Just before we left Colorado, and after several weeks of furious nagging by the software, I upgraded version 7.5 of AVG Free Anti-Virus for the new V8. I did it on Carol's machine only, as the upgrade required some damned thing or another that was missing on Win2K SP4, and I didn't have time to research it. (Carol uses XP.) With version 8 came something I had not heard about and did not expect: AVG LinkScanner.<\/p>\n
It's an interesting idea, and at first glance sounds like something truly useful: LinkScanner works with Google and Yahoo to prescan search results for evidence of malware injection. At a rate of 2-20 results per second, LinkScanner visits each displayed search result link, looks at what's on the other side, and displays one of three icons to the right of the search link: Good, questionable, or bad. I didn't even know the feature was present until later that day, when Carol was doing some Google work and asked me what the icons were. All were a reassuring green, but when I Googled on “warez” almost all of the search results came back with icons of alarming red.<\/p>\n
This seemed reasonable to me, and I was too frantic getting ready for our trip to think too deeply on it. But a few days later, I started to run across Web articles howling about an avalanche of Web hits spawned by LinkScanner<\/a>. The Register provides one of the saner descriptions of the issue<\/a>. Traffic on some smaller Web sites has spiked by 80%, and Slashdot says that as much as 6% of its massive clickthrough comes from LinkScanner's user agents.<\/p>\n LinkScanner, it seems, tries its best to look like an ordinary user. Well, duhh: If LinkScanner's probe announced its presence, malware artists would serve up an innocuous version of their sites, keeping the malware for ordinary Web surfers who could be discerned as such. I can understand the logic, but given that AVG has as many as seventy million users worldwide (few of whom have yet upgraded) widespread adoption of the technology could make ordinary Web traffic analysis meaningless. Traffic on duntemann.com started rising about April 1, but I couldn't quite figure what was going on. May was a record month for me, even though my traffic has been fairly steady since I launched my LiveJournal mirror of Contra<\/a> in early 2006. Things leveled out in June, but given the proportion of my traffic that now reads Contra on LiveJournal, I would expect aggregate traffic on duntemann.com to be falling slowly.<\/p>\n Having had a little time to think about this, I can raise a couple of points:<\/p>\n\n