Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

CNET, IDC Find Rapid Increase In Behavioral Data Tracking

Soulskill posted more than 2 years ago | from the surprising-nobody-who-cares dept.

Privacy 88

retroworks writes "According to columnist Elinor Mills at CNET, efforts to track consumer browsing behavior are 'rising dramatically.' In an interview with Gordon McLeod, CEO of data mining company Krux.com, advertising targeted at browsing habits has increased fourfold since 2010. IDC, according to McLeod, projects the browser-search-term-targeted advertising industry to grow from 'zero to $5 billion in less than 5 years.' Will health insurance companies see us crawling for information on family illnesses? After reading the article, I went hunting for a download of 2008 program antiphormlite, and found nothing remaining at any download site (including CNET). Is there another 'cookie camouflage' alternative to polluting the cookie stream with false positives? Or are we left to 'do not track' pledges and trusting Tor redirectors?"

Sorry! There are no comments related to the filter you selected.

Ghostery? (3, Informative)

vlm (69642) | more than 2 years ago | (#40383533)

Ghostery?

I have not read the article but the summary sounds like a lot of effort to avoid directly naming the FF/Chrome extension called ghostery.

Re:Ghostery? (0)

Anonymous Coward | more than 2 years ago | (#40383731)

Ghostery?

I have not read the article but the summary sounds like a lot of effort to avoid directly naming the FF/Chrome extension called ghostery.

No it's not Ghostery and nothing like it. Maybe next time you should read the article before posting?

Re:Ghostery? (1)

vlm (69642) | more than 2 years ago | (#40385167)

Oh very well. I read it and its for utter noobs. Not exactly /. worthy material. Not bad for ladies home journal, or maybe cosmo or rolling stone, or something non-technical like wired, but not quite up to the level of /.. "What should consumers do if they don't want to be tracked this way?" is answered with something like its really nice to be tracked and you should lean back and enjoy it and you can't do anything about it but we like having meetings to discuss it, probably because of the catered food. Gee thanks, can I have 60 seconds of my life back since I didn't get much outta this?.

Well, I think I can do a little better than the article. Install adblock plus, make sure the optional ads are block in ABP. Install Ghostery, and in the wizard setup thingy make sure everything is getting blocked, especially "bug blocking". I have found bug blocking is all or nothing, if you block "all" then all new ones are also blocked, but if you unblock just one, then new ones will not be blocked. This is based on (years of?) experience not just theory. Tada, mostly done. I also use flashblock extension, because flash is used for nothing important, just overly polished completely content free marketing sites, cat videos on youtube (and you can whitelist yt if you want) but mostly flash is primarily used for spammy ads that I don't need or want to see. With the growth of ajax sites I no longer use noscript, although its not all that bad of an idea. In a riff off the original article I'd also love to attend endless privacy meetings, if no reason other than to eat the catered food.

Re:Ghostery? (1)

Anonymous Coward | more than 2 years ago | (#40385727)

You fail again in your understanding of the issue. The issue is that ISPs are hiring a company to do deep packet inspection to spy on a user's browsing habits. Adblock plus cannot help with this issue.

Maybe if you spent less time being snarky and actually tried to understand what you were reading you would actually appreciate the significance of the issue.

Just to be sure, I will provide you with a references:

The company's proposed advertising system, called Webwise, is a behavioral targeting service (similar to NebuAd) that uses deep packet inspection to examine traffic... and the ISP BT Group has been criticised for running secret trials of the service.

Also the fact that this service is not opt-in, is concerning. Seems to me like this is an issue that Slashdot people care about (except for you?).

References:
http://news.cnet.com/8301-1009_3-57456273-83/behavioral-data-tracking-rising-dramatically-q-a/ [cnet.com]
http://en.wikipedia.org/wiki/Phorm [wikipedia.org]

Re:Ghostery? (2)

arbulus (1095967) | more than 2 years ago | (#40386927)

"You fail again in your understanding of the issue. The issue is that ISPs are hiring a company to do deep packet inspection to spy on a user's browsing habits. Adblock plus cannot help with this issue."

This is the part that scares the hell out of me. I use a number of addons to stop websites from tracking me (Ghostery, AdBock, NoScript, RequestPolicy, etc.). But DPI is horrfying, and I don't understand why it's legal. The postal service isn't allowed to open our mail and read our letters. It's a felony for anyone to tamper with your mail at all. So why should ISPs be allowed to inspect our packets? It's no different.

This is why you need to use non-logging VPNs and TOR. Don't giver your ISP an opportunity to inspect your packets. Plus, for the love of FSM, DO NOT use your ISPs DNS servers, or your ISPs email.

Re:Ghostery? (1)

certain death (947081) | more than 2 years ago | (#40391533)

I wish I had mod points...you would get them all!!

This beats the HELL out of any browser addon (3, Informative)

Anonymous Coward | more than 2 years ago | (#40383743)

Mainly in efficiency - it runs in Ring 0/RPL 0/PnP Kernelmode (on Windows), as merely a filter for the IP stack (no overheads of more driver layers OR browser level slower less efficient addons):

21++ ADVANTAGES OF CUSTOM HOSTS FILES (how/what/when/where/why):

Over AdBlock & DNS Servers ALONE 4 Security, Speed, Reliability, & Anonymity (to an extent vs. DNSBL's + DNS request logs).

1.) HOSTS files are useable for all these purposes because they are present on all Operating Systems that have a BSD based IP stack (even ANDROID) and do adblocking for ANY webbrowser, email program, etc. (any webbound program). A truly "multi-platform" UNIVERSAL solution for added speed, security, reliability, & even anonymity to an extent (vs. DNS request logs + DNSBL's you feel are unjust hosts get you past/around).

2.) Adblock blocks ads? Well, not anymore & certainly not as well by default, apparently, lol - see below:

Adblock Plus To Offer 'Acceptable Ads' Option

http://news.slashdot.org/story/11/12/12/2213233/adblock-plus-to-offer-acceptable-ads-option [slashdot.org] )

AND, in only browsers & their subprogram families (ala email like Thunderbird for FireFox/Mozilla products (use same gecko & xulrunner engines)), but not all, or, all independent email clients, like Outlook, Outlook Express, OR Window "LIVE" mail (for example(s)) - there's many more like EUDORA & others I've used over time that AdBlock just DOES NOT COVER... period.

Disclaimer: Opera now also has an AdBlock addon (now that Opera has addons above widgets), but I am not certain the same people make it as they do for FF or Chrome etc..

3.) Adblock doesn't protect email programs external to FF (non-mozilla/gecko engine based) family based wares, So AdBlock doesn't protect email programs like Outlook, Outlook Express, Windows "LIVE" mail & others like them (EUDORA etc./et al), Hosts files do. THIS IS GOOD VS. SPAM MAIL or MAILS THAT BEAR MALICIOUS SCRIPT, or, THAT POINT TO MALICIOUS SCRIPT VIA URLS etc.

4.) Adblock won't get you to your favorite sites if a DNS server goes down or is DNS-poisoned, hosts will (this leads to points 5-7 next below).

5.) Adblock doesn't allow you to hardcode in your favorite websites into it so you don't make DNS server calls and so you can avoid tracking by DNS request logs, OR make you reach them faster since you resolve host-domain names LOCALLY w/ hosts out of cached memory, hosts do ALL of those things (DNS servers are also being abused by the Chinese lately and by the Kaminsky flaw -> http://www.networkworld.com/news/2008/082908-kaminsky-flaw-prompts-dns-server.html [networkworld.com] for years now). Hosts protect against those problems via hardcodes of your fav sites (you should verify against the TLD that does nothing but cache IPAddress-to-domainname/hostname resolutions (in-addr.arpa) via NSLOOKUP, PINGS (ping -a in Windows), &/or WHOIS though, regularly, so you have the correct IP & it's current)).

* NOW - Some folks MAY think that putting an IP address alone into your browser's address bar will be enough, so why bother with HOSTS, right? WRONG - Putting IP address in your browser won't always work IS WHY. Some IP adresses host several domains & need the site name to give you the right page you're after is why. So for some sites only the HOSTS file option will work!

6.) Hosts files don't eat up CPU cycles (or ELECTRICITY) like AdBlock does while it parses a webpages' content, nor as much as a DNS server does while it runs. HOSTS file are merely a FILTER for the kernel mode/PnP TCP/IP subsystem, which runs FAR FASTER & MORE EFFICIENTLY than any ring 3/rpl3/usermode app can since hosts files run in MORE EFFICIENT & FASTER Ring 0/RPL 0/Kernelmode operations acting merely as a filter for the IP stack (via the "Plug-N-Play" designed IP stack in Windows) vs. SLOWER & LESS EFFICIENT Ring 3/RPL 3/Usermode operations (which webbrowsers run in + their addons like AdBlock slow down even MORESO due to their parsing operations).

7.) HOSTS files will allow you to get to sites you like, via hardcoding your favs into a HOSTS file, FAR faster than remote DNS servers can by FAR (by saving the roundtrip inquiry time to a DNS server, typically 30-100's of ms, vs. 7-10ms HardDisk speed of access/seek + SSD seek in ns, & back to you - hosts resolutions of IP address for host-domain names is FAR faster...). Hosts are only a filter for an already fast & efficient IP stack, no more layered b.s. (remote OR local). Hosts eat less CPU, RAM, I/O in other forms, + electricity than a locally running DNS server easily, and less than a local DNS program on a single PC. Fact. Hosts are easier to setup & maintain too.

8.) AdBlock doesn't let you block out known bad sites or servers that are known to be maliciously scripted, hosts can and many reputable lists for this exist:

GOOD INFORMATION ON MALWARE BEHAVIOR LISTING BOTNET C&C SERVERS + MORE (AS WELL AS REMOVAL LISTS FOR HOSTS):

http://www.mvps.org/winhelp2002/hosts.htm [mvps.org]
http://someonewhocares.org/hosts/ [someonewhocares.org]
http://hostsfile.org/hosts.html [hostsfile.org]
http://hostsfile.mine.nu/downloads/ [hostsfile.mine.nu]
http://hosts-file.net/?s=Download [hosts-file.net]
https://zeustracker.abuse.ch/monitor.php?filter=online [abuse.ch]
https://spyeyetracker.abuse.ch/monitor.php [abuse.ch]
http://ddanchev.blogspot.com/ [blogspot.com]
http://www.malware.com.br/lists.shtml [malware.com.br]
http://www.stopbadware.org/ [stopbadware.org]
Spybot "Search & Destroy" IMMUNIZE feature (fortifies HOSTS files with KNOWN bad servers blocked)

And yes: Even SLASHDOT &/or The Register help!

(Via articles on security (when the source articles they use are "detailed" that is, & list the servers/sites involved in attempting to bushwhack others online that is... not ALL do!)).

2 examples thereof in the past I have used, & noted it there, are/were:

http://it.slashdot.org/comments.pl?sid=1898692&cid=34473398 [slashdot.org]
http://it.slashdot.org/comments.pl?sid=1896216&cid=34458500 [slashdot.org]

9.) AdBlock & DNS servers are programs, and subject to bugs programs can get. Hosts files are merely a filter and not a program, thus not subject to bugs of the nature just discussed.

10.) HOSTS files protect you vs. DNS-poisoning &/or the Kaminsky flaw in DNS servers, and allow you to get to sites reliably vs. things like the Chinese are doing to DNS -> http://yro.slashdot.org/story/10/11/29/1755230/Chinese-DNS-Tampering-a-Real-Threat-To-Outsiders [slashdot.org]

11.) HOSTS files are EASILY user controlled, obtained (for reliable ones -> http://www.mvps.org/winhelp2002/hosts.htm [mvps.org] ) & edited too, via texteditors like Windows notepad.exe or Linux nano (etc.)

12.) With Adblock you had better be able to code javascript to play with its code (to customize it better than the GUI front does @ least). With hosts you don't even need source to control it (edit, update, delete, insert of new entries via a text editor).

13.) Hosts files are easily secured via using MAC/ACL (even moreso "automagically" for Vista, 7/Server 2008 + beyond by UAC by default) &/or Read-Only attributes applied.

14.) Custom HOSTS files also speed you up, unlike anonymous proxy servers systems variations (like TOR, or other "highly anonymous" proxy server list servers typically do, in the severe speed hit they often have a cost in) either via "hardcoding" your fav. sites into your hosts file (avoids DNS servers, totally) OR blocking out adbanners - see this below for evidence of that:

---

US Military Blocks Websites To Free Up Bandwidth:

http://yro.slashdot.org/story/11/03/16/0416238/US-Military-Blocks-Websites-To-Free-Up-Bandwidth [slashdot.org]

(Yes, even the US Military used this type of technique... because IT WORKS! Most of what they blocked? Ad banners ala doubleclick etc.)

