in order to be shown in our installer.
In case you get a MalewareBytes detection, it is not an indication of malware but a notification that our installer contains OpenCandy advertisements. 

 

 

If the above response is accurate, the things you are requesting that Norton 360 display are already presented by the Nero installer as you install the program (this is typically true of bundled software in general).    There is a legitimate business partnership between Nero and OpenCandy.  Users have the choice to opt out of the OpenCandy installation, which is one reason that OpenCandy is considered to be grayware, not malware.  As long as the user is presented with the offer of the bundled software and given an opportunity to decline, most third-parties, such as Symantec, are going to be unwilling to insert themselves into this situation and infringe upon the advertising arrangement between Nero and OpenCandy. 

 

I'm not saying that foistware is a good thing (although it does help keep freeware free), but in most cases it is avoidable without dependence on a security program.  This is a gray area, as the Norton representative said, and your issue is really with Nero and similar companies that enter into these types of agreements.  Certainly, potentially unwanted programs (PUPs) should not be included with software that you are paying to buy.

4
SendOfJive wrote (emphasis mine):
[...]

 

If the above response is accurate, the things you are requesting that Norton 360 display are already presented by the Nero installer as you install the program (this is typically true of bundled software in general).    There is a legitimate business partnership between Nero and OpenCandy.  Users have the choice to opt out of the OpenCandy installation, which is one reason that OpenCandy is considered to be grayware, not malware.  As long as the user is presented with the offer of the bundled software and given an opportunity to decline, most third-parties, such as Symantec, are going to be unwilling to insert themselves into this situation and infringe upon the advertising arrangement between Nero and OpenCandy. 

 

[...]

Symantec recently posted a blog about Grayware in the Mobile Software Marketplace here:

 

http://www.symantec.com/connect/blogs/grayware-casting-shadow-over-mobile-software-marketplace

 

With regards to your 'legitimate business partnership' comment above, that blog states:

 

What can be done about grayware? Because it doesn’t cross the bounds of illegality, antivirus firms usually can’t block it. Occasionally it is removed from official mobile marketplaces such as the Apple App Store or Google Play because it violates terms and conditions. 

 
Knowledge is the best defense. In the same way that PC users are now a little bit more wary about what they install on their computers, smartphone users should take a moment to consider what they’re downloading and look into what permissions the app is seeking. 
 
There are also a number of tools you can use to help identify which apps may be taking liberties with your smartphone. For example, Norton Spot will scan your Android phone for aggressive ad libraries that may spam your device and identify the apps associated with them. 
 
The behaviour of the Norton Spot product, however, seems to contradict both your statement and Symantec's position that "Symantec, are going to be unwilling to insert themselves into this situation and infringe upon the advertising arrangement between Nero and OpenCandy".
 
Take a look at the description of the Norton Spot product below (emphasis mine):
 
 
Norton Spot scans for advertising networks that may spam your device. Identify apps that don't respect your privacy and remove them. Monitor for intrusive alerts and aggressive mobile advertising (madware), including apps that constantly push ads to your notification bar, create unauthorized desktop shortcuts, and secretly collect your personal information. We spot the madware, you decide whether to keep it.

 

It's your device. Take back control with Norton Spot.

 

FEATURES  

• Scan and identify apps that display intrusive ads on your device  

• Remove app spam and aggressive advertising networks  

• Catch ad networks attempting to hide from ad detectors (ad module obfuscation)  

• Sort apps by potential annoyance levels  

• Identify which apps are collecting your personal information without permission  

• Uninstall apps that don't respect your privacy


PC users expect all of the features of the Norton Spot product, listed above, to already be an inherent part of the feature set of the Norton product that‘s protecting their PC. For PC users, knowledge can be the best defence only if their Norton product proactively alerts them about what's contained in the software bundle that the user is about to install. If Norton Spot can state 'We spot the madware, you decide whether to keep it', then why don't the Norton PC product's present a notification stating 'We spot a software bundle/grayware installer; you decide whether to keep it' when the Norton PC product encounters this grayware? 

 

Put yourself in the OP's shoes. Do you think a Norton product notification like that would address this issue for Norton PC users? Wouldn't a Norton product notification like that encourage users to take additional care and read everything presented to them during that software installation process?