Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Interview With Mozilla's Ryan Merkley: Tracking the Trackers

samzenpus posted more than 2 years ago | from the listen-but-don't-track dept.

Privacy 165

colinneagle writes "Among the eye-opening statements in his recent TED talk, Mozilla CEO Gary Kovacs said, 'Privacy is not an option, and it shouldn't be the price we accept for just getting on the Internet. Our voices matter and our actions matter even more.' After you download and install Collusion in Firefox, you can 'see who is tracking you across the Web and following you through the digital woods,' Kovacs stated. 'Going forward, all of our voices need to be heard. Because what we don't know can actually hurt us. Because the memory of the Internet is forever. We are being watched. It's now time for us to watch the watchers.' I've been using Collusion for some time now and it is jaw-dropping to watch all the sites that still stalk us across the web even with DNT and privacy add-ons. The Collusion page states: 'The Ford Foundation is supporting Mozilla to develop the Collusion add-on so it will enable users to not only see who is tracking them across the Web, but also to turn that tracking off when they want to.'"

cancel ×

165 comments

Sorry! There are no comments related to the filter you selected.

first (-1)

Anonymous Coward | more than 2 years ago | (#40409231)

boop

Re:first (-1, Troll)

Anonymous Coward | more than 2 years ago | (#40409405)

Hey, my first first that was first...on my first try! Truly, Slashdot, this is the crowning moment of my life. Everything I've done up until now has led to this moment. I can die now knowing I was among the world elite.

Thank you all.

I can't wait to tell Steve.

What a surprise (0)

Anonymous Coward | more than 2 years ago | (#40409235)

advertisers not adhering to do not track settings... whoda thunk?

P.S. First Post!

Re:What a surprise (0)

Anonymous Coward | more than 2 years ago | (#40409249)

And they'll only adhere once the settings are legally enforceable.

The trick to actually being the first post is to not spend any time being cute about it. FAIL.

Download/Demo here (5, Informative)

saibot834 (1061528) | more than 2 years ago | (#40409243)

Collusion Download/Demo [mozilla.org] . Looks like a pretty nifty tool. And completely without flash!

Re:Download/Demo here (5, Interesting)

Inda (580031) | more than 2 years ago | (#40409333)

You don't need that to see how we're being tracked (although I do have it installed).

I'd been looking at having laser eye surgery for some time. Money was the only thing stopping me from doing real research.

There was an advert for an Optical Express laser clinic, with a competition for free treatment, so I clicked. It's probably the only time I've ever clicked, and this was at work with no Ad-block installed.

I went through the process of consultation, price negotiation and all that stuff. I was happy with everything offered, and went ahead with the surgery (two weeks ago, best thing I've ever done).

Top of Slashdot today? Adverts for laser eye surgery at Optical Express. In fact, every blinking website I visit at work is trying to show me adverts for Optical Express. This has been going on for nearly two months!

I'm sure it must happen to everyone, everywhere.

Re:Download/Demo here (5, Funny)

Sviams (708968) | more than 2 years ago | (#40409361)

And here you are, posting an advert for Optical Express...oh the irony :)

Re:Download/Demo here (5, Funny)

Anonymous Coward | more than 2 years ago | (#40409381)

Those ads have always been there - maybe you can only see them after you had the surgery!

Re:Download/Demo here (0)

Anonymous Coward | more than 2 years ago | (#40409667)

There are ads on the Internet?

Re:Download/Demo here (4, Insightful)

R_Dorothy (1096635) | more than 2 years ago | (#40409567)

Yep, I've noticed that ad networks are very good at trying to sell me something I've already bought.

Re:Download/Demo here (0)

Anonymous Coward | more than 2 years ago | (#40409633)

Silence cyclops troll.

Re:Download/Demo here (4, Funny)

bitt3n (941736) | more than 2 years ago | (#40409761)

you wonder why Optical Express gave you such a good deal on laser surgery, and next you're going to start seeing advertisements on your walls, in your shower, in the blue sky, whenever you close your eyes....

Re:Download/Demo here (0)

Anonymous Coward | more than 2 years ago | (#40409823)

Logout of everything and delete the fucking cookies at least if you can't use an adblocker.

Re:Download/Demo here (1)

Anonymous Coward | more than 2 years ago | (#40409865)

Yeah, I ordered a pair of New Balance shoes off their website since most stores don't have the 13 4E size I wear and now I see ads for New Balance all day every day,

How long until Google notices? (5, Insightful)

pegasustonans (589396) | more than 2 years ago | (#40409255)

The Mozilla Foundation reportedly receives ~$300 million annually from Google.

Google is certainly an interested party when it comes to tracking user behavior.

Is this really a good move for Mozilla strategically?

Re:How long until Google notices? (3, Insightful)

Anonymous Coward | more than 2 years ago | (#40409291)

Is this really a good move for Mozilla strategically?

Yes because the general public do value privacy, and being on the side of public opinion is priceless.

Re:How long until Google notices? (0, Redundant)

Anonymous Coward | more than 2 years ago | (#40409321)

Their dependency on Google is why Firefox doesn't ship with something like AdBlock+ or NoScript. Instead, they want you to tell Google "please don't track me" -- but how liberally Google interprets it is up to them. It's not like you can tell how much data Google collects on you even if you have "don't track" checked.

Re:How long until Google notices? (4, Insightful)

Anonymous Coward | more than 2 years ago | (#40409355)

Of course it is. Just because they're funded, doesn't mean they're controlled. And I don't think transparency is bad for Google's main business model. People more or less know what Google gets when it is used for searching. I predict they'll jump on board with this one and provide something similar in Chrome. It's the right kind of tool to win over the masses.

Re:How long until Google notices? (0)

Anonymous Coward | more than 2 years ago | (#40409547)

Of course it is. Just because they're funded, doesn't mean they're controlled.

Oh, the naivety...

Google hasn't canned Mozilla. (0)

Anonymous Coward | more than 2 years ago | (#40409675)

So I guess I could say "oh, the cynicism".

Re:How long until Google notices? (5, Insightful)

Jahta (1141213) | more than 2 years ago | (#40409369)

The Mozilla Foundation reportedly receives ~$300 million annually from Google.

Google is certainly an interested party when it comes to tracking user behavior.

Is this really a good move for Mozilla strategically?

The key issue here is informed consent. The "Collusion add-on so it will enable users to not only see who is tracking them across the Web, but also to turn that tracking off when they want to."

I've no problem allowing cookies and scripts from sites I trust and who are providing me with a service I want. The problem is the number of "drive-by" cookies and scripts you can get hit with.

When I started using NoScript I was amazed at amount of content I was being silently served from third-party sites without my knowledge or consent.

Re:How long until Google notices? (0)

Martin S. (98249) | more than 2 years ago | (#40409577)

The problem is the number of "drive-by" cookies and scripts you can get hit with.

Re:How long until Google notices? (4, Informative)

Barefoot Monkey (1657313) | more than 2 years ago | (#40409907)

A nice trick is to set your browser to keep cookies only for the session, clear your cookies and then grab an extension like Cookie Monster [mozilla.org] or something similar to manage exceptions for the sites where you explicitly want permanent cookies.

Re:How long until Google notices? (1)

BenoitRen (998927) | more than 2 years ago | (#40410773)

Why do you need an extension for managing cookie policy exceptions? There is already a manager in Mozilla web browsers to manage those.

Re:How long until Google notices? (4, Informative)

Barefoot Monkey (1657313) | more than 2 years ago | (#40411035)

Those sort of extensions just provide a convenient way of interacting with Mozilla's mechanism. You get a statusbar icon which changes depending on if the site you're viewing has no cookies, blocked cookies, persistent cookies or session cookies. You can click on the icon to change the default action for that site or domain. It's so much simpler than opening the options and adding exceptions manually.

Re:How long until Google notices? (3, Interesting)

RivenAleem (1590553) | more than 2 years ago | (#40409425)

And if Google withdraw their funding over this Collusion addon, how do you think that will look?

As far as I know, Google have been very upfront [google.com] about what they have on me and what they use that information for. Collusion doesn't change anything for Google, especially if they respect the DNT option. I think Google would be quite alright with this, as what it really does is reveal how much OTHER people are tracking about you, and not telling you about it. Especially if OTHER people are ignoring DNT.

Like it is said, if you have nothing to hide from Collusion, then you have nothing to fear.

Re:How long until Google notices? (2, Interesting)

Hatta (162192) | more than 2 years ago | (#40410335)

As far as I know

Which is only what Google tells you. You don't think they're tracking you by IP address too? You don't think they're using browser fingerprinting? Google's cookie is one tiny part of the problem.

Re:How long until Google notices? (4, Informative)

swillden (191260) | more than 2 years ago | (#40411523)

As far as I know

Which is only what Google tells you. You don't think they're tracking you by IP address too? You don't think they're using browser fingerprinting? Google's cookie is one tiny part of the problem.

Google logs all IP addresses initially but after nine months zeros the bottom octet to anonymize them. Cookies are kept for 18 months, and many have noted that the cookies can be used to recover the full IP address going back 18 months, assuming you're always connecting from the same IP, but if you've opted out then there are no cookies stored to provide that linkage (I'm not sure if the opt-out cookie is itself anonymous, or if it's stripped before logging, or what, but it's something like that).

I don't know if browser information is anonymized; I'm sure at least enough is kept to identify the browser version.

Although you almost certainly won't believe me (since I work for Google), I'll tell you that Google tries very hard to honor tracking opt outs. If someone discovered a way that Google could recover individualized tracking about a user who had opted out, that would be considered a bug and it would get fixed. If it couldn't be fixed, controls would be put in place to ensure that the data is not used for tracking in any systematic way, and that individual employees can't access it without specific permissions, and the use of those who actually have a demonstrated need to use it would be audited.

The tinfoil hat crowd will simply dismiss this post, but the truth is that Google really doesn't want to track you if you don't want to be tracked. Google wants to convince you that you do want to be tracked, of course, that Google's services (including targeted advertising!) are actually sufficiently valuable to you that you want Google to have the data. But if you don't agree, Google provides the tools to allow you to opt out, and honors your choice.

This isn't to say that bad things will never happen, or that mistakes will never be made. Google is composed of people, and people screw up. Hence things like the Wifi packet capture, and Safari privacy workaround. But violations of the principles of user privacy are treated as errors to be corrected.

From an information-theoretic standpoint, the best way to be sure that Google never screws up with your privacy is to ensure it is impossible for Google to know anything about you, so opt out of tracking and avoid Google services, or even just block Google at your router. IMO, given its track record, trusting Google to behave responsibly isn't at all unreasonable, and I think Google offers good value in trade for your information (assuming that Google behaves responsibly). But it's your choice, and Google wants it to be possible for you to make that choice.

Re:How long until Google notices? (1)

Hatta (162192) | more than 2 years ago | (#40412557)

Google logs all IP addresses initially but after nine months zeros the bottom octet to anonymize them

That's not much privacy. If I watch your browsing habits for 9 months, I bet I could put together a signature that would let me identify your browing from a group of 256 random individuals.

Re:How long until Google notices? (2)

cusco (717999) | more than 2 years ago | (#40412461)

I just find it extremely intriguing that the Ford Foundation is involved in this, since they've been a money conduit for the CIA since at least the early 1960s (Project Mockingbird funding flowed to journalists through Ford Foundation and later Lyla Wallace Fund).

Re:How long until Google notices? (1)

bloodhawk (813939) | more than 2 years ago | (#40409501)

Every other browser, even internet explorer, is headed towards greater user privacy options so mozilla can either go with the heard or stand out as the weak link. They don't really have much of an option here so they may as well look towards being at the front of the pack.

New friends (3, Insightful)

Anonymous Coward | more than 2 years ago | (#40409273)

"Among the eye-opening statements in his recent TED talk, Mozilla CEO Gary Kovacs said, 'Privacy is not an option, and it shouldn't be the price we accept for just getting on the Internet.

Evidently, Gary has never met Mark Zuckerberg.

Go Ahead, Track Tor Exit Nodes! (5, Interesting)

Anonymous Coward | more than 2 years ago | (#40409283)

I'm just a random Tor exit node, up one day, down the next, replaced by another random exit node.

Use the Tor Browser Bundle:
- https://www.torproject.org/ [torproject.org]

Read the Tor OPSEC article:
- http://cryptome.org/0005/tor-opsec.htm [cryptome.org]
- https://www.schneier.com/blog/archives/2012/01/tor_opsec.html [schneier.com]

"HUGE Security Resource" - enjoy a smart selection of Security
Blogs and other security related information
- http://pastebin.com/Cm2ZHuz3 [pastebin.com]

Re:Go Ahead, Track Tor Exit Nodes! (1)

k(wi)r(kipedia) (2648849) | more than 2 years ago | (#40409349)

I was under the impression that Tor nodes are more permanent affairs. That's why Wikipedia can ban them for repeated vandalism.

Re:Go Ahead, Track Tor Exit Nodes! (2, Informative)

Anonymous Coward | more than 2 years ago | (#40409413)

Wikipedia bans offensive exit nodes from *editing*, not *viewing* their site.

Oh, and use bridges, always:

https://bridges.torproject.org/ [torproject.org]

for reasons mentioned in the Tor OPSEC document.

For sites which ban a lot of Tor exit nodes (like godlikeproductions), Startpage's free web proxy evades 99% of these bans, but you can't post with Startpage's proxy, just read.

Using Tor, you can also run through a lot of free web proxies to evade bans on Tor exit node IPs.

Some exit nodes remain for awhile (though your circuit is not the same all of the time) others are up one day and down the next.

PS: two hidden services message boards:

http://tinyurl.com/hackbbonion [tinyurl.com]
http://tinyurl.com/onionforum2 [tinyurl.com]

Re:Go Ahead, Track Tor Exit Nodes! (0)

Anonymous Coward | more than 2 years ago | (#40409497)

I think the point is they just see all the traffic coming from the node, which can't be identified with you. Except since you have to allow javascript to get even minimal functionality on a huge number of websites now, it kind of defeats the purpose. Facebook still tracks me that way, but what are my other options? Ever try using it without javascript? Not even functional. Youtube and google seem to be the worst tracking offenders, though, with facebook and some random porn ad network in third and fourth. Funny part is over time most of the sites doing the tracking have networked together, but the porn network is entirely disconnected. Guess they deal in entirely different data sets. ;)

Re:Go Ahead, Track Tor Exit Nodes! (1)

Anonymous Coward | more than 2 years ago | (#40409931)

"I think the point is they just see all the traffic coming from the node, which can't be identified with you. "

The workings of Tor are documented on the official site, there's no need to reinterpret it's function.

