Facebook Requires McAfee Scan If There's A Security Breach? Is This Security Or A Marketing Program?
from the marketing-as-security?-security-as-marketing dept
sinsi was the first of a few to send in the news that Facebook has new rules if your account is suspended due to a security breach. You will now be required to use McAfee’s security software to scan your computer. Have perfectly good security software from Symantec? Too bad. Use Linux? Not sure what you do. While McAfee is offering a free tool for scanning, it’s only free for six months and then you have to pay — meaning that this is really an upsell plan. Facebook claims it chose McAfee after a “competitive review process,” but that makes no sense. Why not offer up a list of ways that you can prove your computer is safe that is vendor neutral?
Filed Under: marketing, security, social networks
Companies: facebook, mcafee
Comments on “Facebook Requires McAfee Scan If There's A Security Breach? Is This Security Or A Marketing Program?”
Because Vendor Neutral doesn't pay
And money is delicious.
Wow.
I wasn’t aware bloated anti-virus software could prevent phishing attacks.
Who’s Linux?
marketing, pure and simple
There is no way in HELL any reasonable review could choose McAfee as the most effective. I imagine the review went something like this:
Exec 1: We have to do something about all of these people getting their accounts stolen by this malware stuff.
Exec 2: We should give them a deal to protect themselves. Who has the best security software?
Exec 3: Well these two over here are rated as really good.
Exec 1: Well McAfee says that they’ll pay us for every time somebody downloads their software through us and they’ll pay us MORE if they actually buy it!
Exec 2: Great! McAfee it is then.
Exec 1: Should I fire up the phishing emails?
Exec 2+3: Go for it!
Re: marketing, pure and simple
Yeah, that sounds about right.
Exec 1: We’re getting a lot of crap about viruses on our site.
Exec 2: Hrm. How do we make this not our problem?
etc.
how is business deals wrong?
So is it now wrong for a business to shoot them self in the foot? how is it wrong for them to require one piece of crappy software over another?
Facebook and any company for that matter has the right to make deals with other company’s. They are stupid for requiring mcafee as this will cause others to leave/ignore account…but it is their right.
Re: how is business deals wrong?
Thank you for your contribution of absolutely nothing. No one claimed that it wasn’t their right; only that it was stupid.
Unfortunately, I don’t have the right to not have to acknowledge the existence of people who can’t read.
Re: how is business deals wrong?
Facebook and any company for that matter has the right to make deals with other company’s. They are stupid for requiring mcafee as this will cause others to leave/ignore account…but it is their right.
Can you point to where I said that it was “wrong”? All I said is the same thing you said: that it’s a questionable move. I did not question whether or not they have the right to do so. Of course they do, but as you said, it appears to be a bad move. I expressed my opinion on that, as did you. I’m not sure what you’re complaining about.
Re: Re: how is business deals wrong?
No, you did not say it was wrong to do so, just ill advised. However, a business deal is wrong (IMHO) if it places limited short term gains ahead of customer retention.
Have you ever tried to de-install McAfee? It is a virus!
Re: how is business deals wrong?
Actually it’s interesting that you asked this since in actuality what facebook are requiring is technically illegal in Australia.
The article in question was published by an Australian newspaper, in this way it is stating that any Australian who has a contractual basis with facebook via their Terms of Service (TOS) ie: a User with an account, whether paid or unpaid, is required by said TOS to ONLY use Mcafee Antivurus products.
Requiring a specific third party product only and since it is NOT free and only available for certain OS’s falls under a certain requirement in Australian Consumer Trade laws.
This section (section 47(6) of the TPA [http://www.austlii.edu.au/au/legis/cth/consol_act/tpa1974149/s47.html]) PROHIBITS OUTRIGHT the supply of goods or services on the condition that the purchaser buys (or uses) goods or services from a particular third party, [in this case McAfee] or a refusal to supply because the purchaser will not agree to that condition.
This test is also not subjected to the standard Competitors test either, which means McAfee does NOT have to be a competitor to Facebook as per other Anti-Competitive frameworks.
So in actual fact it IS wrong and strictly unlawful for Facebook to require this. Though most likely only when dealing with Australian users (and that doesn’t mean the users have to be within Australia at the time of use either).
Re: Re: how is business deals wrong?
> (and that doesn’t mean the users have to be within Australia at the time of use either)
Yeah because whichever nationality you are, your own country’s laws protect you and surround you like a bubble, making you immune to local laws. Try it out, in Thailand! It’ll be a fun ‘in your face’ for those locals!
Is Facebook trying to piss off its userbase, or are they really that stupid?
Re: Typo
sinsi was the first of a few to send in the news that Facebook has new rules if you’re account is suspended due to a security breach.
Re: Re: Typo
I disagree. I belive it IS infact “your” and not “you’re”. EXAMPLE: “Hey ! You’re an asshole!”, “Hey ! Your house is on fire!”. Please do not try to correct people if you do not know what you’re talking about.
Re: Re: Re: Typo
It was you’re. It was corrected to your. He was pointing out the original typo.
Re: Re: Re: Typo
Belive?
Re: Re: Typo
OMG if you’re (not your) going to correct someone’s English you should probably speak it yourself, moron. Your means belonging to. You’re is a contraction meaning you are. Not only are you an arrogant prick you’re (not your) an idiot because your (not you’re) English sucks.
Re: Re: Re: Typo
See above…
Re: Re: Typo
That would be you are “…Facebook has new rules if you are account is suspended….” Fail on the typo
Re: Re: Typo
actually you made an incorrect correction
your = possession
you’re = you are
Pure co-marketing...
why not just scan things on upload if you’re concerned about security? Or use HTTPS on the login screen — basic starters?
Re: Pure co-marketing...
I’d guess we’re talking about trojans on the client machine, not problems with files being uploaded to FB. HTTPS might be a good investment, however.
I’d still like to know what you’re expected to do if your account gets compromised when you’re using Linux or an iPhone, though… (I do both)
Tonight... on Secuuuuurity Theatre
It creates the appearance of “doing something” that all the kids love so much, and it’s true that Facebook is frequently used as a means for spreading malware (it has a huge user base, makes social connections searchable, runs scripts, has an uncomplicated design on its login page–phish phriendly!–it’s a gold mine). But lots of users already have AV protection, and it’s important to have, but it’s not enough. Most of the well-made malware is rigorously tested against AV scan engines before deployment and will, upon successful installation/system compromise just disable or make itself invisible to AV scanners anyway.
The major downside is that the best way to tell if your computer has FB-spamming malware on it is to see if your account is spamming Facebook. Which it can’t do if it gets disabled. And considering that users tend to go to FB more frequently than they do higher risk stuff like banking or shopping, they won’t have the early warning that would be provided by all their friends telling them to stop with the spam or the other telltale sign of having to solve a CAPTCHA at every login. This puts them in more danger because when they do put more sensitive information (like bank or credit card details) into a website, it will get stolen.
Also, going with a single product means there’s only one look and feel that the fake AV writers will have to duplicate on Facebook.
So it’s a bit short-sighted, I guess is what I’m saying.
The obvious aspect to this is that the users who know anything about antivirus software won’t be the ones getting phished. No one who cares will be actually affected by it.
stupid is as stupid does
It maybe true that this is not the smartest move for Facebook, but you may forget – the user base is already pretty stupid. And most of them are not overly tech savvy, so they’ll see whatever is presented to them as a good option and be thankful to hand over the money…
Why not just send to Microsoft’s free Anti-Virus tool? That way you shuffle the problems to MS where most the problems belong.
Re: Microsoft's free Anti-Virus tool
Microsoft’s free Anti-Virus tools are Essential’s and/or Defender. I have used both for several months and they have worked very well and solved several problems. I have several complaints about MS but these products are not in the list.
http://www.microsoft.com/Security_Essentials/
Competitive review process is probably code for facebook charging them to be advertised and getting a kickback from sales as opposed to reviewing which would be effective and cheap for consumers.
I think if this happened to me I’d rather just close my Facebook account than be force to use a piece of s**t like McAfee.
Re: Re:
I’m with you. Installing anything McAffee is like rolling out a red carpet for even the most amateur designed viruses. If Facebook really cared about security and their users instead of money, they wouldn’t choose McAffee for this asshole idea of theirs, and they wouldn’t back it up and lie by implying this AV actually WON their “competitive review process”
Re: Re: Re:
Didn’t you hear? The current social norm is that Facebook lies.
Re: Re:
Is there an ETF ?
I’ve got $10 right here says that “competitive review process” was decided on the basis of who could fork out for the best backhanders.
Statistically speaking
(and these statistics are pulled straight out from my behind so take them with plenty of salt)
99.9% of the facebook “security breaches” happen on windows machines anyway.
In fact – I think we’d all be hard pressed to find a case of one on Linux or a fully updated OS X installation.
So, I guess the bottom line is that if you’re using windows and you’re not secured then this will temporarily remedy that. If you’re using windows and you are secured – then this event is fairly unlikely. And lastly, if you’re not using windows and this happens – then you must be fairly incompetent…
The only downside is if you’re logging into facebook via a friends pc which is already infected.
As for the idea that facebook uses are less intelligent – consider this, at least they have a leg up on myspace users and for that fact alone should be given a little credit.
Don’t get me wrong – I hate McAffe as much as the next guy. I’ve uninstalled their Security Center (from infected customer pc’s) more times than I want to even remember. But it is better than nothing for someone computer illiterate enough to be in this situation.
Just my 0.02$
– FJM
If your stupid enough to get your account hacked, then you deserve every ounce of trouble Facebook will give you by requiring this garbage.
The ad CPM model failed, so on to innovation!
When I read this news, I laughed and laughed. First at the people who still use Facebook, then at this stupid decision.
I could definitely see the abuse just waiting to happen. How long will it be before Techdirt articles news about an “explosive” growth in security breaches on Facebook?
I’m giving it a week, and not a day more.
To the executives at Facebook: McAfee? Are you stupid? Even Microsoft’s new Security Essentials has been given a better rating and it’s free… forever.
I guess it could be worse. McAfee could hire the ex-CEO of RealNetworks.
Actually (and I'm not shilling here)
McAfee’s not a bad AV product at all as long as people keep it updated and don’t stop their running scans before they finish. The problem–and this is a problem for all AV vendors–is that it’s best suited to removing malware that already exists on the local machine, and can only really do that if it’s got a signature for it. They (and all other vendors) are working on improving heuristic detection, and they offer a bit of web-based protection, but they’re pretty far behind the writers of malware.
That’s a big part of the issue with this move. Even if it was vendor neutral it still wouldn’t actually solve the problem. Facebook can’t make you patch your OS and applications because if it wanted to do that it would have to look at everything in your OS and your installed software, find what you’re missing, and tell you to install that before reactivation. Obviously it can’t do that (and you wouldn’t want it to anyway, I hope). It also can’t make you not follow bad links, or even give you the tools you need to determine which ones are bad.
Well, basically it’s not within Facebook’s capacity whatsoever to stop bots and spam. It’s probably not within the AV vendors’ capacity either. Their analysis and signature development is pretty good, but they’re up against sophisticated and untouchable criminal enterprises on the one hand, and a user base of people who can’t possibly keep up with all of the developments in malware (and don’t want to) who are on machines that aren’t up to date on the other. The only reasonable conclusion is that this is, in fact, marketing. One of them “synergies” they like so much in the suit world.
Might as well, though. Folks by and large aren’t going to pay for the license when the trial ends, and if people don’t use FB, they don’t get their marketing data. So it’ll undo itself pretty quickly and none of this will change anything about botnets or spam or user awareness, and then the experiment will end and things will be back to normal. No big deal.
