AVG 2011 – Surf Shield Bug – avg_ls_dom.js

Recently I faced issues loading webpages in Chrome. Many websites failed to load including my Blog. Websites that have a lot of java scripts especially Adsense units (Image and Text) took a lot of time to load. I tested the page elements load time with firefox browser with firebug and Google Page speed addon and found a mysterious Java Script ‘/A2EB891D63C8/avg_ls_dom.js’

It looks like the problem is due to Surf Shield a part of Link Scanner module of AVG 2011. "AVG Surf-Shield actively checks web pages in real-time every time you click a link or enter a web address directly into your browser". This is done by adding a script element to the very beginning of every HTML page rendered inside the browser. This element loads a local JavaScript file called ‘avg_ls_dom.js’.

The script is injected in a non-standard way, right after the document definition and outside of the <head> element, where such resources are normally defined. This technique is most likely used to ensure that avg_ls_dom.js is loaded before any other script possibly injected by attackers into the original page. The JavaScript code inside the file is supposed to create a buffer with the content of the page and submit it via POST to another relative URL called /CC0227228D62/CheckData.

httpRequest.open("POST", "/CC0227228D62/CheckData", false);
httpRequest.setRequestHeader("Content-Type", "application/x-www-form-urlencoded");
httpRequest.send(params);

This request should again be intercepted by the AVG module, which should inspect the code and give the go-ahead to display the page or tell the script to throw an error instead. However, it seems that a bug causes the proxy-like component to let requests through and get sent to the server from where the page was loaded.

Once I disabled the Surf Shield option in Link Scanner the issue got resolved.

Ref: http://news.softpedia.com/news/AVG-2011-Bug-Affects-Browsing-Experience-Could-Also-Hurt-Websites-160515.shtml

Share

Lost in the Clouds!

image

When I first heard about cloud computing I was wondering if it was really worth the fancy terminology. To me it was just a marketing term for hosted applications. My first experience started three years ago when I moved my Website’s email from my hosting provider to Google Apps. At that point of time I never knew it was Cloud computing or specifically SaaS I was moving too. To me Google Apps was much better than my hoster’s email due to reduced downtime.

As usual it requires media hype for me to look back what things actually are. One’s own knowledge is the hurdle to learn new things. Over confident of knowing what it is I didn’t really track the developments though I keep hearing people discuss. But that’s also the problem with SaaS, it is difficult to see any difference.

It was Google App Engine that made me rethink. Though I registered my first application long back, only recently did I try to deploy my first application (‘Hello World’ of course). A small program but it still brought me a lot of insight to what things are. As a solution provider I wonder how this technology is going to change the world of computing. Though there is a big crowd out there harping on security issues on the cloud I don’t really see them as issues. It is only for the cloud consultants and the security companies to market their businesses.

I really admire the PaaS of Cloud Computing. My library application was on the shelves for a long time due to lack of time and build custom application accessible from the internet and also integrating it to my drupal powered website. With Zoho creator it is just a few clicks and four hours (to upload data) on a weekend, Wow! the application is up online. Integration with drupal? don’t worry la! Embedding the form on a drupal page is just that simple (http://www.shankarananth.com/site/index.php?q=node/49)

The biggest thing that would change the way people think at cloud computing is the time one spends on hardware and software maintenance. A chemical engineer and a solution provider I feel annoyed on more of my time being spent on fixing these issues rather than focus on my core competence.

Cloud computing is the definitely next big thing!

Share

India – Top Websites

Below is the list of top websites (Top 20) in India as per Alexa as queried today.

All websites are known but what surprised me is the IRCTC website on number 19!

  1. Google India

    google.co.in

    Indian version of this popular search engine. Search the whole web or only webpages from India. Interfaces offered in English, Hindi, Bengali, Telugu, Marathi and Tamil.

  2. Google

    google.com

    Enables users to search the Web, Usenet, and images. Features include PageRank, caching and translation of results, and an option to find similar pages. The company’s focus is developing search technology.

  3. Yahoo!

    yahoo.com

    Personalized content and search options. Chatrooms, free e-mail, clubs, and pager.

  4. Facebook

    facebook.com

    A social utility that connects people, to keep up with friends, upload photos, share links and videos.

  5. Orkut.co.in

    orkut.co.in

    orkut.co.in

  6. Blogger.com

    blogger.com

    Free, automated weblog publishing tool that sends updates to a site via FTP.

  7. YouTube

    youtube.com

    YouTube is a way to get your videos to the people who matter to you. Upload, tag and share your videos worldwide!

  8. Rediff.com India Ltd.

    rediff.com

    Online portal with free e-mail and many other services.

  9. Wikipedia

    wikipedia.org

    An online collaborative encyclopedia.

  10. Indiatimes

    indiatimes.com

    Portal site; includes news stories under subject headings, and links to other information sources.

  11. Twitter

    twitter.com

    Social networking and microblogging service utilising instant messaging, SMS or a web interface.

  12. Windows Live

    live.com

    Search engine from Microsoft.

  13. WordPress.com

    wordpress.com

    Free blogs managed by the developers of the WordPress software. Includes custom design templates, integrated statistics, automatic spam protection and other features.

  14. Microsoft Corporation

    microsoft.com

    Main site for product information, support, and news.

  15. Microsoft Network (MSN)

    msn.com

    Dialup access and content provider.

  16. RapidShare

    rapidshare.com

    Users can upload up to 100 meg files for sharing. Provides downloads of 100 megs per hour on the free service. Premium service also available.

  17. LinkedIn

    linkedin.com

    A networking tool to find connections to recommended job candidates, industry experts and business partners. Allows registered users to maintain a list of contact details of people they know and trust in business.

  18. IN.com

    in.com

    IN.com gives you a short @in.com email address, and lets you find the best of News, Music, Videos and Games, from more than 16,000 websites.

  19. Indian Railway Catering and Tourism Corporation

    irctc.co.in

    Offers online rail ticket booking, and checking of ticket reservation status. Includes train schedules, availability of tickets, and a travel planner.

  20. Cricinfo

    cricinfo.com

    International cricket news, live scores, photos, columns and player profiles. Provides archive scorecards, statistics database, ratings and email newsletter. Part of ESPN International. UK.

Share