mcafee.com · Domains · Slashdot Mirror

Re:AV on TV by AmiMoJo · 2019-02-28 04:26 · Score: 1 · on Samsung is Loading McAfee Antivirus Software On Smart TVs (techspot.com)

According to McAfee you can actually delete it: https://service.mcafee.com/web...

I guess you "need" it because Tizen OS has an app store and like all app stores it sometimes gets malware in it.

Re:Asshole by viperidaenz · 2016-09-04 09:24 · Score: 1 · on John McAfee Sues Intel To Use His Own Name (bloomberg.com)

Intel are using their mark "McAfee" in trade right now.
http://www.intelsecurity.com/i...
http://www.mcafee.com/
https://www.mcafee.com/consume...

Re:Asshole by viperidaenz · 2016-09-04 09:24 · Score: 1 · on John McAfee Sues Intel To Use His Own Name (bloomberg.com)

Intel are using their mark "McAfee" in trade right now.
http://www.intelsecurity.com/i...
http://www.mcafee.com/
https://www.mcafee.com/consume...

Re:Should sue them for what Intel did to his name by Anonymous Coward · 2016-09-04 08:59 · Score: 1 · on John McAfee Sues Intel To Use His Own Name (bloomberg.com)

Anyone that buys McAfee for 3.3 billion is out of their freaking minds.

Anyone who buys McAfee for $44.99 (discounted from $89.99 at the moment) is out of their freaking minds.

Re:so much for the walled garden by idontgno · 2016-03-07 11:17 · Score: 2 · on Apple Has Shut Down the First Fully-Functional Mac OS X Ransomware (techcrunch.com)

Well, the $99 is a small barrier to entry. Considering Cryptowall has garnered nearly a third of a billion dollars, there is probably some good money to be had if an enterprising blackhat can get a working ransomware trojan running on OSX long enough to do the trick. More than enough to justfy several $99 developer registrations.

Re:Excited about what deubging Instructions are by Anonymous Coward · 2015-09-03 10:56 · Score: 0 · on Check Point Introduces New CPU-Level Threat Prevention

McAfee (now part of Intel) has something that is pretty innovative:
http://www.mcafee.com/us/solutions/mcafee-deepsafe.aspx

It basically puts AV as the hypervisor beneath the OS.

Re:The real question by TheRealQuestor · 2015-07-06 18:18 · Score: 2 · on Click-Fraud Trojan Politely Updates Flash On Compromised Computers

The real question is if it installs the McAfee, and if it doesn't anybody can point me out where can I get infected?

There is no McAfee anymore. Intel bought them a while back and now they are re-branded Intel Security.
http://www.mcafee.com/us/about...

It's good you missed it - it was an advertisement by Vokkyt · 2015-04-08 03:57 · Score: 1 · on Ask Slashdot: How Serious Is Hacking In Mobile Games?

Reading the whitepaper, the whole thing seems like it's focused on promoting Arxan's services. It's entirely possible that the presentation itself took a different tone/direction, but the whitepaper itself was fairly contentless sprinkled with a few good points about older MITM attacks exploiting the In-App purchases for iOS and the high piracy rates on Android in China and Russia.

Really that last part is the thrust of the article -- high piracy rates for which they don't really offer any solution except DRM and always-online games. (To their credit, they do make the recommendation of "some sort of protection on the networking layer, in-memory layer, and on disk layer...as well as portions dealing with receiving and unpacking the player's saved game or state.")

Everything else was either misleading, fairly obvious non-suggestions, or just plain outdated information.

Examples:

- Whitepaper dedicates a section to lost revenue from a MITM attack allowing iOS users to get in-app purchases for free. The reference they use is a 2012 article from the Guardian talking about how Apple already fixed it. Specifically, this was relating to iOS 5 and has since been resolved. While Jailbreak options still exist, the whitepaper does not mention these nor does it discuss any other actual leak.Referenced Article

- Whitepaper has section on Flappybird clones which reads:

...However, by March 2014, approximately 60 Flappy Bird clones a day were being added to the iOS App Store...Worst of all -- a reported 79% of these clones contained malware.

This section has a reference that points to a McAfee threat report from June 2014 - as the section reads, "these" refers to the clones on the iOS App Store, however, the McAfee report clearly shows that this is Android stores that are plagued, not iOS. http://www.mcafee.com/us/resou... Page 6

- Whitepaper has a section on how hackers damage communities, which is not incorrect, however, they provide the following "helpful" tips:

Learn how to tell when a hacker hacks
Include banning as a feature
Look for reports of hacking

While these are not bad suggestions, they're also absolutely common sense for mobile game developers, or just people dealing with problems in general.

The submitter is absolutely right that this could have been a really keen presentation, but based on what they produced in the whitepaper, it sounds like a business trying to drum up some more business for themselves with misleading and/or useless information.

Tell you what: THESE *may* help... apk by Anonymous Coward · 2014-12-31 10:48 · Score: -1 · on India Blocks Code Sharing Websites On Anti-Terror Advisory

They CAN function as decent indicators (provided this isn't some "brand new" site they haven't tested):

http://safeweb.norton.com/buzz
http://www.siteadvisor.com/
http://wepawet.iseclab.org/
http://www.mywot.com/en/commun...
http://www.virustotal.com/
http://www.mcafee.com/us/mcafe...
http://www.malwareurl.com/list...
http://cbl.abuseat.org/lookup....
http://www.threatstop.com/chec...
http://www.avgthreatlabs.com/s...

* You can run sites OR IP Addresses thru them to check *ANY* sites you wish that you're unsure of... enjoy!

APK

P.S.=> In fact, I built hooks into those into this application of mine (in its "Site Checkers" menu, pictured below) that allows users of my APK Hosts File Engine 9.0++ 32/84-bit-> http://start64.com/index.php?o... to answer the SAME basic question you have - in case they wish to remove any sites blocked in the hosts file data imported, these sites give them a FAR MORE DECENT INDICATOR than mere "word-of-mouth"... apk

Re:The Golden Turd Principal by BasilBrush · 2014-06-03 09:54 · Score: 1 · on Apple Says Many Users 'Bought an Android Phone By Mistake'

To deal with just one piece of your drivel.

Your M$-xx and iOS-xx are easy targets for malware, and that is a fact, not so much on my side of the fence.

Virtually all mobile malware is for Linux (Android). None of it in 2013 was for iOS, and precious little in any preceding year.

http://www.mcafee.com/uk/secur...

Re:Should have upgraded Openssl by Minwee · 2014-06-02 04:47 · Score: 2 · on Heartbleed Bug Exploited Over Extensible Authentication Protocol

Did _you_ know that your wireless router was using OpenSSL to manage EAP? Or did you just assume that having SSH blocked and not serving HTTPS would be enough?

And even if you did, is it even possible for you to upgrade a single library on your access point?

Try going back to the original CVE, the plethora of vulnerability checkers, or any of the press surrounding it. Every reference to Heartbleed pointed to HTTPS or, rarely, TLS and VPN services as being vulnerable to the bug. Now pretend that you don't know the implementation details of WPA and EAP. Based on all of that, why would you even consider updating or replacing every wireless device you have which don't use HTTPS unless the manufacturer told you?

Moreover, when have manufacturers of popular wireless equipment _ever_ produced timely and relevant updates without at least eight months lead time and court cases in at least three countries?

Re:Should have upgraded Openssl by Minwee · 2014-06-02 04:47 · Score: 2 · on Heartbleed Bug Exploited Over Extensible Authentication Protocol

Did _you_ know that your wireless router was using OpenSSL to manage EAP? Or did you just assume that having SSH blocked and not serving HTTPS would be enough?

And even if you did, is it even possible for you to upgrade a single library on your access point?

Try going back to the original CVE, the plethora of vulnerability checkers, or any of the press surrounding it. Every reference to Heartbleed pointed to HTTPS or, rarely, TLS and VPN services as being vulnerable to the bug. Now pretend that you don't know the implementation details of WPA and EAP. Based on all of that, why would you even consider updating or replacing every wireless device you have which don't use HTTPS unless the manufacturer told you?

Moreover, when have manufacturers of popular wireless equipment _ever_ produced timely and relevant updates without at least eight months lead time and court cases in at least three countries?

Competition will Support XP by ScottCooperDotNet · 2014-01-15 13:40 · Score: 3, Insightful · on Microsoft Extends Updates For Windows XP Security Products Until July 2015

Other Anti-Virus vendors like Symantec, McAfee, and Kaspersky are going to continue to support XP past April, so why should Microsoft concede market share to these competitors?

Also, Microsoft is going to look pretty bad if a new virus makes a major impact, so having their security product database updates continue will mitigate that. Doing otherwise could easily be spun as irresponsible.

Security is always a balance by onyxruby · 2013-10-03 00:13 · Score: 1 · on Former NSA Honcho Calls Corporate IT Security "Appalling"

I can't think of anyone I know who would ever claim their environment was secure, whether I've worked Wall Street, health insurance, defense contractors or any other type of organization that might be typically portrayed as secure. All of these environments have professionals, and all of them are painfully aware of the holes in the system and would fix them if they had the resources. The hard reality is that security costs money and good security costs even more money. Security also has a habit of impeding functionality and in today's environment, this is considered a big deal.

