Slashdot Mirror
AVG Fakes User Agent, Floods the Internet
Slimy anti-virus provider AVG is spamming the internet with deceptive traffic pretending to be Internet Explorer. Essentially, users of the software automatically pre-crawl search results, which is bad, but they do so with an intentionally generic user agent. This is flooding websites with meaningless traffic (on Slashdot, we're seeing them as like 6% of our page traffic now). Best of all, they change their UA to avoid being filtered by websites who are seeing massive increases in bandwidth from worthless robots.
Why don't you tell us how you really feel about AVG?
What doesn't kill you only delays the inevitable
if you want the definition of Slimey see Symantec/Mcafee/MicrosoftOneCare
while this doesnt excuse their behaviour, trying to protect people (a lot of them for free) is not Slimey but insulting them on the front page of Slashdot is
patheticSmiley anti-virus provider? The integrity of Slashdot submissions just keeps going up and up! Nice example Taco.
I did the same and for the same reasons.
Not sure how this practice justified the poster calling them slimey.
I've been relatively happy with AVG. Perhaps, someone could elaborate on how they are slimey. This appears to be an attempt to protect people.
Is many years I've never heard AVG referred to as "Slimey" I don't think the toolbar is a good idea either but... slimey? AVG is awesome.
Perhaps, someone could elaborate on how they are slimey. This appears to be an attempt to protect people.
Ok, think of the /. effect. Now take that on almost any website who's servers aren't as strong. This is basically a huge DDoS attack on many websites by AVG that has a reason behind it. But it is still a DDoS attack.
Taxation is legalized theft, no more, no less.
They might be dumb instead of slimy...
no your not a lawyer, but i'm pretty sure your not smart enough to be one either.
you didn't give them permission to access your publicly available site?
really?
are you sure?
because you know, if you make something publicly available on the public internet, I'm pretty sure by definition, you've therefore given them permission to access it.
Just like everyone else "in the public".
Did you give Google permission?
how about every other search/index site?
as to the "extra bandwidth" since it is by definition, caused by your websites being found via search providers, maybe you should be sending the bill for linking to them and thus causing the "extra bandwidth" to Google/Yahoo/MS and see how far that gets you.
When probing for sites that serve malware, wouldn't you have to make the probe look identical to a legitimate user?
Otherwise the malicious site could just serve innocuous content to the probe and malware to everyone else.
My Karma: ran over your Dogma
StrawberryFrog
How exactly do the websites getting slammed with this bullshit traffic "not even install this part of the program" and "if you don't like it don't use it"?
Did you miss this part: (on Slashdot, we're seeing them as like 6% of our page traffic now)
So how does Slashdot "just not use" the AVG product and recover that 6% of their page traffic again?
The complaint is that they are "spamming the internet with deceptive traffic". That's a server/hosting complaint, not a user complaint about some user who can't figure out how to disable that feature.
Kudos on getting a "4 Insightful" for a ridiculously inapplicable and nonsensical response though!
But how many times does Google go to the site? About once a day, if even that. This is obviously going there much more then once a day. So taking the 5 major search engines (Google, Ask, Live, Yahoo!, and MSN) that equals to about 5 visitors per day, again, it could be a bit less or a bit more but around 5 visitors per day, not downloading images or anything else, it wouldn't stress your bandwidth much, but say you had 1,000, 10,000 per day, that might start to create problems when your site is used to getting say about 500-5,000 human hits per day.
Taxation is legalized theft, no more, no less.
I think I missed the memo - why is AVG a "Slimy anti-virus provider"? That portion of the summary BEGS for supporting links...
Be careful of your thoughts; they could become words at any minute...
Because it is a browser that people use... The same thing could be said on why should we have to support Konqueror, or the Mozilla Suite, or Seamonkey, why not even block Safari just because we can. Basically, IE6 is a browser, it is even a popular browser. And saying we should block it is like saying we should block Firefox 1.5 and earlier and hey! Firefox 3 is out now, lets block Firefox 2!
Taxation is legalized theft, no more, no less.
And if that causes problems for webmasters, Thompson says, so be it. "I don't want to sound flip about this, but if you want to make omelets, you have to break some eggs."
Sounds like a "fuck off" to me.
I guess slimy is in the eye of the beholder, but the attitude reminds me of Claria.
Never attribute to malice that which can be adequately explained by stupidity.
I never spellcheck and I freely admit it. Save your karma for more worthwhile "lol erorrs" replies
Prefetching your search results doesn't protect you from viruses any more than just checking the pages you try to load at the time of loading.
What it does, is basically scanning the entire internet, weighted toward the pages its users search for, and I assume reporting back to AVG which websites have malware or suspected malware on them.
The problem with this theory is that malware sites can move around quickly, so learning that domain xzclqqkxzz.com tried to upload a virus to someone's computer 48 hours ago is not especially valuable information.
That's in addition to AV software being essentially impossible to keep up-to-date anyway, you can look up studies but most AV software lets a lot of malware through.
And the increased traffic annoys webmasters because the prefetches are (attempted to be) disguised as actual page fetches, and they come from all over the internet, so we think they're real clicks from real users but they're not. Plus, for some sites the increased load/bandwidth may be a problem.
Hooray! Look at all the OH SHIT my server's on fire!
mcgrew's razor: Never attribute to stupidity that which can be explained by greedy self-interest
Dumb is what they were BEFORE they were told about the problem. Slimy is what they are now that they are refusing to rectify the situation and behave.
I think they deserve everything they will inevitably get as a result of this.
Enjoy Y2K? Roll-on Year 2037!
I wonder if this AVG behaviour of doing prefetch on linked sites is driving up advertising clicks at all?
Could AVG be unintentionally committing massive click fraud?
Actually this is quite close a real solution :) what AVG should have done is cache the scan results from each page. Thus if a user tries to access a page it should first query AVG for a result. ( the result here is- OK page or not OK to visit page)
If a result exists in cache, no need to scrape the page. If there is no result in the cache, both AVG server and Client (to avoid trust issues) should query and compare results. The cache should periodically refresh and use multiple different UAs to avoid gaming. Quite a nice solution if you ask me ;) I knew I should have take up consulting instead of this damn Ph.D..
Also AVG are not slimly, the spyware/trojan/malware site operators are. Not to mention Norton/Symantec/Kaspersky et al.. The feature can easily be turned off and its purpose is to help the user at no $ cost. Besides, which self respecting /.-er needs anti virus
Generally, you're right. 99.9% of all virus infections I see on other people's machine would have been prevented if they just followed safe computing practices:
1) Don't download useless crap. Useless crap is subjective, but programs that change your cursors, have teddy bears come out and wink at you, or other non-sense are definitely useless crap.
2) Even on Windows, try and use open source software where you can. In general, if something comes from SourceForge, I trust it a lot more than some random closed source app that I've never heard of.
3) Research your programs before you download them.
4) Use a good browser and limit what scripted content you run. Firefox with NoScript works perfectly. After you whitelist your normally visited sites you rarely have to worry about it anymore, and any new site that needs to run scripts has to be approved first. And for most sites, unless I notice something broken/not working on the site, I don't allow scripts even if the popup does appear.
Personally, I haven't ran an on-access virus scanner in 3-4 years. They're intrusive and take up valuable resources. I do currently have ClamWin installed though, and scan every so often just in case. I've always turned up clean (at least on my Windows machine - I have Linux and Mac machines as well that I don't even have to worry about scanning).
Since too many people around here seem to think that I'm a door-to-door compute repair guy and keep calling me, I've seen tons and tons of spyware infected machines. Lately I've taken to pointing them to the Apple Store to show them the Mac Mini, and telling them that I'm going to be switching over to only supporting Mac's soon . . . (hoping that if they'll just buy the damned Mac that I'll never have to visit again anyways)
"People who think they know everything are very annoying to those of us who do."-Mark Twain
LOL, perhaps you might want to READ the rule before replying - it is NOT blocking all IE6 users, just the ones that are missing "Accept-Encoding" header
So doesn't this render the link scanner completely useless? I assume someone looking to dodge the AVG scanner for eeeeeevil purposes can just do the same thing, no?
Wow. Just wow. You managed to make an ends-justify-the-means argument, a false dichotomy, a red herring, and probably a few other fallacies I missed because I was already laughing so hard.
AVG is breaking two key rules of good app behavior on the internet: they are making huge numbers of requests that users don't want or know about, and they are providing fraudulent info in the request headers to prevent affected services from mitigating the problem.
