Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
Intel Security IT

Intel Demos McAfee Social Protection 183

Posted by samzenpus
from the protect-ya-neck dept.
MojoKid writes "During the Day Two keynote address at Intel Developer's Forum, Renee James, Senior Vice President and General Manager of Intel's Software & Services Group, talked about software development, security and services in an 'age of transparent computing.' During the security-centric portion of the keynote, James brought out a rep from Intel's McAfee division to show off a beta release of their McAfee Social Protection app. If you're unfamiliar, McAfee Social Protection is a soon to be released app and browser plug-in for Facebook that gives users the ability to securely share their photos. As it stands today, if you upload a photo to Facebook, anyone viewing that photo can simply download it or take a screen capture and alter or share it wherever they want, however they want. With McAfee Social Protection installed though, users viewing your images will not be able to copy or capture them. In quick testing, various attempts with utilities like Hypersnap, Snagit or a simple print screen operation to circumvent the technology only resulted in a black screen appearing in the grab. Poking around at browser image caches resulted in finding stored images that were watermarked with the McAfee Security logo."
This discussion has been archived. No new comments can be posted.

Intel Demos McAfee Social Protection

Comments Filter:
  • Analog hole (Score:5, Insightful)

    by Anonymous Coward on Wednesday September 12, 2012 @06:50PM (#41318705)
    * takes out camera phone and copies that supposedly uncopyable image
    • Re:Analog hole (Score:5, Interesting)

      by Martin Blank (154261) on Wednesday September 12, 2012 @07:01PM (#41318811) Journal

      Even better: running it in a virtual machine and taking a screenshot of the VM console.

      • Re:Analog hole (Score:5, Interesting)

        by TranquilVoid (2444228) on Wednesday September 12, 2012 @08:10PM (#41319265)

        Precisely, it's a borderline useless idea that requires too much integration with a single company for it to catch on. I gather this works by requiring the app to even view the photos, so this makes it incredibly restrictive. I personally have a zero-app policy on Facebook, but I suppose a lot of people are almost tricked into installing apps - "Click here to see friend X's exciting breakfast pic!".

        Next, a Facebook app by itself is insufficient. Pure HTML/JavaScript is sandboxed, so it requires you also install a McAffee toolbar so it can hook into the OS. They are unlikely to have a Linux version and, if they do, there are plenty of ways around it. You could hack the kernel if you really had to.

        Of course they're not trying to secure an online banking system, just tap into any internet privacy fears that have trickled into the minds of the technically uninclined.

      • by Vlado (817879)

        Exactly!

        I've seen other "copy protection" approaches that blocked printers, screen-capture capabilities and such. It seems none of them ever heard of virtualization.

        As usual, copy protection makes things harder for average people, but will do nothing of any significance for anyone who has some degree of skill and more than an hours' worth of time.

    • or .. - uninstall mcafee plugin and copy image - use alternate browser which doesnt have plugin - capture url of image and download seperately - .... this may not be the dumbest thing i've ever heard but it's up there. the subsequent step is for facebook to apply drm and content protection to media on facebook. soon after mass migration of users to another social network. lets see what direction that share price keeps going in
      • by tsa (15680)

        What's uninstall? What's a browser? What's this url you speak of? The majority of FaceBook users have no idea what you are talking about.

        • by Joce640k (829181)

          The majority of FaceBook users have no idea what you are talking about.

          Therefore the majority of FaceBook users won't be publishing their images in this format.

          This app will do more harm than good if it ever makes it out there. The only possible use is for the sort of photos which only get published when the owner thinks they'll have control over them. Every single one of them will get burned (and I might be OK with this...they're exactly the sort of people who need to be burned a few times).

  • by Anonymous Coward

    But you can take a photo of it with your high-res 8mp iPhone camera.

    • by Yvan256 (722131)

      If you do that, you end up with a photo of higher resolution than the original! It's a win-win!

  • Pointless (Score:4, Interesting)

    by Robadob (1800074) on Wednesday September 12, 2012 @06:51PM (#41318713)
    So it prevents the person with McAfee Social Protection installed from saving images from Facebook? I don't get the purpose of this, unless they expect it to become government mandated to be installed on all computers.
    • Re:Pointless (Score:5, Insightful)

      by Robadob (1800074) on Wednesday September 12, 2012 @06:55PM (#41318761)
      The article was a bit misleading, but from watching the video its just a facebook app which blocks print screens/copy paste of images you upload through it. Doubt it will take long for tools which bypass this, and chances are the photos will stay within mcaffee social share rather than the general facebook albums, which will prevent a large number of people from using it.
      • by gagol (583737)
        How about this: you look into the code for the image URL and use curl or wget to download. Would that work?
      • by loufoque (1400831)

        You'll have to explain to me how a web browser can disable basic OS functionality like print screen.

    • by icebike (68054) *

      Exactly.

      Why would anyone install this software, all it does is limit the installer, not anyone else.

      So everyone who gets saddled with this software on their computer, saves the images with an Android phone, or Linux, or Mac computer.
      Problem solved. And a hack for removing the watermark ought to be possible about 37 minutes after the images find their way onto the net.

      I can see why your mom might buy you a computer infected with this technology, but I can't see why any any adult would buy one for themselves

      • by Robadob (1800074)
        Oh damn, i wonder if McAfee is going to manage to bundle it with all newly bought pc's, same as them and norton try to do with their a/v products.
      • by gman003 (1693318) on Wednesday September 12, 2012 @07:13PM (#41318901)

        Presumably the """only""" way to view the images at all will be with this plug-in installed, for definitions of "only" so loose I had to put sarcasm quotes around my sarcasm quotes.

        And knowing Facebook's userbase, they'll probably just use the analog hole - take a photo of their screen. Hell, some of them do it already, being too stupid to operate PrtScrn or even the snipping tool.

        • by symbolset (646467) *
          Some of the developers probably already did this. "Hey Jim, looks like the watermark algo is getting a little heavyhanded again. See attached pic."
      • by jrumney (197329)
        That's OK, because everyone who is going to install this software has already sent out Facebook status updates asking their friends to unsubscribe them from their feed so they can have privacy on Facebook. So noone without the software installed is going to see the photos anyway.
  • VM? (Score:5, Insightful)

    by dskoll (99328) on Wednesday September 12, 2012 @06:51PM (#41318721)

    What if you run everything in a virtual machine and take a screenshot of the VM window?

    Sounds like snake-oil to me.

    • Re:VM? (Score:5, Funny)

      by cultiv8 (1660093) on Wednesday September 12, 2012 @07:47PM (#41319103) Homepage
      Then you DIE! (Or are in violation of EULA).
    • If you are determined to defeat these types of systems, there will always be ways to do so. The point is to make the undesired behavior inconvenient enough to deter casual transgressors.

      Consider the locks on most doors and windows. It is trivial to defeat them, yet the combination of the minor inconvenience and reminder that you are locked out for a reason keeps a sufficient percentage of potential intruders at bay.

      • There was a bit of a tiff about photobucket private account images being available for download and people collecting nude images from there and publishing them.

        It was nothing new, just this particular site made it very easy. There are TONS of rather sad people who know plenty about computers and have nothing better to do then to try and find images other people don't want the entire world to share.

        And stuff like this by McImpotent? Just a small challenge until someone writes a script to not just circumvent

      • by geekoid (135745)

        " you are locked out for a reason keeps a sufficient percentage of potential intruders at bay."
        no it doesn't. It makes people feel good, but the VAST majority of people would never be robbed.

    • VM consoles are typically tty, so that wouldn't do much good. But you're right in a more general sense. Any system (it certainly doesn't have to be a VM) which supports remote windowing (X Windows, rdesktop, Citrix for example) provides all the bitmap you need, and its security is exactly as strong as the window server.
      • by hjf (703092)

        Silly unix user, GP was talking about something like VMware Workstation.

      • by loufoque (1400831)

        Sorry, but no. VMs typically run with an emulated screen, typically redirected to a VNC server.

        • You mean Windows VMs. Do they constitute the majority of VM instances then? That's certainly not been my experience, and I'm smack in the middle of the industry.
          • by loufoque (1400831)

            No, I mean linux server VMs running with either Xen or ESX. The fact that neither the host or the guest run in graphics mode has nothing to do with it. The host will still emulate a screen and graphics adapter for each guest.

          • You mean Windows VMs. Do they constitute the majority of VM instances then? That's certainly not been my experience, and I'm smack in the middle of the industry.

            KVM running under libvirtd (i.e. the standard thing shipped with RHEL) gives you a VNC session to an emulated screen.
            Xen can trivially be configured to do the same (I tend to do this for installing the OS, since the text-only version of Anaconda is quite crippled compared to the GUI version these days).
            VirtualBox gives you an emulated screen in a window by default.
            VMWare gives you an emulated screen in a window (I assume it still does anyway - certainly did the last time I played with VMWare, which was a co

        • And many VNC clients include a screen-grabbing option.
    • Sounds like snake-oil to me.

      Client-side security always is. There has never been a client-side security device, model, or system that hasn't been broken when given professional resources. The only systems out there that haven't been broken like this are ones either too small to attract attention or resources, or carry legal punishments so severe nobody subject to said laws will try to circumvent them -- ie "violate the DMCA and get 30 years in the electric chair and an 8 quintillion dollar fine".

    • by Jeremi (14640)

      What if you run everything in a virtual machine and take a screenshot of the VM window?

      Hell, what if you hold your cell phone up to your monitor and snap a photo of the screen, then email the photo to your computer?

  • In order for this to work, do you have to have the plugin loaded? There is an image transferred to the computer- it can be copied. Hell, it has to be copied in order to be viewed.
  • by Anonymous Coward

    Hi, we're Intel McAfee. Our NEW built-into-the-hardware tech DISABLES photo downloading!

    With this new tech, nobody except yourself can download your pics! If your friends also bought Intel, then you cannot download their pics either!

    So, wanted to check out hot pics of your classmates? Yup, can't download them? What's that? We defeated the point of facebook and many purposes of the internet? Noooo, please don't buy AMD instead! Noooo, don't buy ARM please !!!

    Intel Inside: can't download pictures !

  • The latest example of managers who don't get that computers work by copying data.

  • Seriously? (Score:5, Funny)

    by upuv (1201447) on Wednesday September 12, 2012 @07:00PM (#41318801) Journal

    Is it April already?

  • by Anonymous Coward

    FRAPS (a game recording tool) can take screenshots of the raw framebuffer contents.

    They really haven't thought this through, but I spose it would stop causal copying.

    • by gman003 (1693318)

      Precisely. Just as with most DRM, it is not unbeatable. It simply imposes a barrier that is too high for most to overcome.

      And, in the process, it imposes a smaller barrier on what it considers "authorized" use. In this case, viewing the images at all requires installing a plugin, which a) takes time, b) may not be compatible with your browser/os/hardware/favorite shade of blue, c) you may not be allowed to install, and d) may confuse the less tech-savvy users, particularly the ones who actually paid attenti

  • ...someone uses Noscript or turns off javascript manually.

    Then all bets are off. Right click to save. Bam. Where is your god now?

    --
    BMO

  • The downside is that viewing those images at all requires the plug-in and the FB app. The only way for it to work reliably is to store the image on McAfee's servers and only serve up the unblurred image if the browser is running the plug-in and isn't interfering with it's operation and they have the FB app allowed on their account. If they do otherwise, then someone can get at the image without the protection present and save it. So it's going to be a fight between friends who're having problems with the pl

  • Already Broken (Score:5, Informative)

    by sexconker (1179573) on Wednesday September 12, 2012 @07:10PM (#41318877)

    Start
    Magnifier
    100% Zoom
    Views > Full screen
    Print Screen
    Start
    Paint
    Paste

    • Re:Already Broken (Score:4, Informative)

      by ChumpusRex2003 (726306) on Wednesday September 12, 2012 @07:19PM (#41318931)

      I haven't tried IE or firefox, but magnifier doesn't work on Chrome windows. The magnified view just shows an empty page.

      I'm guessing that whatever chrome is doing - openGL, or whatever it is using to composite the pages, bypasses whatever layer magnifier hooks into.

      Similarly, the mcafee tool probably works by using graphics hardware overlays, and rendering the image directly into the graphics buffer, and then using hardware compositing. This works quite well to defeat low-end screen capture software. The better software, such as FRAPS, is capable of capturing the overlays, and then re-compositing the final image in software.