Security is really all about risk management and balancing any given risk against it's likelihood, cost of cleanup and cost of prevention. You can white-list every website your staff are allowed to visit on the Internet and dramatically reduce the number of infected machines, but the cost in terms of staffing, employee morale and retention would be quite high. You can put man traps at every door in your facility, however it would be a foolish waste of money and irritation in 99% of use cases.

Like it or not security is often tied directly to regulatory and compliance requirements. Those environments that have some sort of regulatory and compliance requirement are typically far more secure than those that don't. If you want improved security for the country (wherever your country is) you have to start with regulations and compliance requirements that force companies to institute it to begin with. It's claimed that cybercrime costs $100 billion in the US and $400 billion per year.

Want better security? Get companies to realize that have poor security costs more money than good security.

Re:A/V part of the problem? by Anonymous Coward · 2013-05-02 18:45 · Score: 0 · on Interview: Ask John McAfee What You Will

You mean like this?

http://www.mcafee.com/us/products/application-control.aspx

Re:Delete your cookies by MacDork · 2013-03-16 14:12 · Score: 1 · on Schneier: The Internet Is a Surveillance State

As a web developer, let me say that none of the stuff you mention really matters when it comes to tracking you around the web. In fact, most of it is pretty essential in making your experience on a site a good one.

What does matter is that sites totally unrelated to google, facebook, twitter, etc, are embedding scripts and iframes from those sites on their own pages. When you see that facebook like button beside Dr. Pink's Anal Brightening, facebook knows you're there. If you click the like button, then facebook tells all your friends you were there. This is the faustian bargain that facebook offers to third parties... Let facebook follow your users and facebook will spam its users with your sites offers.

Nobody even questions it. Facebook likes and google analytics are considered essential elements of every website by management types. They have no idea what a <link> tag is or how it can impact the site's security, but they **know** that you better have google analytics! (If you like being employeed)

I notice Schneier failed to mention the EU cookie law. Unlike in the US, the EU is actually serious about fixing the problem. Essentially, if you care about this sort of spying and you go to any site that provides the required EU notice, just leave and don't go back. All the legit methods of first party tracking are exempt. Session cookies are exempt as well as first party analytics cookies. That notice is telling you that facebook, google, and any number of other third parties are tracking your activity on the site.

Free Tools page more interesting! by Anonymous Coward · 2013-01-05 03:41 · Score: 1 · on John McAfee Explains How He Milked Information From Belize's Elite

http://www.mcafee.com/us/downloads/free-tools/index.aspx

"McAfee is committed to your security and provides an assortment of free McAfee tools to help in your software development. Simply select a tool and download it for free."

You may remember most of these tools as coming from Foundstone:

https://en.wikipedia.org/wiki/Foundstone

"Foundstone is a practice within McAfee Professional Services that provides tactical and strategic computer security services."

"Although Foundstone is owned by McAfee, it stays vendor neutral in order to remain impartial in its services."

Re:Oh man... by bonehead · 2012-12-10 03:38 · Score: 1 · on McAfee Is Doing a Live Broadcast Tonight

Yeah, that would be a little late. It's been around for a very long time now.

http://www.mcafee.com/us/products/virusscan-enterprise-for-linux.aspx

Re:Freedom by exomondo · 2012-12-06 09:49 · Score: 1 · on Richard Stallman: 'Apple Has Tightest Digital Handcuffs In History'

The problems that Windows has are a Windows problem. They aren't shared by anyone else. Even the problems that Android has are down to bad apps masquerading as good ones and aren't the self-replicating and browse-by infections that you can get with Windows.

Windows is the only cesspool. It's about Microsoft engineering, not popularity.

Wow, that's some serious blinders you've got on, you've obviously got a religious attachment to some Microsoft hate that makes you spew out rubbish like that. The sort of thing that keeps you ignorant of things like jailbreakme.com, linux rootkits, OSF.8759, Slapper, Scalper, Linux.Svat and L10n among many, many, many others. You're just a clear ignorant fanboy.

developer platform by Trepidity · 2012-11-25 13:53 · Score: 4, Insightful · on OnStar Gives Volt Owners What They Want: Their Data, In the Cloud

You probably don't think of your car as a developer platform

Sadly, you might soon have to, in the sense that you'll need to [pdf] keep your security patches up to date...

