Grisoft modifies its free AVG product after complaints
On Thursday, Webmasters around the world noticed unusual spikes in traffic. For some smaller sites the sudden surge of Web traffic toward their sites appeared to be almost a denial-of-service attack.
Turns out it was the free version of AVG Antivirus 8.0 just doing its job.
In a statement on Saturday, Grisoft said "We have actively listened to the Webmasters who have brought this to our attention, and as a company we have reacted quickly to solve them." What it did was issue a new build of the popular free program.
What's different in version 8 from previous versions is the inclusion of Linkscanner, a scanner that stops malware components embedded on compromised Web pages. LinkScanner was created by Exploit Prevention Labs and purchased last summer by Grisoft, maker of AVG products.
One feature of LinkScanner, Secure Shield, works by downloading the home page of each site returned in a common Web search then populates the search result page with colored icons indicating the relative safety of those sites. The feature, which has been previously available, apparently didn't scale to the large numbers of AVG free customers. On Monday, Roger Thompson, who developed LinkScanner and is now chief research officer for Grisoft, confessed, "We knew it would create a spike of some sort, but nothing like what happened."
How dramatic was the surge in traffic? The site AVG-Watch.org provides charts on bandwidth use after the release of AVG 8.0.
In an e-mail to CNET News, Thompson went on to say: "We did not consider the multiplying effect of any given Web site's own marketing within search engine results. In other words, if a Web site, through its marketing, became a common search result, it was scanned much more often than we expected. As soon as we found out, we gathered some data, talked to some Webmasters, and figured out what to do."
However, Thompson disputed a claim by AVG-Watch.org that the updated AVG version now only "pretends to prefetch," and does little more than a DNS (Domain Name System) lookup of the site. Thompson said "it doesn't pretend to pre-scan. It just works off the local blacklist. That involves a DNS lookup, so that we can compare both IPs and URLs."
Making matters worse last week, AVG disguised the scans as coming from Internet Explorer 6 browsers, and not Secure Shield. For a few days it was unclear who was responsible for the surge in Internet traffic. Thompson said they could have made the LinkScanner scans entirely stealth, but they wanted to give Webmasters the option of filtering the scans.
"The real issue is that, like it or not, we're at war on the Web," said Thompson. "Criminals, both organized and opportunistic want our PCs and our money, and they're attacking via the Web. It's no longer like the old days when they wrote this stuff for fun."
As CNET's resident security expert, Robert Vamosi has been interviewed on the BBC, CNN, MSNBC, and other outlets to share his knowledge about the latest online threats and to offer advice on personal and corporate security. Listen to his podcast at securitybites.cnet.com or e-mail Robert with your questions and comments. 
They said earlier that they intended to break a few eggs (websites) in order to make the omelette.
Here they say they are now at war on the web- but they don't say with whom. To me it looks like they are at war with the entire web. I'm embarassed to have had this product on my system in the past and cannot in good faith ever suggest it to anyone ever again. Not when they pull this sort of drity trick- and there really is no other term for it. What they are doing is dirty and can only cause problems for everyone involved.
AVG tried to improve browsing safety. It backfired. They said, "Oops!" They tried to keep as much of the original functionality as they could. What's dirty about that?
Their idea may not have been so good in retrospect, but I applaud their attempt to improve browsing safety. I don't use AVG or any other AV product, but appreciate their efforts.
- by jasbjoe September 6, 2008 1:09 PM PDT
- I can't believe some of the bunk that comes out of some of your keyboards!
- Like this Reply to this comment
-
(6 Comments)Because a great company like Grisoft, who dedicates so much effort to help clean up this trash heap called internet, tries to use a method that brings unexpected side results you want to slam-bash them? And no credit for quick response either!
A very large portion of my business is cleaning up viruses & other malware let in by other lesser AV progs and AVG is one of my biggest and most successful tools. And then they produce a free version so that every average joe/jane can have AV protection without getting ripped off by others that don't work as advertised!
If your only experience with AVG or other AV or malware programs are limited to your own PC then perhaps you should keep your opinions to yourself anyway. But my experience is based upon cleaning, and keeping clean, several thousand PC's with AVG and I strongly recommend it to all my clients. And load it on all my residential clients' PCs that don't already have AV protection.
Confidential to Vegaman-dan: is "a drity trick" anything like "a dirty trick"? Perhaps you don't know the difference. And they are not "at war with the web", just those idiots that dedicate their pathetic existences to screwing up the internet for the rest of us.