We are discussing the issue on our conference call as I type. A good point has been made that the settings will change every time that particular software updates to a new version and all settings may change to default anyway when McAfee does a major update. 2 things to watch out for.
None of us can reproi an issue where these settings aren't remembered otherwise and all we can suggest is that people may be telling the UI to remember once only, or 'this time only'....sorry I have too much on my desktop to actually check this personally, but just relaying what is being said.
…and yet another issue that the Mcafee programmers refuse to acknowledge. Nice!
It is insulting for them to suggest that we do not know the difference between allow this time only and outbound access only.
This rates right up there with the smart timer issue for updates which was implemented without fully understanding all of the unintended consequences.
Easiest solution would have been to simply go back to the 2009 (or earlier) versions which worked as they were supposed to.
Please don’t take this personally Ex-Brit, as my comments are in no way directed towards you.
I really do appreciate all your efforts on this forum, and am just venting my frustration with all of the problems with the current version, and lack of willingness on the part of the programmers to address some of them.
They haven't actually refused to acknowledge, it's just that they can't reproduce the issue.
Contact Technical Support Chat and ask for escalation.Message was edited by: Ex_Brit on 17/01/11 2:45:54 EST PM
I am a network security professional and I am able to reproduce this problem. Here is a summary:
To reproduce the problem:
Since there was confusion before, "outbound traffic" means typically-two-way traffic where the initial request that initiates the session is outbound. Example: web browsing from the user's PC out to the Internet. "inbound traffic" means typically-two-way traffic where the session is initiated from outside. For example -- when the user runs a web server on his PC, and someone from the Internet requests a page from that server.
There have been suggestions that a possible solution to the original problem is to hit "allow always" to make this warning go away. However that is not secure. Consider, for example, Firefox. While the browser uses some traffic on 127.0.0.1 for caching of content, so it needs _some_ inbound traffic (albeit not "from the Internet" but rather "from localhost") to function optimally, it is also possible for a rogue plugin to insert a bot or other malware into Firefox -- a sleeper program, key logger, etc, which could listen on a port for orders from an attacker to send data, or perform some action. Generally one does NOT want a browser to accept incoming connections from the Internet. Also, Firefox seems to work fine with inbound traffic blocked.
In summary this should be considered a bug in McAfee Personal Firewall and have a developer at McAfee assigned to document and correct the problem. Feel free to PM me for help in reproducing the bug.
Not good news but apparently this is the way it's designed. I'm sorry I couldn't get anything better on it.
You might want to contact Technical Support Chat and escalate it upwards. Link under Useful Links above.
When I bought this computer, it came with 18 months of McAfee. I even extended the service because I was, as in past tense, pretty happy with it. Unfortunately, I am starting to regret my decision to stay with McAfee, and not change back to Symantec. I am a happy Symantec user, but I am not a happy McAfee user, at this time. Please let the people at McAfee know that failing to fix this problem may cost them a few customers, as I return to using and recommending Symantec, to my friends and family. I won't have a software designer force their bad decisions on me. I also resent it when a software company decides to relabel bad design decisions or bugs, as features. If this is a feature, it is a negative value feature that will cost McAfee to loose customers.
Well I did report it. The best way to get the message across is to file a problem with online Technical Support Chat as I previously said, and one could possibly get in on the development process by actively beta testing the newer products and filing Bug Reports on same, that way you can effect change before the products are released.Message was edited by: Ex_Brit on 01/02/11 6:48:07 EST AM
This seems like an excellent suggestion. In case anyone is wondering, as I was, what exactly "technical support chat" is and how does one contact it, go to the menu above. Select McAfee Support -> Home and Home Office (or Corporate as the case may be -- YMMV) -> go to technical support -> chat -> run McAfee Virtual Technician (if you have not already) -> then you can finally click on "chat". I don't have the expected wait time right now so I have not tried it yet, but if anyone does and has any luck, please share.
Just to chip in my tupppence worth and hopefully add some more weight to this "design feature"...
I'm an IT programmer of 15yrs or so experience. The problem is astoundingly easy to re-produce. Install Win 7, Install McAfee Total Protection 2011 - set the firewall to Outbound Only or Stealth. Set relevant program permissions to Outbound only. Set information alerts to tell you when programs are allowed access to the internet. Try browsing... answer "Allow access" popups, re-boot, try browsing, answer "Allow access" popups again. At some point you will even get the message telling you that IE has been allowed Full access depsite all your best user efforts and settings through the GUI. Reset it to outbound and repeat...for ever.
To say this is design is just stupid... If it's design, it sucks and is broken. Sorry I don't pull punches for cop-out statements. You do not design a user interface to give the user the ability to set an explicit piece of behaviour and then have the code automitcally reset that behaviour. That's a bug, pure and simple.
If this is a "design" to protect average users, then why does it allow browsers to accept incoming connections with no authorisation? This is not safe behaviour. Your average user is perhaps far more at danger of picking up malicious downloads etc than an expert user and so the default in this case should be Outbound only. C'mon this really is not "design" and if it is, it is not design that ever had the user in mind.
A really nice piece of design decisioning, which was present in the past (thumbs up McAfee) was to allow the advanced user to set explicit behaviour on an item and then have a pop-up confirm this behaviour once and once only. That's a good design! If you're worried that once only is not enough put a time period check in or have a checkbox to say "Don't ask me again." These are all standard design options and work.
Another frustrated user evaluating next years licence.
New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.
Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership: