grand stream dreams: June 2008

Playing in AVG Free Traffic...

07-06/08 Update: Upon attempting to do a follow-up post seeing if the AVG Free v8 “SP1” build made a difference in LinkScanner Traffic (as AVG reports they have accomplished), I located some serious problems with the data reported. Turns out I had captured all the data from my network monitoring, but I had not selected the actual summary session totals. So I have gone-back and re-parsed the data below.

While the totals have changed, the overall conclusions did not, and seem to be even more overwhelming in terms of traffic the initial LinkScanner version in AVG Free 8 (b101) generated.

--Claus

So, in the process of doing some last-minute editing and fact-checking for my guest post over at Houston's chon.com (TechBlog: Guest post: Claus Valca's little AVG 8 Free 'problem') I decided I had to independently confirm if a custom removal of the Search-Shield component from AVG Free did in fact remove the LinkScanner traffic.

First: A Quick LinkScanner GSD Post Review

As reported in this post - AVG disguises fake traffic as IE6 | The Register – AVG Technologies continues to tweak its beloved/despised LinkScanner component.

To refresh, this “feature” pre-checks links as you browse to them in your web-browser for malware and other web-ilk. Great idea in theory. Seeing as IE, Firefox 3.0, and Opera 9.5 already have a similar feature embedded in them to varying degrees, makes perfect sense for AVG to load-down your pc with even more web-security protection. I can think of several good images but let’s keep the discussion family-friendly.

As AVG Free has hereto-with been a very popular anti-virus solution and loaded on bazillons of pc’s, and seeing how many of these users have already upgraded to version 8.0 and not done the fancy-pantsy CLI “stripped” version install, the Interwebs are now full of AVG’s additional LinkScanner traffic.

The first versions of LinkScanner registered their “pre-visit” click-through event scans as the unique user agent "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1;1813)."

Clever folks like the guy over at OSBlues figured out quickly how to filter out that cosmic-noise from web-master logs. Goodness knows it was giving them fits up to that point.

Now it appears that AVG has jiggered LinkScanner to now also report clicks under the following additional user agents:

Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1;1813)

According to OSBlues, this actually is the same agent profile used by LinkScanner products before they were bought out by AVG Technologies (Grisoft).

That Register article’s Comments on ‘AVG disguises fake traffic as IE6’ are filled with quite a few good perspectives.

OSBlues has also confirmed that AVG says that LinkScanner does at least NOT click Google AdWords. Not clear that other such pay-per-click providers are also spared this noise.

Adam over at OSBlues offers his perspective which provides great insight into the headache this is causing those who depend on web-stats as well as the detective work he did to uncover this trend, and raises a "bandwidth leaching" concern as well.

AVG Destroys Web Analytics « OSBlues

In fact, LinkScanner analyses results from search engines (not just Google) and is browser independent. This may sound like a good idea from a security point of view, however, from a webmaster/website owner point of view, this is not good at all.
If your site appears well in the search engines, as everyone strives to do, your website is or is going to be hugely affected by this. Essentially this means, that everytime your site appears in a users results, regardless of whether they click on it, your website logfiles and thefore your statistics will show that person as a real visitor coming to your site. Now, because the IP address is the users IP address, we can’t filter on that, at first look it would appear we can filter on this useragent, unfortunately I spotted another one

Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1)

This one however, is even worst. This time it’s a legitimate user agent which means you can’t filter it out or rewrite it to another page on your site without the risk of blocking or harming real visitors. The first user agent is different, due to lack of a space (or plus) between the last semi-colon and the 1813, it doesn’t follow the standard pattern used by Microsoft.
So, we get to crux of the problem, AVG has destroyed web analytics for people who use a logfile analysis tool. Not only have they done this, they are also wasting our bandwidth and our disk space on servers!

Second: LinkScanner Results on a "real" System.

Now back to the show.

As we have just seen, network traffic is increased at the web-site level due to AVG LinkScanner usage.

In addition, many, many AVG users are fussing about the degraded browsing performance on their PC systems where LinkScanner (Search-Shield / Safe-Surf) components are active. Lots of AVG users.

So Dwight and I confirmed that you do not have to use a command-line installation method to disable the Search-Shield/Safe-Surf ...whatever AVG likes to call it) component. Question that remained was, did this method effectively remove the LinkScanner activity in AVG Free version 8?

I fired up a "real" XP SP3 image in Virtual PC 2007. Again, by "real" I mean it is a copy of Dad's old XP system I previously had converted to a VPC image. All the junk that a "normal" user would have is on this test-bed.

I downloaded and unpacked Nir Sofer's freeware packet-sniffer SmartSniff inside that virtual system. There were a host of other packet-sniffing tools I could have used for more detail but I was confident this would give me some quick data that I was looking for. It also was light and fast, perfect for my VPC environment.

I then proceeded to run four packet-capture sessions under two different states of an AVG Free v 8.0 build 101 installation; a "Full" install (with Search-Shield) and a "Custom" install (without Search-Shield).

With Search-Shield Installed...

For the first test I ran Internet Explorer 7 and browsed to Google, then did three searches: TechBlog, Grand Stream Dreams, and Starbucks.

I could see the Safe Search icons loading and being added to the Google results page. All were fine and passed the safe-site test (whew!).

~~According to SmartSniff, I captured a total of 131 TCP/IP conversations resulting in a total of 173 packets and total size of 14,036 Bytes.~~

According to SmartSniff, I captured a total of 131 TCP/IP conversations resulting in a total of 5,391 packets and total size of 3,615,873 Bytes.

For second test I closed out IE. Reopened it, browsed to Google, ran a search for Grand Stream Dreams, then clicked the link to fully load my main blog page.

~~According to SmartSniff, I captured a total of 44 TCP/IP conversations resulting in a total of 31 packets and total size of 25,925 Bytes.~~

According to SmartSniff, I captured a total of 44 TCP/IP conversations resulting in a total of 1,152 packets and total size of 723,115 Bytes.

Without Search-Shield Installed...

For the third test I reinstalled AVG but this time removed the Search-Shield component in the custom setup wizard.

I again ran Internet Explorer 7 and browsed to Google, then did three searches: TechBlog, Grand Stream Dreams, and Starbucks.

This time I could see no Search Shield icons loading and being added to the Google results page.

~~According to SmartSniff, I captured a total of 37 TCP/IP conversations resulting in a total of 4 packets and total size of 924 Bytes.~~

According to SmartSniff, I captured a total of 37 TCP/IP conversations resulting in a total of 699 packets and total size of 229,908 Bytes.

For second test I closed out IE. Reopened it, and again browsed to Google, ran a search for Grand Stream Dreams, then clicked the link to fully load my main blog page.

~~According to SmartSniff, I captured a total of 11 TCP/IP conversations resulting in a total of 11 packets and total size of 3,200 Bytes.~~

According to SmartSniff, I captured a total of 11 TCP/IP conversations resulting in a total of 182 packets and total size of 68,054 Bytes.

Amazing! I was stunned to see it with my own eyes in this very simple test.

That Secret AVG LinkScanner User Agent ...

In addition, I could clearly pick out in the AVG Search Shield enabled captures the following user agent, as being reported in various sources earlier noted in this post:

User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)

My regular system browser (and non-SafeSearch loads) requests were the following:

User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; 1.925)

Again, for side-by side comparisons with/without Search Shield on each set of links:

Set #1 (Google, --> Searches only on following words: TechBlog, Grand Stream Dreams, Starbucks)

a. Total of 131 TCP/IP conversations were captured resulting in a total of 173 packets and total size of 14,036 Bytes.
c. Total of 37 TCP/IP conversations were captured resulting in a total of 4 packets and total size of 924 Bytes.

~~Difference of 97 extra TCP/IP conversations, 169 packets, and total size of 13,112 Bytes transmitted just by using the LinkScanner Safe Search component.~~

a. Total of 131 TCP/IP conversations were captured resulting in a total of 5,391 packets and total size of 3,615,873 Bytes.
c. Total of 37 TCP/IP conversations were captured resulting in a total of 699 packets and total size of 229,908 Bytes.

Difference of 97 extra TCP/IP conversations, 4,692 packets, and total size of 3,385,965 Bytes transmitted just by using the LinkScanner Safe Search component.

Set #2 (Google, --> search and click-through to Grand Steam Dreams)

b. Total of 44 TCP/IP conversations were captured resulting in a total of 31 packets and total size of 25,925 Bytes.
d. Total of 11 TCP/IP conversations were captured resulting in a total of 11 packets and total size of 3,200 Bytes.

~~That's a difference of 33 extra TCP/IP conversations, 20 packets, and total size of 22,275 Bytes transmitted just by using the LinkScanner Safe Search component to load a single blog main-page.~~

b. Total of 44 TCP/IP conversations were captured resulting in a total of 1,152 packets and total size of 784,731 Bytes.
d. Total of 11 TCP/IP conversations were captured resulting in a total of 182 packets and total size of 68,054 Bytes.

That's a difference of 33 extra TCP/IP conversations, 970 packets, and total size of 716,677 Bytes transmitted just by using the LinkScanner Safe Search component to load a single blog main-page.

It is simply amazing. And this was just a very quick browsing exercise. Those totals will accrue over a long web-surfing exercise.

You just don't really appreciate the LinkScanner traffic impact on the local system until you see it for yourself.

Granted, AVG home-pc users (and others) who have beefy new systems with lots of RAM and high CPU MHz numbers, along with a broadband network connection to the Inter-webs autobahn lanes might not even notice this as an issue. They are probably still tooling along in their S-class workstations, oblivious to this bad behavior.

However the poor AVG Free users who are clueless, and are stuck driving their air-cooled, four-banger "peoples-wagon" PC with low RAM and CPU MHz's and puttering even slower now on the the dial-up access roads probably are miserable and jealous and confused; maybe even worse.

Yeah, I know it's not going to break any banks or probably overload the Inter-tubes, but you can at least get a simple appreciation on just how much network traffic impact might be going on if just a moderate percentage AVG's claimed 70 million AVG users world-wide install AVG Version 8 and enable the LinkScanner technology in it's current form. It certainly is compounding issues with bandwidth usage already on the rise with streaming media files, torrents, and spam.

What next? Will major ISP's seek to add AVG users to the growing list of throttling targets?

OMG! What would this do for folks whose ISP's are hard at work lobbying for data-download caps for their subscribers? Comcast Considering 250GB Cap, Overage Fees - dslreports.com

Yikes!

Wouldn't be a shame if a user's AVG Free product pushed them over the limit not due to downloading torrent files, ISO's, or other stuff, but simply for running their security product with LinkScanner enabled?

Am I falling into a falsely alarmist view? Maybe.

Could it be a problem? Certainly.

But it gets even worse...

Third: AVG's LinkScanner Security Technology; A Tool for 3vil?

In working on my guest post I stumbled on a very interesting website.

AVG Watch.org

Some fellow Texans did some great research and found a neat (don't try this at home kiddies) method to use LinkScanner to use AVG's LinkScanner to bomb a website with a simple DoS (denial of service) attack.

Read the post. It is quite good and has some great technical notes and details.

Oh Bother!

Wonder how AVG is going to close this Pandora's Box up.

Ranger(s) Needed?

Now which is more valuable? Keeping Aunt Lilly and Uncle Bob's pc safe from malicious click-to web links? Or denying the 3vil a new and free security tool to lightly-nuke a website?

So in the words of our poor AVG friend michaelhd, is LinkScanner still a "...valuable security tool to protect users while they surf"? Really?

I suppose the jury's still out, but the court of public opinion seems to be reaching a clear and loud verdict in advance of the final decision outside in the Texas summer heat.

Better call in a Texas Ranger to help guard the defendant.

Hmmm. 70 million users of AVG and the web-masters to boot?

Might want to break the rules and send two Texas Rangers just to be sure the jury gets its opportunity to render a decision first.

Now, where did I put my Stetson.....

--Claus

Remove LinkScanner from AVG simply

In doing research on yet another AVG post, eagle-eyed Dwight Silverman, chron.com TechBlog guru extraordinaire noted to me that when he did a recent install of AVG Free version 8.0 on a family-member's pc he was able to successfully remove the LinkScanner feature fairly simply.

All this without diving into the previously noted command-line argument installation method to accomplish.

So I did some research and it's 100% true!

I fired up a "real" XP SP3 image in Virtual PC 2007. By real I mean it is a copy of Dad's old XP system I previously had converted to a VPC image. All the junk that a "normal" user would have is on this test-bed.

I removed the AVG Free 7.5 build we had installed on it. Reboot.

Then I downloaded and installed the latest build release (as of this post) version of AVG Free version 8; AVG Free Edition 8.0.101.

Say Good-Bye to AVG LinkScanner/Search-Shield! (Fresh Install)

1) Fire up the installer and get the setup-wizard going.

2) Click "Next" on the "Welcome to the AVG Free Setup Program" window.

3) Click "Accept" on the "Acceptance Notice" window.

4) Click "Accept" on the EULA page window.

5) A "Checking System Status" operation will run quickly.

6) Now chose "Custom Installation" on the "Select Installation Type" window.

7) Enter your user name and click "Next" on the "Activate your AVG Free License"

8) Keep the "Destination Folder" at the default. Click "Next".

9) De-Select the "AVG Search-Shield" tick-box on the "Module Selection" window. Click "Next".

10) Take the defaults (if you want) to the "E-mail Scanning" window. Click "Next".

11) Click "Finish" on the "Setup Summary" window.

The installer will run its routines and eventually report (hopefully!) that the install completed!

Note that in my tests, making that choice automatically prevented installation of the AVG Security Toolbar/Yahoo! Search component. It just wasn't presented as an installation choice and wasn't installed on the system.

Furthermore, when I went into Internet Explorer 7 and checked for Add-ons, nothing related to AVG was seen.

In contrast, when AVG is installed with all the defaults (Search-Shield enabled) and the AVG Security Toolbar like most home-users are going to blissfully do, you get the following:

Note above there are two AVG Security Toolbar components as well as the AVG Safe Search BHO and Shockwave Flash has been installed as well in the process.

Finally, here is what the the IE Add-ons manager looks like if you choose to install Search-Shield module but not install the AVG Security Toolbar:

Firefox is also treated to a similar handling in it's Add-on's module.

Say Good-Bye to AVG LinkScanner/Search-Shield! (Existing Install)

Now, if you have previously installed AVG Free using a prior build or even this one but included the LinkScanner/Safe-Shield component and now you don't want it, just download the latest installer again and follow the steps. The only real difference is you will get the option to "Select Setup Type."

Just keep the radio-button to "Add or remove components" marked and hit "Next." Then you can jump in to the steps above again at # 7 to finish removing just this component as noted above. You will also be presented with extra window prompt to keep or remove the AVG Security Toolbar. Your choice. I personally remove it on my installations.

