Slashdot Mirror

← Back to Stories (view on slashdot.org)

McAfee Uses Web Beacons That Can Be Used To Track Users, Serve Advertising

Posted by timothy on from the keeping-some-tabs-on-you dept.

An anonymous reader writes: A test of seven OEM laptops running Windows has shown consistent privacy and security issues, including an interesting revelation that the McAfee Antivirus running on six of them is using web beacons to serve ads and possibly even track users online. The seven laptops – Lenovo Flex 3, Lenovo G50-80 (UK version), HP Envy, HP Stream x360 (Microsoft Signature Edition), HP Stream (UK version), Acer Aspire F15 (UK version), and Dell Inspiron 14 (Canada version) – have been tested by the security research team of Duo Security by simply sniffing the traffic sent from and to them once they have been taken out of the box, plugged in, and connected to a network.

73 comments

  1. AVs are back to being actively harmful by sinij · · Score: 5, Insightful

    Unhappy with being merely ineffective, AV products are back to being actively harmful for the user.

    1. Re:AVs are back to being actively harmful by tatman · · Score: 1

      I suppose we shouldn't be surprised by this. It's all about revenue and nothing else matters when it comes to big corporation behavior. I have no problem that a business is in the business for $. I do have a problem when the $ means more than integrity.

      --
      I've always said English was my second language. Had Romeo and Juliet been written in C, I might have understood it.
    2. Re:AVs are back to being actively harmful by Anna+Merikin · · Score: 1

      I forget who said it -- might have been Peter of the Peter Principle -- "Everything which can be done will be done."

      It might have been a corollary to his famous law.

    3. Re:AVs are back to being actively harmful by MightyMartian · · Score: 2

      I'm not clear. When is it exactly that there weren't being actively harmful?

      --
      The world's burning. Moped Jesus spotted on I50. Details at 11.
    4. Re:AVs are back to being actively harmful by ThatsNotPudding · · Score: 1

      Unhappy with being merely ineffective, AV products are back to being actively harmful for the user.

      They're just trying to keep up with (most) OSes.

    5. Re:AVs are back to being actively harmful by davester666 · · Score: 1

      Then you have a problem with America and capitalism. The $ is more important than anything else.

      --
      Sleep your way to a whiter smile...date a dentist!
  2. Seems to be more and more by Anonymous Coward · · Score: 2, Interesting

    prevalent, these "security" apps, companies, whatever, actually straddling the fence, as it were. Ghostery and ABP are but a couple that serve two masters. At present, the only software I trust is uBlock Origin. In the end, I think people will either have to roll their own or there needs to be a public, open source project whereby transparency is the order of business. The Cold War with ad companies and ad blockers has started, and I, for one, will not allow ads on machines I control, either at home or at work.

    What I've been thinking is similar to what some of us did when Flash was still prevalent. I symlinked .adobe and .macromedia to /dev/null and by doing this, I was able to view Flash content without the hassle of LSOs/DOM worry. The website thought it was writing to disk and all was well. I'd like to extrapolate this idea out to ads/tracking cookies/beacons/bad Javascript and simply write this nonsense to /dev/null. I believe this is possible, but my programming skills extend to Bash and Perl scripting only.

    Any thoughts?

    Captcha: Sorcery

    1. Re:Seems to be more and more by LichtSpektren · · Score: 2

      Just use open source things and make sure you skim through the source code to make sure there's no shit like this to be found.

    2. Re:Seems to be more and more by invictusvoyd · · Score: 3, Insightful

      skim through the source code to make sure there's no shit like this to be found.

      Seriously?

    3. Re: Seems to be more and more by Anonymous Coward · · Score: 0

      So far, there hasn't been any reported issues or conflict of interest with either ABP or Ghostery. There is nothing special about ublock origin other than maybe less cpu utilization. I simply don't understand this misguided agenda against adblock plus.

      -imprezza86

    4. Re:Seems to be more and more by PolygamousRanchKid+ · · Score: 1

      I guess you've never heard of the infamous Ken Thompson Hack: http://c2.com/cgi/wiki?TheKenT...

      Skimming through the source code is not enough. However, using Open Source enables a bunch of eyes to review the code.

