bit-tech.net

Flaw in AVG 8 fixed

Flaw in AVG 8 fixed

The rather badly implemented LinkScanner feature of AVG 8 has now been fixed, for both free and commercial versions.

A fix has been released for a rather nasty bug in the well-regarded free anti-virus package AVG 8.

According to BetaNews, the flaw was in a rather ill-thought out feature new to the version 8 release called 'LinkScanner'. The premise behind LinkScanner was that it would visit each link on a search engine's results page in turn in order to check if any lead to sites you'd be better off not visiting. Sound in principle, but not so hot in execution.

Aside from a sudden jump in bandwidth usage for the end-user, the main problem was 'fake' traffic being generated for websites that didn't come from real visitors. Because every link on a results page gets visited, each one serves up a page – at its own expense – and records a page view; as LinkScanner is an automated system, however, those 'views' never amount to a human actually looking at your page. While the entries in the traffic logs can be filtered out, that doesn't really help pay for the increase in data transfer costs – and heaven help you if you're running a pay-per-view advertising scheme.

Some groups even stated that, with the right prodding and poking, LinkScanner could form the basis of a denial of service attack against a designated website.

Accordingly, AVG Technologies has published an update for the freeware version of its anti-virus program that nobbles LinkScanner. A similar update for its commercial packages is due some time today. In a statement this weekend Peter Cameron, the Managing Director of AVG Australia and New Zealand, stated that his company is “totally committed to providing maximum protection for our users and for the Internet eco-system as a whole without causing unnecessary disruption.

The fix will be automatically downloaded by AVG 8 clients at their next scheduled update, meaning that “results of this change should be seen by early next week.”

Any AVG 8 users noticed a spike in their bandwidth usage since upgrading, or do you use some other method of virus prevention? Share your thoughts over in the forums.

21 Comments

Discuss in the forums Reply
Paradigm Shifter 8th July 2008, 11:56 Quote
I dunno, AVG has been giving me bad experiences of late - like deciding system files are viruses that need to be deleted after an update. After another update, however, they're back to not being viruses.

Also, I've had AVG tell me that the .exe files of brand new, just-installed-games are infected (and therefore won't let me play the game) when the no-CD version has not been flagged as a virus. Which I found very interesting indeed...
CardJoe 8th July 2008, 12:00 Quote
That's DRM for you.
Arkanrais 8th July 2008, 12:01 Quote
NoScript and Adblock plus plugins for firefox have me doing fine. no (apparent) need for any other internet security on my part.
sotu1 8th July 2008, 12:04 Quote
Quote:
Originally Posted by Arkanrais
NoScript and Adblock plus plugins for firefox have me doing fine. no (apparent) need for any other internet security on my part.

beware of your own arrogance my friend. that's the problem most mac users have! i think it's worth keeping a light avg app at least.

out of interest how does no script and adblock affect your day to day usage of the net? it's something i've been interested in doing
sotu1 8th July 2008, 12:05 Quote
sorry, by "avg" i meant "av"
Timmy_the_tortoise 8th July 2008, 12:40 Quote
I have AVG 7.5 on my PC.. and Avast! on my Laptop...

Avast is a waste of time... It never seems to do anything.. And I can't make it do anything.
Paradigm Shifter 8th July 2008, 12:41 Quote
Quote:
Originally Posted by CardJoe
That's DRM for you.

Aye, that was the only conclusion I could come to as well. DRM = virus. :) Makes me even more adamant that I'm not going to support stuff like that. False positives are a PITA. :(
Tris 8th July 2008, 12:55 Quote
bit of a turnaround - i read a statement from their head of development (or whatever his job title was) shortly after this issue came out where they said it was totally intentional and planned, which gave the impression they werent gonna do a thing.
Bauul 8th July 2008, 13:29 Quote
LinkScanner operates on my laptop, but not on my PC, and they're identical installations of AVG, very odd.
mclean007 8th July 2008, 13:50 Quote
Quote:
Originally Posted by Paradigm Shifter
Quote:
Originally Posted by CardJoe
That's DRM for you.

Aye, that was the only conclusion I could come to as well. DRM = virus. :) Makes me even more adamant that I'm not going to support stuff like that. False positives are a PITA. :(

By its very nature, DRM has to employ similar tricks to a virus, such as hiding and encrypting bits of memory (to make it harder to snoop keys or reverse engineer). The heuristic scanners in AV applications look for this sort of behaviour, so it's no wonder they register false positives. Though, depending on your point of view, flagging some DRM (such as rootkits) might be quite appropriate...
p3n 8th July 2008, 14:05 Quote
I <3 AVG, can't believe we used to give norton £30 a year on our family PC ... long live the free version!
impar 8th July 2008, 21:11 Quote
Greetings!
Quote:
Originally Posted by Paradigm Shifter
Also, I've had AVG tell me that the .exe files of brand new, just-installed-games are infected ...
Quote:
Originally Posted by CardJoe
That's DRM for you.
Too bad AVG cant clean the infection.
Sparrowhawk 9th July 2008, 04:07 Quote
Personally, as a long time AVG7 user, all I have to say about AVG8 is this. It may very well be the same product, but the team didn't really think out the execution. The eye candy is nice, but looks far and away too "windows-like" for the system resources it takes up. The layout of the program and the useless help files make it seem unprofessional and rushed. But -- it's free and it is good -- so I'm still happy.

