Saturday, June 28, 2008

Is AVG Bad For Websites?

A new website called AVG Watch claims that a component in AVG's antivirus product can overwhelm web servers by hitting them hard and downloading pages in an attempt to determine if they are hosting malware that can infect your computer. Another website complains that this component also hurts websites financially by skewing their traffic statistics which affects their ad revenue.

The component is called LinkScanner:
"LinkScanner works with both Internet Explorer and Firefox, and consists of two features, AVG Active Surf-Shield and AVG Search-Shield. AVG Active Surf-Shield prevents you from accidentally becoming infected by drive-by downloads and other exploits, ensuring the web pages you visit are safe at the only time that really matters - when you are about to click the link. AVG Search-Shield works with Google, Yahoo and MSN search engines to deliver a real-time safety verdict on all search results, including search ads, displaying an icon to show the safety rating for each site."
That's a direct quote from the documentation of AVG Anti-Virus Free 8.0 describing LinkScanner.

AVG Watch seems pretty steamed about the practice, comparing comparing it to a Denial of Service Attack. They claim that according to their own tests LinkScanner will download a page it encounters during a Google search hundreds of times more than necessary, leading to a lot of stress on webs servers as the number of people using the latest version of AVG Anti-Virus grows.

This seems like a worrisome possibility for me since I've always sworn by AVG for protecting my computers from viruses and other malware. Recently, AVG has been giving me problems with false positives and now this....

There is one ironic post-script to this episode. I have been using Firefox 3 as my main browser since its second Beta version and right now AVG Safe Search, which presumeably allows AVG to run LinkScanner within Firefox, is not compatible with the latest version of my favorite browser. So it seems that none of this applies to me right now. I'm neither "protected" from accidentally clicking on evil websites and I'm not inadvertantly "attacking" good websites either. Still, it's an interesting issue.

No comments: