Breaking McAfee’s Social Protection

On my usual daily visit of Slashdot, I read that McAfee introduced a new application called “McAfee Social Protection” for Facebook. In a nutshell, you install their plugin, allow their application to control quite a bit of your Facebook and then you can start uploading pictures “safely”. Here’s a video of it in action.

Specifically, when you upload a picture, you can share it with your friends or groups of friends who also need to install the special plugin in order to view your picture. Once they do, the picture is visible, but! McAfee claims that you can’t save it on your computer or take a screenshot and then paste it in an imaging program. Naturally, I wanted to put their claims to the test :D

I started by uploading a picture of myself and sharing it with myself :D. Then I tried to right-click on the image but I couldn’t get the usual image dialogue. Next stop, “Print Screen”. Here’s what I got when I pasted the contents into mspaint.

First screenshot using “Print Screen”

I used Window’s 7 preview on the bottom, so that you can see that we are indeed on McAfee’s application page on Facebook. Then I tried going back to my slashdot tab and taking a screenshot of that.

Print-Screening Slashdot doesn’t work while my McAfee tab is open

Unsurprisingly, McAfee’s funky plugin starts messing up other tabs. In order to get your print-screening abilities back, you need to close their tab and then either resize your browser or minimize it and then maximize it (otherwise the blackness remains put).

So, ok you say, it kind of sucks, but what about breaking it? Well, I am not good at reverse-engineering binaries so reverse-engineering their plugin was out of the question. I started experimenting with moving the browser to various places of the screen or maximizing and then immediately hitting “Print Screen”. None of them worked… and then.. lightbulb! I remembered that there are screen-capturing extensions for Firefox.So, I installed Abduction! and tried again.

Here is the extra menu item when I right-clicked on McAfee’s page:

“Save Page as Image” option by the abduction plugin

I clicked it, chose the part of the image that I wanted to capture and then saved the resulting file to my desktop. Result?

Success :)

You see my smile? This, is the smile of success! :D Of course, you can save just the picture, but I wanted to show that it is indeed McAfee’s page on Facebook.

Conclusion

If it comes to your computer, it’s yours :)

Cheers
Nick

This entry was posted in Breaking stuff. Bookmark the permalink.

8 Responses to Breaking McAfee’s Social Protection

  1. Alexander Voz says:

    Just take a picture of the screen with your phone, duh! :)

  2. The Amigo says:

    Three other likely means of capture, not counting the “point a camera at the screen” method that incurrs a heavy loss of quality.

    FRAPS (a screen grabber many gamers already have installed)

    Browse from within a virtual machine (it’s easy enough for anyone to install a VMware brower appliance, view the picture in there and hit PrntScrn on the host).

    Browsing from a Windows Terminal Server should work too: the remote TS host browses and you hit PrntScrn on your desktop, outside of the tsclient window.

  3. Pingback: Herzlich Willkommen » lost+found: Kreditkarten-PINs, Defcon, SMS-Spam und mehr

  4. fileperms says:

    Clever idea using the Firefox screenshot add-on. I was doing some research on this useless piece of software myself, if you are interested: http://fileperms.org/mcafee-social-protection-broken-by-design/

    • nikifor says:

      Hi,

      Cool write-up! I didn’t expect that they would actually try to detect whether the plugin is running in a virtual machine… impressive. I thought that they wanted to stop the low-hanging fruit, such as the right-click & save or print.

      Assuming they continue with this, I expect that they will start disabling screen-shot addons and the like, making it even less likely that many people would install the thing on their machines.

      Cheers
      Nick

  5. The geek says:

    Geek on nikifor!

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>