---

Adbanners slow you down & consume your bandwidth YOU pay for:

ADBANNERS SLOW DOWN THE WEB: -> http://tech.slashdot.org/article.pl?sid=09/11/30/166218 [slashdot.org]

---

And people do NOT LIKE ads on the web:

PEOPLE DISLIKE ADBANNERS: http://yro.slashdot.org/yro/08/04/02/0058247.shtml [slashdot.org]

---

As well as this:

Users Know Advertisers Watch Them, and Hate It:

http://yro.slashdot.org/yro/08/04/02/0058247.shtml [slashdot.org]

---

Even WORSE still, is this:

Advertising Network Caught History Stealing:

http://yro.slashdot.org/story/11/07/22/156225/Advertising-Network-Caught-History-Stealing [slashdot.org]

---

15.) HOSTS files usage lets you avoid being charged on some ISP/BSP's (OR phone providers) "pay as you use" policy http://yro.slashdot.org/story/10/12/08/2012243/FCC-Approving-Pay-As-You-Go-Internet-Plans [slashdot.org] , because you are using less bandwidth (& go faster doing so no less) by NOT hauling in adbanner content and processing it (which can lead to infestation by malware/malicious script, in & of itself -> http://apcmag.com/microsoft_apologises_for_serving_malware.htm [apcmag.com] ).

16.) If/when ISP/BSP's decide to go to -> FCC Approving Pay-As-You-Go Internet Plans: http://yro.slashdot.org/story/10/12/08/2012243/FCC-Approving-Pay-As-You-Go-Internet-Plans [slashdot.org] your internet bill will go DOWN if you use a HOSTS file for blocking adbanners as well as maliciously scripted hacker/cracker malware maker sites too (after all - it's your money & time online downloading adbanner content & processing it)

Plus, your adbanner content? Well, it may also be hijacked with malicious code too mind you:

---

Yahoo, Microsoft's Bing display toxic ads:

http://www.theregister.co.uk/2011/09/16/bing_yahoo_malware_ads/ [theregister.co.uk]

---

Malware torrent delivered over Google, Yahoo! ad services:

http://www.theregister.co.uk/2009/09/24/malware_ads_google_yahoo/ [theregister.co.uk]

---

Google's DoubleClick spreads malicious ads (again):

http://www.theregister.co.uk/2009/02/24/doubleclick_distributes_malware/ [theregister.co.uk]

---

Rogue ads infiltrate Expedia and Rhapsody:

http://www.theregister.co.uk/2008/01/30/excite_and_rhapsody_rogue_ads/ [theregister.co.uk]

---

Google sponsored links caught punting malware:

http://www.theregister.co.uk/2008/12/16/google_sponsored_links/ [theregister.co.uk]

---

DoubleClick caught supplying malware-tainted ads:

http://www.theregister.co.uk/2007/11/13/doubleclick_distributes_malware/ [theregister.co.uk]

---

Yahoo feeds Trojan-laced ads to MySpace and PhotoBucket users:

http://www.theregister.co.uk/2007/09/11/yahoo_serves_12million_malware_ads/ [theregister.co.uk]

---

Real Media attacks real people via RealPlayer:

http://www.theregister.co.uk/2007/10/23/real_media_serves_malware/ [theregister.co.uk]

---

Ad networks owned by Google, Microsoft serve malware:

http://www.theregister.co.uk/2010/12/13/doubleclick_msn_malware_attacks/ [theregister.co.uk]

---

Attacks Targeting Classified Ad Sites Surge:

http://it.slashdot.org/story/11/02/02/1433210/Attacks-Targeting-Classified-Ad-Sites-Surge [slashdot.org]

---

Hackers Respond To Help Wanted Ads With Malware:

http://it.slashdot.org/story/11/01/20/0228258/Hackers-Respond-To-Help-Wanted-Ads-With-Malware [slashdot.org]

---

Hackers Use Banner Ads on Major Sites to Hijack Your PC:

http://www.wired.com/techbiz/media/news/2007/11/doubleclick [wired.com]

---

Ruskie gang hijacks Microsoft network to push penis pills:

http://www.theregister.co.uk/2010/10/12/microsoft_ips_hijacked/ [theregister.co.uk]

---

Major ISPs Injecting Ads, Vulnerabilities Into Web:

http://it.slashdot.org/it/08/04/19/2148215.shtml [slashdot.org]

---

Two Major Ad Networks Found Serving Malware:

http://tech.slashdot.org/story/10/12/13/0128249/Two-Major-Ad-Networks-Found-Serving-Malware [slashdot.org]

---

THE NEXT AD YOU CLICK MAY BE A VIRUS:

http://it.slashdot.org/story/09/06/15/2056219/The-Next-Ad-You-Click-May-Be-a-Virus [slashdot.org]

---

NY TIMES INFECTED WITH MALWARE ADBANNER:

http://news.slashdot.org/article.pl?sid=09/09/13/2346229 [slashdot.org]

---

MICROSOFT HIT BY MALWARES IN ADBANNERS:

http://apcmag.com/microsoft_apologises_for_serving_malware.htm [apcmag.com]

---

ISP's INJECTING ADS AND ERRORS INTO THE WEB: -> http://it.slashdot.org/it/08/04/19/2148215.shtml [slashdot.org]

---

ADOBE FLASH ADS INJECTING MALWARE INTO THE NET: http://it.slashdot.org/article.pl?sid=08/08/20/0029220&from=rss [slashdot.org]

---

London Stock Exchange Web Site Serving Malware:

http://www.securityweek.com/london-stock-exchange-web-site-serving-malware [securityweek.com]

---

Spotify splattered with malware-tainted ads:

http://www.theregister.co.uk/2011/03/25/spotify_malvertisement_attack/ [theregister.co.uk]

---

As my list "multiple evidences thereof" as to adbanners & viruses + the fact they slow you down & cost you more (from reputable & reliable sources no less)).

17.) Per point #16, a way to save some money: ANDROID phones can also use the HOSTS FILE TO KEEP DOWN BILLABLE TIME ONLINE, vs. adbanners or malware such as this:

---

Infected Androids Run Up Big Texting Bills:

http://it.slashdot.org/story/11/03/01/0041203/Infected-Androids-Run-Up-Big-Texting-Bills [slashdot.org]

---

AND, for protection vs. other "botnets" migrating from the PC world, to "smartphones" such as ZITMO (a ZEUS botnet variant):

http://www.google.com/search?hl=en&source=hp&q=ZITMO&btnG=Google+Search [google.com]

---

It's easily done too, via the ADB dev. tool, & mounting ANDROID OS' system mountpoint for system/etc as READ + WRITE/ADMIN-ROOT PERMISSIONS, then copying your new custom HOSTS over the old one using ADB PULL/ADB PUSH to do so (otherwise ANDROID complains of "this file cannot be overwritten on production models of this Operating System", or something very along those lines - this way gets you around that annoyance along with you possibly having to clear some space there yourself if you packed it with things!).

18.) Bad news: ADBLOCK CAN BE DETECTED FOR: See here on that note -> http://arstechnica.com/business/news/2010/03/why-ad-blocking-is-devastating-to-the-sites-you-love.ars [arstechnica.com]

HOSTS files are NOT THAT EASILY "webbug" BLOCKABLE by websites, as was tried on users by ARSTECHNICA (and it worked on AdBlock in that manner), to that websites' users' dismay:

PERTINENT QUOTE/EXCERPT FROM ARSTECHNICA THEMSELVES:

----

An experiment gone wrong - By Ken Fisher | Last updated March 6, 2010 11:11 AM

http://arstechnica.com/business/news/2010/03/why-ad-blocking-is-devastating-to-the-sites-you-love.ars [arstechnica.com]

"Starting late Friday afternoon we conducted a 12 hour experiment to see if it would be possible to simply make content disappear for visitors who were using a very popular ad blocking tool. Technologically, it was a success in that it worked. Ad blockers, and only ad blockers, couldn't see our content."

and

"Our experiment is over, and we're glad we did it because it led to us learning that we needed to communicate our point of view every once in a while. Sure, some people told us we deserved to die in a fire. But that's the Internet!"

Thus, as you can see? Well - THAT all "went over like a lead balloon" with their users in other words, because Arstechnica was forced to change it back to the old way where ADBLOCK still could work to do its job (REDDIT however, has not, for example). However/Again - this is proof that HOSTS files can still do the job, blocking potentially malscripted ads (or ads in general because they slow you down) vs. adblockers like ADBLOCK!

----

19.) Even WIKILEAKS "favors" blacklists (because they work, and HOSTS can be a blacklist vs. known BAD sites/servers/domain-host names):

---

PERTINENT QUOTE/EXCERPT (from -> http://www.theregister.co.uk/2010/12/16/wikileaks_mirror_malware_warning_row/ [theregister.co.uk] )

"we are in favour of 'Blacklists', be it for mail servers or websites, they have to be compiled with care... Fortunately, more responsible blacklists, like stopbadware.org (which protects the Firefox browser)...

---

20.) AND, LASTLY? SINCE MALWARE GENERALLY HAS TO OPERATE ON WHAT YOU YOURSELF CAN DO (running as limited class/least privlege user, hopefully, OR even as ADMIN/ROOT/SUPERUSER)? HOSTS "LOCK IN" malware too, vs. communicating "back to mama" for orders (provided they have name servers + C&C botnet servers listed in them, blocked off in your HOSTS that is) - you might think they use a hardcoded IP, which IS possible, but generally they do not & RECYCLE domain/host names they own (such as has been seen with the RBN (Russian Business Network) lately though it was considered "dead", other malwares are using its domains/hostnames now, & this? This stops that cold, too - Bonus!)...

21.) Custom HOSTS files gain users back more "screen real estate" by blocking out banner ads... it's great on PC's for speed along with MORE of what I want to see/read (not ads), & efficiency too, but EVEN BETTER ON SMARTPHONES - by far. It matters MOST there imo @ least, in regards to extra screen real-estate.

Still - It's a GOOD idea to layer in the usage of BOTH browser addons for security like adblock ( http://adblockplus.org/en/ [adblockplus.org] ), IE 9's new TPL's ( http://ie.microsoft.com/testdrive/Browser/TrackingProtectionLists/ [microsoft.com] ), &/or NoScript ( http://noscript.net/ [noscript.net] especially this one, as it covers what HOSTS files can't in javascript which is the main deliverer of MOST attacks online & SECUNIA.COM can verify this for anyone really by looking @ the past few years of attacks nowadays), for the concept of "layered security"....

It's just that HOSTS files offer you a LOT MORE gains than Adblock ( http://adblockplus.org/en/ [adblockplus.org] ) does alone (as hosts do things adblock just plain cannot & on more programs, for more speed, security, and "stealth" to a degree even), and it corrects problems in DNS (as shown above via hardcodes of your favorite sites into your HOSTS file, and more (such as avoiding DNS request logs)).

ALSO - Some more notes on DNS servers & their problems, very recent + ongoing ones:

---

DNS flaw reanimates slain evil sites as ghost domains:

http://www.theregister.co.uk/2012/02/16/ghost_domains_dns_vuln/ [theregister.co.uk]

---

BIND vs. what the Chinese are doing to DNS lately? See here:

http://yro.slashdot.org/story/10/11/29/1755230/Chinese-DNS-Tampering-a-Real-Threat-To-Outsiders [slashdot.org]

---

SECUNIA HIT BY DNS REDIRECTION HACK THIS WEEK:

http://www.theregister.co.uk/2010/11/26/secunia_back_from_dns_hack/ [theregister.co.uk]

(Yes, even "security pros" are helpless vs. DNS problems in code bugs OR redirect DNS poisoning issues, & they can only try to "set the DNS record straight" & then, they still have to wait for corrected DNS info. to propogate across all subordinate DNS servers too - lagtime in which folks DO get "abused" in mind you!)

---

DNS vs. the "Kaminsky DNS flaw", here (and even MORE problems in DNS than just that):

http://www.scmagazineus.com/new-bind-9-dns-flaw-is-worse-than-kaminskys/article/140872/ [scmagazineus.com]

(Seems others are saying that some NEW "Bind9 flaw" is worse than the Kaminsky flaw ALONE, up there, mind you... probably corrected (hopefully), but it shows yet again, DNS hassles (DNS redirect/DNS poisoning) being exploited!)

---

Moxie Marlinspike's found others (0 hack) as well...

Nope... "layered security" truly IS the "way to go" - hacker/cracker types know it, & they do NOT want the rest of us knowing it too!...

(So until DNSSEC takes "widespread adoption"? HOSTS are your answer vs. such types of attack, because the 1st thing your system refers to, by default, IS your HOSTS file (over say, DNS server usage). There are decent DNS servers though, such as OpenDNS, ScrubIT, or even NORTON DNS (more on each specifically below), & because I cannot "cache the entire internet" in a HOSTS file? I opt to use those, because I have to (& OpenDNS has been noted to "fix immediately", per the Kaminsky flaw, in fact... just as a sort of reference to how WELL they are maintained really!)

---

DNS Hijacks Now Being Used to Serve Black Hole Exploit Kit:

https://threatpost.com/en_us/blogs/dns-hijacks-now-being-used-serve-black-hole-exploit-kit-121211 [threatpost.com]

---

DNS experts admit some of the underlying foundations of the DNS protocol are inherently weak:

http://it.slashdot.org/story/11/12/08/1353203/opendns-releases-dns-encryption-tool [slashdot.org]

---

Potential 0-Day Vulnerability For BIND 9:

http://it.slashdot.org/story/11/11/17/1429259/potential-0-day-vulnerability-for-bind-9 [slashdot.org]

---

Five DNS Threats You Should Protect Against:

http://www.securityweek.com/five-dns-threats-you-should-protect-against [securityweek.com]

---

DNS provider decked by DDoS dastards:

http://www.theregister.co.uk/2010/11/16/ddos_on_dns_firm/ [theregister.co.uk]

---

Ten Percent of DNS Servers Still Vulnerable: (so much for "conscientious patching", eh? Many DNS providers weren't patching when they had to!)

http://it.slashdot.org/it/05/08/04/1525235.shtml?tid=172&tid=95&tid=218 [slashdot.org]

---

DNS ROOT SERVERS ATTACKED:

http://it.slashdot.org/it/07/02/06/2238225.shtml [slashdot.org]

---

TimeWarner DNS Hijacking:

http://tech.slashdot.org/article.pl?sid=07/07/23/2140208 [slashdot.org]

---

DNS Re-Binding Attacks:

http://crypto.stanford.edu/dns/ [stanford.edu]

---

DNS Server Survey Reveals Mixed Security Picture:

http://it.slashdot.org/it/07/11/21/0315239.shtml [slashdot.org]

---

Halvar figured out super-secret DNS vulnerability:

http://www.zdnet.com/blog/security/has-halvar-figured-out-super-secret-dns-vulnerability/1520 [zdnet.com]

---

BIND Still Susceptible To DNS Cache Poisoning:

http://tech.slashdot.org/tech/08/08/09/123222.shtml [slashdot.org]

---

DNS Poisoning Hits One of China's Biggest ISPs:

http://it.slashdot.org/it/08/08/21/2343250.shtml [slashdot.org]

---

DDoS Attacks Via DNS Recursion:

http://it.slashdot.org/it/06/03/16/1658209.shtml [slashdot.org]

---

High Severity BIND DNS Vulnerability Advisory Issued:

http://tech.slashdot.org/story/11/02/23/156212/High-Severity-BIND-Vulnerability-Advisory-Issued [slashdot.org]

---

Photobucketâ(TM)s DNS records hijacked:

http://blogs.zdnet.com/security/?p=1285 [zdnet.com]

---

Protecting Browsers from DNS Rebinding Attacks:

http://crypto.stanford.edu/dns/ [stanford.edu]

---

DNS Problem Linked To DDoS Attacks Gets Worse:

http://tech.slashdot.org/story/09/11/15/1238210/DNS-Problem-Linked-To-DDoS-Attacks-Gets-Worse [slashdot.org]

---

HOWEVER - Some DNS servers are "really good stuff" vs. phishing, known bad sites/servers/hosts-domains that serve up malware-in-general & malicious scripting, botnet C&C servers, & more, such as:

Norton DNS -> http://nortondns.com/ [nortondns.com]
ScrubIT DNS -> http://www.scrubit.com/ [scrubit.com]
OpenDNS -> http://www.opendns.com/ [opendns.com]

(Norton DNS in particular, is exclusively for blocking out malware, for those of you that are security-conscious. ScrubIT filters pr0n material too, but does the same, & OpenDNS does phishing protection. Each page lists how & why they work, & why they do so. Norton DNS can even show you its exceptions lists, plus user reviews & removal procedures requests, AND growth stats (every 1/2 hour or so) here -> http://safeweb.norton.com/buzz [norton.com] so, that ought to "take care of the naysayers" on removal requests, &/or methods used plus updates frequency etc./et al...)

HOWEVER - There's ONLY 1 WEAKNESS TO ANY network defense, including HOSTS files (vs. host-domain name based threats) & firewalls (hardware router type OR software type, vs. IP address based threats): Human beings, & they not being 'disciplined' about the indiscriminate usage of javascript (the main "harbinger of doom" out there today online), OR, what they download for example... & there is NOTHING I can do about that! (Per Dr. Manhattan of "The Watchmen", ala -> "I can change almost anything, but I can't change human nature")

HOWEVER AGAIN - That's where NORTON DNS, OpenDNS, &/or ScrubIT DNS help!

(Especially for noob/grandma level users who are unaware of how to secure themselves in fact, per a guide like mine noted above that uses "layered-security" principles!)

ScrubIT DNS, &/or OpenDNS are others alongside Norton DNS (adding on phishing protection too) as well!

( & it's possible to use ALL THREE in your hardware NAT routers, and, in your Local Area Connection DNS properties in Windows, for again, "Layered Security" too)...

---

20++ SLASHDOT USERS EXPERIENCING SUCCESS USING HOSTS FILES QUOTED VERBATIM:

---

"Ever since I've installed a host file (http://www.mvps.org/winhelp2002/hosts.htm) to redirect advertisers to my loopback, I haven't had any malware, spyware, or adware issues. I first started using the host file 5 years ago." - by TestedDoughnut (1324447) on Monday December 13, @12:18AM (#34532122)

"I use a custom /etc/hosts to block ads... my file gets parsed basically instantly ... So basically, for any modern computer, it has zero visible impact. And even if it took, say, a second to parse, that would be more than offset by the MANY seconds saved by not downloading and rendering ads. I have noticed NO ill effects from running a custom /etc/hosts file for the last several years. And as a matter of fact I DO run http servers on my computers and I've never had an /etc/hosts-related problem... it FUCKING WORKS and makes my life better overall." - by sootman (158191) on Monday July 13 2009, @11:47AM (#28677363) Homepage Journal

"I actually went and downloaded a 16k line hosts file and started using that after seeing that post, you know just for trying it out. some sites load up faster." - by gl4ss (559668) on Thursday November 17, @11:20AM (#38086752) Homepage Journal

"Better than an ad blocker, imo. Hosts file entries: http://www.mvps.org/winhelp2002/hosts.htm [mvps.org] " - by TempestRose (1187397) on Tuesday March 15, @12:53PM (#35493274)

"^^ One of the many reasons why I like the user-friendliness of the /etc/hosts file." - by lennier1 (264730) on Saturday March 05, @09:26PM (#35393448)

"They've been on my HOSTS block for years" - by ScottCooperDotNet (929575) on Thursday August 05 2010, @01:52AM (#33147212)

"I'm currently only using my hosts file to block pheedo ads from showing up in my RSS feeds and causing them to take forever to load. Regardless of its original intent, it's still a valid tool, when used judiciously." - by Bill Dog (726542) on Monday April 25, @02:16AM (#35927050) Homepage Journal

"you're right about hosts files" - by drinkypoo (153816) on Thursday May 26, @01:21PM (#36252958) Homepage

"APK's monolithic hosts file is looking pretty good at the moment." - by Culture20 (968837) on Thursday November 17, @10:08AM (#38085666)

"I also use the MVPS ad blocking hosts file." - by Rick17JJ (744063) on Wednesday January 19, @03:04PM (#34931482)

"I use ad-Block and a hostfile" - by Ol Olsoc (1175323) on Tuesday March 01, @10:11AM (#35346902)

"I do use Hosts, for a couple fake domains I use." - by icebraining (1313345) on Saturday December 11, @09:34AM (#34523012) Homepage

"It's a good write up on something everybody should use, why you were modded down is beyond me. Using a HOSTS file, ADblock is of no concern and they can do what they want." - by Trax3001BBS (2368736) on Monday December 12, @10:07PM (#38351398) Homepage Journal

"I want my surfing speed back so I block EVERY fucking ad. i.e. http://someonewhocares.org/hosts/ [someonewhocares.org] and http://winhelp2002.mvps.org/hosts.htm [mvps.org] FTW" - by UnknownSoldier (67820) on Tuesday December 13, @12:04PM (#38356782)

"Let me introduce you to the file: /etc/hosts" - by fahrbot-bot (874524) on Monday December 19, @05:03PM (#38427432)

"I use a hosts file" - by EdIII (1114411) on Tuesday December 13, @01:17PM (#38357816)

"I'm tempted to go for a hacked hosts file that simply resolves most advert sites to 127.0.0.1" - by bLanark (123342) on Tuesday December 13, @01:13PM (#38357760)

"this is not a troll, which hosts file source you recommend nowadays? it's a really handy method for speeding up web and it works." - by gl4ss (559668) on Thursday March 22, @08:07PM (#39446525) Homepage Journal

"A hosts file certainly does not require "a lot of work" to maintain, and it quite effectively kills a LOT of advertising and tracking schemes. . In fact, I never would have considered trying to use it for ddefending against viruses or malware." - by RocketRabbit (830691) on Thursday December 30 2010, @05:48PM (#34715060)

---

Then, there is also the words of respected security expert, Mr. Oliver Day, from SECURITYFOCUS.COM to "top that all off" as well:

A RETURN TO THE KILLFILE:

http://www.securityfocus.com/columnists/491 [securityfocus.com]

Some "PERTINENT QUOTES/EXCERPTS" to back up my points with (for starters):

---

"The host file on my day-to-day laptop is now over 16,000 lines long. Accessing the Internet -- particularly browsing the Web -- is actually faster now."

Speed, and security, is the gain... others like Mr. Day note it as well!

---

"From what I have seen in my research, major efforts to share lists of unwanted hosts began gaining serious momentum earlier this decade. The most popular appear to have started as a means to block advertising and as a way to avoid being tracked by sites that use cookies to gather data on the user across Web properties. More recently, projects like Spybot Search and Destroy offer lists of known malicious servers to add a layer of defense against trojans and other forms of malware."

Per my points exactly, no less... & guess who was posting about HOSTS files a 14++ yrs. or more back & Mr. Day was reading & now using? Yours truly (& this is one of the later ones, from 2001 http://www.furtherleft.net/computer.htm [furtherleft.net] (but the example HOSTS file with my initials in it is FAR older, circa 1998 or so) or thereabouts, and referred to later by a pal of mine who moderates NTCompatible.com (where I posted on HOSTS for YEARS (1997 onwards)) -> http://www.ntcompatible.com/thread28597-1.html [ntcompatible.com] !

---

"Shared host files could be beneficial for other groups as well. Human rights groups have sought after block resistant technologies for quite some time. The GoDaddy debacle with NMap creator Fyodor (corrected) showed a particularly vicious blocking mechanism using DNS registrars. Once a registrar pulls a website from its records, the world ceases to have an effective way to find it. Shared host files could provide a DNS-proof method of reaching sites, not to mention removing an additional vector of detection if anyone were trying to monitor the use of subversive sites. One of the known weaknesses of the Tor system, for example, is direct DNS requests by applications not configured to route such requests through Tor's network."

There you go: AND, it also works vs. the "KAMINSKY DNS FLAW" & DNS poisoning/redirect attacks, for redirectable weaknesses in DNS servers (non DNSSEC type, & set into recursive mode especially) and also in the TOR system as well (that lends itself to anonymous proxy usage weaknesses I noted above also) and, you'll get to sites you want to, even IF a DNS registrar drops said websites from its tables as shown here Beating Censorship By Routing Around DNS -> http://yro.slashdot.org/story/10/12/09/1840246/Beating-Censorship-By-Routing-Around-DNS [slashdot.org] & even DNSBL also (DNS Block Lists) -> http://en.wikipedia.org/wiki/DNSBL [wikipedia.org] as well - DOUBLE-BONUS!