"Except since you have to allow javascript to get even minimal functionality on a huge number of websites now, it kind of defeats the purpose."

Most of the websites which require javascript in order to use are mostly stupid anyway, or exploit privacy/security.. just like...

"Facebook still tracks me that way, but what are my other options?"

Bingo! Why are you using Facebook with Tor? Read the Tor OPSEC article before you comment again.

"Ever try using it without javascript? Not even functional."

Neither are most morons who want Tor to provide complete functionality without being pwned. They want Flash, they want Java, they're just stupid.

Re:Go Ahead, Track Tor Exit Nodes! (4, Insightful)

buchner.johannes (1139593) | more than 2 years ago | (#40409485)

Tor won't help you if the website puts a cookie in your browser (which this discussion is about). What you need is a selective cookie policy (like Ghostery [ghostery.com] ) -- it makes my Collusion graph blank.

Re:Go Ahead, Track Tor Exit Nodes! (0)

Anonymous Coward | more than 2 years ago | (#40409519)

"Tor won't help you if the website puts a cookie in your browser"

That's what the included Torbutton add-on is for.

Configure it and your Torbrowser correctly and you don't receive any cookies, unless you decide to re-enable them. NoScript is included as well as HTTPS Everywhere. Torbutton also allows you to disable ALL cache, both disk and memory.

Ghostery is proprietary, right? IMO only the stupid trust black box software. Next, someone will say they're using Tor on Windows....

Please learn a little about the TBB prior to drawing conclusions.

Re:Go Ahead, Track Tor Exit Nodes! (0)

Anonymous Coward | more than 2 years ago | (#40410647)

Ghostery is a small piece of Javascript code and a list of tracking URL patterns to block.

Are you a special kind of stupid?

TOR is just as stupid feel-good pseudo-security, as full-body scanners and the whole TSA theater.

Re:Go Ahead, Track Tor Exit Nodes! (0)

Anonymous Coward | more than 2 years ago | (#40409739)

"Tor won't help you if the website puts a cookie in your browser (which this discussion is about)."
WTF is this marked insightful? It's obvious the guy has never used Tor, cookies are properly managed and can be disabled with a few clicks. Is there some monetary value in pimping the closed Ghostery plugin?

Re:Go Ahead, Track Tor Exit Nodes! (0)

Anonymous Coward | more than 2 years ago | (#40410811)

Yeah, good luck using the web with all cookies blocked.
And have fun clicking yes/no on every single fucking damn cookie.

It’s obviously you retard have never used Ghostery.
And posting twice as AC, doesn’t make you look better. (Yeah,we know that the above comment is by you too.)

Re:Go Ahead, Track Tor Exit Nodes! (1)

Anonymous Coward | more than 2 years ago | (#40413453)

There's more about Ghostery you evidently aren't aware of http://yro.slashdot.org/comments.pl?sid=2931443&cid=40412193 [slashdot.org] and you may not like it. I didn't. I don't like 1/2 truths, and people pissing down my neck and telling me it's raining!

It's all about the waves. (-1)

Anonymous Coward | more than 2 years ago | (#40409313)

"but do you know how to check and is there any point checking when we already know NSA/KGB, etc etc have the globe encircled with satellites?"

try lining your windows with tinfoil and check it after a few months. You'll discover straight LINES and DOTS (tiny peep holes). This is with the tinfoil on the inside of the windows' surface, in-house/apartment. What causes this?

I believe most, if not all consumer computers and devices are, if not monitored, swept and mirrored by big bro using satellite technology.

One anonymous poster to pastebin, claiming to be representitive of Mossad, fired a shot across the bow of Anonymous and other hackers by saying, paraphrased, "All of your hard drives are mirrored in (locations A,B,C as I forget which countries were mentioned) certain places on Earth anyway.

I find this to be true, I've used Microsoft's SysInternals programs to monitor processes and discovered my drives being swept, a chat program running I never installed and could find no trace of, files where they had the most interest were mp3 and graphics files, but they scraped the whole drive, and an iso creator/mirroring utility was running.

You only make it easier for them if you willingly install video streaming programs (VLC) with command line counterparts, music programs with command line counterparts, Office programs, which I noticed PDF files were being made in the background, and all of this activity was happening when I was monitoring a computer isolated from any wired/wireless/LAN network(s).

Google: Subversion Hack archive for a glimpse into this mysterious activity

It's all about the waves.

Re:It's all about the waves. (1)

Teun (17872) | more than 2 years ago | (#40409453)

Wow to be subjected to such expensive attacks you must be a prime target!

Just as well that computer of yours is off line.

Re:It's all about the waves. (-1)

Anonymous Coward | more than 2 years ago | (#40409495)

"Just as well that computer of yours is off line."

That's just the point: modern computers can and are being targeted even while they are unplugged from any local or remote network. Dig deep, very deep, into black hat documents and crypto/cracker lists and communities and you'll discover many mysterious attacks when the computer is OFF LINE! One only needs the correct monitoring tools and learn how to dump/checksum/examine firmware, which is the prime vector for serious attacks.

People who inform you that an offline computer is a safe one are dumber than dirt.

Get A Life Man (0)

Anonymous Coward | more than 2 years ago | (#40409879)

...computers are not good for you. There are lots of ways to track people, but what you write is simply paranoia bullcrap.

Re:It's all about the waves. (1)

cusco (717999) | more than 2 years ago | (#40412655)

Kat Sung, is that you?

Neat... (2, Informative)

hey_popey (1285712) | more than 2 years ago | (#40409315)

This is nice as a tool to increase users' awareness, but Idon't see the point of using this add-on more than a couple of minutes
Then you install ghostery if not already done, and you forget about trackers...

Re:Neat... (1)

Anonymous Coward | more than 2 years ago | (#40413493)

Truths about ghostery you evidently aren't aware of http://yro.slashdot.org/comments.pl?sid=2931443&cid=40412193 [slashdot.org] and you may not like it. I didn't. I don't like 1/2 truths, and people pissing down my neck and telling me it's raining either.

shouldn't be the price we accept (1)

Errol backfiring (1280012) | more than 2 years ago | (#40409353)

And therefore Slashdot itself forces two of them upon you.

Who? (1)

oodaloop (1229816) | more than 2 years ago | (#40409387)

Title says interview with Ryan Merkly, TFS says Gary Kovaks at TED talk. Maybe I'm just new here, but does anyone read anymore?

Re:Who? (1)

Anonymous Coward | more than 2 years ago | (#40409467)

You obviously don't.

The origonal paragraph (extract from an article by Ms Smith) mentions the presentation (done by Gary Kovaks) and there is a video link of this. This is important if you want to get an idea of how Collusion works.

After this video, there is a Interview with Ryan Merkley: He speaks about his experience with Collusion and how it simply shows what is being tracked.

Re:Who? (1)

oodaloop (1229816) | more than 2 years ago | (#40409607)

No, I didn't RTFA. But I should be able to RTFS and understand who is talking. TFS isn't clear at all. The title mentions one person and TFS another, with no reference to the person in the title.

Re:Who? (3, Funny)

dna_(c)(tm)(r) (618003) | more than 2 years ago | (#40409475)

Title says interview with Ryan Merkly, TFS says Gary Kovaks at TED talk. Maybe I'm just new here, but does anyone read anymore?

Merkly quotes Kovaks.

Now I can quote oodaloop quoting samzenpus quoting Merkly quoting Kovaks. You can quote me on that.

Who is (really) watching? (2)

k(wi)r(kipedia) (2648849) | more than 2 years ago | (#40409459)

Okay we know that Google, Facebook and other companies have a tracking system in place. But who's really watching? Is it possible that Larry Page or Mark Zuckerberg is reading this post right now and will click his iAmWatchingU app to find out who typed these words? Or is some other sentient entity [slashdot.org] looking over me like the deity of some theistic religion.

Maybe the greater danger isn't that we are being watched, but that algorithms are now in control of our lives [bbc.co.uk] , processing, analyzing, bankrupting us in a way where sometimes the only human intervention is someone clicking OK.

Re:Who is (really) watching? (3, Funny)

Zero__Kelvin (151819) | more than 2 years ago | (#40409687)

"Maybe the greater danger isn't that we are being watched, but that algorithms are now in control of our lives"

(if) you use a (bunch) if (parenthesis) psudeo-randomly in your subject (and) u(ser)n(ame) you can fool the algorithms((!!!!))

Re:Who is (really) watching? (1)

Anonymous Coward | more than 2 years ago | (#40410067)

(is i)t i(mpo(rtant th)at (the(y're a)ll closed)?

Re:Who is (really) watching? (0)

Anonymous Coward | more than 2 years ago | (#40413133)

Quit breaking my Lisp-based browser, you insensitive clod!

Re:Who is (really) watching? (1)

FudRucker (866063) | more than 2 years ago | (#40409813)

The Machine is Watching

Stop The Machine! [youtube.com]

Re:Who is (really) watching? (0)

Anonymous Coward | more than 2 years ago | (#40410345)

Well, if your number comes up, Mr. Finch and Mr. Reese will keep you safe.

The aggregate is good enough, for now.... (0)

Anonymous Coward | more than 2 years ago | (#40411431)

It's all about data mining. If you have millions of records then even simple searches make that information priceless. For example, lets say you have a few million lying around and want to invest it. If you could mine Google's list of searches and find out that 3% of the worlds population in the last year searched for keywords that would mean this new business venture had a good chance of filling that need, that is a HUGE leg up, or even being able to tell that a given business is creating a solution to a problem that doesn't exist.... Basically, even being able to correlate a single number from a large set of data can be VERY powerful.

Now apply this to political ideals like values, morals, ethics, and then correlate terms that cause people who disagree with you to question themselves and you now have the ability to redirect people in a direction you want them to go. It can be done subconciously too. Now, if you also control the advertising and linking you can take it one step farther and show people who disagree with you only information to change their minds rather than information to reinforce their own beliefs... I admit this is probably well beyond anything that is happening now, but the fact I can call a friend, ask him/her to do a search and get different results on the same search engine as me is very troubling already :(

Overstatement alert maximum (1)

Shazback (1842686) | more than 2 years ago | (#40409509)

Because the memory of the Internet is forever

...Or not.

Easy Solution To This (1)

Anonymous Coward | more than 2 years ago | (#40409557)

Provide a feature in Firefox to not request pages not on the current domain.

All those embeddable scripts are now useless and centralized tracking dies a horrible death. The overheads of doing this server-side would be crippling financially.

The idea is not to fight a losing battle, but to make it expensive and financially nonviable.

Ghostery? (does the same thing?) (4, Informative)

FudRucker (866063) | more than 2 years ago | (#40409571)

http://www.ghostery.com/ [ghostery.com]

Ring 3/RPL 3/Usermode vs. Ring 0/RPL 0/Kernelmode (0)

Anonymous Coward | more than 2 years ago | (#40410139)

See subject-line above: It's why browser level addons aren't as efficient as this is -> http://yro.slashdot.org/comments.pl?sid=2931443&cid=40409595 [slashdot.org]

* It's also indicative of how far short browser addons are for ubiquity/versatility vs. custom hosts files also... same with DNS servers too to different degrees as well!

APK

P.S.=> Still, a person should use MULTIPLE LAYERS of defense online (inclusive of browser level addons, &/or better "filtering" DNS servers - all of which are noted in that link above, for that very purpose)... apk

Block trackers via custom hosts files (0)

Anonymous Coward | more than 2 years ago | (#40409595)

Creators of custom hosts file data (see list below) include servers used for tracking in their block lists. It works... & more efficiently than browser addons running in usermode/ring 3/rpl 3 do, by far (since the hosts file's simply a filter for the IP stack running in PnP ring 0/rpl 0/kernelmode).

* See my 'p.s.' below for MORE detail on exactly what hosts can do for you as the end user of them...

A short summary of what custom hosts files can be extremely useful for:

---

1.) Malware/malscripted sites
2.) Known sites-servers/hosts-domains that are known to serve up malware
3.) Bogus DNS servers malware makers use
4.) Botnet C&C servers
5.) Bogus adbanners that are full of malicious script content
6.) Getting you back speed/bandwidth you paid for
7.) Getting you back CPU cycles
8.) Getting you back RAM
9.) Getting you back other forms of I/O
10.) Added reliability (vs. downed or misdirect/poisoned DNS servers).
11.) Added "anonymity" (to an extent, vs. DNS request logs)
12.) The ability to bypass DNSBL's (DNS block lists you may not agree with).
13.) More screen "real estate"

---

& more...

APK

P.S.=> 21++ ADVANTAGES OF HOSTS FILES

Over AdBlock & DNS Servers ALONE 4 Security, Speed, Reliability, & Anonymity (to an extent vs. DNSBL's + DNS request logs):

1.) HOSTS files are useable for all these purposes because they are present on all Operating Systems that have a BSD based IP stack (even ANDROID) and do adblocking for ANY webbrowser, email program, etc. (any webbound program). A truly "multi-platform" UNIVERSAL solution for added speed, security, reliability, & even anonymity to an extent (vs. DNS request logs + DNSBL's you feel are unjust hosts get you past/around).

2.) Adblock blocks ads? Well, not anymore & certainly not as well by default, apparently, lol - see below:

Adblock Plus To Offer 'Acceptable Ads' Option

http://news.slashdot.org/story/11/12/12/2213233/adblock-plus-to-offer-acceptable-ads-option [slashdot.org] )

AND, in only browsers & their subprogram families (ala email like Thunderbird for FireFox/Mozilla products (use same gecko & xulrunner engines)), but not all, or, all independent email clients, like Outlook, Outlook Express, OR Window "LIVE" mail (for example(s)) - there's many more like EUDORA & others I've used over time that AdBlock just DOES NOT COVER... period.

Disclaimer: Opera now also has an AdBlock addon (now that Opera has addons above widgets), but I am not certain the same people make it as they do for FF or Chrome etc..

3.) Adblock doesn't protect email programs external to FF (non-mozilla/gecko engine based) family based wares, So AdBlock doesn't protect email programs like Outlook, Outlook Express, Windows "LIVE" mail & others like them (EUDORA etc./et al), Hosts files do. THIS IS GOOD VS. SPAM MAIL or MAILS THAT BEAR MALICIOUS SCRIPT, or, THAT POINT TO MALICIOUS SCRIPT VIA URLS etc.

4.) Adblock won't get you to your favorite sites if a DNS server goes down or is DNS-poisoned, hosts will (this leads to points 5-7 next below, & especially vs. the July 12th 2012 "DNSChanger" trojan purge that's coming soon (those folks won't get to sites if infested - I will, due to hardcodes in my hosts file of my fav. 20 sites + using BETTER filtering DNS servers (see list below))...

5.) Adblock doesn't allow you to hardcode in your favorite websites into it so you don't make DNS server calls and so you can avoid tracking by DNS request logs, OR make you reach them faster since you resolve host-domain names LOCALLY w/ hosts out of cached memory, hosts do ALL of those things (DNS servers are also being abused by the Chinese lately and by the Kaminsky flaw -> http://www.networkworld.com/news/2008/082908-kaminsky-flaw-prompts-dns-server.html [networkworld.com] for years now). Hosts protect against those problems via hardcodes of your fav sites (you should verify against the TLD that does nothing but cache IPAddress-to-domainname/hostname resolutions (in-addr.arpa) via NSLOOKUP, PINGS (ping -a in Windows - functions for "reverse DNS lookups"), &/or WHOIS though, regularly, so you have the correct IP & it's current)).

* NOW - Some folks MAY think that putting an IP address alone into your browser's address bar will be enough, so why bother with HOSTS, right? WRONG - Putting IP address in your browser won't always work IS WHY. Some IP adresses host several domains & need the site name to give you the right page you're after is why. So for some sites only the HOSTS file option will work!

6.) Hosts files don't eat up CPU cycles (or ELECTRICITY) like AdBlock does while it parses a webpages' content, nor as much as a DNS server does while it runs. HOSTS file are merely a FILTER for the kernel mode/PnP TCP/IP subsystem, which runs FAR FASTER & MORE EFFICIENTLY than any ring 3/rpl3/usermode app can since hosts files run in MORE EFFICIENT & FASTER Ring 0/RPL 0/Kernelmode operations acting merely as a filter for the IP stack (via the "Plug-N-Play" designed IP stack in Windows) vs. SLOWER & LESS EFFICIENT Ring 3/RPL 3/Usermode operations (which webbrowsers run in + their addons like AdBlock slow down even MORESO due to their parsing operations).

7.) HOSTS files will allow you to get to sites you like, via hardcoding your favs into a HOSTS file, FAR faster than remote DNS servers can by FAR (by saving the roundtrip inquiry time to a DNS server, typically 30-100's of ms, vs. 7-10ms HardDisk speed of access/seek + SSD seek in ns, & back to you - hosts resolutions of IP address for host-domain names is FAR faster...). Hosts are only a filter for an already fast & efficient IP stack, no more layered b.s. (remote OR local). Hosts eat less CPU, RAM, I/O in other forms, + electricity than a locally running DNS server easily, and less than a local DNS program on a single PC. Fact. Hosts are easier to setup & maintain too.

8.) AdBlock doesn't let you block out known bad sites or servers that are known to be maliciously scripted, hosts can and many reputable lists for this exist:

GOOD INFORMATION ON MALWARE BEHAVIOR LISTING BOTNET C&C SERVERS + MORE (AS WELL AS REMOVAL LISTS FOR HOSTS):

http://www.mvps.org/winhelp2002/hosts.htm [mvps.org]
http://someonewhocares.org/hosts/ [someonewhocares.org]
http://hostsfile.org/hosts.html [hostsfile.org]
http://hostsfile.mine.nu/downloads/ [hostsfile.mine.nu]
http://hosts-file.net/?s=Download [hosts-file.net]
https://zeustracker.abuse.ch/monitor.php?filter=online [abuse.ch]
https://spyeyetracker.abuse.ch/monitor.php [abuse.ch]
http://ddanchev.blogspot.com/ [blogspot.com]
http://www.malware.com.br/lists.shtml [malware.com.br]
http://www.stopbadware.org/ [stopbadware.org]
Spybot "Search & Destroy" IMMUNIZE feature (fortifies HOSTS files with KNOWN bad servers blocked)

And yes: Even SLASHDOT &/or The Register help!

(Via articles on security (when the source articles they use are "detailed" that is, & list the servers/sites involved in attempting to bushwhack others online that is... not ALL do!)).

2 examples thereof in the past I have used, & noted it there, are/were:

http://it.slashdot.org/comments.pl?sid=1898692&cid=34473398 [slashdot.org]
http://it.slashdot.org/comments.pl?sid=1896216&cid=34458500 [slashdot.org]

9.) AdBlock & DNS servers are programs, and subject to bugs programs can get. Hosts files are merely a filter and not a program, thus not subject to bugs of the nature just discussed.

10.) HOSTS files protect you vs. DNS-poisoning &/or the Kaminsky flaw in DNS servers, and allow you to get to sites reliably vs. things like the Chinese are doing to DNS -> http://yro.slashdot.org/story/10/11/29/1755230/Chinese-DNS-Tampering-a-Real-Threat-To-Outsiders [slashdot.org]

11.) HOSTS files are EASILY user controlled, obtained (for reliable ones -> http://www.mvps.org/winhelp2002/hosts.htm [mvps.org] ) & edited too, via texteditors like Windows notepad.exe or Linux nano (etc.)

12.) With Adblock you had better be able to code javascript to play with its code (to customize it better than the GUI front does @ least). With hosts you don't even need source to control it (edit, update, delete, insert of new entries via a text editor).

13.) Hosts files are easily secured via using MAC/ACL (even moreso "automagically" for Vista, 7/Server 2008 + beyond by UAC by default) &/or Read-Only attributes applied.

14.) Custom HOSTS files also speed you up, unlike anonymous proxy servers systems variations (like TOR, or other "highly anonymous" proxy server list servers typically do, in the severe speed hit they often have a cost in) either via "hardcoding" your fav. sites into your hosts file (avoids DNS servers, totally) OR blocking out adbanners - see this below for evidence of that:

---

US Military Blocks Websites To Free Up Bandwidth:

http://yro.slashdot.org/story/11/03/16/0416238/US-Military-Blocks-Websites-To-Free-Up-Bandwidth [slashdot.org]

(Yes, even the US Military used this type of technique... because IT WORKS! Most of what they blocked? Ad banners ala doubleclick etc.)

---

Adbanners slow you down & consume your bandwidth YOU pay for:

ADBANNERS SLOW DOWN THE WEB: -> http://tech.slashdot.org/article.pl?sid=09/11/30/166218 [slashdot.org]

---

And people do NOT LIKE ads on the web:

PEOPLE DISLIKE ADBANNERS: http://yro.slashdot.org/yro/08/04/02/0058247.shtml [slashdot.org]

---

As well as this:

Users Know Advertisers Watch Them, and Hate It:

http://yro.slashdot.org/yro/08/04/02/0058247.shtml [slashdot.org]

---

Even WORSE still, is this:

Advertising Network Caught History Stealing:

http://yro.slashdot.org/story/11/07/22/156225/Advertising-Network-Caught-History-Stealing [slashdot.org]

---

15.) HOSTS files usage lets you avoid being charged on some ISP/BSP's (OR phone providers) "pay as you use" policy http://yro.slashdot.org/story/10/12/08/2012243/FCC-Approving-Pay-As-You-Go-Internet-Plans [slashdot.org] , because you are using less bandwidth (& go faster doing so no less) by NOT hauling in adbanner content and processing it (which can lead to infestation by malware/malicious script, in & of itself -> http://apcmag.com/microsoft_apologises_for_serving_malware.htm [apcmag.com] ).

16.) If/when ISP/BSP's decide to go to -> FCC Approving Pay-As-You-Go Internet Plans: http://yro.slashdot.org/story/10/12/08/2012243/FCC-Approving-Pay-As-You-Go-Internet-Plans [slashdot.org] your internet bill will go DOWN if you use a HOSTS file for blocking adbanners as well as maliciously scripted hacker/cracker malware maker sites too (after all - it's your money & time online downloading adbanner content & processing it)

Plus, your adbanner content? Well, it may also be hijacked with malicious code too mind you:

---

Yahoo, Microsoft's Bing display toxic ads:

http://www.theregister.co.uk/2011/09/16/bing_yahoo_malware_ads/ [theregister.co.uk]

---

Malware torrent delivered over Google, Yahoo! ad services:

http://www.theregister.co.uk/2009/09/24/malware_ads_google_yahoo/ [theregister.co.uk]

---

Google's DoubleClick spreads malicious ads (again):

http://www.theregister.co.uk/2009/02/24/doubleclick_distributes_malware/ [theregister.co.uk]

---

Rogue ads infiltrate Expedia and Rhapsody:

http://www.theregister.co.uk/2008/01/30/excite_and_rhapsody_rogue_ads/ [theregister.co.uk]

---

Google sponsored links caught punting malware:

http://www.theregister.co.uk/2008/12/16/google_sponsored_links/ [theregister.co.uk]

---

DoubleClick caught supplying malware-tainted ads:

http://www.theregister.co.uk/2007/11/13/doubleclick_distributes_malware/ [theregister.co.uk]

---

Yahoo feeds Trojan-laced ads to MySpace and PhotoBucket users:

http://www.theregister.co.uk/2007/09/11/yahoo_serves_12million_malware_ads/ [theregister.co.uk]

---

Real Media attacks real people via RealPlayer:

http://www.theregister.co.uk/2007/10/23/real_media_serves_malware/ [theregister.co.uk]

---

Ad networks owned by Google, Microsoft serve malware:

http://www.theregister.co.uk/2010/12/13/doubleclick_msn_malware_attacks/ [theregister.co.uk]

---

Attacks Targeting Classified Ad Sites Surge:

http://it.slashdot.org/story/11/02/02/1433210/Attacks-Targeting-Classified-Ad-Sites-Surge [slashdot.org]

---

Hackers Respond To Help Wanted Ads With Malware:

http://it.slashdot.org/story/11/01/20/0228258/Hackers-Respond-To-Help-Wanted-Ads-With-Malware [slashdot.org]

---

Hackers Use Banner Ads on Major Sites to Hijack Your PC:

http://www.wired.com/techbiz/media/news/2007/11/doubleclick [wired.com]

---

Ruskie gang hijacks Microsoft network to push penis pills:

http://www.theregister.co.uk/2010/10/12/microsoft_ips_hijacked/ [theregister.co.uk]

---

Major ISPs Injecting Ads, Vulnerabilities Into Web:

http://it.slashdot.org/it/08/04/19/2148215.shtml [slashdot.org]

---

Two Major Ad Networks Found Serving Malware:

http://tech.slashdot.org/story/10/12/13/0128249/Two-Major-Ad-Networks-Found-Serving-Malware [slashdot.org]

---

THE NEXT AD YOU CLICK MAY BE A VIRUS:

http://it.slashdot.org/story/09/06/15/2056219/The-Next-Ad-You-Click-May-Be-a-Virus [slashdot.org]

---

NY TIMES INFECTED WITH MALWARE ADBANNER:

http://news.slashdot.org/article.pl?sid=09/09/13/2346229 [slashdot.org]

---

MICROSOFT HIT BY MALWARES IN ADBANNERS:

http://apcmag.com/microsoft_apologises_for_serving_malware.htm [apcmag.com]

---

ISP's INJECTING ADS AND ERRORS INTO THE WEB: -> http://it.slashdot.org/it/08/04/19/2148215.shtml [slashdot.org]

---

ADOBE FLASH ADS INJECTING MALWARE INTO THE NET: http://it.slashdot.org/article.pl?sid=08/08/20/0029220&from=rss [slashdot.org]

---

London Stock Exchange Web Site Serving Malware:

http://www.securityweek.com/london-stock-exchange-web-site-serving-malware [securityweek.com]

---

Spotify splattered with malware-tainted ads:

http://www.theregister.co.uk/2011/03/25/spotify_malvertisement_attack/ [theregister.co.uk]

---

As my list "multiple evidences thereof" as to adbanners & viruses + the fact they slow you down & cost you more (from reputable & reliable sources no less)).

17.) Per point #16, a way to save some money: ANDROID phones can also use the HOSTS FILE TO KEEP DOWN BILLABLE TIME ONLINE, vs. adbanners or malware such as this:

---

Infected Androids Run Up Big Texting Bills:

http://it.slashdot.org/story/11/03/01/0041203/Infected-Androids-Run-Up-Big-Texting-Bills [slashdot.org]

---

AND, for protection vs. other "botnets" migrating from the PC world, to "smartphones" such as ZITMO (a ZEUS botnet variant):

http://www.google.com/search?hl=en&source=hp&q=ZITMO&btnG=Google+Search [google.com]

---

It's easily done too, via the ADB dev. tool, & mounting ANDROID OS' system mountpoint for system/etc as READ + WRITE/ADMIN-ROOT PERMISSIONS, then copying your new custom HOSTS over the old one using ADB PULL/ADB PUSH to do so (otherwise ANDROID complains of "this file cannot be overwritten on production models of this Operating System", or something very along those lines - this way gets you around that annoyance along with you possibly having to clear some space there yourself if you packed it with things!).

18.) Bad news: ADBLOCK CAN BE DETECTED FOR: See here on that note -> http://arstechnica.com/business/news/2010/03/why-ad-blocking-is-devastating-to-the-sites-you-love.ars [arstechnica.com]

HOSTS files are NOT THAT EASILY "webbug" BLOCKABLE by websites, as was tried on users by ARSTECHNICA (and it worked on AdBlock in that manner), to that websites' users' dismay:

PERTINENT QUOTE/EXCERPT FROM ARSTECHNICA THEMSELVES:

----

An experiment gone wrong - By Ken Fisher | Last updated March 6, 2010 11:11 AM

http://arstechnica.com/business/news/2010/03/why-ad-blocking-is-devastating-to-the-sites-you-love.ars [arstechnica.com]

"Starting late Friday afternoon we conducted a 12 hour experiment to see if it would be possible to simply make content disappear for visitors who were using a very popular ad blocking tool. Technologically, it was a success in that it worked. Ad blockers, and only ad blockers, couldn't see our content."

and

"Our experiment is over, and we're glad we did it because it led to us learning that we needed to communicate our point of view every once in a while. Sure, some people told us we deserved to die in a fire. But that's the Internet!"

Thus, as you can see? Well - THAT all "went over like a lead balloon" with their users in other words, because Arstechnica was forced to change it back to the old way where ADBLOCK still could work to do its job (REDDIT however, has not, for example). However/Again - this is proof that HOSTS files can still do the job, blocking potentially malscripted ads (or ads in general because they slow you down) vs. adblockers like ADBLOCK!

----

19.) Even WIKILEAKS "favors" blacklists (because they work, and HOSTS can be a blacklist vs. known BAD sites/servers/domain-host names):

---

PERTINENT QUOTE/EXCERPT (from -> http://www.theregister.co.uk/2010/12/16/wikileaks_mirror_malware_warning_row/ [theregister.co.uk] )

"we are in favour of 'Blacklists', be it for mail servers or websites, they have to be compiled with care... Fortunately, more responsible blacklists, like stopbadware.org (which protects the Firefox browser)...

---

20.) AND, LASTLY? SINCE MALWARE GENERALLY HAS TO OPERATE ON WHAT YOU YOURSELF CAN DO (running as limited class/least privlege user, hopefully, OR even as ADMIN/ROOT/SUPERUSER)? HOSTS "LOCK IN" malware too, vs. communicating "back to mama" for orders (provided they have name servers + C&C botnet servers listed in them, blocked off in your HOSTS that is) - you might think they use a hardcoded IP, which IS possible, but generally they do not & RECYCLE domain/host names they own (such as has been seen with the RBN (Russian Business Network) lately though it was considered "dead", other malwares are using its domains/hostnames now, & this? This stops that cold, too - Bonus!)...

21.) Custom HOSTS files gain users back more "screen real estate" by blocking out banner ads... it's great on PC's for speed along with MORE of what I want to see/read (not ads), & efficiency too, but EVEN BETTER ON SMARTPHONES - by far. It matters MOST there imo @ least, in regards to extra screen real-estate.

Still - It's a GOOD idea to layer in the usage of BOTH browser addons for security like adblock ( http://adblockplus.org/en/ [adblockplus.org] ), IE 9's new TPL's ( http://ie.microsoft.com/testdrive/Browser/TrackingProtectionLists/ [microsoft.com] ), &/or NoScript ( http://noscript.net/ [noscript.net] especially this one, as it covers what HOSTS files can't in javascript which is the main deliverer of MOST attacks online & SECUNIA.COM can verify this for anyone really by looking @ the past few years of attacks nowadays), for the concept of "layered security"....

It's just that HOSTS files offer you a LOT MORE gains than Adblock ( http://adblockplus.org/en/ [adblockplus.org] ) does alone (as hosts do things adblock just plain cannot & on more programs, for more speed, security, and "stealth" to a degree even), and it corrects problems in DNS (as shown above via hardcodes of your favorite sites into your HOSTS file, and more (such as avoiding DNS request logs)).

ALSO - Some more notes on DNS servers & their problems, very recent + ongoing ones:

---

DNS flaw reanimates slain evil sites as ghost domains:

http://www.theregister.co.uk/2012/02/16/ghost_domains_dns_vuln/ [theregister.co.uk]

---

BIND vs. what the Chinese are doing to DNS lately? See here:

http://yro.slashdot.org/story/10/11/29/1755230/Chinese-DNS-Tampering-a-Real-Threat-To-Outsiders [slashdot.org]

---

SECUNIA HIT BY DNS REDIRECTION HACK THIS WEEK:

http://www.theregister.co.uk/2010/11/26/secunia_back_from_dns_hack/ [theregister.co.uk]

(Yes, even "security pros" are helpless vs. DNS problems in code bugs OR redirect DNS poisoning issues, & they can only try to "set the DNS record straight" & then, they still have to wait for corrected DNS info. to propogate across all subordinate DNS servers too - lagtime in which folks DO get "abused" in mind you!)

---

DNS vs. the "Kaminsky DNS flaw", here (and even MORE problems in DNS than just that):

http://www.scmagazineus.com/new-bind-9-dns-flaw-is-worse-than-kaminskys/article/140872/ [scmagazineus.com]

(Seems others are saying that some NEW "Bind9 flaw" is worse than the Kaminsky flaw ALONE, up there, mind you... probably corrected (hopefully), but it shows yet again, DNS hassles (DNS redirect/DNS poisoning) being exploited!)

---

Moxie Marlinspike's found others (0 hack) as well...

Nope... "layered security" truly IS the "way to go" - hacker/cracker types know it, & they do NOT want the rest of us knowing it too!...

(So until DNSSEC takes "widespread adoption"? HOSTS are your answer vs. such types of attack, because the 1st thing your system refers to, by default, IS your HOSTS file (over say, DNS server usage). There are decent DNS servers though, such as OpenDNS, ScrubIT, or even NORTON DNS (more on each specifically below), & because I cannot "cache the entire internet" in a HOSTS file? I opt to use those, because I have to (& OpenDNS has been noted to "fix immediately", per the Kaminsky flaw, in fact... just as a sort of reference to how WELL they are maintained really!)

---

DNS Hijacks Now Being Used to Serve Black Hole Exploit Kit:

https://threatpost.com/en_us/blogs/dns-hijacks-now-being-used-serve-black-hole-exploit-kit-121211 [threatpost.com]

---

DNS experts admit some of the underlying foundations of the DNS protocol are inherently weak:

http://it.slashdot.org/story/11/12/08/1353203/opendns-releases-dns-encryption-tool [slashdot.org]

---

Potential 0-Day Vulnerability For BIND 9:

http://it.slashdot.org/story/11/11/17/1429259/potential-0-day-vulnerability-for-bind-9 [slashdot.org]

---

Five DNS Threats You Should Protect Against:

http://www.securityweek.com/five-dns-threats-you-should-protect-against [securityweek.com]

---

DNS provider decked by DDoS dastards:

http://www.theregister.co.uk/2010/11/16/ddos_on_dns_firm/ [theregister.co.uk]

---

Ten Percent of DNS Servers Still Vulnerable: (so much for "conscientious patching", eh? Many DNS providers weren't patching when they had to!)

http://it.slashdot.org/it/05/08/04/1525235.shtml?tid=172&tid=95&tid=218 [slashdot.org]

---

DNS ROOT SERVERS ATTACKED:

http://it.slashdot.org/it/07/02/06/2238225.shtml [slashdot.org]

---

TimeWarner DNS Hijacking:

http://tech.slashdot.org/article.pl?sid=07/07/23/2140208 [slashdot.org]

---

DNS Re-Binding Attacks:

http://crypto.stanford.edu/dns/ [stanford.edu]

---

DNS Server Survey Reveals Mixed Security Picture:

http://it.slashdot.org/it/07/11/21/0315239.shtml [slashdot.org]

---

Halvar figured out super-secret DNS vulnerability:

http://www.zdnet.com/blog/security/has-halvar-figured-out-super-secret-dns-vulnerability/1520 [zdnet.com]

---

BIND Still Susceptible To DNS Cache Poisoning:

http://tech.slashdot.org/tech/08/08/09/123222.shtml [slashdot.org]

---

DNS Poisoning Hits One of China's Biggest ISPs:

http://it.slashdot.org/it/08/08/21/2343250.shtml [slashdot.org]

---

DDoS Attacks Via DNS Recursion:

http://it.slashdot.org/it/06/03/16/1658209.shtml [slashdot.org]

---

High Severity BIND DNS Vulnerability Advisory Issued:

http://tech.slashdot.org/story/11/02/23/156212/High-Severity-BIND-Vulnerability-Advisory-Issued [slashdot.org]

---

Photobucketâ(TM)s DNS records hijacked:

http://blogs.zdnet.com/security/?p=1285 [zdnet.com]

---

Protecting Browsers from DNS Rebinding Attacks:

http://crypto.stanford.edu/dns/ [stanford.edu]

---

DNS Problem Linked To DDoS Attacks Gets Worse:

http://tech.slashdot.org/story/09/11/15/1238210/DNS-Problem-Linked-To-DDoS-Attacks-Gets-Worse [slashdot.org]

---

HOWEVER - Some DNS servers are "really good stuff" vs. phishing, known bad sites/servers/hosts-domains that serve up malware-in-general & malicious scripting, botnet C&C servers, & more, such as:

Norton DNS -> http://nortondns.com/ [nortondns.com]
ScrubIT DNS -> http://www.scrubit.com/ [scrubit.com]
OpenDNS -> http://www.opendns.com/ [opendns.com]

(Norton DNS in particular, is exclusively for blocking out malware, for those of you that are security-conscious. ScrubIT filters pr0n material too, but does the same, & OpenDNS does phishing protection. Each page lists how & why they work, & why they do so. Norton DNS can even show you its exceptions lists, plus user reviews & removal procedures requests, AND growth stats (every 1/2 hour or so) here -> http://safeweb.norton.com/buzz [norton.com] so, that ought to "take care of the naysayers" on removal requests, &/or methods used plus updates frequency etc./et al...)

HOWEVER - There's ONLY 1 WEAKNESS TO ANY network defense, including HOSTS files (vs. host-domain name based threats) & firewalls (hardware router type OR software type, vs. IP address based threats): Human beings, & they not being 'disciplined' about the indiscriminate usage of javascript (the main "harbinger of doom" out there today online), OR, what they download for example... & there is NOTHING I can do about that! (Per Dr. Manhattan of "The Watchmen", ala -> "I can change almost anything, but I can't change human nature")

HOWEVER AGAIN - That's where NORTON DNS, OpenDNS, &/or ScrubIT DNS help!

(Especially for noob/grandma level users who are unaware of how to secure themselves in fact, per a guide like mine noted above that uses "layered-security" principles!)

ScrubIT DNS, &/or OpenDNS are others alongside Norton DNS (adding on phishing protection too) as well!

( & it's possible to use ALL THREE in your hardware NAT routers, and, in your Local Area Connection DNS properties in Windows, for again, "Layered Security" too)...

---

23++ SLASHDOT USERS EXPERIENCING SUCCESS USING HOSTS FILES QUOTED VERBATIM:

---

"Ever since I've installed a host file (http://www.mvps.org/winhelp2002/hosts.htm) to redirect advertisers to my loopback, I haven't had any malware, spyware, or adware issues. I first started using the host file 5 years ago." - by TestedDoughnut (1324447) on Monday December 13, @12:18AM (#34532122)

"I use a custom /etc/hosts to block ads... my file gets parsed basically instantly ... So basically, for any modern computer, it has zero visible impact. And even if it took, say, a second to parse, that would be more than offset by the MANY seconds saved by not downloading and rendering ads. I have noticed NO ill effects from running a custom /etc/hosts file for the last several years. And as a matter of fact I DO run http servers on my computers and I've never had an /etc/hosts-related problem... it FUCKING WORKS and makes my life better overall." - by sootman (158191) on Monday July 13 2009, @11:47AM (#28677363) Homepage Journal

"I actually went and downloaded a 16k line hosts file and started using that after seeing that post, you know just for trying it out. some sites load up faster." - by gl4ss (559668) on Thursday November 17, @11:20AM (#38086752) Homepage Journal

"Better than an ad blocker, imo. Hosts file entries: http://www.mvps.org/winhelp2002/hosts.htm [mvps.org] " - by TempestRose (1187397) on Tuesday March 15, @12:53PM (#35493274)

"^^ One of the many reasons why I like the user-friendliness of the /etc/hosts file." - by lennier1 (264730) on Saturday March 05, @09:26PM (#35393448)

"They've been on my HOSTS block for years" - by ScottCooperDotNet (929575) on Thursday August 05 2010, @01:52AM (#33147212)

"I'm currently only using my hosts file to block pheedo ads from showing up in my RSS feeds and causing them to take forever to load. Regardless of its original intent, it's still a valid tool, when used judiciously." - by Bill Dog (726542) on Monday April 25, @02:16AM (#35927050) Homepage Journal

"you're right about hosts files" - by drinkypoo (153816) on Thursday May 26, @01:21PM (#36252958) Homepage

"APK's monolithic hosts file is looking pretty good at the moment." - by Culture20 (968837) on Thursday November 17, @10:08AM (#38085666)

"I also use the MVPS ad blocking hosts file." - by Rick17JJ (744063) on Wednesday January 19, @03:04PM (#34931482)

"I use ad-Block and a hostfile" - by Ol Olsoc (1175323) on Tuesday March 01, @10:11AM (#35346902)

"I do use Hosts, for a couple fake domains I use." - by icebraining (1313345) on Saturday December 11, @09:34AM (#34523012) Homepage

"It's a good write up on something everybody should use, why you were modded down is beyond me. Using a HOSTS file, ADblock is of no concern and they can do what they want." - by Trax3001BBS (2368736) on Monday December 12, @10:07PM (#38351398) Homepage Journal

"I want my surfing speed back so I block EVERY fucking ad. i.e. http://someonewhocares.org/hosts/ [someonewhocares.org] and http://winhelp2002.mvps.org/hosts.htm [mvps.org] FTW" - by UnknownSoldier (67820) on Tuesday December 13, @12:04PM (#38356782)

"Let me introduce you to the file: /etc/hosts" - by fahrbot-bot (874524) on Monday December 19, @05:03PM (#38427432)

"I use a hosts file" - by EdIII (1114411) on Tuesday December 13, @01:17PM (#38357816)

"I'm tempted to go for a hacked hosts file that simply resolves most advert sites to 127.0.0.1" - by bLanark (123342) on Tuesday December 13, @01:13PM (#38357760)

"this is not a troll, which hosts file source you recommend nowadays? it's a really handy method for speeding up web and it works." - by gl4ss (559668) on Thursday March 22, @08:07PM (#39446525) Homepage Journal

"A hosts file certainly does not require "a lot of work" to maintain, and it quite effectively kills a LOT of advertising and tracking schemes. . In fact, I never would have considered trying to use it for ddefending against viruses or malware." - by RocketRabbit (830691) on Thursday December 30 2010, @05:48PM (#34715060)

"That is, do the things you would normally do to secure your own machine from malware, intrusive advertising, and vulnerabilities. Use the hosts file to block certain domains from being accessible." - by wickerprints (1094741) on Friday June 22, @12:57AM (#40407865)

"Ad blocking hosts file, I use it as an adult ;-) http://winhelp2002.mvps.org/hosts.htm [mvps.org] " - by RJFerret (1279530) on Friday June 22, @01:15AM (#40407983) Homepage

"There is probably a decent list of domains out there that you can put in your hosts file so that lookups for these fail. I assume you're more concerned about accidental adverts and such, which is a fair concern considering how many sites have em" - by ieatcookies (1490517) on Friday June 22, @01:21AM (#40408005)

"I find mapping hosts to 0.0.0.0 is faster, because it's not a valid IP address, so the DNS subsystem of your OS will ignore it without trying to connect. There are several hostfile collections out there. I merged three of them several years ago just for my own freedom from ads and other junk. I currently have 131572 host names zero'd out." - by Dracos (107777) on Friday June 22, @01:34AM (#40408085)

---

Then, there is also the words of respected security expert, Mr. Oliver Day, from SECURITYFOCUS.COM to "top that all off" as well:

A RETURN TO THE KILLFILE:

http://www.securityfocus.com/columnists/491 [securityfocus.com]

Some "PERTINENT QUOTES/EXCERPTS" to back up my points with (for starters):

---

"The host file on my day-to-day laptop is now over 16,000 lines long. Accessing the Internet -- particularly browsing the Web -- is actually faster now."

