Breaking McAfee’s Social Protection

Posted on September 13, 2012 by nikifor

On my usual daily visit of Slashdot, I read that McAfee introduced a new application called “McAfee Social Protection” for Facebook. In a nutshell, you install their plugin, allow their application to control quite a bit of your Facebook and then you can start uploading pictures “safely”. Here’s a video of it in action.

Specifically, when you upload a picture, you can share it with your friends or groups of friends who also need to install the special plugin in order to view your picture. Once they do, the picture is visible, but! McAfee claims that you can’t save it on your computer or take a screenshot and then paste it in an imaging program. Naturally, I wanted to put their claims to the test 😀

I started by uploading a picture of myself and sharing it with myself :D. Then I tried to right-click on the image but I couldn’t get the usual image dialogue. Next stop, “Print Screen”. Here’s what I got when I pasted the contents into mspaint.

First screenshot using “Print Screen”

I used Window’s 7 preview on the bottom, so that you can see that we are indeed on McAfee’s application page on Facebook. Then I tried going back to my slashdot tab and taking a screenshot of that.

Print-Screening Slashdot doesn’t work while my McAfee tab is open

Unsurprisingly, McAfee’s funky plugin starts messing up other tabs. In order to get your print-screening abilities back, you need to close their tab and then either resize your browser or minimize it and then maximize it (otherwise the blackness remains put).

So, ok you say, it kind of sucks, but what about breaking it? Well, I am not good at reverse-engineering binaries so reverse-engineering their plugin was out of the question. I started experimenting with moving the browser to various places of the screen or maximizing and then immediately hitting “Print Screen”. None of them worked… and then.. lightbulb! I remembered that there are screen-capturing extensions for Firefox.So, I installed Abduction! and tried again.

Here is the extra menu item when I right-clicked on McAfee’s page:

“Save Page as Image” option by the abduction plugin

I clicked it, chose the part of the image that I wanted to capture and then saved the resulting file to my desktop. Result?

Success 🙂

You see my smile? This, is the smile of success! 😀 Of course, you can save just the picture, but I wanted to show that it is indeed McAfee’s page on Facebook.

Conclusion

If it comes to your computer, it’s yours 🙂

Cheers
Nick

This entry was posted in Breaking stuff. Bookmark the permalink.

8 Responses to Breaking McAfee’s Social Protection

  1. Pingback: Herzlich Willkommen » lost+found: Kreditkarten-PINs, Defcon, SMS-Spam und mehr

Leave a Reply

Your email address will not be published. Required fields are marked *