Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Siri Keeps Your Data For Two Years

Soulskill posted about a year ago | from the but-i-didn't-give-her-my-data dept.

Privacy 124

New submitter LeadSongDog writes with news that Apple has provided information on how long it holds onto voice search data used by its digital assistant software Siri. Speaking to Wired, an Apple representative said the data is kept for two years after the initial query. "Here’s what happens. Whenever you speak into Apple’s voice activated personal digital assistant, it ships it off to Apple’s data farm for analysis. Apple generates a random numbers to represent the user and it associates the voice files with that number. This number — not your Apple user ID or email address — represents you as far as Siri’s back-end voice analysis system is concerned. Once the voice recording is six months old, Apple “disassociates” your user number from the clip, deleting the number from the voice file. But it keeps these disassociated files for up to 18 more months for testing and product improvement purposes." This information came in response to requests for clarification of Siri's privacy policy, which was not very clear as written. The director of privacy group Big Brother Watch said, "There needs to be a very high justification for retaining such intrusive data for longer than is absolutely necessary to provide the service."

cancel ×

124 comments

Sorry! There are no comments related to the filter you selected.

Protect your data with custom HOST file... apk (-1)

Anonymous Coward | about a year ago | (#43498127)

A corrupt slashdot luser has pentrated the moderation system to downmod all my posts while impersonating me.

Nearly 230++ times that I know of @ this point for all of March/April 2013 so far, & others here have told you to stop - take the hint, lunatic (leave slashdot)...

Sorry folks - but whoever the nutjob is that's attempting to impersonate me, & upset the rest of you as well, has SERIOUS mental issues, no questions asked! I must've gotten the better of him + seriously "gotten his goat" in doing so in a technical debate & his "geek angst" @ losing to me has him doing the:

---

A.) $10,000 challenges, ala (where the imposter actually TRACKED + LISTED the # of times he's done this no less, & where I get the 230 or so times I noted above) -> http://it.slashdot.org/comments.pl?sid=3585795&cid=43285307 [slashdot.org]

&/or

B.) Reposting OLD + possibly altered models - (this I haven't checked on as to altering the veracity of the info. being changed) of posts of mine from the past here

---

(Albeit massively repeatedly thru all threads on /. this March/April 2013 nearly in its entirety thusfar).

* Personally, I'm surprised the moderation staff here hasn't just "blocked out" his network range yet honestly!

(They know it's NOT the same as my own as well, especially after THIS post of mine, which they CAN see the IP range I am coming out of to compare with the ac spamming troll doing the above...).

APK

P.S.=> Again/Stressing it: NO guys - it is NOT me doing it, as I wouldn't waste that much time on such trivial b.s. like a kid might...

Plus, I only post where hosts file usage is on topic or appropriate for a solution & certainly NOT IN EVERY POST ON SLASHDOT (like the nutcase trying to "impersonate me" is doing for nearly all of March/April now, & 230++ times that I know of @ least)... apk

P.S.=> here is CORRECT host file information just to piss off the insane lunatic troll:

--

21++ ADVANTAGES OF CUSTOM HOSTS FILES (how/what/when/where/why):

Over AdBlock & DNS Servers ALONE 4 Security, Speed, Reliability, & Anonymity (to an extent vs. DNSBL's + DNS request logs).

1.) HOSTS files are useable for all these purposes because they are present on all Operating Systems that have a BSD based IP stack (even ANDROID) and do adblocking for ANY webbrowser, email program, etc. (any webbound program). A truly "multi-platform" UNIVERSAL solution for added speed, security, reliability, & even anonymity to an extent (vs. DNS request logs + DNSBL's you feel are unjust hosts get you past/around).

2.) Adblock blocks ads? Well, not anymore & certainly not as well by default, apparently, lol - see below:

Adblock Plus To Offer 'Acceptable Ads' Option

http://news.slashdot.org/story/11/12/12/2213233/adblock-plus-to-offer-acceptable-ads-option [slashdot.org] )

AND, in only browsers & their subprogram families (ala email like Thunderbird for FireFox/Mozilla products (use same gecko & xulrunner engines)), but not all, or, all independent email clients, like Outlook, Outlook Express, OR Window "LIVE" mail (for example(s)) - there's many more like EUDORA & others I've used over time that AdBlock just DOES NOT COVER... period.

Disclaimer: Opera now also has an AdBlock addon (now that Opera has addons above widgets), but I am not certain the same people make it as they do for FF or Chrome etc..

3.) Adblock doesn't protect email programs external to FF (non-mozilla/gecko engine based) family based wares, So AdBlock doesn't protect email programs like Outlook, Outlook Express, Windows "LIVE" mail & others like them (EUDORA etc./et al), Hosts files do. THIS IS GOOD VS. SPAM MAIL or MAILS THAT BEAR MALICIOUS SCRIPT, or, THAT POINT TO MALICIOUS SCRIPT VIA URLS etc.

4.) Adblock won't get you to your favorite sites if a DNS server goes down or is DNS-poisoned, hosts will (this leads to points 5-7 next below).

5.) Adblock doesn't allow you to hardcode in your favorite websites into it so you don't make DNS server calls and so you can avoid tracking by DNS request logs, OR make you reach them faster since you resolve host-domain names LOCALLY w/ hosts out of cached memory, hosts do ALL of those things (DNS servers are also being abused by the Chinese lately and by the Kaminsky flaw -> http://www.networkworld.com/news/2008/082908-kaminsky-flaw-prompts-dns-server.html [networkworld.com] for years now). Hosts protect against those problems via hardcodes of your fav sites (you should verify against the TLD that does nothing but cache IPAddress-to-domainname/hostname resolutions (in-addr.arpa) via NSLOOKUP, PINGS (ping -a in Windows), &/or WHOIS though, regularly, so you have the correct IP & it's current)).

* NOW - Some folks MAY think that putting an IP address alone into your browser's address bar will be enough, so why bother with HOSTS, right? WRONG - Putting IP address in your browser won't always work IS WHY. Some IP adresses host several domains & need the site name to give you the right page you're after is why. So for some sites only the HOSTS file option will work!

6.) Hosts files don't eat up CPU cycles (or ELECTRICITY) like AdBlock does while it parses a webpages' content, nor as much as a DNS server does while it runs. HOSTS file are merely a FILTER for the kernel mode/PnP TCP/IP subsystem, which runs FAR FASTER & MORE EFFICIENTLY than any ring 3/rpl3/usermode app can since hosts files run in MORE EFFICIENT & FASTER Ring 0/RPL 0/Kernelmode operations acting merely as a filter for the IP stack (via the "Plug-N-Play" designed IP stack in Windows) vs. SLOWER & LESS EFFICIENT Ring 3/RPL 3/Usermode operations (which webbrowsers run in + their addons like AdBlock slow down even MORESO due to their parsing operations).

7.) HOSTS files will allow you to get to sites you like, via hardcoding your favs into a HOSTS file, FAR faster than remote DNS servers can by FAR (by saving the roundtrip inquiry time to a DNS server, typically 30-100's of ms, vs. 7-10ms HardDisk speed of access/seek + SSD seek in ns, & back to you - hosts resolutions of IP address for host-domain names is FAR faster...). Hosts are only a filter for an already fast & efficient IP stack, no more layered b.s. (remote OR local). Hosts eat less CPU, RAM, I/O in other forms, + electricity than a locally running DNS server easily, and less than a local DNS program on a single PC. Fact. Hosts are easier to setup & maintain too.

8.) AdBlock doesn't let you block out known bad sites or servers that are known to be maliciously scripted, hosts can and many reputable lists for this exist:

GOOD INFORMATION ON MALWARE BEHAVIOR LISTING BOTNET C&C SERVERS + MORE (AS WELL AS REMOVAL LISTS FOR HOSTS):

http://www.mvps.org/winhelp2002/hosts.htm [mvps.org]
  http://someonewhocares.org/hosts/ [someonewhocares.org]
  http://hostsfile.org/hosts.html [hostsfile.org]
  http://hostsfile.mine.nu/downloads/ [hostsfile.mine.nu]
  http://hosts-file.net/?s=Download [hosts-file.net]
  https://zeustracker.abuse.ch/monitor.php?filter=online [abuse.ch]
  https://spyeyetracker.abuse.ch/monitor.php [abuse.ch]
  http://ddanchev.blogspot.com/ [blogspot.com]
  http://www.malware.com.br/lists.shtml [malware.com.br]
  http://www.stopbadware.org/ [stopbadware.org]
Spybot "Search & Destroy" IMMUNIZE feature (fortifies HOSTS files with KNOWN bad servers blocked)

And yes: Even SLASHDOT &/or The Register help!

(Via articles on security (when the source articles they use are "detailed" that is, & list the servers/sites involved in attempting to bushwhack others online that is... not ALL do!)).

2 examples thereof in the past I have used, & noted it there, are/were:

http://it.slashdot.org/comments.pl?sid=1898692&cid=34473398 [slashdot.org]
  http://it.slashdot.org/comments.pl?sid=1896216&cid=34458500 [slashdot.org]

9.) AdBlock & DNS servers are programs, and subject to bugs programs can get. Hosts files are merely a filter and not a program, thus not subject to bugs of the nature just discussed.

10.) HOSTS files protect you vs. DNS-poisoning &/or the Kaminsky flaw in DNS servers, and allow you to get to sites reliably vs. things like the Chinese are doing to DNS -> http://yro.slashdot.org/story/10/11/29/1755230/Chinese-DNS-Tampering-a-Real-Threat-To-Outsiders [slashdot.org]

11.) HOSTS files are EASILY user controlled, obtained (for reliable ones -> http://www.mvps.org/winhelp2002/hosts.htm [mvps.org] ) & edited too, via texteditors like Windows notepad.exe or Linux nano (etc.)

12.) With Adblock you had better be able to code javascript to play with its code (to customize it better than the GUI front does @ least). With hosts you don't even need source to control it (edit, update, delete, insert of new entries via a text editor).

13.) Hosts files are easily secured via using MAC/ACL (even moreso "automagically" for Vista, 7/Server 2008 + beyond by UAC by default) &/or Read-Only attributes applied.

14.) Custom HOSTS files also speed you up, unlike anonymous proxy servers systems variations (like TOR, or other "highly anonymous" proxy server list servers typically do, in the severe speed hit they often have a cost in) either via "hardcoding" your fav. sites into your hosts file (avoids DNS servers, totally) OR blocking out adbanners - see this below for evidence of that:

---

US Military Blocks Websites To Free Up Bandwidth:

http://yro.slashdot.org/story/11/03/16/0416238/US-Military-Blocks-Websites-To-Free-Up-Bandwidth [slashdot.org]

(Yes, even the US Military used this type of technique... because IT WORKS! Most of what they blocked? Ad banners ala doubleclick etc.)

---

Adbanners slow you down & consume your bandwidth YOU pay for:

ADBANNERS SLOW DOWN THE WEB: -> http://tech.slashdot.org/article.pl?sid=09/11/30/166218 [slashdot.org]

---

And people do NOT LIKE ads on the web:

PEOPLE DISLIKE ADBANNERS: http://yro.slashdot.org/yro/08/04/02/0058247.shtml [slashdot.org]

---

As well as this:

Users Know Advertisers Watch Them, and Hate It:

http://yro.slashdot.org/yro/08/04/02/0058247.shtml [slashdot.org]

---

Even WORSE still, is this:

Advertising Network Caught History Stealing:

http://yro.slashdot.org/story/11/07/22/156225/Advertising-Network-Caught-History-Stealing [slashdot.org]

---

15.) HOSTS files usage lets you avoid being charged on some ISP/BSP's (OR phone providers) "pay as you use" policy http://yro.slashdot.org/story/10/12/08/2012243/FCC-Approving-Pay-As-You-Go-Internet-Plans [slashdot.org] , because you are using less bandwidth (& go faster doing so no less) by NOT hauling in adbanner content and processing it (which can lead to infestation by malware/malicious script, in & of itself -> http://apcmag.com/microsoft_apologises_for_serving_malware.htm [apcmag.com] ).

16.) If/when ISP/BSP's decide to go to -> FCC Approving Pay-As-You-Go Internet Plans: http://yro.slashdot.org/story/10/12/08/2012243/FCC-Approving-Pay-As-You-Go-Internet-Plans [slashdot.org] your internet bill will go DOWN if you use a HOSTS file for blocking adbanners as well as maliciously scripted hacker/cracker malware maker sites too (after all - it's your money & time online downloading adbanner content & processing it)

Plus, your adbanner content? Well, it may also be hijacked with malicious code too mind you:

---

Yahoo, Microsoft's Bing display toxic ads:

http://www.theregister.co.uk/2011/09/16/bing_yahoo_malware_ads/ [theregister.co.uk]

---

Malware torrent delivered over Google, Yahoo! ad services:

http://www.theregister.co.uk/2009/09/24/malware_ads_google_yahoo/ [theregister.co.uk]

---

Google's DoubleClick spreads malicious ads (again):

http://www.theregister.co.uk/2009/02/24/doubleclick_distributes_malware/ [theregister.co.uk]

---

Rogue ads infiltrate Expedia and Rhapsody:

http://www.theregister.co.uk/2008/01/30/excite_and_rhapsody_rogue_ads/ [theregister.co.uk]

---

Google sponsored links caught punting malware:

http://www.theregister.co.uk/2008/12/16/google_sponsored_links/ [theregister.co.uk]

---

DoubleClick caught supplying malware-tainted ads:

http://www.theregister.co.uk/2007/11/13/doubleclick_distributes_malware/ [theregister.co.uk]

---

Yahoo feeds Trojan-laced ads to MySpace and PhotoBucket users:

http://www.theregister.co.uk/2007/09/11/yahoo_serves_12million_malware_ads/ [theregister.co.uk]

---

Real Media attacks real people via RealPlayer:

http://www.theregister.co.uk/2007/10/23/real_media_serves_malware/ [theregister.co.uk]

---

Ad networks owned by Google, Microsoft serve malware:

http://www.theregister.co.uk/2010/12/13/doubleclick_msn_malware_attacks/ [theregister.co.uk]

---

Attacks Targeting Classified Ad Sites Surge:

http://it.slashdot.org/story/11/02/02/1433210/Attacks-Targeting-Classified-Ad-Sites-Surge [slashdot.org]

---

Hackers Respond To Help Wanted Ads With Malware:

http://it.slashdot.org/story/11/01/20/0228258/Hackers-Respond-To-Help-Wanted-Ads-With-Malware [slashdot.org]

---

Hackers Use Banner Ads on Major Sites to Hijack Your PC:

http://www.wired.com/techbiz/media/news/2007/11/doubleclick [wired.com]

---

Ruskie gang hijacks Microsoft network to push penis pills:

http://www.theregister.co.uk/2010/10/12/microsoft_ips_hijacked/ [theregister.co.uk]

---

Major ISPs Injecting Ads, Vulnerabilities Into Web:

http://it.slashdot.org/it/08/04/19/2148215.shtml [slashdot.org]

---

Two Major Ad Networks Found Serving Malware:

http://tech.slashdot.org/story/10/12/13/0128249/Two-Major-Ad-Networks-Found-Serving-Malware [slashdot.org]

---

THE NEXT AD YOU CLICK MAY BE A VIRUS:

http://it.slashdot.org/story/09/06/15/2056219/The-Next-Ad-You-Click-May-Be-a-Virus [slashdot.org]

---

NY TIMES INFECTED WITH MALWARE ADBANNER:

http://news.slashdot.org/article.pl?sid=09/09/13/2346229 [slashdot.org]

---

MICROSOFT HIT BY MALWARES IN ADBANNERS:

http://apcmag.com/microsoft_apologises_for_serving_malware.htm [apcmag.com]

---

ISP's INJECTING ADS AND ERRORS INTO THE WEB: -> http://it.slashdot.org/it/08/04/19/2148215.shtml [slashdot.org]

---

ADOBE FLASH ADS INJECTING MALWARE INTO THE NET: http://it.slashdot.org/article.pl?sid=08/08/20/0029220&from=rss [slashdot.org]

---

London Stock Exchange Web Site Serving Malware:

http://www.securityweek.com/london-stock-exchange-web-site-serving-malware [securityweek.com]

---

Spotify splattered with malware-tainted ads:

http://www.theregister.co.uk/2011/03/25/spotify_malvertisement_attack/ [theregister.co.uk]

---

As my list "multiple evidences thereof" as to adbanners & viruses + the fact they slow you down & cost you more (from reputable & reliable sources no less)).

17.) Per point #16, a way to save some money: ANDROID phones can also use the HOSTS FILE TO KEEP DOWN BILLABLE TIME ONLINE, vs. adbanners or malware such as this:

---

Infected Androids Run Up Big Texting Bills:

http://it.slashdot.org/story/11/03/01/0041203/Infected-Androids-Run-Up-Big-Texting-Bills [slashdot.org]

---

AND, for protection vs. other "botnets" migrating from the PC world, to "smartphones" such as ZITMO (a ZEUS botnet variant):

http://www.google.com/search?hl=en&source=hp&q=ZITMO&btnG=Google+Search [google.com]

---

It's easily done too, via the ADB dev. tool, & mounting ANDROID OS' system mountpoint for system/etc as READ + WRITE/ADMIN-ROOT PERMISSIONS, then copying your new custom HOSTS over the old one using ADB PULL/ADB PUSH to do so (otherwise ANDROID complains of "this file cannot be overwritten on production models of this Operating System", or something very along those lines - this way gets you around that annoyance along with you possibly having to clear some space there yourself if you packed it with things!).

18.) Bad news: ADBLOCK CAN BE DETECTED FOR: See here on that note -> http://arstechnica.com/business/news/2010/03/why-ad-blocking-is-devastating-to-the-sites-you-love.ars [arstechnica.com]

HOSTS files are NOT THAT EASILY "webbug" BLOCKABLE by websites, as was tried on users by ARSTECHNICA (and it worked on AdBlock in that manner), to that websites' users' dismay:

PERTINENT QUOTE/EXCERPT FROM ARSTECHNICA THEMSELVES:

----

An experiment gone wrong - By Ken Fisher | Last updated March 6, 2010 11:11 AM

http://arstechnica.com/business/news/2010/03/why-ad-blocking-is-devastating-to-the-sites-you-love.ars [arstechnica.com]

"Starting late Friday afternoon we conducted a 12 hour experiment to see if it would be possible to simply make content disappear for visitors who were using a very popular ad blocking tool. Technologically, it was a success in that it worked. Ad blockers, and only ad blockers, couldn't see our content."

and

"Our experiment is over, and we're glad we did it because it led to us learning that we needed to communicate our point of view every once in a while. Sure, some people told us we deserved to die in a fire. But that's the Internet!"

Thus, as you can see? Well - THAT all "went over like a lead balloon" with their users in other words, because Arstechnica was forced to change it back to the old way where ADBLOCK still could work to do its job (REDDIT however, has not, for example). However/Again - this is proof that HOSTS files can still do the job, blocking potentially malscripted ads (or ads in general because they slow you down) vs. adblockers like ADBLOCK!

----

19.) Even WIKILEAKS "favors" blacklists (because they work, and HOSTS can be a blacklist vs. known BAD sites/servers/domain-host names):

---

PERTINENT QUOTE/EXCERPT (from -> http://www.theregister.co.uk/2010/12/16/wikileaks_mirror_malware_warning_row/ [theregister.co.uk] )

"we are in favour of 'Blacklists', be it for mail servers or websites, they have to be compiled with care... Fortunately, more responsible blacklists, like stopbadware.org (which protects the Firefox browser)...

---

20.) AND, LASTLY? SINCE MALWARE GENERALLY HAS TO OPERATE ON WHAT YOU YOURSELF CAN DO (running as limited class/least privlege user, hopefully, OR even as ADMIN/ROOT/SUPERUSER)? HOSTS "LOCK IN" malware too, vs. communicating "back to mama" for orders (provided they have name servers + C&C botnet servers listed in them, blocked off in your HOSTS that is) - you might think they use a hardcoded IP, which IS possible, but generally they do not & RECYCLE domain/host names they own (such as has been seen with the RBN (Russian Business Network) lately though it was considered "dead", other malwares are using its domains/hostnames now, & this? This stops that cold, too - Bonus!)...

21.) Custom HOSTS files gain users back more "screen real estate" by blocking out banner ads... it's great on PC's for speed along with MORE of what I want to see/read (not ads), & efficiency too, but EVEN BETTER ON SMARTPHONES - by far. It matters MOST there imo @ least, in regards to extra screen real-estate.

Still - It's a GOOD idea to layer in the usage of BOTH browser addons for security like adblock ( http://adblockplus.org/en/ [adblockplus.org] ), IE 9's new TPL's ( http://ie.microsoft.com/testdrive/Browser/TrackingProtectionLists/ [microsoft.com] ), &/or NoScript ( http://noscript.net/ [noscript.net] especially this one, as it covers what HOSTS files can't in javascript which is the main deliverer of MOST attacks online & SECUNIA.COM can verify this for anyone really by looking @ the past few years of attacks nowadays), for the concept of "layered security"....

It's just that HOSTS files offer you a LOT MORE gains than Adblock ( http://adblockplus.org/en/ [adblockplus.org] ) does alone (as hosts do things adblock just plain cannot & on more programs, for more speed, security, and "stealth" to a degree even), and it corrects problems in DNS (as shown above via hardcodes of your favorite sites into your HOSTS file, and more (such as avoiding DNS request logs)).

ALSO - Some more notes on DNS servers & their problems, very recent + ongoing ones:

---

DNS flaw reanimates slain evil sites as ghost domains:

http://www.theregister.co.uk/2012/02/16/ghost_domains_dns_vuln/ [theregister.co.uk]

---

BIND vs. what the Chinese are doing to DNS lately? See here:

http://yro.slashdot.org/story/10/11/29/1755230/Chinese-DNS-Tampering-a-Real-Threat-To-Outsiders [slashdot.org]

---

SECUNIA HIT BY DNS REDIRECTION HACK THIS WEEK:

http://www.theregister.co.uk/2010/11/26/secunia_back_from_dns_hack/ [theregister.co.uk]

(Yes, even "security pros" are helpless vs. DNS problems in code bugs OR redirect DNS poisoning issues, & they can only try to "set the DNS record straight" & then, they still have to wait for corrected DNS info. to propogate across all subordinate DNS servers too - lagtime in which folks DO get "abused" in mind you!)

---

DNS vs. the "Kaminsky DNS flaw", here (and even MORE problems in DNS than just that):

http://www.scmagazineus.com/new-bind-9-dns-flaw-is-worse-than-kaminskys/article/140872/ [scmagazineus.com]

(Seems others are saying that some NEW "Bind9 flaw" is worse than the Kaminsky flaw ALONE, up there, mind you... probably corrected (hopefully), but it shows yet again, DNS hassles (DNS redirect/DNS poisoning) being exploited!)

---

Moxie Marlinspike's found others (0 hack) as well...

Nope... "layered security" truly IS the "way to go" - hacker/cracker types know it, & they do NOT want the rest of us knowing it too!...

