Re: Spamming as a Service in Total Protection

[Jeffrey Walton <noloader () gmail com>]

On Thu, Jan 19, 2012 at 1:13 PM, Rob, grandpa of Ryan, Trevor, Devon &
Hannah <rmslade () shaw ca> wrote:
> http://www.reuters.com/article/2012/01/19/us-mcafee-idUSTRE80I0A620120119
>
> I post this primarily as a warning to those who have this product installed.
>
> However, I do feel compelled to note that this outfit, along with another that
> comes in a yellow box, and one particularly trendy product, have had a) a great
> deal of market success, and b) a number of absolutely stunning failures over the
> years.  (Which, I suppose, is just another example of how marketing trumps
> security, every time ...)
McAffe and TrendMicro were particularly vulnerable to handle
manipulations [1]. We found we would accidentally shutdown the update
service or the firewall while focusing attacks on the scanner. No
administrator privileges required.

Jeff

[1] "Old Dogs And New Tricks: Do You Know Where Your Handles Are?",
http://www.softwareintegrity.com/Documents/Old-Dogs-and-New-Tricks.pdf
or http://packetstormsecurity.org/files/100564/Old-Dogs-and-New-Tricks.pdf
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.