Welcome to WebmasterWorld Guest from 220.127.116.11
But he does tell malware infested drive-by download sites how to fool it.
... I'd spend 30 minutes reinstalling the thing I installed earlier today and run Wireshark at the same time.
That has already been done. If you are interested, have a look here for the results:
It's always been my impression that the anti-virus market is based about 90 percent on lies.
I have lots of contact with malicious files so the threat is very real, those aren't lies. The problem I have is the false sense of security some products give when I have live samples that pass those products with flying colors, that's where my concerns lie with AV products.
Anyway, let's not hijack the thread on this topic as I have way more to say on the topic than is appropriate for this thread, maybe some other day...
Back OT, the AVG spokespeople claim this code will go into the live updates in a few days so we should be seeing a decline in hits to our sites soon.
Not much we can do at this point other than sit back and wait a week and see what happens but all indications are that the webmasters are going to win one for a change.
It is possible that the new version issued yesterday is just an interim version with chunks of code commented out to stop the DDOS of sites - and that the next version will have the new true workings inside.
[edited by: encyclo at 12:50 pm (utc) on July 6, 2008]
[edit reason] member request [/edit]
They will have to overhaul their public relations hype about LinkScanner, because it will no longer do real-time scanning of all links. This is important, it seems to me. If you say you're scanning all the links but your aren't, then there is a potential liability issue. If a paying customer gets infected after clicking on a green checkmark, they would have a much stronger case if all the green checkmarks are meaningless at that point. If AVG actually fetches and then fails to detect, they're off the hook -- no court would expect a virus detector to work all the time. But if they don't fetch and the user interface says that they did, that will not fly in court.
Any way you look at it, LinkScanner is a bust. There's been a lot of hype since AVG acquired LinkScanner last December, and now those seven months of solid hype are a huge headache for them. It will be interesting to see how they handle this.
By the way, I looked at the Wireshark data that the Aussie did for whirlpool.net, and I didn't see any DNS lookups other than the lookups that were done locally. I'll recheck it using my own computer if anyone claims that AVG is using their own servers for anything apart from package updates and downloads.
I believe it's legit to require full disclosure from AVG at this point. My goal is to put the lid on this coffin of mass page fetches by anti-virus dot-coms, in a manner that insures that no dot-com ever tries anything as disruptive as this ever again.
Unfortunately for AVG, it's not as impressive as all those green checkmarks lighting up on the screen.
I think there's some misunderstanding here because those GREEN checkmarks will still happen from what I've read ala McAfee's Site Advisor from a stale database.
If your site hits a vulnerability while downloading it, it'll probably post that info to AVG to update their database, but the LinkScanner will be dead technology.
Which brings up two things:
A) Will the free version supply Surf Safe now that Search Safe is neutered and,
B) Has anyone seen AVG posting a wanted ad for a new CTO?
[edited by: incrediBILL at 5:26 am (utc) on July 6, 2008]