---

* POSTS ABOUT HOSTS FILES I DID on "/." THAT HAVE DONE WELL BY OTHERS & WERE RATED HIGHLY, 26++ THUSFAR (from +3 -> +1 RATINGS, usually "informative" or "interesting" etc./et al):

BANNER ADS & BANDWIDTH:2011 -> http://hardware.slashdot.org/comments.pl?sid=2139088&cid=36077722 [slashdot.org]
HOSTS MOD UP:2010 -> http://yro.slashdot.org/comments.pl?sid=1907266&cid=34529608 [slashdot.org]
HOSTS MOD UP:2009 -> http://tech.slashdot.org/comments.pl?sid=1490078&cid=30555632 [slashdot.org]
HOSTS MOD UP:2010 -> http://it.slashdot.org/comments.pl?sid=1869638&cid=34237268 [slashdot.org]
HOSTS MOD UP:2009 -> http://tech.slashdot.org/comments.pl?sid=1461288&threshold=-1&commentsort=0&mode=thread&cid=30272074 [slashdot.org]
HOSTS MOD UP:2009 -> http://tech.slashdot.org/comments.pl?sid=1255487&cid=28197285 [slashdot.org]
HOSTS MOD UP:2009 -> http://tech.slashdot.org/comments.pl?sid=1206409&cid=27661983 [slashdot.org]
HOSTS MOD UP:2010 -> http://apple.slashdot.org/comments.pl?sid=1725068&cid=32960808 [slashdot.org]
HOSTS MOD UP:2010 -> http://it.slashdot.org/comments.pl?sid=1743902&cid=33147274 [slashdot.org]
APK 20++ POINTS ON HOSTS MOD UP:2010 -> http://news.slashdot.org/comments.pl?sid=1913212&cid=34576182 [slashdot.org]
HOSTS MOD UP:2010 -> http://it.slashdot.org/comments.pl?sid=1862260&cid=34186256 [slashdot.org]
HOSTS MOD UP:2010 (w/ facebook known bad sites blocked) -> http://tech.slashdot.org/comments.pl?sid=1924892&cid=34670128 [slashdot.org]
HOSTS FILE MOD UP FOR ANDROID MALWARE:2010 -> http://mobile.slashdot.org/comments.pl?sid=1930156&cid=34713952 [slashdot.org]
HOSTS MOD UP ZEUSTRACKER:2011 -> http://it.slashdot.org/comments.pl?sid=2059420&cid=35654066 [slashdot.org]
HOSTS MOD UP vs AT&T BANDWIDTH CAP:2011 -> http://tech.slashdot.org/comments.pl?sid=2116504&cid=35985584 [slashdot.org]
HOSTS MOD UP CAN DO SAME AS THE "CloudFlare" Server-Side service:2011 -> http://it.slashdot.org/comments.pl?sid=2220314&cid=36372850 [slashdot.org]
HOSTS and BGP +5 RATED (BEING HONEST):2010 http://tech.slashdot.org/comments.pl?sid=1901826&cid=34490450 [slashdot.org]
HOSTS & PROTECT IP ACT:2011 http://yro.slashdot.org/comments.pl?sid=2368832&cid=37021700 [slashdot.org]
HOSTS MOD UP:2011 -> http://yro.slashdot.org/comments.pl?sid=2457766&cid=37592458 [slashdot.org]
HOSTS MOD UP & OPERA HAUTE SECURE:2011 -> http://yro.slashdot.org/comments.pl?sid=2457274&cid=37589596 [slashdot.org]
0.0.0.0 in HOSTS:2009 -> http://tech.slashdot.org/comments.pl?sid=1197039&cid=27556999 [slashdot.org]
0.0.0.0 IN HOSTS:2009 -> http://tech.slashdot.org/comments.pl?sid=1143349&cid=27012231 [slashdot.org]
0.0.0.0 in HOSTS:2009 -> http://it.slashdot.org/comments.pl?sid=1198841&cid=27580299 [slashdot.org]
0.0.0.0 in HOSTS:2009 -> http://tech.slashdot.org/comments.pl?sid=1139705&cid=26977225 [slashdot.org]
HOSTS MOD UP:2009 -> http://hardware.slashdot.org/comments.pl?sid=1319261&cid=28872833 [slashdot.org] (still says INSIGHTFUL)
HOSTS MOD UP vs. botnet: 2012 -> http://it.slashdot.org/comments.pl?sid=2603836&cid=38586216 [slashdot.org]

---

* "Here endeth the lesson..." and, if you REALLY want to secure your system? Please refer to this:

http://www.bing.com/search?q=%22HOW+TO+SECURE+Windows+2000%2FXP%22&go=&form=QBRE [bing.com]

APK

P.S.=> SOME MINOR "CAVEATS/CATCH-22's" - things to be aware of for "layered security" + HOSTS file performance - easily overcome, or not a problem at all:

A.) HOSTS files don't function under PROXY SERVERS (except for Proximitron, which has a filter that allows it) - Which is *the "WHY"* of why I state in my "P.S." section below to use both AdBlock type browser addon methods (or even built-in block lists browsers have such as Opera's URLFILTER.INI file, & FireFox has such as list as does IE also in the form of TPL (tracking protection lists -> http://ie.microsoft.com/testdrive/Browser/TrackingProtectionLists/ [microsoft.com] , good stuff )) in combination with HOSTS, for the best in "layered security" (alongside .pac files + custom cascading style sheets that can filter off various tags such as scripts or ads etc.) - but proxies, especially "HIGHLY ANONYMOUS" types, generally slow you down to a CRAWL online (& personally, I cannot see using proxies "for the good" typically - as they allow "truly anonymous posting" & have bugs (such as TOR has been shown to have & be "bypassable/traceable" via its "onion routing" methods)).

B.) HOSTS files do NOT protect you vs. javascript (this only holds true IF you don't already have a bad site blocked out in your HOSTS file though, & the list of sites where you can obtain such lists to add to your HOSTS are above (& updated daily in many of them)).

C.) HOSTS files (relatively "largish ones") require you to turn off Windows' native "DNS local client cache service" (which has a problem in that it's designed with a non-redimensionable/resizeable list, array, or queue (DNS data loads into a C/C++ structure actually/afaik, which IS a form of array)) - mvps.org covers that in detail and how to easily do this in Windows (this is NOT a problem in Linux, & it's 1 thing I will give Linux over Windows, hands-down). Relatively "smallish" HOSTS files don't have this problem (mvps.org offers 2 types for this).

D.) HOSTS files, once read/loaded, once? GET CACHED! Right into the kernelmode diskcaching subsystem (fast & efficient RAM speed), for speed of access/re-access (@ system startup in older MS OS' like 2000, or, upon a users' 1st request that's "Webbound" via say, a webbrowser) gets read into either the DNS local caching client service (noted above), OR, if that's turned off? Into your local diskcache (like ANY file is), so it reads F A S T upon re-reads/subsequent reads (until it's changed in %WinDir%\system32\drivers\etc on Windows, which marks it "Dirty" & then it gets re-read + reloaded into the local diskcache again). This may cause a SMALL initial load 1 time lag upon reload though, depending on the size of your HOSTS file.

E.) HOSTS files don't protect vs. BGP exploits - Sorry, once it's out of your hands/machine + past any interior network + routers you have, the packets you send are out there into the ISP/BSP's hands - they're "the Agents" holding all the keys to the doorways at that point (hosts are just a forcefield-filter (for lack of a better description) armor on what can come in mostly, & a bit of what can go out too (per point #20 above on "locking in malware")). Hosts work as a "I can't get burned if I can't go into the kitchen" protection, for you: Not your ISP/BSP. It doesn't extend to them

F.) HOSTS files don't protect vs. IP addressed adbanners (rare) &/or IP address utilizing malwares (rare too, most used domain/host names because they're "RECYCLABLE/REUSEABLE"), so here, you must couple HOSTS files w/ firewall rules tables (either in software firewalls OR router firewall rules table lists)... apk

Re:This beats the HELL out of any browser addon (0)

Anonymous Coward | more than 2 years ago | (#40383795)

TL;DR Holy shit you need a hobby.

Reminds me of HULK vs. THOR... apk (-1)

Anonymous Coward | more than 2 years ago | (#40384047)

Ok - Disprove the list of 21 points in favor of custom hosts files here -> http://yro.slashdot.org/comments.pl?sid=2926641&cid=40383743 [slashdot.org]

That gives users the following benefits:

---

1.) Better speed/bandwidth (it's your money you pay online after all, & adbanners suck it away).
2.) Better "layered-security"/"defense-in-depth" (vs. malware hosting sites, maliciously scripted sites, & even poisoned adbanners)
3.) Better screen realestate
4.) Better tracking defense
5.) Better 'anonymity' (to an extent vs. DNS request logs, or vs. unjust DNSBL's (DNS blocklists) you feel are unjust)
6.) Better than browser addons for efficiency

---

& more...

?

* You manage to disprove all the points I made on custom hosts files regarding that short summary list above? Then, you can talk... &, be on topic!

"TL;DR Holy shit you need a hobby." - by Anonymous Coward on Wednesday June 20, @08:51AM (#40383795)

You need to get on topic, instead of being a mindless troll... how's that suit you? You also need to get your "hooked on phonics" out because reading IS FUNDAMENTAL to forums, troll... try it sometime (you may actually learn something useful).

APK

P.S.=> It makes me LAUGH everytime you trolls are forced to go BLATANTLY off-topic whenever I post about custom hosts files & what good they do for end-users of them... lol, loads of trolls here have tried, each has failed, & so MANY TIMES by now? It's not even funny... lol!

Reminds me of watching the HULK get "pinned" beneath Thor's Hammer Mjolnir here (position 20 onwards in the YouTube player control in this clip from the excellent 2012 flick "The Avengers" in fact):

http://www.youtube.com/watch?v=6Attt4dVu0U&feature=related [youtube.com]

Since everytime I post that list?? Not a SINGLE /. TROLL has managed to disprove its points... not a one, for years now... lol!

... apk

Re:Reminds me of HULK vs. THOR... apk (0)

Anonymous Coward | more than 2 years ago | (#40384943)

Reminds me of watching the HULK get "pinned" beneath Thor's Hammer Mjolnir here (position 20 onwards in the YouTube player control in this clip from the excellent 2012 flick "The Avengers" in fact):

http://www.youtube.com/watch?v=6Attt4dVu0U&feature=related [youtube.com]

Since everytime I post that list?? Not a SINGLE /. TROLL has managed to disprove its points... not a one, for years now... lol!

Good analogy apk. Funny and apt. Trolls lose to your hosts file points as always. All they have is downmods to try hide your challenges to them, nothing more, proving your points on the good custom hosts files can do for users of them.

Re:This beats the HELL out of any browser addon (1)

nigelo (30096) | more than 2 years ago | (#40385487)

He has a hobby: Constantly updating his hosts file.

Nope: I don't lift a finger (done "automagically") (0)

Anonymous Coward | more than 2 years ago | (#40385681)

Via this program I wrote, & I've finally posted links to it here http://yro.slashdot.org/comments.pl?sid=2926641&cid=40385557 [slashdot.org]

* Feel free to try it IF you wish...

(It's decent and does the job (data accuracy in it is excellent & the code's been rated that by Mr. Steven Burn of hpHosts/malwarebytes).

* It imports, normalizes (removes duplicates & non-functional entries), & finalizes a custom hosts file from 12 sources in about 15 minutes time on an Intel Core I7 920 CPU system w/ 3gb DDR2 RAM onboard.

(Details of what it can do for you are in the link above, as well as a download link for it).

APK

P.S.=> So, so much for this sarcasm from you since I don't lift a finger to do anything to it, since I no longer have to, since I automated it YEARS ago:

"He has a hobby: Constantly updating his hosts file." - by nigelo (30096) on Wednesday June 20, @11:08AM (#40385487)

Nope - that program I wrote does it for me, every 12 hours (& I have a version here that does it every 15 minutes in fact, to a temp copy that's pristine, & overwrites the actual master HOSTS file so even IF it were "bushwhacked"? It gets "clean" & with more current data vs. known bad hosts-domains/sites/servers that serve up malware or malscripted exploits + adbanners)... apk

Re:Nope: I don't lift a finger (done "automagicall (1)

nullchar (446050) | more than 2 years ago | (#40391691)

Having a custom hosts file is all fine and good, but that does not mitigate Deep Packet Inspection:

FTA:

The company's proposed advertising system, called Webwise, is a behavioral targeting service (similar to NebuAd) that uses deep packet inspection to examine traffic... and the ISP BT Group has been criticised for running secret trials of the service.