That was pretty easy right? On this XP test bed, no system reboots were required in all the times I did custom install modification after custom install modification to get these screen shots and verify the results.

Questions that Remain...

First, why does the AVG Advanced view (Tools -> Advanced Settings...) after removing Search-Shield still show a LinkScanner component is available. Probably just a messy GUI programming element that needs to be cleaned up. (Note: LinkScanner module icon is gone from the module element field in the main window.)

Second, why is "michaelhd" noted as being "AVG Team" in this AVG Free Forums notice promising as of June 24th that the upcoming AVG Free 8.0 "Service Pack 1" release going to finally include the ability to do a custom-install "...to de-select the linkscanner component"?

Ummm. Mike? Who's feeding you this information from within AVG? Clearly as we see in this post, AVG Free version 8, build 101 already contains this option...although not very clearly to customers.

Third, how do I know these steps alone removes LinkScanner from the system? Stay tuned for my next post. It's a doozie!

--Claus

Variations on a Theme called Firefox

Theme in this case being related to "a common idea” like in music or literature rather than a GUI based design applied to the browser….

Almost at the bottom of my link-post bucket…bear with me.

Firefox 3.0 Location Bar Fiddling and “OH!” its called the “Site Identity” button?

Turn Firefox 3’s Location Bar Yellow at https:// URLs – Lifehacker tip.

I did this trick and liked it quickly. Basically you can mess around with the address bar to make the full bar turn yellow again in Firefox 3.0. This behavior was modified a bit in Firefox 3.0.

To accomplish this trick I added the following code to my userChrome.css file located in my profile’s chrome folder:

#urlbar[level] .autocomplete-textbox-container {
background-color: #FFFFB7 !important;
}

Of course if you want a different color, insert the hex-code color of your choosing.

While I was at it, there were a bunch other cool tips in the comments. I added this one as well to my userChrome.css file to remove the “star” bookmarking icon. I never use that sucker.

#star-button {
display: none !important;
}

Visualize blue https sites in Firefox 3 in a better way – gHacks blog.

Yep. Now that we got done messing up a perfectly good address bar, Lets much it up more!

This tip from Martin at gHacks only requires the changing of a value in the about:config settings. Much easier if you don’t want to fiddle in the userChrome.css file.

Just go to about:config and find the browser.identify.sll_domain_display key.

0 is the default, 1 also colors the top-level domain, 2 colors the whole domain and displays the address as colored in the favicon area..

Confused? Check out the gHacks post then pop over to the Browser.identity.ssl domain display - MozillaZine Knowledge Base article for more details.

Finally the color distinctions are described a bit in this Mozilla Firefox 3 Released – MozillaZine article:

The site icon to the left of the Location bar is now the Site Identification button. While previous versions of Firefox concentrated on informing users whether their connection to a website was encrypted or not, Firefox 3 tries to focus more on who runs the site. When visiting a secure site, the Location bar no longer turns yellow and shows a padlock icon (though this is still present in the Status Bar). Instead, the Site Identity button turns blue (yellow was judged to no longer be a good color as Internet Explorer 7 uses it to mean a suspected phishing website) and clicking it will reveal the domain name of the site and who supplied the security certificate.
However, if the has a newer Extended Validation certificate (see https://www.paypal.com/ for an example), the Site Identity button will turn green and display the name of the organization that runs the website. Clicking on the button will display not only the domain name of the site and certificate issuer but also the name and location of the who runs the site. Internet Explorer 7 and Opera 9.5 already support Extended Validation certificates.
Firefox 3 is also more strict about denying access to secure sites when the site's configuration is not quite right (for example, if the certificate presented does not match the domain name). To improve usability, all secure site errors are now displayed in the content area (like connection errors) rather than popping up modal dialogs.

See also this blog post at dria.org offered by commenter Scott Walsh Firefox 3: Site Identification button to get into more details on this thing I used to consider just a favicon in Firefox 3. Now I now better! This post is very detailed and nuanced. Great stuff to review for Firefox heads.

So now you have…

a yellow (or whatever color you picked) full address bar color to clearly alert you to the presence of a secure address,
a blue “Site Identity” button (favicon) coloring to also indicate a secure website,and displaying the full domain address of the site,
a green “Site identity” button color to indicate a secure website using the newer “Extended Validation” certificate is present and in use, and
a gray “Site identify” button color for sites offering no identity information at all—which is most websites you come across.

Want to mess around even more? Fine.

9 tweaks for Firefox 3’s location bar - Mozilla Links

Have at it!

Full Screen Display Repairing

When Firefox 3.0 came out they really made the “F11” full screen feature work. It now removes the tab bar, location bar, and status bar.

If that’s too much real-estate for you, then follow this easy gHacks tip: Change Firefox 3 Full Screen Mode

Just find the about:config key browser.fullscreen.autohide and toggle it to “false” to put things right again.

More details here: Browser.fullscreen.autohide - MozillaZine Knowledge Base

Disappearing Favicons in Firefox 3

As I have mentioned, Right now (until Weave is released in final form) I’m managing my Firefox 3.0 bookmarks again by shuffling an exported bookmark file back and forth between systems.

It works pretty well.

However I noticed that sometimes my bookmark favicons disappear and I have to revisit the site to re-load them. And sometimes they just refused to re-display at all.

Strange.

So I set out on a search to fix them.

I found a lot of great information and tips regarding favicon behavior;

Manually refresh favicon.ico files in Firefox 3 - Tim Dupree - tdupree.com. This fascinating technique involves using the SQlite Manager Add-on for Firefox to explore the places.sqlite database file. It was really fun. Anyway, you find the favicon reference file, delete the BLOB data field linked. Then close out the database and close Firefox. When relaunched, visit the site again and the bookmark favicon should refresh. Only in my case, it did not.

Hmm.

Next I found these mozillaZine forum posts:

Make Firefox 3 Beta NOT update favicons... • mozillaZine Forums

Favicons in bookmarks - How to get rid of them? • mozillaZine Forums

Yeah, crazy right? Read stuff on how not to do what you are trying to fix and then do the opposite.

Despite also not helping me with my problem, they again provided great background information into the inner workings of the Mozilla favicon handling.

Finally I found this great page: GrApple - Aronnax`s Firefox Themes.

It has a hack to change the RSS feed indicator in your Firefox address bar. Neat.

Also, a hack to modify the favicons in the search field and one for the favicons in the bookmarks toolbar.

I added the last to in to my userChrome.css file as well.

Still didn’t help me. I could see the favicons in their teasing beauty in the now correctly named “Site Identity” button field but many wouldn’t update in the corresponding bookmark icon, while others would.

Finally I did some plain and simple Southern ‘spearmint’n:

Clearing the cache, cookies, and history didn’t help.

So I tried dragging a new bookmark in next to the non-updating one. It worked.

After some more work I’ve decided that if you have changed the “name” property of the bookmark to a custom one in Firefox 2.0, then imported them over into Firefox 3.0 some time in the past, it would preserve the favicon on that system. But when you then copy that bookmark JSON file over between systems, something breaks and the icon can not re-update again.

So I had to rebuild all of those I found that wouldn’t update automatically by clicking them and loading the page. Once so replaced, they seem to re-update fine when clicked after swapping between profiles.

Anyway, I’ve got all my favorite and most used ones updated now. It will be a while before I can work through all the more buried ones I have.

Sage Returns – A Bit Too Late to the Dance?

I’m an evangelist now for NewsFox, the greatest RSS feed reader Add-on for Firefox ever.

Then recently folks decided that my former favorite RSS feed extension Sage was dead so they resurrected it in Sage-Too. Nicely done.

I guess someone got their feelings hurt (or simply were prodded into action) as now the Sage team has now released Sage again now compatible with Firefox 3.0.

Sage 1.4 Released: Sage Blog – lists lots of fixes.

Sage 1.4.1 Released: Sage Blog – few more fixes.

Now downloading at this Sage Install link.

Me? Too much water has flowed under the bridge. I’m sticking with NewsFox.

To Tweak or not to Tweak…That is the Color Question

BoingBoing picked up a blog post regarding a tiny not well known about:config change that just might better render color images in Firefox 3.0.

Color management tweak in Firefox 3 – BoingBoing

Upside? Colors “might” be more vibrant and rich.

Downside? Browser performance might take a hit and most image files don’t contain the extra data needed to take advantage of this tweak. Also, it might mess with your color-optimized monitor if you are a graphic designer and fiddle with these things as well for picture-perfect rendering.

I tried it, Couldn’t see much of a difference either way so I went back to the default.

More details? Ask and you shall receive!

Firefox 3: Color profile support (oh the pretty, pretty colors) – Dria.org blog

Firefox 3: Tweak Firefox to Display Richer Colors – Lifehacker blog

Gfx.color management.enabled - MozillaZine Knowledge Base

The Bits that Remain

Firefox Add-ons Site Gets Advanced Search – CyberNet news – I’m personally really loving the new advanced search feature in the Mozilla add-ons site. You can really drill down the searches now. Saves me a bunch-load of time.

Yes, Firefox does Phone Home Everyday – CyberNet News. No real surprises here. I knew at least about some of the add-on checks for updates, browser updates check, and the download of the Google malware-attack-site file data.

Connections established on startup – Firefox - MozillaZine Knowledge Base. Even better details on those web-processes started in Firefox at launch.

Downloading JSON and JavaScript in extensions – MDC – don’t know why but I just simply found this an interesting read.

Quite a performance tonight!

--Claus

AVG Free v 8 SP1 and More LinkScanner Details

First things, first.

The AVG Free v 8.0 SP1 Watch Continues…

I, like many other hard-core (boneheaded?) AVG Free version 8 users are holding out hope against hope that the upcoming AVG Free version 8.0 “Service Pack 1” release will help resolve many of the issues we have been railing against, including among other things

Improved performance,
Cleanup of the AVG system-tray icon for user-disabled modules (no ugly icon!),
Ability to optionally not-install the LinkScanner component,
Maybe show that a scan is in progress by changing the system tray icon like in version 7.5,
A more useful right-click menu to the system-tray icon for AVG v 8.

Customer’s of the paid version of AVG version 8.0 did see release and upgrade of their software to this so-called “SP1” version this past week.

This SP1 version is being listed as 8.0.131. So that is likely the release version free users need to be keeping an eye out for as well.

We now have semi-exciting word from the AVG Free Forums from AVG team-member “michaelhd”:

NEW IN AVG FREE 8.0 (SP1)
Posted by: michaelhd - AVG Team (IP Logged)
Date: June 24, 2008 09:18AM
AVG Free SP1 is due for release in the next few weeks (mid july or earlier).
It will be a standard update to existing AVG Free 8.0 installation - no need to install new build.

It will have option in custom install screen to de-select the linkscanner component.

We hope that this new option gives our valued customers the "choice" that they have requested. Those who have experienced genuine problems with web surfing speed can de-select the linkscanner.

However the default "standard installation" will continue to install this valuable security tool to protect users while they surf.

Edited 1 times. Last edit at 06/24/08 08:15PM by BIG AL 43.

Certainly that is good news, especially the ability to “deselect the linkscanner.” Note however, michaelhd clearly mentions that it will continue to be installed by default.

Sigh.

If posters to this Wilders Security Forums thread are accurate the new AVG Free 8.0 SP1 version will bring the following additional enhancements and features:

Fixes and Improvements included in this update:
- Remake of internal communication to eliminate undesired program status appearance (hibernation, sleep mode, cold restart, ...).
- Display of the system tray icon representing running scan (that can be paused or stopped from the context menu).
- Added option to ignore the status of a component: the system tray icon then reports OK status even if a component is in error status.
- New tab added for the rootkit findings in the scan results overview.
- System restore point is created before launching a program update.
- Added new option verifying the ADMIN Server connection in the program's advanced settings.
- Improved EML file processing including scanning of user mailboxes.
- RAM requirements optimization.
- Improved statistics of detected objects in Email Scanner and resident Shield.
- New design of the system tray pop-up window, and more information provided.
- To eliminate AVG collisions with OS, only minimum drivers are installed in safe mode; then it is possible to launch on-demand scanning from the command line only, and a new GUI dialog has been added to ease the scan configuration.
- Added option of restoring a file from the Virus Vault to the original folder even if the folder has been removed.
- Added option of deleting the Resident Shield and Email Scanner history.
- Improved stability and design of GUI.
- Improved GUI accessibility (using keyboard).
- Fixed problem of GUI compatibility with some screereaders, e.g. JAWS.

My advice here is if you are still using AVG Free version 7.5, stick with it a bit longer until this new AVG Free version 8.0 “SP1” build comes out and has been reviewed at large. If things look good after that point, make the jump to upgrade. If not, stick with AVG Free 7.5 for a bit longer or until AVG Free version 8.0 “SP 3" comes out or you find another freeware A/V solution.

Special thanks to DougCuk and Ron Schenone for their ongoing work giving me tips pointing to these AVG Free 8.0 nuggets.

AVG’s LinkScanner Continues to Frustrate and Morph

As reported in this post - AVG disguises fake traffic as IE6 | The Register – AVG Technologies continues to tweak its beloved/despised LinkScanner component.

The first versions of LinkScanner registered their “pre-visit” click-through event scans as the unique user agent "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1;1813)."

Clever folks like the guy over at OSBlues figured out quickly how to filter out that cosmic-noise from web-master logs. Goodness knows it was giving them fits up to that point.

Now it appears that AVG has jiggered LinkScanner to now also report clicks under the following additional user agents:

Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1;1813)

According to OSBlues, this actually is the same agent profile used by LinkScanner products before they were bought out by AVG Technologies (Grisoft).

Yikes! Sort some of those out between “real” and “AVG bot” clicks. Good luck.

That Register article’s Comments on ‘AVG disguises fake traffic as IE6’ are filled with quite a few good perspectives.

OSBlues has also confirmed that AVG says that LinkScanner does at least NOT click Google AdWords. Not clear that other such pay-per-click providers are also spared this noise.

Bonus AVG Links

Here is a quick link to an AVG 8.0 HOT TOPICS FAQ with some useful product information including (currently) the following topics:

Updating your AVG to the latest version
How to install AVG 8.0 over AVG 7.x or AVG Free
LinkScanner - what is it?
AVG uses too much memory and slows down computer
AVG Security Toolbar - what is it?
Slow opening of websites on Windows Vista
AVG Toolbar error in Mozilla Firefox

And this AVG 8.0 NEWS FAQ link repeats those and currently provides other new ones:

Gaming mode
How to migrate AVG Admin 7.5 to AVG 8.0 Remote Administration
AVG Security Toolbar - how to delete history
How to disable AVG temporarily
AVG 7.x to AVG 8.0 reinstallation process was aborted. What to do now?

Finally, in one of those this an answer to my speculation as to maybe not wanting to do a clean-install/upgrade of AVG 7.5 to AVG 8.0 in order to preserve some preferences was found.

