AVG Wastes Bandwidth

AVG really needs to fix their “LinkScanner” product. It essentially scans pages for links and pre-downloads them to check for malware. If that doesn’t sound so bad, then your obviously not paying for bandwidth or trying to keep your server load manageable. Essentially it means more traffic pegging servers and downloading pages, but most of it being a total waste.

This isn’t just bad for webmasters. This excess traffic hogs ISP’s (who now plan to charge by-the-byte) and WiFi. In a country where we are tight on bandwidth, this is really a pretty lousy implementation.

AVG even went so far as to use multiple user agents, all of which seem to spoof IE, making it more difficult to block.

The best way to block the bogus AVG traffic seem to be by looking for the Accept-Encoding HTTP header, which could be done using an Apache rewrite rule if you can’t do so on the firewall or load balancer level.

AVG really needs to reaccess this poorly designed product. It’s unnecessarily taxing the web.

Firefox 3.0 Is Out

Firefox

So the servers had a giant melt down. That’s hopefully history now. It’s out! Go download it. While your at it, spread the word and help break a world record. After all, how many world records have you participated in so far?

  • Awesomebar – Find what you want easier than ever.
  • Malware Protection – Stay safer when browsing the web
  • Native UI Appearance – It looks better than ever.
  • Better Addons/Plugins Manager – Manage plugins with ease, find new addons.
  • Download Manager – Resumable downloads!
  • Smart Bookmarks – Most visited, recently bookmarked, recently tagged.
  • Better Memory Management – Nuff said
  • Powered By Robots Not only are they awesome, they obey the Three Laws of Robotics

See Deb Richardson’s Field Guide to Firefox 3 for more details.

Firefox Malware

Search Google for “Firefox” and you’ll get several advertisements offering Firefox. Most of them link to Google’s toolbar/Firefox combo download (for which Google pays the webmaster for each download). This is shady at best, but not quite the subject of this post. The image in this post shows 5 ads that appeared for me. 2 of them were blocked by Google Desktop as Malware.

Firefox MalwareFirefox Malware 2

Why does Google show ads for sites their own products block as being harmful? It seems obvious that if the site hits any blacklist (phishing, malware) used by a Google product should automatically suspend the campaign.

The other ads are still harmful as a user shouldn’t think they need to get Firefox through a Google toolbar bundle, nor should they think they need to pay for Firefox (as much as $39.95). As for those who serve up their own binaries… Who knows what’s lurking inside.

Is there a need for a Mozilla Genuine Advantage program? Am I the only one who thinks this is a big problem?

For the record, there are unofficial Firefox builds, and quite a few Gecko based browsers that are perfectly legit. What’s wrong here is that these are being branded as “Firefox” and made to look official when in fact they are not.

Google Badware Notification

Google has started providing notification before it lets you visit a search result known to contain badware. It’s done in partnership with StopBadware.org, who has a list of sponsors including: Google, Lenovo, and Sun Microsystems.

So far the feature seems pretty good. I’m sure there will be a few C&D‘s trying to get this feature taken down, now that some companies have found their revenue model shattered. To help prevent accidental blacklisting they have been trying to contact websites that are blacklisted so they can try and fix it (should they want to). Hopefully that will eliminate/minimize any errors.

I’d venture most people stumble upon these sites one of a few ways:

  1. Spam, or it’s instant messaging counterpart Spim. Linking to dubious websites in hopes of generating revenue at a computer owners expense.
  2. Search results. The prime situation where a web surfer visits sites out of their ordinary traffic patterns and may fall victim to such practices.

Google just took a big bite out of #2. Gmail/Yahoo/Microsoft/AOL have been working hard on #1. That should really help make the web a safer place… until the next menace takes the web by storm.

Root Server Attack

The root servers were attacked this morning. My guess would be few (if any) really felt the effects. This just goes to show that the net, despite being a distributed mess of networks still has a few critical points in its infrastructure. They didn’t take them down, and didn’t even get them all. Here’s a creepy graph. For the record there are more than just the physical A-M servers. C,F, I-K, M are using anycast so they are distributed among many networks, making it even more redundant, and closer to most users. Because it was done by a botnet, and all but one of the targets were using anycast (according to Wikipedia), the load would be distributed across the servers, making it even harder for an attack to succeed.

40 Years For A Malware

A teacher could get 40 years for Malware (which IMHO is nothing more than a variation of “Virus”). That sounds like a harsh sentence.

Even more reason to scan your computer regularly, and keep anti-virus and anti-spyware definitions up to date, but 40 years? Yikes.

For anyone interested, Sunbelt’s Blog is fantastic, and I’ve blogged about it a few times. It has a great approach to explaining and demonstrating IT security in an easy to read, non-pushy manner. Not many places you will see that. Most focus on general tech, and don’t touch security. Security is a fascinating field.

During a quick email exchange with Sunbelt’s Alex Eckelberry he pointed me to this comment which gives a little more info. Expect more from Sunbelt’s Blog tomorrow on this.

Blogging in IT and software development in general is really quite impressive. Only a few years ago the concept of transparency and open communication on this scale was virtually non-existent. Now Alex blogged, commented about Preston Gralla’s poor research behind his post and got a reply. I then emailed Alex about an unrelated topic (choosing passwords in the WeeklyTechTips post), happened to mentioned this topic, and he pointed me to a comment of his on Preston Gralla’s blog.

I have a book on my shelf “How The Internet Works” (Fourth Edition), which I got for a school project back in High School (great book by the way). Would I have imagined the above chain of events when I got that book? Not in a million years. A few years ago this would have been a small article on a tech news site, and nothing more. Two people whose writing I read, going back and forth, and having a chance to contact one of them and get a reply a minute later is really remarkable by those standards. By today’s standards it’s somewhat more normal (though still appreciated).

The blogging phenomenon definitely made IT more transparent. I become more convinced of this on a daily basis.

By the way it looks like Mr. Gralla’s now up to “How The Internet Works Eighth Edition“. I guess I wasn’t the only one who thought it was a cool book.

SiteAdvisor Spyware Quiz

Site Advisor is running a quiz to see if users can correctly identify sites that ship spyware with their products. A few things crossed my mind while taking the quiz:

The age old method of knowing if an establishment is legitimate is to ask someone who knows, or rely on reviews. In my case I use Google queries, and got 7/8 (simply because I guessed on the P2P programs presented in the end, because I got lazy and it’s getting late). That proved pretty accurate. Just the site name and “spyware” turned up good results each time. Granted that’s more technical than most. I know many who limit their downloads to those offered by more trusted sources (recommended by tech mags for example, or included on CD with them). This test doesn’t really reflect those habits accurately, making more people seem vulnerable.

Why do they have an old version of Firefox for the screenshots (I see the update icon)? Don’t they know running the latest version has more security fixes, and will protect them from known and fixed exploits? I’d expect more from them on that one.

Oh yea, after your done taking the test you can see the analysis of the results, but don’t view that if you plan to take the test or you’ll ruin it. But I know your all honest and wouldn’t cheat ;-).

Firefox for only $37.95?

SiteAdvisor has an interesting article up on a scam where a site makes people pay to download Firefox. As much as $37.95!

I’ll let you all in on a little secret. For the next 30 x 6.022 x 1023 days, you can get Firefox completely FREE! No ads, no spyware, and no spam! Just download here.

What’s the catch? Enjoy the internet, and perhaps tell a friend ;-).

Ok, but seriously it’s pretty sad to see people scamming innocent internet users. Just remember when you tell people about Firefox, to give them an official url (getfirefox.com, mozilla.com, mozilla.org), and tell them it’s 100% free.

Sony should compensate for it’s rootkit fiasco

After this whole mess with rootkits, I’m starting to think Sony should be giving monetary compensation to those effected. Write an app to see if the rootkit was installed, and give a confirmation number. That number should be worth some hard cash, since it appears that the only way to get rid of this giant hole is to completely wipe your hard drive and reinstall your stuff (lots of time, and as we know time = money).

I don’t believe for a second this caught Sony by surprise, they knew what the software did, and how much trouble it can cause the end user. Their business strategy was simply to hope nobody noticed. There’s no way this software was written without an understanding of what it did. Absolutely no chance. Rootkits have been a topic of discussion for sometime (mainly related to spyware).

I’d say those effected deserve at least $250- per computer, likely more. Considering the best remedy right now is to backup documents, format and reinstall. That will take at least 3hrs -5hrs for most people. And for many people who don’t have much experience with this, it will take much longer.

In all honesty, Sony should face some legal consequences for fraud or hacking, since that’s essentially what they did. If a 17 year old can get 17 months for hacking Paris Hiltons cell phone (the last part of her anatomy not widely available on the internet), and Canada got a kid for 2 years, how could this be worth nothing?

If nothing happens to Sony (which is very likely), the next company to attempt this is going to take it a step further, and it’s just going to get worse. I think CNet’s article has a great title “Who has the right to control your PC?”. Very appropriate.

Update [11/21/2005 @ 1:58 PM EST]: Texas sues Sony BMG over alleged spyware. Thank you State of Texas! I still want users to be compensated though. They are the ones who get still get the short end of the stick.