    • Or: Turn on camera. Take picture of screen.
    • by Yvan256 (722131)

      It's better than my solution:
      1. Take camera
      2. Point at screen
      3. Take photo
      4. Upload to Facebook

  • Lack of clue (Score:5, Insightful)

    by symbolset (646467) * on Wednesday September 12, 2012 @07:29PM (#41318995) Journal
    How does a project like this even ship without at least one person involved saying "Hey, wait..."?
    • Re:Lack of clue (Score:4, Insightful)

      by Anonymous Coward on Wednesday September 12, 2012 @08:39PM (#41319437)

      Selling security doesn't require that the product being sold actually work.

    • How does a project like this even ship without at least one person involved saying "Hey, wait..."?

      Nobody will say "Hey, wait..." because everybody wants to keep their job and get the occasional promotion...

      • by symbolset (646467) *
        I wonder if there was anybody on the team who got fired for saying "Hey, this whole idea is stupid. Here's a phone cam shot of the restricted demo picture on the restricted platform after it has been posted to imgur, become a template of /r/adviceanimals, been memed on reddit, crossposted to Facebook and twitpic, and been pinned on Pinterest 40,000 times."
  • When I saw the name McAfee Social Protection I thought it was going to be an app that helped prevent me from exposing my social data more widely than I wanted to -- something that monitors Facebook (and other) security settings and warns me if something changes in how public any of my data is. Something like that would be truly useful because I don't want to have to keep up with the changing privacy policies and security settings of every site I put my data on.

    I have a simpler and more effective way to keep

    • When I saw the name McAfee Social Protection I thought it was going to be an app that helped prevent me from exposing my social data more widely than I wanted to -- something that monitors Facebook (and other) security settings and warns me if something changes in how public any of my data is. Something like that would be truly useful because I don't want to have to keep up with the changing privacy policies and security settings of every site I put my data on.

      Same here.

      This lasted about 5 seconds until I'd read enough to register extreme disappointment that it's just another No-Right-Click thingo (that didn't work in 1997, and ain't gonna work today).

    • analog hole [wikipedia.org]

      Do I really trust the og enough to click on that link?

  • That should eat up 1-2 cores on the cpu good thing that intel cpus have 4+ of them.

  • Will it keep you from getting a social disease?

    <rimshot badjoke="true"/>

  • by benjfowler (239527) on Wednesday September 12, 2012 @07:57PM (#41319167)

    It looks like a tremendous pain in the butt to use, although some naiive people who don't understand computers might think it'll protect themselves from themselves.

    FWIW, I"ve worked in a bank before, and they had some awful McAfee crud running on the client workstations where if you attempted to do a screen grab, it would overwrite the data on the clipboard with black pixels -- a pain in the arse when you're trying to do consulting or tech support. McAfee had some similarly annoying crudware installed on all the bank's machines, which only granted write access to USB keys unless they'd been encrypted and 'blessed' by the company's IT department.

    Obnoxious garbage, designed to inconvenience users. I think there's a bit of Catholic hair-shirt thinking going on here: make the tools and processes as painful as possible, to make clients think they're doing something productive and virtuous, and justify the license fees they're paying the security software racket^H^H^H^H^H^Hindustry.

    I'd hazard a guess that some sad, fat middle manager deep in the bowels of McAfee dreamt this up, hoping that turning security software from a product (with loads of free alternatives) into a hard-to-clone for-pay service would generate more revenue.

  • by Gordo_1 (256312) on Wednesday September 12, 2012 @08:25PM (#41319355)

    and this idiocy is what they've got out of it so far? Where's all the "security-built-right-into-the-hardware" goodness they've been using to justify the acquisition?

  • If you don't want people to have a copy your photo, then don't share it in the first place. It's that simple. Once you publish, it's out, simple as that.

    Why don't people understand these simple concepts?

    No different than "Hey, Robert told me a secret--it's supposed to be just for me, so don't tell anyone else!..."

  • Someday all computers, tablets, cameras and phones will come with a hardware chip that will detect whatever watermark they embed into the image/video and prevent you from doing anything with the image other than seeing it. Even your camera will detect it and just not record anything. It's already around to some extent in the form of Macrovision, HDCP and other similar technologies that are used to prevent you from snapping screenshots or recording stuff off of your screen. After all, Intel does make lots of
    • by Chrontius (654879)
      Two problem scenarios: What happens when I get old and the pot stops helping with the glaucoma, and I get prosthetic eyeballs?

      What happens when we can keep an eyeball alive as part of a machine indefinitely? That one I can answer; it involves a black market and a melon baller.
    • Tried that. It was called the CPSA, Content Protection System Architecture. An umbrella group which would combine many different forms of DRM together in a manner which provided end-to-end protection for media. Included in it was an watermarking technology - CPSA compliant devices (Which would include all media devices) that detected the watermark on an analog or unencrypted input would refuse to display anything, because there was no legitimate means by which the watermarked content should be leaving the a
  • by Jaktar (975138)

    Even if you were able to secure it against VM's,Printscreens, cache, or any other computer aided means, there's still not going to be able to stop someone taking out their camera of choice (either cell phone or dedicated) and taking a picture of the screen.

    Sure, it's not a perfect screengrab, but it will work every time.

  • by timepasser (2728999) on Wednesday September 12, 2012 @11:47PM (#41320371)
    Here's the write-up: http://blog.securitee.org/?p=241 [securitee.org]
    • by dell623 (2021586)

      Mod parent up please.

    • by Tom (822)

      I was about to write a witty remark regarding how long it would be until someone breaks it. You beat me even to that, kudos.

    • by mattr (78516)

      Not that I am going to bother trying it, but I figure it would also work if I run Windows in VmWare on my Mac and use the very useful Mac utility Grab, or even just the standard Cmd-# screenshot command. In which case this is just a masochistic way for Windows users to hurt themselves while feeling superior?

  • by dell623 (2021586) on Thursday September 13, 2012 @02:28AM (#41321091)

    You want a photo to NOT be shared around the internet, so obviously the logical thing to do is to upload it to Facebook?

    No, the logical thing to do is to not share it, rather than trusting it to a poor cousin of DRM when pretty much all DRM schemes have been cracked within days.

    This one? Took someone a few minutes: http://it.slashdot.org/comments.pl?sid=3113117&cid=41320371 [slashdot.org]

    Security companies are becoming pathetic cash grabbing monsters. The contracting PC industry is hurting them because they can't peddle more and more antivirus licenses. Microsoft security essentials, windows firewall, and tools like Malwarebytes are hurting them because they are free and work better than their bloated expensive 'security' programs.

    So now they're using weird FUD to try and break new markets, releasing 'antivirus' apps for mobile operating systems that do absolutely nothing: http://crave.cnet.co.uk/mobiles/android-security-apps-are-mostly-useless-says-report-50007252/ [cnet.co.uk]

    And now this bullshit...

  • by xenobyte (446878)

    Let me get this... They see a market for people wanting to share pictures to prevent people from saving them?

    Doesn't make sense. Why share the pictures in the first place then?

    Also, if the pictures can appear on your Facebook page, they can be saved. The browser has the data so can be saved just like it can be displayed. There are already tools to access the browsers rendering engine and its data so it will be trivial to do the same in a streamlined tool that makes it super-easy to save special pictures lik

    • by Yvan256 (722131)

      They should double up on security and display a transparent PNG over the photo displayed as a background image. And disable right-clicking on the image. That will stop everyone!

  • by amoeba1911 (978485) on Thursday September 13, 2012 @07:22AM (#41322237) Homepage

    You see the image on your computer means that it's already been copied to your computer and you can do whatever you want with it. Use a packet sniffer to get the data being passed, reverse engineer the applet to see what method/key it uses for decryption... or just run in a VM and take a screenshot. McAfee has reached a new low....

    Stupid things like this are on par with perpetual motion machines when it comes to stupidity and shortsightedness.

  • I've got something that's about as good and doesn't require a stupid plug-in and will work on ALL devices.

    Put a transparent PNG over your photo! That will be almost as effective as this stupid plug-in idea.

  • I can see McAfee's software interfering with one's ability to save or print a photo that has a watermark it recognizes as a "do not copy" code, but I completely fail to see how it could impact my browser on a Linux box if I don't have their software installed.

    Lord knows there is no shortage of sites that would have implemented such technology to stop my browser from doing a right-menu-save-as on pictures years ago if such a thing were possible.

"Hey Ivan, check your six." -- Sidewinder missile jacket patch, showing a Sidewinder driving up the tail of a Russian Su-27

Working...