I was checking my credit card balance today, and discovered a charge from McAfee Security (makers of VirusScan antivirus software) for $29.95 that I had no recollection of. In addition to that, I had a $29 over limit fee because of that charge.

After dialing their customer service number, I went to their website to do some digging. It turns out that I had purchased a copy of VirusScan in January for a computer that needed it, with my credit card for $19.95. What I failed to notice is that in the the third to last paragraph of the License Agreement it gave McAfee Security permission to indefinitely renew my “subscription� to VirusScan at the current asking price for the software (currently $29.95), up to 30 days prior to the yearly expiration date.

After reaching a customer service agent, I informed them of the situation and they promptly refunded my $29.95 (in 3-5 days) and refused a refund for my $29.00 over limit fee. I made sure that they noted that I was an IT Director in charge of SEVERAL HUNDERED computers, and that I would never purchase one of their products again, EVER! I also made them aware that at a minimum that would be a loss of several thousands of dollars worth of revenue, due to their license agreement.

I am sending this to everyone I know. Please forward, and please check your accounts (If you use VirusScan) @ www.mcafee.com

This is fact, and it did happen to ME personally. Please feel free to contact me if you have doubts.

P.S. I am now a very happy Symantec user. www.symantec.com

Exact same thing happened to me....I didn't even have that computer anymore.....I too, did get a refund after much run around!!

I use only symantec.

-Perry

I run Mac OS X - I don't get viruses.

:)

Sorrry - had to throw that out.

Thanks for the post pcmechanix, but do your corporation a favor and get symantec av corporate edition, it is great! As far as you home users go, try AVG out from www.grisoft.com.

Already running it. :D

Just as a warning AOL did the same thing to me.

Bought my daughter a laptop at Best Buy. It came with one year free AOL access which was never activated. A year later my daughters credit card was charged $19 and the bill was for an 800 number. After she denied calling porn sites I contacted the cc company and found out it was for AOL access. Not only did they try to charge me and hide it, they got the CC number from Best Buy without my authorization !!!

fwiw,

Agu

Yeh I read an article about that, best buy would scan an aol disc for "activation" at checkout and after the year was up you would be billed for it even if you never used the disc. Stupid best buy.

<~~ Another happy Symantec user.

Another vote for Norton Antivirus by Symantec.

All of my clients vote yay on symantec too..

Originally posted by beerguy
I run Mac OS X - I don't get viruses.

:)

Sorrry - had to throw that out.

Sorrry - had to throw this out. ;)

Macs Are Not Invulnerable (http://abcnews.go.com/sections/scitech/ZDM/mac_vulnerablility_pcmag_031211.html) I was tired of the "We use Macs because they don't get attacked by viruses and hackers" refrain from Mac nuts.A Major Mac Breach

This is a significant hole. The original report, found on Carrel.org, puts a frightening spin on the problem:

"A series of seemingly innocuous default settings can cause an affected Mac OS X machine to trust a malicious machine on a network for user, group, and volume mounting settings."

So an attacker who can gain access to your network — over a wired connection or wirelessly — can trick an affected system into trusting a rogue machine, and when the compromised machine reboots, take it over and even attack other systems on the network.

The truth is that the Mac OS is just as vulnerable as Microsoft Windows. Overall, maybe OS X is better than Windows, but that's not the point. Panther, for example, is a great OS, but it's also complex, and complexity leaves room for gaps — some small, some not. Who's Crowing Now?

Ultimately, those on the Mac fringe have to face facts: Panther and Jaguar were not better at outrunning vulnerabilities than Windows.

I expect other gaps will emerge, and while the Mac OS may still draw far fewer attacks, this discovery might suck a little wind (or is it Windows?) out of Mac radicals' sails. They can scarcely claim this was a minor hole. OS root access is serious stuff.

How cocky are you feeling now, Mac elite? Hmm. Suddenly it's gotten pretty quiet around here.

I'd actually already read that article and none of my systems are vulnerable. Also, that has little to do with my virus comment as the exploit isn't a virus. (It also requires a fairly sophisticated setup to take advantage of)

There is one aspect that the writer doesn't address in his article in regard to Macs, or any other Unix based system. As a software developer you are probably very familiar with the fact that Window security model requires that relatively trivial programs need full access to privileged system resources; that is why Windows is so easily exploited.

What I failed to notice is that in the the third to last paragraph of the License Agreement it gave McAfee Security permission to indefinitely renew my “subscription� to VirusScan at the current asking price for the software (currently $29.95), up to 30 days prior to the yearly expiration date.

So let me get this straight....You got your panties in a bunch because you can't read? They were quite nice to refund your money since in all honesty they were completely covered in writing. Essentially, you gave them permission to charge you that money when you purchased a licence for your initial copy. They don't put all that legal crap in those agreements for nothing. It's your responsability to read them, if you don't it's your fault if you get shafted. It's like the people on here that get all bent out of shape for not being able to discuss politics when it clearly states in the user agreement that it's not allowed.
Do I read the fine print of everything i sign or agree too? Mostly, but not always. But if I need to complain about something only to find out I agreed to it when I signed, i'm sure not going to continue to whine about it. My bad for not reading....Yet another example of pass the buck mentality that's taken the nation.