Couldn't find your source link (0)

Anonymous Coward | more than 2 years ago | (#40396353)

"Having a custom hosts file is all fine and good, but that does not mitigate Deep Packet Inspection: FTA: The company's proposed advertising system, called Webwise, is a behavioral targeting service (similar to NebuAd) that uses deep packet inspection to examine traffic... and the ISP BT Group has been criticised for running secret trials of the service." - by nullchar (446050) on Wednesday June 20, @06:19PM (#40391691)

Hmmm, maybe I am blind (or I am otherwise "off" & haven't had my coffee yet this a.m. either, lol), but I couldn't find that quote from the source article..

* Can you point me to a link that has the quote you used? Thanks...

(I'd be more than willing to discuss this too - sounds interesting enough is why, & maybe I can learn something also...)

APK

P.S.=> Thanks for getting me the source link to the quote you used, because I honestly couldn't find it either in the CNET link here http://news.cnet.com/8301-1009_3-57456273-83/behavioral-data-tracking-rising-dramatically-q-a/ [cnet.com] OR here from the Register http://www.theregister.co.uk/2008/05/16/antiphormlite/ [theregister.co.uk] ... apk

By the way: I covered that much earlier... apk (0)

Anonymous Coward | more than 2 years ago | (#40400117)

"4.) Better 'anonymity' to an extent vs. DNS request logs (not vs. DPI ("deep packet inspection"))" - by Anonymous Coward on Wednesday June 20, @11:12AM (#40385557)

FROM -> http://yro.slashdot.org/comments.pl?sid=2926641&cid=40385557 [slashdot.org]

* There, I was discussing what a custom hosts file mgt. program I wrote does for users - & thus, there, you can see I covered your point, & MANY hours earlier than you did (I posted about DPI vs. hosts files @ 11 a.m., vs. your post time of 6:19 p.m.).

(Still - it is good you pointed that out anyhow, & that YOU are aware of it!)

APK

Re:This beats the HELL out of any browser addon (1)

tlhIngan (30335) | more than 2 years ago | (#40386163)

What I'd want to know is how he managed to get such a long post through before /. truncates it - usually you get maybe a short essay's worth of text before the "Read more of this comment" link shows up. This guy managed maybe five times that length.

Of course, most modern tracking system, like Google Analytics, rely on webmasters to pass links THROUGH them via javascript, so you can't block GA anymore or the site breaks (good and bad).

Naturally, stuff like NoScript evolved workarounds by faking out the GA scripts to avoid tracking.

How? Well... "I'm Magic" (quoting bullseye) (0)

Anonymous Coward | more than 2 years ago | (#40386561)

"What I'd want to know is how he managed to get such a long post through before /. truncates it - usually you get maybe a short essay's worth of text before the "Read more of this comment" link shows up. This guy managed maybe five times that length." - by tlhIngan (30335) on Wednesday June 20, @11:54AM (#40386163)

From the film "Daredevil", so - see subject-line, & that's HOW... if you've seen that film, it's his statement to Electra:

"Ah, baby... you're good! But me? I'M MAGIC!"

* Fact is, a LOT on this site doesn't apply to me like it does to the rest of you (including the ac 10 posts per 24 hours unfair restriction on us AC users).

APK

P.S.=> And, that's that... apk

Re:This beats the HELL out of any browser addon (1)

certain death (947081) | more than 2 years ago | (#40391563)

Maybe it _IS_ his hobby!

Re:This beats the HELL out of any browser addon (0)

Anonymous Coward | more than 2 years ago | (#40396363)

No: However, "tearing up" forums trolls, is... lol!

* Along with writing freewares on the side of professional programming computers since 1994 (and long before that non-professionally).

APK

Re:This beats the HELL out of any browser addon (1)

Inda (580031) | more than 2 years ago | (#40383867)

I think you forgot the CleanMyPC.com links at the end.

I don't just *think* this: I KNOW IT... apk (-1)

Anonymous Coward | more than 2 years ago | (#40383951)

"I think you forgot the CleanMyPC.com links at the end." - by Inda (580031) on Wednesday June 20, @08:58AM (#40383867)

Anytime you feel up to disproving every point I made here -> http://yro.slashdot.org/comments.pl?sid=2926641&cid=40383743 [slashdot.org] is the day you can equate my posts on custom hosts files benefits in:

1.) Better speed/bandwidth
2.) Better "layered-security"/"defense-in-depth"
3.) Better screen realestate
4.) Better tracking defense
5.) Better 'anonymity' (to an extent vs. DNS request logs, or vs. unjust DNSBL's (DNS blocklists) you feel are unjust)
6.) Better than browser addons for efficiency

& more...

?

* You manage to disprove all the points I made on custom hosts files regarding that short summary list above? Then, you can talk... &, be on topic!

APK

P.S.=> Are you on topic, troll? No... & again - you disprove every single point I made on the good things custom hosts files give users?? Then, you'll have made a point AND be on topic, troll... apk

Re:I don't just *think* this: I KNOW IT... apk (0)

Anonymous Coward | more than 2 years ago | (#40385033)

Downmods of a fair challenge apk made isn't disproving his points on hosts files. Large fail that, trolls. He isn't posting mycleanpc drivel. He posts actual verifiable facts. There's a big difference.

Re:I don't just *think* this: I KNOW IT... apk (2)

Inda (580031) | more than 2 years ago | (#40385113)

I think you're confused. My post, with my complete lack of interest, is not there to prove or disprove your rantings about AdBlock.

I get no joy from provoking emotional responses on the internet. Your response actually made me shed a tear. All that typing on Slashdot for fuck all.

#No one cares

Stick that in your newly invented hosts file.

Re:I don't just *think* this: I KNOW IT... apk (0)

Anonymous Coward | more than 2 years ago | (#40385327)

You care since you post n fail to meet his challenge. We know that. You make me laugh to the point of tears in watching you run away from disproving apk's points on hosts files here troll http://yro.slashdot.org/comments.pl?sid=2926641&cid=40383743 [slashdot.org]

You're nothing more than a troll (0)

Anonymous Coward | more than 2 years ago | (#40401889)

Or was this b.s. from you supposed to be on topic -> http://yro.slashdot.org/comments.pl?sid=2926641&cid=40383867 [slashdot.org]

?

"I think you're confused." - by Inda (580031) on Wednesday June 20, @10:43AM (#40385113)

Ahem - I know that I am not, & especially about what's in my subject-line above (as does anyone else reading your crap in the link above).

* No, I am most definitely NOT "confused" about you, little trolling WORM... not @ all!

---

"My post, with my complete lack of interest, is not there to prove or disprove your rantings about AdBlock. - by Inda (580031) on Wednesday June 20, @10:43AM (#40385113)

Face facts: You're too STUPID to be able to disprove it, and I know it, YOU know it, & based on this evasive bullshit from you? So does anyone else reading...

---

"I get no joy from provoking emotional responses on the internet. Your response actually made me shed a tear. All that typing on Slashdot for fuck all. - by Inda (580031) on Wednesday June 20, @10:43AM (#40385113)

Funny - your response only made me laugh, realizing you're just another "ne'er-do-well" troll... nothing more.

---

"#No one cares" - by Inda (580031) on Wednesday June 20, @10:43AM (#40385113)

Funny - my initial post is rated +3 informative (was interesting before that)... & others' replies here show clearly otherwise, such as this one -> http://yro.slashdot.org/comments.pl?sid=2926641&cid=40385203 [slashdot.org] , also...

(So, so much for your "opinion", you worthless scumbag troll).

---

"Stick that in your newly invented hosts file. - by Inda (580031) on Wednesday June 20, @10:43AM (#40385113)

LOL, "run forrest, run"... that's about ALL I have to say to you, since you're unable to disprove my points on hosts files...

APK

P.S.=> "RUN, FORREST... RUN!"... apk

"Run Forrest - RUN" (lmao)... apk (0)

Anonymous Coward | more than 2 years ago | (#40388277)

For all your trolling, you run from this, "Forrest" -> http://yro.slashdot.org/comments.pl?sid=2926641&cid=40383951 [slashdot.org]

* Why's that troll? Too much of a challenge for your 10 below plantlife IQ??

(Yes, obviously... lmao @ U, troll!)

All "little troll" Inda had, was an effete moddown!

(Now, before any /. "genius" tries to tell me that a registered 'luser' can't do that AND post in a thread? Bullshit - you downmod first, then logout of your registered 'luser' account, so the tracking cookie doesn't remove your downmod, & then troll by AC!)

APK

P.S.=> Oh, & WHERE ARE MY MANNERS? I must THANK you, for making ME, look GOOD, as you effete off-topic trolls ALWAYS do... apk

Re:This beats the HELL out of any browser addon (0)

Anonymous Coward | more than 2 years ago | (#40383887)

You're not a big fan of the KISS principle, are you?

Re:This beats the HELL out of any browser addon (0)

Anonymous Coward | more than 2 years ago | (#40383907)

Actually he is. He's using less layers of defense than browser addons.

Actually, I use MORE (lots more)... apk (-1)

Anonymous Coward | more than 2 years ago | (#40384321)

I practice the BEST THING WE HAVE GOING (vs. malware, malscripted sites, advertiser tracking, & FAR more) in "layered-security"/"defense-in-depth", because it actually works -> http://www.bing.com/search?q=%22HOW+TO+SECURE+Windows+2000%2FXP%22&go=&form=QBRE [bing.com]

* Hosts files are just more efficient because of the layer of access/privelege they run in as a mere filter for the IP stack itself... but layered defense, including firewall rules tables, browser security addons, system tweaks for security, patching apps & the Operating System conscientiously, & user education vs. threats online, are the best you can do, & yes, they actually WORK!

APK

P.S.=> I invite ANYONE to disprove the points I made on custom hosts files and the benefits they give end users in the following things online:

1.) Better speed/bandwidth
2.) Better "layered-security"/"defense-in-depth"
3.) Better screen realestate
4.) Better tracking defense
5.) Better 'anonymity' (to an extent vs. DNS request logs, or vs. unjust DNSBL's (DNS blocklists) you feel are unjust)
6.) Better than browser addons for efficiency

& more...

Because, until the trolls around here do? Well... they only remind me of what happened to the HULK (vs. Thor) in this clip from the excellent 2012 film "The Avengers" (where Hulk gets 1st FLOORED, & then pinned & trapped beneath Thor's hammer (& is unable to escape or move it)):

http://www.youtube.com/watch?v=6Attt4dVu0U&feature=related [youtube.com] [youtube.com]

Since everytime I post that list?? Not a SINGLE /. TROLL has managed to disprove its points... not a one, for years now... lol!

... apk

Re:Actually, I use MORE (lots more)... apk (0)

Anonymous Coward | more than 2 years ago | (#40385255)

Troll downmods of a challenge to them's only showing apk wins as usual. Hulk trolls pinned by apk's hammer.

Re:This beats the HELL out of any browser addon (0)

Anonymous Coward | more than 2 years ago | (#40385099)

You're a fan of the "getting your ass kicked" principle since you can't disprove apk's list of 21 points in favor of custom hosts files over other solutions and yet in combination with them, actually complimenting them. All you trolls have is downmods to try hide his posts when he challenged you to disprove those points here point by point http://yro.slashdot.org/comments.pl?sid=2926641&cid=40383743 [slashdot.org] and that means you failed trolls. You can't get the best of him.

Re:This beats the HELL out of any browser addon (0)

Anonymous Coward | more than 2 years ago | (#40384361)

For all the overkill text you spewed out, I couldn't find a link to a hosts file that blocks trackers. It may be in there, but I don't have time to do a detailed analysis of your post. Also, by your writing style, I'd think you were actually trying to link me to some scam site.

Learn to READ then (lists ARE there) (0)

Anonymous Coward | more than 2 years ago | (#40384501)

See point #8 here (8/15 sources I use for hosts are there) -> http://yro.slashdot.org/comments.pl?sid=2926641&cid=40383743 [slashdot.org]

* This drivel from you? LOL, it took the cake from you along w/ your obvious reading deficiencies, here:

"For all the overkill text you spewed out, I couldn't find a link to a hosts file that blocks trackers. It may be in there" - by Anonymous Coward on Wednesday June 20, @09:46AM (#40384361)

Ahem: See above, & "eat your words" (flavored with the 'bitter taste of SELF-defeat' & YOUR FOOT IN YOUR TROLLING MOUTH!)...

