If you live in the Bay Area and travel on 101 you may have noticed a large McAfee billboard advertisement which states “Hackers are bad. We’re Bad Ass” – cute, if only their PR departments Jr. College marketing certificates had prepared them to deal with what is turning out to be a really, really bad week for little red.
First McAfee issues a warning to the SEC and investors that GPL software used in their products has put their business in jeopardy and “may result in unanticipated obligations regarding our products” (here) – You mean they do not want to adhere to their obligations or the GPL license terms? did they just realize they use open source tools or do they fear a lawsuit? Either way this is pretty damn far from bad ass
Second geeks.com, which is protected by the ever-vigilant and intimidating hacker safe logo, is hacked (here) resulting in the compromise of customer data and although this was known over a month ago the hacker safe logo still stands as a silent sentinel projecting the badassness of McAfee and assuring the general public of the security of the site. Now in McAfee’s defense they do not claim that Hacker Safe is 100% safe from hackers, they only claim it to be 99% safe, so clearly this hack was part of that anomalous 1%
Third a recent audit of McAfee E-Business server results in identification of a remotely exploitable code execution vulnerability (here), which can be easily exploited by sending a malformed packet (here). Since 2001 McAfee has had over 60 publicly disclosed vulnerabilities in everything from their virus scanners to Intercept to ePO to their common management agent – must be all that open source software. I thought these guys were supposed to be a bad ass security company – what’s up with that?
So 2008 is not starting out with the bang McAfee had hoped for, but never fear when you are as bad ass as McAfee you find a way to trudge on, I mean this is a company that has had to deal with patent infringement lawsuits (here), stock option scandals (here), accounting fraud charges (here), multiple SEC investigations (here), allegations of channel stuffing (here), highly visible software flaws (here), the loss of confidential and personal employee records (here), and of course that whole whiny school girl tirade they threw when Microsoft wanted to improve Windows Security by locking down the kernel (here) this doesn’t include the Bill Larsen/Network Associates years – and this is all in the face of AV dying – when you think about it that is kind of bad ass.
<update 9/22/2008: McAfee to acquire secure computing for about $460m, in doing so they essentially re-acquire all the stuff they jettisoned several years ago>
<update 7/22/2008: McAfee fined $18m in patent infringement lawsuit (here)- if this keeps up I am going to have to create a blog dedicated to nothing but McAfee suckiness>
<update 6/17/2008: For a company the size of McAfee there sure is a lot of controversy – apparently the Israeli business unit is under investigation for “irregularities” including grey-market activities with McAfee products (here)
<update 5/20/2008: Well it just keeps getting worse for little red, the company becoming synonymous with fraud, shady business practices and poor security products. This time Brett Oliphant, the VP for Scan Alert – McAfee’s silly little Hacker Safe McAfee Safe product, is facing 11 counts of securities fraud in transactions that allegedly brought in more than US$1.215 million (here)>
<update 1/17/2008: Information week is reporting that at least 60 sites running “Hacker Safe” are found to be vulnerable to simple CSS (cross site scripting) attacks, including McAfee’s own scan alert website (here) – damn who’s watching their network? >
you are hilarious.
Hey Amrit,
Love the site and love the post. I was wondering why you haven’t posted an update on how much McAfee sucks since September 08? Also any insight into how McAfee has been doing well on the stock market even though they admittedly suck ass?
Thanks,
Prabal
@Prabal
Thanks for the compliments. You are absolutely right that I have neglected to post on McAfee lately. There hasn’t been a shortage of stories on McAfee, in fact there has been so much to post it has been hard to keep up. Some highlights from the past 3 months;
* (May 09) widespread outage after a SP update to VSE caused Windows system files to be identified as malware
* (June 09) McAfee continues its aggressive renewal tactics that force organizations to either pay the premium list price or face a breach of contract if they do not immediately remove McAfee software
* (July 09) McAfee is victim of unintentional data leak as they email personal customer information
Anywho as to your other question about the stock price, well couple of points…
1. They have been under an acquisition rumor for a couple of quarters, this has had a positive impact on their stock price
2. They sell security products to the enterprise. Security tends to weather economic downturns better than other sectors
3. A good stock price does not really represent that a company, such as McAfee, doesn’t suck ass. Remember Enron? MCI Worldcom? Lehman Brothers? AIG? You get the idea =)
great post
[...] make my hopefully-humorous play on Mcafee’s current HW101 billboards to make a point: most of today’s desktop security solutions bring their host computers to a [...]
*ROLF* viva McAfee
Ever heard of Clark McDaniel who works at McAfee. What an SOB. McAfee calls me asking me to renew my license so I can continue getting critical updates. My computers had a virus attack about a month earlier and these idiots couldn’t do anything about it. I mentioned this to the caller and told her that I’ve totally lost confidence in McAfee. I told her that I would like to mention this to her manager and asked for his name. She put me on hold for about 5 minutes. Then her manager Clark McDaniel (said he works in Plano, TX) spoke to me. He said he’s sorry for what happened and that their security software sometimes malfunctions!
That surprised me. I asked – “Your security software malfunctions??!!”
His answer was a plain – “Well, that’s just the way it is!”
I figured he was an ass hole and hung up.
Hmmmmmm…and ppl wonder why i have such disdain for #1 McAfee and #2 the MSP idiots that installed it on our network. It hogged down the machines so bad…I held out and kept ESET NOD32 and have no problems.
D.
Amrit, you sir, are a COMPLETE genius, I fucking love you man – this post is hilarious.
@Amrit’s #1 Fan
You are too kind – believe it or not there are those that do not agree with us that McAfee iz teh suk and although I appreciate the admiration if it wasn’t for McAfee completely sucking ass, this post wouldn’t really have made this much of an impact.
Thank you for helping get the Brett Oliphant scandal out in the open!
Hi Amrit,
I enjoyed reading your post immensly and know exactly what you are saying to be true. I lived it for over 4 years. Thought you might find my own post interesting. Let me know your thoughts. I have done a pretty good job of getting it out there but if you have other avenues I welcome your advice.
Best
Cresta
http://crestapillsbury.wordpress.com/
Oh, Cresta. Badmouthing Mcafee/Scanalert for fraud is really a case of the pot calling the kettle black. Or is this how you justify embezzling more than $90,000? They deserved it?
You’re a real piece of work. But I guess you’ll always have Paris.
mcafee na!!!!!! thats why you go with number 1 product AVG!
The post that you have from Jane is absolutely false and I need to ask that you remove it. Please feel free to call me at XXX-XXX-XXXX with any questions you might have. Thank you.
Cresta
The problem I am having with McAfee is that they have teamed up with Yahoo and now scan sites that come up in a search and sometimes label (or libel) them as “dangerous”. Problem is they don’t know what they are doing. Our site doesn’t have anything remotely dangerous. I contacted Yahoo – they tell me to contact McAfee. I contact McAfee and they send me a form letter. I don’t understand why Yahoo would partner with these idiots!
Indeed McAfee sucks ass!!! I got the 2007 version of Internet Security Suite which was upgraded to their supposed 2008 version. It didn’t upgrade jack. It only stopped the annoying ads that pop-up wanting you to renew to save 30%. I never renewed online, both versions were bought from a store.
I had auto-updater on to get their totally crappy updates. Last week I got one and all hell broke loose. Websites wouldn’t display properly, some sites not at all.
They offer a worthless live tech support via chat. The “agent” walked me through so many steps, shutting parts of McAfee down and never gave me any type of resolution. Every live technician will give you a ton of different steps to perform and none ever work.
I ran the antivirus again. It said no viruses were in the system. My problem went from bad to worse. Finally, I took my PC to a tech to find out that it was “infested” with spyware and many viruses. I trust the tech that worked on my PC as he is a friend of mine. The result…I needed a totally new hard drive!
Total protection my ASS!!! If I was close to their corporate headquarters I would tie a brick to the damn software and chuck it through the front window of the place!! After reading what I have here, that totally confirms that this is a POS company that prides in scamming customers selling worthless software while laughing all the way to the bank.
Oh ya! I have always found McAfee to be a no rate product Right along with Norton, and will not refrain from bashing Norton or Mc Crapie.
One slowly kills it self and your computer, the other; Suck out loud!!!
With regards to person’s post about AVG being the ‘number one product’, think again. NOD32 is superior.
AVG has been tested 43 times, from February 1998 through April 2008, by Virus Bulletin and has failed 22 times and passed 21 times. During the period from June 2003 to April 2008, it was tested 23 times; passing 20 times and failing 3 times. (Virus Bulletin Website)
NOD32 has been tested 52 times by Virus Bulletin and has failed twice and passed 50 times,with a success rate of over 96%, the highest pass rate of the tested anti-virus products. (Virus Bulletin Website)
The rating for AVG on PC World’s testing scheme is 75/100. NOD32’s rating is 84/100 (PC World’s Website)
The CNET editors rate NOD32 at a perfect 5/5 while the CNET users say 4.5/5. The CNET editor’s rating for AVG…7/10 (3.5/5) and the users said – get this – 2.5/10 (1.25/5).
From personal experience I know that AVG misses LOTS of things and it’s scans are not to be trusted. It MAY pick up one or two things that other scanners miss – so it DOES have some value. But it should not be relied upon as the be all and end all of virus protection. And truly no product should. Anyhow, long and short of it – get NOD32.
[...] and the world’s power grids would go dark. I remember at the time I was working at McAfee (here) and as the clock moved closer to New Years the office was crawling with reporters hungry for a [...]
How hillarious some of these people and responses are. ScanAlert was 100% shady and it just made sense that they were bought out by another super shady company, McAfee. I know Brett Oliphant (shady to the maximum) very well, along with a few others he work(ed) with there, including someone who no longer works there. You would not believe the things I have been told about their “hacker safe” bs. Omg is all I can say. If the author of this wants to email me I’ll be glad to share specifics.
[...] I totally whiffle balled this one, infosecsellout did not end up becoming a spokesperson for McAfee, but McAfee did continue to suck ass in 2008 (here) [...]
Wow. McAfee sucks worse than I ever imagined. I was just pissed at the incessant nag popup that urges you to renew your subscription. It used to be that you could still use a version that you paid for, albeit virus definitions that were not up to date…. better than nothing. Now the fucking program just turns itself off. I’m no longer a McAfee customer just because of that nag screen from hell that the gurus at McAfee came up with. I really think there should be a new federal regulation that requires these nag screens to have a ‘STFU’ button, when pressed, you will never see the nag window again.
Another thing that pissed me off about McAfee is that I once had to install a seperate malware remover for some things that McAfee didn’t detect. Then on the next McAffee system scan, McAffe quarantined the malware removal tool I installed! What a bunch of pricks! They are assholes of the first order and I wish the company would just go away.
We got this email at the office from the lovely people at McAfee and i nearly spit my drink on the monitor. Then i realized i wasn’t drinking anything and just making a weird spitting sound for no reason. Anyhow, here is the email, followed by my response:
Dear McAfee Customer;
We at McAfee are working constantly to improve our security solutions and processes in order to make it easier for you to protect your company’s valuable assets. We rely on input from customers such as yourself. We feel that only through the opinions of our customers can we be the most effective in accomplishing our goal.
Therefore, we need your input for an easy online survey to help us better meet your security needs.
The survey should take no more than 10-12 minutes to complete. Please know that your opinions will be kept strictly confidential and will only be reported in combination with responses from others in our study.
Click here to begin.
http://www.execplatform.net/s.r4a?d=18900671&k=ruzbgy
Thank you in advance for your assistance on this survey.
Marc Olesen
Sr Vice President & General Manager – SaaS Business Unit
McAfee, Inc.
This is how that email should have read:
“Dear Tiny Consumer,
Here at McAfee we know that whatever PC you purchase, our bloated and under-performing virus “detection” software will already come pre-loaded on it. We don’t have the time to read and/or address any of your would-be complaints, nor could we be bothered to address them even if we did. But, just because we’re getting tired of watching you run away and install FREE programs that ACTUALLY work without making your computer run like an asthmatic tree sloth after a four-day-bender, please feel free to type out all of your pitiful and meaningless complaints and suggestions at this very much unattended website we have so magnanimously provided for you. Maybe all you need is a little catharsis.
Deepest love and best wishes,
McAfee, inc.
ps: Please be aware that after you have taken the survey and filled in the suggestion form, by pressing “submit”, you understand that your suggestions/complaints will be not be read or addressed in any way, shape, form or fashion and will be deleted from your computer, from our website, and from the historical record of life on this planet forever and in perpetuity.
McAfee….pfffft.
McAfee Security Center (MSC) has become badly-coded, PARANOID, BLOATWARE to the point of absurdity!!
I have been running MSC for the past three years on 4 different machines ranging from a laptop Pentium D T2060 (1.6GHz) w/ 4 GB of memory running XP HomeEd. (at the low end) to a Quad Core Q9550 (2.83GHz) w/ 8GB of memory running XP Pro at the high end, each of which live on separate public IP addresses, behind two(2) hardware firewalls/routers and also the MSC firewall. I use MSC because it is the AV app of choice (& the only one that they support) for my ISP (Comcast). These have not been issues for me until the past 2 months, or so.
The behaviour that I am about to describe is the same on all 4 of my machines, so it is definitely NOT computer-specific.
First, the “bloatware” part of my complaint:
On the one hand, I am encouraged by AV software that strives to keep its DAT up to date in order to stay on top of constantly emerging threats. However, MSC has taken on the habit of checking for updates at least once per hour which, in & of itself, would not be a problem except that:
1. It takes the McAfee website a solid 2-3 minutes to respond as to whether an update is available….
2. If one is available, it takes another 2-3 minutes to download the update….
3. Once downloaded, it takes yet another 2-3 minutes to finish installing the update…, and…,
4. MOST IMPORTANTLY & ANNOYINGLY…, throughout the process of performing the tasks in steps 1-3 above, any & all other apps/functions on the subject computer are suspended and put totally “on hold” while MSC does its thing. I am NOT talking about some heavy-duty, extreme multimedia app either, sometimes it could just be typing text into “Notepad” or simply wanting to move your mouse pointer across your Desktop that remains stalled or frozen until MSC is done hogging your resources.
MSC has now joined the ever-growing list of apps by developers/coders who clearly must have been bench-tested them on machines sporting Intel Core i7-965 (3.2GHz) Extreme Edition processors w/ 16GB of RAM, having clean install of the OS & absolutely NO other apps loaded on them (okay I know that’s kind of an exaggeration, but you get idea).
The conventional wisdom with these geniuses is: “Hey, my app is working great now. It’s totally okay that, whenever it performs any function, it uses 110% of all CPU/memory resources because, after all, who cares about any other apps that may need to run on some poor user’s machine— my app is just as narcissistic and self-obsessed as I am.” This is further compounded by a total lack of informed supervisory scrutiny in the firms employing these guys with only a 6 week trade school certificate in Visual Basic because: “The developer/coder told me ‘It’s all good’, so it must be & besides, we only have to pay them 25 cents above minimum wage.”
For what it’s worth, a couple of weeks ago I even put a brand new 1.5TB SATA(7200rpm) HDD in the above referenced XP Pro machine, did a new clean-install of the OS & a new clean-install of McAfee. Result: NO change, MSC is just as much of a resource PIG as ever. I, for one, am getting increasingly fed-up with software/apps that exhibit this type of behaviour. Hire some decent programmers for Pete’s sake!!!
