Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

DNS Heavyweights Raise Concern Over DNS Filtering

samzenpus posted more than 3 years ago | from the not-so-fast dept.

Censorship 129

penciling_in writes "A group of DNS heavyweights have released a paper detailing serious concerns over the proposed DNS filtering requirements included as part of the bill recently introduced in the US Senate named Preventing Real Online Threats to Economic Creativity and Theft of Intellectual Property Act of 2011 (PROTECT IP Act). The group which includes Paul Vixie, Dan Kaminsky, Steve Crocker, David Dagon and Danny McPherson, have detailed several serious technical and security concerns in the event that the mandated DNS filtering is enacted into law. Dan Kaminsky says: 'There are efforts afoot to manipulate the DNS on a remarkably large scale. The American PROTECT IP act contains several reasonable and well targeted remedies to copyright infringement. One of these remedies, however, is to leverage the millions of recursive DNS servers that act as accelerators for Internet traffic, and convert them into censors for domain names in an effort to block content.'"

cancel ×

129 comments

Sorry! There are no comments related to the filter you selected.

Blocking domains? Very effective... (3, Informative)

Yetihehe (971185) | more than 3 years ago | (#36252664)

Didn't anyone warn them that just blocking a domain name doesn't work?

Re:Blocking domains? Very effective... (0)

Anonymous Coward | more than 3 years ago | (#36252710)

SHHHHHHHHHHH!!!!!!!!!!

Re:Blocking domains? Very effective... (0)

Anonymous Coward | more than 3 years ago | (#36253014)

But it sure as hell makes it look like they're busy.

Re:Blocking domains? Very effective... (1)

Dog-Cow (21281) | more than 3 years ago | (#36253300)

I know it's anathema, but you could read the PDF instead of asking inane questions.

Re:Blocking domains? Very effective... (0)

Anonymous Coward | more than 3 years ago | (#36253614)

Who'll be the first to print: "Well known Security researcher Dan Kaminsky calls DNS filtering reasonable and well targeted."

"The American PROTECT IP act contains several reasonable and well targeted remedies to copyright infringement. One of these remedies, however, is to leverage the millions of recursive DNS servers that act as accelerators for Internet traffic"

Re:Blocking domains? Very effective... (2)

1s44c (552956) | more than 3 years ago | (#36253684)

Didn't anyone warn them that just blocking a domain name doesn't work?

Yes. They didn't understand what a domain was or what blocking one meant.

Re:Blocking domains? Very effective... (1)

SuricouRaven (1897204) | more than 3 years ago | (#36255144)

But if it doesn't work, it'll only serve as a justification to introduce a tougher form of filtering. It's far easier politically to justify fixing a 'loophole' in an existing law than it is to propose something completly new. DNS blocks first, IP address blocks later.

Ineffective (2)

WillyWanker (1502057) | more than 3 years ago | (#36252696)

And what's to stop people from using a DNS server that's outside the US? Or even just punching in the IP address directly?

Re:Ineffective (3, Funny)

i kan reed (749298) | more than 3 years ago | (#36252738)

FBI agents with guns.

Re:Ineffective (1)

SanityInAnarchy (655584) | more than 3 years ago | (#36253030)

If you've got those, why do you need to fuck with DNS anyway?

Re:Ineffective (1)

i kan reed (749298) | more than 3 years ago | (#36253426)

Ok, well I was mostly joking, but you're forgetting the pareto principle.

If they can eliminate 80% of file sharing with a 20% offort of blocking the DNS, the remainder can be treated just as I mentioned. If they had to expend that much effort on every person willing to google "movie torrents" and just click a link the FBI wouldn't be able to keep up.

Re:Ineffective (1)

Kamiza Ikioi (893310) | more than 3 years ago | (#36253674)

Dogs [ohinternet.com] work too.

Re:Ineffective (1)

sosume (680416) | more than 3 years ago | (#36253966)

I can't wait for the feds to seize the root DNS servers for not complying.

Re:Ineffective (0)

Anonymous Coward | more than 3 years ago | (#36254712)

FBI agents with guns.

Parent was modded "+5, Funny" and for good reason, but the comment is equally worthy of "+5, Insightful"

What's a DNS server? (5, Interesting)

billlava (1270394) | more than 3 years ago | (#36252822)

I think you greatly overestimate the technological literacy of the average American. Most people aren't going to have a clue how to change their DNS servers, but even for those who do understand how to get around such restrictions, this is still disturbing. This is just a way for government to get its foot in the door. Soon, they'll be mandating to ISPs which DNS servers their clients are allowed to use, and what IP ranges are 'legal' to access on the internet. Maybe I should just take off the tinfoil hat and relax, but I can't see how government getting involved in legislating the internet in ANY way is a good thing.

Re:What's a DNS server? (0)

Anonymous Coward | more than 3 years ago | (#36252928)

"I think you greatly overestimate the technological literacy of the average American"

Buy EZDNSChanger Ex Pro Deluxe Platinum Premium edition for $19.99 and instantly change your DNS with no hassles. Order today and get a free Clippy tie clip at no extra charge! That's a $9.99 value free when you order!

Re:What's a DNS server? (1)

WillyWanker (1502057) | more than 3 years ago | (#36253108)

I didn't say I liked the idea, I only said that it would be highly inefficient, and as such shouldn't be done if for no other reason than it wouldn't have the desired effect. If someone wants to get to the Pirate Bay badly enough they'll figure out how to do it, as it's only a Google search away.

Re:What's a DNS server? (1)

billlava (1270394) | more than 3 years ago | (#36253452)

I think we're pretty much on the same page here. I agree that DNS blocking will be very inefficient. As a matter of fact, it will probably just increase people's awareness of what DNS is, and how to take advantage of it.

However, as I said before, I'm afraid that this is just a foot in the door. To borrow a phrase from paranoid philosophers of years past, this is a slippery slope. It's not hard to imagine regulators blocking swaths of IP address space or even filtering out specific pages on websites. If China can get away with it (with most people content to be censored and kept in the dark) who's to say it couldn't happen here?

Re:What's a DNS server? (1)

1s44c (552956) | more than 3 years ago | (#36253708)

I didn't say I liked the idea, I only said that it would be highly inefficient, and as such shouldn't be done if for no other reason than it wouldn't have the desired effect. If someone wants to get to the Pirate Bay badly enough they'll figure out how to do it, as it's only a Google search away.

If the bad guys have DNS they control who gets to see google.

Re:What's a DNS server? (1)

g0bshiTe (596213) | more than 3 years ago | (#36254360)

To borrow from "Guns don't kill people..."

Pirates don't illegally file share, it's ISP's that allow DNS that cause illegal file sharing.

Re:What's a DNS server? (1)

hedwards (940851) | more than 3 years ago | (#36253784)

Yes, but are those really the sorts of folks that are downloading torrents of their favorite shows? I mean seriously.

Re:What's a DNS server? (0)

Anonymous Coward | more than 3 years ago | (#36254234)

DNS server settings can also be changed automatically, in several ways. One can make a site that says "frustrated by PROTECT IP? Click here!", which edits the windows registry to change DNS settings. One could also solve this via browser addons. Just install an addon that has a small table of blacklisted domains and their IP address. I guarantee it will take about five minutes after PROTECT IP passes until we are inundated with them. Hell, there's even one available now (called the MafiaaFire redirector).

Re:What's a DNS server? (1)

SuricouRaven (1897204) | more than 3 years ago | (#36255178)

Such a table already exists. It's called a hosts file.

Re:What's a DNS server? (1)

cdrguru (88047) | more than 3 years ago | (#36254374)

Ah, but you miss the opportunity for folks to install the "New Unblocking DNS Mod" which grants you access to all sorts of pirated content. For only $10 you open up your computer and let some pirate application do whatever and you get access restored to the pirate sites you were being blocked from.

Of course, you also just installed some software which returns your passwords to somewhere else. But that is why the software that changes the DNS servers is so cheap.

Re:What's a DNS server? (0)

Anonymous Coward | more than 3 years ago | (#36254668)

Actually, it doesn't matter if the average American can't change DNS servers or type in an IP manually, the pirating scene will go back to the WaReZ scene where a few knowledgeable people in a social network will distribute infringed works to their friends. That's the old school WaReZ scene; one where this kind of "IP Protection" stands zero chance, and I welcome it. Remember the days of IRC? FTP servers? Newsgroups? If it goes back to that then the government and IP giants cannot stop us under any circumstance. "Digital identities," you say? Forge one. There's always a way around everything on the Internet and there always will be.

Another danger (1)

retardpicnic (1762292) | more than 3 years ago | (#36254688)

Another facet that wasn't mentioned in the paper is that as America attempts to legislate the internet so that the mega rich can become ultra rich, we simply remove ourselves from meaningful discussion about the problem and social view of file sharing.
As a security buff i learned from experience that while the "rules" if examined presented my ideal view of the world, or let others know whats actually important to me, my logs function as a mirror, telling me how things actually looked.
On behalf of the mega rich, the mega powerful are attempting to create a rule that says this transaction shouldn't happen, but the logs tell us that the general population in no way shape or form shares this view of the world.
If it was viewed as say child porn, in which the vast majority of the user community sees the issue in much the same manner as the rulemakers you get a set of logs that indicate that this view is shared and a small set of transgressions presented in the logs..
this is not so in the case of file sharing, hence, a waste of time and effort, the file sharing medium will change, the methods will change, but the desire will not

Re:What's a DNS server? (3, Interesting)

DarkOx (621550) | more than 3 years ago | (#36254832)

Like the average smuck was not going to be able to use dvdshrink? Come on you know some 1337 kid is going to read up on DNS just enough to learn how to set which server is used on Windows, whip out his intro to VB.net book and whip up a little single form program with all his code in the DoIt.OnClick() handler to set the value to some server in The Republic of North Bumfuck.

Then everyone moron on facebook will be sending it to each other and installing it. That is Week 1.

Week 2 is when everyones ISP just starts NAT'ing ever packet with a dst port 53 tcp or udp to their own DNS server.

Week 3 same kid who has now learned that port translation can be used for other things besides playing wow behind his Linksys router starts his Google quest for a COM object that implements SSH....

Week 4... Frustration ensues

Week 5 ... A new VB.net app is published!

Re:Ineffective (0)

Anonymous Coward | more than 3 years ago | (#36253396)

People find out about the IP mainly from DNS. So unless people start NOW to look up the IP address for all their favorite sites most people won't know the IP's when the censorship starts. I can honestly say I don't know the IP for ANY of the sites I visit. I don't have my own IP's memorized for the couple of VPS I manage. I have to login to the control panel to find them or dig through saved / archived emails.
And this still only counts for known sites. What if a new site comes out that is in the start of growth, then gets blocked? Not many people will know what the IP is because they have not had a chance to get there in the first place.
Perhaps I'm in the minority on this site. How many people "honestly" knows the IP address for every site you lie to visit? (Or to put it differently, if a site you like to visit gets blocked, do you ALREADY know the IP to visit it anyway)

Re:Ineffective (1)

SuricouRaven (1897204) | more than 3 years ago | (#36255196)

It only needs one person to put it on blog or forum, and word will spread.

