AVG Backs Down From Flooding the Internet

Simon Wright writes "As a website that is featured heavily in many Google Australia search results, Whirlpool (Australia's largest technology forum) has been particularly affected by AVG's LinkScanner. We've seen a traffic increase as much as 12 hits per second from these bots. So we've actively and loudly campaigned against this move by AVG, encouraging all users of AVG 8.0 to uninstall the product. The discussion starts here. And AVG's backing down is posted here." From that URL:"'As promised, I am letting you know that the latest update for AVG Free edition has addressed and rectified the issue that [Whirlpool] have brought to our attention. This update has now been released to users and has also been built into the latest installation package for AVG Free.' — Peter Cameron, Managing Director, AVG Australia."

Good Stuff!

I was looking at alternatives to AVG because of this. Good to know I don't have to keep looking.

Re:Good Stuff!

I was looking at alternatives to AVG because of this. Good to know I don't have to keep looking.

Maybe you should keep looking. A company in the business that AVG is in should have seen this coming, what makes you think more of the same "quality" is not in the future? It shows a serious lack of foresight for a company that should have top-drawer management and programmers considering their business. Frankly, this kind of crap reflects badly on what consumers should assume for the quality of their product.

Re:Good Stuff!

Maybe you should keep looking.

I don't disagree. Version 8 of their product is the most bloated thing I've seen in ages. Almost moreso than the consumer Norton/McAffee stuff. And to top it off, it's so naggy it's ridiculous.

Re:Good Stuff!

That is why after using AVG for years I switched to Avast. The whole point of AVG was that it WASN'T all bloaty and full of extra crap like Norton. Now they are just as slow,just as sluggish,and just as irritating. Oh and for the user that says turn it off? I don't know that it is still the case as I switched to Avast,but AVG would scream that it wasn't working if you disabled the bloat. So you would have to check the stupid thing because you had no idea if it really wasn't working because of an error,or if it was just bitching because you had turned off linkscanner. Anyway that is my 02c,YMMV

Re:Good Stuff!

AVG took a serious wrong turn somewhere. It used to be a no-questions-asked-use-me-please virus scanner of the highest quality. I used to recommend it to everyone. I used to start fixing my friends' computers by uninstalling the bloated virus scanners they had and installing AVG.

Now they've gone corporate (for lack of a better term).

Anyone know of an alternative to fill the role?

I certainly won't be looking

. A company in the business that AVG is in should have seen this coming, what makes you think more of the same "quality" is not in the future?

No, I certainly won't be looking. There are just a handful of companies which *listen* to its customers. There fewer that listen to the users of their product which use it for free.

AVG shown that at least they do listen to their users, and are likely to rectify when they screw up. Similar to what happened with Netflix.

A bad company is not one which makes wrong choices, we all make wrong choices. But when the company is not able to acknowledge their errors and rectify, is when you should start looking for someone else to make business with.

I use AVG Free and recommend it to all the people who come to ask me for an Antivirus. The truth (in my opinion) is that such a thing should be provided with Microsoft Windows for free, after all it is the fault of their crappy Operating System that the computers get all infected.

Re:Good Stuff!

I was looking at alternatives to AVG because of this. Good to know I don't have to keep looking.

If you have a look at the Whirlpool page, you'll see that every page in the forum is headed by an orange banner, that not only references the AVG problem and suggests users uninstall the software, but also recommends and has direct links to "superior alternatives" such as Avast and Avira.

I can't think of a better way to quickly change a company's mind than this sort of strategy :)

Another reason

every page in the forum is headed by an orange banner, that not only references the AVG problem and suggests users uninstall the software, but also recommends and has direct links to "superior alternatives" such as Avast and Avira.

That's a good one, but there's also this suggestion from TFA:

one web master advocates redirecting AVG scans back to AVG's site. "Many webmasters simply tell LinkScanner to scan AVG's site instead, so their site gets marked as malware free every time - while AVG gets handed the extra bandwidth cost," says the webmaster of TheSilhouettes.org.

