Sunday, February 17, 2013
McAfee jeopardized the safety of MAC users
McAfee employees say they never lose control of special certificates, which are used to confirm that users are using the legitimate releases. Key revocation date - February 6, 2013. This means that for a week consumers were not able to confirm they bought McAfee-software for Mac.
"We were just told that we must accept unverified certificates until they sort out their problems," - says one IT-manager of a large company, who requested anonymity. "In fact, they offer us their own themselves to the threat."
McAfee representatives say that the key was inadvertently withdrawn when the administrator of the company has been developing a hardware upgrade. Rather than withdraw its own individual key specialist mistakenly revoked key-signature, which Apple uses to ensure that their system remains fully protected from malicious software. Now engineers are committed to prescribe their applications to the new keys, but so long as it does not, consumers will have to refrain from installing or updating an application.
Why do not they have solved this problem before, but instead waited for 7 days? Top managers claim that the error was discovered only 48 hours ago. In addition, companies need to generate a brand new key, engineers need to make changes in the program and to test the quality of products to ensure that they normally work. No one even really can not say how much time may be needed to address this issue.
This extra illustration of the condition today is McAfee, as well as evidence that the current system of digital certificates is not ideal. Most recently, a key that company Bit9 used for the certification program, has been stolen by hackers, who took advantage of the situation and "approved" a huge number of malicious programs. Last September, a similar problem arose and Adobe Systems.
However, while the owners of McAfee software for Mac, there is no way of knowing that they establish an authentic copy of the product.