      --
      Schroedinger's Brexit: The UK is both in and out of the EU at the same time!
    5. Re: Seems to be more and more by pla · · Score: 1

      They take money in exchange for "acceptable ads". There are no acceptable ads for people like me

      So turn them off - As simple as ticking off a checkbox. And if you find some still sneak through, you can manually add rules to block those. Don't blame ABP for your own laziness.

      As for Ghostery, they fill a slightly different niche, but the way I see it, "still better than nothing". I'll take 99% tracker blocking over 0%.

    6. Re: Seems to be more and more by Grishnakh · · Score: 1

      Why would I want to waste time with manually adding stuff when I can just install uBlock Origin, which is made by people who agree with me that there's no such thing as an "acceptable ad" that only become "acceptable" because they paid someone off?

      Hey, if you like supporting payola, why don't you just say so?

    7. Re:Seems to be more and more by Frosty+Piss · · Score: 3, Insightful

      However, using Open Source enables a bunch of eyes to review the code.

      That something can happen doesn't mean it does happen. In fact, very little Open Source other than high profile code, gets "reviewed" by anyone knowledgeable enough to know what they are looking at, other than the authors themselves.

      --
      If you want news from today, you have to come back tomorrow.
    8. Re: Seems to be more and more by cfalcon · · Score: 1

      Just use ublock origin. It blocks ads with no drama. The only acceptable ad is a dead ad.

    9. Re:Seems to be more and more by spire3661 · · Score: 2

      We know. Many eyes still creates a possibility space not available in closed source. None of us claims its perfect, its just another avenue.

      --
      Good-bye
    10. Re: Seems to be more and more by Anonymous Coward · · Score: 0

      I have replaced ABP with uBlock Origin on all computers, but there's nothing wrong with ABP since you can just uncheck the acceptable ads box.

    11. Re: Seems to be more and more by Anonymous Coward · · Score: 0

      Firstly, I'm not lazy. I don't use ABP. I use uBlock Origin with almost every filter enabled. ABP serves two masters. They are guilty of enabling the ad industry by allowing "acceptable ads". There are NO acceptable ads to people who don't want them. I want pure content and that's what I see. As an IT guy who deals with security issues daily, it's best to eliminate them. I turned on the adblocking on our Palo Alto firewall at work and we have seen almost no malware since. It also saves us bandwidth. In addition, machines under my charge run uBlock Origin. People appreciate a sanitized Internet experience.

      I will continue to block ads, tracking beacons, you name it. The Cold War between the people and the advertisers is only beginning to ramp up, and I for one, look forward to it.

    12. Re:Seems to be more and more by I4ko · · Score: 1

      Dunno, I do have some thoughts I'm pretty happy going BSG style with my computers. Only one needs to be connected to internet. Behind a NAT running only Virtualbox under Linux; Virtualbox is running only a single VM configured with immutable harddrive - MS appcompat IE 11 on Win 7 (directly from MS http://modern.ie./ Every web page I visit is in separate vm. I kill the VM after I am done with the web page, and nothing remains on its disk. Other services that make sense to use are IRC and some usenet. the Web is place I no longer want to be, especially AJAX, WebRTC, WEBGL, and such. You simply don't need those. All the content is crap, the valuable resource are people interactions, and a ham radio will do better than facebook these days.

    13. Re: Seems to be more and more by Anonymous Coward · · Score: 0

      Assuming we have the time to skim the millions of lines of code on our systems and to reskim the code at every update, we know all languages the code is devloped in, and that there are no obfuscation techniques used this sounds like a simple task.
      Heck it's so easy why not try to automate it, wait it's already been tried and they failed. So you think we are all smarter than devlopers who actually know their **** yet still can't figure out how to do this.

  3. And still people wonder why I always uninstall AV by xxxJonBoyxxx · · Score: 3, Interesting

    And still my friends and relatives wonder why one of the first things I do when I "clean their computer" is delete crap like McAfee, Norton or whatever other third-party AV suckerware is living on their machines.

  4. A more important question ... by scunc · · Score: 0

    Are these ads promoting John McAfee's presidential campaign by any chance?

    1. Re:A more important question ... by Grishnakh · · Score: 1

      Not likely. This is from McAfee Software (a division of Intel), which John McAfee has no control or ownership of.

      Also, John McAfee has publicly stated that McAfee software is "the worst software on the planet". If the guy it's named after says it's total crap, that should tell you something.

      Usually, when I bring this up, some naÃve moron replies with some idiotic response about how John doesn't know anything about current McAfee software, some BS about brand value, etc. Obviously, as we can see from this article, John was right all along: this software IS crap, and it's downright malware.

    2. Re:A more important question ... by MightyMartian · · Score: 2

      Obviously John has never used Norton's fine products.

      --
      The world's burning. Moped Jesus spotted on I50. Details at 11.
  5. Anybody still... by FaxeTheCat · · Score: 1

    ...use McAfee? Wow...

    1. Re:Anybody still... by CimmerianX · · Score: 2

      IT comes preinstalled on alot of machines. Its something I remove when de-crapifying any new system.

    2. Re:Anybody still... by castionsosa · · Score: 3, Insightful

      It is one of the few AV products that runs on Linux, Solaris, and AIX. Not that LPARs or LDOMs will be getting viruses anytime soon, but it is necessary for making the legal eagles happy and checking the "all machines, logical and physical, have AV running on them" box.

      It is far easier to just toss McAfee on there than to try to explain or write exceptions to an auditor.

    3. Re:Anybody still... by MightyMartian · · Score: 2

      Nowadays we just reimage new equipment. We don't even bother removing it. We have vanilla Windows images with the software needed and that's what goes on. The idea of spending any time removing the shit that Toshiba, Lenovo and the rest of them throw on the computers is a useful activity is long gone now.

      --
      The world's burning. Moped Jesus spotted on I50. Details at 11.
    4. Re:Anybody still... by Anonymous Coward · · Score: 0

      That may work at the office and in the plant, but it doesn't do shit for the millions of personal users.

    5. Re:Anybody still... by MightyMartian · · Score: 1

      I can do the same thing at home. I grab an OEM install ISO, gather all the drivers, and reinstall. It's a bit more of a pain, but operating systems are getting better suites of built in drivers all the time.

      --
      The world's burning. Moped Jesus spotted on I50. Details at 11.
    6. Re:Anybody still... by Chelloveck · · Score: 1

      I can do the same thing at home. I grab an OEM install ISO , gather all the drivers, and reinstall.

      Oh? Where does a technically competent but non-computer-professional find an OEM install ISO?

      --
      Chelloveck
      I give up on debugging. From now on, SIGSEGV is a feature.
    7. Re:Anybody still... by Anonymous Coward · · Score: 0

      Just buy Microsoft signature edition from the MS store. Done

    8. Re:Anybody still... by Anonymous Coward · · Score: 0

      HP has all the crap in their restore images. Though if you edit the scripts on your recovery partition you can clean it up

      Capthcha: Bludgeon

    9. Re:Anybody still... by omnichad · · Score: 1

      Windows Media Creation Tool

      And for Windows 8.1 too

      You're out of luck for Windows 7 if you're not halfway expert. You have to convert a standard Windows 7 ISO to Universal or acquire a premade one and use the OEM key from the sticker.

    10. Re:Anybody still... by Chelloveck · · Score: 1

      Huh. I had no idea! Thanks, that looks like it might be very useful!

      --
      Chelloveck
      I give up on debugging. From now on, SIGSEGV is a feature.
  6. Argh,,,, too tired this morning. by mark-t · · Score: 1

    I read "beacons" as "bacon". And went, like, "huh?"

    Oh how I truly hate daylight savings time.

    --
    File under 'M' for 'Manic ranting'
  7. McAfee is owned by Intel by LichtSpektren · · Score: 1

    Inspires a lot of confidence in all those nifty new features of the Intel Skylake CPUs, eh?

    1. Re:McAfee is owned by Intel by Anonymous Coward · · Score: 0

      I just completed a stint at Intel in the Bay Area and yes, they forced macafee on us all. Not only that, but they forced the drive encryption stuff on us and it makes to pick a password that is close in length to the war-and-peace book. Damn.

      My i5 laptop at Intel was so bogged down with antivir crap, it performed like a pentium-3. I kid you not!

      Clues: Intel is in dire need of them. Oh, and I saw plenty of win10 systems deployed inside Intel, too. That also highly surprised me.

  8. And people wonder why I run Linux by AntronArgaiv · · Score: 4, Insightful

    At this point, my favorite reply is "Look, it doesn't suck any worse than Windows."

    And.. no antivirus, no unexpected updates changing system configuration, no "defective by design" security issues, and on and on.

    Linux isn't perfect, but it does 95% of what I need to do, and I have a VirtualBox VM with XP loaded to do the rest. And with Microsoft and friends (like McAffee) shooting themselves in the foot every chance they get, Linux is becoming a better choice every day.

    1. Re:And people wonder why I run Linux by invictusvoyd · · Score: 1

      defective by design

      There are now .

      Clue: Know that fella who worked on ALSA?

    2. Re: And people wonder why I run Linux by Anonymous Coward · · Score: 0

      And I'm sorry but no cares that you run a Linux based OS when users need to run Windows for their software needs. The only benefit of Linux is the less than 2% market share. If and I mean a big if, somehow a Linux based OS finally gains serious market share then the hackers will start to attack it's vulnerabilities.

      -imprezza86

    3. Re: And people wonder why I run Linux by Anonymous Coward · · Score: 0

      I don't understand this train of thought that says vulnerabilities scale with marketshare. Regardless of the fact that Linux has a small DESKTOP marketshare, it has fewer and less severe holes than Windows. Period.

    4. Re: And people wonder why I run Linux by cfalcon · · Score: 1

      > The only benefit of Linux is the less than 2% market share.

      People said this when Windows had spy and monitor services listening to the naked internet, that got whole boxes owned.
      People said this during the shit festival than was Internet Explorer.
      People said this when Windows had every user running as admin.
      People said this when Windows was the only guy on the block not using ASLR.

      Now they say it in a world where Windows lacks SE Linux level security entirely, in a world where much of the code is still written with a plug-n-chug factory mentality, in a world where critical code is kept hidden for competitive reasons- and most importantly, in a world where Windows boxes are routinely malicious piles of shit, and almost nothing else is.

      Talk about marketshare all you like, Windows has been a total pile of shit on security and always fucking will be. At this point it would take like twenty fucking years of flawless performance to reverse this well deserved reputation. It's never been safe, it's not safe now, but Windows users will put up with ANYTHING- and then rationalize it, lol.

    5. Re:And people wonder why I run Linux by AntronArgaiv · · Score: 1

      There are now .

      Clue: Know that fella who worked on ALSA?

      I didn't say Linux was free of security issues. But Linux packages typically have unused ports closed by default, compared to Windows' "leave 'em open" approach. I'm not comfortable trusting Microsoft to do what's right, security-wise. I feel better with Linux.

      I'll be the first to admit, Linux isn't for everyone. But I just can't count on Windows any more...you never know what Microsoft is going to do to you.

    6. Re: And people wonder why I run Linux by Anonymous Coward · · Score: 0

      Parent was saying that interest in finding and exploiting vulnerabilities scales with market share.

  9. Re:And still people wonder why I always uninstall by AntronArgaiv · · Score: 1

    At work, we use Malwarebytes. And the IT guys are fairly savvy, so I'm guessing it's a bit better than the "old guard" AV products.

  10. McAfee really? by ole_timer · · Score: 1

    Who uses that crap?

    --
    nothing to see here - move along
    1. Re:McAfee really? by invictusvoyd · · Score: 1

      Botnet pawns

  11. Firewall by Anonymous Coward · · Score: 1

    This is why you also need to install McAfee Firewall!

    1. Re:Firewall by ole_timer · · Score: 1

      block all things mcafee - I like it!

      --
      nothing to see here - move along
  12. Re:And still people wonder why I always uninstall by TheGratefulNet · · Score: 1

    at my last 'windows based' job, they also insisted on malware bytes. the admins tended to be clueful there, too. so maybe there's something to it.

    at home, though, I refuse to run them. I refuse to run windows7 update and have deinstalled all bad updates.

    backup and restore is my new friend. that, and avoiding doing anything online with windows, as much as I can.

    antirvir is not useful for techies and its more trouble than its worth.

    --

    --
    "It is now safe to switch off your computer."
  13. WIPE by Anonymous Coward · · Score: 2, Insightful

    And thats why if i buy hardware (phone/laptop/tablet/pc) the very first thing i do is WIPE it. Not uninstall , WIPE !!!! ;)

    1. Re:WIPE by castionsosa · · Score: 1

      Depends on what the product is. Enterprise level desktops, if I have time, I like running a Linux CD boot to zero out HDDs or blkdiscard -s SSDs, then PXE booting the desktop so it can load an image. This way, I'm sure no data is present that shouldn't be there.

      Personal stuff, same thing. However, I use an imaging utility (Ghost, CloneZilla) to save the contents of the original HDD off, as there might be a driver on the original OS load that isn't available for downloading. Then, the SSD gets completely trimmed, and I install the OS from scratch. Even Macs, I zero out the storage, then boot El Capitan from a USB flash drive, so I know the machine is clean.

  14. Re:And still people wonder why I always uninstall by CimmerianX · · Score: 1

    When I managed my old company network, I used malware bytes also. There's no money to be made destroying your PC, only in controlling it.

    I used a host file per machine to block sites and GPOs to lock down the user's temp dirs so no EXEs could be run from there (mostly for the crypto infections.

    Other than that, if a person ever got infected, the machine was immediately imaged back to its weekly image. That threat kept people from risky clicks more than anything else.

  15. John McAfee himself said it by gizmod · · Score: 1

    Responding to a question in a Reddit AMA, the self-described eccentric millionaire said: "McAfee is one of the worst products on the f**king planet."

  16. Duct Tape solves everything by houghi · · Score: 1

    I just put a tape over my camera. If I were less lazy, I would desolder the camera and the microphone. I have never ever had a use for them anyway.
    For now duct tape is good enough.

    --
    Don't fight for your country, if your country does not fight for you.
  17. Re:And still people wonder why I always uninstall by Anonymous Coward · · Score: 0

    At work, I took the liberty of blocking ALL advertising at the firewall level since our Palo Alto firewall has this feature. I saw a dramatic drop in malware. I'm sold on blocking all ads now and I do. Every machine under my charge runs uBlock Origin. At home I also block at the router as well as on local machines. Pure content is a beautiful thing.

  18. The question is by perryizgr8 · · Score: 1

    Why the fuck would you buy a signature edition laptop and proceed to install Mcafee on it, thereby ruining it completely? One can only be so stupid, right? Right??

    --
    Wealth is the gift that keeps on giving.
  19. the type of person... by Anonymous Coward · · Score: 0

    ...who leaves something like McAfee installed on their system is not the type of person who knows or cares about being tracked across the web

  20. simple solution by Anonymous Coward · · Score: 0

    Built-in Windows Defender + EMET (latest at all times) + automatic updates = problem solved

    Consumer AV products just build the threat intelligence feeds for the enterprise customers to buy. Charging at both ends; what a racket.

  21. So uninstall McAfee and install Windows Defender? by Chas · · Score: 1

    HA! Thought they were serious for a minute.

    What? What do you mean it's not April 1st?

    Recommending Windows Defender is like suggesting someone bare-ball it across the net.

    --


    Chas - The one, the only.
    THANK GOD!!!
  22. Built-in protection by JustAnotherOldGuy · · Score: 1

    So...how long before McAfee advertises that it'll protect you against itself?

    "New McAfee 10, with Advanced Protection Against McAfee 10!"

    --
    Just cruising through this digital world at 33 1/3 rpm...
  23. Another file under "john McAfee is full of it" by Anonymous Coward · · Score: 0

    *struggles to close filing cabinet drawer*

  24. Best anti-virus to use? by Anonymous Coward · · Score: 0

    So what is the best to use then?

  25. Anybody who knowingly uses McAfee software by Anonymous Coward · · Score: 0

    ...needs to be given a brain damage assessment.

    I recently was setting up a new laptop for a family member. Lenovo (of Superfish fame) bundles McAfee AV, along with a whole bunch of other useless software and a BIOS activated OEM Windows 10 Home license that doesn't support downgrading. One of the first things I did was install Kaspersky (which is my choice these days, imperfect as it is it's the best of a bad lot of choices) and allow it to remove the McAfee malware. Oddly enough I still had to manually disable Defender in services because that cockroach wasn't as easy to squash.