Note:
It is not possible to automatically transfer your settings from AVG 7.5 to AVG 8.0, due to major changes in the program function. In case you are using AVG Firewall, only basic rules will be copied to the new AVG 8.0 Firewall configuration.

So armed with that information, I still personally recommend first uninstalling AVG Free 7.5 first, rebooting, then installing the AVG Free 8.0 version next. But an “in-place” upgrade should work without issue.

--Claus

Manually Update AVG Free 7.5

The AVG Free saga continues.

When we last stepped into the theatre with our popcorn and refreshing soda-fountain beverage in hand, it appeared quite clearly that AVG Free would and/or would not stop the automatic updating component of the AVG Free 7.5 builds after June 25th. Customers using the AVG “Paid” versions of 7.5 would continue to get updated through the end of December.

Today is June 28th and as of this post, I can confirm with my own systems that AVG Free 7.5 servers are still funneling automatic virus file signatures to users via the automatic update mechanisms.

So where does that leave AVG Free users of 7.5?

Confused as ever. What did you expect?

So, thanks to several kind requests in the comments of a GSD AVG post from “Grateful Granny” I’m sharing a method to manually download and install your AVG 7.5 DAT file signatures into your Windows system if you are running AVG Free 7.5.

This might be useful information to know if AVG does eventually decide to turn off the automatic update spigots for AVG Free 7.5 users, but continues to publish them for it’s paid version customers.

So without further delay--lest AVG changes something on me--here we go.

How To Manually Update AVG Free 7.5 Anti-Virus Signatures

For these steps I'm using AVG Free Edition 7.5.524 on a Windows XP system. Link is to FileHippo an alternative download site I’ve used and trusted for years.

1. Go to the following official AVG site link and download the following update file: AVG Free V 7 Priority updates. The current link file you are looking for is called “IAVI: / 1523.” It's the bottom one and the numbers in the name will change as it gets updated. A few days ago it was listed as “1521”. The trick is to check the date column and try to snag the most current one. Should be updated daily but you might want to do this every few days if not daily. Make a note where you saved the downloaded file.

2. On your computer, launch either the AVG Free Test Center or Control Center from the right-clicking the AVG system tray or browsing for AVG in the Program Files location in the Start menu.

3. Find the "Check for Updates" button on either AVG program window and click it to launch.

4. In the pop-up window, DESELECT the "do not ask for update source next time..." checkbox. You will probably need to be manually updating them from here on out once the auto-update servers get turned off for AVG 7.5 and this will keep you from getting error messages. Until then you can leave it checked if you want to.

5. Click the "Folder" button at the bottom of that dialog window.

6. Browse to the location where you saved the BIN file you downloaded in step 1 then click OK. If everything is good, AVG should find the "New Update File". This is why I like to save my update files directly to the desktop. It’s easier to find them quickly in the browser tree.

7. Click "YES" to update AVG Free.

8. The file will be unpacked and the AVG updater window should kick off like before.

9. When done, it will give a report that it was done successfully.

You have now manually updated AVG version 7 to to the latest virus signature files!

Easy-Peasy!

This works (for now) on both XP and Vista system running AVG 7.5 Free.

Feel free to delete the BIN update file from your download location if you wish. No need to keep it around if you got a good update applied.

My advice to AVG Free 7.5 users is to continue letting AVG 7.5 Free auto-update the signature updates as long as they keep coming this way…who knows maybe everyone will get lucky and the auto-updates won’t turn off for the AVG Free 7.5 version until after December 2008 as well. Just don’t hold your breath for that.

However, if you want to practice using this method, have at it. If you try it on a system with auto-updates enabled and current, the only thing that will happen when you get to step seven is that it will report that the file is already the most current.

Cheers!

--Claus

Visual Joys

I got a new set of eyeglasses this week.

I've been fussing about apparent chronic eye-strain in my left eye and finally got to the family ophthalmologist for a checkup. The whole process took about an hour to complete.

Turns out it has been almost three years since my last vision checkup. I had to look up that post on my Blackberry to verify the date during the office checkup. Wow.

Good news was that my eyes are 100% healthy outside of the ocular performance.

I was told that the Rx I had been issued by a last-minute optometrist during my last visit was a bit too strong. So he dialed back the strength in one eye a bit and boosted in in my left eye a tad, also tweaking the astigmatism adjustment in it a bit as well.

I had to pick out my new frames by myself this time. After about twenty minutes of looking through the selections at the local mom-and-pop optical store we love and use in town I went with the very first set of frames I picked up; Adidas's "Inspired full rim model a787" in brown.

They look quite sporty yet refined. I went with the full-rim this time as these are very sturdy and rugged feeling, but the modern style compliments my personality and lifestyle pretty well.

Lavie and Alvis loved them.

There is a bit a curvature to the lenses in a wrap-around style and optically it is taking my eyes a bit of time to adjust, but now-where near the issues I encountered with my last sets. These frames also have a polarized sunglass clip that I got allowing me to cut-down on the price of getting a 2nd pair of Rx sunglasses.

My left-eye still feels a bit strained but considering it's been working overtime for the past three to six months, and I still have to adjust to these new optics, I can see much better now right out of the box.

Visual Linkfest

Welcome to A Moment of Luxury - Lavie and I have started watching this new PBS series. The host, William Stubbs, turns out to be a local Houston boy and has a very pleasing presentation of his style. Yes, it is about interior decorating primarily but it is very classy and enjoyable. He reminds us of a mix of Lavie's dad and her uncle.

Flickr: Lost America's Photostream - there are some wicked-awesome visual treats in this flickr collection. Great colors and lighting at night for abandoned Americana materials and locations.

I found this King Kong NY wallpaper over at Social Wallpapering that has become my favorite Vista widescreen notebook wallpaper of the moment. It's a graphic from the King Kong movie and the colors and patterns work great for me for the sparse icons I have on it. Still looking for something for the dual monitor desktop.... I also like this wallpaper Heritage Flight 2 especially for the colors of the P-51 Mustang. However the colors of the buildings in the background are too vivid so I will have to do some color work to mute them out a bit first.

BLDGBLOG has had a number of great posts lately:

BLDGBLOG: Buildings and books - from whence I found the Lost America's photostream on flickr.

BLDGBLOG: Sounding Rooms - which essays on hidden rooms and the mysteries they bring to mind.

BLDGBLOG - bonus: this mini-post links to a public-domain book Secret Chambers and Hiding-Places by Allan Fea which provides some creepy and fun stories on hidden rooms. Oldie but goodie!

Arch Daily - Really neat new architectural blog that has loads of stunning modern designs. Lots of great supporting images with the posts. Every day a new post comes up it is a joy. I want to be an architect in another life. One of my college buddies played on the UH football squad and was in the College of Architecture program. He was always working on these models. Quite the contrast the big stocky football player and his delicate construction-board design models..Sample post: The Barn House / Buro II. I love it!

Kong - freeware - For some reason this post has a Kong undercurrent. Kong is a freeware online/offline overhead shooter game with spectacular play and visuals. Really fun. I spotted this one over in a review at freewaregenius.com. Seems to play well on our laptop/desktop systems.

--Claus

New Toys for Google Blogger in Draft

Now that most all of my posting to Blogger is done via the latest Windows Live Writer - Technical Preview release version, I rarely stop in at Google Blogger at all.

My blog template is also a custom job, so I don't do much now that I have it like I want it.

However, Google continues to refine its Blogger platform and there have been some exciting changes just announced.

Updates and Bug Fixes for June 26th - Blogger in Draft blog

Let’s lead off with the quick stuff:

Google Gadget integration continues to improve, with better editing of gadget preferences.
The new look for the Dashboard has seen a handful of tweaks, including a new button style that we’re trying out and, by popular demand, the “show all blogs” toggle is now sticky.
The subscribe page element has been published to WWW.
We’ve added a “Make Blogger in Draft my default dashboard” to the Blogger in Draft dashboard, so now you don’t have to remember to type “draft.blogger.com” instead of “www.blogger.com.”
So you can easily keep up with the news, we’ve added this blog as a tab on the Blogger in Draft Dashboard.
But that’s not what you came here for. You wanted this:

Webmaster Tools Verification. Turn this on to automatically add and verify all your blogs on Google’s Webmaster Tools.
Star ratings. Add a 0–5 star rating control to the bottom of your posts so that your readers can rate them.
Import / export of blogs. Back up all of your posts and comments to one Atom XML file on your computer, and import your posts from one blog to another.
Embedded comment form. By incredibly popular demand, we’ve brought the comment form to your blog’s post pages, with support for Google Account and OpenID authentication.
New post editor. We’ve completely revised the post editor, bringing in drag-and-drop image placement and better HTML handling.

The Star Ratings is cute, but GSD is going to pass on this for now.

The Embedded Comment Form feature does intrigue me. I don't think I am going to go through the work of trying to add it to my custom template just yet (more work required) but it does look to be like a feature I will want to go with down the road.

Importing and Exporting of a Blogger blog will be a very appreciated feature when rolled out. For now I just use a special bookmark in Firefox to pull all of my posts up at once in a browser session and just save the page to my drive. This method looks to be faster and more flexible.

Finally, as I mentioned, I use Windows Live Writer as my blog posting platform of choice. I might use the Blogger post editor for a quick change on the fly but I almost never touch it. I do expect these changes to make it more useful in the control area. It includes improved image handling, improved raw-HTML behavior, you can modify the compose behavior options with more granularity, link editing is simplified, Safari 3 is now fully supported, preview mode has been improved, and placeholders are now added for <object> tags in compose mode.

My biggest headache is that the last time I went into the regular Blogger post editor on line it would not display the editor correctly in Firefox 3.0 or Opera. I had to revert over to IE 7 to do what I wanted to do. Egads! Hope this new draft version fixes some of those issues as well.

Also worth checking out is Google Code's announcement of a new interactive version of their Blogger JavaScript Developer's Guide.

With this tool, Blogger users can modify and execute JavaScript code directly in their browser to see what will result. Great for pre-testing changes.

Announcement: Official Google Data APIs Blog: New Blogger Interactive Developer's Guide

Keep blogging!

--Claus

The Opera House and its Bouncer

The Opera browser has remained one of my favorite alternative browsers.

Sure Mozilla’s Firefox web browser remains my favorite one, by pure fact that I can customize the heck out of it with a collection of add-ons that leverages the power for all the things I do on the web, but Opera is fast, slick and sexy.

If Internet Explorer is the family sedan, then Firefox would be a green-version of a Range Rover Sport while Opera would be the Lotus Elise kept around for pure fun.

The Opera Desktop Team has been hard at work making additional refinements to their newest browser release version of 9.5. It is pretty hard to ignore. Certainly it performs circles around Apple's Safari beta for Windows and even beats out Firefox 3.0; although that probably isn't difficult to do with all the add-ons that quickly get piled onto Firefox.

Opera 9.51 RC 2 – fixes some security status items, a Yahoo! Mail crash problem, other crash event triggers and style-sheet loading.

Opera 9.51 RC 1 – fixed drag/drop tab problems, menu rendering over at deviantart.com, display of new feed additions.

In addition, I’ve done some more reading and this Washington Post Security Fix blog by Brian Krebs offers great insight into Opera’s approach to browser-based malware/website blocking.

Opera 9.5 Offers Anti-Malware Protection - Security Fix

Firefox 3.0 operates its “phishing/attack-site” blocking by currently downloading a sqlite url file list periodically from Google’s servers. It cross checks links against this and presents intercept-alerts to the user if a match is found. It’s not foolproof, but a good start. For more information see this GSD post Small Steps by Google...Big Help in Firefox 3.

Anyway…according to Brian’s post, Opera uses an on-line tie-in to Haute Secure’s black-lists.

Each time you browse to a new link, Opera will send a micro-packet (less than 1 kb) to Haute asking for a cross-check. If no match is found, the link is loaded. If so, then it is blocked with a warning. This packet traffic is flowing back and forth to the host sitecheck2.opera.com.

Haute uses its own proprietary collections from internal research and indexing efforts but also supplements that information from Google, Spamhaus, and Phistank.com.

Sending a packet check constantly to Haute might raise privacy concerns. Haute responded in the post comments that they do not send or collect any personally identifiable information nor store it.

Antibozo commented that he ran some detailed behaviour monitoring tests. Very interesting stuff. There was an interesting detail observed. “Every page loaded is checked” isn’t exactly accurate. What antibozo found was that only the primary domain address was checked and it wasn’t rechecked on subsequent same-session visits in the browser. Results of packet response are indeed cached per domain for each session to improve performance as confirmed in the post comments by Opera Software representative Christer Mjellem Strand.

I don’t know the methodology of site indexing but it is conceivable that a site domain could be legitimate but a sub-domain or page could have been seeded with malicious content, thus allowing the user to browse onto the page unaware.

More “official” details on Opera’s browsing protection feature: Opera Fraud Protection

As with Firefox 3.0’s anti-phishing and “attack-site” protection, the similar features in Opera can be manually turned off in the options.

Finally, tests that Brian did by purposely browsing to pages of known malicious content found a poor blocking rate. Hopefully that detection rate will improve as Haute and the other Opera partners in this area continue to refine and expand their lists.

Certainly interesting information and I appreciate Brian, Christer, and antibozo's work in teasing it out.

--Claus

New and Improved Freeware

Here’s hoping that this weekend will present a more relaxed schedule for Claus.

I’ve built up quite a collection of links and topics to post on.

Alvis will be heading off to a church-sponsored camp in North Carolina for the next week so both girls are working hard to collect needed supplies and get everything crammed in the travel-bags.

Hopefully that means I can seclude myself away from the hustle and bustle and enjoy some quiet-time on the keyboard and Inter-tubes.

Quite a lot of my favorite freeware programs have seen updates this past week. Here’s a roundup.

FreeCommander

FreeCommander – freeware - is a dual-pane file-management utility for windows. There are a lot of great and free file-managers out there. However this gem keeps rising to the top of my pile. I use it constantly throughout the day and find myself lost without it. The latest version 2008.06 brings a host of improvements and refinements. The toolbar has been modernized, there is now a built-in FTP tool, and some more bugs have been squashed. Portable on USB. Very highly recommended.

Sysinternals

Process Monitor v1.35 – freeware – Updated version fixes a bug that broke action on Windows 2000 systems. V1.34 just before it added in the ability to filter on result values. A very handy feature.

NirSoft Madness!

I don’t know when Nir Sofer finds the time to sleep. Take a gander at this list of new and improved utilities from a Windows utilities provider on par with Sysinternals itself.

NirSoft Utilities Panel – webpage – just mouse over the listed items and quickly find the current version and last update of the focused utility.

MozillaHistoryView – freeware – Updated versions now support Firefox 3.0 and earlier versions. Lets you view the history files of sites visited by the Mozilla-based browsers, as well as significant data on each URL history item.

