Search this site:


June 15, 2006 12:03 AM

Broken: McAfee personal firewall application message

McafeeArie Swartz points out:

This is an alert that McAfee personal firewall application triggered, stating that it did not recoginze itself and needed to ask for my permission to allow it access to the internet.


_@_v - first!

_@_v - well i couldn't resist...

Posted by: snesnailie_@_v at June 15, 2006 12:10 AM

ha! YES!

Love it-

Posted by: abcdario at June 15, 2006 12:13 AM

McAfee has some identity issues.

Posted by: BananaSam at June 15, 2006 12:18 AM

hahhahahahahahahahhahahaa!!! i hav that same stupid prob with NORTON!!! lol

Posted by: NiCKie at June 15, 2006 12:21 AM

the thing is that these are two separate programs from the same company; one is a firewall and one is a 'privacy service', most likely tied to the anti-virus. Not technically the same program...

But broken nonetheless.

Posted by: stargate525 at June 15, 2006 01:30 AM

Did the user click on the "Tell McAfee about this program" link and let them know about their own software? :)

Posted by: Alden Bates at June 15, 2006 05:59 AM

So who's to say that this "McAfee Privacy Service" executable file it detected isn't some sort of malware or trojan? It's only broken if it hasn't found an actual problem.

Posted by: Grant Hutchins at June 15, 2006 06:49 AM

Looking at the "customer experience," you could say that it's broken because there is not tighter integration between the McAfee products, but I say Grant brings up a good point about Malware.

Posted by: Eddie at June 15, 2006 09:49 AM

Whenever I download something from, Windows always never recognizes Microsoft.

Posted by: someone at June 15, 2006 10:04 AM

Not broken, just overkill. How does the computer know if it's a real or phony version of the software. It could be a well diguised virus. I think we have come to expect too many human qualities from our computers. They're just machines and are only as smart as people make them to be.

Posted by: lefty-chef at June 15, 2006 10:20 AM

I will admit that this seems odd, however, it does show that the product is working properly. In using a firewall, I prefer to know when ANY program is trying to access the internet. If I had just installed McAfee and this showed up, I would probably just grant access. If I had installed it a while ago and this showed up, I would suspect that something is wrong (e.g. I picked up some malware masquerading as McAfee). If these firewalls automatically recognized themselves or other programs, it would open up a new vector for attack. Just look at all the problems caused by Microsoft's tight integration between Windows and Internet Explorer to see what happens.

Posted by: eBob at June 15, 2006 10:21 AM

I agree with all the people here that no program should be immune to firewalling, even programs that ship as part of the same software package. Otherwise, how could you ever fully trust the firewall knowing that one of McAfee's products *could* have a security hole in it and be immune to firewalling?

Posted by: James Schend at June 15, 2006 11:51 AM

Exactly. Windows not recognizing explorer.exe and killing it would be a better example.

Posted by: Fuzzy at June 15, 2006 01:31 PM

If McAfee doesn't know if it is malware, how am I to know? Isn't that what the firewall is supposed to do. I have the exact same problem with ZoneAlarm.

Posted by: tommy at June 15, 2006 02:09 PM

This reminds me of a time when my friend was using Microsoft Anti-Spyware, and it identified its own schedular as spyware.

Posted by: Michael at June 15, 2006 02:58 PM

I think the broken thing is not that Personal Firewall is asking for permission to let Privacy Service on the internet, since that's its job. What's broken is that it says it does not recognize Privacy Service. Not only are they from the same company, but they are both run through the McAfee Security Center.

Posted by: gmangw at June 15, 2006 03:42 PM

Who am I? Who are you? What is this all about? Why are we here? Where is 'here'? What is the meaning of life? What is the answer?

The answer..... is 42. Q.E.D.

Posted by: Arthur Dent at June 15, 2006 04:01 PM

[robot voice]THIS DOES NOT COMPUTE[/robot voice]*head blows up*

Posted by: at June 15, 2006 04:44 PM

Have you seen the new McAfee Ultraprotect system? After every keystroke it asks: "Are you sure you intended to push that key?" It took me 2 hours to type this post.

Posted by: spooly at June 15, 2006 04:48 PM


Oh- too slow. I have the same program as spooly

Posted by: And yet another different guy named Alex at June 15, 2006 07:07 PM

yo dude ur wrong all secuity systems ask for other programs you have downloaded for accces to enternet. if i downloaded a game and it needed a patch or up date. it would give me a link on the game. when i click it my S.C.C. (saftey and securty system aol) asks me to grant acces or not.

Posted by: GIl at June 15, 2006 08:55 PM



Stands clear as computer self-destructs as that is a question insoluable to man or machine...

Posted by: The Prisoner at June 15, 2006 09:24 PM

Yeah, it seems computers are worse at identifying their programs than people are at themselves!

ROFL my pocket change.

Posted by: Another guy named Alex B at June 16, 2006 11:50 AM

"If McAfee doesn't know if it is malware, how am I to know? Isn't that what the firewall is supposed to do. I have the exact same problem with ZoneAlarm."

No. A firewall does only one thing: block TCP/UDP ports. If any program tries to access a port, it will ask you if you want to let traffic through. It's designed to give you controll, and as was mentioned earlier: What if someone made a piece of malware, named it "McAfee Privacy Service" and unleashed it onto the internet?

A firewall can't determine if I program is genuine or fake, and it can't tell if it's malicious or not. It's up to you to know whether or not a program run on your computer is supposed to access the Internet or not, because a firewall doesn't know, and if they programmed a way for firewalls to automatically grant certain programs rights to access the internet, they would by definition be programming security holes into their software.

Yeah, it's not the most "intellegent" software, and it may make for a slightly worse user experience, but with current technology, it's pretty much necessary.

Posted by: WiglyWorm at June 16, 2006 02:17 PM

solution: get a mac

Posted by: beckett at June 16, 2006 07:19 PM

>A firewall can't determine if I program is

>genuine or fake, and it can't tell if it's

>malicious or not. It's up to you to know

>whether or not a program run on your computer

>is supposed to access the Internet or not,

>because a firewall doesn't know...

You stated yourself. "What if someone made a piece of malware, named it "McAfee Privacy Service" and unleashed it onto the internet?". The point is that a user with a McAfee Privacy program installed would have NO WAY of knowing whether the program asking access to the internet was real or malicious. What's an end-user supposed to do, reverse-engineer the executable to try and discover what it does? Not likely, especially for the target market for Mcaffee security systems.

So what will happen, in the real world? The average user will allow the software to access the internet. They have no way of knowing what it does, so they will usually take the route of assuming it's not malicious and allowing it (if you don't believe me, think of the number of viruses that rely on the user running an executable file they recieved by email). In other words, the firewall is DECREASING the effective security by disclaiming responsibility and 'passing the buck' to the end-user.

If a little thought was put into it, you'd realise that a firewall could easily determine if something claiming to be a fellow Mcaffee program was genuine or fake. A simple MD5-style checksum routing (slightly modified in case the malicious users find a way to make a program with the same standard checksum as the real thing) would be one example, a good one in this example since it would be easy for Mcaffee to implement this in their own software, but it's by no means the only one. This would increase both ease of use (not bothering and alarming the user with dialogue boxes for a genuine app) and security (would identify and warn the user about a real malicious app, that in the current system, would probably just be allowed). Everyone wins (except 'beckett', whose evil plans to get everybody to switch to Mac will have been foiled ).

Posted by: Simon at June 16, 2006 09:06 PM

Don't you wish every program was so curteous before it connected to the internet?

Posted by: Steve jobs at June 16, 2006 11:59 PM

>>"The average user will allow the software to access the internet."

Every software firewall I've ever used (though I've never used McAfee or Norton) recomends that you NOT allow programs to access the Internet, see if it has any ill effect on using your programs, and if so allow it. And I know *my* first assumption when I program tries to access the Internet is that it *is* malicious. Granted, I'm not your average end user.

>>"The point is that a user with a McAfee Privacy program installed would have NO WAY of knowing whether the program asking access to the internet was real or malicious."

Well, they could. It would require them to know what they were launching and when, though.. so I guess that might be too much to ask. ;)

And as far as using file hashes to automate McAfee granted access to the web.. That would require McAfee to know the proper checksum of every single file (or at the very least executable) ever made, since hashes are really only used to tell you if a file is corrupt or not. I still stand by my assertion that programing any sort of automation into a firewall will inherently make it weaker, because a hacker WILL find a way to spoof whatever security would be used (point and case: MD5 and its successor SHA-1 have both been broken already).

Posted by: WiglyWorm at June 17, 2006 04:13 AM

Oh, I almost forgot: as so far as macs go, the only reason you don't get alot of malware or virii for macs is because they have a pittance of the market share. If your evil plot to encourage people to buy mac succeeds and people switch, you will very quickly begin to see nearly all the problems PC users have now, garunteed.

Posted by: WiglyWorm at June 17, 2006 04:14 AM

I have had windows firewall block Internet Explorer plenty of times like this.

Posted by: Cameron at June 17, 2006 02:31 PM

>>WiglyWorm:"Oh, I almost forgot: as so far as macs go, the only reason you don't get alot of malware or virii for macs is because they have a pittance of the market share."

This one's been shot down so many times it's getting ridiculous, but one more time won't hurt for those that still don't get it: Nobody disputes that 'security through obscurity' does help, but the facts remain that 1>OSX is an inherently more secure OS to begin with, and 2>the incidence of successful exploits for the Mac is significantly lower than their market share. This means that the ratio of security risks to user base is not only much lower than Windows but also much lower than 'security through obscurity' could ever account for.

So, yes, Windows gets hammered because it is dominant, and yes, Mac OS will get hit more as its prominence grows, but it STILL holds true that it is substantially less vulnerable to malware and virii.

Posted by: hoki at June 18, 2006 12:17 PM

u guys are like 12 year olds

Posted by: Gil at June 18, 2006 01:28 PM

Damn! Gil said it first, but it was exactly the same thought I had after re-reading the posts subsequent to my earlier one.

Posted by: left-chef at June 18, 2006 02:12 PM

Ha ha...this doesn't surprise me. McAfee is the most annoying program I've got. I use Microsoft's XP firewall, yet because I have the suite of McAfee programs (virus, privacy service, etc.) it asks me EVERY TWO DAYS why I'm not using their freakin' firewall. My only choice when the reminder comes up is to update the program now (which I don't need to do since I'm using XP's firewall) or wait 2 days for yet another reminder. Can someone shoot their software designer for me, please, with a nice lemon cream pie?

Posted by: Tim 'Gonzo' Gordon at June 19, 2006 02:35 PM

Perhaps the program is not McAfee at all, but a program which has named itself as such and thereby would not be "recognized" by the firewall. In this case the program is doing its job quite well. Does McAfee install its products into Program Files\ ?

Posted by: Michael at June 19, 2006 06:32 PM

Simon: The checksum wouldn't work in practice, I think, if only because that would mean McAfee would have to update the firewall every time it updated any of its other products, to have the new checksums inside it. (If the checksums lived in a file, the file would be easily attackable!)

I don't think this is broken, other than the way firewalls like that are inherently broken as a matter of UI. But that might be less costly than the alternative, for the target market... and unless someone can come up with a better compromise between protection, usability, and UI annoyance, I wouldn't call this broken per se.

Posted by: Sigivald at June 21, 2006 06:26 PM

Well at least it is doing its job

Posted by: Kevin McNutt at June 22, 2006 11:01 PM

hmmm.... it's a nice idea, although the checksum thing wouldn't really work. And to those of you advocating switching to can shove that stupid one button mouse up your arse...and then put linux on your computer.

Posted by: LinBot at June 23, 2006 10:54 AM

Sounds like this program Virtual Bouncer (A fake anti-virus program). It turned out to be a version of VX2. It was so bad, we ended up having to wipe the C:\ drive.

Posted by: Eric at June 24, 2006 01:06 AM


Posted by: joe at June 25, 2006 03:19 AM

Comments on this entry are closed

Previous Posts: