Slashdot Mirror

← Back to Stories (view on slashdot.org)

McAfee's Website Full of Security Holes

Posted by Soulskill on from the par-for-the-course dept.

Julie188 writes "The McAfee.com website is full of security mistakes that could lead to cross-site scripting and other attacks, researchers said in a post on the Full Disclosure site on Monday. The holes with the site were found by the YGN Ethical Hacker Group, and reported to McAfee on Feb. 10, YGN says, before they were publicly disclosed to the security/hacking mailing list. Embarrassing? Yes, especially given that the company aggressively markets its own McAfee Secure service that is supposed to assure consumers that McAfee has scanned a website and found it to be safe."

4 of 114 comments (clear)

  1. Your own dog food... by Locke2005 · · Score: 4, Insightful

    Eat it!

    --
    I've abandoned my search for truth; now I'm just looking for some useful delusions.
  2. Re:minor by sconeu · · Score: 5, Insightful

    most of the staff at McAfee, as with all other big companies, aren't security experts

    But the thing about McAfee is that they *do* market themselves as "security experts". Therefore they should be held to a higher standard.

    --
    General Relativity: Space-time tells matter where to go; Matter tells space-time what shape to be.
  3. Re:Mod parent up! by jackdub · · Score: 4, Insightful

    Quis custodiet ipsos custodes?

  4. Misdirection by SuperKendall · · Score: 2, Insightful

    How do you know the McAfee home page is not one giant honeypot? After all they know hackers will be going after them. That's what I'd do if I were them...

    --
    "There is more worth loving than we have strength to love." - Brian Jay Stanley