What, exactly, is Web TuneUp? Well, it doesn’t make websites load faster or improve your browser’s performance, as the name implies. It’s actually a search “enhancement.” I put that in quotes, because it’s up to interpretation whether what Web TuneUp does actually enhances anything.
Install the extension, and it flags questionable search results that happen to pop up. Google, of course, already does some scrubbing of search results and Chrome has built-in protection against malicious sites. Still, with 9 million users AVG’s done a good job of convincing people that they need the extra protection they say Web TuneUp provides… or at least a good job of sneaking it in during the installation of their antivirus software, which is used by more than 200 million people.
When Google reported the existence of a gaping flaw that appeared trivially easy to exploit and exposed users’ browsing history and hindered Chrome’s malware-checking abilities, they hoped AVG would move quickly to patch it up.
To their credit, they put together a fix and pushed it to the Chrome Web Store within four days of Google security engineer Tavis Ormandy’s initial report. They failed to take care of a potential man-in-the-middle vulnerability, though, and had to push a second update the next day after additional prompting from Ormandy.
As of today, the issue has been closed. That’s certainly good news for Chrome users that are running Web TuneUp, though it might not be a bad idea for those folks to just head to their extensions page and remove it entirely.
0 comments:
Post a Comment