Facebook has partnered with McAfee to improve the social network’s security measures.
The arrangement will have McAfee remotely clean up Facebook subscribers’ PCs if the social networking site detects that the computer is infected. These subscribers will also see an ad for a six-month free subscription to McAfee’s Internet Security Suite software.
Both companies will codevelop educational materials that will be posted on Facebook’s site for its subscribers.
What the Deal’s About
McAfee created a custom scanning and repair tool for Facebook that will be made available to the social networking site’s more than 350 million users. Any infected PCs detected by Facebook will be cleaned up remotely at no charge.
“We have dedicated a lot of time and resources to protecting users and the network, but the one thing we don’t have control over, which is an integral part of the network, is users’ PCs,” Facebook spokesperson Barry Schnitt told TechNewsWorld. “So we looked for someone to help fill that gap.”
The system includes a custom package that deals with malware on users’ PCs. McAfee was selected after a competitive process, Schnitt said.
Infected PCs that log on to Facebook are quarantined. The custom-designed tool, McAfee Scan and Repair, then freezes the account and cleans the PC remotely using a client on McAfee’s servers, Brent Remai, McAfee’s vice president of consumer marketing, told TechNewsWorld.
During the process, Facebook subscribers will be shown McAfee’s free subscription promo as they are walked through five or six screens that show them how to clean their account, Remai said. Subscribers who don’t take up the offer are sent back to their Facebook accounts.
“We’ve found that about 80 percent of all users don’t have proper security protection on their PCs,” Remai explained. “They’ve either let their security lapse or didn’t get it in the first place or are under-protected, having only basic antivirus software and lacking antispyware, anti-phishing or firewall applications.”
Facebook will remain responsible for security on its own back end servers, which are not covered under the agreement, Remai said.
Standing Things on Their Heads?
Facebook began testing the remote McAfee cleaning and repair solution a few weeks ago, its spokesperson, Barry Schnitt, disclosed. “Without exception, people were gratified to know the malware on their machines was cleaned off,” he said.
However, Bradley Anstis, vice president of technology strategy at M86, wondered whether Facebook is putting the cart before the horse. “Shouldn’t Facebook be scanning their Web site for malicious code first?” he asked.
“I applaud Facebook for what they’re trying to do, but you have to be able to vet this stuff to try and prevent it from getting in in the first place,” Ryan Barnett, director of application security research at Breach Security, told TechNewsWorld. “What they’re doing is the equivalent of giving attendees at the Super Bowl bulletproof vests after they’re let in and saying these might protect them if someone in the crowd has a gun, instead of patting people down before they enter the gates.”
What about people posting malicious code to other people’s Facebook pages or adding malicious links into their posts? “There are services that scan these links to see if they host malicious code,” Barnett said. These include Google’s Safe Browsing API (application programming interface).
“Facebook could take incoming links, use something like Google’s Safe Browsing API and see if the link leads to a page hosting malware and, if it does, it can throw that link out,” Barnett said. “Working with other vendors who track malware locations would help.”
Nonetheless, Facebook’s Schnitt contends the site is taking its security measures to a new level. “We’re taking responsibility for remediation that other free Web services don’t do,” he pointed out. “It’s more in keeping with what banks do.”
Possible Technical Issues
On its face, the arrangement sounds as though it could present problems for subscribers who have their systems scanned by McAfee’s tools but already have other security vendors’ products installed on their PCs. Using more than one security product on the same PC sometimes causes conflicts.
McAfee contends this won’t be a problem. “Our tool won’t conflict with anything on users’ PCs,” Remai explained. “It will look at what’s causing the issue on Facebook, and find and clean it in less than two minutes on the user’s PC.”
Others are not so sure that things will go so smoothly. “Unless McAfee has tested its scanner application with every single antimalware app on the planet — and I don’t think they could possibly have done that — it’s hard to say what’s going to happen,” M86’s Anstis pointed out. “McAfee will look at suspicious or malicious files, and the locally installed antimalware will be looking at that scanning activity, because that’s inherently suspicious.”
The Right Stuff?
McAfee Labs’ forecast for 2010 predicted that social networking sites would be the platforms of choice for emerging threats. It also said cybercriminals will use more complex Trojans and botnets to build and execute attacks, and leverage HTML 5 to create new threats.
HTML 5 is the next major revision of HTML, the hypertext markup language. It will reduce the need for proprietary plug-in rich Internet application technologies such as Adobe Flash, Microsoft Silverlight and Sun Java FX.
Social networking sites are increasingly coming under threat because more malware is being created, and they are the preferred targets for cybercriminals. “The amount of malware created is going up exponentially — there was a 500 percent increase between 2008 and 2009,” McAfee’s Remai pointed out. “Last year, 16.5 million unique pieces of malware were created. That’s more than the total amount of malware written in the previous years combined.”
Cybercriminals like to target social networking sites because of their size. “Most cybercriminals build malware for financial gain and they will target sites that have some scale because a lot of times it’s a numbers game,” Remai explained.