(So until DNSSEC takes "widespread adoption"? HOSTS are your answer vs. such types of attack, because the 1st thing your system refers to, by default, IS your HOSTS file (over say, DNS server usage). There are decent DNS servers though, such as OpenDNS, ScrubIT, or even NORTON DNS (more on each specifically below), & because I cannot "cache the entire internet" in a HOSTS file? I opt to use those, because I have to (& OpenDNS has been noted to "fix immediately", per the Kaminsky flaw, in fact... just as a sort of reference to how WELL they are maintained really!)

---

DNS Hijacks Now Being Used to Serve Black Hole Exploit Kit:

https://threatpost.com/en_us/blogs/dns-hijacks-now-being-used-serve-black-hole-exploit-kit-121211 [threatpost.com]

---

DNS experts admit some of the underlying foundations of the DNS protocol are inherently weak:

http://it.slashdot.org/story/11/12/08/1353203/opendns-releases-dns-encryption-tool [slashdot.org]

---

Potential 0-Day Vulnerability For BIND 9:

http://it.slashdot.org/story/11/11/17/1429259/potential-0-day-vulnerability-for-bind-9 [slashdot.org]

---

Five DNS Threats You Should Protect Against:

http://www.securityweek.com/five-dns-threats-you-should-protect-against [securityweek.com]

---

DNS provider decked by DDoS dastards:

http://www.theregister.co.uk/2010/11/16/ddos_on_dns_firm/ [theregister.co.uk]

---

Ten Percent of DNS Servers Still Vulnerable: (so much for "conscientious patching", eh? Many DNS providers weren't patching when they had to!)

http://it.slashdot.org/it/05/08/04/1525235.shtml?tid=172&tid=95&tid=218 [slashdot.org]

---

DNS ROOT SERVERS ATTACKED:

http://it.slashdot.org/it/07/02/06/2238225.shtml [slashdot.org]

---

TimeWarner DNS Hijacking:

http://tech.slashdot.org/article.pl?sid=07/07/23/2140208 [slashdot.org]

---

DNS Re-Binding Attacks:

http://crypto.stanford.edu/dns/ [stanford.edu]

---

DNS Server Survey Reveals Mixed Security Picture:

http://it.slashdot.org/it/07/11/21/0315239.shtml [slashdot.org]

---

Halvar figured out super-secret DNS vulnerability:

http://www.zdnet.com/blog/security/has-halvar-figured-out-super-secret-dns-vulnerability/1520 [zdnet.com]

---

BIND Still Susceptible To DNS Cache Poisoning:

http://tech.slashdot.org/tech/08/08/09/123222.shtml [slashdot.org]

---

DNS Poisoning Hits One of China's Biggest ISPs:

http://it.slashdot.org/it/08/08/21/2343250.shtml [slashdot.org]

---

DDoS Attacks Via DNS Recursion:

http://it.slashdot.org/it/06/03/16/1658209.shtml [slashdot.org]

---

High Severity BIND DNS Vulnerability Advisory Issued:

http://tech.slashdot.org/story/11/02/23/156212/High-Severity-BIND-Vulnerability-Advisory-Issued [slashdot.org]

---

Photobucketâ(TM)s DNS records hijacked:

http://blogs.zdnet.com/security/?p=1285 [zdnet.com]

---

Protecting Browsers from DNS Rebinding Attacks:

http://crypto.stanford.edu/dns/ [stanford.edu]

---

DNS Problem Linked To DDoS Attacks Gets Worse:

http://tech.slashdot.org/story/09/11/15/1238210/DNS-Problem-Linked-To-DDoS-Attacks-Gets-Worse [slashdot.org]

---

HOWEVER - Some DNS servers are "really good stuff" vs. phishing, known bad sites/servers/hosts-domains that serve up malware-in-general & malicious scripting, botnet C&C servers, & more, such as:

Norton DNS -> http://nortondns.com/ [nortondns.com]
  ScrubIT DNS -> http://www.scrubit.com/ [scrubit.com]
  OpenDNS -> http://www.opendns.com/ [opendns.com]

(Norton DNS in particular, is exclusively for blocking out malware, for those of you that are security-conscious. ScrubIT filters pr0n material too, but does the same, & OpenDNS does phishing protection. Each page lists how & why they work, & why they do so. Norton DNS can even show you its exceptions lists, plus user reviews & removal procedures requests, AND growth stats (every 1/2 hour or so) here -> http://safeweb.norton.com/buzz [norton.com] so, that ought to "take care of the naysayers" on removal requests, &/or methods used plus updates frequency etc./et al...)

HOWEVER - There's ONLY 1 WEAKNESS TO ANY network defense, including HOSTS files (vs. host-domain name based threats) & firewalls (hardware router type OR software type, vs. IP address based threats): Human beings, & they not being 'disciplined' about the indiscriminate usage of javascript (the main "harbinger of doom" out there today online), OR, what they download for example... & there is NOTHING I can do about that! (Per Dr. Manhattan of "The Watchmen", ala -> "I can change almost anything, but I can't change human nature")

HOWEVER AGAIN - That's where NORTON DNS, OpenDNS, &/or ScrubIT DNS help!

(Especially for noob/grandma level users who are unaware of how to secure themselves in fact, per a guide like mine noted above that uses "layered-security" principles!)

ScrubIT DNS, &/or OpenDNS are others alongside Norton DNS (adding on phishing protection too) as well!

( & it's possible to use ALL THREE in your hardware NAT routers, and, in your Local Area Connection DNS properties in Windows, for again, "Layered Security" too)...

---

20++ SLASHDOT USERS EXPERIENCING SUCCESS USING HOSTS FILES QUOTED VERBATIM:

---

"Ever since I've installed a host file (http://www.mvps.org/winhelp2002/hosts.htm) to redirect advertisers to my loopback, I haven't had any malware, spyware, or adware issues. I first started using the host file 5 years ago." - by TestedDoughnut (1324447) on Monday December 13, @12:18AM (#34532122)

"I use a custom /etc/hosts to block ads... my file gets parsed basically instantly ... So basically, for any modern computer, it has zero visible impact. And even if it took, say, a second to parse, that would be more than offset by the MANY seconds saved by not downloading and rendering ads. I have noticed NO ill effects from running a custom /etc/hosts file for the last several years. And as a matter of fact I DO run http servers on my computers and I've never had an /etc/hosts-related problem... it FUCKING WORKS and makes my life better overall." - by sootman (158191) on Monday July 13 2009, @11:47AM (#28677363) Homepage Journal

"I actually went and downloaded a 16k line hosts file and started using that after seeing that post, you know just for trying it out. some sites load up faster." - by gl4ss (559668) on Thursday November 17, @11:20AM (#38086752) Homepage Journal

"Better than an ad blocker, imo. Hosts file entries: http://www.mvps.org/winhelp2002/hosts.htm [mvps.org] " - by TempestRose (1187397) on Tuesday March 15, @12:53PM (#35493274)

"^^ One of the many reasons why I like the user-friendliness of the /etc/hosts file." - by lennier1 (264730) on Saturday March 05, @09:26PM (#35393448)

"They've been on my HOSTS block for years" - by ScottCooperDotNet (929575) on Thursday August 05 2010, @01:52AM (#33147212)

"I'm currently only using my hosts file to block pheedo ads from showing up in my RSS feeds and causing them to take forever to load. Regardless of its original intent, it's still a valid tool, when used judiciously." - by Bill Dog (726542) on Monday April 25, @02:16AM (#35927050) Homepage Journal

"you're right about hosts files" - by drinkypoo (153816) on Thursday May 26, @01:21PM (#36252958) Homepage

"APK's monolithic hosts file is looking pretty good at the moment." - by Culture20 (968837) on Thursday November 17, @10:08AM (#38085666)

"I also use the MVPS ad blocking hosts file." - by Rick17JJ (744063) on Wednesday January 19, @03:04PM (#34931482)

"I use ad-Block and a hostfile" - by Ol Olsoc (1175323) on Tuesday March 01, @10:11AM (#35346902)

"I do use Hosts, for a couple fake domains I use." - by icebraining (1313345) on Saturday December 11, @09:34AM (#34523012) Homepage

"It's a good write up on something everybody should use, why you were modded down is beyond me. Using a HOSTS file, ADblock is of no concern and they can do what they want." - by Trax3001BBS (2368736) on Monday December 12, @10:07PM (#38351398) Homepage Journal

"I want my surfing speed back so I block EVERY fucking ad. i.e. http://someonewhocares.org/hosts/ [someonewhocares.org] and http://winhelp2002.mvps.org/hosts.htm [mvps.org] FTW" - by UnknownSoldier (67820) on Tuesday December 13, @12:04PM (#38356782)

"Let me introduce you to the file: /etc/hosts" - by fahrbot-bot (874524) on Monday December 19, @05:03PM (#38427432)

"I use a hosts file" - by EdIII (1114411) on Tuesday December 13, @01:17PM (#38357816)

"I'm tempted to go for a hacked hosts file that simply resolves most advert sites to 127.0.0.1" - by bLanark (123342) on Tuesday December 13, @01:13PM (#38357760)

"this is not a troll, which hosts file source you recommend nowadays? it's a really handy method for speeding up web and it works." - by gl4ss (559668) on Thursday March 22, @08:07PM (#39446525) Homepage Journal

"A hosts file certainly does not require "a lot of work" to maintain, and it quite effectively kills a LOT of advertising and tracking schemes. . In fact, I never would have considered trying to use it for ddefending against viruses or malware." - by RocketRabbit (830691) on Thursday December 30 2010, @05:48PM (#34715060)

---

Then, there is also the words of respected security expert, Mr. Oliver Day, from SECURITYFOCUS.COM to "top that all off" as well:

A RETURN TO THE KILLFILE:

http://www.securityfocus.com/columnists/491 [securityfocus.com]

Some "PERTINENT QUOTES/EXCERPTS" to back up my points with (for starters):

---

"The host file on my day-to-day laptop is now over 16,000 lines long. Accessing the Internet -- particularly browsing the Web -- is actually faster now."

Speed, and security, is the gain... others like Mr. Day note it as well!

---

"From what I have seen in my research, major efforts to share lists of unwanted hosts began gaining serious momentum earlier this decade. The most popular appear to have started as a means to block advertising and as a way to avoid being tracked by sites that use cookies to gather data on the user across Web properties. More recently, projects like Spybot Search and Destroy offer lists of known malicious servers to add a layer of defense against trojans and other forms of malware."

Per my points exactly, no less... & guess who was posting about HOSTS files a 14++ yrs. or more back & Mr. Day was reading & now using? Yours truly (& this is one of the later ones, from 2001 http://www.furtherleft.net/computer.htm [furtherleft.net] (but the example HOSTS file with my initials in it is FAR older, circa 1998 or so) or thereabouts, and referred to later by a pal of mine who moderates NTCompatible.com (where I posted on HOSTS for YEARS (1997 onwards)) -> http://www.ntcompatible.com/thread28597-1.html [ntcompatible.com] !

---

"Shared host files could be beneficial for other groups as well. Human rights groups have sought after block resistant technologies for quite some time. The GoDaddy debacle with NMap creator Fyodor (corrected) showed a particularly vicious blocking mechanism using DNS registrars. Once a registrar pulls a website from its records, the world ceases to have an effective way to find it. Shared host files could provide a DNS-proof method of reaching sites, not to mention removing an additional vector of detection if anyone were trying to monitor the use of subversive sites. One of the known weaknesses of the Tor system, for example, is direct DNS requests by applications not configured to route such requests through Tor's network."

