Malware scanners, the new malware

When does the cure become worse than the sickness? Webmasters don't just run the risk of having their sites labelled "harmful" by badly designed spyware scanners. They are also having their website visitor statistics skewed in the name of web safety. In February, Czech anti-virus developer Grisoft added a component called LinkScanner to its product AVG. This pre-scans every link on a page of search results so as to inform the user whether the site contains malware. And webmasters are furious about it.

The reason for their irritation is clear enough:

• The extra downloads of pages that the user may never actually see are creating extra traffic for websites - bandwidth stealing.
• The extra web page hits skew web analytics - such as monitoring the proportion of visitors to a page who achieve a desired goal like making a purchase or downloading a file - because they are difficult to distinguish from normal web traffic.

It is possible to detect the LinkScanner traffic by searching for specific User-Agent strings. When I searched a tech-pro.net server log selected at random I found an insignificant number of such strings. Nor did I observe any unexpected increase in traffic in my logs since February. I only became aware of this issue today in discussions with other webmasters about my SiteAdvisor-related problems. So I can't help wondering if the effects are as bad as they are being made out to be.

Nevertheless, Grisoft has decided to act on the complaints, and has announced that it has redesigned its LinkScanner so that it doesn't scan a web page until the user clicks on a link to it. It's a pity McAfee is not as responsive.

« Yahoo! disclaims resp… | Home | False sense of securi… »