incrediBILL - 9:54 pm on May 9, 2008 (gmt 0)

A fake user-agent with a real oxygen-breathing human on the end of it.

You're preaching to the choir here as I understand the problem fully.

I'm not going to make an exception for them and potentially unlock a gaping hole in my website security, not happening.

However, I do plan to contact them if AVG's toolbar is verified as the problem and ask them to fix it. As a matter of fact, what they are currently doing is technically a security flaw that allows any AVG customer to potentially be exploited by any website they visit.

How is the AVG toolbar a security risk you might ask?

If someone knows AVG has a flaw and it can't detect a specific vulnerability or exploit then they can specifically target anyone that exhibits this toolbar user agent.

The toolbar should echo the EXACT same user agent and header as the browser to avoid detection.