MozillaCookiesView – freeware – Updated version now supports Firefox 3.0 and the cookies.sqlite file. Sweet! I find this tool much easier to use to help me manage and remove nuisance cookie crumbs from my Firefox browser than the embedded tool in Firefox proper.

RegDllView – freeware – Updated version lets you delete items now. Use this utility to view and manage the registration and association of DLL, OCX, and EXE files. Use with caution!

DeviceIOView – freeware – New tool that allows you to monitor the data transfer between a software/service and the device driver. Pretty cool and useful for diagnostics work.

CurrPorts – freeware – Updated version fixes compatibility issues under Vista non-admin accounts. I use this tool to look for network connections and the process that is responsible for them. Very useful when tracking down malware or bad-software behavior.

NK2View – freeware – Updated versions fix a bug and adds an additional CLI option. Use to maintain, edit, and audit Outlook’s auto-complete address store known as the NK2 file.

VideoCacheView – freeware – Updated version now able to extract flv files from the Windows temp folder. This is a great tool to extract web-video files you have watched and save them for long-term keeping and enjoyment.

Spybot Search and Destroy News

Spybot-S&D 1.6, beta 2 - Safer Networking Forums

The team over at Spybot remain hard at work on the next pre-cursor to Spybot S&D 2.0.

This interim version beta release brings on some more fixes and tweaks. Do a custom install using the wizard to install along side the current release version if you want. My tests and usage of these beta versions has been highly positive. Scan times are remarkably improved!

No support quite yet for Firefox 3.0, but it may be coming soon in the follow-on beta/RC version. A demonstration/preview “sample feature” download to apply immunizations to Firefox 3.0 does exist: Check out this forum thread and look at the bottom for the ZIP file. Follow instructions.

Alter Ego – SN is working on a method to run single (web-activity related) applications under another user account (one with lower rights for security). Shortcuts are replaced and point to the new profile. Clever idea. ZIP file download is posted in the thread. They also offer an animated overview. More related forum topics here.

The Spybot “next” posts link to a number of additional teases about upcoming feature add-ins. Not real sure what will be seen but it’s sure to be good when done.

Odd’s and Ends

Magical Jelly Bean Keyfinder v2.0.1 – freeware – Got Keys? Yes, many A/V apps love to alert on this and similar tools as PUP’s (potentially unwanted program) since they could be used to “steal” keys from users. However, Windows administrators and FSSS’s (Family System Support Specialists) often know that before you nuke a Windows system and reload it, you better record the existing license keys first, just in case uncle Bob finds he has lost that Windows XP setup key after all. MJBK is one of the best there is. This version allows saves under a CSV format and additionally supports Office 2007 and Vista. You can also do a Load Hive to pull the data off a dead system’s drive. Glorious!

Revo Uninstaller Freeware – freeware – There are a bunch of Freeware Software Uninstallers out on the web for admins to use, all much better than the Windows Add/Remove Programs item. While Revo is not my primary third-party uninstall tool, it does bring a number of great features to the table and is well-recommended for home users looking for something faster and more powerful than what comes with Windows by default. I really like Revo as well in that they offer not just the standard installable version but a USB portable version as well. The latest version (1.71) brings a bug fix on top of numerous improvements seen in v1.70.

CCleaner – freeware – Updated version 2.09.600 now fully supports IE 8.0 beta and Opera 9.5 browsers for cleaning. There have been some memory handling updates for better performance and some GUI changes and tweaks. Always my preferred temp-file cleaning tool. Don’t stop on their main download page. Hop over to their other builds link and consider the USB portable version or the “slim” version as well.

AM-DeadLink – freeware – The latest version 3.2 was actually updated back in Feb 08. I’ve loved this tool for a long time as it is the premier tool for looking for duplicate and dead bookmark links in your browser. Unfortunately it doesn’t (yet) support Firefox’s 3.0 version which maintains bookmarks in the sqlite format. Hopefully that will be coming soon.

Portable Start Menu – freeware – another tool from the maker of AM-Deadlink. This one offers to run off USB stick or the local drive and create a mini-start menu launcher. Other apps like this exist (PStart for example) and I’ve got quite a collection waiting for a post of their own. What makes this particular version nice it that it can auto-scan a drive/folder source for .exe files and automatically add them to the list. Worth checking out.

--Claus

Sun setting on Father’s Day Bliss

Thank you girls for this special day. It doesn’t get much better than this!

I’m proud to be your father, Alvis.

And blessed to have you, Lavie, as my bride and Alvis’s mother.

Love you girls!

--Claus

Grisoft…Please stop the madness!

Madness One – When will AVG Free Version 7.5 End?

When is the fan favorite freebie going away?

Unfortunately there doesn't yet seem to be a clear answer.

AVG 7.5 - The Real Ending Date Is ? ~ The Blade by Ron Schenone, MVP

According to information in that post, the AVG Free v7.5 version may stop automatic updating by December 31st, 2008 (per a Free Forum moderator).

According to information in that post, the AVG Free v 7.5 version may stop automatic updating by June 25th, 2008 (per the Grisoft support and marketing).

Now, there has also been some suggestions on the net that the Free version will stop getting updates at the June date but the paid version may continue getting updates until the December date. That makes a bit of sense to me.

If this is true, the next question that comes up to me is how long will Grisoft continue publishing AV DAT files that be used to manually update the product?

If the "automatic updates" get turned off but Grisoft continues to offer them for its paid customers, I'm betting die-hard 7.5 fans can continue it on life-support by manually downloading and installing the DAT files for a bit longer (December 2008).

Here's a link to them via Grisoft's official Download update (AVG 7.5) web-page.

Your mileage may vary….

Madness Two – AVG Linkscanner: Friend or Foe? Yes.

I’ve been fussing about AVG’s LinkScanner component of AVG Free version 8 for a while now.

Good in theory…weak in delivery.

As such, I’ve been strongly recommending that AVG Free version 8.0 users pass on these features (unless the users are just completely naive for web-dangers).

Comments in one or two of my AVG posts have touched on this component as well:

As a side note - I noticed a slight confusions in some of the posts regarding the LinkScanner technology. I think that Roger Thompson's blog provides some really interesting information about exploits and the necessity to protect while browsing

--Karel Obluk (AVG)

I get the Linkscanner feature.

Your FAQ also does a great job summarizing it: AVG Free FAQ's #1338 I had previously posted a link to it in one of my posts.

Yes, Roger Thompson's blog (and many others like it) point out the hazards that lurk behind many innoculous-appearing web-links. It takes a second to click but hours to clean and recover a system after a bad jump. Many (but not all) geekier-minded security folks already are cautious and security minded with link-hopping. However, as I have said before in my posts, a great many home-users are not so sophisticated and would find great-benefit in the LinkScanner feature of AVG v8.

The biggest hurdle for the rest of us is convincing us 100% that web-surfing performance is not impacted at between using/not using LinkScanner. And that AVG isn't doing any "data-collection" based on those checks...regardless if it is anonymous or not. Current discussion and comments from "power-users" is that they don't want to see a tool-bar, that LinkScanner feature does take a toll on system and web-surfing performance, and that for many folks, it is more of a burden than help.

--Claus Valca (me!)

I came across your website while Googling for a way to uninstall SafeSearch.
Being on a capped plan, I watch my downloads closely. After installing AVG Free 8.0, I noticed that my downloads had increased quite a bit, and I suspected that Safe Search was the culprit.

My suspicion stems from the fact that while SafeSearch is working out the safety rating for each link, my download indicator keeps flashing, which it never did as much with the previous version

I have just uninstalled SafeSearch, so it's a bit early to say if my suspicions are correct, but I would be interested to know if other users have similar suspicions.

--Albert
@ Albert:
The LinkScanner indeed appears to be the cause for increased download size. I captured some of the traffic caused by LinkScanner with Ethereal and found that on various links (especially links to forum pages) the LinkScanner gets mislead and downloads megabytes of data. I first thought I was botted or had a trojan, but it clearly seems to be the LinkScanner. The worst thing about it is that even if you change websites after having made your search, AVG continues to analyze these links, which can consume a significant amount of your bandwidth. The only way to stop these downloads is then to quit your browser. BAD! DISABLE!

-- Anonymous

To install without "AVG Toolbar" and "LinkScanner".

=> avg_free_stf_*.exe /NOAVGTOOLBAR /REMOVE_FEATURE fea_AVG_SafeSurf /REMOVE_FEATURE fea_AVG_SafeSearch

I can understand what AVG Technologies (formerly Grisoft) was trying to do in theory. Its just that the implementation is problematic! :(

--aussiebear

So while these running comments have been going on in light of installation and PC end-user side performance versus the Greater Good™ of web-surfing safety I hadn’t even considered a far more dark-side of LinkScanner: web-traffic and page analytics.

I first got wind of this via a small link inclusion in Dwight Silverman’s Saturday TechBlog post.

That linked to this Register article: AVG scanner blasts internet with fake traffic.

Six months ago, AVG acquired Exploit Prevention Labs and its Linkscanner, a tool that automatically scans search engine results before you click on them. If you search Google, for instance, and ten results turn up, it visits all ten links to ensure they're malware free.
Then, in late April, AVG rolled Linkscanner into its anti-virus engine, which has about 70 million active users worldwide. The company estimates that 20 million machines have upgraded to the tool's new incarnation, AVG version 8, and this has already cooked up enough ghost clicks to skew traffic not only on The Reg but any number of other sites as well.
Adam Beale, who runs a UK-based internet consultancy, says that across his small stable of clients, traffic has spiked as much as 80 per cent on some sites. And this is more than just an inconvenience. After all, sites live and die by their traffic numbers. And net resources aren't free.
"Although [the AVG Linkscanner] might be good for the security of users, it's a real pain for website owners and webmasters," Beale tells us, having blogged about this growing problem. "It's causing people to think their traffic is increasing, costing those who pay for bandwidth, and wasting disk space with large amounts of unnecessary lines in log files."
One of his clients, Beale says, normally pulls in 140GB of bandwidth a month, and for June, he predicts a 5 per cent jump.
When we spoke to AVG chief of research Roger Thompson earlier this week, he was unaware of these issues. But he defended the role of Linkscanner, which he designed while serving as CTO of Exploit Prevention Labs.
"There's so much hacking activity going on the web. The only way to really tell what's there is to go and have a look," he told us. "I don't want to sound flip about this, but if you want to make omelettes, you have to break some eggs."

Ron Schenone’s post AVG LinkScanner Causes More Problems picked up that one and led me to one “discoverer” of this new headache caused by AVG; Adam over at OSBlues.

His perspective provides great insight into the headache this is causing those who depend on web-stats as well as the detective work he did to uncover this trend.

AVG Destroys Web Analytics « OSBlues

In fact, LinkScanner analyses results from search engines (not just Google) and is browser independent. This may sound like a good idea from a security point of view, however, from a webmaster/website owner point of view, this is not good at all.
If your site appears well in the search engines, as everyone strives to do, your website is or is going to be hugely affected by this. Essentially this means, that everytime your site appears in a users results, regardless of whether they click on it, your website logfiles and thefore your statistics will show that person as a real visitor coming to your site. Now, because the IP address is the users IP address, we can’t filter on that, at first look it would appear we can filter on this useragent, unfortunately I spotted another one

Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1)

This one however, is even worst. This time it’s a legitimate user agent which means you can’t filter it out or rewrite it to another page on your site without the risk of blocking or harming real visitors. The first user agent is different, due to lack of a space (or plus) between the last semi-colon and the 1813, it doesn’t follow the standard pattern used by Microsoft.
So, we get to crux of the problem, AVG has destroyed web analytics for people who use a logfile analysis tool. Not only have they done this, they are also wasting our bandwidth and our disk space on servers!

Adam has come up with a LogParser solution for filtering out much of the background noise this security add-on has created on the web: More AVG & LinkScanner Information « OSBlues

Even more from Adam here: Using LogParser With Awstats To Filter AVG Spam « OSBlues

At first the initial comments from Grisoft as quoted in The Register article comments seemed a bit distant and out-of-touch. Donna’s SecurityFlash posted a followup comment from Grisoft that seemed to warm to the idea of working collectively with wise web-Jedi Masters to come up with a secure but harmonious solution.

Response by AVG regarding Linkscanner on AVG products – Donna’s SecurityFlash

Hi, folks. Pat Bitton from AVG here. This issue has clearly raised some concerns that we had not anticipated, and we acknowledge that we need to do something. Our primary purpose with LinkScanner, as Roger Thompson has pointed out, is to protect users against web-based threats that they cannot see. These threats are also usually invisible to web site operators, who presumably also don't wish to be unwittingly passing infections on to their visitors. This kind of problem can and does affect all types of web sites, big or small, and is extremely transient - which is why we don't use the static database approach cited by some as a viable alternative. Over the next few days, we will be exploring ways in which we can continue to deliver informed protection as unobtrusively as possible without adversely impacting site analytics. Any webmaster reading this post who is interested in working with us constructively to reach this goal is welcome to contact me at pat.bitton(at)avg.com.

Indeed Adam at OSBlues soon posted that he had been directly contacted by Pat Bitton looking to work with him (and others) to solve this issue: Contact from AVG « OSBlues.

So there may yet be hope.

Maybe.

However while this may remedy the web-traffic garbage in web-master logs, it may not address the complaints about the traffic generated by AVG Version 8 users (Free/paid) on their own machines by the product.

Me? I’m passing and not installing this component on my system nor am I recommending others install it on theirs at this time. It might indeed protect users from malicious and hostile web-sites, but if they toss out A/V-A/M protection after getting so frustrated with that class of product due to this component, I think that would be even worse.

Adding Insult to Injury: AVG Style

False positives seem to be a hallmark of anti-malware products. The real test is the frequency and seriousness of the false-positives found by an A/V product.

Grisoft’s AVG Free line has, in my experience, generated more than their fair share. That said they have always been fast to respond to fixes and have even included an “imbedded” method of reporting and submission for testing to the Grisoft labs in their AVG version 8 product.

Only this week their false-positive net bagged a biggie: SpywareBlaster.

I’ve long encouraged folks to use this free for personal use product to help insulate their system from web-based malware threats. It works by “…blacklisting the CLSID of known malware programs, effectively preventing them from infecting a protected computer.” Wikipedia. It also can block traversal to websites known to seed malware on systems as well as block tracking cookies.

Awesome and beneficial product.

Only somehow it recently managed to get classified as a threat by AVG. Specifically the sbautoupdate.exe component.

AVG False-Positive Detection on SpywareBlaster – Donna’s SecurityFlash

Fortunately, the crack-team of false-positive AVG checking specialists quickly corrected the issue and posted new DAT files to take care of the problem.

[Resolved] AVG False-Positive Detection on sbautoupdate.exe – Wilders Security Forum

Whew!

Like they Grisoft really needed that headache added to the mix.

AVG 8.0 SP1 – More tidbits in the kibble bowl

Good news is that based on this forum thread still crawling along, some other issues with AVG Free Version 8 might be resolved in the upcoming (mid June?) SP1 release of AVG Free v8.

When is the next version of AVG 8.0 coming out? -- Wilders Security Forum (thanks for the lead Ron!)

(if hbkh’s information is accurate…)

AVG 8.0 VERSION DESCRIPTION
===========================
Product: AVG Internet Security
Version: 8.0 (build 111) - SP1
FIXES & IMPROVEMENTS
====================
- Remake of internal communication to eliminate undesired program status appearance (hibernation, sleep mode, cold restart, ...).
- Display of the system tray icon representing running scan (that can be paused or stopped from the context menu).
- Added option to ignore the status of a component: the system tray icon then reports OK status even if a component is in error status.
- New tab added for the rootkit findings in the scan results overview.
- System restore point is created before launching a program update.
- Added new option verifying the ADMIN Server connection in the program's advanced settings.
- Improved EML file processing including scanning of user mailboxes.
- RAM requirements optimization.
- Improved statistics of detected objects in Email Scanner and resident Shield.
- New design of the system tray pop-up window, and more information provided.
- To eliminate AVG collisions with OS, only minimum drivers are installed in safe mode; then it is possible to launch on-demand scanning from the command line only, and a new GUI dialog has been added to ease the scan configuration.
- Added option of restoring a file from the Virus Vault to the original folder even if the folder has been removed.
- Added option of deleting the Resident Shield and Email Scanner history.
- Improved stability and design of GUI.
- Improved GUI accessibility (using keyboard).
- Fixed problem of GUI compatibility with some screereaders, e.g. JAWS.

From what I can tell from this thread, the Beta is out for private testing, but not yet released. Maybe it will be coming by mid-to-end June. Maybe. Word is that beta testing wraps up June 16th so if no majors are found, maybe a bit after that?

The forum also had a post showing that the defs in the version they were using were finding false-positives on yet another good pc system security company’s product: Prevx.

Sigh…

Haven’t I heard a quote that goes something like “Hope Springs Eternal” ?

Oh, my bad…it’s just those crazy brain compounds at work.

I must carry a higher dose in my brain than most….

We will see.

The AVG Free version 8 train-wreck watch continues….

--Claus

Link Dump...Sweep your Sidewalk!

CC Photo Credit: by Choctopus on Flickr

Too many links to deal with. Posting for posterity or those who love to sift through dirt....

Microsoft Mania

The Windows Experience Blog : Windows Search 4.0 Released to Web

Windows Search 4.0 - Microsoft

Windows Search 4.0 Now Available - Josh's Windows Weblog - Windows Connected

Yep. Downloaded it on my XP Pro system at work. Operates wonderfully. Yes I could search my emails via Outlook's "Find/Advanced Find" and my system via the "F3" key but Windows Search really provides a unified way of managing to find the piles of information on my system. Took almost a full day to build the index, but once built, it self-updates on the fly. Definitely worth looking into if you are dealing with a flood of information and files on your system.

Netmon 3.2 Beta Begins - Josh's Windows Weblog - Windows Connected

Network Monitor : Network Monitor 3.2 Beta has released!!!

Network Monitor : Santa’s Bag was Full

Lots of new features have been added. Check out the hops.

Windows Installer 4.5 is available - Josh's Windows Weblog - Windows Connected

Windows Installer 4.5 - Microsoft KB942288.

Do you need it? Probably not until Automatic Updates tosses it to you to catch, but if you want to live on the cutting edge, go get-it.

Are Windows Vista icons facing the wrong way? - istartedsomething

Hadn't even noticed this and now that Long Zheng points it out it will bother me to no end. Great. Why the switch from the "correctly oriented" drafts? Seems Microsoft thought that they would look funny otherwise as they appear in the Vista "start Orb" menu when mousing over items. Hmmm.

Fixing Windows Vista, Part 5: Faster, smarter search - Ed Bott's Microsoft Report @ ZDNet

Lots of great tips for dealing with searching on Vista...includes installing the aforementioned Windows Search application.

10 top tweaks for Windows Vista - Ed Bott's Microsoft Report @ ZDNet

Lots of great common-sense tips for both new Vista users and those who are now dedicated fans.

Windows Incident Response Blog

Lots of great information flowing this week from Harlan Carvey.

RegRipper Plugin Updates - teases on new helpful plugins.

Portable Devices on Vista - very useful information to show what removable devices have been attached to a Vista system and when.

NTFS Alternate Data Streams - great background on using internal tools to Vista to look for ADS, along with great supporting links for more information.

Memory Collection and Analysis - Harlan shares some new tools for memory dumping and parsing off a system, including a free tool, mdd (Memory DD).

MDD was designed specifically to harvest a physical memory image from a running system. The software can copy up to 4 GB of memory to a file for later analysis. In this regard, MDD was built to harvest data that could be analyzed by another tool or software program to identify root kits and other malicious code residing undetectable on a system. - ManTech International Corporation product description.

Firefox Growing Pains

Firefox 3.1 (Shiretoko) planned features draft - Mozilla Links. It is probably right around the corner when we will be seeing the final release of Firefox 3.0. So what next? New project is to be called "Shiretoko" after the Japanese national park. Planned are a visual tab-switching feature and visual thumbnail version of list all tabs. Places might get some more improvements and some code handling refinements.

The great Google Browser Sync Extension for Firefox has been abandoned for Firefox 3.

Google Ditches Browser Sync Extension for Firefox 3 - Cybernet News

Google discontinues Google Browser Sync - Download Squad

I loved it for a long time with Firefox 2.0 but eventually gave up and started back making a backup of my JSON file and just copying it manually between my systems.

Foxmarks is compatible with Firefox 3.0 now so that is a very popular option.

Also according to Mozilla Lab's Weave Status Update, a major update will be issued by June 20th. This project looks to provide some awesome Firefox 3.0 bookmark (and more?) syncing between systems.

I plan on adopting this one (at least on a trial basis) when it comes out.

Keep the faith, Younglings and Padawans.....the fox of fire is still with us!

--Claus

The Jawbone’s connected to…

myJawbone

I’ve been slightly frustrated with my Blackberry and Samsung cell phones of late. Lots more time on the road and trying to use them.

I never got a headset for my personal Samsung phone so in the car I’ve taken to clipping it to my seatbelt about shoulder high and using the speaker-phone. Works but is a bit awkward.

The Blackberry came with a corded Jabra C250 set. It has very good sound-quality but I keep getting tangled up in it in the car with my standard-shift. And, the cord just doesn’t work full time when I am in the field in a mess of wires or under a desk. Compounding my problems is that while the device is comfortable, the behind the ear wire is very thick and doesn’t work well when I am wearing my glasses (and especially the larger sunglasses I have). Usually within about ten minutes one or the other is falling off my head when used together.

So Saturday I walked out of the local AT&T store with a new Jawbone Bluetooth unit. As this was my first Bluetooth device I wasn’t completely sure what to expect.

I had consulted with the sales guy and it was one of three he recommended based on my desire for some noise-cancellation features. The others were a Jabra BT8040 and a Motorola PURE H12.

I went with the Jawbone not only for styling, but it seemed to be the one I recalled was highest rated in previous readings I had done.

It seems to have been a good decision.

I found that it came with a large selection of ear-loop pieces and inner-ear donuts to ensure a very nice fit. I went with the standard ear donut and the extra-large ear-loop. Some users say they don’t even use that as the ear-fit is so good. The nice leather loop I am using now works great with my glasses, but I might change to the wire-loop instead as it is a bit thinner and less likely to cause my wider sunglasses to fit less than ideal. The ear-donut fit is perfect. It fits comfortably but doesn’t seal off all the outside sound like an ear-plug so I still have pretty normal hearing sensitivity when it is not in use.

Sound quality is excellent and though the design takes a bit getting used to remembering all the secret taps that must be done to accept/place/reject/turn-on/turn-off the device, I think I will have them all down in a week. It comes with a USB/AC combo charger and little magnets must be in one of the devices as it snaps firmly into place on the charger.

Since I carry both the Blackberry and my personal Samsung phone at almost all times, I’m still not sure which one I should go with long-term.

For starters I quickly got Bluetooth enabled on my Samsung phone and in less than two minutes had it up and going perfectly.

I only wish I could pair the single headset with both of my devices. That would be perfect. Unfortunately, I don’t think I can do that.

If anyone knows for sure how I could, I would appreciate the advice.

During the workday I tend to get/place most of my wireless calls on the Blackberry. On the weekends it is my Samsung. I guess I could just swap out the pairing on that schedule manually but it is a bit of a drag. And I really don’t want to be nerdy and get a second one to place in the other ear.

Update: Seems that according to Jawbone's Support pages, you can! Updated - I have a question about dual pairing - Answer ID 57. It looks like this setup is called "dual pairing." Gotta get cracking on this! Hurrah if it works! I'll update again if I get it working as intended...

Update 2: Yep works...kinda. I did get dual paring set up on the Samsung a727 and the Blackberry 8300 devices. However, it can only be connected (enabled) to one or the other at any given time. Good news is that once you do have your Jawbone device paired up this way, you can just select via the specific device's menu to deactivate the Jawbone connection. Then go to the other and activate it on that one. Not perfect but certainly doable in about a minute of phone device juggling.

One other good review: PC World's Techlog Aliph's New Jawbone Headset: Smaller and More Stylish

Nice find and I’m definitely glad I went this direction!

Jawbone (version 2). Highly recommended.

--Claus

Golden Finds this Week

I’m struggling to find a nice solution for a mini computing area in our living room.

Recall, we have two laptops and a desktop system. The desktop system is tucked away in our study with two great 21” LCD monitors. It remains my prime choice for blogging and household pc’ing as it the location is quiet. I can get going in there and be gone to the world for hours on end.

Which is the problem as the girls much prefer me to be sitting with them in the living room while they are watching TV or playing video games (as is occurring right now).

That leaves me with the laptop (the big Gateway one) as my fall-back. However for long blogging sessions, sitting on the couch with it set on my lap or on a TV-tray doesn’t really cut it. Mousing is awkward and attempting to blog with anything less than dual-monitors is frustrating.

So I’ve been looking for a nice Shaker-style 2/3 desk. Size-wise it would fit just perfect in the living room without taking up much space. A drop-leaf style would be preferred as it would give enough room for the laptop and 2nd LCD monitor to share. I would then have room for the wireless keyboard as well. Alas, we just don’t have room for the fuller-size desks that I have been seeing.

NirSoft New and Improved Toys

ProcessActivityView - (freeware) – Nice little new release from Nir Sofer. Run the utility then select which process you wish to monitor. It will then display all the files and folders the process accesses, along with keeping a running total for the types of access performed on those items by the process. I can see where this would be a great tool for monitoring and researching malware processes. Just think of it as a much more approachable little-sister version of Process Monitor.

RegFromApp - (freeware) – Another nifty new release from Nir Sofer. This gem will monitor the registry for changes made by a selected application and create a RegEdit file that contains all the registry changes it makes.

WirelessNetView v1.02 - (freeware) – This wireless activity detector got a minor update to indicate which of those networks found which doesn’t require a network key has the highest signal. Helpful when you just have too many choices to pick from!

Uninstalling Tricks

JavaRa - (freeware) – Tiny little app that checks for updates of Java installations and removes older vulnerable ones. Yes you can manually remove them using another uninstaller application or the ubiquitous Add/Remove Programs list, but this is pretty dandy. You can use it to both check for updates and remove older versions. Spotted via the back room tech blog. For a bit more info check out the Cleaning Up Old Java Installation Files in Windows post over at Raymond.cc blog.

Adobe, like Sun, likes to keep older versions of its products still installed when you upgrade to a new version. That might be fine for some, but could present security risks. You can manually delete the older Flash files you want, but back room tech Julie gives some good advice: Howto: Uninstall Adobe Flash Player from the command line « the back room tech. Download the Flash Player Uninstaller, close up browsers, run the uninstaller either as-is, or via the command-line with the /silent argument. Then go and get the latest version for each of your browsers at the Adobe Flash Player Download Center.

Want to rid a system of McAfee products? Use MCPR.exe (McAfee Consumer Products Removal tool). “Running the McAfee Consumer Product Removal tool (MCPR.exe) removes all 2005, 2006, 2007, and 2008 versions of McAfee consumer products.” The linked info page suggests you should first try to uninstall the McAfee products via the Add/Remove Programs list, then run this tool to do a cleanup. A demonstration video is also linked to from that page. Spotted via the back room tech blog.

While we are on it, want to get rid of all your Symantec/Norton applications? Nuke-em with the Norton Removal Tool. Click one of the product links to get to the download link or just click here.

Odds N Ends

Tiny Apps points us to DbxConv which will convert Outlook Express DBX email files to MBOX and EML format. Nice find! Could be helpful if you are attempting to migrate a user from Outlook Express to another email client.

RUBotted - (freeware) – is a product I mentioned at least once before in dealing with rootkits. If you are really freaked out about getting infected with a rootkit, it might be worth checking out as a preventative line of defense. If you suspect you are already hammered with one, you might check out these selections of Anti-Rootkit Tools. Spotted via RU Botted - Watches your System for bot-related Activities | MakeUseOf.com blog.

SpywareBlaster - (free for personal use) – got an update to version 4.1. I almost always download and install this application on home-user pc’s that I get the chance to work-on. Supports IE and Mozilla Firefox to prevent installation of third-party additions via site-block lists. It also can block spyware/tracking cookies from malicious websites as well. One important point is to remind folks to periodically check for updates then re-immunize their system after the updates are in place.

--Claus

To the Moon, to the Opera, to the battlements!

To the Moon

We are watching Discovery Channel’s “When We Left Earth” series right now. It is really captivating. The narration isn’t too bad (bit over-dramatic) and the soundtrack really is heavy and somber.

But the footage is spectacular. Lots of neat images and clips. Alvis grew up with the Shuttle and the concept of watching the rockets launch with the capsules on top is just amazing to her. So it is a great history lesson, especially the failures…something we are still a bit isolated from, despite the Shuttle losses.

To the Opera

Yikes!

Opera is really polishing up their browser!

Opera 9.5 Gets a New Default Theme – CyberNet News.

I downloaded the latest “snapshot” version for Windows and it really has knocked my socks off. It looks wicked-pretty, is rocket-fast, and is very similar to Firefox with the tabs.

I do wish the toolbars could be rearranged.

I had exported my Firefox 3.0 bookmarks as a HTML file and it imported them no-sweat.

It is really clear the Opera team has been working hard on the UI.

How hard?

First read this post by the Opera Desktop Team: Looking Sharp. It points out the design work in the latest beta release. It was done on June 5th.

Then on June 6th they released a new “snapshot” and post: Turtle Wax making fine-tuning based on the comments from that first post.

Wow.

I’m loving it. If you haven’t tried Opera in a while, it’s worth the time to check it out.

