Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Recovering Data From Broken Hard Drives and SSDs (Video)

Roblimo posted about a year ago | from the after-the-sledgehammer-falls dept.

Security 173

Russell Chozick owns a small company in Austin. TX, called Flashback Data that recovers data from messed-up hard drives. And SSDs and Flash memory, too. How badly damaged does a drive have to be to defeat Russell and his crew? Apparently, smashed to bits. Not long aqo we did a video about a company that destroys data on hard drives, and we've had at least one Ask Slashdot where the question was, "What's the Best Way To Destroy Hard Drives?" In today's video, Russell is talking about the opposite of destruction -- except that he destroys data upon request, too. Obviously, checking the wrong box on a customer order form could cause big problems at Flashback Data, couldn't it? Let's hope they never do that -- and let's hope we all back up all of our data so we never need to use a data recovery service. You do back up all your data, don't you?

cancel ×

173 comments

Sorry! There are no comments related to the filter you selected.

Slashdot engages in criminal fraud... apk (-1)

Anonymous Coward | about a year ago | (#43548189)

A corrupt slashdot luser has pentrated the moderation system to downmod all my posts while impersonating me.

Nearly 230++ times that I know of @ this point for all of March/April 2013 so far, & others here have told you to stop - take the hint, lunatic (leave slashdot)...

Sorry folks - but whoever the nutjob is that's attempting to impersonate me, & upset the rest of you as well, has SERIOUS mental issues, no questions asked! I must've gotten the better of him + seriously "gotten his goat" in doing so in a technical debate & his "geek angst" @ losing to me has him doing the:

---

A.) $10,000 challenges, ala (where the imposter actually TRACKED + LISTED the # of times he's done this no less, & where I get the 230 or so times I noted above) -> http://it.slashdot.org/comments.pl?sid=3585795&cid=43285307 [slashdot.org]

&/or

B.) Reposting OLD + possibly altered models - (this I haven't checked on as to altering the veracity of the info. being changed) of posts of mine from the past here

---

(Albeit massively repeatedly thru all threads on /. this March/April 2013 nearly in its entirety thusfar).

* Personally, I'm surprised the moderation staff here hasn't just "blocked out" his network range yet honestly!

(They know it's NOT the same as my own as well, especially after THIS post of mine, which they CAN see the IP range I am coming out of to compare with the ac spamming troll doing the above...).

APK

P.S.=> Again/Stressing it: NO guys - it is NOT me doing it, as I wouldn't waste that much time on such trivial b.s. like a kid might...

Plus, I only post where hosts file usage is on topic or appropriate for a solution & certainly NOT IN EVERY POST ON SLASHDOT (like the nutcase trying to "impersonate me" is doing for nearly all of March/April now, & 230++ times that I know of @ least)... apk

P.S.=> here is CORRECT host file information just to piss off the insane lunatic troll:

--

21++ ADVANTAGES OF CUSTOM HOSTS FILES (how/what/when/where/why):

Over AdBlock & DNS Servers ALONE 4 Security, Speed, Reliability, & Anonymity (to an extent vs. DNSBL's + DNS request logs).

1.) HOSTS files are useable for all these purposes because they are present on all Operating Systems that have a BSD based IP stack (even ANDROID) and do adblocking for ANY webbrowser, email program, etc. (any webbound program). A truly "multi-platform" UNIVERSAL solution for added speed, security, reliability, & even anonymity to an extent (vs. DNS request logs + DNSBL's you feel are unjust hosts get you past/around).

2.) Adblock blocks ads? Well, not anymore & certainly not as well by default, apparently, lol - see below:

Adblock Plus To Offer 'Acceptable Ads' Option

http://news.slashdot.org/story/11/12/12/2213233/adblock-plus-to-offer-acceptable-ads-option [slashdot.org] )

AND, in only browsers & their subprogram families (ala email like Thunderbird for FireFox/Mozilla products (use same gecko & xulrunner engines)), but not all, or, all independent email clients, like Outlook, Outlook Express, OR Window "LIVE" mail (for example(s)) - there's many more like EUDORA & others I've used over time that AdBlock just DOES NOT COVER... period.

Disclaimer: Opera now also has an AdBlock addon (now that Opera has addons above widgets), but I am not certain the same people make it as they do for FF or Chrome etc..

3.) Adblock doesn't protect email programs external to FF (non-mozilla/gecko engine based) family based wares, So AdBlock doesn't protect email programs like Outlook, Outlook Express, Windows "LIVE" mail & others like them (EUDORA etc./et al), Hosts files do. THIS IS GOOD VS. SPAM MAIL or MAILS THAT BEAR MALICIOUS SCRIPT, or, THAT POINT TO MALICIOUS SCRIPT VIA URLS etc.

4.) Adblock won't get you to your favorite sites if a DNS server goes down or is DNS-poisoned, hosts will (this leads to points 5-7 next below).

5.) Adblock doesn't allow you to hardcode in your favorite websites into it so you don't make DNS server calls and so you can avoid tracking by DNS request logs, OR make you reach them faster since you resolve host-domain names LOCALLY w/ hosts out of cached memory, hosts do ALL of those things (DNS servers are also being abused by the Chinese lately and by the Kaminsky flaw -> http://www.networkworld.com/news/2008/082908-kaminsky-flaw-prompts-dns-server.html [networkworld.com] for years now). Hosts protect against those problems via hardcodes of your fav sites (you should verify against the TLD that does nothing but cache IPAddress-to-domainname/hostname resolutions (in-addr.arpa) via NSLOOKUP, PINGS (ping -a in Windows), &/or WHOIS though, regularly, so you have the correct IP & it's current)).

* NOW - Some folks MAY think that putting an IP address alone into your browser's address bar will be enough, so why bother with HOSTS, right? WRONG - Putting IP address in your browser won't always work IS WHY. Some IP adresses host several domains & need the site name to give you the right page you're after is why. So for some sites only the HOSTS file option will work!

6.) Hosts files don't eat up CPU cycles (or ELECTRICITY) like AdBlock does while it parses a webpages' content, nor as much as a DNS server does while it runs. HOSTS file are merely a FILTER for the kernel mode/PnP TCP/IP subsystem, which runs FAR FASTER & MORE EFFICIENTLY than any ring 3/rpl3/usermode app can since hosts files run in MORE EFFICIENT & FASTER Ring 0/RPL 0/Kernelmode operations acting merely as a filter for the IP stack (via the "Plug-N-Play" designed IP stack in Windows) vs. SLOWER & LESS EFFICIENT Ring 3/RPL 3/Usermode operations (which webbrowsers run in + their addons like AdBlock slow down even MORESO due to their parsing operations).

7.) HOSTS files will allow you to get to sites you like, via hardcoding your favs into a HOSTS file, FAR faster than remote DNS servers can by FAR (by saving the roundtrip inquiry time to a DNS server, typically 30-100's of ms, vs. 7-10ms HardDisk speed of access/seek + SSD seek in ns, & back to you - hosts resolutions of IP address for host-domain names is FAR faster...). Hosts are only a filter for an already fast & efficient IP stack, no more layered b.s. (remote OR local). Hosts eat less CPU, RAM, I/O in other forms, + electricity than a locally running DNS server easily, and less than a local DNS program on a single PC. Fact. Hosts are easier to setup & maintain too.

8.) AdBlock doesn't let you block out known bad sites or servers that are known to be maliciously scripted, hosts can and many reputable lists for this exist:

GOOD INFORMATION ON MALWARE BEHAVIOR LISTING BOTNET C&C SERVERS + MORE (AS WELL AS REMOVAL LISTS FOR HOSTS):

http://www.mvps.org/winhelp2002/hosts.htm [mvps.org]
  http://someonewhocares.org/hosts/ [someonewhocares.org]
  http://hostsfile.org/hosts.html [hostsfile.org]
  http://hostsfile.mine.nu/downloads/ [hostsfile.mine.nu]
  http://hosts-file.net/?s=Download [hosts-file.net]
  https://zeustracker.abuse.ch/monitor.php?filter=online [abuse.ch]
  https://spyeyetracker.abuse.ch/monitor.php [abuse.ch]
  http://ddanchev.blogspot.com/ [blogspot.com]
  http://www.malware.com.br/lists.shtml [malware.com.br]
  http://www.stopbadware.org/ [stopbadware.org]
Spybot "Search & Destroy" IMMUNIZE feature (fortifies HOSTS files with KNOWN bad servers blocked)

And yes: Even SLASHDOT &/or The Register help!

