Comments on: Update: McAfee and the Ghost License Issue

By: arcanewulf

arcanewulf — Thu, 17 Feb 2011 20:41:55 +0000

Doyle223, I would like to argue that the most trustworthy sites in the world are still susceptible to being exploited by hackers. Often times hackers will attack a site at the server level and upload hidden code into their site, and any user who visits that site is then exposed to that attack.

Most of the time these attacks are “zero-day” attacks, in which a company like Microsoft or Adobe is aware of a vulnerability but unable to release a patch to fix it before it is exploited. The most notable attack to date are those performed on Social Media sites like Facebook. A user posts a link to a Youtube video that you absolutely MUST see, but if you mouse-over the link it is some obscure site, like tinyurl. This is pretty common in today’s age as a way to make long urls manageable, but these hackers use them to hide their real target, an exploited site. This site could be anything after they have control of it, some mom and pop bread and breakfast’s site, anything at all that the hacker has exploited and loaded its code into. The code then takes advantage of zero-day exploits (often Adobe, as adobe products are riddled with them, the greatest thing you can do is make CERTAIN adobe downloader is uninstalled after installing adobe products)which infect the users computer.

The most common applications to date are fake anti-virus softwares. They mirror programs like AVG and make false reports of viruses, ask you to pay to have them removed, and some people will, often a grand total of 60 dollars. The ones I saw at the tech place where I worked would only take that 60 dollars, but they would do nothing to clean up your system of THEIR fake antivirus, leaving you to seek professional help. Another common attack is using a keylogger to get credit card numbers which they then charge pennies to, but by using an automated script they can remove tens of thouasands of dollars a day from infected systems. These penny charges go unnoticed and these hackers don’t need a steady paycheck, tell me one job on the market today with a potential payout of $10,000 a day on a good day? There isn’t one. They can also use your computer as part of a botnet, used to attack servers (google DDoS using a botnet) or to bruteforce passwords that would take too long to do with 1 computer.

But I would like to challenge you, because I do not believe you are nearly as protected as you think you are. Download and run Malwarebyte’s Anti-Malware, run it and see how many programs it picks up. I have not seen one computer which does not pick up at least 1 virus and 100′s of tracking cookies.

Also, if you were truly a wise and knowledgeable power user you would understand that Mozilla is not free of faults, that addons both slow it down and are insecure, and realize that just because nobody says there is a virus in a torrent does not mean it is clean. A good virus wouldn’t make itself known, its purpose is to go by unnoticed, and often times torrents I download will have trojans. I’ll install the software, patch it with the activator, and then use my antivirus to clean up the trojan. Win-Win.

Also, if you have any programs in your msconfig startup that are 6-7 random letters and numbers, congratulations, you have a virus you didn’t know you had. Better look into that.

By: doyle223

doyle223 — Mon, 10 Jan 2011 08:03:54 +0000

I appreciate your swift reply. However, I truly mean what I say: I have never had a virus. -Ever-. The mentioning of the possibility that I have no firewall is nothing I ever suggested. Rather it is speculation on your part. I understand not being able to “endorse” the non-usage of anti-virus programs. As for one reason or another you represent some public entity or another, and lets face it we all have to make money somehow. No real conspiracy is required to justify the approach most journalists care to take: the exploitation of societal fears. Make sure to click on the ads bordering this article. The mention of possible benefits that a hacker could derive from using these viruses is additionally seemingly false. Who among us has actually has this happen to them personally? Most of use make a poor choice form time to time, via internet purchase, but never have had our accounts cleaned out by some faceless Russian. The fact you don’t notice it is part of their plan, better safe then sorry so long as someone cuts a profit. Ultimately what counts is you trust who or what you’re accessing and not blindly clicking on things. The fact you accuse me of not cleaning my system is a fallacy, and you have no proof of that.

If you don’t♦ want to pay for a commercial product don’t. In fact don’t even bother with the freeware. Instead Use Mozilla, utilize add-ons like Taco and ad block plus, avoid torrents that haven’t been tested, and finally don’t be a perv and hunt after pr0n on sketchy sites.

By: geekygirluk

geekygirluk — Tue, 04 Jan 2011 14:47:23 +0000

I’m assuming that you pointed out to her the fact that you had already deactivated ‘auto-renewal’ upon subscription, and asked why you should have to do it again, unless McAfee are deliberately trying to trick people into auto-renewing.

And asked how, if, as their own terms state, uninstalling the software terminates the license, they managed to continue charging you for a product you were no longer licensed to use. I strongly suspect that if you had uninstalled it from one machine and installed it on another, you would have been contacted to ask if you were transferring the license.

And if I were you, I’d email back and ask the question about how ‘normal’ (not that you’re not) people can get their money back like you have. Her response to that was to say that they have improved their practices but that doesn’t address those customers who they have already robbed.

By: avatar139

avatar139 — Tue, 04 Jan 2011 05:02:21 +0000

@Barton – Alternatively you could just use a Mac (or other *NIX OS if you prefer), which to date has had exactly 2 non-proof of concept malware developed for it which Apple has thoughtfully negated by including a free built-in Anti-Virus system.

Before everybody starts commenting about the smaller market share being not worth the development, the fact that it doesn’t automatically make things secure, and the sky is falling, let me just make a few pre-emptive counterpoints here:

1. Contrary to what most idiots in the IT field will try to tell you, while I don’t believe any computer is completely secure, Macs are more secure than Windows ever was due to the modular nature of it’s UNIX heritage and the fact that it heavily restricts Root access to users (or god forbid, allowing users to log in as Root).