Speed, and security, is the gain... others like Mr. Day note it as well!

---

"From what I have seen in my research, major efforts to share lists of unwanted hosts began gaining serious momentum earlier this decade. The most popular appear to have started as a means to block advertising and as a way to avoid being tracked by sites that use cookies to gather data on the user across Web properties. More recently, projects like Spybot Search and Destroy offer lists of known malicious servers to add a layer of defense against trojans and other forms of malware."

Per my points exactly, no less... & guess who was posting about HOSTS files a 14++ yrs. or more back & Mr. Day was reading & now using? Yours truly (& this is one of the later ones, from 2001 http://www.furtherleft.net/computer.htm [furtherleft.net] (but the example HOSTS file with my initials in it is FAR older, circa 1998 or so) or thereabouts, and referred to later by a pal of mine who moderates NTCompatible.com (where I posted on HOSTS for YEARS (1997 onwards)) -> http://www.ntcompatible.com/thread28597-1.html [ntcompatible.com] !

---

"Shared host files could be beneficial for other groups as well. Human rights groups have sought after block resistant technologies for quite some time. The GoDaddy debacle with NMap creator Fyodor (corrected) showed a particularly vicious blocking mechanism using DNS registrars. Once a registrar pulls a website from its records, the world ceases to have an effective waby to find it. Shared host files could provide a DNS-proof method of reaching sites, not to mention removing an additional vector of detection if anyone were trying to monitor the use of subversive sites. One of the known weaknesses of the Tor system, for example, is direct DNS requests by applications not configured to route such requests through Tor's network."

There you go: AND, it also works vs. the "KAMINSKY DNS FLAW" & DNS poisoning/redirect attacks, for redirectable weaknesses in DNS servers (non DNSSEC type, & set into recursive mode especially) and also in the TOR system as well (that lends itself to anonymous proxy usage weaknesses I noted above also) and, you'll get to sites you want to, even IF a DNS registrar drops said websites from its tables as shown here Beating Censorship By Routing Around DNS -> http://yro.slashdot.org/story/10/12/09/1840246/Beating-Censorship-By-Routing-Around-DNS [slashdot.org] & even DNSBL also (DNS Block Lists) -> http://en.wikipedia.org/wiki/DNSBL [wikipedia.org] as well - DOUBLE-BONUS!

---

* THE HOSTS FILE GROUP 34++ THUSFAR (from +5 -> +1 RATINGS, usually "informative" or "interesting" etc./et al):

BANNER ADS & BANDWIDTH:2011 -> http://hardware.slashdot.org/comments.pl?sid=2139088&cid=36077722 [slashdot.org]
HOSTS MOD UP:2010 -> http://yro.slashdot.org/comments.pl?sid=1907266&cid=34529608 [slashdot.org]
HOSTS MOD UP:2009 -> http://tech.slashdot.org/comments.pl?sid=1490078&cid=30555632 [slashdot.org]
HOSTS MOD UP:2010 -> http://it.slashdot.org/comments.pl?sid=1869638&cid=34237268 [slashdot.org]
HOSTS MOD UP:2009 -> http://tech.slashdot.org/comments.pl?sid=1461288&threshold=-1&commentsort=0&mode=thread&cid=30272074 [slashdot.org]
HOSTS MOD UP:2009 -> http://tech.slashdot.org/comments.pl?sid=1255487&cid=28197285 [slashdot.org]
HOSTS MOD UP:2009 -> http://tech.slashdot.org/comments.pl?sid=1206409&cid=27661983 [slashdot.org]
HOSTS MOD UP:2010 -> http://apple.slashdot.org/comments.pl?sid=1725068&cid=32960808 [slashdot.org]
HOSTS MOD UP:2010 -> http://it.slashdot.org/comments.pl?sid=1743902&cid=33147274 [slashdot.org]
APK 20++ POINTS ON HOSTS MOD UP:2010 -> http://news.slashdot.org/comments.pl?sid=1913212&cid=34576182 [slashdot.org]
HOSTS MOD UP:2010 -> http://it.slashdot.org/comments.pl?sid=1862260&cid=34186256 [slashdot.org]
HOSTS MOD UP:2010 (w/ facebook known bad sites blocked) -> http://tech.slashdot.org/comments.pl?sid=1924892&cid=34670128 [slashdot.org]
HOSTS FILE MOD UP FOR ANDROID MALWARE:2010 -> http://mobile.slashdot.org/comments.pl?sid=1930156&cid=34713952 [slashdot.org]
HOSTS MOD UP ZEUSTRACKER:2011 -> http://it.slashdot.org/comments.pl?sid=2059420&cid=35654066 [slashdot.org]
HOSTS MOD UP vs AT&T BANDWIDTH CAP:2011 -> http://tech.slashdot.org/comments.pl?sid=2116504&cid=35985584 [slashdot.org]
HOSTS MOD UP CAN DO SAME AS THE "CloudFlare" Server-Side service:2011 -> http://it.slashdot.org/comments.pl?sid=2220314&cid=36372850 [slashdot.org]
HOSTS and BGP +5 RATED (BEING HONEST):2010 http://tech.slashdot.org/comments.pl?sid=1901826&cid=34490450 [slashdot.org]
HOSTS & PROTECT IP ACT:2011 http://yro.slashdot.org/comments.pl?sid=2368832&cid=37021700 [slashdot.org]
HOSTS MOD UP:2011 -> http://yro.slashdot.org/comments.pl?sid=2457766&cid=37592458 [slashdot.org]
HOSTS MOD UP & OPERA HAUTE SECURE:2011 -> http://yro.slashdot.org/comments.pl?sid=2457274&cid=37589596 [slashdot.org]
0.0.0.0 in HOSTS:2009 -> http://tech.slashdot.org/comments.pl?sid=1197039&cid=27556999 [slashdot.org]
0.0.0.0 IN HOSTS:2009 -> http://tech.slashdot.org/comments.pl?sid=1143349&cid=27012231 [slashdot.org]
0.0.0.0 in HOSTS:2009 -> http://it.slashdot.org/comments.pl?sid=1198841&cid=27580299 [slashdot.org]
0.0.0.0 in HOSTS:2009 -> http://tech.slashdot.org/comments.pl?sid=1139705&cid=26977225 [slashdot.org]
HOSTS MOD UP:2009 -> http://hardware.slashdot.org/comments.pl?sid=1319261&cid=28872833 [slashdot.org] (still says INSIGHTFUL)
HOSTS MOD UP vs. botnet: 2012 -> http://it.slashdot.org/comments.pl?sid=2603836&cid=38586216 [slashdot.org]
HOSTS MOD UP vs. SOPA act: 2012 -> http://yro.slashdot.org/comments.pl?sid=2611414&cid=38639460 [slashdot.org]
HOSTS MOD UP vs. FaceBook b.s.: 2012 -> http://yro.slashdot.org/comments.pl?sid=2614186&cid=38658078 [slashdot.org]
HOSTS MOD UP "how to secure smartphones": 2012 -> http://mobile.slashdot.org/comments.pl?sid=2644205&cid=38860239 [slashdot.org]
HOSTS MOD UP "Free Apps Eat your Battery via ad displays": 2012 -> http://mobile.slashdot.org/comments.pl?sid=2734503&cid=39408607 [slashdot.org]
HOSTS MOD UP "How I only hardcode in 50 of my fav. sites": 2012 -> http://it.slashdot.org/comments.pl?sid=2857487&cid=40034765 [slashdot.org]
APPLYING HOSTS TO DIFF. PLATFORM W/ TCP-IP STACK BASED ON BSD: 2008 -> http://mobile.slashdot.org/comments.pl?sid=1944892&cid=34831038 [slashdot.org]
HOSTS vs. TRACKING ONLINE BY ADVERTISERS & BETTER THAN GHOSTERY: 2012 -> http://yro.slashdot.org/comments.pl?sid=2926641&cid=40383743 [slashdot.org]

---

* "Here endeth the lesson..." and, if you REALLY want to secure your system? Please refer to this:

http://www.bing.com/search?q=%22HOW+TO+SECURE+Windows+2000%2FXP%22&go=&form=QBRE [bing.com]

APK

P.S.=> SOME MINOR "CAVEATS/CATCH-22's" - things to be aware of for "layered security" + HOSTS file performance - easily overcome, or not a problem at all:

A.) HOSTS files don't function under PROXY SERVERS (except for Proximitron, which has a filter that allows it) - Which is *the "WHY"* of why I state in my "P.S." section below to use both AdBlock type browser addon methods (or even built-in block lists browsers have such as Opera's URLFILTER.INI file, & FireFox has such as list as does IE also in the form of TPL (tracking protection lists -> http://ie.microsoft.com/testdrive/Browser/TrackingProtectionLists/ [microsoft.com] , good stuff )) in combination with HOSTS, for the best in "layered security" (alongside .pac files + custom cascading style sheets that can filter off various tags such as scripts or ads etc.) - but proxies, especially "HIGHLY ANONYMOUS" types, generally slow you down to a CRAWL online (& personally, I cannot see using proxies "for the good" typically - as they allow "truly anonymous posting" & have bugs (such as TOR has been shown to have & be "bypassable/traceable" via its "onion routing" methods)).

B.) HOSTS files do NOT protect you vs. javascript (this only holds true IF you don't already have a bad site blocked out in your HOSTS file though, & the list of sites where you can obtain such lists to add to your HOSTS are above (& updated daily in many of them)).

C.) HOSTS files (relatively "largish ones") require you to turn off Windows' native "DNS local client cache service" (which has a problem in that it's designed with a non-redimensionable/resizeable list, array, or queue (DNS data loads into a C/C++ structure actually/afaik, which IS a form of array)) - mvps.org covers that in detail and how to easily do this in Windows (this is NOT a problem in Linux, & it's 1 thing I will give Linux over Windows, hands-down). Relatively "smallish" HOSTS files don't have this problem (mvps.org offers 2 types for this).

D.) HOSTS files, once read/loaded, once? GET CACHED! Right into the kernelmode diskcaching subsystem (fast & efficient RAM speed), for speed of access/re-access (@ system startup in older MS OS' like 2000, or, upon a users' 1st request that's "Webbound" via say, a webbrowser) gets read into either the DNS local caching client service (noted above), OR, if that's turned off? Into your local diskcache (like ANY file is), so it reads F A S T upon re-reads/subsequent reads (until it's changed in %WinDir%\system32\drivers\etc on Windows, which marks it "Dirty" & then it gets re-read + reloaded into the local diskcache again). This may cause a SMALL initial load 1 time lag upon reload though, depending on the size of your HOSTS file.

E.) HOSTS files don't protect vs. BGP exploits - Sorry, once it's out of your hands/machine + past any interior network + routers you have, the packets you send are out there into the ISP/BSP's hands - they're "the Agents" holding all the keys to the doorways at that point (hosts are just a forcefield-filter (for lack of a better description) armor on what can come in mostly, & a bit of what can go out too (per point #20 above on "locking in malware")). Hosts work as a "I can't get burned if I can't go into the kitchen" protection, for you: Not your ISP/BSP. It doesn't extend to them

F.) HOSTS files don't protect vs. IP addressed adbanners (rare) &/or IP address utilizing malwares (rare too, most used domain/host names because they're "RECYCLABLE/REUSEABLE"), so here, you must couple HOSTS files w/ firewall rules tables (either in software firewalls OR router firewall rules table lists)... apk

Re:Block trackers via custom hosts files (1)

Ash-Fox (726320) | more than 2 years ago | (#40409733)

The reason why I would rather use blocking in my DNS server or software over the hosts file is because the hosts file cannot block hostnames on the basis of wildcards.

Also, a question for you, why do so many host file blocking providers use 127.0.0.1 instead of 0.0.0.0 (also can be shortened down to just '0' on many OSes, thereby saving memory) or 255.255.255.255? I find the fact the browser tries to establish a TCP connection is fairly annoying and slows down browsing more so than the addresses I have provided.

DNS vs. Hosts (ups & downs)... apk (0)

Anonymous Coward | more than 2 years ago | (#40409971)

"The reason why I would rather use blocking in my DNS server or software over the hosts file is because the hosts file cannot block hostnames on the basis of wildcards." - by Ash-Fox (726320) on Friday June 22, @07:45AM (#40409733) Homepage

Here's some "downsides" of using DNS servers (either software on same system, or, another system internal to your home network, OR lastly, even external DNS servers (wait till July 9th 2012 DNSChanger "purging day" for instance... you'll see!)):

(For added "layered-security"/"defense-in-depth", Speed, Reliability, & Anonymity (to an extent vs. DNSBL's + DNS request logs)):

---

1.) If a DNS server goes down or is DNS-poisoned, hosts will (this leads to points 2-4 next below, & especially vs. the July 12th 2012 "DNSChanger" trojan purge that's coming soon (those folks won't get to sites if infested - I will, due to hardcodes in my hosts file of my fav. 20 sites + using BETTER filtering DNS servers (see list below))...

---

2.) Custom hosts files allow 'hardcodes' of your favorite websites into it so you don't make DNS server calls and so you can avoid tracking by DNS request logs, OR make you reach them faster since you resolve host-domain names LOCALLY w/ hosts out of cached memory, hosts do ALL of those things (DNS servers are also being abused by the Chinese lately and by the Kaminsky flaw -> http://www.networkworld.com/news/2008/082908-kaminsky-flaw-prompts-dns-server.html [networkworld.com] for years now). Hosts protect against those problems via hardcodes of your fav sites (you should verify against the TLD that does nothing but cache IPAddress-to-domainname/hostname resolutions (in-addr.arpa) via NSLOOKUP, PINGS (ping -a in Windows - functions for "reverse DNS lookups"), &/or WHOIS though, regularly, so you have the correct IP & it's current)).

* NOW - Some folks MAY think that putting an IP address alone into your browser's address bar will be enough, so why bother with HOSTS, right? WRONG - Putting IP address in your browser won't always work IS WHY. Some IP adresses host several domains & need the site name to give you the right page you're after is why. So for some sites only the HOSTS file option will work!

---

3.) Hosts files don't eat up CPU cycles (or ELECTRICITY) like AdBlock does while it parses a webpages' content, nor as much as a DNS server does while it runs.

( As custom HOSTS file are merely a FILTER for the kernel mode/PnP TCP/IP subsystem, which runs FAR FASTER & MORE EFFICIENTLY than any ring 3/rpl3/usermode app can since hosts files run in MORE EFFICIENT & FASTER Ring 0/RPL 0/Kernelmode operations acting merely as a filter for the IP stack (via the "Plug-N-Play" designed IP stack in Windows) vs. SLOWER & LESS EFFICIENT Ring 3/RPL 3/Usermode operations (which webbrowsers run in + their addons like AdBlock slow down even MORESO due to their parsing operations)).

---

4.) HOSTS files will allow you to get to sites you like, via hardcoding your favs into a HOSTS file, FAR faster than remote DNS servers can, by FAR (by saving the roundtrip inquiry time to a DNS server, typically 30-100's of ms, vs. 7-10ms HardDisk speed of access/seek + SSD seek in ns, & back to you - hosts resolutions of IP address for host-domain names is FAR faster...). Hosts are only a filter for an already fast & efficient IP stack, no more layered b.s. (remote OR local). Hosts eat less CPU, RAM, I/O in other forms, + electricity than a locally running DNS server easily, and less than a local DNS program on a single PC. Fact. Hosts are easier to setup & maintain too.

---

5.) DNS servers are programs, and subject to bugs programs can get. Hosts files are merely a filter and not a program, thus not subject to bugs of the nature just discussed.

---

6.) HOSTS files protect you vs. DNS-poisoning &/or the Kaminsky flaw in DNS servers, and allow you to get to sites reliably vs. things like the Chinese are doing to DNS -> http://yro.slashdot.org/story/10/11/29/1755230/Chinese-DNS-Tampering-a-Real-Threat-To-Outsiders [slashdot.org]

---

7.) With DNS servers, you must prepare for learning more than editing a custom hosts files' records with a text editor. With hosts you don't even need source to control it (edit, update, delete, insert of new entries via a text editor).

---

8.) Per points above, a way to save some money: ANDROID phones can also use the HOSTS FILE TO KEEP DOWN BILLABLE TIME ONLINE, vs. adbanners or malware such as this:

---

Infected Androids Run Up Big Texting Bills:

http://it.slashdot.org/story/11/03/01/0041203/Infected-Androids-Run-Up-Big-Texting-Bills [slashdot.org]

---

AND, for protection vs. other "botnets" migrating from the PC world, to "smartphones" such as ZITMO (a ZEUS botnet variant):

http://www.google.com/search?hl=en&source=hp&q=ZITMO&btnG=Google+Search [google.com]

---

It's easily done too, via the ADB dev. tool, & mounting ANDROID OS' system mountpoint for system/etc as READ + WRITE/ADMIN-ROOT PERMISSIONS, then copying your new custom HOSTS over the old one using ADB PULL/ADB PUSH to do so (otherwise ANDROID complains of "this file cannot be overwritten on production models of this Operating System", or something very along those lines - this way gets you around that annoyance along with you possibly having to clear some space there yourself if you packed it with things!).

---

9.) Custom HOSTS files gain users back more "screen real estate" by blocking out banner ads... it's great on PC's for speed along with MORE of what I want to see/read (not ads), & efficiency too, but EVEN BETTER ON SMARTPHONES - by far. It matters MOST there imo @ least, in regards to extra screen real-estate.

---

Still - It's a GOOD idea to layer in the usage of BOTH browser addons for security like adblock ( http://adblockplus.org/en/ [adblockplus.org] ), IE 9's new TPL's ( http://ie.microsoft.com/testdrive/Browser/TrackingProtectionLists/ [microsoft.com] ), &/or NoScript ( http://noscript.net/ [noscript.net] especially this one, as it covers what HOSTS files can't in javascript which is the main deliverer of MOST attacks online & SECUNIA.COM can verify this for anyone really by looking @ the past few years of attacks nowadays), for the concept of "layered security"....

It's just that HOSTS files offer you a LOT MORE gains than Adblock ( http://adblockplus.org/en/ [adblockplus.org] ) does alone (as hosts do things adblock just plain cannot & on more programs, for more speed, security, and "stealth" to a degree even), and it corrects problems in DNS (as shown above via hardcodes of your favorite sites into your HOSTS file, and more (such as avoiding DNS request logs)).

10.) ALSO - Some more notes on DNS servers & their problems, very recent + ongoing ones:

---

DNS flaw reanimates slain evil sites as ghost domains:

http://www.theregister.co.uk/2012/02/16/ghost_domains_dns_vuln/ [theregister.co.uk]

---

BIND vs. what the Chinese are doing to DNS lately? See here:

http://yro.slashdot.org/story/10/11/29/1755230/Chinese-DNS-Tampering-a-Real-Threat-To-Outsiders [slashdot.org]

---

SECUNIA HIT BY DNS REDIRECTION HACK THIS WEEK:

http://www.theregister.co.uk/2010/11/26/secunia_back_from_dns_hack/ [theregister.co.uk]

(Yes, even "security pros" are helpless vs. DNS problems in code bugs OR redirect DNS poisoning issues, & they can only try to "set the DNS record straight" & then, they still have to wait for corrected DNS info. to propogate across all subordinate DNS servers too - lagtime in which folks DO get "abused" in mind you!)

---

DNS vs. the "Kaminsky DNS flaw", here (and even MORE problems in DNS than just that):

http://www.scmagazineus.com/new-bind-9-dns-flaw-is-worse-than-kaminskys/article/140872/ [scmagazineus.com]

(Seems others are saying that some NEW "Bind9 flaw" is worse than the Kaminsky flaw ALONE, up there, mind you... probably corrected (hopefully), but it shows yet again, DNS hassles (DNS redirect/DNS poisoning) being exploited!)

---

Moxie Marlinspike's found others (0 hack) as well...

Nope... "layered security" truly IS the "way to go" - hacker/cracker types know it, & they do NOT want the rest of us knowing it too!...

(So until DNSSEC takes "widespread adoption"? HOSTS are your answer vs. such types of attack, because the 1st thing your system refers to, by default, IS your HOSTS file (over say, DNS server usage). There are decent DNS servers though, such as OpenDNS, ScrubIT, or even NORTON DNS (more on each specifically below), & because I cannot "cache the entire internet" in a HOSTS file? I opt to use those, because I have to (& OpenDNS has been noted to "fix immediately", per the Kaminsky flaw, in fact... just as a sort of reference to how WELL they are maintained really!)

---

DNS Hijacks Now Being Used to Serve Black Hole Exploit Kit:

https://threatpost.com/en_us/blogs/dns-hijacks-now-being-used-serve-black-hole-exploit-kit-121211 [threatpost.com]

---

DNS experts admit some of the underlying foundations of the DNS protocol are inherently weak:

http://it.slashdot.org/story/11/12/08/1353203/opendns-releases-dns-encryption-tool [slashdot.org]

---

Potential 0-Day Vulnerability For BIND 9:

http://it.slashdot.org/story/11/11/17/1429259/potential-0-day-vulnerability-for-bind-9 [slashdot.org]

---

Five DNS Threats You Should Protect Against:

http://www.securityweek.com/five-dns-threats-you-should-protect-against [securityweek.com]

---

DNS provider decked by DDoS dastards:

http://www.theregister.co.uk/2010/11/16/ddos_on_dns_firm/ [theregister.co.uk]

---

Ten Percent of DNS Servers Still Vulnerable: (so much for "conscientious patching", eh? Many DNS providers weren't patching when they had to!)

http://it.slashdot.org/it/05/08/04/1525235.shtml?tid=172&tid=95&tid=218 [slashdot.org]

---

DNS ROOT SERVERS ATTACKED:

http://it.slashdot.org/it/07/02/06/2238225.shtml [slashdot.org]

---

TimeWarner DNS Hijacking:

http://tech.slashdot.org/article.pl?sid=07/07/23/2140208 [slashdot.org]

---

DNS Re-Binding Attacks:

http://crypto.stanford.edu/dns/ [stanford.edu]

---

DNS Server Survey Reveals Mixed Security Picture:

http://it.slashdot.org/it/07/11/21/0315239.shtml [slashdot.org]

---

Halvar figured out super-secret DNS vulnerability:

http://www.zdnet.com/blog/security/has-halvar-figured-out-super-secret-dns-vulnerability/1520 [zdnet.com]

---

BIND Still Susceptible To DNS Cache Poisoning:

http://tech.slashdot.org/tech/08/08/09/123222.shtml [slashdot.org]

---

DNS Poisoning Hits One of China's Biggest ISPs:

http://it.slashdot.org/it/08/08/21/2343250.shtml [slashdot.org]

---

DDoS Attacks Via DNS Recursion:

http://it.slashdot.org/it/06/03/16/1658209.shtml [slashdot.org]

---

High Severity BIND DNS Vulnerability Advisory Issued:

http://tech.slashdot.org/story/11/02/23/156212/High-Severity-BIND-Vulnerability-Advisory-Issued [slashdot.org]

---

Photobucketâ(TM)s DNS records hijacked:

http://blogs.zdnet.com/security/?p=1285 [zdnet.com]

---

Protecting Browsers from DNS Rebinding Attacks:

http://crypto.stanford.edu/dns/ [stanford.edu]

---

DNS Problem Linked To DDoS Attacks Gets Worse:

http://tech.slashdot.org/story/09/11/15/1238210/DNS-Problem-Linked-To-DDoS-Attacks-Gets-Worse [slashdot.org]

---

HOWEVER - Some DNS servers are "really good stuff" vs. phishing, known bad sites/servers/hosts-domains that serve up malware-in-general & malicious scripting, botnet C&C servers, & more, such as:

Norton DNS -> http://nortondns.com/ [nortondns.com]
ScrubIT DNS -> http://www.scrubit.com/ [scrubit.com]
OpenDNS -> http://www.opendns.com/ [opendns.com]

(Norton DNS in particular, is exclusively for blocking out malware, for those of you that are security-conscious. ScrubIT filters pr0n material too, but does the same, & OpenDNS does phishing protection. Each page lists how & why they work, & why they do so. Norton DNS can even show you its exceptions lists, plus user reviews & removal procedures requests, AND growth stats (every 1/2 hour or so) here -> http://safeweb.norton.com/buzz [norton.com] so, that ought to "take care of the naysayers" on removal requests, &/or methods used plus updates frequency etc./et al...)

HOWEVER - There's ONLY 1 WEAKNESS TO ANY network defense, including HOSTS files (vs. host-domain name based threats) & firewalls (hardware router type OR software type, vs. IP address based threats): Human beings, & they not being 'disciplined' about the indiscriminate usage of javascript (the main "harbinger of doom" out there today online), OR, what they download for example... & there is NOTHING I can do about that! (Per Dr. Manhattan of "The Watchmen", ala -> "I can change almost anything, but I can't change human nature")

HOWEVER AGAIN - That's where NORTON DNS, OpenDNS, &/or ScrubIT DNS help!

(Especially for noob/grandma level users who are unaware of how to secure themselves in fact, per a guide like mine noted above that uses "layered-security" principles!)

ScrubIT DNS, &/or OpenDNS are others alongside Norton DNS (adding on phishing protection too) as well!

( & it's possible to use ALL THREE in your hardware NAT routers, and, in your Local Area Connection DNS properties in Windows, for again, "Layered Security" too)...

---

11.) Then, there is also the words of respected security expert, Mr. Oliver Day, from SECURITYFOCUS.COM to "top that all off" as well:

A RETURN TO THE KILLFILE:

http://www.securityfocus.com/columnists/491 [securityfocus.com]

Some "PERTINENT QUOTES/EXCERPTS" to back up my points with (for starters):

---

"The host file on my day-to-day laptop is now over 16,000 lines long. Accessing the Internet -- particularly browsing the Web -- is actually faster now."

Speed, and security, is the gain... others like Mr. Day note it as well!

---

"From what I have seen in my research, major efforts to share lists of unwanted hosts began gaining serious momentum earlier this decade. The most popular appear to have started as a means to block advertising and as a way to avoid being tracked by sites that use cookies to gather data on the user across Web properties. More recently, projects like Spybot Search and Destroy offer lists of known malicious servers to add a layer of defense against trojans and other forms of malware."

Per my points exactly, no less... & guess who was posting about HOSTS files a 14++ yrs. or more back & Mr. Day was reading & now using? Yours truly (& this is one of the later ones, from 2001 http://www.furtherleft.net/computer.htm [furtherleft.net] (but the example HOSTS file with my initials in it is FAR older, circa 1998 or so) or thereabouts, and referred to later by a pal of mine who moderates NTCompatible.com (where I posted on HOSTS for YEARS (1997 onwards)) -> http://www.ntcompatible.com/thread28597-1.html [ntcompatible.com] !

---

"Shared host files could be beneficial for other groups as well. Human rights groups have sought after block resistant technologies for quite some time. The GoDaddy debacle with NMap creator Fyodor (corrected) showed a particularly vicious blocking mechanism using DNS registrars. Once a registrar pulls a website from its records, the world ceases to have an effective way to find it. Shared host files could provide a DNS-proof method of reaching sites, not to mention removing an additional vector of detection if anyone were trying to monitor the use of subversive sites. One of the known weaknesses of the Tor system, for example, is direct DNS requests by applications not configured to route such requests through Tor's network."

There you go: AND, it also works vs. the "KAMINSKY DNS FLAW" & DNS poisoning/redirect attacks, for redirectable weaknesses in DNS servers (non DNSSEC type, & set into recursive mode especially) and also in the TOR system as well (that lends itself to anonymous proxy usage weaknesses I noted above also) and, you'll get to sites you want to, even IF a DNS registrar drops said websites from its tables as shown here Beating Censorship By Routing Around DNS -> http://yro.slashdot.org/story/10/12/09/1840246/Beating-Censorship-By-Routing-Around-DNS [slashdot.org] & even DNSBL also (DNS Block Lists) -> http://en.wikipedia.org/wiki/DNSBL [wikipedia.org] as well - DOUBLE-BONUS!

---

* "Here endeth the lesson..." and, if you REALLY want to secure your system? Please refer to this:

http://www.bing.com/search?q=%22HOW+TO+SECURE+Windows+2000%2FXP%22&go=&form=QBRE [bing.com]

APK

P.S.=> If you need more? Ask... there's a LOT MORE where that came from! apk/b

Re:DNS vs. Hosts (ups & downs)... apk (0)

Anonymous Coward | more than 2 years ago | (#40410683)

Regarding point #8 - it sounds like the phone needs to be rooted in order to use the hosts file method. Is there any way you know of to do it without rooting?

ADB (Android Debugging Bridge)... apk (0)

Anonymous Coward | more than 2 years ago | (#40410829)

I just used ADB (Android Debugging Bridge) to do so as I stated - It worked.

* I.E.-> I installed ADB on a laptop, hooked it to the ANDROID OS bearing "smartphone" & with the appropriate user rights levels noted in my initial post you responded to, & did the PUSH/PULL commands to 'upload' it to the smartphone.

APK

P.S.=> Very easy, mere minutes of time to implement really - & effective for the purposes I noted, + 100% FREE...

... apk

Re:DNS vs. Hosts (ups & downs)... apk (1)

Ash-Fox (726320) | more than 2 years ago | (#40411761)

1.) If a DNS server goes down or is DNS-poisoned, hosts will (this leads to points 2-4 next below, & especially vs. the July 12th 2012 "DNSChanger" trojan purge that's coming soon (those folks won't get to sites if infested - I will, due to hardcodes in my hosts file of my fav. 20 sites + using BETTER filtering DNS servers (see list below))...

Only reason why the DNS server would be down on my system is if I shutdown the daemon or turned off the computer - It runs on the same system and makes little difference when it comes to performance since my Linux systems use caching DNS daemons otherwise.

2.) Custom hosts files allow 'hardcodes' of your favorite websites into it so you don't make DNS server calls and so you can avoid tracking by DNS request logs, OR make you reach them faster since you resolve host-domain names LOCALLY w/ hosts out of cached memory, hosts do ALL of those things (DNS servers are also being abused by the Chinese lately and by the Kaminsky flaw -> http://www.networkworld.com/news/2008/082908-kaminsky-flaw-prompts-dns-server.html [networkworld.com] for years now). Hosts protect against those problems via hardcodes of your fav sites (you should verify against the TLD that does nothing but cache IPAddress-to-domainname/hostname resolutions (in-addr.arpa) via NSLOOKUP, PINGS (ping -a in Windows - functions for "reverse DNS lookups"), &/or WHOIS though, regularly, so you have the correct IP & it's current)).

I haven't noticed the difference honestly, it's that insignificant. Maybe if I was still on a 200Mhz system though...

3.) Hosts files don't eat up CPU cycles (or ELECTRICITY) like AdBlock does while it parses a webpages' content, nor as much as a DNS server does while it runs.

The DNS caching daemon most distros use end up being just specialized configurations of DNS servers. Sorry, I don't run my systems without a DNS cache, so I'm unlikely to see any of these benefits. Nor do I even notice any CPU usage being used up from using it?

4.) HOSTS files will allow you to get to sites you like, via hardcoding your favs into a HOSTS file, FAR faster than remote DNS servers can, by FAR (by saving the roundtrip inquiry time to a DNS server, typically 30-100's of ms, vs. 7-10ms HardDisk speed of access/seek + SSD seek in ns, & back to you - hosts resolutions of IP address for host-domain names is FAR faster...). Hosts are only a filter for an already fast & efficient IP stack, no more layered b.s. (remote OR local). Hosts eat less CPU, RAM, I/O in other forms, + electricity than a locally running DNS server easily, and less than a local DNS program on a single PC. Fact. Hosts are easier to setup & maintain too.

Dig measured 1ms time for a query for www.google.com ?

5.) DNS servers are programs, and subject to bugs programs can get. Hosts files are merely a filter and not a program, thus not subject to bugs of the nature just discussed.

What bugs have I experienced again?

6.) HOSTS files protect you vs. DNS-poisoning &/or the Kaminsky flaw in DNS servers, and allow you to get to sites reliably vs. things like the Chinese are doing to DNS -> http://yro.slashdot.org/story/10/11/29/1755230/Chinese-DNS-Tampering-a-Real-Threat-To-Outsiders [slashdot.org]

Sorry, I don't understand. If I made my DNS server an authoritative server for a domain to block access to the domain, how does an exploit to do with resolving, which means my DNS server will not even attempt or accept resolution for that domain mean it will get effected by that particular exploit?

7.) With DNS servers, you must prepare for learning more than editing a custom hosts files' records with a text editor. With hosts you don't even need source to control it (edit, update, delete, insert of new entries via a text editor).

This is slashdot, not idiots united. I consider modifying DNS server zones relatively easy and can do far more complex configurations than hosts files can do (wildcards for one) in just a few seconds. Now, it's true that setting up a new zone for a completely new domain would take me a several seconds compared to the two seconds for adding a line to hosts file - But honestly, that's a non-issue. If it was really an annoyance to me, I'd write a script that lets me add/delete entries quickly from the command line, which would be faster and easier for me.

You avoid a great deal of what I posted (0)

Anonymous Coward | more than 2 years ago | (#40412065)

"Only reason why the DNS server would be down on my system is if I shutdown the daemon or turned off the computer - It runs on the same system and makes little difference when it comes to performance since my Linux systems use caching DNS daemons otherwise." - by Ash-Fox (726320) on Friday June 22, @11:07AM (#40411761) Homepage

You didn't read the list of problems DNS has I listed (numerous ones)... & get ready for July 9th 2012 "DNSChanger purge day" is all I can say ontop of that!

---

"I haven't noticed the difference honestly, it's that insignificant. Maybe if I was still on a 200Mhz system though...." - by Ash-Fox (726320) on Friday June 22, @11:07AM (#40411761) Homepage

It's there though and, it's in favor of hosts files (especially once cached for sites you block in it, and even vs. B-Tree seeks up to 2 million or so records for around 20 of your favorites placed @ the TOP of a custom hosts file - do the math, you'll see).

Caching's wonderful that way, & on Windows?? SuperFetch is EVEN BETTER (because it's NOT as easily "flushed out" as diskcache kernelmode subsystems are).

Additionally?

Especially vs. external to your home LAN (along with more power, cpu cycles, memory, & other forms of I/O usage if you setup your own local DNS server machine, or even local DNS program on your single system) - no questions asked.

---

"The DNS caching daemon most distros use end up being just specialized configurations of DNS servers. Sorry, I don't run my systems without a DNS cache, so I'm unlikely to see any of these benefits. Nor do I even notice any CPU usage being used up from using it?" - by Ash-Fox (726320) on Friday June 22, @11:07AM (#40411761) Homepage

Nothing "rides for free" (especially more "layered on" crap), & a question:

ARE YOU SETUP IN RECURSIVE MODE?

(If so, & ODDS ARE STRONG YOU HAD TO DO THAT? "Houston, we have a problem" (with port 51 "bum rushing" upstream DNS servers with bogus information requests that can last hours until they are corrected & propogate to ALL DNS servers in the dns system).

---

"Dig measured 1ms time for a query for www.google.com ?" - by Ash-Fox (726320) on Friday June 22, @11:07AM (#40411761) Homepage

Answer the question above, & tell us - IS IT POSSIBLE for you & are you in "recursive mode" there for your local DNS server (wasting more electric power, cpu cycles, memory, & other forms of I/O running it locally)?

Again - if so? You're DNS server can EASILY be "dns poisoned" redirected... and, you KNOW it.

(Maybe you don't - I suggest you read a few of those links I posted & be aware of what "DNS poisoning" is!)

---

"This is slashdot, not idiots united." - by Ash-Fox (726320) on Friday June 22, @11:07AM (#40411761) Homepage

I wonder about that - after all the "hassles" DNS servers have, especially set in RECURSIVE MODE, which I listed more than a few of? Please... lol!

---

"I consider modifying DNS server zones relatively easy and can do far more complex configurations than hosts files can do (wildcards for one) in just a few seconds." - by Ash-Fox (726320) on Friday June 22, @11:07AM (#40411761) Homepage

Editing a text file like hosts is FAR easier... and you know it (anyone can use notepad.exe OR other text editors, after all!)

---

"Now, it's true that setting up a new zone for a completely new domain would take me a several seconds compared to the two seconds for adding a line to hosts file - But honestly, that's a non-issue. " - by Ash-Fox (726320) on Friday June 22, @11:07AM (#40411761) Homepage

Aha - YOU ADMIT THE TRUTH... I love it!

---

"If it was really an annoyance to me, I'd write a script that lets me add/delete entries quickly from the command line, which would be faster and easier for me." - by Ash-Fox (726320) on Friday June 22, @11:07AM (#40411761) Homepage

Wasting MORE time on a more laborious effort than editing a host file in a text editor (which ANYONE can do easily, and you ADMITTED it's simpler above too).

Thanks for proving my point for me...

---

* "NEXT"... lol, that's to ANY & ALL "naysayers", & especially those that avoided much of the entire BODY of my original post here -> http://yro.slashdot.org/comments.pl?sid=2931443&cid=40409595 [slashdot.org]

Which was "downmodded" for NO GOOD COMPUTER TECHNICAL JUSTIFICATION, mind you... because I have YET to see anyone disprove all of its points noted (especially in its 'p.s.' section).

Above all else - Ash-Fox is TRYING TO TELL US "DNS HAS NO ISSUES"?

(Please... they're WIDELY KNOWN - I only posted a TINY FRACTION of some examples thereof...)

APK

P.S.=> Which Ash-Fox CLEARLY did... apk

You didn't read the list of problems DNS has I listed (numerous ones)...

Re:You avoid a great deal of what I posted (1)

Ash-Fox (726320) | more than 2 years ago | (#40413497)

You didn't read the list of problems DNS has I listed (numerous ones)... & get ready for July 9th 2012 "DNSChanger purge day" is all I can say ontop of that!

You came up with things that were not relevant to me. I'm not infected by DNSChanger for example and have not experienced issues caused by it, and I doubt I ever will. Your forgot to mention that there is malware out there, that will also modify your hosts file [registrycleanerz.com] , as opposed to DNS server settings - Both can be equally exploited this way.

It's there though and, it's in favor of hosts files (especially once cached for sites you block in it, and even vs. B-Tree seeks up to 2 million or so records for around 20 of your favorites placed @ the TOP of a custom hosts file - do the math, you'll see).

To be honest, hosts would likely be slower for what I do in DNS. An example of doing a wildcard in hosts would require me to generate a hosts file that had very single combination of a subdomain and it's subdomains for each domain blacklisted. I'm pretty sure hosts would end up using more memory and be slower with that amount of records. Not to mention notepad would likely lock up for a good long while, considering it stalls loading file that are 1MiB, never mind larger files.

But as for the actual impact of my DNS server. I'm not seeing any time difference on my system while running a compile on one of my large projects when I turn the DNS server on or off with dig running in a bash script while loop performing a look up,

What exactly am I supposed to be crying about? I'm not seeing the impact at all on my system.

ARE YOU SETUP IN RECURSIVE MODE?

No, it's mixed mode. Any zones that are setup authoritative for blocking in the name server are not recursive, just like with a hosts file, it won't go out and attempt to resolve it and it's superior in the way that it won't even resolve an IP address, so the browser won't even try connecting to the address because it was told there was no records available for that type of query.

For anything that isn't blocked, the DNS server uses forwarding mode, using TCP instead of UDP with Google DNS.

Answer the question above, & tell us - IS IT POSSIBLE for you & are you in "recursive mode" there for your local DNS server (wasting more electric power, cpu cycles, memory, & other forms of I/O running it locally)?

By default the dns caching daemons in various Linux distros are actual DNS servers that are setup in forwarding, cache mode. I've only modified my setup to act as an authority DNS server for domains I want to block too.

Again - if so? You're DNS server can EASILY be "dns poisoned" redirected... and, you KNOW it.

Even if I switched to recursive mode, it wouldn't be vulnerable, since I have the server set to use TCP instead of UDP for queries.

Editing a text file like hosts is FAR easier... and you know it (anyone can use notepad.exe OR other text editors, after all!)

My zone files are plain text and can be edited by any sane text editor?

Aha - YOU ADMIT THE TRUTH... I love it!

The truth that I need to type out an SOA line at the top of a zone file? Oh nos.

Above all else - Ash-Fox is TRYING TO TELL US "DNS HAS NO ISSUES"?

