Facebook is offering its users a 6-month free trial of McAfee and promoting it heavily, and even forcing people to run a scan before they can reactivate a hacked account. They’re “not aware of another free Internet service that takes this much responsibility for helping people keep their accounts secure.” (Didn’t Google promote McAfee through Google Pack at one point?) I think this is a laudable step, more security is intrinsically good, but I have to suspect this is more about revenue than security. They will probably make many millions of dollars from their users installing or buying McAfee as a result of this.
Modern versions of Windows include free tools like Defender which are just as good and appear to have less of a performance impact on the computer. But if they really wanted to have a long-term impact on desktop as a vector for attack on web services I’m surprised they didn’t start, sponsor, or promote an Open Source equivalent of McAfee. This seems like a space very well-suited to address with an OS tool in the digital commons, much like a Windows anti-spyware equivalent of SpamAssassin, with self-updating rules and a completely transparent process.
This isn’t open source, but Microsoft now offer their own free anti-virus solution:
http://www.microsoft.com/Security_Essentials/
I run this and it’s quite good. It also replaces Defender.
I’m using MSE and it gets the job done nicely without using up a lot of system resources.
Avira used less memory than Microsoft Essential.
Oh, Facebook concerned about their users, that’s rich. Facebook IS malware. 🙂
Question – does an open source AV engine give blackhats an advantage? I don’t know enough to comment.
Also, the other alternative would be to find a good antivirus program (something quick and clean, like Eset) and offer it for free through something like Google Pack or a putative “Facebook Security Pack”.
Given how much we’ve heard today about hacking online accounts via phishing/malware, this is the next logical step for cloud software vendors. Like it or not, those masses of Windows PCs won’t go away.
Not to mention the Microsoft Security Essentials free anti-virus/anti-spyware suite that was released some months ago – also very low impact on performance and average or above-average results.
If Facebook really cared on security they would promote free alternatives alongside McAfee, for the users who either don’t have a budget for or a desire for a costly yearly antivirus subscription.
I have a feeling it’s ALL about revenue =(.
I agree with you. Mcafee work very well in partnership with Microsoft before. Now they want work with FB. WTS
I agree, I started using MS Security Essentials for my family.
Best of all it is free (if you pass WGA that is), but you also don’t get the nagging that comes with AVG Free, Avira, Avast, etc.
Of course I’m on OSX so I don’t have to worry much ^_^
I’ve been running Avast for over 4 years now, and I’ve never seen a nag. I have to re-register every 14 months, but I think that’s fair given that it’s free and takes up so much less resources than Norton or McAfee!
Course, I run linux on my main box now so it’s only an issue on my laptop…
Huge deal. Mark and the team at FB are almost definitely under contract with McAfee, but what about the people on Macs? Are they exempt from this? I’m sure they, of course, categorize OS for each of their users, but it will be interesting to see if they are going to “force” this on everyone, regardless of how well their computers are naturally protected.
Don’t get me wrong. I love McAfee. I was fortunate enough to receive a premium membership free through my job and haven’t had a single problem since.
I think it should be a “free option” for the users who had their accounts phished, but it should NEVER be mandatory.
Just a thought.
I haven’t been through the process myself, as my account hasn’t been hacked, but it looks vaguely like that from the screenshots. Maybe someone from Facebook will drop by and clarify.
I would accept it if I had the choice to run any antivirus. I think they are forcing users over something they shouldn’t…
I find this interesting as well Matt. One thought I’ve had is how much more useful it would be to have a online “cloud based” security scanner that the Facebook users could use. I’m thinking along the lines of what Panda Security has with their cloud protection. (As much as I hate throwing the word cloud around)
Not to mention though, that they should be promoting browser security on the same token. Such as, notifying user of an outdated, vulnerable version of their browser, and suggestion they update.
I feel you, but I think this would be a bad deal for the users.
It would require an unthinkable amout of bandwidth (on FB’s side) and personal security concerns on the user’s side.