Relevant research on banking... by thrill12 · 2012-10-17 06:37 · Score: 1 · on Hackers' 'Zero-Day' Exploits Stay Secret For Ten Months On Average

...and computer security was published in a recent report from the European Network and Information Security Agency indicating that banks should always assume their client computers are infected.
I started moving the PC's I "maintain" (parents etc.) away from Windows and to a separate Ubuntu partition *only* for banking for this very reason. The likelihood that that partition is vulnerable (different OS, no other internet tooling running on it) is significantly lower.
At the same time, banks start drawing lines on what they do and do not reimburse to their clients based on e.g. their computers' security state and their client's intellect (giving out pin codes to perfect strangers...). While the latter is quite logical, the former is starting to become an issue: some banks insist that clients (especially business clients) did not take enough precautions against an attack. Of course not all attacks can be prevented in the first place, as TFA indicates. So, better be safe(r) than sorry and protect your banking as much as you can. (Situation is from The Netherlands BTW, with ABN Amro and Rabobank as some of the examples of banks that start questioning their clients security behaviour, positively or negatively).

Re:A simpler method would be great by SternisheFan · 2012-09-30 15:13 · Score: 1 · on CyanogenMod Drops ROM Manager In Favor of OTA Updates

from Macafee: Description Exploit/ZergRush.C is exploit that takes advantage of the vulnerability to gain root. Indication of Infection Sends shell code to a vulnerability module to root the device Methods of Infection This exploit attacks a vulnerability of system. User should apply a security patch and update the system to the latest version. This exploit will be used to gain root privilege by malware. As always, users should never install unknown or un-trusted software. This is especially true for illegal software, such as cracked applications—they are a favourite vector for malware infection" http://home.mcafee.com/virusinfo/virusprofile.aspx?key=1004122

ummary Exploit:AndroidOS/GingerBreak is a trojan that affects mobile devices running the Android operating system. It drops and executes another trojan detected as Exploit:AndroidOS/CVE-2011-1823, which, if run successfully, gains administrator privileges on the device. http://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Exploit%3AAndroidOS%2FGingerBreak

This conflicts with what I see (I do anti-spam) by Khopesh · 2012-08-28 05:33 · Score: 2 · on A Month After Grum Botnet Takedown, Spam Back To Previous Levels

I only see one publicly visible spam volume graph supporting this claim: SpamHaus CBL (look at the "Last quarter" graph).

SpamCop and SenderBase suggest the overall trend is still down, though I'm not convinced this is related to Grum -- it appears Grum just wasn't as major a player as people thought.

The other graphs I have bookmarked, from McAfee (click the "Historic Data" tab) and Symantec, are inconclusive.

McAfee EMM by IMightB · 2012-07-12 10:52 · Score: 1 · on Ask Slashdot: Managing Encrypted Android Devices In State and Local Gov't?

Don't know what exactly your requirements are, but you can look into McAfee EMM, supports iOS, Android, Windows Phones and Blackberry

http://www.mcafee.com/us/products/enterprise-mobility-management.aspx

Disclaimer: I work for McAfee but a different division

Re:what about USB keyboards / mouses? by flydpnkrtn · 2012-07-01 10:27 · Score: 1 · on Ask Slashdot: VPN Service For a Deployed US Navy Ship?

The DoD employs something called "HBSS" - Host Based Security System - which is in reality McAfee's "e Policy Orchestrator" (ePO) plus a bunch of modules that plug in to ePO. One of the ePO modules is a data loss prevention agent that was pushed out to the client endpoint that prevented anything other than USB HID devices from functioning

https://kc.mcafee.com/corporate/index?page=content&id=KB60861 looks like an accurate description of what was done with HBSS policies.

Re:Perspectives by Jose · 2012-06-16 10:38 · Score: 1 · on Ask Slashdot: What's Your Take On HTTPS Snooping?

SSH can't be proxied like SSL traffic

yep, it can. there are a few commercial fw's that do it...check out page 191 of McAfee's (.pdf) userguide
here

if you don't wanna read the .pdf...check here

"Put the network firewall in charge of security again with integrated comprehensive network gateway protection technology, including:

Encrypted traffic inspection (SSH/SSL)
"

Re:Perspectives by Jose · 2012-06-16 10:38 · Score: 1 · on Ask Slashdot: What's Your Take On HTTPS Snooping?

SSH can't be proxied like SSL traffic

yep, it can. there are a few commercial fw's that do it...check out page 191 of McAfee's (.pdf) userguide
here

if you don't wanna read the .pdf...check here

"Put the network firewall in charge of security again with integrated comprehensive network gateway protection technology, including:

Encrypted traffic inspection (SSH/SSL)
"

Re:Fine, I'll bite by jklovanc · 2012-05-27 10:37 · Score: 1 · on Ask Slashdot: Why Not Linux For Security?

Take a look at page 10 of this report; http://www.mcafee.com/us/resources/reports/rp-quarterly-threat-q1-2012.pdf. The number of new malware programs has almost tripled in 3 years. It is true the numbers are far from the Windows numbers but then so is the installation base and the OSX numbers are far from one or two..

Re:Why do we keep doing this? by Anonymous Coward · 2011-12-26 07:12 · Score: 0 · on Researchers Build TCP-Based Spam Detection

Total spam volume continues to increase in spite of filtering, which indicates it has not had any meaningful effect on the rewards for the spammer

[citation needed]

Counter data: McAfee Quarterly Report 2011Q3

Re:Support them from your own money by Anonymous Coward · 2011-10-31 15:26 · Score: 0 · on How Can I Justify Using Red Hat When CentOS Exists?

http://downloadcenter.mcafee.com/products/evaluation/VCL/AIX/Readme_VCL_UNIX.txt

Remove McAfee Completely by Joe+Jordan · 2011-10-05 03:16 · Score: 1 · on Firefox Advises Users To Disable McAfee Plugin

McAfee offers a removal tool to cleanly uninstall their products. I use it any time I clean up a system: http://download.mcafee.com/products/licensed/cust_support_patches/MCPR.exe

Totally misleading title by Florian+Weimer · 2011-05-05 17:18 · Score: 2 · on Multiplatform Java Botnet Spotted In the Wild

The original McAfee blog article says this (why not link to the original resource in the first place?):

However, we’ve seen only the PC version in a downloader/dropper in the wild.

So this is not different at all from the Java-based Facebook suicide Trojan horse which circulated in Spring 2010 (but was not spotted by most AV companies back then).

Re:Passing on Viruses by mr_mischief · 2011-05-02 06:22 · Score: 1 · on Tasmanian Dept. of Education Wants Anti-Virus for Linux, OS X

I'm not even going to bother linking all of these...

http://www.mcafee.com/us/products/virusscan-enterprise-for-linux.aspx
http://us.trendmicro.com/us/products/enterprise/serverprotect-for-linux/
http://www.kaspersky.com/linux
http://www.eset.eu/products/nod32-for-linux
http://www.centralcommand.com/Products/VexiraforLinux/VexiraforLinuxFileserver.aspx http://www.centralcommand.com/Products/VexiraforLinux/VexiraforLinuxSambaServer.aspx
http://www.centralcommand.com/Products/VexiraforMailServers.aspx
http://www.f-prot.com/download/home_user/download_fplinux.html
http://www.avast.com/linux-home-edition
http://www.avast.com/linux-unix-edition
http://www.sophos.com/en-us/products/endpoint/endpoint-security-and-data-protection/components/anti-virus-protection/linux.aspx?utm_source=Non-campaign&utm_medium=AdWords&utm_campaign=NA-AW-Linux
http://www.ca.com/us/Support/gsa/Virus-Info/Virus-Signature-Updates/eTrust-Antivirus-7x-for-UNIX-and-Linux.aspx
http://www.pandasecurity.com/homeusers/downloads/desktopsecure/
http://www.pandasecurity.com/enterprise/solutions/
http://www.pandasecurity.com/enterprise/solutions/commandline/
http://free.avg.com/us-en/download.prd-alf
http://download.bitdefender.com/repos/

NERC requirement as well, McAfee A/V on old Linux by Anonymous Coward · 2011-05-02 06:01 · Score: 0 · on Tasmanian Dept. of Education Wants Anti-Virus for Linux, OS X

NERC, in charge of all the power regulations in the US under FERC, requires A/V as well in CIP-007 R4. In fact, it is required for anything that is "cyber" (which means anything with an IP address). Got a networked printer, switch, router, firewall which cannot have A/V? Get ready to file a bunch of paperwork (known as a TFE), yearly, and prove that the vendor says you cannot get A/V for it. Better to install a dumb unmanaged switch or non-networked printer (share it via a workstation) so you can avoid paperwork.

McAfee VirusScan Enterprise for Linux works on RHEL5.5. However, McAfee recommends not running it on RHEL5.6 (although our testing has found no problems and we're not using NFS in our NERC areas, but we'd be officially unsupported by McAfee). It will not work on RHEL6 or any of the newer Fedora 13+ releases.

Don't go off the beaten trail and expect support either. Oracle Enterprise Linux is based significantly on RHEL, but yet McAfee won't support OEL.

I'm not sure what all the requirements are some folks may have, but I use ClamAV just so I can say I have some A/V on my desktop and laptop and so I can scan USB devices that others may ask me to check.