(How do they taste? LMAO!)

---

"but I don't have time to do a detailed analysis of your post." - by Anonymous Coward on Wednesday June 20, @09:46AM (#40384361)

No, you don't possess the technical KNOW-HOW to get the better of its 21 points in favor of hosts files I posted, that get end users of them the following:

---

1.) Better speed/bandwidth
2.) Better "layered-security"/"defense-in-depth"
3.) Better screen realestate
4.) Better tracking defense
5.) Better 'anonymity' (to an extent vs. DNS request logs, or vs. unjust DNSBL's (DNS blocklists) you feel are unjust)
6.) Better than browser addons for efficiency

---

& more...

Because, until the trolls around here do?

Well... they (and now, you) only remind me of what happened to the HULK (vs. Thor) in this clip from the excellent 2012 film "The Avengers" (where Hulk gets 1st FLOORED, & then pinned & trapped beneath Thor's hammer (& is unable to escape or move it)):

http://www.youtube.com/watch?v=6Attt4dVu0U&feature=related [youtube.com]

Since everytime I post that list??

Not a SINGLE /. TROLL has managed to disprove its points... not a one, for years now... lol!

APK

P.S.=> Oh yes, & of course, the "usual" effete retaliation of trolls when blown away by facts & technical data proofs, in the "wannabe english teacher" troll:

"Also, by your writing style, I'd think you were actually trying to link me to some scam site." - by Anonymous Coward on Wednesday June 20, @09:46AM (#40384361)

You LACK OF READING "style" (ability actually) is proven above... before YOU tell others how to write? I suggest you first learn HOW TO READ (you may learn something, troll, because I have "schooled you" easily)... apk

Re:This beats the HELL out of any browser addon (0)

Anonymous Coward | more than 2 years ago | (#40385203)

Huge, but useful post. I'd like to add to the list the "Hostsman" application, which I use on my MS Win machines for many years already:
http://www.abelhadigital.com/hostsman [abelhadigital.com]
It'll automatically take care of updates for your hosts file.

Good (I did one myself - years before it)... apk (0)

Anonymous Coward | more than 2 years ago | (#40385557)

"Huge, but useful post" - by Anonymous Coward on Wednesday June 20, @10:49AM (#40385203)

Thank-you: BIG "fan" of detail here is why - miss those here on /.? You get "annihilated" by nitpickers... this site'll teach ANYONE that much!

Now, per my subject-line above??

Good app!

I've tested it vs. my own here:

http://securemecca.com/public/APKHostsFileInstaller/ [securemecca.com]

(That's one set of custom hosts file data providers that's hosting it for me, & another is hpHosts/malwarebytes).

This is a "FIRST" by the way - I've never posted links for it to ANYONE except those testing it (which has been going on since 2006 here in fact).

Which I am FINALLY releasing to the "general public" for consumption & use by others for the reasons noted in my 'huge post'... why?

Well, I told myself that IF by 2012, things didn't get better on the malware online in general front? OUT SHE'D GO to others...

You simply extract its files to ANY folder you like (usually one you create for it, doesn't matter where, but you MUST run it as administrator (simple & the "read me" tab shows how easy THAT is to do):

---

Sooo... What's it do for you?

It's a custom hosts file mgt. program that does the following for end users (Calling it "APK Hosts File Engine 5.0++")

---

1.) Offers massively noticeable increased speed for websurfing via blocking adbanners

2.) Offers increased speed for users fav. sites by hardcoding them into the hosts file for faster IP address-to-host/domain name resolutions (which sites RARELY change their hosting providers, e.g.-> of 250 I do, only 6 have changed since 2006 - & when sites do because they found a less costly hosting provider? Then, they either email notify members, put up warnings on their pages, & do IP warnings & redirectors onto the former IP address range to protect vs. the unscrupulous criminal bidding on that range to buy it to steal from users of say, online banking or shopping sites).

3.) Better "Layered-Security"/"Defense-In-Depth" via blocking host-domain based attacks by KNOWN bad sites-servers that are known to do so (which IS, by far, the majority of what's used by both users (hence the existence of the faulty but for most part working DNS system), AND even by malware makers (since host-domain names are recyclable by they, & the RBN (Russian Business Network & others)) were doing it like mad with "less than scrupulous", or uncaring, hosting providers)

4.) Better 'anonymity' to an extent vs. DNS request logs (not vs. DPI ("deep packet inspection"))

5.) The ability to circumvent unjust DNSBL (DNS Block Lists) if unjust or inconveniences a user.

6.) Protection vs. online trackers

7.) Better security vs. the DNS system being "dns poisoned/redirected" (a known problem for recursive DNS servers via port 51/53 misdirection)

8.) Write protecting the hosts file every 1/2 second (supplementing UAC) - even if/when you move it from the default location via this registry entry (which if done, can function ALMOST like *NIX shadow passwords because of this program):

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters

And changing the "DataBasePath" parameter there (I do this moving it to a faster media, a "true SSD" using DDR-2 RAM, in the 4gb Gigabyte IRAM I have).

9.) Automatic downloading & Alphabetic sorting of hosts files' records entries (for easier end user mgt. manually) from 15 reliable sources (of 17 I actually use).

10.) Manual editing of all files used (hosts to import list, hosts itself in its default location of %windir%\system32\drivers\etc, the hosts files to import/download & process, & favorite sites to reverse dns ping to avoid DNS (noted above why)).

11.) Removal scanners (if the users decide to remove hosts entries from imported data they can check if the site is indeed known as bad or not (sometimes 'false positives' happen, or just bad entries, or sites clean themselves up after infestation due to vulnerable coding etc./et al)).

12.) Removal of bloating material in many hosts files like Comments (useless bulk in a hosts file that's "all business")

13.) Removal of bloating material in many hosts files like Trailing comments after records (produces duplicates)

14.) Removal of bloating material in many hosts files like Invalid TLD entries (program checks this in a BETTER method than the API call "PathIsURL")

15.) Removal of bloating material in many hosts files like Trims entries (vs. trailing blanks bloat on record entries)

16.) Removal of bloating material in many hosts files like the conversion of the larger & SLOWER 127.0.0.1 blocking "loopback adapter" address (slower due to larger size bytes wise to parse, & slower if loopback happens) to the smaller/faster to parse & load 0.0.0.0

17.) Uniformity of ALL entries in hosts (as to records inserted & format they use - reducing bloat AND repeated bloating entries).

18.) Filtration-Removal of sites that IF in a hosts file are KNOWN to cause problems on larger portals that use CDN etc.

19.) Custom hosts files protect ALL webbound programs, not just webbrowsers (like AdBlock addons, & it doesn't even block ALL adbanners by default anymore) & it does so @ a more efficient faster level (Ring 0/RPL 0/Kernelmode) acting merely as a filter for the PnP design IP stack, vs. the slower level webbrowser programs & their addons operate in (Ring 3/RPL 3/Usermode), which addons slow them even more by "layering on" parsing & processing that browser addons layer on.

20.) Custom hosts files also offer the speedup to favorite sites noted above, & even firewalls + browser addons do NOT offer that...

---

& MORE, in roughly 15 minutes runtime (on an Intel Core I7 920 Quad/4 core cpu @ 2.67ghz) & faster on faster CPU's (e.g. - Intel Core I7 3960 "extreme" 6-7 core CPUs = 7 minute runtime) & slower on slower CPU's (Intel 1.5ghz Celeron single core = 45 minutes).

* The malwarebytes/hpHosts site admin another person/site hosting it (Mr. Steven Burn, a competent coder in his own right), said it's "excellent" in fact and has seen its code too...

(Write him yourselves should anyone doubt any of this -> services@it-mate.co.uk or see his site @ http://hosts-file.net/?s=Download [hosts-file.net] [hosts-file.net] ) & he's seen the majority of the sourcecode (Delphi Object Pascal 32 & 64 bit).

APK

P.S.=> It will be releasing soon to sites that host 64-bit programs (even though it also has a 32-bit model, line for line the same code except for 32 in place of 64 in its help file & user interface)!

Again, because I told myself (since i built it in late 2003 in version 1.0++ & have rebuilt it 5x since in Borland Delphi 3.0/5.0/7.0 32-bit & currently into 64-bit using Delphi XE2) IF things didn't get better on the "malware front", out it would go for the general public to get the above enumerated multiple & versatile benefits custom hosts yield for end users (mainly saving them money on speed + bandwidth they pay for each month as well as added "layered-security"/"defense-in-depth" AND reliability all noted above)... apk

Re:Good (I did one myself - years before it)... ap (0)

Anonymous Coward | more than 2 years ago | (#40385939)

Very interesting! (adding both of your posts to my Evernote for later detailed reading/analysis).

Any plans to offer the "APK Hosts File Engine 5.0++" at "normal" looking website, with FAQs, screenshots etc (OTOH, I can understand privacy/safety concerns of any individual challenging the multi-billion dollar scamming/advertisement industry)? It does everything (and more?) HostsMan does for me: automatic updates from multiple sources, 127.0.0.1->0.0.0.0 conversion, comments and duplicates removal... Moving "DataBasePath" to RAM - how much does it speed the process up?

Just in case you did not see this, here is the link to the page of Fravia (who had unfortunately deceased in 2009 :-( ) on blocking malicious IP ranges (is there such a functionality in APK?):
http://www.searchlores.org/antiadve.htm#rout [searchlores.org]

Thanks... apk (0)

Anonymous Coward | more than 2 years ago | (#40386389)

"Very interesting! (adding both of your posts to my Evernote for later detailed reading/analysis)." - by Anonymous Coward on Wednesday June 20, @11:39AM (#40385939)

Thank you, & I hope you find it useful...

---

"Any plans to offer the "APK Hosts File Engine 5.0++" at "normal" looking website, with FAQs, screenshots etc." - by Anonymous Coward on Wednesday June 20, @11:39AM (#40385939)

Yes, eventually, Mr. Burn of hpHosts/malwarebytes + Henry Hobbitt of hostfile.org asked me the same... right now, I am building in filtration for the NEW "gTLD's" that are coming out... it's important, for the future.

The version you can get now doesn't account for them (tld's like these -> http://newgtlds-cloudfront.icann.org/sites/default/files/reveal/strings-1200utc-13jun12-en.csv [icann.org] )

It will, soon... about a week, tops.

---

"(OTOH, I can understand privacy/safety concerns of any individual challenging the multi-billion dollar scamming/advertisement industry)?." - by Anonymous Coward on Wednesday June 20, @11:39AM (#40385939)

I'm not "Bruce (ad) Banner's" (lol) enemy...

OR

That of the security industry (be that antivirus/antispyware or even the DNS system itself with all of its faults I noted) either - I'm actually MORE THEIR FRIEND...

Simply by pointing out they have issues that needed supplementing via this tool or one like it!

---

"It does everything (and more?) HostsMan does for me: automatic updates from multiple sources, 127.0.0.1->0.0.0.0 conversion, comments and duplicates removal... ." - by Anonymous Coward on Wednesday June 20, @11:39AM (#40385939)

A bit more, but all of what it can do, afaik... & it imports from as many, if not MORE, sources for valid hosts file data (all sources are known & reputable). It even checks or can check, sites you MAY wish to remove (but should be checked vs. known databases of malicious sites first, prior to removal, for safety).

---

"Moving "DataBasePath" to RAM - how much does it speed the process up?." - by Anonymous Coward on Wednesday June 20, @11:39AM (#40385939)

It does so (here) by my moving the hosts file to a TRUE SSD (Gigabyte IRAM 4gb DDR2 based ramdrive board), & that's for FASTER SEEK/ACCESS (since they're known for that vs. std. HDD's), & then, the diskcaching subsystem in the OS does the rest (caching hosts file data to RAM), since the hosts file is just a file, like any other...

That, & SuperFetch in Windows does the rest (better, since it keeps frequently accessed data better & doesn't 'flush' as easily as caches do, so as long as you're surfing & thus, using the hosts file for fav. sites especially hardcoded into it (going to be GOOD on July 9th 2012, when the DNSChanger trojan starts getting 'flushed' worldwide)).

---

"Just in case you did not see this, here is the link to the page of Fravia (who had unfortunately deceased in 2009 :-( ) on blocking malicious IP ranges (is there such a functionality in APK?):
http://www.searchlores.org/antiadve.htm#rout [searchlores.org] "
- by Anonymous Coward on Wednesday June 20, @11:39AM (#40385939)

NO, I do IP addresses in firewalls (since hosts files can't stop those) via PowerShell scripts for "enmasse import"... but, the GREAT MAJORITY of what malware makers use? Hosts-Domain names!

Why? First - they pay for them, & they do, because they're "recyclable"/reuseable... the RBN (Russian Business Network), a known gang of criminals online in the past, was notorious for it.

(Makes sense - because once IP Addresses are known bad? They get "bad block" blacklisted... not so easy to do with host-domain names, because they just move to other less scrupulous hosting providers & use bogus DNS servers too, to use them again & again).

APK

P.S.=> Gotta run now, enjoy the program & the data I posted here initially (thanks all who upmodded my post too)... apk

Re:This beats the HELL out of any browser addon (0)

Anonymous Coward | more than 2 years ago | (#40385787)

Are you... selling something? And trying to do so by insulting potential customers? I don't get it.

Dear Off-Topic Troll: Face this challenge (0)

Anonymous Coward | more than 2 years ago | (#40386491)

Are you on topic troll? No. Go away now, shooo little troll...

APK

P.S.=> Thus - Once more this challenge goes out to you off-topic trolls who clearly don't possess the technical KNOW-HOW to get the better of my 1st post here's 21 points in favor of hosts files I posted -> http://yro.slashdot.org/comments.pl?sid=2926641&cid=40383743 [slashdot.org] , that get end users of them the following:

---

1.) Better speed/bandwidth
2.) Better "layered-security"/"defense-in-depth"
3.) Better screen realestate
4.) Better tracking defense
5.) Better 'anonymity' (to an extent vs. DNS request logs, or vs. unjust DNSBL's (DNS blocklists) you feel are unjust)
6.) Better than browser addons for efficiency

---

& more...

Because, until the trolls around here do?

Well... they (and now, you) only remind me of what happened to the HULK (vs. Thor) in this clip from the excellent 2012 film "The Avengers"(where Hulk gets 1st FLOORED, & then pinned & trapped beneath Thor's hammer (& is unable to escape or move it)):

http://www.youtube.com/watch?v=6Attt4dVu0U&feature=related [youtube.com]

Since everytime I post that list??

Not a SINGLE /. TROLL has managed to disprove its points... not a one, for years now... lol, & I wager you'll do more "FAIL" of the same vs. facts I posted on hosts file usage & benefits... apk

Re:Dear Off-Topic Troll: Face this challenge (0)

Anonymous Coward | more than 2 years ago | (#40387059)

Ok... so I'll take that as a "yes," combined with an unhealthy dose of netkookery.

Wrong. Can't you get anything right troll? (0)

Anonymous Coward | more than 2 years ago | (#40387283)

Not selling a thing here. I am freely giving it away here http://yro.slashdot.org/comments.pl?sid=2926641&cid=40385557 [slashdot.org]

* So, so much for your off-topic trolling b.s. here:

"Are you... selling something? And trying to do so by insulting potential customers? I don't get it." -

See above, & of course you don't "get it" - you're a troll, complete with typical troll IQ of 10 below plantlife!

(LMAO - that's only further proven by your clear inability to disprove points I make on custom hosts files here... lol!)

This? Well... you KNOW I've gotta say it, as-is-per-my-inimitable style:

This?? This was just "too, Too, TOO EASY - just '2EZ'", & it's NOT MY FAULT doltish trolls like you make it so for me, everytime (you always make me look GOOD though, I'll give you THAT much... thanks!)

APK

P.S.=> Once more, so it "sinks in" to your dull trollish brain:

This challenge goes out to you off-topic trolls who clearly don't possess the technical KNOW-HOW to get the better of my 1st post here's 21 points in favor of hosts files I posted -> http://yro.slashdot.org/comments.pl?sid=2926641&cid=40383743 [slashdot.org] , that get end users of them the following list of benefits:

---

1.) Better speed/bandwidth
2.) Better "layered-security"/"defense-in-depth"
3.) Better screen realestate
4.) Better tracking defense
5.) Better 'anonymity' (to an extent vs. DNS request logs, or vs. unjust DNSBL's (DNS blocklists) you feel are unjust)
6.) Better than browser addons for efficiency

---

& more...

Because, until the trolls around here do?

Well... they (and now, you) only remind me of what happened to the HULK (vs. Thor) in this clip from the excellent 2012 film "The Avengers"(where Hulk gets 1st FLOORED, & then pinned & trapped beneath Thor's hammer (& is unable to escape or move it)):

http://www.youtube.com/watch?v=6Attt4dVu0U&feature=related [youtube.com]

Since everytime I post that list??

LOL - Yes... Not a SINGLE /. TROLL has managed to disprove its points - not a one, for years now... lol, & I wager you'll do more "FAIL" of the same vs. facts I posted on hosts file usage & benefits... apk

Re:This beats the HELL out of any browser addon (0)

Anonymous Coward | more than 2 years ago | (#40387809)

Are u serious? He's attacked by trolls like u here n' u run from his challenges to disprove his points on custom hosts files n' the good things they can do for end users of them. Take his advice and either put up or shut up troll by disproving his list of points on hosts files, or leave.

Re:This beats the HELL out of any browser addon (0)

Anonymous Coward | more than 2 years ago | (#40388151)

And you are just him, sockpuppet. (Captcha = mental. No doubt.)

Re:This beats the HELL out of any browser addon (0)

Anonymous Coward | more than 2 years ago | (#40388415)

Wrong again troll. I'm not wrong about u running like a beyotch from a simple challenge he put forth to you now am I http://yro.slashdot.org/comments.pl?sid=2926641&cid=40386491 [slashdot.org] ? Not at all. "Run Forrest, run" lol.

Re:This beats the HELL out of any browser addon (0)

Anonymous Coward | more than 2 years ago | (#40389841)

See the troll project his own modus operandi. Talk about mental.

"Run Forrest - RUN" (lmao)... apk (0)

Anonymous Coward | more than 2 years ago | (#40388497)

For all your trolling, you run from this, "Forrest" -> http://yro.slashdot.org/comments.pl?sid=2926641&cid=40383951 [slashdot.org]

* So, please - tell us: Why's that troll? Too much of a challenge for your 10 below plantlife IQ??

(Yes, obviously... lmao @ U, troll!)

All "little troll" has is effete moddowns & further off-topic trolling... lol, thanks for proving that point for me also!

(Now, before any /. "genius" tries to tell me that a registered 'luser' can't do that AND post in a thread? Bullshit - you downmod first, then logout of your registered 'luser' account, so the tracking cookie doesn't remove your downmod, & then troll by AC, and log back in & "POOF" - your bogus downmods do NOT disappear...!)

APK

P.S.=> Oh, & WHERE ARE MY MANNERS? Once more - I must THANK you, for making ME, look GOOD, as you effete off-topic trolls ALWAYS do - especially when you RUN FORREST (lol) from a challenge I put to you to disprove my points on hosts files... apk

Re:This beats the HELL out of any browser addon (1)

arbulus (1095967) | more than 2 years ago | (#40387273)

Another problem with the Windows hosts file: if you're running Microsoft Security Essentials, it will view modificaitons to the hosts file as a virus and remove them.

I don't see that & I use MS Sec. Essentials... (0)

Anonymous Coward | more than 2 years ago | (#40387415)

"Another problem with the Windows hosts file: if you're running Microsoft Security Essentials, it will view modificaitons to the hosts file as a virus and remove them." - by arbulus (1095967) on Wednesday June 20, @01:17PM (#40387273)

Funny - it doesn't do that here on Windows 7 64-bit, & with the latest update to MS Security Essentials, both the app itself AND its updated data files, daily.

* I wonder WHY that's happening for you...

---

I can, however, tell you 1 thing, for sure/certain, where MS is erring:

The local DNS clientside cache service has to be 'shutdown' with relatively LARGER hosts files...

I've shown + proven other facts about errors in that service, and things MS did to hosts files period, VISTA onwards, here:

All systems (VISTA after 12/09/2008 hotfix "Patch Tuesday" by Microsoft did so and now VISTA &/or Windows Server 2008 will NOT work using 0, but can use 0.0.0.0 for example & Windows 2000 pre Service Pack #1 will do the same - it will not use anything but 127.0.0.1).

REPORTED TO MICROSOFT by APK here -> http://blogs.msdn.com/b/e7/archive/2009/02/25/feedback-and-engineering-windows-7.aspx?CommentPosted=true&PageIndex=3#comments [msdn.com]

And here on www.slashdot.org to a Richard Russell who posts as FOREDECKER there (he is a senior VP at Microsoft and leader of the "Windows Client Performance Division" there, or was then, & may have moved to another division)

Yes, and he conceded my points on HOSTS files also:

http://slashdot.org/comments.pl?sid=1467692&cid=30384918 [slashdot.org]

  So, why are 0, &/or 0.0.0.0 faster & better on disk and reads than 127.0.0.1? Well, the first octet(s) IS/ARE 2-7 bytes (16 bits) smaller each entry used is why: COMMON-SENSE & over a large amount of entries this makes for FASTER loadtime from disk into your local Cache and since 0 and perform no "loopback operation" and are essentially analogs to a DROP request vs. 127.0.0.1 doing essentially a DENY request (as in firewalls) and a loopback operation directing back to itself, you have more efficient operations doing 0 or 0.0.0.0 vs. 127.0.0.1, the "loopback adapter" and its address (yes, even on Windows where there is a loopback adapter one may bind to a protocol (which is only a dummy driver for systems that have no NIC in them, see here in that regard ->

http://www.windowsitpro.com/article/john-savills-windows-faqs/what-is-the-microsoft-loopback-adapter-and-why-do-i-need-it-for-sql-server-.aspx [windowsitpro.com]

APK

P.S.=> I don't recall "messing with" ANY of MS Security Essentials options either, & simply run it in 'default' settings mode afaik (but, I can check on that, unless YOU can tell me differently in regards to its settings)... apkPageIndex=3#comments

And here on www.slashdot.org to a Richard Russell who posts as FOREDECKER there (he is a senior VP at Microsoft and leader of the "Windows Client Performance Division" there, or was then,

Re:I don't see that & I use MS Sec. Essentials (1)

arbulus (1095967) | more than 2 years ago | (#40387681)

Not sure why it was happening, either. It was on both XP and 7. Everything with MSE was the default settings. I've seen malware fiddle with hosts files before, but it seemed odd that it would assume that all modifications are malicious.

I was using hosts for web filtering for a small business client of mine. They wanted some computers to have limited access to the web, while allowing others full access. Hosts files were the easiest solution. But not long after I implemented it, MSE flagged them all as viruses and removed my modifications.

This was several months back, though. Maybe MSE has had an update that resolved the issue since then.

Right: You MAY want to look into updates (0)

Anonymous Coward | more than 2 years ago | (#40387933)

See subject-line, & I hope that helps, because I honestly do NOT see that issue here (again, on Windows 7 64-bit + MS Security Essentials 64-bit model, version # 4.0.1526.0 , filename -> mseinstall.exe - download date here was 4/24/2012... )

* Who knows though? I just MAY have "toyed" with its options to stop it from messing w/ hosts file data, but I can't recall it (I started using MS Security Essentials since day #1 it was releasted - however/again: I do KNOW it's gotten a few updates since then too, so... there you are, good luck, & I hope it helps to simply update the executable for it + its signatures)

APK

P.S.=> Above ALL else here though? Well... it is NICE to see another person that's aware of what hosts files can do for folks though - you're not alone in that regarding custom hosts files amongst slashdot users (I list a few quotes in my init. post from them), & GOOD to see you applying it also for yourself & others!

(There's a HELL OF A LOT that that single file can do for folks which I enumerated FULLY in my init. post here -> http://yro.slashdot.org/comments.pl?sid=2926641&cid=40383743 [slashdot.org] because it is SO versatile & "ubiquitous")... apk

Truths about Ghostery (0)

Anonymous Coward | more than 2 years ago | (#40420315)

There's more about Ghostery you evidently aren't aware of http://yro.slashdot.org/comments.pl?sid=2931443&cid=40412193 [slashdot.org] and you may not like it. I didn't. I don't like 1/2 truths, and people pissing down my neck and telling me it's raining!