JavaScript can be incredibly intrusive if you know how to write it, while at the same time it would make the rest of the user’s “life” that they have decided not to broadcast on FB more accessible to the site.
I’m not sure if you know this, but the guys over there are insanely smart. They have the ability to place ads specifically based on particular profiles.
The best thing to do is to get up and running with a solid established antivi; or switch to a Mac. And no, I don’t work for Mac.
“MS Security Essentials” is just a generally hilarious title.
Obviously, we all know that McAfee has a deal with Facebook.
Stunts like this and slowly whittling away your privacy is the direction Facebook is going towards. You can expect to see more of this as the investors who have pumped millions of dollars into the company dial up the pressure.
I think a lot of people aren’t coming to grips with the fact that Facebook is no longer an “innocent little startup with naive college-aged programmers at the helm”. The name of the game is money and the facebook you all knew and loved is long gone.
There’s ClamWin – http://www.clamwin.com/
It doesn’t do everything that the top notch Windows Anti-Virus programs do, but it’s free and open source.
I have to use a McAfee product on my work machine but started to use the free MS solution on the virtual Windows7 machine on my Mac. I think it’s doing a good job and more than enough for the price of free.
This is awesome news!! Oh, thank you great Facebook deities.
I think you’re right. It’s not about security—it’s about scaring people and making them think they’re getting a deal, when actually they are getting scammed. It drives me crazy that PC’s come packaged with trial software like McAfee when there are several excellent free antivirus programs. The hacked FB users could be better addressed by an educational page about phishing and other common security issues.
We’re actually switching from Symantec to McAfee anti-virus at our fortune 500 company this year.
And of course, the real kicker is, AV does *absolutely nothing* to prevent phishing and other social-engineering attacks.
Will this move prevent Koobface (and other malware) from spreading? Possibly.
Will this move correct ignorant/stupid user behavior that represents the greatest attack vector? Not at all.
Facebook has just recently been able to turn a profit, so anyway that they can make more money, I’d think they would definitely try to capitalize on it.
Yep, i remember those google pack days, i promoted it and even earned some money 😛
Am currently using macafee on my dell powered by windows7 and its pretty good so far, and if they are giving a 6 months free license, i don’t see any reason why one should not grab it 🙂
I find this a little scary. There is so much spyware and PC highjacking that you have to run Antivirus software on you local machine to access a website…
They are forcing people to use this and cant sign on to fb without it
I was actually forbidden access to FB on this computer unless I downloaded their free McAfee software. I got a notice the I had malware on my computer and wouldn’t be allowed to proceed. Funny thing is, after running they’re “free” software, it came back that I did NOT have any viruses. I use the MS security software and run scans regularly. I do not want or need McAfee. Can I remove it and still access FB?
To all readers having the ‘Secure Your Account’ message:
Delete your cookies and browsing history. This should allow you to log in to your Facebook without having an unsolicited and possibly harmful product forced upon you.
This is a shoddy way to do business and a horrible way to work with the users who have taken every measure to ensure that their machine is not infected by a virus except to use Facebook’s partner product. No where in the 5 steps does Facebook offer an alternative to their partner product. This can only mean that Facebook is completely disinterested in your wants and is only interested in pushing their partner product – MacAfee. This makes Facebook no better than the shady websites that tell you you have a virus and try to trick an unwary user into downloading malicious software.
What massive hypocrites!
“6 months free subscription”? Seriously, who do they think they’re kidding with that?!
What happens at the end of the 6 months? Are we then going to have to pay for a McAfee subscription in order to use Facebook?
How stupid do they think we are?
They know people wont pay to use Facebook. Not when there are similar sites out there that don’t charge their users. So they are using this sort of underhanded tactic to make more money from us.
Don’t they make enough from all the targeted advertising?
Facebook seems to have forgotten how fickle internet trends can be.
We, the users, are the reason Facebook has become the business giant it is.
Remember Myspace guys, and learn the lessons from their mistakes.
The next social networking site confined to the annals of history could be you!