McAfee uses web beacons that can be used to track and serve advertising to users

[frogboy]

Content source

https://www.helpnetsecurity.com/2016/03/17/mcafee-web-beacons/

A test of seven OEM laptops running Windows has shown consistent privacy and security issues, including an interesting revelation that the McAfee Antivirus running on six of them is using web beacons to serve ads and possibly even track users online.

The seven laptops – Lenovo Flex 3, Lenovo G50-80 (UK version), HP Envy, HP Stream x360 (Microsoft Signature Edition), HP Stream (UK version), Acer Aspire F15 (UK version), and Dell Inspiron 14 (Canada version) – have been tested by the security research team of Duo Security by simply sniffing the traffic sent from and to them once they have been taken out of the box, plugged in, and connected to a network.

Full Article. McAfee uses web beacons that can be used to track and serve advertising to users - Help Net Security

 

[hjlbx]

Copied from linked article above:

"After Patch Tuesday updates, many of the privacy settings are reset to their default settings, and the user doesn’t get notified of this."
.
.
.
' "Mitigation [for all of this] is to turn off all of the privacy settings, make some registry settings adjustments, and turn off some services. And as stated, redo everything each time you patch,” the researchers advised. "

This kind of thing irks me to no end...

 

[frogboy]

Copied from linked article above:

"After Patch Tuesday updates, many of the privacy settings are reset to their default settings, and the user doesn’t get notified of this."
.
.
.
' "Mitigation [for all of this] is to turn off all of the privacy settings, make some registry settings adjustments, and turn off some services. And as stated, redo everything each time you patch,” the researchers advised. "

This kind of thing irks me to no end...

I would have to agree 100% it is wrong.

 

[hjlbx]

Another snippet from the article linked in the above linked article:

"
For example, after KB 3116900 a few privacy settings involving Mail and Calendar, as well as “Sync with devices” was turned back on. A few other things, such as WPAD and some of the Diagnostics Tracking were turned back on as well. Basically after major patches from Microsoft, you will want to revisit the steps below. And certainly if you upgrade to Windows 10 from Windows 8, you will definitely want to go over things.
"

 

[hjlbx]

Here is linked article inside above McAfee article for privacy remediation. Not complete, but useful nevertheless:

https://duo.com/assets/pdf/bring-your-own-dilemma.pdf

Thanks @frogboy, good infos.

 

[jamescv7]

That's why better analyze the laptop brands of OEM who are aggressive on the built in programs, because sometimes others are not really aggressive nor pose risk.

But we should agree that many bundled applications are already modified without user's awareness.

 

[soccer97]

Yep, those Root certificates, even in some security software. Not all of them, some serve a good purpose (validation). Anything can be misused though. That's why if you can/have media, time and skillset, pave the new laptop with a clean install.

I think Microsoft still Sells Signature PC's with MSE or Windows Defender, and very minimal to no bloatware that I am aware of.