There you go: AND, it also works vs. the "KAMINSKY DNS FLAW" & DNS poisoning/redirect attacks, for redirectable weaknesses in DNS servers (non DNSSEC type, & set into recursive mode especially) and also in the TOR system as well (that lends itself to anonymous proxy usage weaknesses I noted above also) and, you'll get to sites you want to, even IF a DNS registrar drops said websites from its tables as shown here Beating Censorship By Routing Around DNS -> http://yro.slashdot.org/story/10/12/09/1840246/Beating-Censorship-By-Routing-Around-DNS [slashdot.org] & even DNSBL also (DNS Block Lists) -> http://en.wikipedia.org/wiki/DNSBL [wikipedia.org] as well - DOUBLE-BONUS!

---

* POSTS ABOUT HOSTS FILES I DID on "/." THAT HAVE DONE WELL BY OTHERS & WERE RATED HIGHLY, 26++ THUSFAR (from +3 -> +1 RATINGS, usually "informative" or "interesting" etc./et al):

BANNER ADS & BANDWIDTH:2011 -> http://hardware.slashdot.org/comments.pl?sid=2139088&cid=36077722 [slashdot.org]
  HOSTS MOD UP:2010 -> http://yro.slashdot.org/comments.pl?sid=1907266&cid=34529608 [slashdot.org]
  HOSTS MOD UP:2009 -> http://tech.slashdot.org/comments.pl?sid=1490078&cid=30555632 [slashdot.org]
  HOSTS MOD UP:2010 -> http://it.slashdot.org/comments.pl?sid=1869638&cid=34237268 [slashdot.org]
  HOSTS MOD UP:2009 -> http://tech.slashdot.org/comments.pl?sid=1461288&threshold=-1&commentsort=0&mode=thread&cid=30272074 [slashdot.org]
  HOSTS MOD UP:2009 -> http://tech.slashdot.org/comments.pl?sid=1255487&cid=28197285 [slashdot.org]
  HOSTS MOD UP:2009 -> http://tech.slashdot.org/comments.pl?sid=1206409&cid=27661983 [slashdot.org]
  HOSTS MOD UP:2010 -> http://apple.slashdot.org/comments.pl?sid=1725068&cid=32960808 [slashdot.org]
  HOSTS MOD UP:2010 -> http://it.slashdot.org/comments.pl?sid=1743902&cid=33147274 [slashdot.org]
  APK 20++ POINTS ON HOSTS MOD UP:2010 -> http://news.slashdot.org/comments.pl?sid=1913212&cid=34576182 [slashdot.org]
  HOSTS MOD UP:2010 -> http://it.slashdot.org/comments.pl?sid=1862260&cid=34186256 [slashdot.org]
  HOSTS MOD UP:2010 (w/ facebook known bad sites blocked) -> http://tech.slashdot.org/comments.pl?sid=1924892&cid=34670128 [slashdot.org]
  HOSTS FILE MOD UP FOR ANDROID MALWARE:2010 -> http://mobile.slashdot.org/comments.pl?sid=1930156&cid=34713952 [slashdot.org]
  HOSTS MOD UP ZEUSTRACKER:2011 -> http://it.slashdot.org/comments.pl?sid=2059420&cid=35654066 [slashdot.org]
  HOSTS MOD UP vs AT&T BANDWIDTH CAP:2011 -> http://tech.slashdot.org/comments.pl?sid=2116504&cid=35985584 [slashdot.org]
  HOSTS MOD UP CAN DO SAME AS THE "CloudFlare" Server-Side service:2011 -> http://it.slashdot.org/comments.pl?sid=2220314&cid=36372850 [slashdot.org]
  HOSTS and BGP +5 RATED (BEING HONEST):2010 http://tech.slashdot.org/comments.pl?sid=1901826&cid=34490450 [slashdot.org]
  HOSTS & PROTECT IP ACT:2011 http://yro.slashdot.org/comments.pl?sid=2368832&cid=37021700 [slashdot.org]
  HOSTS MOD UP:2011 -> http://yro.slashdot.org/comments.pl?sid=2457766&cid=37592458 [slashdot.org]
  HOSTS MOD UP & OPERA HAUTE SECURE:2011 -> http://yro.slashdot.org/comments.pl?sid=2457274&cid=37589596 [slashdot.org]
  0.0.0.0 in HOSTS:2009 -> http://tech.slashdot.org/comments.pl?sid=1197039&cid=27556999 [slashdot.org]
  0.0.0.0 IN HOSTS:2009 -> http://tech.slashdot.org/comments.pl?sid=1143349&cid=27012231 [slashdot.org]
  0.0.0.0 in HOSTS:2009 -> http://it.slashdot.org/comments.pl?sid=1198841&cid=27580299 [slashdot.org]
  0.0.0.0 in HOSTS:2009 -> http://tech.slashdot.org/comments.pl?sid=1139705&cid=26977225 [slashdot.org]
  HOSTS MOD UP:2009 -> http://hardware.slashdot.org/comments.pl?sid=1319261&cid=28872833 [slashdot.org] (still says INSIGHTFUL)
  HOSTS MOD UP vs. botnet: 2012 -> http://it.slashdot.org/comments.pl?sid=2603836&cid=38586216 [slashdot.org]

---

Windows 7, VISTA, & Server 2008 have a couple of "issues" I don't like in them, & you may not either, depending on your point of view (mine's based solely on efficiency & security), & if my take on these issues aren't "good enough"? I suggest reading what ROOTKIT.COM says, link URL is in my "p.s." @ the bottom of this post:

1.) HOSTS files being unable to use "0" for a blocking IP address - this started in 12/09/2008 after an "MS Patch Tuesday" in fact for VISTA (when it had NO problem using it before that, as Windows 2000/XP/Server 2003 still can)... & yes, this continues in its descendants, Windows Server 2008 &/or Windows 7 as well.

So, why is this a "problem" you might ask?

Ok - since you can technically use either:

a.) 127.0.0.1 (the "loopback adapter address")
b.) 0.0.0.0 (next smallest & next most efficient)
c.) The smallest & fastest plain-jane 0

PER EACH HOSTS FILE ENTRY/RECORD...

You can use ANY of those, in order to block out known bad sites &/or adbanners in a HOSTS file this way??

Microsoft has "promoted bloat" in doing so... no questions asked.

Simply because

1.) 127.0.0.1 = 9 bytes in size on disk & is the largest/slowest
2.) 0.0.0.0 = 7 bytes & is the next largest/slowest in size on disk
3.) 0 = 1 byte

(& HOSTS files extend across EVERY webbrowser, email program, or in general every webbound program you use & thus HOSTS are "global" in coverage this way AND function on any OS that uses the BSD derived IP stack (which most all do mind you, even MS is based off of it, as BSD's IS truly, "the best in the business"), & when coupled with say, IE restricted zones, FireFox addons like NoScript &/or AdBlock, or Opera filter.ini/urlfilter.ini, for layered security in this capacity for webbrowsers & SOME email programs (here, I mean ones "built into" browsers themselves like Opera has for example))

MS has literally promoted bloat in this file, making it load slower from disk, into memory! This compounds itself, the more entries your HOSTS file contains... & for instance? Mine currently contains nearly 654,000 entries of known bad adbanners, bad websites, &/or bad nameservers (used for controlling botnets, misdirecting net requests, etc. et al).

Now, IF I were to use 127.0.0.1? My "huge" HOSTS file would be approximately 27mb in size... using 0.0.0.0 (next smallest) it would be 19mb in size - HOWEVER? Using 0 as my blocking IP, it is only 14mb in size. See my point?

(For loads either in the local DNS cache, or system diskcache if you run w/out the local DNS client service running, this gets slower the larger each HOSTS file entry is (which you have to stall the DNS client service in Windows for larger ones, especially if you use a "giant HOSTS file" (purely relative term, but once it goes over (iirc) 4mb in size, you have to cut the local DNS cache client service)))

NO questions asked - the physics of it backed me up in theory alone, but when I was questioned on it for PROOF thereof?

I wrote a small test program to load such a list into a "pascal record" (which is analagous to a C/C++ structure), which is EXACTLY what the DNS client/DNS API does as well, using a C/C++ structure (basically an array of sorts really, & a structure/record is a precursor part to a full-blown CLASS or OBJECT, minus the functions built in, this is for treating numerous variables as a SINGLE VARIABLE (for efficiency, which FORTRAN as a single example, lacks as a feature, @ least Fortran 77 did, but other languages do not))!

I even wrote another that just loaded my HOSTS file's entirety into a listbox, same results... slowest using 127.0.0.1, next slowest using 0.0.0.0, & fastest using 0.

And, sure: Some MORE "goes on" during DNS API loads (iirc, removal of duplicated entries (which I made sure my personal copy does not have these via a program I wrote to purge it of duplicated entries + to sort each entry alphabetically for easier mgt. via say, notepad.exe) & a conversion from decimal values to hex ones), but, nevertheless? My point here "holds true", of slower value loads, record-by-record, from a HOSTS file, when the entries become larger.

So, to "prove my point" to my naysayers?

I timed it using the Win32 API calls "GetTickCount" & then again, using the API calls of "QueryPerformanceCounter" as well, seeing the SAME results (a slowdown when reading in this file from disk, especially when using the larger 127.0.0.1 or 0.0.0.0 line item entries in a HOSTS file, vs. the smaller/faster/more efficient 0).

In my test, I saw a decline in speed/efficiency in my test doing so by using larger blocking addresses (127.0.0.1 &/or 0.0.0.0, vs. the smallest/fastest in 0)... proving me correct on this note!

On this HOSTS issue, and the WFP design issue in my next post below?

I also then questioned MS' own staff, even their VP of development (S. Sinofsky) on this here -> http://blogs.msdn.com/e7/archive/2009/02/09/recognizing-improvements-in-windows-7-handwriting.aspx?CommentPosted=true#commentmessage [msdn.com] & other places in their blogs, to get them to tell me WHY this seemingly intentional inefficiency was implemented... & I have YET to get a solid LOGICAL answer on this as to why it was done - THUS, @ this point?

I am convinced they (MS) do NOT have a good reason for doing this... because of their lack of response there on this note. Unless it has something to do with IPv6 (most folks use IPv4 still), I cannot understand WHY this design mistake imo, has occurred, in HOSTS files...

AND

2.) The "Windows Filtering Platform", which is now how the firewall works in VISTA, Server 2008, & Windows 7...

Sure it works in this new single point method & it is simple to manage & "sync" all points of it, making it easier for network techs/admins to manage than the older 3 part method, but that very thing works against it as well, because it is only a single part system now!

Thus, however?

This "single layer design" in WFP, now represents a SINGLE POINT OF FAILURE/ATTACK for malware makers to 'take down'!

(Which is 1 of the 1st things a malware attempts to do, is to take down any software firewalls present, or even the "Windows Security Center" itself which should warn you of the firewall "going down", & it's fairly easy to do either by messaging the services they use, or messing up their registry init. settings)

VS. the older (up to) 3 part method used in Windows 2000/XP/Server 2003, for protecting a system via IP Filtering, the Windows native Firewall, &/or IPSEC. Each of which uses diff. drivers, & layers of the IP stack to function from, as well as registry initialization settings.

Think of the older 3 part design much the same as the reason why folks use door handle locks, deadbolt locks, & chain locks on their doors... multipart layered security.

(Each of which the latter older method used, had 3 separate drivers & registry settings to do their jobs, representing a "phalanx like"/"zone defense like" system of backup of one another (like you see in sports OR ancient wars, and trust me, it WORKS, because on either side of yourself, you have "backup", even if YOU "go down" vs. the opponent)).

I.E.-> Take 1 of the "older method's" 3 part defenses down? 2 others STILL stand in the way, & they are not that simple to take them ALL down...

(Well, @ least NOT as easily as "taking out" a single part defensive system like WFP (the new "Windows Filtering Platform", which powers the VISTA, Windows Server 2008, & yes, Windows 7 firewall defense system)).

On this "single-part/single-point of attack" WFP (vs. Windows 2000/XP/Server 2003's IP stack defense design in 3-part/zone defense/phalanx type arrangement) as well as the HOSTS issue in my post above?

I also then questioned MS' own staff, even their VP of development (S. Sinofsky) on this here -> http://blogs.msdn.com/e7/archive/2009/02/09/recognizing-improvements-in-windows-7-handwriting.aspx?CommentPosted=true#commentmessage [msdn.com] & other places in their blogs, to get them to tell me WHY this seemingly intentional inefficiency was implemented... & I have YET to get a solid LOGICAL answer on this as to why it was done - THUS, @ this point?

I'll stick to my thoughts on it, until I am shown otherwise & proven wrong.

----

Following up on what I wrote up above, so those here reading have actual technical references from Microsoft themselves ("The horses' mouth"), in regards to the Firewall/PortFilter/IPSec designs (not HOSTS files, that I am SURE I am correct about, no questions asked) from my "Point #2" above?

Thus, I'll now note how:

----

1.) TCP/IP packet processing paths differences between in how Windows 2000/XP/Server 2003 did it (IPSEC.SYS (IP Security Policies), IPNAT.SYS (Windows Firewall), IPFLTDRV.SYS (Port Filtering), & TCPIP.SYS (base IP driver))...

2.) AND, how VISTA/Server 2008/Windows 7 do it now currently, using a SINGLE layer (WFP)...

----

First off, here is HOW it worked in Windows 2000/XP/Server 2003 - using 3 discrete & different drivers AND LEVELS/LAYERS of the packet processing path they worked in:

http://technet.microsoft.com/en-us/library/bb878072.aspx [microsoft.com]

The Cable Guy - June 2005: TCP/IP Packet Processing Paths

====

The following components process IP packets:

IP forwarding Determines the next-hop interface and address for packets being sent or forwarded.

TCP/IP filtering Allows you to specify by IP protocol, TCP port, or UDP port, the types of traffic that are acceptable for incoming local host traffic (packets destined for the host). You can configure TCP/IP filtering on the Options tab from the advanced properties of the Internet Protocol (TCP/IP) component in the Network Connections folder.

* "Here endeth the lesson..." and, if you REALLY want to secure your system? Please refer to this:

http://www.bing.com/search?q=%22HOW+TO+SECURE+Windows+2000%2FXP%22&go=&form=QBRE [bing.com]

APK [mailto]

P.S.=> SOME MINOR "CAVEATS/CATCH-22's" - things to be aware of for "layered security" + HOSTS file performance - easily overcome, or not a problem at all:

A.) HOSTS files don't function under PROXY SERVERS (except for Proximitron, which has a filter that allows it) - Which is *the "WHY"* of why I state in my "P.S." section below to use both AdBlock type browser addon methods (or even built-in block lists browsers have such as Opera's URLFILTER.INI file, & FireFox has such as list as does IE also in the form of TPL (tracking protection lists -> http://ie.microsoft.com/testdrive/Browser/TrackingProtectionLists/ [microsoft.com] , good stuff )) in combination with HOSTS, for the best in "layered security" (alongside .pac files + custom cascading style sheets that can filter off various tags such as scripts or ads etc.) - but proxies, especially "HIGHLY ANONYMOUS" types, generally slow you down to a CRAWL online (& personally, I cannot see using proxies "for the good" typically - as they allow "truly anonymous posting" & have bugs (such as TOR has been shown to have & be "bypassable/traceable" via its "onion routing" methods)).

B.) HOSTS files do NOT protect you vs. javascript (this only holds true IF you don't already have a bad site blocked out in your HOSTS file though, & the list of sites where you can obtain such lists to add to your HOSTS are above (& updated daily in many of them)).

C.) HOSTS files (relatively "largish ones") require you to turn off Windows' native "DNS local client cache service" (which has a problem in that it's designed with a non-redimensionable/resizeable list, array, or queue (DNS data loads into a C/C++ structure actually/afaik, which IS a form of array)) - mvps.org covers that in detail and how to easily do this in Windows (this is NOT a problem in Linux, & it's 1 thing I will give Linux over Windows, hands-down). Relatively "smallish" HOSTS files don't have this problem (mvps.org offers 2 types for this).

D.) HOSTS files, once read/loaded, once? GET CACHED! Right into the kernelmode diskcaching subsystem (fast & efficient RAM speed), for speed of access/re-access (@ system startup in older MS OS' like 2000, or, upon a users' 1st request that's "Webbound" via say, a webbrowser) gets read into either the DNS local caching client service (noted above), OR, if that's turned off? Into your local diskcac

Re:Protect your data with custom HOST file... apk (0)

tom17 (659054) | about a year ago | (#43498413)

I have not read one of these posts yet. Is it worth it or is it just drivel?

Re:Protect your data with custom HOST file... apk (0, Informative)

Anonymous Coward | about a year ago | (#43498599)

I'm not sure if this is a joke, so I'll answer honestly (if it is a joke, then I guess this just makes the butt of it, but oh well). This person posts completely off-topic rants about /etc/hosts, claiming persecution. If this showed up in your inbox, would you think twice before marking it "spam" and moving on to the next message?

WHY NOT DISPROVE MY POINTS THEN... apk (-1)

Anonymous Coward | about a year ago | (#43498753)

See here, explains it all -> http://tech.slashdot.org/comments.pl?sid=3561925&cid=43223585 [slashdot.org]

* :)

I.E./Summary: Trolls had a challenge put to them to validly disprove my points in the post I just replied to - result? Trolls FAIL... lol!

APK

P.S.=> That's what makes me LAUGH harder than ANYTHING ELSE on this forums (full of "FUD" spreading trolls) - When you hit trolls with facts & truths they CANNOT disprove validly on computing tech based grounds, this is the result - Applying unjustifiable downmods to effetely & vainly *try* to "hide" my posts & facts/truths they extoll!

Hahaha... lol, man: Happens nearly every single time I post such lists (proving how ineffectual these trolls are), only showing how solid my posts of that nature are...

Ah yes "geek angst" @ it's 'finest' (not), vs. facts & truths = downmod by /. weak trolls!

... apk

Re:WHY NOT DISPROVE MY POINTS THEN... apk (0)

Anonymous Coward | about a year ago | (#43499419)

Hey man, I know this is important to you, but maybe you should talk to someone outside of the internet about it? I mean, you sound really batshit insane.

Re:WHY NOT DISPROVE MY POINTS THEN... apk (2, Informative)

Anonymous Coward | about a year ago | (#43499435)

Seriously, as a professional troll, i have to say if they're getting you to do all this crazy stuff then they won.

Re:WHY NOT DISPROVE MY POINTS THEN... apk (0)

WGFCrafty (1062506) | about a year ago | (#43499975)

I have to say it makes you both fucking nuts.

Re:Protect your data with custom HOST file... apk (0)

tom17 (659054) | about a year ago | (#43498839)

Not a joke. It's just that sometimes I have seen people respond to it and it makes me wonder if it's worth spending the 5 mins to read through it.

But no, as you suggest, every time I see it I scroll past it as I cba. But that people mention hosts files in it, I can't help but wonder if there is anything interesting in it. I can't see how a hosts file could relate to propaganda.

Additionally, simply reading it would answer my question and, possibly, be quicker than asking like this. Problem is, I just really CBA :)

Was not a joke :)

Re:Protect your data with custom HOST file... apk (0)

WGFCrafty (1062506) | about a year ago | (#43499959)

See my above post. I'm convinced APK is serious, he has got battles raging everywhere, meticulously catalogued, yet he thinks this is proof of his knowledge and experience, not obsessive insanity. And making that point doesn't make him reconsider, it incites him. He also seems to think what looks like many multiples of people saying this are one or a few people who are out to get him. Just read my post and google Alexander Peter Kowalski.
t

Re:Protect your data with custom HOST file... apk (1)

tbird81 (946205) | about a year ago | (#43501103)

Is it really Alexander Peter Kowalski? Or just an imposter?

Re:Protect your data with custom HOST file... apk (0)

WGFCrafty (1062506) | about a year ago | (#43499927)

Alexander Peter KowalskI and anyone arguing with him are insane. I saw their crazy tirades once and googled his name, and HOLY SHIT. This guy has mini battle raging all over many sites for some of the most inane shit you can think of. He meticulously catalogs the people who have crossed him and works to MAKE SURE everyone understands they are fools.

Now, they well be fools, but by his meticulous and obsessive actions Kowalski (APK) has proved without a shadow of doubt his absolutE insanity. I haven't even argued with this guy so don't think I'm part of these internet crusades. All this I've found by googling his name. The trove of flaming and incomprehensible obsessive agression is humongous and both funny, and pathetic to varying intense degrees. Just google if you are curious about the kinds of crazy that are out there.T

Re:Protect your data with custom HOST file... apk (-1)

Anonymous Coward | about a year ago | (#43498521)

hello jeremiah cornelius http://slashdot.org/comments.pl?sid=3581857&cid=43276741 [slashdot.org]

Re:Protect your data with custom HOST file... apk (-1)

Anonymous Coward | about a year ago | (#43498573)

Hello Paul

Re:Protect your data with custom HOST file... apk (1)

mcneely.mike (927221) | about a year ago | (#43498703)

Paul is dead.

Re:Protect your data with custom HOST file... apk (-1)

Anonymous Coward | about a year ago | (#43498803)

seems an IP ban is in order.

Re:Protect your data with custom HOST file... apk (0)

Doug Otto (2821601) | about a year ago | (#43498873)

Seems you should learn how the internets work.....

Backups (2, Insightful)

Anonymous Coward | about a year ago | (#43498137)

How long are the backups of these systems kept for? Do they require a subpoena to get those backups, or will Apple cheerfully hand it over to any agency that asks?

Re:Backups (1)

Type44Q (1233630) | about a year ago | (#43499415)

or will Apple cheerfully hand it over to any agency that asks?

If you need to ask, you can probably already figure out the answer.

No Biggie (1)

Anonymous Coward | about a year ago | (#43498145)

Big Brother will come along at least once during that period so you can rest assured knowing it's stored for eternity.

"Very High Justification" (1)

rmdingler (1955220) | about a year ago | (#43498151)

is unfortunately in the eye of the beholder... The US government's reliance on it's ability to access private data has helped so much with the Boston suspects, we will wrest these gains into the intrusion of privacy from their cold, dead hands.

Re:"Very High Justification" (1, Informative)

Anonymous Coward | about a year ago | (#43499117)

Joking I hope? We have no idea how they claim to have found these guys yet.

The Government has relied on people turning in pictures and information "as far as we know" and did not find these guys by spying. I'm not claiming the Govt won't use that as an excuse, I'm saying it's untrue so you should not buy it if they do.

Be careful what you ask Siri! (2, Funny)

Anonymous Coward | about a year ago | (#43498155)

"Siri, how much fuel oil should I mix with 25 pounds of ammonium nitrate?"

Re:Be careful what you ask Siri! (2, Funny)

Anonymous Coward | about a year ago | (#43498313)

about a pint, but it's not critical. And AN comes in 50 pound sacks. 25 lb marks you as a newb.
But nitromethane works better.

Re:Be careful what you ask Siri! (2, Funny)

Anonymous Coward | about a year ago | (#43498879)

What if he's making one for now and one for later?

Re:Be careful what you ask Siri! (0)

Anonymous Coward | about a year ago | (#43499341)

Oh.. good point.. if you were making many for now, mixing in one big batch works better, but yes, if one for this week and another for next week, you'd want to do it separately.

Would Siri know to ask you?

Comparison with Google search? (4, Interesting)

Anubis IV (1279820) | about a year ago | (#43498237)

Anyone have the timeline for Google's disassociation and destruction of search queries? I'm curious how Apple's policies compare against those.

Re:Comparison with Google search? (2)

MozeeToby (1163751) | about a year ago | (#43498335)

Well, you can disable Google saving your search at all... so there is that.

Re:Comparison with Google search? (5, Insightful)

fazey (2806709) | about a year ago | (#43498421)

You mean google has an option to hide your search history from you?

Re:Comparison with Google search? (4, Interesting)

Anubis IV (1279820) | about a year ago | (#43498439)

From what I can tell, disabling Google History doesn't seem to come with a promise that Google doesn't keep that data somewhere else. What they say they'll do is stop using your History to present targeted advertising for you across their services, or you can choose to delete individual items from your search history, that way they aren't considered when it comes to determining your interests and the like. What they very carefully seem to avoid saying is that they completely delete your queries from all of their systems, so I wouldn't be surprised if they're still using them in some sort of anonymized form for product improvement purposes, tracking trends, or other things of that sort.

Re:Comparison with Google search? (2, Insightful)

sqrt(2) (786011) | about a year ago | (#43498751)

Actually, turning off search history doesn't even do as much as you say. They still use everything you enter into their services, every keystroke, how long you spent looking at a page, when you searched and from where. They use all of that and more to target ads (which many of us never see anyway thanks to Adblock Plus).

Turning off search history hides this data from YOU. They still have it. They still have it associated with your account, and even if you are logged out it's associated with your IP address. Since they know your IP address when you're logged out as well as when you're logged in, ALL your queries are associated with your account if you've ever logged in from that IP. Even "anonymous" users who have no account with Google have shadow profiles associated with their IPs and search patterns. And it's safe to assume given how cheap storage space is that this data is retained forever. I'd be surprised if Google has ever deleted any of their search records since they created the company.

The only way you can be anonymous with Google is to use a proxy while searching. I suggest using TOR when you want your searches to be anonymous, or use Duckduckgo.

Re:Comparison with Google search? (1)

Dishevel (1105119) | about a year ago | (#43498919)

Google ads are white listed for me.
Plain text. On topic. Unintrusive and helps out the company giving me good free shit.
Every great once in a while I actually click on an ad because it is something I want.

Of all ads on the internet. Google ads cause me the least pain.

Re:Comparison with Google search? (3, Insightful)

sqrt(2) (786011) | about a year ago | (#43499287)

Perfectly reasonable. Myself, I've never seen an advertisement that was legitimately helpful. I'm dubious that there ever could be such a thing because advertising is fundamentally an adversarial relationship between the advertiser and the target of the ad (you): you have money that you want to keep, or get the most value for when you do spend it; they want to give you as little as possible while taking as much of your money as they can. You are fighting each other, you have competing interests. You can see why there's a huge incentive for them to lie, or get as close to lying as they legally can, and emotionally manipulate you in their pursuit of your dollars. I find attempts at such manipulation repugnant, which is probably why I walk around most of the day with a mild nauseated sensation. Still, I'd choose that over the syrupy haze of blissful ignorance.

Google's official ads might be the least intrusive, but their disguised ads are rather pernicious, IMO. For example, every product you are shown when using Google Shopping is a paid product advertisement, every single product. They are ALL ads, and nowhere is this disclosed clearly. They are trying to pass it off as a store like Amazon (which has plenty of hidden ads too, but they at least make a passing nod towards identifying them) but it's more like the yellow pages. You have to pay Google for your product to appear there.

Re:Comparison with Google search? (1)

Type44Q (1233630) | about a year ago | (#43499457)

I'd mod you up but I blew the opportunity when I made a stupid comment above...

Re:Comparison with Google search? (0)

Anonymous Coward | about a year ago | (#43499827)

Google's official ads might be the least intrusive, but their disguised ads are rather pernicious, IMO. For example, every product you are shown when using Google Shopping is a paid product advertisement, every single product. They are ALL ads, and nowhere is this disclosed clearly. They are trying to pass it off as a store like Amazon (which has plenty of hidden ads too, but they at least make a passing nod towards identifying them) but it's more like the yellow pages. You have to pay Google for your product to appear there.

:blink: Really? I mean, I believe you, but I had assumed that data was autogenerated by scraping e-commerce websites. I would expect the content to be higher quality if it's actually given to Google. Of course, that's just me expecting way too much of e-commerce websites.

Re:Comparison with Google search? (1)

kermidge (2221646) | about a year ago | (#43500905)

"or use Duckduckgo"

here's another one to use; I've been using it for about a month and like it. Combines ixquick with Google results, and offers additional goodness, such as SSL, no cookies, proxy. (One search engine I miss is Kartoo - if it was still around it would be great along with this kind of anonymized, trackless search.) It also avoids handing over referrer info - which can be used to track you regardless of IP, depending on your settings.

https://startpage.com/ [startpage.com]

Re:Comparison with Google search? (1)

93 Escort Wagon (326346) | about a year ago | (#43501251)

From what I can tell, disabling Google History doesn't seem to come with a promise that Google doesn't keep that data somewhere else.

I am pretty sure, based on experiences I've spelled out on Slashdot before, Google never actually deletes anything. When you select "delete" they basically just make it unavailable to you.

Re:Comparison with Google search? (0)

BasilBrush (643681) | about a year ago | (#43498749)

Well, you can disable Google saving your search at all... so there is that.

No you can't. You *may* be able to stop them associating them with your account. But they still save the searches.

Re:Comparison with Google search? (1)

thetoadwarrior (1268702) | about a year ago | (#43499515)

No, you have the option of not tying your google searches to a user a account and a specific name but if you think that save you then you don't belong in public.

Apple sells its cutomers to advertisers (-1, Troll)

tuppe666 (904118) | about a year ago | (#43498383)

Anyone have the timeline for Google's disassociation and destruction of search queries? I'm curious how Apple's policies compare against those.

Ironically they sell Apple customers to Google currently for a $400Billion although they are allegedly selling its customers to Yahoo next. So for now *exactly the same* because they are the same :)

Re:Apple sells its cutomers to advertisers (2)

Anubis IV (1279820) | about a year ago | (#43498493)

What are you talking about? If there was a $400B deal, I think we'd all have heard about it.

Re:Apple sells its cutomers to advertisers (0, Flamebait)

BasilBrush (643681) | about a year ago | (#43498779)

You're not only a liar, you're not a very good one. You have no grasp of large numbers. $400 billion is more than either company is worth.

Re:Comparison with Google search? (0)

Anonymous Coward | about a year ago | (#43498417)

Anyone have the timeline for Google's disassociation and destruction of search queries?

There isn't one. And for the comment that you can disable tracking, all that does is segment your google-userid from the searches when search activity is logged into the system. The rest of the potentially identifying information is saved, just like if you didn't log into Google-whatever before searching.

They make data anonymous after 18 months (3, Insightful)

tuppe666 (904118) | about a year ago | (#43498471)

...and have since 2007 These two great blog posts cover the details "Taking steps to further improve our privacy practices" http://googleblog.blogspot.co.uk/2007/03/taking-steps-to-further-improve-our.html [blogspot.co.uk] and "
How long should Google remember searches? " http://googleblog.blogspot.co.uk/2007/06/how-long-should-google-remember.html [blogspot.co.uk] an example from it "By anonymizing our server logs after 18-24 months, we think we’re striking the right balance between two goals: continuing to improve Google’s services for you, while providing more transparency and certainty about our retention practices." Google are suprisingly forthcoming about how and what they do with your data, which clashes sharply with Apple(pretend the don't) or Microsoft(who run hate campaigns)

Re:They make data anonymous after 18 months (1)

Anubis IV (1279820) | about a year ago | (#43498557)

While I'm glad that they make that public, what they're NOT saying there is that they delete our data eventually. As such, if I make a query that can be tied back to me, my other queries can likely be tied back to me as well, since they'll share an anonymized ID between them.

Granted, voice data is MUCH more sensitive than plaintext, but I'm still a bit disappointed that Google isn't promising to delete our queries entirely after a period of time, rather than merely anonymizing them. Anonymization is a good first step, but it shouldn't be the final one, and after two years, they should have gotten everything out of my query that they'll ever get.

Re:They make data anonymous after 18 months (1, Insightful)

node 3 (115640) | about a year ago | (#43499389)

Google are suprisingly forthcoming about how and what they do with your data, which clashes sharply with Apple(pretend the don't) or Microsoft(who run hate campaigns)

It's notable that you left out the part where both Apple and MS have better actual policies, and instead focus on the way they talk about them.

Re:Comparison with Google search? (4, Informative)

Anubis IV (1279820) | about a year ago | (#43498483)

Well, I've been searching since I made the comment, and the best I've found so far is this thread [google.com] where a Google rep confirms that for every image search they keep a thumbnail of the item that was clicked on, as well as the IP address for 9 months (after which it gets anonymized), and identifying information for the cookie associated with you for 18 months (after which it gets anonymized and the IP address gets partially destroyed). What that means is that they never fully destroy the data, and that if the query was self-identifying in some way, someone could still tie all of the queries you made together since they would still be associated with the cookie data, even if that cookie data is no longer associated with you.

Take it with a grain of salt, however, since that's from back in 2011. As we all know, these tech companies have made big strides to protect our privacy better since then. Wait, no, I have that backwards.

Re:Comparison with Google search? (0)

BasilBrush (643681) | about a year ago | (#43498737)

Anyone have the timeline for Google's disassociation and destruction of search queries? I'm curious how Apple's policies compare against those.

Well Google saves your searches against your Google account if you have one. And they save them for years. So it's a whole different ballgame.

Apple sells your data to Google for $3.20 (1)

tuppe666 (904118) | about a year ago | (#43499153)

save them for years. So it's a whole different ballgame.

I know your Angry with Apple and confused right now, You bought an Apple phone and Apple still sold you to Google. You paid a mark-up of 50% on a $650 phone just to be sold for a measly $3.20, who would have thought you were so cheap.

Re:Apple sells your data to Google for $3.20 (0, Offtopic)

node 3 (115640) | about a year ago | (#43499429)

I know you're grasping for straws. You're angry that someone somewhere bought an Apple phone and is happy with it.

Google is horrible on privacy. How you constantly feel the need to defend Google by bashing Apple is, at least, entertaining. Especially since Apple is nowhere near as much of a privacy concern. So instead, what? You tell people how they should feel about spending their own money? Don't you think people know how much they spend, and when they spend it willingly, they find it to be a good value, and that your opinion on the matter doesn't amount to jack shit?

Re:Comparison with Google search? (0)

Anonymous Coward | about a year ago | (#43499441)

If I ask you a question, how long until the query is disassociated and destroyed?

Siri sucks! Stop making it better! (3, Insightful)

Maxwell (13985) | about a year ago | (#43498261)

My guess is the overlap between "people who complained Siri wasn't accurate" and "people who dont want apple keeping any Siri data so they can make it better" is pretty close to perfect.

Google reads your mail. Apple listens to your ravings. Don't like it, don't use it. And they only keep 'your' (ie identifable) data 6 months.

Re:Siri sucks! Stop making it better! (0)

Anonymous Coward | about a year ago | (#43498503)

My guess is the overlap between "people who complained Siri wasn't accurate" and "people who dont want apple keeping any Siri data so they can make it better" is pretty close to perfect.

Google reads your mail. Apple listens to your ravings. Don't like it, don't use it. And they only keep 'your' (ie identifable) data 6 months.

I think the backlash against Siri is that it at launch was heralded as this amazing revolution, that didn't half live up to its promises. Trying to say that others had similar voice search tech around the time of Siri launch was instant down-vote to oblivion. This was revolutionary and couldn't be compared to anything else.

Re:Siri sucks! Stop making it better! (3, Interesting)

nine-times (778537) | about a year ago | (#43498983)

Yeah, I find myself not minding this so much. I do think electronic records should somehow "sunset" at some point, even if it's after a few years, for various reasons. However, I don't see what the big deal is whether Apple retains the data for 1 month vs. 6 months vs. 2 years.

When I used Siri for the first time and realized it was sending my questions to a datacenter somewhere, I had an immediate reaction of "that's a bit creepy and disconcerting." But once the data is sent out to the datacenter for processing, you've already opened the door for the data to be misused. Once you assume that the data will be stored for some amount of time, you increase the chances for the data to be misused. But if you extend the time that the data is stored for a for months or a year, I don't feel like you're greatly increasing your exposure.

What holding on the data actually does is it gives Apple some time to process and analyze the data, improving the speech recognition and heuristic models. I'd expect them to want to keep it for a couple years, especially since Siri is new and they're probably still developing their methods for analyzing the data. In this sort of situation, having more data means being able to create a more accurate analysis.

Re:Siri sucks! Stop making it better! (1)

Urza9814 (883915) | about a year ago | (#43499401)

Well...it's a voice recording, so it's still somewhat identifiable even if they don't store any further information with it...

Re:Siri sucks! Stop making it better! (1)

kermidge (2221646) | about a year ago | (#43500979)

Yeah, and it's a lot easier to change your IP than your voice....

even if they eventually remove all personally-identifying info from a query, getting a voice match on all your searches will last as long as they keep them.

Google keeps voice searches for 2 years also... (1)

mtb_ogre (698802) | about a year ago | (#43498287)

It's becoming exceedingly difficult to keep your search history private. All the major search companies keep it, Apple keeps Siri searches, etc. DuckDuckGo I believe keeps things as anonymous as you can get. There are also some hacks you can do if you are careful, privacy mode/ incognito is a start, but even then it's easy to tip your hand. If you are truly doing something crazy, use a bootable USB and do your searches from a random public wifi hotspot.

Re:Google keeps voice searches for 2 years also... (2)

tftp (111690) | about a year ago | (#43498309)

StartPage [startpage.com]

Re:Google keeps voice searches for 2 years also... (1)

Dishevel (1105119) | about a year ago | (#43498943)

Your ISP will rat you out.

Re:Google keeps voice searches for 2 years also... (1)

tftp (111690) | about a year ago | (#43499037)

Your ISP will rat you out.

Pray tell how, unless the ISP is capable of a MITM attack on an SSL connection.

Re:Google keeps voice searches for 2 years also... (0)

Anonymous Coward | about a year ago | (#43499615)

Your guilty just because you used startpage.

Re:Google keeps voice searches for 2 years also... (1)

tftp (111690) | about a year ago | (#43499697)

Your guilty just because you used startpage.

You could say that about using Tor or FreeNet. However search engines are a commodity, and anyone can use StartPage without a complicated setup; it's just a Web site. It's even in the list of search engines that IE asks you to select from, right out of the box. Install fresh Windows, select the search engine, and you are done. If that is suspicious, you are in a good company.

Re:Google keeps voice searches for 2 years also... (2)

cffrost (885375) | about a year ago | (#43499009)

StartPage [startpage.com]

(Also known as Ixquick [ixquick.com] ) is good, as is DuckDuckGo [duckduckgo.com] , for those who value privacy.

Rotten to the core. (1, Insightful)

tuppe666 (904118) | about a year ago | (#43498317)

I am getting tired of Apples continuing Privacy abused, first they sell their customers to the highest bidder now this.

Even Siri was ruined with advertising http://www.inquisitr.com/256025/steve-wozniak-says-apple-ruined-siri-technology-after-acquisition/ [inquisitr.com] "Steve says he initially loved Siri because it could accurately answer questions such as “What are the five largest lakes in California?” and “What are the prime numbers greater than 87?” . To which Wozniak replied, “It’s incredible. It’s like it understands ‘greater than.’”

Wozniak also notes that his former question about California Lakes now brings up lakefront properties while his question about prime numbers now displays information about prime ribs."

There EULA's have got so abuse they are subject to ridicule by South Park http://en.wikipedia.org/wiki/HumancentiPad [wikipedia.org] in HumancentiPad

Three words "Don't be Evil"

Re:Rotten to the core. (1)

Megahard (1053072) | about a year ago | (#43498423)

Wolfram Alpha answers both questions accurately. I don't know why anyone would prefer Siri over other tools for answering encyclopedic questions.

Re:Rotten to the core. (4, Informative)

Megahard (1053072) | about a year ago | (#43498447)

I just tried it with Siri and it also punts to Wolfram Alpha so the answers are identical. There's no lakefront properties.

Re:Rotten to the core. (0)

Anonymous Coward | about a year ago | (#43500361)

The Siri story in the link was from June 2012. You do know software can be improved. Or do you think Steve Woz was lying.

Re:Rotten to the core. (2)

Kozar_The_Malignant (738483) | about a year ago | (#43498427)

I just tried both of those and was given correct answers with no ads. The prime number question gave results from Wolfram Alpha.

Re:Rotten to the core. (-1)

node 3 (115640) | about a year ago | (#43499485)

He's a troll. He's already had this lie laid bare before, but he still spews it (and it's not even relevant to the story!) anyway.

But since it's negative about Apple, +1 Insightful!

Re:Rotten to the core. (2, Insightful)

Nidi62 (1525137) | about a year ago | (#43498489)

question about prime numbers now displays information about prime ribs."

In Siri's defense, prime rib is pretty damn awesome

Re:Rotten to the core. (-1)

Anonymous Coward | about a year ago | (#43498783)

Clearly you are just an Apple(sauce) fanboy!

Re:Rotten to the core. (1)

Dishevel (1105119) | about a year ago | (#43498965)

Horseradish is what you put on Prime rib. Not Apple(sauce).

Re:Rotten to the core. (0)

sosume (680416) | about a year ago | (#43498653)

At least they provide a longer data retention than guarantee on their products.

Re:Rotten to the core. (2)

Anubis IV (1279820) | about a year ago | (#43498657)

I am getting tired of Apples continuing Privacy abused, first they sell their customers to the highest bidder now this.

Honest question: when did Apple sell anything related to their customers to the highest bidder? I can't find any information about anything along those lines, yet I've seen you repeat it at least twice in here.

Re:Rotten to the core. (1)

tftp (111690) | about a year ago | (#43498807)

Honest question: when did Apple sell anything related to their customers to the highest bidder? I can't find any information about anything along those lines

As if you would normally find information about such transactions plastered all over the town? As if you'd normally find any business contract between corporations published for everyone to see?

These deals are signed in boardrooms, by VPs and above, and they stay among that crowd. Even if an IT worker at some point sets up a link between databases, or sends tapes over, he does not necessarily know what those databases contain. Even if he knows that "some data" is sent to "strategic partners," what can he do about that?

Re:Rotten to the core. (2)

noh8rz10 (2716597) | about a year ago | (#43499019)

the fact that there is no proof of transactions must be EVIDENCE that such transactions are occuring behind closed doors! Quick, someone fetch my my tinfoil hat!

Re:Rotten to the core. (0)

Anonymous Coward | about a year ago | (#43499031)

Need more than hearsay evidence for such a claim. Not denying it's possible, but you provide nothing but your opinion and hypothesis.

Apple sells it users to Google/Yahoo/Microsoft!? (1)

tuppe666 (904118) | about a year ago | (#43499129)

"Could A Yahoo-Apple Deal Spell Trouble For Google?" http://www.webpronews.com/iphones-and-ipads-could-soon-get-a-big-dose-of-yahoo-2013-04 [webpronews.com] its a great article, about Yahoo! (Who share there data with Microsoft) and Apple, but from the Article...although its common news "An analyst at Macquarie Capital estimated that Google was making $1.3 billion annually in paid search revenue from iOS devices. Macquarie speculated that Google returned about $1 billion of that to Apple as part of the agreement that made Google the default search engine on the Safari browser.Another financial analyst has come up with a similar annual estimate of the value of Google’s default iOS search deal with Apple: $1 billion. Morgan Stanley’s Scott Devitt is responsible for the new estimateDevitt disagreed with Macquarie, arguing that the structure of the relationship is probably not a “revenue sharing” deal but instead a straight fee-per-device payment from Google to Apple. Devitt believes that Google pays Apple roughly $3.20 per iOS device, which would avoid the accounting issues arising from a revenue sharing agreement."

Re:Rotten to the core. (1)

node 3 (115640) | about a year ago | (#43499495)

In other words, it's just entirely made up. Thanks for the clarification.

Re:Rotten to the core. (0)

Anonymous Coward | about a year ago | (#43498903)

Three words "Don't be Evil"

From one of Slashdot's biggest Google fanboys Tuppe666

Hint: Google's voice search also stores it for 2 years. How long do they keep your search history for? Not only that, but Apple isn't using any of the info to target ads.

You are tiring.

Re:Rotten to the core. (0)

node 3 (115640) | about a year ago | (#43499473)

I am getting tired of Apples continuing Privacy abused, first they sell their customers to the highest bidder now this.

Bullshit. You've been past "getting tired of Apple" for ages. This is just the "reason du jour" for you to spew your hatred.

Re:Rotten to the core. (1)

R3d M3rcury (871886) | about a year ago | (#43499933)

Actually, my favorite Siri-choke is sunrise/sunset.

Ask Siri "What time is sunset?" and Siri will tell you. Ask Siri "What time was sunrise?" and Siri will say something to the effect that it can't tell you the weather in the past. Ask Siri "What time will sunset be next Tuesday?" and it will say something to the effect that it doesn't know how to get the weather that far ahead.

Huh? What does sunset have to do with weather? Well, Siri gets sunrise/sunset information from the same place as the weather. Sort of an "almanac" section.

The sad part? If you say "Wolfram, what time was sunset?" it will go search Wolfram-Alpha and tell you sunrise/sunset information for anywhere in the world on any date that you like.

Sample data... (4, Interesting)

sl3xd (111641) | about a year ago | (#43498457)

Everyone I've ever spoken to or read about in the field of voice recognition tells me that having samples of people's voices is critical to improving it... and getting those samples (mainly the raw quantity of samples) is the biggest problem they face.

So it doesn’t surprise me at all that anyone keeps a massive archive of samples... the sample data can be critical in improving voice recognition.

As an aside: Google Voice's voice mail feature does more or less the same thing... and the reasoning is the same also: More sample data means better voice recognition.

I can't help but shake my head at the comparison:

Google samples user voices, reads (and transcribes) voice mail, reads your email, your stock information and then feeds it into their advertising engine, and does this for four years and counting; reaction: Meh...

Apple samples voices, anonymizes it, uses it it improve voice recognition over a period of two years; reaction: EVIL! APPLE MUST DIE!

Re:Sample data... (0)

Anonymous Coward | about a year ago | (#43498533)

Apple samples voices, anonymizes it, uses it it improve voice recognition over a period of two years; reaction: EVIL! APPLE MUST DIE!

...

Please explain how, precisely, Apple manages to "anonymize" a particular vocal pattern, without destroying the audio quality?

Re:Sample data... (1, Troll)

cffrost (885375) | about a year ago | (#43499427)

Apple samples voices, anonymizes it, uses it it improve voice recognition over a period of two years; reaction: EVIL! APPLE MUST DIE!

Please explain how, precisely, Apple manages to "anonymize" a particular vocal pattern, without destroying the audio quality?

It just works. Still not convinced? Think different.

