AVG fixes antivirus software skewing Web site statistics
Security company AVG is upgrading a component of its antivirus software so as not to place an undue traffic load on the Web sites it scans.
The company has already released a patch for LinkScanner, part of its Anti-Virus Free Edition 8.0, and will release a patch for the paid versions of the software on Tuesday, said Lloyd Borrett, marketing manager for AVG in Australia and New Zealand.
The behavior of AVG's LinkScanner caused much animosity toward the Czech-based company, including a Web site dedicated to the issue, despite the popularity of its free security software.
Web site owners complained LinkScanner was hitting their sites repeatedly, using up the bandwidth they paid for and causing their Web analytics programs to suddenly record high numbers of visitors. AVG acquired LinkScanner's maker, Exploit Prevention Labs, in December 2007.
LinkScanner has a feature called Search-Shield. When a person uses a search engine, Search-Shield checks the results returned by downloading and scanning the web pages indexed, and warning the user if a site contains a security threat.
But Search-Shield's scan is recorded by many Web analytics programs as a visitor. Worse yet, Web site owners complained that Search-Shield presented itself to Web sites as Microsoft's Internet Explorer 6 browser, making it difficult to filter AVG scans from legitimate visitor traffic in their logs.
LinkScanner masked itself as IE 6 so as to not tip off bad Web sites to a scan, since malware writers have been known to engineer Web sites to behave differently depending on a user's IP address or the browser they are using.
Search-Shield will no longer scan every result in the way that caused traffic numbers to skyrocket, Borrett said.
Anti-Virus Free Edition 8.0, released in April and the first one to incorporate LinkScanner, has been downloaded millions of times, according to AVG's Web site. The current trouble apparently wasn't unexpected, just not so soon, according to a statement on the site.
"Because of the unique nature of our technology -- we scan web links before our customers open them to ensure they are safe -- we anticipated that we would see a spike in the number of sites that were analyzed, however, we underestimated the popularity of our product and the resulting number of verdicts that came back to us," the statement said. "As a result, we did not anticipate seeing the volumes we have seen in two months for another 24 to 36 months."
Borrett said he didn't how LinkScanner has been fixed, but that it may no longer scan every result, instead checking the search query results against a blacklist, or a list of known bad sites.
IDG News Service
Sign up for ITworld's Daily newsletter
Follow ITworld on Twitter @IT_world
On Twitter now
antivirus
Powered by Twitter
Esther Schindler
If the comments are ugly, the code is ugly
claird
SVG a graphics format for 21st century
pasmith
Take Chrome OS for a test spin
Sandra Henry-Stocker
Solaris Tip: Have Your Files Changed Since Installation?
jfruh
Android fragments vs. the iPhone monolith
mikelgan
What Gizmodo missed about the Pro WX Wireless USB disk drive
Sidekick: The Good News & the Bad News
Either way you look at it Microsoft Data Center management did not follow standards or best practices in this failure. In which case it makes me wonder more about the outsourcing of corporate data much less personal data.
- mburton325
Join the conversation here
Quick, practical advice for IT pros. Made fresh daily.
Want to cash in on your IT savvy? Send your tip to tips@itworld.com. If we post it, we'll send you a $25 Amazon e-gift card.
