McAfee Uses Web Beacons That Can Be Used To Track Users, Serve Advertising 73
An anonymous reader writes: A test of seven OEM laptops running Windows has shown consistent privacy and security issues, including an interesting revelation that the McAfee Antivirus running on six of them is using web beacons to serve ads and possibly even track users online. The seven laptops – Lenovo Flex 3, Lenovo G50-80 (UK version), HP Envy, HP Stream x360 (Microsoft Signature Edition), HP Stream (UK version), Acer Aspire F15 (UK version), and Dell Inspiron 14 (Canada version) – have been tested by the security research team of Duo Security by simply sniffing the traffic sent from and to them once they have been taken out of the box, plugged in, and connected to a network.
AVs are back to being actively harmful (Score:5, Insightful)
Re: (Score:2)
Re: (Score:1)
Then you have a problem with America and capitalism. The $ is more important than anything else.
Re: (Score:2)
I forget who said it -- might have been Peter of the Peter Principle -- "Everything which can be done will be done."
It might have been a corollary to his famous law.
Re: (Score:3)
I'm not clear. When is it exactly that there weren't being actively harmful?
Re: (Score:2)
They're just trying to keep up with (most) OSes.
McAfee is owned by Intel. (Score:3)
Quote from that New York Times story: "There are no immediate synergies that I can see," said Stacy A. Rasgon, an analyst with Sanford C. Bernstein & Company. "It is a strategic deal, and it is a pretty rich price for a strategic buy."
Ohhh. It's a "strategic deal". Oh, well then, that's okay? Why are writers with no interest or understanding of technology allowed to write stories about technology?
Seems to be more and more (Score:2, Interesting)
prevalent, these "security" apps, companies, whatever, actually straddling the fence, as it were. Ghostery and ABP are but a couple that serve two masters. At present, the only software I trust is uBlock Origin. In the end, I think people will either have to roll their own or there needs to be a public, open source project whereby transparency is the order of business. The Cold War with ad companies and ad blockers has started, and I, for one, will not allow ads on machines I control, either at home or at w
Re: (Score:3)
Re:Seems to be more and more (Score:4, Insightful)
skim through the source code to make sure there's no shit like this to be found.
Seriously?
Re: (Score:2)
I guess you've never heard of the infamous Ken Thompson Hack: http://c2.com/cgi/wiki?TheKenT... [c2.com]
Skimming through the source code is not enough. However, using Open Source enables a bunch of eyes to review the code.
Re:Seems to be more and more (Score:4, Insightful)
However, using Open Source enables a bunch of eyes to review the code.
That something can happen doesn't mean it does happen. In fact, very little Open Source other than high profile code, gets "reviewed" by anyone knowledgeable enough to know what they are looking at, other than the authors themselves.
Re: (Score:3)
Re: (Score:2)
So turn them off - As simple as ticking off a checkbox. And if you find some still sneak through, you can manually add rules to block those. Don't blame ABP for your own laziness.
As for Ghostery, they fill a slightly different niche, but the way I see it, "still better than nothing". I'll take 99% tracker blocking over 0%.
Re: (Score:2)
Why would I want to waste time with manually adding stuff when I can just install uBlock Origin, which is made by people who agree with me that there's no such thing as an "acceptable ad" that only become "acceptable" because they paid someone off?
Hey, if you like supporting payola, why don't you just say so?
Re: (Score:2)
Just use ublock origin. It blocks ads with no drama. The only acceptable ad is a dead ad.
Re: (Score:1)
And still people wonder why I always uninstall AV (Score:4, Interesting)
Re: (Score:2)
At work, we use Malwarebytes. And the IT guys are fairly savvy, so I'm guessing it's a bit better than the "old guard" AV products.
Re: (Score:2)
at my last 'windows based' job, they also insisted on malware bytes. the admins tended to be clueful there, too. so maybe there's something to it.
at home, though, I refuse to run them. I refuse to run windows7 update and have deinstalled all bad updates.
backup and restore is my new friend. that, and avoiding doing anything online with windows, as much as I can.
antirvir is not useful for techies and its more trouble than its worth.
Re: (Score:2)
When I managed my old company network, I used malware bytes also. There's no money to be made destroying your PC, only in controlling it.
I used a host file per machine to block sites and GPOs to lock down the user's temp dirs so no EXEs could be run from there (mostly for the crypto infections.
Other than that, if a person ever got infected, the machine was immediately imaged back to its weekly image. That threat kept people from risky clicks more than anything else.
A more important question ... (Score:1)
Re: (Score:2)
Not likely. This is from McAfee Software (a division of Intel), which John McAfee has no control or ownership of.
Also, John McAfee has publicly stated that McAfee software is "the worst software on the planet". If the guy it's named after says it's total crap, that should tell you something.
Usually, when I bring this up, some naÃve moron replies with some idiotic response about how John doesn't know anything about current McAfee software, some BS about brand value, etc. Obviously, as we can see from
Re: (Score:3)
Obviously John has never used Norton's fine products.
Anybody still... (Score:2)
Re: (Score:3)
IT comes preinstalled on alot of machines. Its something I remove when de-crapifying any new system.
Re: (Score:3)
Nowadays we just reimage new equipment. We don't even bother removing it. We have vanilla Windows images with the software needed and that's what goes on. The idea of spending any time removing the shit that Toshiba, Lenovo and the rest of them throw on the computers is a useful activity is long gone now.
Re: (Score:2)
I can do the same thing at home. I grab an OEM install ISO, gather all the drivers, and reinstall. It's a bit more of a pain, but operating systems are getting better suites of built in drivers all the time.
Re: (Score:2)
Oh? Where does a technically competent but non-computer-professional find an OEM install ISO?
Re: (Score:2)
Windows Media Creation Tool [microsoft.com]
And for Windows 8.1 too [microsoft.com]
You're out of luck for Windows 7 if you're not halfway expert. You have to convert a standard Windows 7 ISO to Universal or acquire a premade one and use the OEM key from the sticker.
Re: (Score:2)
Re:Anybody still... (Score:4, Insightful)
It is one of the few AV products that runs on Linux, Solaris, and AIX. Not that LPARs or LDOMs will be getting viruses anytime soon, but it is necessary for making the legal eagles happy and checking the "all machines, logical and physical, have AV running on them" box.
It is far easier to just toss McAfee on there than to try to explain or write exceptions to an auditor.
Argh,,,, too tired this morning. (Score:2)
I read "beacons" as "bacon". And went, like, "huh?"
Oh how I truly hate daylight savings time.
McAfee is owned by Intel (Score:2)
And people wonder why I run Linux (Score:5, Insightful)
At this point, my favorite reply is "Look, it doesn't suck any worse than Windows."
And.. no antivirus, no unexpected updates changing system configuration, no "defective by design" security issues, and on and on.
Linux isn't perfect, but it does 95% of what I need to do, and I have a VirtualBox VM with XP loaded to do the rest. And with Microsoft and friends (like McAffee) shooting themselves in the foot every chance they get, Linux is becoming a better choice every day.
Re: (Score:2)
defective by design
There are now .
Clue: Know that fella who worked on ALSA?
Re: (Score:2)
There are now .
Clue: Know that fella who worked on ALSA?
I didn't say Linux was free of security issues. But Linux packages typically have unused ports closed by default, compared to Windows' "leave 'em open" approach. I'm not comfortable trusting Microsoft to do what's right, security-wise. I feel better with Linux.
I'll be the first to admit, Linux isn't for everyone. But I just can't count on Windows any more...you never know what Microsoft is going to do to you.
Re: (Score:2)
> The only benefit of Linux is the less than 2% market share.
People said this when Windows had spy and monitor services listening to the naked internet, that got whole boxes owned.
People said this during the shit festival than was Internet Explorer.
People said this when Windows had every user running as admin.
People said this when Windows was the only guy on the block not using ASLR.
Now they say it in a world where Windows lacks SE Linux level security entirely, in a world where much of the code is stil
McAfee really? (Score:1)
Re: (Score:2)
Firewall (Score:1)
This is why you also need to install McAfee Firewall!
Re: (Score:1)
WIPE (Score:2, Insightful)
And thats why if i buy hardware (phone/laptop/tablet/pc) the very first thing i do is WIPE it. Not uninstall , WIPE !!!! ;)
Re: (Score:2)
Depends on what the product is. Enterprise level desktops, if I have time, I like running a Linux CD boot to zero out HDDs or blkdiscard -s SSDs, then PXE booting the desktop so it can load an image. This way, I'm sure no data is present that shouldn't be there.
Personal stuff, same thing. However, I use an imaging utility (Ghost, CloneZilla) to save the contents of the original HDD off, as there might be a driver on the original OS load that isn't available for downloading. Then, the SSD gets completely
John McAfee himself said it (Score:1)
Re: (Score:2)
The question is (Score:2)
Why the fuck would you buy a signature edition laptop and proceed to install Mcafee on it, thereby ruining it completely? One can only be so stupid, right? Right??
So uninstall McAfee and install Windows Defender? (Score:2)
HA! Thought they were serious for a minute.
What? What do you mean it's not April 1st?
Recommending Windows Defender is like suggesting someone bare-ball it across the net.
Built-in protection (Score:2)
So...how long before McAfee advertises that it'll protect you against itself?
"New McAfee 10, with Advanced Protection Against McAfee 10!"