Hi Johnnie,
again, it’s Saturday and we can have some conversation. How sweet! 8)
Are you saying that a simple ping is all it takes to identify which version of Avast I am running and when it's due for an update without gleaning any further info from my pc?
No. Let me explain how it works.
avast uses pings to find out whether the updating servers are reachable (that’s what ping is for anyway). If the ping works, it tries to fetch an update. It makes a HTTP GET request to one of our updating servers and downloads a couple of tiny files that hold the time stamps of the installation packages. Using these files, it can determine if there is something new on the servers. If there is, it downloads it and installs it. After the update, it sends a report of the update - this is the only point when it sends some data to our servers, and it only sends info about avast itself, mainly about how it worked, and also some licensing info so that we can blacklist those pirates, y’know But really, no files and/or avast-nonrelated info is leaked. Never.
For example, I was also wondering about the unp3676 (crash file). Is that information ever polled or sent.
The crash dump, and the chest files are only sent by e-mail (SMTP), and only when a user explicitly asks avast to do so.
Does Avast open any ports for it's own use?.
Not deliberately.
Of course, things like the mail proxy need to do this but that shouldn’t surprise you.
I'm not convinced, mainly from past comment from one of the 'team'.
Which comment, which member? (I suppose I know which team ::)).
HOWEVER but my crash dump say's Avast did it ie crashed
<talkin’ serious> But that’s the dump that I’ve looked at with the overwritten bits in the NTFS driver, right? The thing is, the way Windows “determines” which driver is in charge for a BSOD is rather “interesting” - it backtracks the stack and the first non-Microsoft driver is the one that’s guilty :)</talkin’ serious> And you know MS drivers are perfect, don’t you?
Nope… I’m not telling . It was only idle chit-chat with an ‘implication’ of what was being read, but as you say… nothing detremental… my credit card number… but my wife hs already distributed that to most of the stores in the country
But that's the dump that I've looked at with the overwritten bits in the NTFS driver, right?
No dear boy, I’m now talking about Avast’s own crash file (referred to above). That’s the one that’s poking the finger at Avast itself. My questions about the MS mini dump file where ignored by ‘a member of the team’ :
Now wait a minute, I know what your gonna say next… MS have hacked the ‘Avast’ crash file 8)
Walker, what's still unclear? I thought I already explained that. You may PM me for details, but you'll get nothing than techno-geek stuff ;)
kubej, your all jumping to conclusions that I have some ulterior motive… I DON’T, I’m curious because of other reasons that Vlk knows a little about. I don’t mind ‘Geek’ stuff, I plod my way through it. 8)
The avast crash dump is generated when avast crashes - the file is only written to avast log directory at the moment; then, the crash window (“avast! has encountered an error…”) should appear, having a part to write your own comment and two buttons - “Send report” and “Don’t send”. Only when you press the “Send” button, the crash dump file is sent (using SMTP) afterwards.
I don’t remember any crash window popping up, but out of interest and to put you guys minds at rest that I’m not asking for some ‘other’ reason, here is extract from the unp3676 crash file…
Crash list of Avast Antivirus, v.4.1.280
------------------
System Information
------------------
Time of this report: 16/10/2003, 13:29:02
Computer name: SERVER-02
Operating System: Microsoft Windows XP Personal (Build 2600) Service Pack 1
Processor: Intel(R) Pentium(R) 4 CPU 3.00GHz, MMX, ~2982Mhz
System memory: 1048044 KB (installed), 804500 KB (available), 2097024 KB (virtual)
Language: 0809-0809-0809-0809 (SLangID, SLCID, ULangID, ULCID), 0409-0409 (SUILang, UUILang)
------------
Fault source
------------
D:\Alwil Software\Avast4\ashserv.exe caused an Access Violation at location 7ffefdfd Reading from location 7ffefdfd.
-----------
Walker.
OK, OK, I'm not denying but the truth is that you haven't sent me any other crash dump, have you? Just the original one. :-*
Can you send me a bottle of whatever you were sipping last night 8) . I didn’t say I had sent you any more crash dump files ???. Unless of course I’m trying to access my own invalid memory location. : : :