    McAfee burned me badly back in 2004 when an innocuous looking "upgrade" decided that it needed to silently delete hundreds of files in Windows system folders on a whole bunch of machines I was partly responsible for administering, more or less randomly, and it took days to fully recover. To this day that still bugs me, and I'd love to piss on John McAfee's face if I had the opportunity.

  26. Re:So uninstall McAfee and install Windows Defende by Anonymous Coward · · Score: 0

    Nonsense, Windows Defender has a proven track record of catching over 80% of attacks. I mean, sure it fails to deal with literally more than one in every ten known exploits and attack vectors, but why would we start expecting perfection from Microsoft now after all these years?

  27. McAfee is owned by Intel. by Futurepower(R) · · Score: 2

    McAfee is owned by Intel Corporation. Former Intel CEO Paul Otellini bought McAfee for $7.6 billion.

    Quote from that New York Times story: "There are no immediate synergies that I can see," said Stacy A. Rasgon, an analyst with Sanford C. Bernstein & Company. "It is a strategic deal, and it is a pretty rich price for a strategic buy."

    Ohhh. It's a "strategic deal". Oh, well then, that's okay? Why are writers with no interest or understanding of technology allowed to write stories about technology?

    My best guess is that's why Otellini was fired.

    Stories about John McAfee, who started the company:

    1) Meet the harem of SEVEN women who lived with fugitive software tycoon John McAfee before he fled Belize

    2) Bath Salts, Orgies, Murder, and Anti-Virus Software

    3) U.S. antivirus legend John McAfee wanted for murder in Belize

    McAfee is a "legend"? McAfee software was always undesirable, in my experience.

    4) John McAfee: Addict, coder, runaway

    Quote from that BBC story: "At the time of the raid, McAfee had begun an affair with a 16-year-old ex-prostitute he had met on Belize Independence Day."

    She was an "ex-prostitute"? She was no longer a prostitute?

    Another quote: "One night Emshwiller took McAfee's gun. She aimed it at his head, squeezed her eyes shut and pulled the trigger. She missed." John McAfee's response: "All she did was burst my eardrum. I'm deaf in one ear now, but I don't have a bullet in my head. Forgiveness is one of the graces that we have as human beings. Can I be faulted for indulging in it?"

    Not-prostitute Emshwiller is quoted as saying, " 'One time before, I held him in the corner and I put a knife at his throat," she says.'

    Former Intel CEO Paul Otellini got Intel, a hardware company, involved in that by buying McAfee, a software company. Would you use Intel McAfee software? It seemed to me that buying McAfee damaged Intel's reputation, and continues to damage Intel's reputation.

  28. At least it is only a web beacon... by Anonymous Coward · · Score: 0

    and not a Prothean beacon.

  29. Better antivirus (& tracker blocker + more) by Anonymous Coward · · Score: 0

    APK Hosts File Engine 9.0++ SR-4 32/64-bit http://www.bing.com/search?q=%...

    * Less power/cpu/ram+ IO use vs. local DNS servers + addons w/ less security issues vs. DNS + routers. Less complex vs firewalls (needing layered filtering drivers - hosts don't + firewalls block less used IP addresses, hosts block more used host-domain names) complimenting 'em. Antivirus = reactive. Hosts = FAR more proactive, blocking infection BEFORE you get it. Gets its data from 10 reputable security community sites.

    APK

    P.S. - Hosts get you more speed (hardcodes + adblocks) & faster vs. addons, security (vs. bad sites/dns security issues), reliability (vs. downed/poisoned dns), & anonymity (dns requestlogs/trackers) vs. other "so-called -solutions'" w/ what you natively have. Unlike Adblock/UBlock/Ghostery, hosts != blockable by ClarityRay/BlockIQ... apk

  30. Re:And still people wonder why I always uninstall by Anonymous Coward · · Score: 0

    The trouble is that software, particularly what you might call "utility" software that does stuff like clean up malware, slightly improve hard-drive performance or whatever, often starts out being marginally useful (or at least harmless) and usually ends up becoming a bloated mess if not outright malware. I've watched quite a few antivirus / anti-malware programs go through this cycle, McAfee being one.

    (I'm tempted to say that windows is currently somewhere between the bloat and malware stage, but that might be a bridge too far)