Re: Actually (and I'm not shilling here)
Actually McAfee’s one of the worst products from my experiece.
Even Nortons does a better job at scanning, let alone all the others. McAfee uses the most system resources of the major AV software packages out there. Its hard to uninstall.. There isn’t a positive feature about it.
Facebook could if it wanted to make you patch your system. They could use software like Cisco’s Clean Access Agent (Which I hate with a passion, but it would work) which checks for a list of approved anti-virus, makes sure its enabled, your system is patched. The facebook just blocks all traffic from non-clean access agents and redirects them to a site saying to download Clean Access Agent. So yes, its possible for them to do whatever the want…. just not advised.
In Short…Wheres the delete account button? Facebook isn’t worth this much trouble
Who cares if they're providing the software?
I was told by a source that Facebook provides the scan. They aren’t making you buy McAfee, they’re making you allow them to use McAfee — a company it is presumed they trust — to scan your computer *for free*. Of course, my source may be wrong, but if true … what’s the big deal? Who cares?
Re: Who cares if they're providing the software?
“””
They aren’t making you buy McAfee, they’re making you allow them to use McAfee — a company it is presumed they trust — to scan your computer *for free*. Of course, my source may be wrong, but if true … what’s the big deal? Who cares?
“””
Actually, if that is true, that is even worse. You’re cool with letting some nebulous server scan your computer remotely? I’ve got some swampland in Florida that you may want to buy…
They're all like that.
Avatar28: They selected McAffee the same way the IT people at every big corporation in America selects desktop operating systems and “productivity software.” Namely, they did it the same way an old grandma makes purchases for her college granddaughter: “I heard Microsoft Vista is the latest thing, so I figured it must be good!”
Seriously. I told the IT person at the local public library how much worse Word 2007 is than the Word 2003 they replaced with it, and how much crappier their computer are since the latest OS upgrade. Her response: “It’s the productivity software choice of libraries and other organizations across the country.” I suggested the fact that the “productivity software choice” of pointy-haired bosses everywhere actually made things WORSE should, just maybe, tell her something about the comparative virtues of “industry best practices” set by pointy-haired bosses, vs. user community feedback. I might as well have been speaking Esperanto.
Hot reps?
Obviously the McAfee rep buys the best lunches. Its not about the product, its about the schmoozing.
Oh God!
I’m glad I know about this because now I’ll be ESPECIALLY vigilant when protecting my facebook account. The threat of having to install…. McAfee products on my computer is incentive enough to never, ever give away my facebook password!
…While I’m at it, is there any d**k I need to suck too? I’ll do ANYTHING to not have to install THAT!!
Started a FB cause
We will see how long it takes them to kick me out. I started a cause:
Prevent Facebook from requiring McAfee Anti-Virus software
http://apps.facebook.com/causes/432982/87214516
If you lose control of an account while you’re on Linux (*NIX), it would have to be due to something else that no Windows anti-malware can detect and clean.
If your account was phished/socially-engineered, no software protection could have prevented it from happening. Therefore, using anti-malware to address this vector won’t work.
If your account was brute-forced, Facebook should probably look into limiting failed login attempts. Obviously, this is their problem and not yours. More so, if your account was compromised because of an SQL injection instead of a brute-force.
If the people behind Facebook are really as smart as we’re told they are, they should know this.
McAfee - So Bad It's Free
Where I live Comcast gives McAfee away free with your cable Internet subscription. I work on PCs for a living, and this is the worst POS, and has been for a long time. It has not made the top 10 in any independent review for ages.
I get deals from Buy.com and the like all the time selling McAfee 3 user licenses for under $10. If this stuff is so great why are they giving it away? This is the Yugo of security software.
Facebook can have my forking account, ain’t no way I’m putting that crap on my PC.
I think there is a typo in this article. You said they went with McAfee after a competitive review process. I think you meant to say competitive BIDDING process.. Honestly, does anyone think that Facebbok did not cash a check in this deal Every security software company in the world would have killed to be the one that Facebook recommends for this, there is little chance the winner was chosen merely on merit. That would be simply way too fair and honest a way to choose.
Useful OCR tool
If you are today looking for an OCR tool compatible with any platforms like Windows, Linux and Mac, a site that can do OCR for you online may attract you: goodocr.com. The result looks promising to me (English only).
McAfee Facebook app
Skip the whine…I think Facebook and McAfee did the right thing. I took a hit and when I tried to logon to Facebook I got a Facebook security which advised me of the virus, then gave me a quick and simple means to remediate the situation in about 3 min. Works for me and I haven’t heard a word from McAfee.
I’d like to see McAfee develop a tool which would do a quick scan when a use attempts a logon to a URL or share and upon detecting a virus or malware, cleans it up. The Cloud offers real opportunities such as this, but all in all, I think FB & McAfee took the high ground.
Facebook requiring a McAfee Scan.
I couldn’t log into my Facebook account because they determined my computer is infected with malware. If I download McAfee “For Free” it will scan my computer and remove any viruses.
This is a blatant scheme to help McAfee gain market share through millions of Facebook users.
Another note: I was using Google Chrome when this happened. When I logged in again using Internet Explorer I was able to log in as usual. Hmmmmm. Is this an attack on Google?
Facebook forcing all users to McAfee
I have been a member of facebook since 2008 but have recently had difficulty logging in. I have my own virus protection which I am paying for and my computer is under warranty so the manufacturers website is wonderful to assist me with any problems. However, Facebook is still forcing me to use McAfee to get back into my account. I tried this in the past and had files deleted so the manufacturer had to help me recover those files. Thank goodness my computer is still under warranty. I have used McAfee in the past and had no problems but I do not want them interfering and deleting files from my computer. Shouldn’t someone be liable if they are requiring you to use a certain program. I guess that is my question–I am a retired teacher and counselor and don’t frequent the social media as often as I use to. However, I still have a right to certain freedoms in this country and don’t like anyone stepping on those. The enforcement has just begun–I suppose it will depend on the character of the younger generation and what they expect as a US citizen. They may not anticipate as much from their country nor may they demand the independence and respect that we babyboomers have. Sometimes I think we are witnessing the decline of America and all our rights just as the Roman Empire declined so may we. Sunshine in Texas
I think this is a scam
I think the McAfee scan on facebook is a scam. I was just tagged as having a virus and was locked out, had to go thru THEIR scan to get control of account back.
Guess what “NO VIRUS’S were detected” then the next screen is an OFFER for McAfee.
Bull is what this is.
I think this is a scam
I think the McAfee scan on facebook is a scam. I was just tagged as having a virus and was locked out, had to go thru THEIR scan to get control of account back.
Guess what “NO VIRUS’S were detected” then the next screen is an OFFER for McAfee.
Bull is what this is.
I saw this article on the “Hot Topics” list and thought I would see people remarking on how maybe Facebook should run McAfee on their own systems after the recent problems they have had:
http://arstechnica.com/security/2013/02/facebook-computers-compromised-by-zero-day-java-exploit/
But, nah, just necro-posting…
I think...guess what.
We only have 1 solution to this. Stop using facebook, delete your account and shut up.
Just have 1 big question though. Can you afford to do it? If so, do it now:D If not, keep on blaming Facebook or McAfee, anyway, they’re earning bigtime while we’re loosing. It’s your right.
Atleast some people know the difference of “you’re” and “your” :D)
This should be illegal
Facebook locked me out of my account yesterday while I was pming with a friend… and of course FORCED me to DL that stupid Mcaffee in order to unlock my account… If you don’t do it your account stays locked… seriously??? NO ONE has the right to make you download ANY program and run it on YOUR system. And like the rest of you… Mcaffee found NOTHING… and also like all of you I do have AV that I choose and like. If there is ever a class action suit against FB for this forced download I want in on it!
Facebook requiring a McAfee Scan.
No, I logged on through MSN and IE and they both didn’t let me log on without sending me to the McAfee page.