Slashdot Mirror

← Back to Stories (view on slashdot.org)

Security Vendor McAfee to Pay $50 Million Fine

Posted by Zonk on from the do-the-crime-pay-the-fine dept.

goombah99 writes "RedHerring.com reports that Security Vendor McAfee has agreed to pay a fine of fifty million dollars stemming from false SEC filing. McAfee cooked its books, overstating its revenues one year by 131%, or half a billion dollars. The method employed was 'channel stuffing' in which compliant re-sellers are effectively paid to buy and hold inventory they may never sell. The shipped goods are booked as revenue and the payments disguised in the books. When it caught up with them, McAfee's stock price crashed, wiping out a billion dollars of shareholder capitalization. The story quotes an analyst saying this maybe the swan song for the once dominant vendor."

29 of 229 comments (clear)

  1. Oh, what a... by Bin_jammin · · Score: 5, Funny

    disappointment. After they're gone, I'm sure it'll only be another twenty years before I stop seeing customers' boxen with Macafee's anti-virus expired demo notification popping up every time I touch it. Maybe they should have given away more nagware, that might have helped.

    1. Re:Oh, what a... by donnyspi · · Score: 4, Insightful

      I see plenty of Norton demo expiration alerts appear on computers I fix. I think it's misleading and annoying to have virus protection expire after 90 days of use. I've seen plenty of people who see that Norton or McAfee is still on their system so they think they're protected. Of course, the responsibility of wise computer use should be that of the user, but let's face it, most users don't know much anyway and having their anti virus expire on them just confuses them more.

    2. Re:Oh, what a... by scronline · · Score: 4, Interesting

      Well, that's funny. I don't see ANY nagware out of mcafee and that's part of the problem. I see it updating whenever it's an active subscription, but after that it just doesn't do anything. This is the online/newest version not the old stuff that did nag all the time. The problem I see with McAfee is everything is all online. While that's a good way to do it, customers sign up, then change ISPs, then change ...., and a year later they don't remember what information they used for online registration. The client doesn't even show their email address used so you have to take guesses at it. In several cases they have to buy a brand new AV client simply because they don't have access to the old email address.

      Furthermore, I've had cases where their antivirus would keep the anti-spam from working and thus mail would never get delivered. It would just sit there fighting each other. Let's not even talk about the thousands of machines that come into my shop that won't even boot because McAfee is damaged. Boot into safe, uninstall McAfee and the system will boot properly.

      I don't disagree that you would see McAfee for years after it's gone (by whatever method), but that's partly because of the poor way they keep the customer informed and handle the account/licensing. Their products are in desperate need of a complete revamping. I even get about 300 "spam from your network" emails because of their crap client a day. Not a single one of them come from my ISP, they just spoof an email address on domains run/hosted by us or spoof our domain in the EHLO statement.

      That's not to say Symantec is any better. Up until the 2006 version I was pleased with Norton, but now it's just so in your face that you have to wait 5 minutes after boot up before really doing anything because of a popup screen that says "Norton is up and working properly" kind of crap and will sit there for 30 seconds or until you physically close the window yourself. I've had quite a few times their stupid little popups gets right in my way, or even kicked me out of a game I was playing

      Mainstream AV is too intrusive (but I can understand why since users just keep ignoring what it's saying) and in several cases ineffectual. They are all bringing a false sense of security and allow users to think they don't still have to follow good security on their own like....I don't know....not opening email attachments they aren't expecting.

      On that note, I'll bet money on the fact that more than 70% of the computers that were infected with the most recent outbreak of the sober virus were all computers purchased with McAfee OEM with only 90 days of service and probably half of those weren't even activated the other half were unknowingly (or uncaring) expired. Gotta love it when OEMs use McAfee as the default OEM product by default.

      The thing to remember about nag screens, they are there for a reason. Users always "oh, I just clicked close on that" and then complain about "why do I get viruses", "why do people do that", "is there anything I can do to go after these people?", and my personal favorite "what can I do to keep this from happening again?".

    3. Re:Oh, what a... by SatanicPuppy · · Score: 3, Interesting

      I wasn't happy with Norton 2k4, but it was Norton 2k5 that really made me lose it. Resource hogging, constant badgering. I had the damn software running on a machine that was pretty well protected anyway, so the intrusiveness of it was infuriating.

      I've noticed when people have the fancy Norton Security Suites installed, they tend to disable them because it makes it too annoying to browse the internet, for example. You get psychotic firewall notifications every few seconds, and it doesn't really remember what applications are safe, so it bothers you over and over for the same damn program.

      It's that funny thing with security...The best security is so restrictive that people ignore it and disable it whereever possible...Like requiring 10 digit passwords, changed monthly...those damn things are always written on a sticky, stuck under the keyboard.

      --
      ad logicam Claiming a proposition is false because it was presented as the conclusion of a fallacious argument.
    4. Re:Oh, what a... by Slime-dogg · · Score: 4, Informative

      After reading up on the whole thing, McAfee did the funky accounting in the period from 1998 to 2000, and had $50m laying around, "reserved" for when they'd need it to pay the fine. I don't think that McAfee is really going anywhere any time soon.

      --
      You need to restart your computer. Hold down the Power button for several seconds or press the Restart button.
    5. Re:Oh, what a... by DrEldarion · · Score: 3, Funny

      When I was just a boy, Norton AV killed my father. I will never forgive it! NEVER!

  2. wtf? by User+956 · · Score: 5, Funny

    This is reminiscent of Enron's mark to market accounting, wherein you basically determine the real market asset value, then you just make up a bunch of shit.

    --
    The theory of relativity doesn't work right in Arkansas.
    1. Re:wtf? by Jerry · · Score: 3, Informative
      They started early in their career and never stopped these kinds of tactics:
      http://www.billparish.com/msftfraudfacts.html

      Financial Pyramid Building Techniques Being Used by Microsoft:

      "Stock option programs are an excellent benefit and many companies use them responsibly. At Microsoft, however, stock option accounting is only one of its many pyramid building techniques, what could be called a cash generating component. Additional pyramid building techniques include the following. It is important to note that the genius of the pyramid scheme is to leverage share growth from investors using a passive investment approach based upon indexing to the S&P 500. Most smaller and mid size technology firms are not in the S&P 500 and therefore are locked out of this key aspect of the pyramid from the beginning. ..."


      and there's more. This accountant outlines 12 things Microsoft did and then describes the effects on our economy of those 12 things.

      --

      Running with Linux for over 20 years!

  3. Fines are not enough by 110010001000 · · Score: 5, Interesting

    Fines are not enough and hurt shareholders more than those who are responsible: the executives. The true punishment should be fines and jail time for the COO, CFO, CEO and all the other Cx0's. What does fining a company do except bleed the shareholders?

    1. Re:Fines are not enough by corbettw · · Score: 4, Insightful

      Dude, the whole function of the corporation as we know it is designed as such to shield individuals from direct legal action. That's why they're so popular.

      Dude, you don't know what the hell you're talking about. Corporations shield their owners from bankruptcy and civil courts (to an extent). They do not shield the officers of those corporations from criminal charges. Just ask Enron Chief Accountant Richard Causey, who's serving seven years in jail for his role in the corporation's implosion. His old bosses, Ken Lay and Jeffrey Skilling, are about to get their day in court in the next few months, too. If they can find an impartial jury, that is (if they're smart, they'll try to plead out, but if they were smart they wouldn't have cooked the books in the first place...but that's another story).

      I don't know where this myth of corporations protecting people who out-and-out break laws came from, but it's not in the least bit grounded in reality. The cases where corporate executives get away with murder, figuratively and literrally, have more to do with state corruption than the legal fiction behind the "corporate veil". The infamous Union-Carbide tragedy was as much an exemplar of the corruption in certain parts of the Indian government as it was the amorality of company officials.

      --
      God invented whiskey so the Irish would not rule the world.
    2. Re:Fines are not enough by Reducer2001 · · Score: 3, Insightful

      As far as I can tell, SOX only causes pain and suffering to IT and accounting departments, and does not actually prevent executives from doing anything wrong. (IMHO as a low-level network flunky as part of a publicy-traded company)

      --
      When you get to hell -- tell 'em Itchy sent ya!
  4. One of the oldest by IAAP · · Score: 4, Funny
    accounting tricks.