As for Link Scanner, these types of active scanning defenses are well-meaning, but a bad idea in the first place. Sure, there's fake traffic. But it goes deeper. My parent's computer, an older Athlon with 1GB of memory, would choke on a Google search with LS enabled. Turning off LS in the options made AVG scream "You May Not Be Protected!" which for such a minor add-on is not true.

For the hypothetical, imagine if a paedo site googlebombed it's way to the first page of the search results for some innocuous phrase like "cheesecake." Link Scanner would "scan" the site, most likely red-flag it, but your IP would be in the logs as a visitor. Even if you didn't really visit, it'd be hard to prove innocence.
r4tch3t 9th July 2008, 04:12 Quote
Quote:
Originally Posted by sotu1
beware of your own arrogance my friend. that's the problem most mac users have! i think it's worth keeping a light avg app at least.

out of interest how does no script and adblock affect your day to day usage of the net? it's something I've been interested in doing
Doesn't really affect it at all, faster loading times for some sites. One small thing is some sites need Java for things like drop down selection boxes, but its an easy click to get them working. I find it much better with them on.
crazybob 9th July 2008, 05:21 Quote
Quote:
Originally Posted by Sparrowhawk
Turning off LS in the options made AVG scream "You May Not Be Protected!" which for such a minor add-on is not true.
This is the part that bothers me most. I don't feel I need the protection offered by LinkScanner, so its performance penalty, however small, made it undesirable to me. Unfortunately, that means a little angry icon in the system tray all the time. The same thing goes for Anti-Spyware, really. It was a separate program to begin with, and I still see no need for it. A secondary function shouldn't get the same warning message or error as having your virus database out of date.

If I revert to AVG 7, will I still be able to get definition updates indefinitely? I'd prefer that feature-set, but don't want to get stuck with outdated definitions.
Kúsař 9th July 2008, 08:51 Quote
Quote:
Originally Posted by crazybob
Quote:
Originally Posted by Sparrowhawk
Turning off LS in the options made AVG scream "You May Not Be Protected!" which for such a minor add-on is not true.
This is the part that bothers me most. I don't feel I need the protection offered by LinkScanner, so its performance penalty, however small, made it undesirable to me. Unfortunately, that means a little angry icon in the system tray all the time. The same thing goes for Anti-Spyware, really. It was a separate program to begin with, and I still see no need for it. A secondary function shouldn't get the same warning message or error as having your virus database out of date.

If I revert to AVG 7, will I still be able to get definition updates indefinitely? I'd prefer that feature-set, but don't want to get stuck with outdated definitions.

Just open AVG, disable 'link scanner' and then go to tools/advanced settings - 'ignore faulty conditions' and check button next to link scanner. There shall be no angry icon in the system tray :)
impar 9th July 2008, 09:19 Quote
Greetings!
Quote:
Originally Posted by crazybob
Unfortunately, that means a little angry icon in the system tray all the time.
Disable the LinkScanner add-on in Firefox.
konsta 9th July 2008, 09:22 Quote
I have to say that I've completely lost faith in AVG over recent years. I find that when it does spot a virus, it is usually manifestly incapable of actually removing it. More worrying still was when I switched to Sophos that it found a reasonably significant number of virii that AVG had never noticed!
Paradigm Shifter 9th July 2008, 10:10 Quote
Quote:
Originally Posted by impar
Greetings!Too bad AVG cant clean the infection.

Well, it can't do what I - and I presume other tech savvy people would define as 'clean' - it just deletes the file outright. Which might be a solution... but it is not the right solution.

...

I think I'm gonna install NOD32 this evening, see if I like it.
Cupboard 9th July 2008, 16:57 Quote
I had disabled it on all computers here because it was slowing down our already slow internet too much. I don't really like how it has installed a toolbar on my parents' PC either, just more bloatware. I may have to look at finding a new AV soon, which is a shame as I like AVG.

Ona a different note, whilst I dislike using adblock because that is the only way for many sites to make money, I have had to start using it on my laptop because of all the BFG adverts around bit-tech (and the Curry's ones on Trusted-reviews) because they absolutely hammer it. With two laptop reviews up on TR and 2 other fairly light-weight pages (Google, that kind of thing) it took a good 5 minutes to load the flashblock window :(
impar 9th July 2008, 17:28 Quote
Greetings!
Quote:
Originally Posted by Cupboard
I don't really like how it has installed a toolbar on my parents' PC either, ...
At install, you should have unticked that option.
Log in

You are not logged in, please login with your forum account below. If you don't already have an account please register to start contributing.



Discuss in the forums