DNS problems, & you can filter via HOSTS files (-1, Redundant)

Anonymous Coward | more than 3 years ago | (#36252736)

Personally, I periodically rotate what DNS servers I use (Norton DNS, Google DNS, ScrubIT DNS, & OpenDNS)... but, DNS has ISSUES (no "NEW News" there of course):

20++ ADVANTAGES OF HOSTS FILES OVER DNS SERVERS &/or ADBLOCK ALONE for added layered security:

1.) HOSTS files are useable for all these purposes because they are present on all Operating Systems that have a BSD based IP stack (even ANDROID) and do adblocking for ANY webbrowser, email program, etc. (any webbound program).

2.) Bad news: ADBLOCK CAN BE DETECTED FOR: See here on that note -> http://arstechnica.com/business/news/2010/03/why-ad-blocking-is-devastating-to-the-sites-you-love.ars [arstechnica.com]

HOSTS files are NOT BLOCKABLE by websites, as was tried on users by ARSTECHNICA (and it worked, proving HOSTS files are a better solution for this because they cannot be blocked & detected for, in that manner), to that websites' users' dismay:

PERTINENT QUOTE/EXCERPT FROM ARSTECHNICA THEMSELVES:

----

An experiment gone wrong - By Ken Fisher | Last updated March 6, 2010 11:11 AM

http://arstechnica.com/business/news/2010/03/why-ad-blocking-is-devastating-to-the-sites-you-love.ars [arstechnica.com]

"Starting late Friday afternoon we conducted a 12 hour experiment to see if it would be possible to simply make content disappear for visitors who were using a very popular ad blocking tool. Technologically, it was a success in that it worked. Ad blockers, and only ad blockers, couldn't see our content."

and

"Our experiment is over, and we're glad we did it because it led to us learning that we needed to communicate our point of view every once in a while. Sure, some people told us we deserved to die in a fire. But that's the Internet!"

Thus, as you can see? Well - THAT all "went over like a lead balloon" with their users in other words, because Arstechnica was forced to change it back to the old way where ADBLOCK still could work to do its job (REDDIT however, has not, for example). However/Again - this is proof that HOSTS files can still do the job, blocking potentially malscripted ads (or ads in general because they slow you down) vs. adblockers like ADBLOCK!

----

3.) Adblock doesn't protect email programs external to FF, Hosts files do. THIS IS GOOD VS. SPAM MAIL or MAILS THAT BEAR MALICIOUS SCRIPT, or, THAT POINT TO MALICIOUS SCRIPT VIA URLS etc.

4.) Adblock won't get you to your favorite sites if a DNS server goes down or is DNS-poisoned, hosts will (this leads to points 4-7 next below).

5.) Adblock doesn't allow you to hardcode in your favorite websites into it so you don't make DNS server calls and so you can avoid tracking by DNS request logs, hosts do (DNS servers are also being abused by the Chinese lately and by the Kaminsky flaw -> http://www.networkworld.com/news/2008/082908-kaminsky-flaw-prompts-dns-server.html [networkworld.com] for years now). Hosts protect against those problems via hardcodes of your fav sites (you should verify against the TLD that does nothing but cache IPAddress-to-domainname/hostname resolutions via NSLOOKUP, PINGS, &/or WHOIS though, regularly, so you have the correct IP & it's current)).

6.) HOSTS files protect you vs. DNS-poisoning &/or the Kaminsky flaw in DNS servers, and allow you to get to sites reliably vs. things like the Chinese are doing to DNS -> http://yro.slashdot.org/story/10/11/29/1755230/Chinese-DNS-Tampering-a-Real-Threat-To-Outsiders [slashdot.org]

7.) HOSTS files will allow you to get to sites you like, via hardcoding your favs into a HOSTS file, FAR faster than DNS servers can by FAR (by saving the roundtrip inquiry time to a DNS server & back to you).

8.) AdBlock doesn't let you block out known bad sites or servers that are known to be maliciously scripted, hosts can and many reputable lists for this exist:

GOOD INFORMATION ON MALWARE BEHAVIOR LISTING BOTNET C&C SERVERS + MORE (AS WELL AS REMOVAL LISTS FOR HOSTS):

http://www.mvps.org/winhelp2002/hosts.htm [mvps.org]
http://someonewhocares.org/hosts/ [someonewhocares.org]
http://hostsfile.org/hosts.html [hostsfile.org]
http://hostsfile.mine.nu/downloads/ [hostsfile.mine.nu]
http://hosts-file.net/?s=Download [hosts-file.net]
https://zeustracker.abuse.ch/monitor.php?filter=online [abuse.ch]
https://spyeyetracker.abuse.ch/monitor.php [abuse.ch]
http://ddanchev.blogspot.com/ [blogspot.com]
http://www.malware.com.br/lists.shtml [malware.com.br]
http://www.stopbadware.org/ [stopbadware.org]
Spybot "Search & Destroy" IMMUNIZE feature (fortifies HOSTS files with KNOWN bad servers blocked)

And yes: Even SLASHDOT &/or The Register help!

(Via articles on security (when the source articles they use are "detailed" that is, & list the servers/sites involved in attempting to bushwhack others online that is... not ALL do!)).

2 examples thereof in the past I have used, & noted it there, are/were:

http://it.slashdot.org/comments.pl?sid=1898692&cid=34473398 [slashdot.org]
http://it.slashdot.org/comments.pl?sid=1896216&cid=34458500 [slashdot.org]

9.) AdBlock & DNS servers are programs, and subject to bugs programs can get. Hosts files are merely a filter and not a program, thus not subject to bugs of the nature just discussed.

10.) Hosts files don't eat up CPU cycles like AdBlock does while it parses a webpages' content, nor as much as a DNS server does while it runs. HOSTS file are merely a FILTER for the kernel mode/PnP TCP/IP subsystem, which runs FAR FASTER & MORE EFFICIENTLY than any ring 3/rpl3/usermode app can.

11.) HOSTS files are EASILY user controlled, obtained (for reliable ones -> http://www.mvps.org/winhelp2002/hosts.htm [mvps.org] ) & edited too, via texteditors like Windows notepad.exe or Linux nano (etc.)

12.) With Adblock you had better be able to code javascript to play with its code. With hosts you don't even need source to control it (edit, update, delete, insert of new entries via a text editor).

13.) Hosts files are easily secured via using MAC/ACL &/or Read-Only attributes applied.

14.) Custom HOSTS files also speed you up, unlike anonymous proxy servers systems variations (like TOR, or other "highly anonymous" proxy server list servers typically do, in the severe speed hit they often have a cost in) either via "hardcoding" your fav. sites into your hosts file (avoids DNS servers, totally) OR blocking out adbanners - see this below for evidence of that:

US Military Blocks Websites To Free Up Bandwidth:

http://yro.slashdot.org/story/11/03/16/0416238/US-Military-Blocks-Websites-To-Free-Up-Bandwidth [slashdot.org]

(Yes, even the US Military used this type of technique... because IT WORKS! Most of what they blocked? Ad banners ala doubleclick etc.)

ADBANNERS SLOW DOWN THE WEB: -> http://tech.slashdot.org/article.pl?sid=09/11/30/166218 [slashdot.org]

and people do NOT LIKE ads on the web:

PEOPLE DISLIKE ADBANNERS: http://yro.slashdot.org/yro/08/04/02/0058247.shtml [slashdot.org]

15.) HOSTS files usage lets you avoid being charged on some ISP/BSP's (OR phone providers) "pay as you use" policy http://yro.slashdot.org/story/10/12/08/2012243/FCC-Approving-Pay-As-You-Go-Internet-Plans [slashdot.org] , because you are using less bandwidth (& go faster doing so no less) by NOT hauling in adbanner content and processing it (which can lead to infestation by malware/malicious script, in & of itself -> http://apcmag.com/microsoft_apologises_for_serving_malware.htm [apcmag.com] ).

16.) If/when ISP/BSP's decide to go to -> FCC Approving Pay-As-You-Go Internet Plans: http://yro.slashdot.org/story/10/12/08/2012243/FCC-Approving-Pay-As-You-Go-Internet-Plans [slashdot.org] your internet bill will go DOWN if you use a HOSTS file for blocking adbanners as well as maliciously scripted hacker/cracker malware maker sites too (after all - it's your money & time online downloading adbanner content & processing it)

Plus, your adbanner content? Well, it may also be hijacked with malicious code too mind you:

---

Ad networks owned by Google, Microsoft serve malware:

http://www.theregister.co.uk/2010/12/13/doubleclick_msn_malware_attacks/ [theregister.co.uk]

---

Attacks Targeting Classified Ad Sites Surge:

http://it.slashdot.org/story/11/02/02/1433210/Attacks-Targeting-Classified-Ad-Sites-Surge [slashdot.org]

---

Hackers Respond To Help Wanted Ads With Malware:

http://it.slashdot.org/story/11/01/20/0228258/Hackers-Respond-To-Help-Wanted-Ads-With-Malware [slashdot.org]

---

Hackers Use Banner Ads on Major Sites to Hijack Your PC:

http://www.wired.com/techbiz/media/news/2007/11/doubleclick [wired.com]

---

Ruskie gang hijacks Microsoft network to push penis pills:

http://www.theregister.co.uk/2010/10/12/microsoft_ips_hijacked/ [theregister.co.uk]

---

Major ISPs Injecting Ads, Vulnerabilities Into Web:

http://it.slashdot.org/it/08/04/19/2148215.shtml [slashdot.org]

---

Users Know Advertisers Watch Them, and Hate It:

http://yro.slashdot.org/yro/08/04/02/0058247.shtml [slashdot.org]

---

Two Major Ad Networks Found Serving Malware:

http://tech.slashdot.org/story/10/12/13/0128249/Two-Major-Ad-Networks-Found-Serving-Malware [slashdot.org]

---

ADBANNERS SLOW DOWN THE WEB:

http://tech.slashdot.org/article.pl?sid=09/11/30/166218 [slashdot.org]

---

THE NEXT AD YOU CLICK MAY BE A VIRUS:

http://it.slashdot.org/story/09/06/15/2056219/The-Next-Ad-You-Click-May-Be-a-Virus [slashdot.org]

---

NY TIMES INFECTED WITH MALWARE ADBANNER:

http://news.slashdot.org/article.pl?sid=09/09/13/2346229 [slashdot.org]

---

MICROSOFT HIT BY MALWARES IN ADBANNERS:

http://apcmag.com/microsoft_apologises_for_serving_malware.htm [apcmag.com]

---

ISP's INJECTING ADS AND ERRORS INTO THE WEB: -> http://it.slashdot.org/it/08/04/19/2148215.shtml [slashdot.org]

---

ADOBE FLASH ADS INJECTING MALWARE INTO THE NET: http://it.slashdot.org/article.pl?sid=08/08/20/0029220&from=rss [slashdot.org]

---

London Stock Exchange Web Site Serving Malware:

http://www.securityweek.com/london-stock-exchange-web-site-serving-malware [securityweek.com]

---

Spotify splattered with malware-tainted ads:

http://www.theregister.co.uk/2011/03/25/spotify_malvertisement_attack/ [theregister.co.uk]

---

As my list "multiple evidences thereof" as to adbanners & viruses + the fact they slow you down & cost you more (from reputable & reliable sources no less)).

17.) Per point #16, a way to save some money: ANDROID phones can also use the HOSTS FILE TO KEEP DOWN BILLABLE TIME ONLINE, vs. adbanners or malware such as this:

---

Infected Androids Run Up Big Texting Bills:

http://it.slashdot.org/story/11/03/01/0041203/Infected-Androids-Run-Up-Big-Texting-Bills [slashdot.org]

---

It's easily done too, via the ADB dev. tool, & mounting ANDROID OS' system mountpoint for system/etc as READ + WRITE/ADMIN-ROOT PERMISSIONS, then copying your new custom HOSTS over the old one using ADB PULL/ADB PUSH to do so (otherwise ANDROID complains of "this file cannot be overwritten on production models of this Operating System", or something very along those lines - this way gets you around that annoyance along with you possibly having to clear some space there yourself if you packed it with things!).

18.) Adblock blocks ads in only 1-2 browser family, but not all (Disclaimer: Opera now has an AdBlock addon (now that Opera has addons above widgets), but I am not certain the same people make it as they do for FF or Chrome etc.).

19.) Even WIKILEAKS "favors" blacklists (because they work, and HOSTS can be a blacklist vs. known BAD sites/servers/domain-host names):

---

PERTINENT QUOTE/EXCERPT (from -> http://www.theregister.co.uk/2010/12/16/wikileaks_mirror_malware_warning_row/ [theregister.co.uk] )

"we are in favour of 'Blacklists', be it for mail servers or websites, they have to be compiled with care... Fortunately, more responsible blacklists, like stopbadware.org (which protects the Firefox browser)...

---

20.) AND, LASTLY? SINCE MALWARE GENERALLY HAS TO OPERATE ON WHAT YOU YOURSELF CAN DO (running as limited class/least privlege user, hopefully, OR even as ADMIN/ROOT/SUPERUSER)? HOSTS "LOCK IN" malware too, vs. communicating "back to mama" for orders (provided they have name servers + C&C botnet servers listed in them, blocked off in your HOSTS that is) - you might think they use a hardcoded IP, which IS possible, but generally they do not & RECYCLE domain/host names they own (such as has been seen with the RBN (Russian Business Network) lately though it was considered "dead", other malwares are using its domains/hostnames now, & this? This stops that cold, too - Bonus!)...

Still - It's a GOOD idea to layer in the usage of BOTH browser addons for security like adblock, &/or NoScript (especially this one, as it covers what HOSTS files can't in javascript which is the main deliverer of MOST attacks online & SECUNIA.COM can verify this for anyone really by looking @ the past few years of attacks nowadays), for the concept of "layered security"....

It's just that HOSTS files offer you a LOT MORE gains than Adblock does alone (as hosts do things adblock just plain cannot & on more programs, for more speed, security, and "stealth" to a degree even), and it corrects problems in DNS (as shown above via hardcodes of your favorite sites into your HOSTS file, and more (such as avoiding DNS request logs)).

ALSO - Some more notes on DNS servers & their problems, very recent + ongoing ones:

BIND vs. what the Chinese are doing to DNS lately? See here:

http://yro.slashdot.org/story/10/11/29/1755230/Chinese-DNS-Tampering-a-Real-Threat-To-Outsiders [slashdot.org]

---

SECUNIA HIT BY DNS REDIRECTION HACK THIS WEEK:

http://www.theregister.co.uk/2010/11/26/secunia_back_from_dns_hack/ [theregister.co.uk]

(Yes, even "security pros" are helpless vs. DNS problems in code bugs OR redirect DNS poisoning issues, & they can only try to "set the DNS record straight" & then, they still have to wait for corrected DNS info. to propogate across all subordinate DNS servers too - lagtime in which folks DO get "abused" in mind you!)

---

DNS vs. the "Kaminsky DNS flaw", here (and even MORE problems in DNS than just that):

http://www.scmagazineus.com/new-bind-9-dns-flaw-is-worse-than-kaminskys/article/140872/ [scmagazineus.com]

(Seems others are saying that some NEW "Bind9 flaw" is worse than the Kaminsky flaw ALONE, up there, mind you... probably corrected (hopefully), but it shows yet again, DNS hassles (DNS redirect/DNS poisoning) being exploited!)

---

Moxie Marlinspike's found others (0 hack) as well...

Nope... "layered security" truly IS the "way to go" - hacker/cracker types know it, & they do NOT want the rest of us knowing it too!...

(So until DNSSEC takes "widespread adoption"? HOSTS are your answer vs. such types of attack, because the 1st thing your system refers to, by default, IS your HOSTS file (over say, DNS server usage). There are decent DNS servers though, such as OpenDNS, ScrubIT, or even GOOGLE DNS, & because I cannot "cache the entire internet" in a HOSTS file? I opt to use those, because I have to (& OpenDNS has been noted to "fix immediately", per the Kaminsky flaw, in fact... just as a sort of reference to how WELL they are maintained really!)

---

DNS provider decked by DDoS dastards:

http://www.theregister.co.uk/2010/11/16/ddos_on_dns_firm/ [theregister.co.uk]

---

Ten Percent of DNS Servers Still Vulnerable: (so much for "conscientious patching", eh? Many DNS providers weren't patching when they had to!)

http://it.slashdot.org/it/05/08/04/1525235.shtml?tid=172&tid=95&tid=218 [slashdot.org]

---

DDoS Attacks Via DNS Recursion:

http://it.slashdot.org/it/06/03/16/1658209.shtml [slashdot.org]

---

DNS ROOT SERVERS ATTACKED:

http://it.slashdot.org/it/07/02/06/2238225.shtml [slashdot.org]

---

TimeWarner DNS Hijacking:

http://tech.slashdot.org/article.pl?sid=07/07/23/2140208 [slashdot.org]

---

DNS Re-Binding Attacks:

http://crypto.stanford.edu/dns/ [stanford.edu]

---

DNS Server Survey Reveals Mixed Security Picture:

http://it.slashdot.org/it/07/11/21/0315239.shtml [slashdot.org]

---

Photobucket's DNS records hijacked by Turkish hacking group:

http://www.zdnet.com/blog/security/title/1285 [zdnet.com]

---

Halvar figured out super-secret DNS vulnerability:

http://www.zdnet.com/blog/security/has-halvar-figured-out-super-secret-dns-vulnerability/1520 [zdnet.com]

---

BIND Still Susceptible To DNS Cache Poisoning:

http://tech.slashdot.org/tech/08/08/09/123222.shtml [slashdot.org]

---

DNS Poisoning Hits One of China's Biggest ISPs:

http://it.slashdot.org/it/08/08/21/2343250.shtml [slashdot.org]

---

SLASHDOT USERS EXPERIENCING SUCCESS USING HOSTS FILES QUOTED VERBATIM:

---

"Ever since I've installed a host file (http://www.mvps.org/winhelp2002/hosts.htm) to redirect advertisers to my loopback, I haven't had any malware, spyware, or adware issues. I first started using the host file 5 years ago." - by TestedDoughnut (1324447) on Monday December 13, @12:18AM (#34532122)

"I also use the MVPS ad blocking hosts file." - by Rick17JJ (744063) on Wednesday January 19, @03:04PM (#34931482)

"I use ad-Block and a hostfile" - by Ol Olsoc (1175323) on Tuesday March 01, @10:11AM (#35346902)

"^^ One of the many reasons why I like the user-friendliness of the /etc/hosts file." - by lennier1 (264730) on Saturday March 05, @09:26PM (#35393448)

"I use a custom /etc/hosts to block ads... my file gets parsed basically instantly ... So basically, for any modern computer, it has zero visible impact. And even if it took, say, a second to parse, that would be more than offset by the MANY seconds saved by not downloading and rendering ads. I have noticed NO ill effects from running a custom /etc/hosts file for the last several years. And as a matter of fact I DO run http servers on my computers and I've never had an /etc/hosts-related problem... it FUCKING WORKS and makes my life better overall." - by sootman (158191) on Monday July 13 2009, @11:47AM (#28677363) Homepage Journal

"I do use Hosts, for a couple fake domains I use." - by icebraining (1313345) on Saturday December 11, @09:34AM (#34523012) Homepage

"They've been on my HOSTS block for years" - by ScottCooperDotNet (929575) on Thursday August 05 2010, @01:52AM (#33147212)

"Better than an ad blocker, imo. Hosts file entries: http://www.mvps.org/winhelp2002/hosts.htm [mvps.org] [mvps.org]" - by TempestRose (1187397) on Tuesday March 15, @12:53PM (#35493274)

"I'm currently only using my hosts file to block pheedo ads from showing up in my RSS feeds and causing them to take forever to load. Regardless of its original intent, it's still a valid tool, when used judiciously." - by Bill Dog (726542) on Monday April 25, @02:16AM (#35927050) Homepage Journal

"put in your /etc/hosts:" - by Anonymous Coward on Friday December 03, @09:17AM (#34429688)

---

Then, there is also the words of respected security expert, Mr. Oliver Day, from SECUNIA.COM to "top that all off" as well:

A RETURN TO THE KILLFILE:

http://www.securityfocus.com/columnists/491 [securityfocus.com]

Some "PERTINENT QUOTES/EXCERPTS" to back up my points with (for starters):

---

"The host file on my day-to-day laptop is now over 16,000 lines long. Accessing the Internet -- particularly browsing the Web -- is actually faster now."

Speed, and security, is the gain... others like Mr. Day note it as well!

---

"From what I have seen in my research, major efforts to share lists of unwanted hosts began gaining serious momentum earlier this decade. The most popular appear to have started as a means to block advertising and as a way to avoid being tracked by sites that use cookies to gather data on the user across Web properties. More recently, projects like Spybot Search and Destroy offer lists of known malicious servers to add a layer of defense against trojans and other forms of malware."

Per my points exactly, no less... & guess who was posting about HOSTS files a 14++ yrs. or more back & Mr. Day was reading & now using? Yours truly (& this is one of the later ones, from 2001 http://www.furtherleft.net/computer.htm [furtherleft.net] (but the example HOSTS file with my initials in it is FAR older, circa 1998 or so) or thereabouts, and referred to later by a pal of mine who moderates NTCompatible.com (where I posted on HOSTS for YEARS (1997 onwards)) -> http://www.ntcompatible.com/thread28597-1.html [ntcompatible.com] !

