McAfee uses web beacons that can be used to track and serve advertising to users

[Petrovic]

A test of seven OEM laptops running Windows has shown consistent privacy and security issues, including an interesting revelation that the McAfee Antivirus running on six of them is using web beacons to serve ads and possibly even track users online.

 

The seven laptops – Lenovo Flex 3, Lenovo G50-80 (UK version), HP Envy, HP Stream x360 (Microsoft Signature Edition), HP Stream (UK version), Acer Aspire F15 (UK version), and Dell Inspiron 14 (Canada version) – have been tested by the security research team of Duo Security by simply sniffing the traffic sent from and to them once they have been taken out of the box, plugged in, and connected to a network.

 

“The focus of our research was on home systems accessing multiple networks, including public Wi-Fi and the corporate environment. However, this research also impacts corporate enterprises looking to improve both security and privacy settings for Windows 8.1 and Windows 10,” they explained.

 

“Within the first few packets on all seven laptops, there were issues. It took awhile to figure them out, as much of the traffic was encrypted and one had to go by server hostname or calling program name, or by reverse-engineering the calling code to find out what was going on,” they pointed out.

 

Findings

Among the other things they found were:

A pre-installed, trusted eDellRoot root CA certificate with an associated private key, as well as an Atheros Authenticode signing certificate shipped with the Bluetooth software on the Dell Inspiron 14. (This was publicly revealed at the same time that the existence of the eDellRoot certificate on all desktop and laptops shipped by Dell since August 2015 was unearthed by several security researchers and journalists).

 

There are many features in Windows 8 and 10 that collect data about the user and laptop, and many privacy settings. “Many of the applications and services connected to these privacy settings start phoning home as soon as the laptop is connected to a network, before you are logged in. For anyone concerned about privacy, it would be ideal to have a chance to opt out – particularly when it’s not obvious that the collection and uploading of data is even happening,” the researchers pointed out.

 

Unfortunately, changing privacy settings is not as straightforward as one would hope. In some cases, the user would have to disable a service or create/adjust registry keys – and that’s not something that most users know how to do.

 

After Patch Tuesday updates, many of the privacy settings are reset to their default settings, and the user doesn’t get notified of this.

Default laptop settings (e.g. open ports) and protocols make it easy for an attacker to sniff and redirect the laptop user’s traffic when the device is connected to insecure, open Wi-Fi networks.

 

McAfee is using web beacons that can be used to track and serve advertising to users. “In our opinion, this is the only purpose these web bugs serve,” the researchers noted, but pointed out that trusting third party sites and allowing them to load content it not a good security practice.

 

The only good news is that all the aforementioned traffic to Microsoft or OEM vendor servers is encrypted by default.

 

Full Article

[pc71520]

John 

has been

a nasty boy...

[steven36]

1 hour ago, pc71520 said:

John 

has been

a nasty boy...

 

 

 

 

1.McAfee resigned from the company in 1994

2.McAfee sold his remaining stake in the company

3.McAfee expressed his pleasure at his name no longer being associated with the software

 

[luisam]

McAfee Anntivirus comes in many new computers with a 30 day trial. Newby users are quite happy because they don't even know what this "trial" time means, just to realize that after 30 days passed, they don't have any protection. They are supposed to rush and activate McAfee paying good money because they don't know that they can get some really good AV software for free. Some don't know what to do, leaving the computer without any protection or in best case, trusting it to Windows Defender

[steven36]

35 minutes ago, luisam said:

McAfee Anntivirus comes in many new computers with a 30 day trial. Newby users are quite happy because they don't even know what this "trial" time means, just to realize that after 30 days passed, they don't have any protection. They are supposed to rush and activate McAfee paying good money because they don't know that they can get some really good AV software for free. Some don't know what to do, leaving the computer without any protection or in best case, trusting it to Windows Defender

These OEM AV  has caused many of noobs to catch a virus once there 30 days runs out   they dont even uninstall it  tell they catch a virus and it messes up there PC and somebody like me has to reformat it  for them and put them some good free protection on it.

[WALLONN7]

The richer Intel becomes, the worse its methods to become even richer... Shame on you... 

[jkh334]

Interesting-TimeWarner gives McAfee anti-virus for free. Never tried their version but wonder if it would do the same thing.

 

Oh BTW John McAfee for President 2016 #UninstallTheSystem  https://mcafee2016.com/ 

and all we hear about is Trump Trump Trump from the media. 

[steven36]

They removed McAfee Stinger from portableapps back in may 2015

 

Quote

 

McAfee Stinger has been removed from the Portable App Directory due to malware-like behavior. Running the current releases of McAfee Stinger on any Windows PC will automatically install the 'McAfee Validation Trust Protection Service' (mfevtps.exe) to the local machine without a prominent notice to the user. There is a reference to it only buried in the EULA. Once installed, these files are exceedingly difficult to remove. No entry is made in Add/Remove Programs or Uninstall a Program, a service is installed and set to automatically start with Windows, the service can not be Stopped by the end user. This behavior is unacceptable from any application, portable or not. It should be noted that the service left behind does not appear to do anything nefarious to the local machine. It could simply be an error by the publisher, but it has not been addressed since it began occurring a couple weeks ago.

 

While you can start the machine in safe mode and manually remove the files, the best way to ensure that all files are fully removed is to use the McAfee MPCR cleanup tool. Note that this tool is designed to fully remove all McAfee products from a Windows machine after their uninstallers have failed to properly remove them, so it should be used with care.

We apologize for any inconvenience the above issue may cause users and the loss of the app. This sudden change in app behavior due to the publisher's changes was as much a surprise to us as to you. Any support issues should be directed to the publisher.

http://portableapps.com/news/2015-05-08--mcafee-stinger-removed-for-malware-like-behavior

 

My best advice  to you is not to use McAfee use the cleanup tool and remove it if you have it. I tried  some versions retail the scene  use to release years ago.. I always found it very crappy and full of false positives

 

Mostly its the  8.1 pcs still in stock and some  Windows 10 all have Intel Core that comes with this version of McAfee in the O/P..There's many more than listed above

[pc71520]

20 hours ago, pc71520 said:

John  has been a nasty boy...

It was used metaphorically,

as the company still brings his name

(despite his official/formal withdrawal from it)...

[CODYQX4]

We live in sad times. Your own security software is making you vulnerable so they can track/spy/market you, things that they should be protecting you from.

 

It's all crap. I stopped using AV a long time ago. I just throw anything I think is dodgy at an airgapped VM so if it is bad, they hack a VM that I rollback.

 

Best way to get me would be to infect an otherwise trustworthy app (think the OS X Transmission thing). But the AV would surely not flag that making it useless because I'd get infected in that case either way. Having 2 on-site backups + a client-side encrypted cloud backup helps in the ransomware case. I don't see them destroying all 3 without being tailor made to target me.

[steven36]

2 hours ago, CODYQX4 said:

We live in sad times. Your own security software is making you vulnerable so they can track/spy/market you, things that they should be protecting you from.

 

It's all crap. I stopped using AV a long time ago. I just throw anything I think is dodgy at an airgapped VM so if it is bad, they hack a VM that I rollback.

 

Best way to get me would be to infect an otherwise trustworthy app (think the OS X Transmission thing). But the AV would surely not flag that making it useless because I'd get infected in that case either way. Having 2 on-site backups + a client-side encrypted cloud backup helps in the ransomware case. I don't see them destroying all 3 without being tailor made to target me.

Encrypted RansomWare  has been around since 1989 "AIDS" trojan (also known as "PC Cyborg") That's back when John really made  McAfee . From  thorough  1989 -2008 it was around I had done been on the PC  along time before Antivirus makers mange  to wipe out the 1st strains.  It emerged back on the scene in 2013 .. Ive never got infected with it in my 14 years of being on the internet . Really there's a whole lot more other stuff too worry about .

 

Most RansomWare infects people through ignorance of the person behind the PC . You may be in along wait before they get in control of it again. But 100s of new threats are invented  everyday  you can look  at any  Antivirus database and see this. 

 

The problem is not  using Antivirus there's noting wrong with it. the problem  is user ignorance. People who act as if a Antivirus will protect them 100%  a false sense of security . When you let you're guard down and think you're safe is when you're  the most vulnerable. So you should always act as if you dont have a Antivirus installed even if you do. But telling people not to install one is dangerous because there's some that are accident prone they can't  install freeware without infecting themselves . And then you have  the people who dont use PCs to read the PC centric news  . The only use  it to read the local news, the weather, etc..

 

Tell  they can actually wipe out malware for good, Antivirus  will always serve a purpose .  Profits for the security industry is on the rise not on the decline ..I doubt in our lifetime malware will magically  vanish.  If it was not for the security industry things would be a million times worse . Malware writers would not even need to write new strains. If everyone thought you should not use a Antivirus you would not even be able to log on the internet with out getting infected . Things could be much worse than it is now and in the past it was.