No, I told you I don't have issues. I even explained to you in my initial post why I don't use hosts file, which was to do with the fact you couldn't have a wildcard entry.

(For the curious: I initially started using TCP because of packet loss issues on my home Internet, then later saw no need to change it as it didn't effect my DNS resolution enough to be an annoyance.)

Re:DNS vs. Hosts (ups & downs)... apk (0)

Anonymous Coward | more than 2 years ago | (#40412291)

Ash-Fox, have you trolled apk before (like Teun was shown doing)?

Re:Block trackers via custom hosts files (0)

Anonymous Coward | more than 2 years ago | (#40409989)

A post on custom hosts files modded down? Custom hosts block trackers. Fact. Facts with verifiable proofs alongside them shouldn't be down moderated.

Re:Block trackers via custom hosts files (1)

Teun (17872) | more than 2 years ago | (#40410451)

Looks like you haven't met this APK before...

He's the Anonymous Coward with most negative karma.

Re:Block trackers via custom hosts files (0)

Anonymous Coward | more than 2 years ago | (#40410537)

Teun, you met him before, and ran from him Teun http://yro.slashdot.org/comments.pl?sid=2311948&cid=36711608 [slashdot.org] where he trashed you and you couldn't defeat the facts he posted in that link and you did a "run forrest, run", lol!

Re:Block trackers via custom hosts files (1)

Teun (17872) | more than 2 years ago | (#40410945)

The fact this AC has a lot of knowledge does not make him less of a troll.

Thanks Teun (I'll take THAT as a compliment) (0)

Anonymous Coward | more than 2 years ago | (#40411073)

"The fact this AC has a lot of knowledge does not make him less of a troll." - by Teun (17872) on Friday June 22, @10:06AM (#40410945) Homepage

Who's the TROLL here? After all, here's some facts (which always do you in easily):

---

1.) Trolls go off-topic (like you)

2.) Trolls attempt to use off-topic illogical ad hominem attacks (like you)

3.) Trolls LOSE when confronted by facts (like you)

(OR, doesn't this "ring a bell", troll -> http://yro.slashdot.org/comments.pl?sid=2931443&cid=40410537 [slashdot.org] where you did a "run forrest - RUN" vs. facts I posted which you could not overcome on a computing technical level!)

---

Hmmm?? Who does those things here, Teun??? You did!

* Absolutely... anyone can easily see who the "run, forrest - run" troll is in the link I posted above, easily... and it's NOT me!

(Trolls such as yourself are EXTREMELY EASY to "blow away" with facts they cannot overcome - truth's like that Teun, accept it!)

APK

P.S.=> Why I even bother responding to him? Couple reasons:

A.) I keep track of the times I dust dolts like Teun, just to throw it back in their faces

&

B.) It's fun, because it is VERY EASY TO DO, everytime (trolls like Teun make it so, & make me LOOK GOOD in the process - "double-bonus")...

... apk

Re:Block trackers via custom hosts files (0)

Anonymous Coward | more than 2 years ago | (#40411797)

You're off topic in each post you made. You're the troll.

Are you on topic? No. (0)

Anonymous Coward | more than 2 years ago | (#40410651)

Go away troll. Illogical off-topic failing ad hominem attack attempts aren't cutting it for you. He's dusted you before http://yro.slashdot.org/comments.pl?sid=2311948&cid=36711608 [slashdot.org] and you ran since facts apk listed defeated you there.

Re:Block trackers via custom hosts files (0)

Anonymous Coward | more than 2 years ago | (#40410777)

And anyone who doesn't kiss his ass is a troll. Also, he sockpuppets.

How can I "sockpuppet"? (-1)

Anonymous Coward | more than 2 years ago | (#40410985)

I don't keep a registered account on /. & I always post as "ac" since 2005 or so...

(So, so much for the line of crap from you, Teun (& yes, it's obvious it's you, whom I have absolutely trashed here before and you ran like Forrest Gump from it too -> http://yro.slashdot.org/comments.pl?sid=2931443&cid=40410537 [slashdot.org] )).

* "Run Forrest (Teun)... Run!"

APK

P.S.=> As to what you said? LMAO - this puts YOU in your place, easily, troll:

"And anyone who doesn't kiss his ass is a troll." - by Anonymous Coward Teun whom I ran off easily before shown in the link above on Friday June 22, @09:53AM (#40410777)

Funniest part of THAT, is in the link above, where you pulled a "Run, Forrest - RUN!" after I smoked you easily... you got YOUR behind kicked there in that link, by "yours truly", in seconds FLAT, lol!

---

"Also, he sockpuppets." - by Anonymous Coward Teun projecting his own "modus operandi" on Friday June 22, @09:53AM (#40410777)

Ahem: "Pot calling the kettle black" there, Teun?

(Gosh - Let's not be a hypocrite now, projecting your OWN bogus methods... ok??)

Yes - You make it TERRIBLY OBVIOUS in that statement, and considering I've "knocked-the-chocolate" outta you easily before as well... apk

Re:Block trackers via custom hosts files (0)

Anonymous Coward | more than 2 years ago | (#40413121)

Ac posters don't get karma points. Troll elsewhere, you fail.

Teun, justify your bogus downmod of my post (0)

Anonymous Coward | more than 2 years ago | (#40411627)

Disprove the facts I posted - You can't!

You know it, I know it, & anyone reading here, knows it.

(IF the "best you've got" is *trying* to "hide" my post, without a justification based on computer technical errors I made (none afaik)? Face it - YOU FAIL!)

* I'd like to know just what it is you FEAR from custom hosts files that I posted here -> http://it.slashdot.org/comments.pl?sid=2931273&cid=40408179 [slashdot.org]

(Ah... I suspect I have already answered THAT much, below!)

Doesn't really matter - your attempts @ hiding my post get nullified in seconds by my reposting beneath it, dragging it right back into view so folks can get the benefits of what I posted... pretty simple -

SO KEEP BLOWING YOUR MODPOINTS, trolls... lol!

APK

P.S.=> Tell us: Which of these "threatened parties" are you, regarding the downmodder of my posting:

---

1.) A malware maker/malicious site scripter
2.) A advertiser online
3.) A webmaster losing profits due to adbanner blocking (which saves a user money he pays out in speed/bandwidth as well as infestation by malscripted adbanners, plus more screen realestate)

---

?

... apk

The web is broken (0)

Anonymous Coward | more than 2 years ago | (#40409669)

The internet is great but the web is broken. Browsers and web technologies suck. Just use apps you trust and stop using the web so much.

Send fake data (1)

Anonymous Coward | more than 2 years ago | (#40409841)

It is nice to see things like Collusion and Ghostery (will install when I get home), but I think power users of the internet and those of us that care about privacy and a free internet need to take it a step further. We need to not only stop tracking, but also figure out ways to mass spoof trackers and begin corrupting their data. If, on some mass scale, we can figure out how to report bad data to advertisers, they lose all power.

Mass advertising is the biggest scam of the last 30 years. These people provide no tangible service and their value is nothing more than perception. They degrade the quality and integrity of almost every medium. Let's figure out how to change the perception.

Efficiency vs. Inefficiency (0)

Anonymous Coward | more than 2 years ago | (#40410405)

http://yro.slashdot.org/comments.pl?sid=2931443&cid=40410139 [slashdot.org]

APK

P.S.=> See subject-line above, & that link... it'll fill the rest in, & in great detail! apk

poison with false positives (3, Insightful)

PopeRatzo (965947) | more than 2 years ago | (#40409959)

Does anyone know what ever happened to that project for salting the tracking data with false positives? I think it was called "Antiphormlite" and it had gotten up to version 1.3 I think.

I see it talked about on teh google but there doesn't seem to be any place it can be downloaded.

I love the idea of fouling tracking data. It's not enough to "track the trackers". I want to make sure they go away unless they reform themselves.

This is one of those areas where the "free market" is not going to come up with a solution. People say, "I want privacy" and the Free Market says, "Fuck you, pay me."

It's going to take vandalism on a massive scale to fix this one.

Re:poison with false positives (1)

cusco (717999) | more than 2 years ago | (#40412873)

On that same idea, when the supermarket asks for your 'loyalty card' just use the phone number (321) 123-4567. Works pretty much everywhere, and if it doesn't get a new card with that number. There are probably a couple hundred of us around the US using that same number.

The other advantage of using that number is the look on the dumber cashiers' faces, since they think that's your real phone number.

EPIC FAIL! Privacy not an option? Of course it is! (0)

Anonymous Coward | more than 2 years ago | (#40410553)

It's very very simple: A web of trust.
1. Encrypt *everything*.
2. Connect only to destinations you personally trust the amount of X. (And whose keys you have obtained.)
3. Through cascading down the chains of trust, you can get to everyone trustworthy (= above a certain value, after multiplying all the factors of the nodes on the path).
If they are not in your web, they are not trustworthy. You can still connect to them, but it will show you what it will cost you. In full detail and in a summary. Live.

That's the only proper way to do it.

Everything that relies on the logical fallacy of “authority”, let alone a global one, is just "going full retard" and EPIC FAIL. But because they continue to think inside that stupid faulty model, they are mentally unable to even imagine a way that could work.

why all the energy around DNT? (0)

Anonymous Coward | more than 2 years ago | (#40410883)

As TFS points out, DNT doesn't work. In fact, it CAN'T work - it can only push tracking offshore to jurisdictions where DNT won't be enforced. It's like asking spammers to pretty please "do not spam". Yeah, right.

The only way to have privacy is to take it on the browser side. With enough privacy extensions and a proxy to surf through, you can in fact have privacy on the internet. But it seems that not many ppls care about this. That's fine, that's their right, but it doesn't mean those of us that do care must act the same.

DNT needs to die - all it does is give the non-tech-literate crowd a false sense of security.

Ghostery already knows who is tracking us... (1)

rocket rancher (447670) | more than 2 years ago | (#40411515)

I use Ghostery, an excellent tracker-phage for Firefox and Chrome. I installed Collusion and was a bit miffed it wasn't working, until I realized why: Ghostery works, period. It seems to me that Ghostery's list of web trackers already provides what Collusion is trying to create, so what is the point?

Re:Ghostery already knows who is tracking us... (-1)

Anonymous Coward | more than 2 years ago | (#40413427)

There's more about Ghostery you evidently aren't aware of http://yro.slashdot.org/comments.pl?sid=2931443&cid=40412193 [slashdot.org] and you may not like it. I didn't. I don't like 1/2 truths, and people pissing down my neck and telling me it's raining.

Bad Information No Information ? (0)

Anonymous Coward | more than 2 years ago | (#40411999)

I've always wondered if it would be better to feed the trackers false information as opposed to none at all. The value of their product would approach 0 if the information they have is made up mainly of noise. Just a thought...

Ghostery's true background (3, Interesting)

Anonymous Coward | more than 2 years ago | (#40412193)

Seems like a lot of people are praising Ghostery, which leads me to believe that you haven't heard the backstory.

Evidon, which makes Ghostery, is an advertising company. They were originally named Better Advertising, Inc., but changed their name for obvious PR reasons. Despite the name change, let's be clear on one thing: their goal still is building better advertising, not protecting consumer privacy. Evidon bought Ghostery, an independent privacy tool that had a good reputation. They took a tool that was originally for watching the trackers online, something people saw as a legitimate privacy tool, and users were understandably concerned. The company said they were just using Ghostery for research. Turns out they had relationships with a bunch of ad companies and were compiling data from which sites you visited when you were using Ghostery, what trackers were on those sites, what ads they were, etc., and building a database to monetize.

When confronted about it, they made their tracking opt-in and called it GhostRank, which is how it exists today. They took an open-source type tool, bought it, turned it from something that’s actually protecting people from the ad industry, to something where the users are actually providing data to the advertisers to make it easier to track them. This is a fundamental conflict of interest.

To sum up: Ghostery makes its money from selling supposedly de-indentified user data about sites visited and ads encountered to marketers and advertisers. You get less privacy, they get more money. That's an inverse relationship. Better Advertising/Evidon continually plays up the story that people should just download Ghostery to help them hide from advertisers. Their motivation to promote it, however, isn't for better privacy; it's because they hope that you'll opt in to GhostRank and send you a bunch of information. They named their company Better Advertising for a reason: their incentive is better advertising, not better privacy.

Re:Ghostery's true background (0)

Anonymous Coward | more than 2 years ago | (#40413389)

That explains why this guy was downmodded then http://yro.slashdot.org/comments.pl?sid=2931443&cid=40409595 [slashdot.org] since everyone knows marketers use forums boards plants/shills.

Multifox+good cookie manager (1)

nbsr (2343058) | more than 2 years ago | (#40412437)

I'm disappointed with Mozilla's approach to privacy (or lack of it). Currently the biggest danger for privacy is not tracking (your bank also tracks your transactions) but collecting all the available threads of information to build a fairly complete profile of the user. Yet Mozilla is pretty much ignoring the problem to the point it is difficult to differentiate Firefox from Google Chrome (a browser specifically designed for collecting information).

The only thing I ask for is a good identity manager (Multifox v.1.x is pretty good) and a convenient cookie manager (for lack of better alternatives I use CookieCuller). Things I *don't* want are "do not track" efforts, which change nothing, except for giving Mozilla an undeserved label "we care".

Your TODO list:

Make the damn identities and cookies first class components of the browser and let the users control them as easily as they control URLs or tabs. In my current setup, I have several Firefox windows open, each with a different user being logged into Google/FB/you_name_it, and with different sets of cookies allowed. This works pretty well but currently this setup takes too much fiddling to work.

Identity management should be integrated. Period. Not as a clumsy session management dialog box, which only shows up at start-up (if you ask for it). Identity name should be displayed in the url/title bar, and integrated with the context menu ("Open as ...", or "New Window with Identity ..."), bookmarks, URL bar etc.

Cookies are still waiting for a good manager, with some sort of user contributed black/white lists (like Adblock did for URLs). Filtering cookies should be as easy as "block cookies from this provider when browsing as ..." (note that identity shows up here too).

Common Service != Collusion (1)

lenzm (1238440) | more than 2 years ago | (#40412895)

Just because two websites use the same service doesn't not mean that data is shared between those two customers, eg. Google Analytics,
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>