Re:Good Stuff!

There are (or at least there were) other motives to dump AVG.

1) I installed it - just once, long ago, and threw it out of the window as soon as I found out that it was adding a spam footer advertizing itself in each e-mail I sent. Didn't even try to find if that could be turned off: garbage belongs in the garbage bin, not on my PC, and certainly not in my outgoing mails without my knowledge.
Don't know if they're still doing it, or if it's still on by default, and I'm not interested in finding out either.

2) Visit the forum TFA links to, find the post by the guy who upgraded to Avast and immediately discovered a pile of bad stuff on his system that AVG had apparently missed. Instead of scanning sites you don't visit, it sounds like they'd better start doing something about the quality of the scan on those you DO visit.

I'm sure #2 hasn't always been as bad as it sounds here. But protection is a process, not a goal, and it smells like they're lagging a bit behind right now.

LinkScanner was unnecessary in the first place

I fail to see what Grisoft ever thought LinkScanner would acheive above the scanners that are becoming common in competing products that simply intercept http and pop3 traffic as it comes over the network. To me it seemed unnecessary to actually fetch every single search result. It also would obviously interfere with web analytics, and is potentially a security risk to people using AVG, not in terms of desktop security, but in terms of your real-life personal security. For example, I recall a recent article where the FBI had arrested people [slashdot.org] merely for clicking links to a porn site they had set up. Are you really safe from such operations and the general tendency of Government agencies to monitor activity these days when your computer is in effect programmed to click links for you?

I don't see information at the links in the summary of what changes were actually made to AVG now. Does anyone have details?

Re:LinkScanner was unnecessary in the first place

The only reason I could think of would be to reduce latency - scanning a page on demand probably incurs some noticable cost and if you can start a scan before the user clicks the link, you lower the perceived time to scan. But it definitely wasn't very friendly to servers.

Re:LinkScanner was unnecessary in the first place

I fail to see what Grisoft ever thought LinkScanner would acheive

It turns out that LinkScanner was implemented in secret by two employees during odd hours, when all the other people had gone home(*). One of these employees, who likes to use the handle "pinky", was in charge of unit testing, while the second employee, who sometimes goes under the nickname "brain", actually designed the module.

Investigations are ongoing, but preliminary questioning of the employees does suggest that LinkScanner's purpose was either to "take over the world", or possibly to "zort" a "narf-poit".

(*) except for Norm, who didn't notice anything because he was busy looking for a misplaced stapler in another part of the building.

Re:LinkScanner was unnecessary in the first place

There's no need to be hypothetical. Anyone here have an unmodified AVG 8? Congratulations: you have just downloaded a page on how to home-brew all the most illegal drugs in the USA [totse.com]. Enjoy!

Way to go!

The site complains to AVG that its load has increased, so in response in gets a /.ing. Nice!

Anyway, the statement that "We've seen a traffic increase as much as 12 hits per second" is meaningless without knowing the overall traffic levels - for example, is +12/sec an increase of 100%, or an increase of 1%?. It's referred to as a "significant drain" on resources, but quoting one number without the other is pointless.

Re:Way to go!

Simon has state that the server normally deals with 50 queries / second.

So 12 more / second is quite a bit of load.

Cheers WTW

Re:Way to go!

The single web server that powers Whirlpool is typically handling 30 to 40 non-cached template requests per second. We've got over 15 gigabytes worth of user posts online, and receive hundreds of referrals from Google every minute.

Given that it's running on a 4-year-old web server (in tandem with another 4-year-old MySQL box), I think ColdFusion is doing pretty well for itself.

Cheers
Simon Wright

So, what if LinkScanners scan engine...

... contains some kind of overflow bug? I guess hundreds of thousands of AVG equiped PCs will get infected instantly?

A programm that fetches each and every link it comes across *can't* be a very good idea. Certainly a feature invented by people without a security mindset [schneier.com]?

Re:Are you sure?

See: http://forums.whirlpool.net.au/forum-replies.cfm?t=1007329&p=13#r256

The fix has been independently tested.

Cheers WTW

Re:Are you sure?

The problem is no so much the consumer experience... (although consumers experience was changed significantly as web searching became a lot more resource intensive).

The problem is that the link scanning featured caused a great deal of traffic to sites - even sites that consumers did not visit. That's not cool.

Re:So is AVG still a good AV prog?

I second your question. I used AVG Free for a long time and uninstalled it very quickly when I heard the news. But I'm having choosing a replacement cost-free anti-virus program for Windows. Here's are the factors I've been considering...

AVG Free [avg.com] Pro: seems pretty effective and runs inobtrusively (at least locally). Con: has DDoS'd websites in the past and perhaps still shouldn't be trusted.

Avira [avira.com] Pro: no track record of DDoS'ing websites. Con: obnoxious pop-ups "reminding" me about the premium version; apparently [wikipedia.org] got some poor reviews for infection treatment.

Avast [avast.com] Pro: no track record of DDoS'ing websites. Con: requires manual re-registration.

I'm using Avira now but I'm considering switching again because of the pop-ups. Any advice? (And yes, I already run Linux but still need Windows for some things, and no, I'm not interested in paying for anti-virus software, since 99% of virus protection is common sense.)

Re:So is AVG still a good AV prog?

I recently gave up on AVG. It was a nice free option until this version 8. Surely, Grisoft knew this was a big problem for a long time. They're not the only people who thought this approach of extra verification would be a good idea. MCAfee did it, Opera (I think) just linked up with one of the Microsoft spawns that tests everything and drags web use to a crawl. It's as poor an idea as "background" disk defragging which does nothing other than work the drives because it's not possible to sort a drive which is in flux.

Avast! is frequently recommended as a free anti-virus. BUT...do some research and you'll see it's not that great at catching known junk. ESET does test very well but you only get 30 days of free use. Avir's free version does seem to offer full integration (in-line scanning, auto updates, etc.) which I don't remember being there a few years ago when freeware scanners only worked on-demand. http://www.free-av.com/ [free-av.com] It tests very well, actually, better than AVG and Avast!

In their defense, if I remember correctly, AVG DID offer free fully integrated inline scanning first with a decent catch rate. Why did it take them so long to comprehend version 8 was a hog and would generate so much anger and resentment? Who knows. Maybe their time has past just line PKZip...

Re:So is AVG still a good AV prog?

I dunno, I use Avast, it's pretty good and free as well. I like the UI a bit better and it seems to get definition updates pretty frequently. Much less of a resource hog than Norton/McAfee too, although so is AVG.

Re:So is AVG still a good AV prog?

The and Update system in AVG 8.0 is vastly improved.

I was using Avast and and installed it for several family members only to have one of them get a HORRID spyware infection.

Interestingly AVAST did not detect it at all, Spybot and Ad-aware could not completely remove it, but after installing AVG 8.0 it cleaned everything up.

After checking several reviews it seems AVG 8.0 has one of the best Virus and Spyware detection rates among current products.

Re:So is AVG still a good AV prog?

This is about the same amount of protection as pulling out is a form of birth control.

Are you telling me:

1. You never open links in search results to sites you have never been to?
- If you are running windows using Firefox or IE there have been many cases of 0 day exploits

2. Do you not use any USB storage devices?
- Just this Christmas I purchases a digital photo frame for a family member that had built in storage. low and behold when I went to preload it with photos it was already infected with a virus that was set to use auto play to install.

3. You 100% trust EVERY thing your friends or family send you? Document infections are still somewhat common. I suppose using Open office would get you around macro infections but you also might not be able to open company documents then.

I would also imagine that ANYONE who is on slashdot and manages security also believes in the layered approach. Inbound only filtering from your firewall and using your gut to know what is safe or not is an easy one to work around.. Well unless you are a hermit that never gets any email.

Re:So is AVG still a good AV prog?

Damnit! That's why I keep having kids.