    The method employed was 'channel stuffing' in which compliant re-sellers are effectively paid to buy and hold inventory they may never sell.

    I think there should be class in 'B' school called, "Accounting Tricks That Get You In Trouble with the Law: You're not as smart as you think you are."

    1. Re:One of the oldest by rmjohnso · · Score: 3, Insightful

      Actually, auditing is NOT fraud detection. The following wording is taken from a standard audit opinion letter:

      http://www.dsbcpas.com/services/accounting/audit/o pinionaudit.html

      Notice that fraud is NOT included in the opinion. The idea of fraud is to go undetected, and you cannot audit for collusion. Therefore, unless the environment suggests fraud is taking place, fraud is discovered by the company or auditor in the normal course of operations or the audit, or if the company reports to the auditor that fraud is taking place, it is extremely difficult to audit for fraud, if not impossible.

      The following link is to the auditing standards by the AICPA
      http://www.aicpa.org/members/div/auditstd/auditing _standards.htm
      See:
      SAS 1 - Responsibilities and Functions of the Independent Auditor
      SAS 99 - Consideration of Fraud in a Financial Statement Audit

      --
      "Extremism in the pursuit of liberty is no vice. Moderation in the pursuit of justice is no virtue." --Barry Goldwater
  5. if they're that corrupt by Ender+Ryan · · Score: 4, Interesting
    If they're corrupt enough to fuck their shareholders like that, I wonder what other lengths they're willing to sink to. Eg., I wonder if any of the anti-virus vendors actually create viruses themselves, so they can get one up on the competition by having the virus definitions already complete.

    I'm not making any accusations, of course, just food for thought. But, with all the corruption in corporate America these days, I'd actually be surprised if something like that hasn't taken place in at least one of the major firms.

    --
    Sticking feathers up your butt does not make you a chicken - Tyler Durden
    1. Re:if they're that corrupt by Monte · · Score: 3, Interesting

      I wonder if any of the anti-virus vendors actually create viruses themselves, so they can get one up on the competition by having the virus definitions already complete

      Not a new theory... IIRC back in the day AV companies would pay a "bounty" if someone came up with a new virus they (or their competition) hadn't seen yet. Thus making it tempting for some one to create a "virus" that may never actually get into the wild, but would score some bounty cash.

      Then company "M" could claim to scan for this new "BooBooWooWoo strain 42" before company "N" did, implying their software was better for it.

  6. Microsoft Rescue? by bagboy · · Score: 3, Insightful

    Seeing as how they (MSFT) are playing the anti-spyware role, maybe McAfee is ripe for a MSFT buyout and integration with Vista?

  7. 50 million fine for a 500 million dollar fraud? by Anonymous Coward · · Score: 5, Insightful

    No wonder corporate fraud is so popular. Even if you get caught, the cost is less than the benefit.

    This will continue until a lot of these people end up in prison for a few decades.

  8. Wonder how this was picked up by kalpol · · Score: 3, Interesting

    Since Sarbanes-Oxley has only been in effect since last fiscal year, I wonder if this was caught during a SOX audit or it just got outed on its own.

    --
    12:50 - press return.
  9. WTF? by Quixote · · Score: 4, Interesting
    When it caught up with them, McAfee's stock price crashed, wiping out a billion dollars of shareholder capitalization.

    If I cause damage worth X dollars, you can bet your ass that I will be forced to repay the amount. And yet these guys get away with paying a nickel per dollar? Shouldn't they be forced to compensate the shareholders for their losses? Take it out of the paychecks of all of the top executives! Throw some in jail! At the very least, take back the money these executives made due to the artificially high price.

  10. System Scan Results: by doit3d · · Score: 3, Funny

    ....16,284 files scanned. Warning! Unknown file found: CookBooks.exe Do you wish to Quarantine or Delete?

    --
    "This is America... where the will of the few outweigh the outrage of the many..." - Unknown
  11. Honest mistake... by Andrewkov · · Score: 5, Funny

    I hear this was caused by an Excel Marco virus, only McAfee was to embarrased to admit it.

  12. Wait just a minute by Luscious868 · · Score: 4, Funny
    Fines are not enough and hurt shareholders more than those who are responsible: the executives. The true punishment should be fines and jail time for the COO, CFO, CEO and all the other Cx0's. What does fining a company do except bleed the shareholders?

    Hey, wait just a second. Leave the poor CTO out of it :-)

  13. Swan Song? by Bob(TM) · · Score: 4, Informative

    Apparently, I missed the analyst gloom/doom forecast. I did see this:

    Analysts said the settlement would close a chapter in McAfee's history and let the company focus on its market, which is expected to heat up this year with the entry of Microsoft.

    Here's their finance info on Yahoo. They seem to have a $4.73B market cap and are currently dead center of their year stock price range.

    Doesn't seem that damaging to them, actually - though they are in for a tough scrap when MSFT gets in the act.

    --

    The little guy just ain't getting it, is he?
  14. well, that's easy... by Saib0t · · Score: 4, Informative
    what interests me is what norton/symantec is going to do, now that (one of) their biggest competitors is in such a position.
    Norton/Symantec are now going to do what every good corporation does nowadays.. .. try and find another method to cook their own books since this method seems to be flawed...

    Me, cynically...

    --

    One shall speak only if what one has to say is more beautiful than silence
  15. Re:Yes, it is what Enron did. by rmjohnso · · Score: 3, Informative

    Off-Balance Sheet Entities:
    http://executivecaliber.ws/sys-tmpl/offbalanceshee tfinancing/

    http://www.investopedia.com/articles/analyst/02200 2.asp

    http://www.investopedia.com/articles/stocks/04/102 004.asp

    --
    "Extremism in the pursuit of liberty is no vice. Moderation in the pursuit of justice is no virtue." --Barry Goldwater
  16. Re:Yes, it is what Enron did. by GuyverDH · · Score: 5, Funny

    It appears that they may have actually been implementing more than one bad accounting practice.

    Why limit yourself to just one.

    --
    Who is general failure, and why is he reading my hard drive?
  17. SENSATIONALISM by GodLived · · Score: 5, Informative

    This story is being spun into sensationalistic crap. The story is, the fine is being levied by the SEC for, and I qtfa, "securities fraud ... during the period between 1998 and 2000." I used to work for McAfee, and I want to educate the community.

    All of what you know as McAfee used to be called Network Associates up until about 2004. It was formed in 1998 by a massive buy-up of various software firms, including Network General and McAfee Associates - hence the name, "Network Associates." During this reign, the CEO committed the fraudulent acts, including the channel stuffing as indicated, and was eventually fired in 2000 or 2001 for fraud. The new CEO, George Samenuk, took over and has since been credited with turning the company around, reestablishing the McAfee brand identity, focussing on the core products, cutting loose various deadwood (including, unfortunately, the research group that I worked for), and returning the company to legitimate profitability. At an all-hands (the one time Samenuk braved a visit to us research dweebs), he explained that the old regime consisted of "crooks," and that he vowed to be forthright with the SEC and do his personal best to fly straight. To my knowledge, he has done a good job of that ever since.

    This fine being reported today is a result of the SEC, acting in good government swiftness, merely enforcing a punishment for deeds done in the past, under different leadership. Take this news as no indication of the current state of the company or its leadership, but view it merely as a capstone to an unfortunate period in McAfee's history.

  18. That explains that math by kalbzayn · · Score: 3, Funny

    Now I understand why their software used to tell my computer it had two viruses but could never do anything about them. The software was following the coorporate policy of overstating results.

  19. Welcome to earth by kahei · · Score: 3, Interesting


    Shouldn't they be forced to compensate the shareholders for their losses?

    No. No, they shouldn't. The shareholders bought the stock hoping it would go up. It went down. The shareholders factored in various kinds of risk -- market risk, credit risk, compliance risk. Looks like they should have allowed more for compliance risk in this case, but that's life.

    Are you suggesting that whenever a stock goes down because of human stupidity/greed/malice, investors who were holding it at the time should be compensated?

    What about when a stock goes up? Should investors with short positions, be compensated?

    Who should do the compensating? I don't think McAfee has that kind of money now.

    I think it might be a lot simpler and fairer to just expect investors to take responsibility for their own investments.

    I also think that it's pretty fucking sad that the above is no longer intuitively obvious to everyone.

    --
    Whence? Hence. Whither? Thither.