(Warning: cutting-edge beta software lurks below!)

Download Opera 9.5 Beta “Snapshot” version below
Windows
Windows Classic
Macintosh
UNIX

No, I’m not swapping for Firefox, but Opera will surge to 2nd place behind Firefox on my systems as my alternative browser of choice. IE still quite far behind even Apple – Safari for Windows, and that’s pretty sad.

If you are looking for a bit less “cutting-edge” Opera, but still Opera 9.5 beta, try this one: Opera 9.5 beta 2

One other thing you will notice in these versions is that Opera is joining Firefox 3.0 in the malicious-link filtering protection game.

Opera Partners with Haute Secure for Malware Protection - CyberNet News

For more details, look at this Opera Desktop Team post: Malware protection.

Short-post made shorter, Opera has teamed up with Haute Secure to allow the option to enable "Fraud Protection" in the browser. If you are surfing using Opera with this feature enabled, then like Firefox you will get a warning page alert if you land on a potentially hostile link. Unlike my last experience with Firefox's protection, Opera does offer a tiny link for you to progress on to the site, if you feel you must.

I didn't see any indication they would be providing more details via a link-jump from that warning page on what the danger is or why the site got the rating. Fortunately, it looks like the Firefox team is tweaking their malware-link protection pages to make them more information-friendly: Small Steps by Google...Big Help in Firefox 3

Spybot Search & Destroy 1.6 Beta: Much Faster!

A tiny announcement posted in the Spybot Forums brings exciting news:

Scanning a bit faster... first beta of 1.6 available!

Eight years ago, Spybot-S&D originally started off as a very fast anti-spyware scanner, detecting some 30 small things, and you could watch it finish in under a minute.
Today, a full scan applies more than 600,000 tests, and you can watch that number grow weekly on our update list. Handling such numbers obviously is quite a bit different, and while we've tried to adjust to that with each version, a full scan might still take half an hour currently. Since this was one big major complaint issue, we decided to integrate parts of the new file scanner designed for a future 2.0 release and optimized for modern malware fighting, and got you a major push in speed now - that same scan will now take five to six minutes only, being about five times as fast as 1.5 was!
If you want to enjoy that speed and know a bit about beta testing, head over to our beta forums and get the first beta! If you prefer to wait for a thorougly tested public release, we hope to get around to that quite soon.
Oh, and one more thing... there's more up for 1.6: a second big issue we hear often will be addressed, so stay tuned!

Turns out in my tests on both XP and Vista, it is much faster indeed.

If you are curious, get the download safely from this direct-from-developer link:Spybot-S&D 1.6, beta 1 - Safer Networking Forums

Also of teasing note in that second forum post:

Q: When will you release a final version of 1.6?
A: U.S. Independence Day (4th of July) would be nice. Provided that there's enough feedback and no bigger problems appearing.

Q: How did you make it faster?
A: As you may have read on the news page, we've integrated parts of the new file scanner engine designed for Spybot-S&D 2.0, which was rewritten to take many aspects of modern malware fighting into account - those include the fast growing size of the database, the variety of malware and a few other aspects.

So it looks like in about another month, there will be a pretty nice update to the current Spybot and work is ongoing for what tantalizingly may be a pretty well re-made Version 2.0 of Spybot Search & Destroy.

A Fresh Java Bean

Yep. I have the latest Java version installed on all my systems.

I also have installed the very latest bleeding edge versions of Java: Java SE 6 Update 10 Early Access Program!

News is out that a new release (b25) is out.

SDN Program News - Java SE 6u10-b25 is now available

Find the Summary of Changes here.

Download if you dare! It will co-exist with the latest (normal) release version pretty well, and when the next version of these u10-bx versions come out, you can install it on top of the current one and unlike the other Java editions, it will update the version in place, instead of placing yet another new version alongside the existing one.

I started trying it out as I was curious to see what difference it made after reading this post by Percy Cabello: A better Java for Firefox 3 : Mozilla Links and items # 21-26 in this Java FAQ.

Other Benefits of the u10-bx builds?

Overview

Java SE 6 Update 10 (formerly known as 6uN) is an update release that introduces new features and enhancements aimed at providing an optimized consumer end user experience. Java SE 6 Update 10 focuses on the following areas:

Enhanced JRE installation experience

The Deployment Toolkit takes the guess work out of determining what versions of the JRE end users have installed on their PC. It supplies Java based web applet/application deployers with a simple interface to accomplish Java detection and installation.
The Kernel online installer lets first time Java users run applets and Web Start applications without waiting for the whole JRE download. The default Kernel installation is expected to satisfy the requirements of most Java applets and applications, and any additional libraries that may be required at runtime are downloaded to complete the Kernel installation. This installation mechanism let the end user get up and running significantly faster, while the complete JRE installation takes place in the background. See Java Kernel FAQ for more information.
For current users of Java SE, the JRE update mechanism has also been improved, using a patch-in-place mechanism that translates in a faster and more reliable update process (the patch in place mechanism will take effect for end users who upgrade from this update release or later to a new update release). As an added benefit, follow-on update releases will no longer be listed as separate items in the Windows "Add or Remove Programs" dialog.

Improved performance and look & feel

The Quick Starter feature will prefetch portions of the JRE into memory, substantially decreasing the average JRE cold start-up time (the time that it takes to launch a Java application for the first time after a fresh reboot of a PC).
Hardware acceleration support: Java SE 6 Update 10 introduces a fully hardware accelerated graphics pipeline based on the Microsoft Direct3D 9 API, translating into improved rendering of Swing applications which rely on translucency, gradients, arbitrary transformations, and other more advanced 2D operations.
A new cross-platform Swing look & feel, code name Nimbus, provides a nice update over 'Metal' and 'Ocean'.

Next-Generation Java Plug-In
A new implementation of the Java Plug-In that is designed to address long-standing issues with applets, and which features improved reliability, the ability to specify large heap sizes, the ability to select a specific JRE version to execute a particular applet, improved Java/JavaScript interoperability, and better support for signed applets on Windows Vista.
Unify Browser and Desktop Experience
The new draggable feature in Applet unifies user's browser and desktop experience - The New Plug-In allows you to drag an Applet off from a browser to your desktop and allows your Applet continues to run. In addition to dragging an Applet off from a browser, when user closes the a shortcut can also be created from this draggable Applet. The shortcut utilizes Java Web Start technology and allow user to launch the Applet with Java Web Start without opening a web browser. Thus, this feature unifies desktop application deployment via Java Web Start technology, and Applet deployment inside the browser.
New Version Download and Pack200 Support
Since 6u10-b13, we introduce new Java system properties to support the usage of version download and Pack200 without any server side requirements. This addresses the issue that is raised in RFE 6378311.

Cheers!

--Claus

Firefox Feed Readers, home system support, and getting used to a new BBQ pit.

I’ve spent most of the weekend doing pc support on my free time.

First, Firefox…

Saturday was consumed with rebuilding my Firefox 3.0 (Minefield) profile on our Vista system. Something happened and I was finding it difficult, nay, impossible to get add-on’s to install.

So since I had recently made an updated Firefox Extension List I just had to export my bookmarks as a JSON file backup and export my Newsfox RSS feeds as an OMPL file.

I uninstalled Firefox, deleted all my user profiles, and started from scratch.

One thing on Vista I did different this time was to install it using the “Run as administrator” feature to kick-off the installer. I don’t know why but it seemed to help quite a lot.

Took me a good two to three hours to get it re-tweaked and all the add-ons loaded up. But it is running much, much better again.

I used to be a big fan for the Firefox RSS reader add-on Sage. It worked great, was fast, and pretty easy to use. Unfortunately it wasn’t compatible in the lease with Firefox 3.0. So I ended up dropping it and migrating to NewsFox. I soon became a NewsFox evangelist of sorts.

Over last week the NewsFox developers released version 1.0.1. It is mighty fine.

Then I saw that other fans of Sage took up the project and have just released Sage-Too. This version is Firefox 3.0 compatible. I loaded it up and tried it for a while, but it appears that I’ve been using NewsFox for too long as I just couldn’t get used to the feed-management format. However, if you are a Sage fan and looking to migrating to Firefox 3.0, then you do need to look at Sage-Too.

Wrestling with Lavie’s Laptop…

I then spent most of the rest of the weekend tracing down some problems with Lavie’s Compaq laptop running XP Home (SP3). For some reason it had gotten really, really slow after logon to the desktops.

Multiple scans for malware/junk came up empty. Yes, AVG-8 is running on it, but I tweaked it out and it didn’t seem to be the problem. I dumped temp files, raided the auto-runs like pirates all over a Spanish galleon. In the end the problem appears to be related to ThreatFire. I’m just not fully sure why and how yet.

I could get to the desktops just fine and even start clicking around. However, after about a minute, the applications would stop responding, I couldn’t start applications, and I couldn’t close windows.

Process Explorer didn’t show anything eating up too much CPU % or memory consumption. Yet something was bogging it down.

I finally noticed that I couldn’t get the ThreatFire system-tray icon to respond, although all the others did. Then came the big tip, I finally caught it coming up after a reboot, acting normal, then dropping into an “initializing” mode after-which the system seemed to hang up. No amount of time seemed to free it up. Curious.

I tried uninstalling it but it would hang-up on the uninstall process and not complete.

When I had rebooted and removed all the auto-run elements (AutoRuns) and re-rebooted, the laptop behaved wonderfully. When I reinstalled it, same problem. After multiple attempts I was finally able to get it installed, then a clean and full uninstall.

So for now I have left it off Lavie’s laptop. I still have ThreatFire installed on our XP desktop system and our Vista system with no issues at all. That leaves me wondering if I have some kind of driver conflict going on between it and something individual to Lavie’s laptop. Pretty sure that is the case.

So I’ve got more troubleshooting to complete on it, but I’ve run out of time this weekend.

A New Pit

Lavie had a “significant” birthday this past week. Her only request for a party was a big cook-out up at her parent’s house. So last Saturday we went out and picked out a new grill. I used to do a lot of grilling, but after the last one died a slow, rusty death, I never got around to replacing it.

We picked out a nice Weber One-Touch Silver 22.5” model. It was the biggest one I could find that I could get into our Saturn Ion without having to pull out the seats. Just fit with the legs taken off.

Been a long time and this was a new grill so I ended up using too much charcoal. The first round of burgers cooked in about three minutes. The second batch fared better as I then shoved most of the coals to one side and cooked the brats, burgers and hot-dogs using more indirect heat.

It will take me a bit more time and practice to find the sweet-spot in the amount of coals to cooking to be done. But it was a good start and I really think I am going to like this one. I even bought a cover for it to keep it from rusting out.

The party was a success. Lots of food and good company.

Later Pop asked me to take a look at his Dell pc as his scanner wasn’t working. Turns out the scanning light had died. The scanner was still trying to send commands to the pc, but it couldn’t spool up the light and motor. So he is going to be shopping for a new one in the coming months.

However, I ended up spending another good two hours getting his system fully patched and updated. The major work was done in tandem with the Secunia Software Inspector. Windows updates were fine, but there were a lot of program updates to run.

He was using AVG Free version 7.5, but tried to do the update to version 8 on his own and ended up (somehow) buying the full AVG Internet Security suite instead. So I had to uninstall his existing firewall (which hadn’t been uninstalled leaving him with two at the same time). I also re-ran the setup installer for AVG to remove the LinkScanner/SurfShield components. That really speeded things up. I did find it “neat” that he later got a physical AVG disk in the mail post-order. Nice touch.

When I left his system was much more snappy and fully patched and updated.

--Claus

Windows Live Writer Technical Preview Released

Just a quick post.

The Windows Live team has announced availability of a “Technical Preview” of the next version of Windows Live Writer.

Writer Zone: Technical Preview: Now Available for Download

New Features

You’ll also get an early look at some improvements and new features we’ve been working on:
Video and Image Publishing Enhancements

Upload videos to Soapbox
Image cropping and tilting
Additional border styles
Support for LightBox and other image previewing effects (like Slimbox, Smoothbox, and others)
Support for centering images

Editing Enhancements

Auto Linking
Smart quotes/typographic characters
Word count

UI Improvements

Revised main toolbar
Tabs for view switching
Improved category control with search/filtering

I’ve downloaded and installed it on our Vista system. The biggest things I noticed up front:

At the bottom of the composition area now has three tabs; Edit, Preview, and Source

Clicking each one provides a view of the blog post in “normal” view, as it would look when posted in the blog theme code, and finally the source-code.

I really like this as it is much more intuitive and quick to access than the previous drop-down lists accessed via the toolbar.

I also noticed there is a “set to publish” widget in the bottom-right corner. Clicking here allows you to view a pop-up calendar to pick a future publishing date. Pretty handy!

I haven’t had a chance to play with the image editing enhancements yet. Look like they might be handy. I do most of my image editing in another program. I do like the extra support for image centering. The Image Border selections are expanded and pretty cool. I like the number of new options and effects. Should make image tweaking a lot more useful.

Alas, still missing in action is the ability to customize the toolbar, nor do I see the ability to add a font-color picker/formatter icon to the toolbar, still would like to insert special characters like (TM). I see that typographical character editing is offered, but darn if I can figure out where it is.

In addition, it seems the Software Developer’s Kit (SDK) for Windows Live Writer got some updates as well.

A few more details can be gleaned from this post:

Writer DevZone: Technical Preview: Now Available for Download

The biggest changes are the additions of two new plugin types: publish notification hooks and header/footer content sources. Publish notification hook plugins allow you to execute code before and after Writer posts content to a weblog. They can examine the contents of the post and have the option to cancel the publish operation. Header/footer source plugins insert headers or footers during publishing. Headers and footers are not directly editable by Writer users and do not appear in Writer’s editing views, but are visible in the Preview view (and of course, on the published blog post).
In the SDK Technical Preview you’ll find the following:

New SDK Features.doc – Detailed descriptions of the new plugin types. (Start here!)
SDK Reference.chm – Reference documentation for the entire Windows Live Writer API.
Samples – Source and binaries for two sample plugins:

Twitter Notify – Prompts you to make a Twitter status update after publishing a post
DiggThis – Automatically adds a DiggThis button or badge to each post

Known Issues

In our final testing of the Plugin SDK Technical Preview, we found a few issues we’d like to make you aware of.

The “SDK Reference.chm” contents may not load, due to security restrictions in Windows. If this happens to you, follow the instructions in “SDK Reference README.txt” to unblock the file.
For header/footer sources, returning null from GeneratePreviewHtml or GeneratePublishHtml will cause an error in Writer. Return the empty string instead.
According to the “New SDK Features.doc”, content source plugins can now read the title, body, and other properties from the active blog post. In this release, support for this scenario is incomplete.

Seems pretty stable and worth checking out. If you don’t like it you can always uninstall and download the current release version.

Windows Live Writer – Technical Release download.

