Ronald, Stop Scaring Poor AVG!
Posted by: Giorgio in SQL, Flash, Mozilla, Security, NoScriptSome minutes after I published my post about the Flash unpatched vulnerability being exploited through mass SQL injections, popups of this kind started flying all over my notebook's desktop:
Since the "virus" was reported to be in my Firefox cache, and since Firefox has not the bad habit of randomly open cached files for execution, I guessed this "threat" was relatively harmless and AVG was just over-reacting to the mere "open for reading" action.
In facts, all my attempts to inspect the offending file using an hexadecimal editor were frustrated with "Access Denied" errors, and AVG on its side refused to give me any argumented detail about this alert.
Hence I typed
in my awesome bar and quickly found a file matching the size of the "menace": it was
, i.e. the RSS feed of Ronald van den Heetkamp's "Hacker Webzine"...
So, was just a mere van den Heetkamp stink enough to scare the hell out of my cute (and frankly, absolutely virginal) anti-virus?
Actually the most likely culprit is Ronald's latest article about the hot topic of the day: since he likes to feature generous portions of source code extracted from infected sites, a signature-based engine like AVG have no choice but going wild.
Dear anti-virus vendors, can we have a "Relax, I use Firefox + NoScript" Ronald-friendly option, please?