Starting analysis...
Extension Details
Context-Aware Verdict
Norton Family is developed by NorTech Engineering, a legitimate company that creates parental control software. The extension has 30,000 users, indicating some market adoption. However, the concerning 2.5-star rating from 274 reviews suggests significant user dissatisfaction, which could indicate functionality issues or overly intrusive behavior that impacts user experience.
The extension's permissions are extremely broad and invasive, even for a parental control tool. The combination of tabs, webNavigation, and all_urls host permissions creates a comprehensive surveillance capability that can monitor every aspect of web browsing. The declarativeNetRequest permission allows it to block or modify network requests, while scripting permission with broad content script injection means it can execute code on any website. This level of access, while potentially necessary for parental controls, creates significant privacy and security risks if the extension is compromised or misused.
Given the critical risk level, run this extension in a completely separate Chrome profile dedicated solely to parental control purposes. Regularly review the extension's activity through Chrome's extension management tools. Consider alternative parental control solutions that operate at the router or device level rather than browser level to reduce attack surface. If you must use this extension, ensure it's only installed on devices where parental monitoring is explicitly intended and understood by users.
Findings
Security Analysis Details
Required Permissions:
- tabs
- webNavigation
- nativeMessaging
- declarativeNetRequest
- scripting
Host Permissions:
- <all_urls>
Embedded URLs (4 total):
| https://clients2.google.com/service/update2/crx | http://www.w3.org/2000/svg | |
| http://www.w3.org/1999/xlink | https://engtools.engba.symantec.com/Etrack/readonly_inc.php?sid=etrack&incident=2016651 |
Raw Manifest
{ "name": "__MSG_appName__", "icons": { "16": "Images/NF_16x16.png", "32": "Images/NF_32x32.png", "48": "Images/NF_48x48.png", "128": "Images/NF_128x128.png" }, "version": "3.9.0.17", "background": { "service_worker": "serviceworker.js" }, "update_url": "https://clients2.google.com/service/update2/crx", "description": "__MSG_appDesc__", "permissions": [ "tabs", "webNavigation", "nativeMessaging", "declarativeNetRequest", "scripting" ], "default_locale": "en", "content_scripts": [ { "js": [ "NF_Script.js" ], "run_at": "document_start", "matches": [ "<all_urls>" ], "all_frames": true }, { "js": [ "docstart.js" ], "run_at": "document_start", "matches": [ "<all_urls>" ], "all_frames": true } ], "host_permissions": [ "<all_urls>" ], "manifest_version": 3, "minimum_chrome_version": "88.0", "declarative_net_request": { "rule_resources": [ { "id": "httpruleset", "path": "rules.json", "enabled": true } ] } }
ⓘ CRXaminer has partnered with our friends at Secure Annex to provide additional findings unique to their platform.
Secure Annex also analyzes extensions from other browsers, IDEs, and can continuously monitor.
This extension may not yet be analyzed by Secure Annex.