---

"Shared host files could be beneficial for other groups as well. Human rights groups have sought after block resistant technologies for quite some time. The GoDaddy debacle with NMap creator Fyodor (corrected) showed a particularly vicious blocking mechanism using DNS registrars. Once a registrar pulls a website from its records, the world ceases to have an effective way to find it. Shared host files could provide a DNS-proof method of reaching sites, not to mention removing an additional vector of detection if anyone were trying to monitor the use of subversive sites. One of the known weaknesses of the Tor system, for example, is direct DNS requests by applications not configured to route such requests through Tor's network."

There you go: AND, it also works vs. the "KAMINSKY DNS FLAW" & DNS poisoning/redirect attacks, for redirectable weaknesses in DNS servers (non DNSSEC type, & set into recursive mode especially) and also in the TOR system as well (that lends itself to anonymous proxy usage weaknesses I noted above also) and, you'll get to sites you want to, even IF a DNS registrar drops said websites from its tables as shown here Beating Censorship By Routing Around DNS -> http://yro.slashdot.org/story/10/12/09/1840246/Beating-Censorship-By-Routing-Around-DNS [slashdot.org] & even DNSBL also (DNS Block Lists) -> http://en.wikipedia.org/wiki/DNSBL [wikipedia.org] as well - DOUBLE-BONUS!

APK

P.S.=> SOME MINOR "CAVEATS/CATCH-22's" - things to be aware of for "layered security" + HOSTS file performance - easily overcome, or not a problem at all:

A.) HOSTS files don't function under PROXY SERVERS (except for Proximitron, which has a filter that allows it) - Which is *the "WHY"* of why I state in my "P.S." section below to use both AdBlock type browser addon methods (or even built-in block lists browsers have such as Opera's URLFILTER.INI file, & FireFox has such as list as does IE also) in combination with HOSTS, for the best in "layered security" (alongside .pac files + custom cascading style sheets that can filter off various tags such as scripts or ads etc.) - but proxies, especially "HIGHLY ANONYMOUS" types, generally slow you down to a CRAWL online (& personally, I cannot see using proxies "for the good" typically - as they allow "truly anonymous posting" & have bugs (such as TOR has been shown to have & be "bypassable/traceable" via its "onion routing" methods)).

B.) HOSTS files do NOT protect you vs. javascript (this only holds true IF you don't already have a bad site blocked out in your HOSTS file though, & the list of sites where you can obtain such lists to add to your HOSTS are above (& updated daily in many of them)).

C.) HOSTS files (relatively "largish ones") require you to turn off Windows' native "DNS local client cache service" (which has a problem in that it's designed with a non-redimensionable/resizeable list, array, or queue (DNS data loads into a C/C++ structure actually/afaik, which IS a form of array)) - mvps.org covers that in detail and how to easily do this in Windows (this is NOT a problem in Linux, & it's 1 thing I will give Linux over Windows, hands-down). Relatively "smallish" HOSTS files don't have this problem (mvps.org offers 2 types for this).

D.) HOSTS files, once read/loaded, once GET CACHED, for speed of access/re-access (@ system startup in older MS OS' like 2000, or, upon a users' 1st request that's "Webbound" via say, a webbrowser) gets read into either the DNS local caching client service (noted above), OR, if that's turned off? Into your local diskcache (like ANY file is), so it reads F A S T upon re-reads/subsequent reads (until it's changed in %WinDir%\system32\drivers\etc on Windows, which marks it "Dirty" & then it gets re-read + reloaded into the local diskcache again). This may cause a SMALL lag upon reload though, depending on the size of your HOSTS file.

E.) HOSTS files don't protect vs. BGP exploits - Sorry, once it's out of your hands/machine + past any interior network + routers you have, the packets you send are out there into the ISP/BSP's hands - they're "the Agents" holding all the keys to the doorways at that point (hosts are just a forcefield-filter (for lack of a better description) armor on what can come in mostly, & a bit of what can go out too (per point 18 above on "locking in malware")). Hosts work as a "I can't get burned if I can't go into the kitchen" protection, for you: Not your ISP/BSP. It doesn't extend to them

F.) HOSTS files don't protect vs. IP addressed adbanners (rare) &/or IP address utilizing malwares (rare too, most used domain/host names because they're "RECYCLABLE/REUSEABLE"), so here, you must couple HOSTS files w/ firewall rules tables (either in software firewalls OR router firewall rules table lists)... apk

Re:DNS problems, & you can filter via HOSTS fi (0)

Anonymous Coward | more than 3 years ago | (#36252790)

Great... it's the HOSTS file spamming nutcase again.

Ah, yes: The TRUE anonymous "coward" troll! (0, Flamebait)

Anonymous Coward | more than 3 years ago | (#36252924)

Is the "best you've got" an ad hominem attack, in poorly attempting to attack MYSELF, rather than the 20++ points I listed with backing facts behind them?

* Apparently so...

Fact is?? You're the one with "delusions of grandeur" thinking you're the "/. 'SiDeWaLk-PsYcHoAnALySt" around here (see my p.s. below in regards to that much especially).

APK

P.S.=> That said? Do you have:

---

1.) A PHD in Psychiatry to your name/credit?

2.) A license to practice it professionally??

3.) Years-to-Decades of professional experience in the field of psychiatry???

4.) A formal examination of myself in a professional environs to make your "instant snap prognosis" of my alleged mental state according to you, the "/. SiDeWaLk PsYcHo-AnALySt"????

---

No to ALL/EACH of the above????? Well, then no small wonder WHY you troll me anonymously - you're LIBELLING me!

Well, that "all said & aside" - LMAO @ U, troll!

... apk

Re:Ah, yes: The TRUE anonymous "coward" troll! (1)

drinkypoo (153816) | more than 3 years ago | (#36252958)

You ARE a spamming nutbag, although you're right about hosts files. However, your link to go get a good hosts file is 503. Don't you check the links in your spam?

There's MANY valid sources you can use (-1)

Anonymous Coward | more than 3 years ago | (#36253262)

http://www.malwaredomains.com/ [malwaredomains.com]

https://zeustracker.abuse.ch/monitor.php?filter=online [abuse.ch]

https://spyeyetracker.abuse.ch/monitor.php [abuse.ch]

http://hosts-file.net/?s=Download [hosts-file.net]

http://www.malware.com.br/lists.shtml [malware.com.br]

http://www.malwareurl.com/ [malwareurl.com]

http://someonewhocares.org/hosts/ [someonewhocares.org]

http://www.mvps.org/winhelp2002/hosts.htm [mvps.org]

http://hostsfile.org/hosts.html [hostsfile.org]

http://hostsfile.mine.nu/downloads/ [hostsfile.mine.nu]

http://ddanchev.blogspot.com/ [blogspot.com]

http://www.stopbadware.org/ [stopbadware.org]

http://blocklistpro.com/download-center/view-details/blocklist-pro-blocklists-mirror/1632-hosts.zip.html [blocklistpro.com]

Spybot "Search & Destroy" IMMUNIZE feature (fortifies HOSTS files with KNOWN
bad servers blocked)

http://www.safer-networking.org/en/download/index.html [safer-networking.org]

---

"You ARE a spamming nutbag" - by drinkypoo (153816) on Thursday May 26, @01:21PM (#36252958) Homepage

Oh, really? Do you have your:

---

1.) A PHD in Psychiatry to your name/credit?

2.) A license to practice it professionally??

3.) Years-to-Decades of professional experience in the field of psychiatry???

4.) A formal examination of myself in a professional environs to make your "instant snap prognosis" of my alleged mental state according to you, the "/. SiDeWaLk PsYcHo-AnALySt"????

---

No to ALL/EACH of the above????? So much for THAT "ad hominem" effete attempt on your part directed MY way then, eh??????

I.E.-> You personally just don't have the credentials to make your assessments in calling me a nutbag, period. In fact, you're libelling me in doing so... don't you KNOW that?????? There's LAWS against it you fool!

Instead - Why don't you attempt to attack the 20 points in favor of HOSTS files I put out??????

---

Oh, that's right - YOU ALSO SAID THIS:

"although you're right about hosts files" - by drinkypoo (153816) on Thursday May 26, @01:21PM (#36252958) Homepage

That's right I am RIGHT... always am!

APK

P.S.=> Take your pick... I just happen to consolidate them ALL, into 1 file here (via a PyThon script engine that does so every 15 minutes, removing duplicates/normalizing it, and alphabetically sorting them also, & changing the larger + slower 127.0.0.1 loopback address (slower due to loopback ops) to the faster & smaller + most compatible 0.0.0.0 blackhole address instead)... apk

Re:There's MANY valid sources you can use (1)

drinkypoo (153816) | more than 3 years ago | (#36253548)

"You ARE a spamming nutbag" - by drinkypoo (153816) on Thursday May 26, @01:21PM (#36252958) Homepage

Oh, really? Do you have your:

I'll play for a second, because I have time; none of your professional accreditations impress me. I've known many people who have had similar and some of them impressed me and some didn't.

You have retreated into psuedo-anonymity, but still sign your comments to feed your ego. You can see that the community does not want to see what you have to say but persist anyway; your theatrical text culminating in "That's right I am RIGHT... always am!" underscores your self-importance. If the community is uninterested enough in what you have to say to score you down consistently such that you must post as an AC to express your message, then perhaps you are simply sharing sociopathy with the rest of us? In my experience, the lunatics are on both sides of the straitjackets. What is the current phase of your moon?

Get back 2 us when U have a PHD in Psych (-1)

Anonymous Coward | more than 3 years ago | (#36253776)

And, above ALL ELSE FROM YOU? Thank you for this ADMISSION of my being correct on HOSTS files from you, a direct quote:

"although you're right about hosts files" - by drinkypoo (153816) on Thursday May 26, @01:21PM (#36252958) Homepage

So, that said (& I didn't do the SAYING, you did)? Well... lol, so much for your attempts @ "adhominem attacks" on myself, rather than the 20 points I put out in favor of HOSTS files, eh??

As to the rest of your adhominem effete attack attempts, especially minus professional psychiatric credentials on your part?

New NEWS/NewsFlash:

NOBODY respects those... they are ILLOGICAL!

APK

P.S.=> Nothing like letting a troll defeat himself with his OWN words, nothing... lol!

"You can see that the community does not want to see what you have to say but persist anyway" - by drinkypoo (153816) on Thursday May 26, @01:59PM (#36253548) Homepage

Speaking for "EVERYONE", now? Please... talk about giving one's self "self-importance"! Who elected YOU the "spokesperson of /.", hmmm?? Nobody!

(So much for that, lol!)

---

"If the community is uninterested enough in what you have to say to score you down consistently such that you must post as an AC to express your message, then perhaps you are simply sharing sociopathy with the rest of us?

Here's a "little tidbit" on how "interested & threatened parties" ATTEMPT to handle people like me, in regards to what YOU SAID, vs. what this respected Open SORES person said:

"It just takes one Ubuntu sympathizer or PR flack to minus-moderate any comment. Unfortunately, once PR agencies and so on started paying people to moderate online communities, and to have hundreds of accounts each, things changed." - by Bruce Perens (3872) on Friday July 30, @03:55PM (#33089192) Homepage Journal

SOURCE -> http://linux.slashdot.org/comments.pl?sid=1738364&cid=33089192 [slashdot.org]

... apk

Re:Get back 2 us when U have a PHD in Psych (2)

drinkypoo (153816) | more than 3 years ago | (#36254072)

Between your writing style, unwillingness to log in and be moderated, and your insistence on ignoring what was actually said for what you want to read, you have made yourself the Slashdot equivalent of a street person on the corner jumping up and down, foaming at the mouth, and screaming that The End is Nigh with one hand down your pants and the other flailing incoherently at arm's length at all times.

If you don't see that your persistence in the face of this situation makes you a nut, you're utterly hopeless.

Are you the "expert" on how to post on forums? (-1)

Anonymous Coward | more than 3 years ago | (#36254272)

No, you are not. What you are, lol, however, is a HUGE FAIL in disproving my points on HOSTS files & an illogical adhominem attack utilzing fool... period!

In fact, lmao, you EVEN SAID I AM RIGHT ON MY POINTS in favor of HOSTS files over DNS servers problems &/or AdBlock alone!

Again - To wit/e.g.:

"although you're right about hosts files" - by drinkypoo (153816) on Thursday May 26, @01:21PM (#36252958) Homepage

Thank you!

(I think that last part, quoted directly from YOU, & you said it after all? Says it ALL!)

Now - IF you think that the stupid discriminatory "10 posts per 24 hour period" placed on MOST AC posters affects me? It doesn't... I circumvent it, with ease... so you're NOT going to 'get the last word on me', especially your off topic adhominem illogical & libellous attacks you use.

APK

P.S.=> Face it: You don't have the intelligence to "get the best of me" in any form of debate, AND, you certainly don't attempt to disprove my points on HOSTS files because you ADMIT I AM CORRECT ON THEM!

"If you don't see that your persistence in the face of this situation makes you a nut, you're utterly hopeless." - by drinkypoo (153816) on Thursday May 26, @02:37PM (#36254072) Homepage

First of all? Your adhominem illogical attempts @ attacking ME, vs. disproving my points on HOSTS files are OFF TOPIC!

Secondly?? Keep repeating your same ILLOGICAL off topic trolling attempts, & then call me 'crazy' again, lol...

After all: Some people call repeating the same mistakes over & over again + expecting diff. results, insanity (and your usage of adhominem attacks are exactly that, illogical & invalid)... apk

Re:Are you the "expert" on how to post on forums? (2)

RobertM1968 (951074) | more than 3 years ago | (#36254498)

Nah, you're just an idiot trying to look like you know something. Sadly, glomming together bits and pieces of things you've heard here and there into walls of text - the SAME walls of text you repeat verbatim every chance you get... does not make you look smart. It makes you look like a total moronic idiot. Just figured you should know that before you repeat this nonsense the next time DNS, security, malware or whatever else comes up and you get the idea to repost the same wall-o-text post as the last few times.

But at least you were smart enough to not log in so as not to damage your karma.

Yet MORE effete adhominem attacks? Please... (-1)

Anonymous Coward | more than 3 years ago | (#36254706)

Off topic illogical adhominem attacks don't make YOU "look smart" @ all... period!

Is THAT the "best you've got" boy?? Apparently so! Instead, why not attempt to disprove the points I make here:

http://yro.slashdot.org/comments.pl?sid=2188228&cid=36252736 [slashdot.org]

You run from them - Perhaps because you can't? LOL, we KNOW you can't!

They are MY points by the by...

Fact is & my init. post has proof of it??

I've been pointing them out since 1997 in fact, & my init. post even evidences it for me with verifiable facts you can see online from security guides & posts I have done in the past from that far back in fact!

---

Now, in regards to your WEAK/EFFETE adhominem attacks on my intelligence?

Well, you evading disproving my 20 points in the URL above seems to show YOU are the weak one here... lol!

Secondly: The day you have done more than I have in this art & science of computing, + before I did per this list below (very partial, only some of my favs):

"My Name is Ozymandias: King of Kings - Look upon my works, ye mighty, & DESPAIR..."

----

Windows NT Magazine (now Windows IT Pro) April 1997 "BACK OFFICE PERFORMANCE" issue, page 61

(&, for work done for EEC Systems/SuperSpeed.com on PAID CONTRACT (writing portions of their SuperCache program increasing its performance by up to 40% via my work) albeit, for their SuperDisk & HOW TO APPLY IT, took them to a finalist position @ MS Tech Ed, two years in a row 2000-2002, in its HARDEST CATEGORY: SQLServer Performance Enhancement).

WINDOWS MAGAZINE, 1997, "Top Freeware & Shareware of the Year" issue page 210, #1/first entry in fact (my work is there)

PC-WELT FEB 1998 - page 84, again, my work is featured there

WINDOWS MAGAZINE, WINTER 1998 - page 92, insert section, MUST HAVE WARES, my work is again, there

PC-WELT FEB 1999 - page 83, again, my work is featured there

CHIP Magazine 7/99 - page 100, my work is there

GERMAN PC BOOK, Data Becker publisher "PC Aufrusten und Repairen" 2000, where my work is contained in it

HOT SHAREWARE Numero 46 issue, pg. 54 (PC ware mag from Spain), 2001 my work is there, first one featured, yet again!

Also, a British PC Mag in 2002 for many utilities I wrote, saw it @ BORDERS BOOKS but didn't buy it... by that point, I had moved onto other areas in this field besides coding only...

Being paid for an article that made me money over @ PCPitstop in 2008 for writing up a guide that has people showing NO VIRUSES/SPYWARES & other screwups, via following its point, such as THRONKA sees here -> http://www.xtremepccentral.com/forums/showthread.php?s=ee926d913b81bf6d63c3c7372fd2a24c&t=28430&page=3 [xtremepccentral.com]

It's also been myself helping out the folks at the UltraDefrag64 project (a 64-bit defragger for Windows), in showing them code for how to do Process Priority Control @ the GUI usermode/ring 3/rpl 3 level in their program (good one too), & being credited for it by their lead dev & his team... see here -> http://ultradefrag.sourceforge.net/handbook/Credits.html [sourceforge.net] or here http://sourceforge.net/tracker/?func=detail&aid=2993462&group_id=199532&atid=969873 [sourceforge.net]

AND lastly: http://g-off.net/software/a-python-repeatable-threadingtimer-class [g-off.net] [g-off.net] where I got other programmer's work WORKING RIGHT (in PyThon no less, which I just started learning only 2 week ago no less) by showing them how to use a "Dummy Proxy Function" as I call it, to make a RepeatTimer class (Thread sub-class really) to take PARAMETERIZED FUNCTIONS, ala:

def apkthreadlaunch():
                                      getnortonsafeweb(sAPKFileName = "APK_1_NortonSafeWeb360Extracted.txt".rstrip())

a = RepeatTimer(900, apkthreadlaunch) # 900 is 15 minutes... apk

Where it was NOT working for many folks there, before (submitted to the maker of the RepeatTimer class no less, & yes, it WORKS!)

----

What do I have to say about that much above? I can't say it any better, than this was stated already (from the greatest book of all time, the "tech manual for life" imo):

"But by the grace of God I am what I am: and his grace which was bestowed upon me was not in vain; but I labored more abundantly than they all: yet not I, but the grace of God which was with me." - Corinthians Chapter 10, Verse 10

(And, because I got LUCKY to have been exposed to some really GREAT classmates, professors, & colleagues on the job over time as well)

---

Ahem, in closing:

That is the day you can speak to me as you have (& that day, from the "trolling off topic likes of YOU"? Is the "12th of never", & you KNOW it!)

APK

P.S.=> I don't log in, I don't keep an account here... I am NOT restricted by the unjust "10 posts per 24 hr." limit on AC's either (guess my beating that makes me "dumb", eh? Not really - it allows me to keep up with you "registered LUSERS" here, easily in fact!)... apk

Re:Yet MORE effete adhominem attacks? Please... (1)

Anonymous Coward | more than 3 years ago | (#36255086)

My goodness. We aren't trying to attack your comments on HOSTS files. We really don't care that much and most of us agree with your points. What we are trying to do is get you to shut up and go away because you, personally, are annoying.

You're clearly OFF TOPIC then... apk (0)

Anonymous Coward | more than 3 years ago | (#36255360)

And, that's valid grounds for down moderation, now isn't it? As far as THIS from you? LMAO:

"We aren't trying to attack your comments on HOSTS files." - by Anonymous Coward on Thursday May 26, @03:56PM (#36255086)

I know that, because YOU CAN'T - they are SOLID! Instead, you not only go "off topic" but also use illogical ad hominem attacks!

(Piss poor that, lol, along with down moderating my initial post on 20 points in favor of HOSTS files over DNS servers & their problems, + the shortcomings of AdBlock too! Talk about WEAK/EFFETE, lol!)

---

"We really don't care that much and most of us agree with your points." - by Anonymous Coward on Thursday May 26, @03:56PM (#36255086)

Then why attack ME personally, adhominem illogical off topic style?

You're only annoyed because I make utter fools of you all in every post you make, off topic & ad hominem illogical loaded as your replies are.

You're obviously NOT very intelligent & keep repeating the SAME mistake over & over again (some define THAT as insane you know)... expecting diff. results on your end, only to FAIL even more.

APK

P.S.=> Troll, you FAIL, and you KNOW it... lol, & this, as per my usual?? Well, gotta say it again, for "posterities' sake":

It was just "too, Too, TOO EASY - just '2EZ'"!

... apk

Re:You're clearly OFF TOPIC then... apk (1)

drinkypoo (153816) | more than 3 years ago | (#36255676)

And, that's valid grounds for down moderation, now isn't it?

YES. Yes, it is. The purpose of the moderation system, flawed though it is in many ways, is to produce comments that people want to read.

15 posts on HOSTS I did that were modded up (-1)

Anonymous Coward | more than 3 years ago | (#36254910)

15 posts of mine on HOSTS that have done well, drinkypoo, vs. your saying the community here doesn't like them, & consistently downmods them (quoted below from you):

---

HOSTS MOD UP -> http://yro.slashdot.org/comments.pl?sid=1907266&cid=34529608 [slashdot.org]

HOSTS MOD UP -> http://tech.slashdot.org/comments.pl?sid=1490078&cid=30555632 [slashdot.org]

HOSTS MOD UP -> http://it.slashdot.org/comments.pl?sid=1869638&cid=34237268 [slashdot.org]

HOSTS MOD UP -> http://tech.slashdot.org/comments.pl?sid=1461288&threshold=-1&commentsort=0&mode=thread&cid=30272074 [slashdot.org]

HOSTS MOD UP -> http://tech.slashdot.org/comments.pl?sid=1255487&cid=28197285 [slashdot.org]

HOSTS MOD UP -> http://tech.slashdot.org/comments.pl?sid=1206409&cid=27661983 [slashdot.org]

HOSTS MOD UP -> http://apple.slashdot.org/comments.pl?sid=1725068&cid=32960808 [slashdot.org]

HOSTS MOD UP -> http://it.slashdot.org/comments.pl?sid=1743902&cid=33147274 [slashdot.org]

HOSTS MOD UP -> http://news.slashdot.org/comments.pl?sid=1913212&cid=34576182 [slashdot.org]

HOSTS MOD UP -> http://it.slashdot.org/comments.pl?sid=1530066&cid=30965192 [slashdot.org]

HOSTS MOD UP with facebook known bad sites blocked -> http://tech.slashdot.org/comments.pl?sid=1924892&cid=34670128 [slashdot.org]

HOSTS FILE MOD UP FOR ANDROID MALWARE -> http://mobile.slashdot.org/comments.pl?sid=1930156&cid=34713952 [slashdot.org]

HOSTS FILE MOD UP vs ANDROID MALWARE -> http://mobile.slashdot.org/comments.pl?sid=1930156&cid=34713952 [slashdot.org]

HOSTS MOD UP ZEUSTRACKER -> http://it.slashdot.org/comments.pl?sid=2059420&cid=35654066 [slashdot.org]

HOSTS MOD UP vs AT&T BANDWIDTH CAP -> http://tech.slashdot.org/comments.pl?sid=2116504&cid=35985584 [slashdot.org]

---

"If the community is uninterested enough in what you have to say to score you down consistently" - by drinkypoo (153816) on Thursday May 26, @01:59PM (#36253548) Homepage

So, "chew on those" 15 posts above, drinkypoor! They shot your "mere opinion" right to where it belongs, the rubbish heap!

After all, lol: They disprove your further quoted b.s. right off the bat & with CONCRETE evidence that contradicts your statement quoted above, easily, vs. your mere b.s. & opinions!

("Drink in & digest them" drinkypoo (& take another drinky-poo boy, you need it - lol, especially after that, AND what's below from you too!))

APK

P.S.=> Especially after those evidences above vs. your b.s. AND your admissions of my being correct here:

"although you're right about hosts files" - by drinkypoo (153816) on Thursday May 26, @01:21PM (#36252958) Homepage

AND

""The guy raises a good point, through packet mangling you can reroute DNS queries with users none the wiser." - by drinkypoo (153816) on Thursday May 26, @01:33PM (#36253160) Homepage

Thank you...

( & I don't make just "1 good point", I made 20 of them in favor of HOSTS files over DNS servers &/or AdBlock alone (so good, that apparently, nobody here on /. can disprove them in fact, lol, & ALL THEY HAVE ARE OFF TOPIC ADHOMINEM ATTACKS ON MYSELF, & other illogically invalid off topic attacks! EASILY disproven ones with statements I can produce LOADS of contrary evidence to, such as you statement quoted above!))

This? As-per-my-usual?? It was just "too, Too, TOO EASY - just '2EZ'"... lol!

Thank you... you make me look GOOD!

... apk

Re:Ah, yes: The TRUE anonymous "coward" troll! (0)

Anonymous Coward | more than 3 years ago | (#36253936)

P.S.=> That said? Do you have:
1.) A PHD in Psychiatry to your name/credit?

Psychiatry requires an M.D., not a Ph. D.

Do you have either one? Apparently not, lol! (0)

Anonymous Coward | more than 3 years ago | (#36254056)

Do you have that M.D.?? Well???

(Hell no, and we ALL know it!)

APK

P.S.=> So much for the "pseudo-experts" on /., eh, what with their "wannabe sidewalk-shrink" tactics... lol! apk

Re:Ah, yes: The TRUE anonymous "coward" troll! (-1)

Anonymous Coward | more than 3 years ago | (#36254026)

I just wish you'd format your posts so they didn't deliberately waste so much vertical space. It's intrusive and any sane person would call it spam no matter how right you are. Oh, and if you really insist, give me some contact details and I'll send you a referral to a psychiatrist :P

Aha: Now, "writing style" troll attack attempts? (-1, Troll)

Anonymous Coward | more than 3 years ago | (#36254196)

Or take your ADHD meds or whatever it would require for you to understand and digest what's being said then, ok?

(So, see?? I can play "sidewalk-PsyChOAnaLySt" too... not that that makes me correct on it, anymore than you were trying to 'adhominem' attack me, instead of my 20 points in favor of HOSTS files usage over DNS Servers &/or AdBlock alone!)

Now, in regards to your "personal opinion" of how someone ought to post - are YOU the "expert on posting"? Do you speak for EVERYONE?? No on both counts!

---

"It's intrusive and any sane person would call it spam no matter how right you are." - by Anonymous Coward on Thursday May 26, @02:34PM (#36254026)

Ah... but RIGHT I AM, period, and others like drinkypoo here HAD to admit it...

Also - Can YOU actually PROVE that you are 'sane'?

I can only say 1 thing to you on that note:

Your repeating the same mistake over & over, in trying to "take me on", & FAILING HUGELY, especially via adhominem attacks rather than disproving my points on HOSTS files, with you always getting the SAME 'FAIL' results...?

Please... NOW, some would call THAT, insanity!

Now, in regards to your "personal opinion" of how someone ought to post - are YOU the "expert on posting"? Do you speak for EVERYONE?? No on both counts!

"It's intrusive and any sane person would call it spam no matter how right you are." - by Anonymous Coward on Thursday May 26, @02:34PM (#36254026)

In closing? Ah... but RIGHT I AM, period, and others like drinkypoo here HAD to admit it...

Also - Can YOU actually PROVE that you are 'sane'?

I can only say 1 thing to you on that note:

Your repeating the same mistake over & over, in trying to "take me on", & FAILING HUGELY, especially via adhominem attacks rather than disproving my points on HOSTS files, with you always getting the SAME 'FAIL' results...?

Please... NOW, some would call THAT, insanity!

---

Especially after THIS quote from you, doubtless in yourself being the "voice of experience" having to be psychoanalyzed:

"Oh, and if you really insist, give me some contact details and I'll send you a referral to a psychiatrist :P - by Anonymous Coward on Thursday May 26, @02:34PM (#36254026)

No thanks... I don't give my contact info. to obviously "touched in the head" people... after all: You keep trying to "attack me" via adhominem means, off topic trolling & all, AND FAILING... proof enough of your trying the same thing over & over expecting diff. results (some define that as insanity).

APK

P.S.=> The lack of anyone disproving each of my 20 points in favor of HOSTS files over DNS Servers & their problems + AdBlock alone, says it all for me... thanks for making me look good, and RIGHT, once again, /. trolls!

... apk

Re:Aha: Now, "writing style" troll attack attempts (1)

Anonymous Coward | more than 3 years ago | (#36254304)

APK, you're awesome [ashentech.com]

More illogical off topic adhominem attacks? LOL! (-1)

Anonymous Coward | more than 3 years ago | (#36254588)

http://yro.slashdot.org/comments.pl?sid=2188228&cid=36252736 [slashdot.org]

Go for it... & good luck: You'll NEED it!

(Especially when "the best you have", lol, is attempts at attacking myself, rather than attacking & disproving each of my 20++ points above in favor of HOSTS files?? U FAIL, troll, & badly...)

Ah, yes, I just GOTTA say it (for posterities' sake @ the very least): This?

This was just "too, Too, TOO EASY - just '2EZ'", as-per-usual, vs. the off topic adhominem illogical attack utilizing trolls of /.!

Fact is - it appears the best you have is off topic illogical ad hominem attacks & effete technically unjustified mod downs, and that's it... make me laugh more doing that!

APK

P.S.=> Thanks for the compliment: By the way? Bit of sarcasm here - On your compliment?

Well, yes... I know... it's NOT easy being "world-class"... lol! apk

Protecting Nutcases (1)

Anonymous Coward | more than 3 years ago | (#36252926)

>Great... it's the HOSTS file spamming nutcase again.

I would say we should block him, but if he's using a HOSTS file, DNS Censorship won't work.

We need a different solution. Content-based censorship, maybe? That would work. More intrusive though.

*sigh* why does protecting liberties always mean protecting nutcases?

See URL inside, "rinse, lather, & repeat" (-1)

Anonymous Coward | more than 3 years ago | (#36253052)

http://yro.slashdot.org/comments.pl?sid=2188228&cid=36252924 [slashdot.org]

APK

P.S.=> Apparently, my list of 20++ points, backed by solid facts which are verifiable from valid reputable sources are "too much" for the trolls around /. to disprove on technical grounds, as per usual!

So, they have to TRY to resort to the "std. troll trick"/disinformation protocol tactics they use (old stale crap, always saying others are "crazy" etc./et al)!

It's hilarious... mainly of these TRUE AC cowards thinking they're "The /. SiDeWaLk-PsYcHoAnALySts" with their own "delusions of grandeur", & lmao, lacking PHD's in Psychiatry, licenses to practice or dispense their prognosis/diagnosis, or years to decades of professional practice in it, as well as a formal professionally administered examination of myself to determine my alleged mental state according to they (wannabe head shink quacks, lol)!

... apk

let's coin a new term (2)

rubycodez (864176) | more than 3 years ago | (#36252982)

a HOSTS-tard.

I'm curious how often the HOSTS-tard updates the hundreds of millions of entries in his gigabytes-large HOSTS file

Re:let's coin a new term (1)

mldi (1598123) | more than 3 years ago | (#36253128)

Actually, you could just use the ADB+ update files and schedule regular updates to your own HOSTS file. How do you think your browser plugin does it?

My HOSTS updates "automagically" every 15 min. (-1)

Anonymous Coward | more than 3 years ago | (#36253454)

Via a PyThon script, that does the following:

---

1.) Removes duplicates/normalizing the HOSTS file

2.) Alphabetizes it

3.) Changes the larger & slower 127.0.0.1 loopback adapter std. address MOST hosts files use typically, opting for the smaller & FASTER read in (and with no loopback, pure "blackholing" only) 0.0.0.0 address!

4.) It also removes any # comments that bloat hosts, along with "trailing nulls or blanks" many have that additionally bloat the HOSTS file.

---

Once she's read up into the DNS client cache (must turn this off for large ones like mine, currently @ 1,017,970++ entries strong), OR, into the local DISKCACHE (since it's just a filtering file for the IP Stack)?

She's fast as nobody's business!

APK

P.S.=> That's how I do it, & all that, & from these reputable & reliable sources for HOSTS file data vs. adbanners &/or KNOWN bad sites/servers/hosts-domain names:

http://www.malwaredomains.com/ [malwaredomains.com]

https://zeustracker.abuse.ch/monitor.php?filter=online [abuse.ch]

https://spyeyetracker.abuse.ch/monitor.php [abuse.ch]

http://hosts-file.net/?s=Download [hosts-file.net]

http://www.malware.com.br/lists.shtml [malware.com.br]

http://www.malwareurl.com/ [malwareurl.com]

http://someonewhocares.org/hosts/ [someonewhocares.org]

http://www.mvps.org/winhelp2002/hosts.htm [mvps.org]

http://hostsfile.org/hosts.html [hostsfile.org]

http://hostsfile.mine.nu/downloads/ [hostsfile.mine.nu]

http://ddanchev.blogspot.com/ [blogspot.com]

http://www.stopbadware.org/ [stopbadware.org]

http://blocklistpro.com/download-center/view-details/blocklist-pro-blocklists-mirror/1632-hosts.zip.html [blocklistpro.com]

Spybot "Search & Destroy" IMMUNIZE feature (fortifies HOSTS files with KNOWN
bad servers blocked):

http://www.safer-networking.org/en/download/index.html [safer-networking.org]

& it works... even many slashdotters use them, by the by, & my list of 20++ points in favor of HOSTS files quotes their results as well (for some "peer evidences" from the likes of your fellow posters on this website in fact, in addition to myself).

... apk

Every 15 minutes (From 10 good sources) (-1)

Anonymous Coward | more than 3 years ago | (#36253158)

See this URL below, "rinse, lather, & repeat" until you can attacks its points, rather than myself ala "ad hominem" attack:

http://yro.slashdot.org/comments.pl?sid=2188228&cid=36252924 [slashdot.org]

* Drink that in, & digest it... because if the "best you've got" is an ad hominem attack of myself rather than my points & disproving them on a technical level? U FAIL!

LMAO @ U, troll... just "too, Too, TOO EASILY - just '2EZly'"...

APK

P.S.=> Apparently, my list of 20++ points, backed by solid facts which are verifiable from valid reputable sources are "too much" for the trolls around /. to disprove on technical grounds, as per usual!

So, they have to TRY to resort to the "std. troll trick"/disinformation protocol tactics they use (old stale crap, always saying others are "crazy" etc./et al)!

It's hilarious... mainly of these TRUE AC cowards thinking they're "The /. SiDeWaLk-PsYcHoAnALySts" with their own "delusions of grandeur", & lmao, lacking PHD's in Psychiatry, licenses to practice or dispense their prognosis/diagnosis, or years to decades of professional practice in it, as well as a formal professionally administered examination of myself to determine my alleged mental state according to they (wannabe head shink quacks, lol)!

... apk

Re:let's coin a new term (2)

drinkypoo (153816) | more than 3 years ago | (#36253160)

The guy raises a good point, through packet mangling you can reroute DNS queries with users none the wiser. Since most providers don't offer any encryption (let alone authentication) of DNS queries, this is a real problem. But you can trade fingerprinted hosts files... Is there a cryptographically secured open DNS service that is also trustworthy?

Norton filters vs. bad sites & again: THANKS! (-1)

Anonymous Coward | more than 3 years ago | (#36254472)

See above on Norton DNS: That I KNOW they do a DNSBL (DNS Block List) for, vs. KNOWN bad sites/servers/host-domain names out there & it's updated, like mine is, every few minutes, here:

http://safeweb.norton.com/buzz [norton.com]

That's about as 'sure' a protective measure from DNS as it gets and no doubt LEGITIMATELY blocked sites/servers/host-domain names that are bad (not just ones that say, the gov't. of a nation doesn't want you to see like China's firewall!)

However: As far as "cryptographically secure" (is there such a thing? I keep seeing encryption broken periodically, latest being IPhone encryption by the russians in fact yesterday):

DNSSEC isn't employed by Norton DNS, not afaik, but... the 13 root servers use it now, afaik (correct me IF I am off here, thanks). The rest of the servers worldwide utilize those... but, if set into recursive mode & unsecured as they usually are? They can be "bum rushed" with port 53 (iirc) misinformation for redirect poisoning!

(My original post has LOADS of evidences of that much over time the past 2-3 yrs. now in fact!)

APK

P.S.=> Oh, on my thanking you YET again, after you admitted I am right on my points on HOSTS files here:

"although you're right about hosts files" - by drinkypoo (153816) on Thursday May 26, @01:21PM (#36252958) Homepage

Well - Now, I am assuming that "I am the guy" you referred to in your reply I am now responding to!

(Perhaps incorrectly assuming that now on MY end here in this reply to you... but, I do also make that very point in my 20++ points in favor of HOSTS files, & it lightens loads on DNS servers too by lessening their request loads by using HOSTS & hardcoded entries in them for your fav. sites, in addition to proofing you vs. DNSBL or other forms of perhaps unjust filtering @ the DNS level too... bonus!) but...

"The guy raises a good point, through packet mangling you can reroute DNS queries with users none the wiser." - by drinkypoo (153816) on Thursday May 26, @01:33PM (#36253160) Homepage

Thank you... & I don't make just "1 good point", I made 20 of them in favor of HOSTS files over DNS servers &/or AdBlock alone (so good, that apparently, nobody here on /. can disprove them in fact, lol, & ALL THEY HAVE ARE OFF TOPIC ADHOMINEM ATTACKS ON MYSELF, & other illogically invalid off topic attacks!)

This? As-per-my-usual?? It was just "too, Too, TOO EASY - just '2EZ'"... lol!

...apk

Re:Norton filters vs. bad sites & again: THANK (1)

drinkypoo (153816) | more than 3 years ago | (#36255856)

See, I have no problem with your technical analysis, but with your presentation. I don't think you should be chased off of slashdot. I do think you should be regarded based on your behavior.

U know UR right if unjustified moddowns occur (0)

Anonymous Coward | more than 3 years ago | (#36255202)

Per the technically unjustified down moderation of the post I replied to here. No disproving my points in my initial posting, but instead stupidity. Effete stupidity!

I mean, lol: Between that and the ad hominem illogical off topic attacks that the true AC cowards and others like drinkypoo had to admit I was correct on?

Says it all!

APK

P.S.=> IF the best you have is a technically unjustified mod down boys, alongside illogical off topic adhominem attacks on myself? U FAIL, and you KNOW it... badly!

This? This was, as-per-my-usual, vs. the "idiot savant" wannabe "SiDeWaLk-PsyChOAnALySts" of /., just "too, Too, TOO EASY", just '2EZ'... lol! apk

Not on my servers!! (3, Interesting)

Eggplant62 (120514) | more than 3 years ago | (#36252768)

I guess it's time to get a read done of this nonsense and the see if I can't straighten my own elected officials out about how the tech works... *sigh*

Re:Not on my servers!! (-1)

Anonymous Coward | more than 3 years ago | (#36252916)

"Your" elected officials? You think election results still matter in that retarded banana republic you call Amerikkka? Obama ran on the "change and hope" platform, all you fuckers have got left now is the "hope" that he might actually "change" something.

I bet you're one of those bible-thumping lunatics who believes the world "hates you for your freedoms," you know, those freedoms you DON'T ACTUALLY FUCKING HAVE ANY MORE.

Re:Not on my servers!! (1)

hedwards (940851) | more than 3 years ago | (#36253834)

Sigh, this is probably the most pathetic troll post I've ever seen. Health Care Reform. Even without him doing another damned thing his entire term that alone would have put him way ahead of any President since Reagan.

Re:Not on my servers!! (1)

1s44c (552956) | more than 3 years ago | (#36253938)

I bet you're one of those bible-thumping lunatics who believes the world "hates you for your freedoms," you know, those freedoms you DON'T ACTUALLY FUCKING HAVE ANY MORE.

Or in some cases never had.. America can preach about freedom when it gets its prison population down to sane levels and when its cops stop electrocuting everyone who so much as looks at them funny.

Net Neutrality (2)

Kamiza Ikioi (893310) | more than 3 years ago | (#36253788)

Yeah, good luck. We went from Net Neutrality to this! With Net Neutrality they were saying, "Oh, leave it alone, it works fine. Don't force companies to not favor one site over another with premium QOS bandwidth." Now they're saying, "Stick it deep, as deep as possible, into the core of the Internet itself and control it all one record at a time!"

Where are the Libertarians railing against Net Neutrality when you need them to rail against this? If any of you are one, I hope you bring this comparison up LOUD and CLEAR to anti-net neutrality people who are now siding with DNS censoring that they are hypocrites. Either you mean it when you say you are hands off, or you don't.

Re:Net Neutrality (0)

Anonymous Coward | more than 3 years ago | (#36254692)

We're right here, same as we always have been. The only difference between us and you is that we don't really see a difference between the two laws.

Re:Net Neutrality (1)

DarkOx (621550) | more than 3 years ago | (#36255106)

I am anti-Net Neutrality ( because I am a libertarian and I don't think government should tell anyone how to run their IP network ). I am opposed to this because I don't think copyright infringement which is inherently a civil offense has any place in criminal code. I don't think the government has any place investigating civil matters between parties. If the *IAA has a problem with someone distributing materials owned by groups they represent, its up to them to discover it, its up to those groups to file a suit against that person, without any help from the FBI.

I am against this DNS crap because I don't government should be regulating anyones DNS. Is my position ideologically consistent enough for you? ICANN is a private company they should be free to publish any directory (thats what DNS is a directory ) they want. Its not a government asset they should have NO SAY, under the first amendment.

china 2. (0)

Anonymous Coward | more than 3 years ago | (#36252818)

great firewall of america?

distributed dns (1)

Anonymous Coward | more than 3 years ago | (#36252864)

It's time to move away from centralized DNS, we can't leave the internet in the hands of the government. We need a compatible distributed DNS system.

Re:distributed dns (1)

1s44c (552956) | more than 3 years ago | (#36253994)

It's time to move away from centralized DNS, we can't leave the internet in the hands of the government. We need a compatible distributed DNS system.

I don't see how to implement such a thing when the bad guys can attach thousands of servers to the network and abuse the hell out of it.

DNS though is a single point of failure attached to the internet and replacing it with something less abusable would be better.

I'll just use the ip address! (4, Insightful)

Anonymous Coward | more than 3 years ago | (#36252900)

Error 403: Forbidden
Please be aware that copyright infringement is illegal. A copyright enforcement specialist will be contacting you shortly to schedule your mandatory attendance to one of our copyright education seminars.

Re:I'll just use the ip address! (1)

Anonymous Coward | more than 3 years ago | (#36254344)

You forgot about the donation, erm. fee that would have to be made to the music/movie industry.

Campaign Contributions (2, Informative)

Microlith (54737) | more than 3 years ago | (#36252984)

They don't matter. They haven't paid the requisite Campaign Contribution necessary for their opinions to be considered.

Re:Campaign Contributions (0)

Anonymous Coward | more than 3 years ago | (#36253212)

Eh, you elected them. Go ahead and whine about how corrupt they are, you put them into power. You were the ones that said "I want these people running my government." If the most protesting about it you're going to do is to make some stupid joke on Slashdot then you got what you deserved as far as I'm concerned.

Re:Campaign Contributions (1)

1s44c (552956) | more than 3 years ago | (#36254046)

Eh, you elected them. Go ahead and whine about how corrupt they are, you put them into power. You were the ones that said "I want these people running my government." If the most protesting about it you're going to do is to make some stupid joke on Slashdot then you got what you deserved as far as I'm concerned.

Maybe these wicked guys are better than the alternative so the GP did the right thing voting them in?

Re:Campaign Contributions (1)

hairyfeet (841228) | more than 3 years ago | (#36254562)

Uhhh...just in case you ain't noticed, been hid under a rock or something, the current choices (hell for the last 30 years at least) have been, now choose wisely! A.-Corporate cock sucking rich douchebag in a blue suit, OR B.Corporate cock sucking rich douchebag in a slightly darker blue suit. Man, decisions decisions!

News Flash: when it costs on average something in the neighborhood of 100 MILLION dollars just to be a senator or congressman, and that is from one of the shitty flyover states? Well the odds you are gonna get a choice that isn't Corporate cock sucking rich douchebag in a blue suit is pretty much 0%. That is why no matter how bad things get they ALWAYS vote for the corporate interests, every time.

As for TFA anybody who think the corps won't get everything their hard stolen bribes can buy can think again. the lust for power and control has gotten to the point that they don't even pretend to give a fuck about We The People or the constitution or rule of law anymore. i mean can you imagine Nixon or LBJ having the brass balls to say they have the right to assassinate Americans anywhere, even on American soil without so much as a hearing [salon.com] and get away with it? But that's where getting your corporate pals in control of the media pays off. it lets you label whistleblowers as 'terrorists" and have a dozen talking heads talking about what an evil bastard they are before the end of the day.

I mean for fuck's sake they ruled that a single Goatse style troll can land you in prison since the feds are running their own "kiddie porn" honeypots that don't log referrers [cnet.com] and don't actually offer any CP! When you've got a system so corrupted where the rule of law is completely ignored time and time again any corp with a big bank acount can ram shit like this home. Just don't be surprised if you see Nancy Grace talking up how TPB and other P2P sites are nothing but a "home for pedos and pervs!" as they have just about beat the terrorist buzzword to death so they'll need a new bogeyman to sell this to the general pop.

Re:Campaign Contributions (2)

Curunir_wolf (588405) | more than 3 years ago | (#36253388)

They don't matter. They haven't paid the requisite Campaign Contribution necessary for their opinions to be considered.

I came here to say this. Saying these guys are "heavywieghts" in DNS doesn't matter one whit - how many senators they own, that's they only "weight" that's going to matter in this debate.

Who comes up with these titles for bills? (1)

fortfive (1582005) | more than 3 years ago | (#36253308)

And where can I apply?

DEFINITELY Read the article by Paul Vixie (2)

p4nther2004 (1171621) | more than 3 years ago | (#36253374)

Hilarous

This root key would have to be generated and signed in some kind of ceremony, maybe with people wearing viking hats and carrying swords and torches, and the resulting public validation key would have to be published on the web and managed according to RFC 5011 so that it can roll forward throughout all time. Videos from this ceremony would go up on YouTube.

http://www.circleid.com/posts/20110318_on_mandated_content_blocking_in_the_domain_name_system/ [circleid.com]

Thank goodness it's been blocked (4, Insightful)

dstarfire (134200) | more than 3 years ago | (#36253414)

Well, y'all can stop worrying now. It appears the Protect IP bill won't even be making it to the senate floor, thanks to Senator Ron Wyden (Ore). Check out the story over on Ars http://arstechnica.com/tech-policy/news/2011/05/sen-ron-wyden-to-place-a-hold-on-the-protect-ip-act.ars [arstechnica.com]

Senator Ron Wyden's statement (2)

Local ID10T (790134) | more than 3 years ago | (#36254256)

“In December of last year I placed a hold on similar legislation, commonly called COICA, because I felt the costs of the legislation far outweighed the benefits. After careful analysis of the Protect IP Act, or PIPA, I am compelled to draw the same conclusion. I understand and agree with the goal of the legislation, to protect intellectual property and combat commerce in counterfeit goods, but I am not willing to muzzle speech and stifle innovation and economic growth to achieve this objective. At the expense of legitimate commerce, PIPA’s prescription takes an overreaching approach to policing the Internet when a more balanced and targeted approach would be more effective. The collateral damage of this approach is speech, innovation and the very integrity of the Internet.

"The Internet represents the shipping lane of the 21st century. It is increasingly in America’s economic interest to ensure that the Internet is a viable means for American innovation, commerce, and the advancement of our ideals that empower people all around the world. By ceding control of the Internet to corporations through a private right of action, and to government agencies that do not sufficiently understand and value the Internet, PIPA represents a threat to our economic future and to our international objectives. Until the many issues that I and others have raised with this legislation are addressed, I will object to a unanimous consent request to proceed to the legislation."

Re:Senator Ron Wyden's statement (1)

Coren22 (1625475) | more than 3 years ago | (#36254532)

When you cut out all the political grandstanding in that quote, it kind of shocks me how well he understands the issue. Maybe the *IAAs forgot to pay him off last election season?

Re:Senator Ron Wyden's statement (3, Funny)

Ja'Achan (827610) | more than 3 years ago | (#36254574)

There's a senator in this world that understands it? DNF really is coming out O.o

Re:Senator Ron Wyden's statement (1)

codegen (103601) | more than 3 years ago | (#36255076)

A senator that understands.. Must be a sign of the rapture!!

just use /etc/hosts (1)

bl8n8r (649187) | more than 3 years ago | (#36253468)

Cool thing is, you can refer to everything on the internet with your own naming convention.

for foo in `seq 0 255`; do
   for bar in `seq 0 255`; do
      for bin in `seq 0 255`; do
         for baz in `seq 0 255`; do
            echo "$foo.$bar.$bin.$baz    www${RANDOM}";  >> /etc/hosts
          done
        done
     done
  done

Re:just use /etc/hosts (0)

nedlohs (1335013) | more than 3 years ago | (#36253564)

My IPv6 junk is on the internet you insensitive clod!

Re:just use /etc/hosts (1)

NatasRevol (731260) | more than 3 years ago | (#36253806)

Ewwww?

http://xkcd.com/305/ [xkcd.com]

Re:just use /etc/hosts (1)

cdrudge (68377) | more than 3 years ago | (#36254616)

Good idea...as long as you don't visit a shared server. Or a secure server. Or use a protocol where the real domain name is used as part of the communication.

PROTECT (1)

BillGod (639198) | more than 3 years ago | (#36253506)

P.R.O.T.E.C.T How much time and money is wasted on just coming up with an acronym like that?

Re:PROTECT (1)

hedwards (940851) | more than 3 years ago | (#36253868)

Actually, they're not that expensive. They buy in bulk saving lots of money.

Re:PROTECT (0)

Anonymous Coward | more than 3 years ago | (#36254488)

Need an acronym in a hurry? Not sure what words can be used to spell out C.O.O.L.?
Call us, the Freaking Acronym Guys.

Paid for by the Legislative Equal Services Bureau In A Neutral Setting.

Move offshore (0)

Anonymous Coward | more than 3 years ago | (#36253562)

How long before control of the Internet moves out of the US?

I can't see anyone else putting up with this, which means that root DNS servers or a competing technology will end up supporting the Internet from somewhere outside the US.

The US is well on it's way to becoming an environment hostile to business (and to it's own people). At least in Soviet Russia the people had the good sense to realize that they were being manipulated.

Re:Move offshore (1)

Coren22 (1625475) | more than 3 years ago | (#36254584)

How do you go about moving the root DNS servers for .com, .net, .org? As they are TLDs for the US, and for whatever reason, everyone uses them anyways, you will still have this issue. If you want to live by the rules for Russia, than use a .ru domain, and you won't have to be effected by the laws in the US.

HOSTS File Legal Questions (1)

Kamiza Ikioi (893310) | more than 3 years ago | (#36253648)

Does this mean that if I have a HOSTS file, I have to filter through it, too?

What if that HOSTS file is for an enterprise?

What if that HOSTS file is published on the Internet for others to use?

What about Ad-Blocking software that uses a system like HOSTS? If it is capable of blocking DNS, will it then be required to block censored hosts as well?

What about VPN? Which side of the connection is reponsible?

What about Cache? Will there be a mandate that all DNS cache's everywhere only last for X amount of hours?

Beyond the level of the ISP, this presents an unworkable situation if any of these start applying to individuals, publishers (can free speech protect the publication of a HOSTS file, if so, why does it not protect a DNS server?), small organizations. The problem isn't just that this is wrong, but it's completely unworkable. It requires a very intrusive and extensive hack of the entire system currently in place, affecting everything from the router to the PC to the cellphone... unless, of course, the government runs its own firewall/dns that everyone shares, just like China.

What a joke (0)

Anonymous Coward | more than 3 years ago | (#36253758)

What a joke PROTECT IP is. Going after DNS just like blaming cities because the traffic light system doesn't prevent speeding.

Good news for Canada and Mexico server farms (0)

Anonymous Coward | more than 3 years ago | (#36253894)

Oh cool, another US IT stimulation bill for Canada and Mexico.

Way to go...not! (1)

shawnhcorey (1315781) | more than 3 years ago | (#36254020)

Congratulations. The US Senate has just guaranteed that the DNS will fracture. Nice going guys and gals. :(

Re:Way to go...not! (1)

Coren22 (1625475) | more than 3 years ago | (#36254644)

What is the problem? The problem is that companies want to use Chinese laws but have a .com domain. .com is a US TLD, so it falls under the laws of the US. If you want to sell counterfeit products in China, or fake drugs in Canada, than get a TLD from one of those countries, than the US laws can't touch you. I don't agree with this law, but it isn't like it matters for any other country's TLD, just the US TLDs.

Re:Way to go...not! (1)

shawnhcorey (1315781) | more than 3 years ago | (#36255560)

The problem is that there are going to be two DNS. The official one maintained by the governments and the underground one maintained by those who believe in Freedom of Speech. There is nothing technically difficult in having many DNS. It has only been the convenience of having everything in one list that has prevented the breakup. But now, there is a reason for it to happen.

C'mon editors, put in some fillers... (0)

Anonymous Coward | more than 3 years ago | (#36254624)

You editors (in the not-slashot-world) would have checked the submitted link and have seen Vixie's blog post on circleid about this...
Why not include this into the soup so there is some meat and appeal?

Yeah, forgot, slashdot isn't about content or comment-quality anymore...

On Mandated Content Blocking in the Domain Name System [circleid.com] by Paul Vixie.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>