How many companies write internet-enabled apps? What do you think? 1000? 10000? 100000? If AVG's behavior here is OK, is it also OK for all of those other apps to pile on as well, each one adding another 6% of overhead to *the entire internet*? Or is AVG special for some reason that allows them to play by different rules than everyone else?
This is very abusive on AVG's part, and your spirited defense relies on logical fallacies and hand waving. Your "if you don't want AVG to eat bandwidth and lie about its useragent, you must want your users to be infected with malware" bit is just icing on the cake.
Truly, you have a dizzying intellect.
If I wanted a sig I would have filled in that stupid box.
Anti-virus software is the one thing I would never download from a torrent site. You need to be sure it comes from a trustworthy source so you can check all your other torrents with it.
Also AVG are not slimly, the spyware/trojan/malware site operators are
However, I'd argue it's the equivalent of using a flamethrower to take out a wasp's nest - the amount of collateral damage to non-malware sites due to the spurious pulls is excessive, there are cleaner methods available.
I don't read AC A human right
There is an error with your logic. Just because I *could* delete all our site data (for example), does not give me permission to do so. Companies have standards to keep everything somewhat similar. I was actually impressed that someone was actually monitoring what people have on their systems.
Copyright 2010. All rights reserved. This comment may not be copied in any way including, but not limited to caching.
Are users not supposed to protect themselves in the interests of the website?
This isn't being done to protect users. The pages could be scanned just as easily on actual load. This is being done to prevent the users from having to suffer a small delay on loading the page by preloading it (and every other possibly link on the page since the software doesn't know what link you're going to click).
You're just putting spin on the issue because this is affecting your cost/income ratio.
You're very anti-average Joe. Most of us aren't Amazon. Most of us, in fact, make precisely zero income from our websites. And we don't have the kind of financial resources to deal with this kind of distributed attack on our bandwidth. Amazon, Yahoo, and such won't have any problem dealing with this sort of thing, but if it becomes popular, it'll force the rest of us off the web.
Since the problem of malware sites is not going to go away and since AVG is effective more antivirus software will start using these techniques. Unless you have something better to suggest?
Yes, make the user wait the extra second if the user wants to scan a page.
Frankly, as an end user, I don't give a damn about your costs and stats. I don't care about it for amazon, ebay, myspace, or paypal. I do care that if I follow a link to an unsavory site that I am protected.
If that's true, then you won't mind waiting the extra second to load a page instead of having the browser drag down the bandwidth of every site in your search ahead of time for you.
Here is another question. Do you want a userbase that is populated by malware infected computers? Is that preferable to figuring out a way to work with AVG new technique?
That's a false dilemma. Is it preferable to force everyone other than the big guys off the web so that users don't have to wait an extra second on loading a page?
Dont throw your users under the train. They have a right to their security and peace of mind.
Don't throw the majority of web page publishers under a train, just so you can save a second by preloading a page.
"Convictions are more dangerous enemies of truth than lies."
I'll tell you why they did it. It's because at the current time some of their other interfaces have not been upgraded and are not compatible with IE7. You may not even use them, but if someone sees IE 7 on your desktop, they want it on theirs and so on and so forth. It's not that anyone in their right mind wants to keep IE 6 around, but it is likely that is what is currently supported according to their corporate image. It also has to do with preserving standards and how the techs support your PC and the efficiency of how it is supported. Bleeding edge doesn't happen in corporate environments, hell leading edge doesn't even happen most of the time. Its slow and steady movements forward. If you jumped on the bandwagon for every new upgrade your network would be a mess and would show no signs of a standard. Software is tested in corporations, with everything else that already exists inside the shop. They even have a position dedicated to just that task. They are commonly called desktop engineers. They typically spend a good part of their workday developing and testing products to integrate into the desktop standard image. This is because something as simple as a non supported browser can cause a user all sorts of issues and then cost hours of time (read: money) for the tech to diagnose it. This is why you pay for an IT department, there are many headaches the user never sees and it is because we work it out first.
Nice idea, except I simply won't come back to the site, as I suspect many other AVG users would not do. The novices out there will read your message as "Sorry AVG user, your antivirus is abusive and wastes our resources. Disable AVG and come back so we can infect your machine!"
Why, what does that do?
Do you want it to pound Google's servers, bump up grisoft's search rank, or anything else I am not seing?
Obama likes poor people so much, he wants to make more of them.