Originally posted by emilye2
So let me get this straight....You got your panties in a bunch because you can't read?emilye2, don't get yours in a bunch either. This IT Director (who should notice things like he didn't) is moved on. ;)

Obviously not, he's trying to remove as much credibility as he can from a company that quickly addressed a concern that was his fault to begin with.

But not here, anymore...

Here's a better explanation of the heinous Mac vulnerability:

http://www.bynkii.com/networking/archives/000099.html

Eh, IMO McAfee = garbage regardless. Now, would you like a cookie or a golden star for having a Mac? Just though I would throw that out.

Re: offering me a cookie? yesterday I thought it was dinner and a movie?

/* insert puzzled look */

Originally posted by beerguy
Here's a better explanation of the heinous Mac vulnerabilityBetter how? Because some Mac-head automagically (a very handy word in Apple's lexicon) engaged in intellectual dishonesty by pointing at DHCP instead of Apple? His explanation is equivalent to having an automaker blame the steel company when a drive shaft on one of their cars breaks.

lol automagically, that's going in my dictionamary for future use.

He pointed at DHCP because it IS the issue. The Apple implementation is completely RFC compliant and is no more insecure then any other implementation.


For the record NTidd it's not a new term.

automagically:
/aw-toh-maj'i-klee/ adv. Automatically, but in a way that, for some reason (typically because it is too complicated, or too ugly, or perhaps even too trivial), the speaker doesn't feel like explaining to you. See magic. "The C-INTERCAL compiler generates C, then automagically invokes `cc(1)' to produce an executable." This term is quite old, going back at least to the mid-70s in jargon and probably much earlier. The word `automagic' occurred in advertising (for a shirt-ironing gadget) as far back as the late 1940s.

blame the steel company when a drive shaft on one of their cars breaks Should have bought American Made Steel. :}

Originally posted by beerguy
He pointed at DHCP because it IS the issue. The Apple implementation is completely RFC compliant and is no more insecure then any other implementation.


For the record NTidd it's not a new term.

For the record, I didn't say that it was a new term, just haven't heard it before.

Originally posted by musicsmaker
Should have bought American Made Steel. :}

Eh, I'm a foreign car fan, they seem to last longer than american, but as far as steel, I don't know

Originally posted by beerguy
He pointed at DHCP because it IS the issue. The Apple implementation is completely RFC compliant and is no more insecure then any other implementation.If this was purely a DHCP issue, any OS would potentially be affected, no?

It doesn't sound like an actual DHCP issue to me. It sounds to me more like "wide-open default settings for DHCP client software" on the Mac OS.

From the Security Advisory Author (http://www.carrel.org/dhcp-vuln.html)Workarounds
There are a variety of avenues to avoiding this vulnerability...
Disable any network authorization services from obtaining settings from DHCP:
in Directory Access, select LDAPv3 in the Services tab, click "Configure...", uncheck "Use DHCP-supplied LDAP Server"
in Directory Access, select NetInfo in the Services tab, click "Configure...", uncheck "Attempt to connect using broadcast protocol" and "Attempt to connect using DHCP protocol"
in Directory Access, uncheck LDAPv3 and NetInfo in the Services tab, if you don't intend to use them
Turning off DHCP on all interfaces on your affected Mac OS X machine can also keep you from being affected.
For added security, be sure to disable any unused network ports:
turn the AirPort card off or remove it, if it is not being used.
Configuration Awareness
If a user should need any of these settings turned on due to the network and authorization system they are currently using, they should be aware that they could fall prey to a malicious individual using the techniques outlined in this advisory. Steps to mitigate this concern could be as simple as manually configuring the directory server settings on the affected machine.


Technical Details
By default, the affected versions of Mac OS X attempt to negotiate DHCP on all available interfaces. In the event that an Airport card is installed but there is no network nearby, they also default to associate with any network that might appear and then use DHCP to obtain an address. The system will also use DHCP provided fields, if available, to connect to an LDAP or NetInfo server on the network.

The default settings in "Directory Access" on affected systems will cause the system to place the network LDAP or NetInfo server ahead of the local user info for any given account, and will implicitly trust the LDAP or NetInfo server to provide correct information. Furthermore, nothing in the system prevents a login as a user with uid 0 (zero) with any login name. For example, an LDAP or NetInfo source with an account username "bluemeanie", uid 0, would be perfectly valid and usable for login at the login window and on any network provided service, including ssh (which is turned on by default in certain versions of the affected software).

In most cases, the Mac will need to be booted into the malicious environment to be exploitable by this flaw. (The netinfod process must be restarted to cause the malicious server to be inserted into the authentication source list.)

By taking advantage of these default settings, a malicious individual could potentially take full control of a Mac OS X workstation or server without even having to make a physical connection to the machine. With a good antenna the malicious individual wouldn't even have to be in the same building.

While the further examples in this advisory deal exclusively with LDAP, this vulnerability is equally exploitable using a malicious NetInfo server.