Update: As I mentioned, I had installed this version in Vista. Upon publishing this post and publishing it I closed out WLW and was met with the following error:

“This program requires a missing Windows component”

The error actually described nicely what was missing there at the bottom:

“This program requires flash.ocx, which is no longer included in this version of Windows.”

I clicked the “Check for solutions online” button anyway and got the larger window shown behind.

I downloaded and installed the latest Flash version for Internet Explorer (the Firefox version was already present on our system).

Not sure why/what Flash is used for here in WLW, but it was a quick fix. Maybe it is a plugin/compatibility thing to allow it to handle YouTube and other Flash-based media inside the WLW editing/preview views.

--Claus

Late Night Linkfest

It's almost midnight and I feel compelled to get one last post in.

I've had to sacrifice a mongo-post regarding Microsoft and a bunch of cool stuff for sysadmins found in a Saturday foray into the depths of Microsoft Sysinternals to bring this to you.

If I get home decently tomorrow, I might try to string that one together. If not, it might be mid-week.

I promise it has some good stuff.

Anyway. Here is some lighter-fare for you late-night snackers.

Enjoy!

Microsoft Outlook Utilities and Add-ons - TechHit.com. A week or so ago I wondered if anyone knew of any Outlook tricks to remove attachments and append the attachment name to the message so I could link associate them logically. Gary Berg left a tip and it turns out there is: EZDetach - Save Attachments. Not "free" but it does offer a 30-day trial period.

Blue Onion Software - Desk Drive - (freeware) - Add shortcuts on your desktop automatically when inserting drives or media with Desk Drive. Really a clever and handy application. When installed and running, if you place a USB stick in your system, this proggie will add an icon to your desktop by drive-letter assigned to allow you quick-access to the device. I'm really loving this one! For more reviews stop by these posts: Elite Freeware and Freewaregenius. Tip: I had to set the A:\ to the custom "exclude drive" list to keep it from being constantly polled and accessed on my desktop system.

USB Disk Ejector - (freeware) - Quick And Easy Software. Nothing very earth shattering here. Yes you can right-click the system-tray icon and accomplish the same thing. But it does provide a nice GUI interface to quickly understand and select the correct USB device to eject. Sometimes when I am in a hurry, I find I accidentally eject the wrong device. Me Likey! Detailed review here by Samer at the Freewaregenius blog.

USB Safely Remove - (trialware) - I usually don't recommend trialware. This one is an exception. Very similar on the surface to USB Disk Ejector, it provides awesome visual feedback to help you know which device you want to eject. However, it also can give you detailed technical feedback on why Windows doesn't want to eject a device. Lifetime license just $20. Not a bad deal.

Auslogics Disk Defrag - (freeware) - got an update to version 1.4.15.306. Change log here.

xpy - (freeware) - WIndows XP micro-tweaker got an update. Yep, see the changelog. Don't forget its new cousin for Vista tweaking: Vispa.

IE HistoryView - (freeware) - This NirSoft tool got some minor updates. Great for auditing Internet Explorer history files from USB.

CleanAfterMe - (freeware) - Brand new and incredible NirSoft tool. Nir Sofer describes it thusly: "CleanAfterMe allows you to easily clean files and Registry entries that are automatically created by the Windows operating system during your regular computer work. With CleanAfterMe, you can clean the cookies/history/cache/passwords of Internet Explorer, the 'Recent' folder, the Registry entries that record the last opened files, the temporary folder of Windows, the event logs, the Recycle Bin, and more." It's almost like a single-file version of CCleaner (but not quite as powerful). It does cover all the usual bases, however. AND, it looks like Nir is going down a new refined GUI format. The design is still plain and simple, but the fonts and windowing is much more "XP'ish" than his usual "Windows Classic" styling. I know that form properly follows function when it comes to Nir's applications. I'm sure that's what makes the so small and light, but it was very pleasing to see this new style in a NirSoft utility.

Karen's Replicator - (freeware) - Nice tool updated in April to do backups. I personally prefer and use Dimio's Tools awesome DSynchronize. It is tiny, fast, and portable. It handles all my home system/laptop syncing needs.

NexusFont 2 RC3 - (freeware) - My one and only tool for Windows font management and pre-viewing just got better. I don't think there is any faster and easier to use tool to catalog, sample-print and view the fonts installed on a Windows system. It is easily made "portable" to run on a USB stick. I have a great deal of fonts on all my systems, and picking just the right one from a little drop-down field in Office just bites. This satisfies my font-management hunger!

Scrabulous - (Java Web Game) - I've had mixed luck with Scrabble. We have fun playing it at home, and even have an old game with real wood tiles and tile-rests. However, most of our words are four to six-letter affairs. We usually get jammed up with at least 1/2 the board still vacant of tiles. This web-version allows you to play solitare versions, against an AI robot, or more advanced "group" games with other real persons (sign-up required). The Java app is very fast and runs great. The board layout is perfect and the colors and interface are very fun to use. Spotted via CyberNet News.

Ophcrack v3.0 -(Freeware) - OpenSource solution to recover XP or Vista user profile passwords. It is a rockin-clever program. Just updated to version 3.0 with better performance. Time depends on complexity of the password. It can't help you on Windows system drives that have been encrypted with BitLocker or TrueCrypt (or similar applications). But if the drive is not encrypted, there is a good chance that this might work.

Why am I sharing a "hacking" tool that could circumvent security? Well, because most anyone who would be doing this anyway probably knows about it anyway from the Web, and there are often times when a system administrator or forensic examiner needs access to the user's profile that has been passworded, but might not want to blank it out using a tool like the also awesome Offline NT Password & Registry Editor LiveCD. Download the application proper or get the LiveCD ISO files for XP or Vista systems. Don't let the 2.0 designation on these ISO's fool you. Its got the version 3.0 Ophcrack on them. They just follow a different version scheme than the main program.

Do they work?

See for yourself and be the judge. I've used them without complaint.

Just use them responsibly and on systems that you have the authority to do so on.

Time for bed, little mouse little mouse....

--Claus

Something about a toolbar...

Fortunately, Grisoft is in good company when it comes to angering its fans by introducing a toolbar in its product.

Turns out the highly-regarded freeware firewall Comodo Pro v 3.0 is also joining ranks of other products by including an optional ASK toolbar as part of the installation options.

Comodo Firewall and ASK Toolbar - Comodo Forums

Want more links?

Calendar of Updates stops posting updates of Comodo Firewall Pro - Donna's Security Flash
Avira antivirus will detect infection while installing Comodo Firewall Pro - Donna's Security Flash
Adware companies should laugh at these 3 security vendors - Donna's Security Flash
Comodo Firewall 3.0.23.364 - Calendar Of Updates
Products with Ask Toolbar - Calendar Of Updates
Bad Advice from Comodo and Loss of Trust - Security Garden
I'm not condemning Comodo Firewall Pro but we, users do NOT support questionable toolbars - Donna's Security Flash

Sigh.

Yet again I find myself torn in the chasm between a wonderful, free, and powerful security product, and the backlash of a company's decision to bundle a toolbar with a penchant for generating alerts in many anti-virus/anti-malware programs.

No, (most) toolbars aren't inherently 3vil. However, many of the sysadmins and other kind folks who slog around day in and day out in the underworlds of IT security know that there are a LOT of bad or bothersome ones out there and we all (myself included) have a tendency to chuck out that baby with its bath-water.

Bill Speaks (the other Bill)

Before anyone is so quick to take sides, lets pause and reconsider this post by WinPatrol master and commander, Bill Pytlovany.

Bits from Bill: Would you like Toolbar with your Software Order?

The sales pitch to include a toolbar with WinPatrol was compelling. I’m told that the my reputation wouldn’t be affected and I would be providing my customers with a service by including the free toolbar. All the companies currently installing the toolbar are very happy. He even leaked the news that another well known Anti-Spyware vendor would be announcing their own deal soon.
I crunched the numbers and sure enough the revenue I could receive by including the toolbar would be huge. My overhead is low and the free version of WinPatrol has many thousand downloads even on the slowest day. If I chose to include the Ask.com tool bar I could probably retire comfortably by the end of the year.
Unfortunately, a number of people think I’m a really, good guy and I respect their opinion. For the last ten years WinPatrol has had a flawless reputation. I know myself, I really hate companies that install additional software that I didn’t ask for. It’s not only rude, it’s just wrong.

Bill gets it.

I wish the heads that mattered at other security software companies would as well.

More on the Ask Toolbar

Want to know why in particular the Ask Toolbar in particular generates such loathing?

Read on for a survey of the Web mood.

Bits from Bill: Who is behind StopBadware.Org?
IAC - Home of Ask.com. Behold the conglomeration it is! Can you say "Borg"?
Ask Toolbar - Meet the "enemy" on its own home turf.
Edelman on ‘Deceptive Door Openers’ and Ask toolbars - Spyware Confidential | ZDNet.com
Current Practices of IAC/Ask Toolbars - Ben Edelman's website. Last updated October 2006.

Claus's Position

From what I have experienced, if you already have Comodo Firewall Pro 3.0 installed and do updates of Comodo, you don't get offered the toolbar. It doesn't install on your system.

Good enough.

If you are doing a fresh install of Comodo Firewall Pro 3.0, you are offered the chance to install the Ask Toolbar. You can accept or decline at your whim or happen-chance.

Like AVG Free version 8, I'm happily keeping Comodo Firewall Pro 3.0 on my systems at home. I will continue to recommend it to others. I will just tell them that I personally don't find any value in the Ask Toolbar and will encourage them to take a pass on installing in into their systems as well.

It's a free-world, baby.

--Claus

More Perspectives and Tips on AVG Free version 8

In my last post in the ongoing saga regarding coming to terms with AVG Free version 8, I made some speculations on why Grisoft had managed to create such a disconnect between what was a beloved anti-virus product and the fans who had evangelized for it.

Now a phrase along the lines of "...biting the hand that feeds it..." comes to mind.

Cue the Violins

I think this will be the fifth post in what has become quite a popular theme here on this humble blog:

Thoughts on the AVG 8.0 "Toolbar" Francaise... - First sign of the things that would come.
AVG Free Version 8.0 Released...First Thoughts and Complaints - Looked good, but a bit messy.
Taming AVG Free version 8 - By now I had it down pretty well.
Simple thoughts on AVG Free v8 - And now I turned to the larger issues with AVG and Grisoft.

Karel Obluk from Grisoft stopped by and graciously took the time to make some comments...one positive in the hopes that an "upcoming serivice pack 1 will help solve all the issues discussed here and in the previous post." One a bit more off the mark in suggesting that I don't get the value and need for the new AVG "Linkscanner" technology.

Here was my response:

Karel,

Thank you for taking the time to stop by and leave a comment.

It's nice to hear confirmation that Grisoft is working hard to fine-tune AVG. I (and many others) know it will be a work in progress. It would be nice if Grisoft had a blog where they post development updates and news/tips regarding AVG v8 ($/free). I think everyone would find this deeply beneficial. If your company already has such a blog-page, could you share the weblink?

I get the Linkscanner feature.

Your FAQ also does a great job summarizing it: AVG Free FAQ's #1338 I had previously posted a link to it in one of my posts.

Yes, Roger Thompson's blog (and many others like it) point out the hazards that lurk behind many innoculous-appearing web-links. It takes a second to click but hours to clean and recover a system after a bad jump. Many (but not all) geekier-minded security folks already are cautious and security minded with link-hopping. However, as I have said before in my posts, a great many home-users are not so sophisticated and would find great-benefit in the LinkScanner feature of AVG v8.

The biggest hurdle for the rest of us is convincing us 100% that web-surfing performance is not impacted at between using/not using LinkScanner. And that AVG isn't doing any "data-collection" based on those checks...regardless if it is anonymous or not. Current discussion and comments from "power-users" is that they don't want to see a tool-bar, that LinkScanner feature does take a toll on system and web-surfing performance, and that for many folks, it is more of a burden than help.

Please bear in mind, that many users of AVG Free are running your product on older systems that have much more sparse resources (CPU/RAM/HDD space) than more modern pc systems bring. That is one of the very reasons they love and have turned to AVG is that it runs so very well on these older systems. As AVG version 8 adds more features and performs more functions those are bring a noticable impact to their beloved (and outdated) systems. They see and feel the difference and this leaves a poor taste in their mouth. Some even feel "betrayed".

It would be REALLY nice if the AVG installer provided a number of installation options for the user to select:

Minimal: For older laptops/workstations with minimal resources--provides basic email and A/V protection only.

Regular: For moderate laptops/workstations that will provide email/malware/A/V protection.

Full: Complete AVG feature installation (email/malware/A/V/LinkScanner/SafeSearch/SafeScan.

Custom: Pick and choose element installation.

That alone would probably win back many of your AVG/Grisoft product fans.

Thanks Merna!

Then a comment was left by Merna that left me realizing just how much I had been posting about this singular product.

Merna had found such value in the posts, she shared them in the comments of Windows Secrets and to Ron Schenone.

AVG 8 Free Edition - Try A Different Download Site? ~ The Blade by Ron Schenone, MVP
AVG 8 - More Helpful Information ~ The Blade by Ron Schenone, MVP

My Google Analytics account is telling me that LOTS of folks are posting link-backs to these posts. I'm not pointing this out to toot my own horn, but to illustrate (again) just how many fans of AVG feel really, really put-out by the changes made in the latest AVG product. And what is crazy to me is that Grisoft didn't have to end up in this mess. I sincerely think their product is very, very, good. It's just a shame that it has been buried under a mess of stuff that requires a bunch of high-tech hoops to jump through to reclaim the performance and behavior we all love with AVG.

As Ron Schenone says, for some reason a few of us still feel compelled to keep toiling away both on our blogs and our desktops trying to tame AVG Free version 8 and spread hope that it can be made worthwhile again.

Claus Valca's No-Fuss "Clean AVG Install" method

Previously posted in the comments of this post, I responded to a newbie's request for help on how to upgrade or install AVG Free Version 8.

I don't know what is "best" but here is what I have done on EVERY system where I had AVG 7.5 free then upgraded to AVG 8 free (for Windows XP...Vista is very similar but stuff is named slightly differently):

Go to your Windows Control Panel and find the Add/Remove Programs icon. Select it.

Look through the list and find AVG Free A/V and select it and tell it to remove. (I always tell it to leave anything in the vault and save logs.)

Reboot when done.

Download (if you haven't already) the newest version of AVG Free v8 from Grisoft to your computer. Make a note where you saved it. (DO NOT try to run it directly from the web!)

When downloaded, copy the file to the root of your C: drive using Windows Explorer.

Once copied, right-click on the file and select "rename" Rename the file from something like "avg_free_stf_en_8_100a1295.exe" to "avgfree8.exe"

Close the window when done.

Go to Start and find "Run".

Type "CMD" and click "OK" you should see a black text box appear.

At the prompt (blinking cursor) type cd\ and press the enter key.

You should see c:\>

Type the following exactly (spaces and all) after the c:\> where the cursor is blinking: avgfree8.exe /REMOVE_FEATURE fea_AVG_SafeSurf /REMOVE_FEATURE fea_AVG_SafeSearch

After a moment the install wizard should run. You should be able to take the defaults and keep going. At some point you will get a prompt to set a default system-scan time. I usually set mine for about 30-min to 1 hour past when I usually turn my computer on just so the scans don't start when I am just getting started on my computer.

This should get you going with a new load of AVG Free 8 just fine WITHOUT the linkscanner stuff that everyone here is fussing about. It does have it's benefits if you are worried about going to websites that could damage your computer. If so and you want to put it on "fully" then follow the same steps to point 5 then just go ahead and double-click the setup file to run it and take the defaults. I still would "opt-out" of the Yahoo toolbar. You don't have to do that if you follow the full steps as outlined.

You don't have to make any "advanced" setting changes if you don't want to. My post outlined which ones I settled on. It is pretty good "out of the box" post-install.

I (and others) believe that while the linkscanner option is good in theory, its performance really hurts web surfing speed, especially for dial-up users and very slow machines.

Ron also suggests doing a disk-clean using CCleaner prior to install. Might help. As well as doing a scan for disk/file errors prior to install. That's always a good idea before installing software. I'm a 100% fan of doing a clean uninstall of AVG 7.5 and rebooting PRIOR to installing AVG 8. I don't like the "in-place" upgrade method; especially when it applies to security software.

Finally Ron recounts that some users are getting corrupted AVG 8 setup files and suggests trying different locations. If you don't want to get them direct from Grisoft (sometimes the server downloads seem slow) I would recommend trying a download from FileHippo as an alternative location.

Lastly, particular to Vista, it is recommended that before you put AVG Free 8 on a Vista machine that you first ensure all your security updates have been applied and the system rebooted. I know that sounds like an obvious tip, but it seems to behave better on updated Vista machines.

Also, when I installed AVG Free 8 on my Vista box I followed the steps outlined above, but I first "right-clicked" my command-line box and told it to run with elevated privileges "Run as administrator..." then typed the long command line listed. Even though my personal Vista profile account is an administrator-level one, my intuition told me I might want to run the setup program with "full" administrator rights for the installation.

Disable the AVG Free version 8 "Dropdown Notification"

One more post-installation tip. You will soon notice that a pop-down message appears every time you open the Security Console window in AVG Free version 8. You can't disable this "feature" from within AVG, but some clever folks have figured out how to stop it from appearing:

To get rid of the "Dropdown Notification" simply change 2 files in the C:\Program Files\AVG\AVG8 subfolder:

Rename the file "avgresf.dll" to something like "avgresf.dll.disabled"
Rename the file "avgmwdef_us.mht" to something like "avgmwdef_us.mht.disabled"

I just appended an extra ".disabled" extension to the existing one.

Works like a charm.

Fauna in the Forums

Looking for more AVG Free version 8 "wailing and gnashing of teeth?" (And a few good tips sprinkled in like salt in a wound?)

Head to the Forums

AVG 8 Free Better Than 7.5 After Tweaking - Broadband Reports
AVG 8 EXTREMELY slow? - Broadband Reports
I've ditched AVG 8 - Broadband Reports
AVG 8????? - dslreports.com (Nice screenshots of the AVG 7.5 expiration notifications!)
so avg free 8 is out, anyone tried? - Piriform forums.
AVG Free Forum - The official Grisoft forums for AVG Free (all versions)
AVG 8.0 Free Edition- The official Grisoft forums for AVG Free version 8 help and advice.
AVG 8.0 Free Edition - Installation Issues - The official Grisoft forums for AVG Free version 8 installation problems.

Have no fear, Claus Valca is still here on the trail of AVG Free version 8.

Hopefully the world is a better place because of it.

Cheers!

--Claus

Eye on the Architect Astronauts

My home RSS feed list is pretty varied.

I have the following categories: Tech, Software, Security, Fun, Blogs, Graphics, New Gear, Japan Blogs, Odds & Ends, and Vista. 106 separate site feeds in all.

Most of my daily tech life consists of following Windows based software and hardware. I really like those that deal with desktop issues and troubleshooting.

I've done some work that could be (at a stretch) considered programming. However, I am not a programmer.

Last real programming language I worked in was BASIC in high-school when my crowning achievement was programming a visual display on an Apple II to draw a faucet, fill the screen with water, then have a little toy boat float across horizontally.

Whee!

That said, I make it a point to subscribe to a few RSS feeds of real programmers. I think it helps provide me a better perspective on supporting software and systems.

So I was reading with curiosity the following post by programmer and cool guy Scott Hanselman:

Professionalism, Programming, and Punditry and Success as a Metric

In it he dropped a new phrase to me: architecture astronomy.

Once years ago when working at a large NW Bank I was in a meeting with a young man who had been hired by a consulting company and had only worked at that one company. He was a "college hire" and had no experience other than "whiteboarding for money." I really don't like to get into measuring contests but I was weak in this instance. I took the bait and said "well, I like to use success as my metric, what have you shipped lately?" It was a nasty room-quieting thing to say and I'm not proud of it. But, I was really frustrated and I didn't know what it was going to take to get it across to this gentleman that we were more interested in shipping software than his brand of architecture astronomy. If you're in college, definitely ship some software or work on some open source applications to get some really good failures under your belt, before you enter the workforce.

So I hopped the links and ended up on Joel Spolsky's awesome blog: Joel on Software.

Turns out Joel has a lot to say about about architecture astronauts.

Don't Let Architecture Astronauts Scare You - Joel on Software

Architecture astronauts take over - Joel on Software

Quoting from that first post:

When you go too far up, abstraction-wise, you run out of oxygen. Sometimes smart thinkers just don't know when to stop, and they create these absurd, all-encompassing, high-level pictures of the universe that are all good and fine, but don't actually mean anything at all.
These are the people I call Architecture Astronauts. It's very hard to get them to write code or design programs, because they won't stop thinking about Architecture. They're astronauts because they are above the oxygen level, I don't know how they're breathing. They tend to work for really big companies that can afford to have lots of unproductive people with really advanced degrees that don't contribute to the bottom line.

I found his discourse quite illuminating on the goings on regarding software product conceptionalization and the delivery of the actual product in a meaningful way to end-users.

Highly recommended reading for software jockeys and Web world analysts.

It was a neat inside-look at what looks like a messy situation.

Bonus Awesome Post by Joel

Martian Headsets - Joel on Software

A really well-crafted look at Web-standards and coding. Good stuff here.

Needless to say. Joel's blog has been added to my RSS feed list.

--Claus

More Firefox Goings-on

Few more neat things I want to highlight regarding Firefox.

I'm Fast Dialing!

I have been playing around with a new Add-on called Fast Dial.

It works just like Opera's Speed dial. I really am preferring it over the similar Speed Dial add-on for Firefox at the moment.

You can highly customize the number of preview panes from 1x1 to 10x10. Then you can set the size of each one, the maximum load time for each web-page pane, as well as how often you wish to refresh. Drag and drop works well to rearrange them. And to can set a custom field-color as well as the bars, fonts, and frames. It's very easy to make it look like the way you want. Even the window-pane corners are nicely rounded.

So I was working on seeing if I wanted to set this as my default view when I launch Firefox. I did so I set Fast Dial to open on all default tab/window actions. Then I set Firefox to show a blank page at startup. Voilla! Now my 3x4 preview web-pages in Fast Dial appear at launch.

However this is not my "home-page." I still have that set to this blog.

So when I start Firefox it shows my Fast Dial selections, but when I push the "Home" icon it still launches my blog as the home-page. Got it?

How many homepages do you want?

While getting this all worked out, I started seeing multiple tab pages opening when I hit the "home" icon. I hadn't seen that before and when I investigated, I found multiple URL's that were launching, each separated by a "Pipe" symbol like this " | ". On my keyboard, it's above the Enter key on the back-slash key.

Clearly entering multiple URL's in the "Home Page" field separated with a pipe will open up multiple tabs as your "home-pages".

Turns out this behavior is by design: Making Multiple Home pages - Mozilla Support

Mozilla Test Pilot Taking Flight Soon

This currently looks like it is a test project of Mozilla Labs.

The idea is to get better feedback and participation for items in Mozilla Labs. Test Pilot is an attempt to get a more representative sample of users and data back for feedback.

Folks will sign up to participate, then install the Test Pilot Add-on. The user will complete some (non-personal) demographic information. Then when a new experiment is available, it will notify users and they may choose to opt-in if the experiment looks promising to them. The experiment will download the add-on and load any specifics for the test. Periodically, Test Pilot will signal the user to complete a sample set of feedback questions from a larger pool of questions. It appears that not everyone will be offered the same questions to help get a better sample data base. Results will be anoymized and aggregated, then posted to the Test Pilot website.

And here's the reward: "All participants will receive a “flight badge” displayed in their Test Pilot profile and available to embed on blogs, social networks, etc." Cool! Sign me up!

Seriously. I think this is a good and solid move and will certainly draw better feedback. I love to test new software but getting feedback returned to the developers can be a bit challenging. I personally would pay more attention to my user experience if I knew that at random times I would be offered a change to provide comments and suggestions.

Mozilla Test Pilot isn't released yet. But should be in the coming weeks.

I plan on participating!

Specific features and roadmap are being developed in the Test Pilot discussion forum on the Mozilla Labs site.

More information here: Introducing Test Pilot - Mozilla Labs

New and Old Firefox Browser Sync Solutions

When Claus last posted about syncing his Firefox browser across systems at home (Syncing Firefox Bookmarks) I had settled on the Google Browser Sync (GBS) tool for Firefox. Then two-months in I got hammered. I stuck with it a while longer, but it kinda freaked me out, so I went back to copying my bookmarks back and forth between systems using a USB stick. Firefox 3.0 now exports the SQLIte file the bookmarks are managed in in a JSON file format. It works great.

So now I find that Mozilla Lab's have released Mozilla Weave that will allow me to sync up my Firefox 3.0 across multiple computers.

Mozilla Weave Services - Registration/Log in

This new version brings the following features:

Major Updates and Features

Significant reworking and strengthening of core synchronization architecture, improving robustness and overall responsiveness.
AES (Rijndael) encryption is now used by default for all user data.
(Note: external calls to OpenSSL are being used temporarily while we continue to work on extending NSS to support the necessary functionality.)
Public Key Infrastructure (PKI) back-end implemented in preparation for the introduction of data sharing capabilities.
Support for the new Firefox 3 native JSON parser for security, speed, and reliability.
Synchronization of browser history data is now based on visits rather than URLs.
Enhanced logging and debugging tools.

I think I might create some test profiles on my systems, then sign up and give it a whirl before attempting to use my primary profile data.

My Firefox Extension List

D. McCunney recently requested an updated list of my Firefox Extensions.

Fair enough, been almost six-months since my last list.

Right now I am using Firefox 3 (Minefield/Nightly) builds. They are very stable now. However, most folks looking to do the jump to Firefox 3.0 should go with Firefox 3 Release Candidate 1 (or 2 when it is released soon). If you are really adventurous, check out this post of mine; "Private Label" Firefox Builds and roll your own custom job.

Last time I had 39 Firefox Add-ons installed. Now I am down to 34.

Mostly is it due to compatibility. Some just didn't play well with Firefox 3.0. Others listed below will work with Firefox 3.0, but still need to be "hacked" by bumping up the em:maxVersion value located in the install.rdf file of the the .xpi package. That or use the Nightly Tester Tools Add-on. Others got dropped because I didn't use the features as much as I thought I would.

Here you go kiddos.

Extensions (enabled: 34, disabled: 0):

Adblock Plus - Adblock is a content filtering plug-in for the Mozilla and Firebird browsers.
Advanced Dork - Adblock is a content filtering plug-in for the Mozilla and Firebird browsers.
CacheViewer - This extension is GUI Front-end of "about:cache".
CoLT - Makes it easy to copy a hyperlink's associated text and URL at the same time.
Copy as HTML Link - Creates HTML formatted link of current web-page using selected text
Copy Plain Text - Copies text without formatting. Use from the Edit or context menus.
Download Statusbar - Copies text without formatting. Use from the Edit or context menus.
DownloadHelper - Save videos from sites to your hard disk.
Dr.Web anti-virus link checker - Scan for malicious programs any web link before it is opened.
Extension List Dumper - Provides list of installed extensions, themes and plugins.
Fast Dial - Kind of like Opera's Speed Dial. Multi-window view of favorite webpages.
Fasterfox - Performance and network tweaks for Firefox.
Favicon Picker 2 - This extension adds a UI for replacing bookmark icons.
Fire Analytics - View your Google Analytics reports in Firefox.
FoxClocks - Display world times in your status bar.
Full Map - See more of the actual map on Google Maps. Rotate through 3 modes.
Fullerscreen - See more of the actual map on Google Maps. Rotate through 3 modes.
Google Send to Phone - Send short text-messages to mobile phones.
InfoLister - Provides list of installed extensions, themes and plugins.
Java Quick Starter - Feature of Java to allow faster loading/execution of Java applets.
Link Alert - Cursor changes to indicate type target link is.
Linky - Open or download links, image links and web addresses found in the page text.
ListZilla - Provides list of installed extensions.
Make Link - Adds a context menu item to copy links to the clipboard multiple formats.
NewsFox - RSS feed reader extension for Mozilla Firefox.
Nightly Tester Tools - Adds a few extras useful to those that regularly test Mozilla's nightly builds.
NoScript - Provides protection by allowing JavaScript and Java execution for trusted domains.
PhProxy - InBasic - Flexible Proxy-on-demand for anonymous web surfing.
Remove It Permanently - Point and click removal of web-page elements.
Save Image in Folder - Save images into different folders via right-click context menu.
SearchLoad Options - Adds a menu for tweaking the search bar's default behavior.
Secure Login - Uses the built-in password manager, but deactivates the pre-filling of login forms.
Smart Link - Adds open in new tab / window options to right click menu for plain url texts.
Uppity - Hop Up the URL structure of a page via the address bar to quickly navigate a website.

Themes (1):

Default 3.0pre [selected]

There are lots of pretty themes now, and Personas for Firefox looks even better than before. However, the plain-old default theme works well for me, and as a plus usually avoids compatibility issues with the "nightly" versions.

Plugins (10):

Didn't really go looking for these. They either got installed as part of another software package, or I found I needed them to view Web media.

iTunes Application Detector
Java(TM) Platform SE 6 U10
Microsoft Office 2003
Microsoft® DRM
Mozilla Default Plug-in
QuickTime Plug-in 7.4.5
Shockwave Flash
Shockwave for Director
Silverlight Plug-In
Windows Media Player Plug-in Dynamic Link Library

There you go. Thanks for asking!

--Claus

Grand Stream Dreams blog