Windows security at this point is basically down to using patches and 3rd party vendor solutions as a computing equivalent of sticking fingers in a dyke made of swiss cheese. At best you can cover a few of the holes at any given time, but every time a new patch comes out you basically rearrange your fingers to cover some holes and leave other open.

To be fair, Microsoft is boxed in at this point as they can’t really get out this situation without completely scrapping the current operating system and starting from scratch, but I doubt they’ll ever do that as too much of their business relies on consumers and companies legacy software needs.

2. Despite what people may tell you about the small market-share argument, Apple’s market-share amongst higher end consumer purchases is about 80-90% so clearly as Crackers are motivated by money (which is not necessarily accurate, btw) they would want to aim for the higher end market, but the fact that they haven’t been able to isn’t a lack of will, rather a testament to Apple’s work on securing OS X.

2a. Just to add to what I mentioned above, let me point out that the lack of market-share didn’t preclude people from designing tons of viruses for the “Classic” Mac OS, which before being discontinued had several hundred known viruses designed for it, however considering that OS X’s market-share is considerably higher than the “Classic” OS was, that also would tend to invalidate that argument.

3. The final and most important security point as far as I’m concerned is the physical access rule. Just as a million monkeys given an infinite amount time could one day replicate the complete works of Shakespeare, given an unlimited time, a finite number of people with varying levels of skill can get into any computer (provided they have physical access to the machine) including any government mandated encryption.

While I wouldn’t exclude Macs from the above statement entirely, I would state that because the methods do require a lot more tinkering with the internals and lower level firmware and KEXT manipulation, the odds of bricking the device during the attempt is high enough where a lot of people would hesitate to even try it.

That’s my 2 cents on the subject, anyways…

By: Barton Gellman

Barton Gellman — Mon, 03 Jan 2011 21:13:03 +0000

Thanks for the comment, doyle223, but I can’t endorse your forswearance of anti-virus products. It would be more accurate to say you “have not ever had a virus” that you *know* of. If you truly have no anti-malware installed on your computer, and no hardware firewall built into your router, then it is all but certain you have critters on your hard drive that are not visible to you. Very likely your computer is part of a botnet, which means that part of its processing power and internet connection is controlled by others. It requires no conspiracy by anti-virus vendors to explain the profusion of malware. Among other reasons, viruses and trojans can be very profitable for those who use them to break into closed systems and to steal valuable information. The fact that you don’t notice them is part of the plan – the malware writers want to keep your computer in harness, not motivate you to clean it up.

If you don’t want to pay for a commercial product, use a free one like Windows Defender or the one from AVG. Keep safe out there.

By: doyle223

doyle223 — Mon, 03 Jan 2011 02:30:19 +0000

Having been one of those fortunate souls to of grown up with personal computers accessible through out my entire life, I find myself as being relatively proficient in their use. This post has driven home a point I have tried to make to my friends and family over the years: Anti-Virus software is a scam. That said I have -not- ever used an anti virus program on any of my systems ever. Is it not a marvel that I have never had a virus either? I attribute this to a few things. I only use sites that I trust, I do not open emails from unknown senders, and when I download torrents I research the posts of people who have previously downloaded the torrent in addition to the seed to leech ratio. In fact the only times I have had experiences with viruses have been on other peoples computers and more often then not they have had anti virus software installed which they had removed and viola a present is left for them. It is my humble opinion that these companies use some of their profits to fund people for creating viruses so that their products are always in demand. We live in a society that is driven by fear and without said fear they would be obsolete. While it is true that hackers exist and I’m sure some of them have created viruses over the years. It is impossible for them to create the amount of viruses in existence right now without being paid to do it. Additionally these people have lives too that exist outside of their virtual world. A steady paycheck on the other hand would easily contribute to them focusing their efforts into the mass creation of these things. I smell a class action lawsuit about to unfold.

By: mbandercoot

mbandercoot — Sun, 02 Jan 2011 11:06:36 +0000

Typical of McAfee. In my experience, and this is why I have no more experiences with them, their commitment to service is trampled to extinction by their flight to profitability. As a physician, I see corporate hucksters constantly preying on the suspecting and unsuspecting alike; why is it that executive bonuses and corporate profitability continue unabated among health insurers, while at the same time they drop lifesaving procedures from coverage (instantly uncloaking the corporate health insurance ‘death panels’ that have existed for years)? The same reason that McAfee will try to put on a pretty face with the author in deceptive and ‘polite’ e-mails that quite obviously miss the point of, ‘Why are you stealing my money?’ This is not to mention that by stealing the author’s money, and that clear-cut is what it is, they are by implication stealing MILLIONS from the unsuspecting that do not notice this obviously designed corporate systematic fraud.
Corporate serpents; ever more glutted with guile and avarice. (please note the corporate jackals stalking the hinterlands of India under the cloak of providing the ‘community service’ of microlending noted on Bloomberg today…………….)

By: cyberprivateer

cyberprivateer — Fri, 31 Dec 2010 23:56:21 +0000

The real problem with “signature” virus detection is that the better stuff, like Stuxnet, will never be detected by the McAfees and the Symantecs of the world. I recently published the “22 Principles of the Perfect Virus” and cover this under Stealth (see http://tinyurl.com/26r2fqy). These guys have multi-billion dollar businesses that really give the user a ridiculous sense of security.

Best to you for the new year.

Rick Bennett