Don't accept cookies. (2)

couchslug (175151) | more than 2 years ago | (#40383545)

Incognito/private browsing FTW. Use (for example) one browser for browsing where you don't mind cookies, and a second for items you don't want tracked.

You can have many browsers, any decent PC can run many browsers, so have at it.

Re:Don't accept cookies. (1)

hey_popey (1285712) | more than 2 years ago | (#40383611)

1- If you don't accept cookies, some websites simply don't work
2- Incognito/private browsing is not enough to avoid other trackers like pixels, scripts...

Re:Don't accept cookies. (0)

Anonymous Coward | more than 2 years ago | (#40383637)

IF a site fails to work without cookes, then don't frequent that site!
Or if you simply cannot do without an obnoxious web site, then use SESSION cookies
for it and exit from the web browser afterwards (to clear the session cookies).

Re:Don't accept cookies. (4, Interesting)

PopeRatzo (965947) | more than 2 years ago | (#40383777)

2- Incognito/private browsing is not enough to avoid other trackers like pixels, scripts...

Can "other trackers like pixels, scripts" track actual identifying data? I don't know enough about this stuff to know.

And if I can remain anonymous enough, should I still care if data is collected?

I run ghostery but I really need to pay more attention to this stuff and educate myself about incognito/private browsing. Not so much that I browse somewhere illegal or that my crazy leftwing politics are going to get me in trouble, but I really can't stand the idea of data tracking.

I would gladly give up all the "benefits" that come with data tracking. But then, I thought the internet was just great in 1993, before the commercialization of the Internet. I would love to have seen how the Internet would have developed if it hadn't become a sleazy shopping mall/TV combo.

I really like this idea of "cookie camouflage". I never heard of this "antiphormlite" program before today. Too bad it seems to have been disappeared. I would enjoy showing these trackers the back of my hand.

Re:Don't accept cookies. (0)

Anonymous Coward | more than 2 years ago | (#40386113)

Can "other trackers like pixels, scripts" track actual identifying data?

Yes, they can. Check http://panopticlick.eff.org/ [eff.org] - in their report, they show that nearly everyone on a desktop computer with javascript enabled is uniquely identifiable.

The only way to browse the Internet with privacy is to disable javascript, or use a mobile browser. Some mobile browsers are uniform enough that their users can't be distinguished.

Re:Don't accept cookies. (1)

PopeRatzo (965947) | more than 2 years ago | (#40388687)

The only way to browse the Internet with privacy is to disable javascript, or use a mobile browser.

I'll have to look up what you mean by "mobile browser". I don't think you're referring to a browser on my smartphone.

Truths about ghostery (you won't like 'em) (0)

Anonymous Coward | more than 2 years ago | (#40420327)

There's more about Ghostery you evidently aren't aware of http://yro.slashdot.org/comments.pl?sid=2931443&cid=40412193 [slashdot.org] and you may not like it. I didn't. I don't like 1/2 truths, and people pissing down my neck and telling me it's raining!!!

Re:Don't accept cookies. (1)

mwvdlee (775178) | more than 2 years ago | (#40383621)

Does incognito browsing, such as chrome's incognito tabs, help against fingerprinting methods?

Re:Don't accept cookies. (0)

Anonymous Coward | more than 2 years ago | (#40383909)

No, it doesn't. Your icognito session will have it's own, unique fingerprint.

Re:Don't accept cookies. (0)

Anonymous Coward | more than 2 years ago | (#40383623)

Multiple browsers is not an acceptable solution for the vast majority of the public.

Re:Don't accept cookies. (0)

Anonymous Coward | more than 2 years ago | (#40383741)

That's the beauty of it: We throw them to the lions and watch from a safe distance.

Re:Don't accept cookies. (1)

couchslug (175151) | more than 2 years ago | (#40387523)

"Multiple browsers is not an acceptable solution for the vast majority of the public."

This forum is not directed at the "vast majority of the public".

Re:Don't accept cookies. (1)

Charliemopps (1157495) | more than 2 years ago | (#40384007)

Even the cheapest tracking software includes methods for tracking people with cookies turned off. Buisnesses have wised up and are tracking you based on info you can't change, like your IP, windows version, etc... Then they share this info with each other. Private browsing is NOT private. Your only hope is to use a proxy service.

Re:Don't accept cookies. (1)

Hatta (162192) | more than 2 years ago | (#40384015)

What does multiple browsers help when you're browsing from the same IP address? I think Google's smart enough to figure that out.

Re:Don't accept cookies. (1)

AliasMarlowe (1042386) | more than 2 years ago | (#40386049)

What does multiple browsers help when you're browsing from the same IP address? I think Google's smart enough to figure that out.

Actually, our entire household browses from a single IP address. In that case, if we each used one unique browser (or mostly just that one) per user, the multiple browser approach would assist in differentiating people for advertising purposes. As it is, we each use any of 3 PCs which all run Xubuntu, but identifiably unique due to display resolutions, installed fonts, etc. Similarly, even the kids use two or more browsers each while my wife and I use three or four regularly, and everyone knows to clear their cookies after visiting any dodgy sites (cookies are generally cleaned on exit anyway). We probably present a difficult case for analysis, and don't get any particularly well-aimed "targeted" advertising.

BTW, it's interesting to see what your browser might reveal [browserspy.dk] when your visit a site, even neglecting cookies. Quite often, your browser reveals enough to identify it [eff.org] uniquely.

Make your browser stateless (0)

Anonymous Coward | more than 2 years ago | (#40383661)

There should be a simple option to "normalize" all information that usually varies: Fonts, screen size and depth, window size, etc.

Then forget everything when you close the browser: History, cookies, cache, DNS, etc.

Don't even store anything that isn't written by something from the domain in the URL bar. Strictly no inter-domain communication, not even with subdomains or cross-domain policies.

I got creeped out the other day ... (0)

Anonymous Coward | more than 2 years ago | (#40383699)

I was looking into Linode hosting the other day and did some google searches about it on my laptop. Then a few hours later I switched to my desktop with a different net connection, which has a spankingly fresh installation of Ubuntu so presumably the browsers haven't been laden down with trackers and cookies yet, especially because I haven't logged into any web services on that machine. But every page I looked at was plastered with ads for Linode.

It was a reminder of just how advanced tracking has become. And in turn, Ghostery has quickly become one of my favourite FF extensions.

Re:I got creeped out the other day ... (0)

Anonymous Coward | more than 2 years ago | (#40383853)

I've got something creepier.

AT&T spammed my gmail account recently. A gmail account that was never used when communicating with AT&T. A gmail account that's only logged into from a mobile device on a Verizon network.

I feel sorry for the support rep when I call 'em up and ask 'em where the fuck they got that address.

Re:I got creeped out the other day ... (1)

vlm (69642) | more than 2 years ago | (#40385231)

especially because I haven't logged into any web services on that machine

Let me guess, except for google because you're using chrome on both browsers.

Re:I got creeped out the other day ... (0)

Anonymous Coward | more than 2 years ago | (#40385393)

Let me guess, except for google because you're using chrome on both browsers.

Actually, no. Chrome's on the mobile device, but not on the PC. My interaction with AT&T is limited to a monthly autopay bill - that transaction is between my bank and AT&T, and I'm notified of the bill by paper, not e-mail. I don't think Google sold it to AT&T.

My leading scenarios are either that there's a loophole in my bank's privacy policy that permits them to sell my address to AT&T, or that AT&T bought a database of real names, cross referenced the real names with their customer lists, and made a wild guess that the gmail account was indeed mine (an actual spam).

The irony is... (0)

Anonymous Coward | more than 2 years ago | (#40383851)

...I clicked on that link and Ghostery blocked 8 sites.

Collusion plugin for Chrome/Safari (1)

charnov (183495) | more than 2 years ago | (#40384005)

Collusion plugin for Chrome/Safari from Disconnect.me blocks all known trackers. Since using it for a while, I have noticed a disappearance of eerily targeted ads in Google searches, etc.

aren't you missing something? (1)

slashmydots (2189826) | more than 2 years ago | (#40384009)

Tor? Why? How about in Firefox or IE8 or 9 hit ctrl-shift-P. Tada, temporarily no more non-session cookies are preserved (among other privacy perks).

Re:aren't you missing something? (1)

Z00L00K (682162) | more than 2 years ago | (#40384499)

And then you still need to clear out caches for all your browser plugins like Java, Flash etc.

Otherwise you will still sit there with tracking cookies.

noscript?? (3, Interesting)

apcullen (2504324) | more than 2 years ago | (#40384365)

Doesn't using noscript block most of the sites that track one's browsing?

Re:noscript?? (0)

Anonymous Coward | more than 2 years ago | (#40384937)

Not by itself, but noscript + refcontrol + ghostery + user agent switcher + surfing through a proxy, and you're starting to get there.

Re:noscript?? (2)

oldredlion (1663421) | more than 2 years ago | (#40385141)

It certainly blocks some.

I went to that cnet page and ghostery reported 5 trackers.

I then did noscript "temporarily allow all this page" and ghostery reported 11 trackers, so noscript seems to be blocking 6 out of 11.

Truth about ghostery (you won't like it) (0)

Anonymous Coward | more than 2 years ago | (#40420349)

There's more about Ghostery you evidently aren't aware of http://yro.slashdot.org/comments.pl?sid=2931443&cid=40412193 [slashdot.org] and you may not like it. I didn't. I don't like 1/2 truths, and people pissing down my neck and telling me it's raining.

Just One Question (1)

Ukab the Great (87152) | more than 2 years ago | (#40384515)

How many users did they have to track to obtain that finding?

trollko re (-1)

Anonymous Coward | more than 2 years ago | (#40384783)

My "Solution" (1)

Droog57 (2516452) | more than 2 years ago | (#40385021)

I use Opera and the Ghostery extension along with WOT. Then I run CCleaner a few times a day. I ALWAYS log out of any site once I'm done with what I logged in to do, and that goes double for Google. Then run CCleaner. I take a small hit with some occasional unpredictable behavior on some sites with Ghostery running, but screw 'em. If they want my junk, I can find (95% of the time) what i want elsewhere. Strategy seems to work pretty well, low spam incidence in gmail and my "real" email addresses are rarely spammed as well. Recently checked Google's data on me through the privacy page and all clear.

AntiphormLite (0)

Anonymous Coward | more than 2 years ago | (#40385773)

It took me exactly 2 minutes to find (part of) the source code of said program...

http://web.archive.org/web/20080821182640/http://www.antiphorm.com/software/latest/AntiPhormLite1_33.dba [archive.org]

Re:AntiphormLite (0)

Anonymous Coward | more than 2 years ago | (#40388059)

Sigh. Takedown notice in the mail...

Find the best deals on AntiPhormLite here! (0)

Anonymous Coward | more than 2 years ago | (#40387353)

It's still there if you know where to look. The script source, anyway. Dunno how well it will work with an up-to-date browser. Wonder too if random browsing is necessarily the best approach. You might need something more...directed. YMMV.

As if it was confined to our browsing (1)

Weatherlawyer (2596357) | more than 2 years ago | (#40387827)

I went for a job yesterday.

I needed a birth certificate, proof of my national insurance number and all my bank details.

I had to sign a waiver about my bank account and agreed to have some of my wages docked for this and that reason.

Then the interview began.

After we had to sit through all the advertising bullshit for Morrisons, the company employing the agency running the scam... (I wish I could get hold of some of the presentation videos. If you remember the deer in the headlights clip of Tony Blair visiting the USA after realising he'd just got rogered into a phoney war, it was like that) they wanted to know just how desperate we were and how reliable we'd be.

I wonder just how many of these sorts of scams people like the large supermarkets pull. Their in house "agency" only running the personnel office of that one branch not the whole chain.

And only offering a few days here and there as needed and no sick pay if you fail to meet their stringent quarantine laws. It's back to the Victorian era in time for the Jubilee.

http://www.guardian.co.uk/uk/2012/jun/04/jubilee-pageant-unemployed?fb=native&CMP=FBCNETTXT9038 [guardian.co.uk]

What a pity it is illegal to enquire back. Anyone here know anyone from Anonymous, know what I mean, wink, nudge?

Try Abine's DNT+ (0)

Anonymous Coward | more than 2 years ago | (#40408423)

I installed this software a little less than a month ago. Since then, it has blocked and logged 12,834 attempts to track me without my knowledge or consent. I had thought the figure would be in the high hundreds - THAT's why we need informed, explicit consent to track and why do-not-track by default is important....

Check for New Comments
Slashdot Login

Need an Account?

Forgot your password?