Re:Sample data... (1, Interesting)

VortexCortex (1117377) | about a year ago | (#43499137)

Anonymized voice sample you say? "Voice Print Identified" I say. Hell, I create my own image and speach recognition software from scratch, and I don't need all those fucking samples. I just need to run the samples through my algorithms at most twice -- Once, then again to test if the changes were beneficial or not. If I have a constant stream of users (new samples), and I'm smart -- read: Not fucking daft -- then I can just run the samples through once, and let the users of the system rate the samples in order to rate the sub-systems' efficiency and promote or demote the changes, meanwhile saving a fortune on voice data storage costs. (I use genetic algorithms, so the +1 ratings lead to more "breeding" advantage when spawning the next generation -- no need for data samples, just continued use.)

Now, I suppose the longer I keep that data the more tests I can run, but think about it really: Which human is going to verify if the algorithm is producing a better match for tons of fucking voice data? No. That's fucking dumb -- That's not what happens to improve the system. That means paying tons of people to listen to the service and re-rate the output after changes have occurred. To improve the system you can collect a SMALL representative sample of those voice recordings to use as a test data set. You have a human transcriber convert those select recordings into actual text. Then you use them as the dataset -- AND YOU CAN KEEP ONLY THOSE on file. It could be totally opt in thing "[_] Improve Siri by Saving Your Search". There's no reason to keep the entire fucking database of voice recordings. That's assinine, it's not helping anyone, except maybe the feds, and the data storage requriements are stupidly taxing for no other really beneficial reason.

If you compare two voice samples you can damn well verify they came from the same person or not. It's called Voiceprinting -- Like Fingerprinting. And as the "anonymized" AOL search data debacle proved: You can't really anonymize search data. [wikipedia.org]

Re:Sample data... (3, Interesting)

sl3xd (111641) | about a year ago | (#43499433)

Voice prints are a real thing, of course; my point isn't that it's not possible to identify people from a voice sample.

My point is that Apple doesn't make its money by selling you, me, and everyone else to the highest bidder, nor does its business have any real advantage in profiling us. Apple's business isn't advertising, it's selling hardware. (The flop that is iAd notwithstanding)

Google, on the other hand, is entirely different: Their entire revenue stream is from collecting our personal information, categorizing and analyzing it, and then selling or otherwise making that data useful to its actual customers, ie. its advertisers.

Hell, I create my own image and speach recognition software from scratch, and I don't need all those fucking samples. I just need to run the samples through my algorithms at most twice -- Once, then again to test if the changes were beneficial or not

If you honestly believe that, then you've never spent even a minute actually learning the basics of speech recognition, let alone the level of complexity involved in modern algorithms. Signal processing isn't like database programming, where you get a nice result that fits into a box, and can easily reduce unwanted side effects.

Also keep in mind, there's a difference between "automatic speech recognition" - where whole sentences are parsed and understood (such as used with Siri or Google , versus "discrete speech recognition" where very limited actions are understood (like older cell phones when you spoke "dial ").

The problem is that while you might have improved the recognition for one specific sample, you've now made it considerably worse for another... so you have to build up a massive library of samples to do regression testing. One of the biggest challenges in speech recognition over the years is the utter lack of sample data for a wide populace, coupled with computers that are unable to hold enough samples in memory to do any meaningful comparisons.

We've only recently started to see speech recognition of that calibre, and even then, it's accomplished by sending a recording off to a datacenter so fraking huge that it'd easily sit at the top of the TOP500 supercomputer list if their owners bothered to run linpack on it. It's no coincidence that it's also only been in the past couple of years speech recognition has become anything more than a lame joke.

Re:Sample data... (0, Insightful)

Anonymous Coward | about a year ago | (#43499841)

Google is free. And in return you give up your privacy.

Apple is NOT free. And in return you give up a large chunk of money AND your privacy.

One of these is a really shitty deal.

Re:Sample data... (2)

jonwil (467024) | about a year ago | (#43500613)

The issue isn't that they retain the voice samples, its that they store user information for 6 months when they dont need to store user information for longer than it takes to complete the query and return the results.

Siri's innactuarcies (0)

Anonymous Coward | about a year ago | (#43498785)

So not only does she put the wrong things and is entirely useless, she remembers all the times she is wrong

Is this a compliance issue? (1)

Anubis IV (1279820) | about a year ago | (#43498791)

In reference to an earlier question about Google's data retention policies, one of the comments [slashdot.org] provided a great link to a 2007 Google blog post [blogspot.co.uk] that describes why Google holds onto their data for 18 months before they anonymize it. One of the interesting things that was said was:

However, we must point out that future data retention laws may obligate us to raise the retention period to 24 months.

Given that the blog post was written back in 2007, isn't it now possible that 24 months is simply the earliest that a company like Apple is allowed to delete the query, given the various data retention regulations that are in place around the world? That they disassociate it after 6 months still puts them ahead of Google's 18 months, though voice data is significantly less anonymous than the text of a query, generally speaking, so that they keep it at all is not something I like the idea of.

Regression testing (1)

Bogtha (906264) | about a year ago | (#43498837)

If I were in charge of Siri, I'd do the same thing. That kind of real-world data is vital for regression testing. If you don't have a strong corpus of sample data, when you make changes to the code, you've got no idea if what you are doing is improving the situation for some cases, while damaging them for others. You would see people complaining about things like "Well Siri used to work for X query but now it doesn't". When you have this data, you can update the code, run the test suite, and see if it fails a large number of existing cases.

If Apple do anything to mitigate this, it will probably be some form of opt-out, but they are unlikely to make it the default, because I would imagine that building a corpus of representative speech from a thousand different accents talking about tens of thousands of different subjects is nigh on impossible otherwise, especially as jargon comes and goes so quickly these days.

Re:Regression testing (0)

Anonymous Coward | about a year ago | (#43498885)

+1

Re:Regression testing (1)

VortexCortex (1117377) | about a year ago | (#43499209)

That kind of real-world data is vital for regression testing. If you don't have a strong corpus of sample data, when you make changes to the code, you've got no idea if what you are doing is improving the situation for some cases, while damaging them for others

Aaaand, unless you run ALL those data samples back through the system in front of a HUMAN, then you STILL have "no idea if what you are doing is improving the situation" at all. So, the point still stands: Keeping a sampling of the data is acceptable. Keeping the lot of it isn't helping anyone you actually want to help -- Least of all the developers. Hell, they could improve the service immensely by simply dropping the data storage requirments!

The reason they keep this data is not to improve the fucking system. It's likely in order to comply with government demands. Don't kid yourself.

Re:Regression testing (2)

Bogtha (906264) | about a year ago | (#43499829)

Aaaand, unless you run ALL those data samples back through the system in front of a HUMAN, then you STILL have "no idea if what you are doing is improving the situation" at all.

Yes, you do. Have you ever used Siri? There are several places where you can reliably determine that recognition was successful, due to manual confirmation or subsequent actions. For instance, if I ask Siri to remind me to do something at 9 o'clock, it might ask me if I mean 9am or 9pm. Anybody who answers either way instead of cancelling is confirming that the initial recognition of it being a request for a reminder at 9 is correct, which can be recorded as a positive result without human intervention by Apple.

Apple can store this information for thousands of accents, and when they make changes to Siri's code, they can run them against these samples to confirm that they aren't, say, inadvertently breaking reminders for people with Brummie accents when they are trying to improve reminders for people with New York accents.

Re:Regression testing (1)

mysidia (191772) | about a year ago | (#43500751)

If I were in charge of Siri, I'd do the same thing.

And I suppose, if you were writing a web browser, it would upload screenshots of sites visited, to help your team ensure proper rendering?

I think the point is not that the recordings are useful (or not), but that it is invasive to record voices talking to Siri.

And especially since it is not well advertised -- the argument can easily be made that not everyone has necessarily given their consent (especially, if, for example, a friend uses your phone, and puts some searches to Siri, without acknowledging or agreeing to any Apple terms).

Apple should safeguard privacy by (1) limiting the number of samples taken to a small percentage, e.g. 1% of searches to Siri.

(2) Anonymizing the data immediately, not retaining a random number -- that way the recording could not be used against the user - no link at all to the device or user.

(3) Review all samples, and have a technician immediately delete/expunge any sample containing any hint of private or personal information, before reviewing the entire sample.

(4) Provide an assurance of security and safeguarding of the data.

Don't like it? Don't use it. (1, Insightful)

whargoul (932206) | about a year ago | (#43498845)

Don't like it? Don't use it.

Speech recognition that works (1)

oergiR (992541) | about a year ago | (#43499177)

A "high justification"? How about speech recognition that actually works?

Training speech recognisers requires data. The biggest reason why speech recognition has improved in the recent years: lots of data.

Speech recognition in the cloud has given companies like Apple and Google a reason/excuse to gather masses of training data. They have put it to good use: speech recognition is much better than it was. If you like speech recognition, use it, meanwhile donating your data and helping the rest of us. If you don't, don't use it. As long as users are aware of this, I don't really see the problem.

Poetic (2)

froth-bite (2777385) | about a year ago | (#43499327)

somewhere in a data warehouse with only a few humans, there are millions of disassociated voices crying out to be heard. "But it keeps these disassociated files for up to 18 more months for testing and product improvement purposes."

Why save it? (0)

Anonymous Coward | about a year ago | (#43499581)

Why does apple need to save siri data at all beyond processing time?
The concern with siri vs search engine queries is that siri is being used to enter and queries personal data. Possibilities is balances of accounts, passwords, contract or business deals, anything you do on an ipad or iphone - its not just "search for clowns" etc.
A random number is only a random number - it still is linked to your phone somewhere or the service would work. Your phone is linked to your account, so the data IS linked direct to your personal account! Its irrelevant if they store a random number with it, when that random number is linked to you anyway!
Apple can still track everything about its users, including their search queries, plans, business data and anything else they type or say into the ispy products.
Apple have an appalling record for privacy, as seen in the past with the itune debacle, gps tracking data, and now personal searches, queries, data, and other ,what should be, secure data etc
Google at least gives the option to turn off the tracking and are open about the information they have on you!

Re:Why save it? (0)

Anonymous Coward | about a year ago | (#43500543)

Why does apple need to save siri data at all beyond processing time?

Two reasons, one good, one bad. Engineers use it to improve the quality of the product. The more real data they get, the less they have to rely on speculative data. They become aware of the ways customers use the product that they didn't anticipate and change the service to improve. Marketers also use this data. I wouldn't be surprised if Apple were selling the same data to advertisers that the engineers use to upgrade the products they make. 2 birds, one stone. They wouldn't even need it to associate to user's data; the number of particular requests, the vernacular used, the time of day, the location, all could be useful to marketers without having to know which person did what. That would be worth more money, of course, but not necessary to make metric shitloads of money while not compromising privacy, which can sometimes cost metric shitloads of money.

A random number is only a random number - it still is linked to your phone somewhere or the service would work.

You made that up. You don't have any evidence that the random number is linked to your phone. Cynically, yes it's likely. But if the Apple ID or email address is associated to the random number and the random number is disassociated from the voice files, then so do the Apple ID or email address. That's basic algebra. Look...

Its irrelevant if they store a random number with it, when that random number is linked to you anyway!

In fact you missed the part of TFS where it says, "Once the voice recording is six months old, Apple “disassociates” your user number from the clip, deleting the number from the voice file." Bye bye association between you and the data they say is for testing.

Google at least gives the option to turn off the tracking and are open about the information they have on you!

Option to turn off tracking? Don't use Siri. Open about the information? Are you high? The first 2 lines of TFS: "...Apple has provided information on how long it holds onto voice search data used by its digital assistant software Siri. Speaking to Wired, an Apple representative said the data is kept for two years after the initial query." Yeah when I need to hide some really super big ultra private computer security secret I tell Wired just to be safe. Fucking douche. I don't even like Apple but you made me defend them because you're so fucking dumb.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>