Second, this is what I meant by MSC being “paranoid”:
Any AV software is going to generate a certain number of “false-positives”, flagging perfectly legitimate files as “malicious” from time to time. Fine…, I get that.
In the last couple of months, though, during random real-time scanning & during scheduled scans MSC has begun to flag & “quarantine” files which have peacefully co-existed on my computer with McAfee for literally years! I mean files that should not, by any stretch of the imagination, be suspect.
But rather, for example: (these are true stories)
–A picture file named “maria.jpg”, which is a picture of my daughter taken with my Canon Digital Camera & transferred to my Desktop over a year ago….
–A “.dll” file named “vfwwdm32.dll” from the C:\Windows folder, which is one of the “Video for Windows” native drivers…, and…,
Best of all…, my favorite…,
–A “.doc” file named “faxcover.doc”, which is nothing more that a pure-text Microsoft Word Document I created to print-out from time to time as…, guess what…, a generic fax cover sheet. This one has lived on my computer for over 4 years without any problem.
These files have begun (only lately) to get flagged (& quarantined) as anything & everything from “Generic Dropper” or “Generic!Artemis”, to “Keylogger” and so on. What’s really entertaining is that any one file (such as the “.doc”, for example) can be flagged as a “Generic Dropper” today, then the same file is a “Generic!Artemis” tomorrow, and a “Keylogger” the next day. The same file!!!
Okay, so it’s better for an AV program “to be safe than sorry”, but this is nuts! It’s as though the security “experts” at McAfee just decided to finally throw up their hands and say: “We can’t stay on top of this stuff anymore so, from now on, we’ll just flag & quarantine everything that even has a filename, and then let the end-user/consumer sort it all out & restore them on their end. At lease we did a good job of protecting them from ‘evil things’.”.
So…, by all means…, use McAfee Security Center if you have lots of time on your hands. Every hour, or so, when it updates you’ll have plenty of opportunity to make yourself a sandwich, go to the store & do your laundry. Oh…, and don’t forget to schedule 20 minutes every morning to restore all of your baby pictures, letters, and perhaps some essential OS files that it quarantined “for your protection” while you weren’t looking.
Good luck!
R.
[...] highly publicized, hysteria inducing, globally distributed, mass-infecting worm. The AV vendors (here) and (here) must be ecstatic that 2009 is really turning out to be the year of the largest security [...]
mcafee sucks the hind tittie. they sell inferior products and support them with “GOLD” service? Hah! They just send you to India and although the people in India are nice and glad to have the job, then cannot solve the problems of inferior software, and mcfuckee hides behind their corporate veil of misinformation and diversion. its bait and switch in the worst way. they roll out a product suite and have USA support for a few months as marketing incentive, then they pull a fast one and switch the service to India. this is the a disgusting greedy unconscionable practice all plied by the people who were too dishonest to to be lawyers and ended up in marketing!!!!!!!!
mcfuckee is a suckbag company of greedy dishonest money grubbing dirtbags who would whore out their own mothers, grandmothers and children to make a buck,
I found a USA FAX number and I am going to send Mcafee EVERY SINGLE email they generated for ONE SINGLE problem THEY CREATED and failed over and over to solve. I will send this 30 pages of email garbage to them twice a day, every day and pound on them until they give me my money back. If that doesn’t work, I will complain to anyone who will listen and write to PC World “On Your Side”, FTC and BBB.
Meanwhile I will sanitize my computer of everything McFakee.
I will wash them out of my hair and down the drain.
i have no idea if mcafee suck ass bit i know hp and compaq blow goats
I lost two years worth of picturers of my children growing up! I’m pissed! I spent hard earnd money for scraps that my dog would not eat. What bothers me more is no one ever gets punished for the crime comited. If the people who start a virus can be identified, they should be chaind to a permanent stucture and let mother nature’s virus’es deleat them! McAfee should be chaind next to them!