my o my.

"You pay us, but you do our Beta testing and UAT, thank you, enjoy the show!" - McAfee

#shakesFistAtMcAfee

Yeah, we see this too now. Amateurs. That's all I can say about them that's even remotely nice and doesn't involve swear words.

well, that explains a lot.

So much for "hidden"...ugh...we're reporting to McAfee.

EA to look for /Users/mfe and nuke it....better than editing bunches of scripts.

Until McAfee gets their heads out of their a**.

@donmontalvo what would be the ripple effect of deleting mfe?

@donmontalvo Is that account safe to nuke without messing up the software more than it already is when installed correctly? If so, I will also be nuking it. It annoys the crap out of me that this stupid account shows up now in inventory records. Every time I think their developers can't get any worse, they surprise me.

The "hidden" mfe user's home is /var/empty.

The /Users/mfe folder gets created when any of our scripts needs to populate home directories for accounts with UID 500>.

Ha....haha...HAHAHA...

mfe account on macOS
https://www51.v1ideas.com/IntelIdeas/ISecGForum/Idea/Detail/58270

PI is in reference to support case 4-17528505931

Directory Utility high level...

Apparently to McAfee, the definition of "hidden" means it doesn't have a home folder in /Users/ that you can see. Or maybe more simply, "If you squint really hard you can't see it!". They are so inept it's beyond belief.

BTW, the article you linked to doesn't say anything about being safe to remove without repercussions. It says you can change the password, but like, who would even care about that? I'd prefer it just either not be there in the first place, or they learn the definition of "hidden"

looks like it happened in 5.0.5... does it continue to 5.0.6?

nevermind.. it does persist in 5.0.6

We enable McAfee unacceptable behavior.

: (

C

@mm2270 wrote:

BTW, the article you linked to doesn't say anything about being safe to remove without repercussions.

The /Users/mfe folder only exists after one of our scripts run to write out a defaults command to /Users/<user>/Library/Preferences/yadayada.plist.

This is entertaining. Are you guys using McAfee?

Yes.

We also like to go out for group walks during lunch.

You know, barefoot, over shards of glass, thumbtacks, in traffic, etc.

We finally got a response from McAfee:

We reached out to Apple's support team and they informed us that UIDs below 500 are reserved for Apple, specifically, and that they can at will remove these. ... In other words, it looks like we're stuck with a UID above 500 for the mfe user.

So apparently they think that macOS just removes low-UID accounts for the sport of it?

If this was the case, our Jamf Pro management account that we've been using for like 6 years now with a sub 500 UID would have been removed long ago. This excuse is bogus. Apple doesn't remove UIDs below 500.
To be somewhat fair, I do seem to recall an OS update a long while ago, maybe 10.8.something that might have done that, but that was a one off case that Apple corrected and it hasn't happened since. As usual, McAfee is using outdated information and is incompetent. But tell me something new.

@bvrooman I also call BS on McAfee. They're such a bloated company with lots of redundant layers of unnecessary management and teams, to get an answer like that from them underscores how inept they are.

Endpoint for Mac is 5 pieces...four signed/flat packages and one long-in-tooth-convoluted install.sh script that the customer has to wrap and insert commands that are poorly documented and don't always work.

Rumor has it they've got a 70+ year old bearded skinny guy chained and in a cage maintaining install.sh and are waiting for him to die.

In short McAfee is blowing smoke, maybe their founder gets his supply from the company.

Drugs, rape, murder, offering to crack iOS...why do business with such a shady company?

John McAfee's strange tale gets darker in documentary

@donmontalvo I logged that, McAfee didn't want to help us with it at all :/

We're moving away from McAfee now. Not related to this really, but happy to see the back of this issue as a result.

@donmontalvo....

It's really worse than that when Intel "sold" 1/2 of them ( they didn't really they paid the investment group 2 billion USD) on a 4 Billion sale so it was a dump. However, the good part is investment group has real ties to China... so not good in any way...

C

PS @draeconis can you share how big your install base is? I know they lost a big account late last year or early this year.. trying to get data so we can drop them too.. thanks!!

I agree that the excuse is a load of crap. Unfortunately, they also confirmed that they have no intention of changing their monkeys-at-a-typewriter development process or start thinking about their clients when releasing half-baked crap instead of software.

This is one of those cases where I truly wish we could vote with our dollars and put this load of poop company out of our misery.
Unfortunately, where I am, I don't get to make the decision on which software to use for security purposes. We just get told this is what we use and find a way to make it work. Complaints about the fact that it's a steaming pile go in one ear and out the other. If it were up to me, McAfee would get removed from every single device, PC and Mac, in the environment and they'd be told not to come knocking ever again because of how shoddy their work has been for the last umpteen years. It's completely ridiculous they refuse to put some competent resources into making their garbage stink just a little less. We're not asking for perfection, just something that we don't have to wrestle with almost daily to make it actually work!

McAfee blows more smoke...

https://www51.v1ideas.com/IntelIdeas/ISecGForum/Idea/Detail/58270

Had our InfoSec open a ticket with McAfee. Their response was, well...

"Based on [based on MAC Engineer's] suggestion if you create less than 500 UID it will not be hidden and that's why the UID can't be less than 500."

Has anyone tried to move the uid to something sub-500 and fix their crappy work?

What the what?? That statement wins the prize for dumbest statement of the year from a tech support person.
Maybe the problem is the "engineer" they spoke with was an expert in "MAC" and not "Mac" :rollseyes:

McAfee's ineptness on the Mac front for their craptacular product continues to astound me. And it's not even just that they don't know what they're doing. It's the refusal to even try to learn or try harder that galls me. They continue to shatter even my very very low expectations of them. Is there no bottom to their incompetence? I'm beginning to think "no".