(Via articles on security (when the source articles they use are "detailed" that is, & list the servers/sites involved in attempting to bushwhack others online that is... not ALL do!)).

2 examples thereof in the past I have used, & noted it there, are/were:

http://it.slashdot.org/comments.pl?sid=1898692&cid=34473398 [slashdot.org]
  http://it.slashdot.org/comments.pl?sid=1896216&cid=34458500 [slashdot.org]

9.) AdBlock & DNS servers are programs, and subject to bugs programs can get. Hosts files are merely a filter and not a program, thus not subject to bugs of the nature just discussed.

10.) HOSTS files protect you vs. DNS-poisoning &/or the Kaminsky flaw in DNS servers, and allow you to get to sites reliably vs. things like the Chinese are doing to DNS -> http://yro.slashdot.org/story/10/11/29/1755230/Chinese-DNS-Tampering-a-Real-Threat-To-Outsiders [slashdot.org]

11.) HOSTS files are EASILY user controlled, obtained (for reliable ones -> http://www.mvps.org/winhelp2002/hosts.htm [mvps.org] ) & edited too, via texteditors like Windows notepad.exe or Linux nano (etc.)

12.) With Adblock you had better be able to code javascript to play with its code (to customize it better than the GUI front does @ least). With hosts you don't even need source to control it (edit, update, delete, insert of new entries via a text editor).

13.) Hosts files are easily secured via using MAC/ACL (even moreso "automagically" for Vista, 7/Server 2008 + beyond by UAC by default) &/or Read-Only attributes applied.

14.) Custom HOSTS files also speed you up, unlike anonymous proxy servers systems variations (like TOR, or other "highly anonymous" proxy server list servers typically do, in the severe speed hit they often have a cost in) either via "hardcoding" your fav. sites into your hosts file (avoids DNS servers, totally) OR blocking out adbanners - see this below for evidence of that:

---

US Military Blocks Websites To Free Up Bandwidth:

http://yro.slashdot.org/story/11/03/16/0416238/US-Military-Blocks-Websites-To-Free-Up-Bandwidth [slashdot.org]

(Yes, even the US Military used this type of technique... because IT WORKS! Most of what they blocked? Ad banners ala doubleclick etc.)

---

Adbanners slow you down & consume your bandwidth YOU pay for:

ADBANNERS SLOW DOWN THE WEB: -> http://tech.slashdot.org/article.pl?sid=09/11/30/166218 [slashdot.org]

---

And people do NOT LIKE ads on the web:

PEOPLE DISLIKE ADBANNERS: http://yro.slashdot.org/yro/08/04/02/0058247.shtml [slashdot.org]

---

As well as this:

Users Know Advertisers Watch Them, and Hate It:

http://yro.slashdot.org/yro/08/04/02/0058247.shtml [slashdot.org]

---

Even WORSE still, is this:

Advertising Network Caught History Stealing:

http://yro.slashdot.org/story/11/07/22/156225/Advertising-Network-Caught-History-Stealing [slashdot.org]

---

15.) HOSTS files usage lets you avoid being charged on some ISP/BSP's (OR phone providers) "pay as you use" policy http://yro.slashdot.org/story/10/12/08/2012243/FCC-Approving-Pay-As-You-Go-Internet-Plans [slashdot.org] , because you are using less bandwidth (& go faster doing so no less) by NOT hauling in adbanner content and processing it (which can lead to infestation by malware/malicious script, in & of itself -> http://apcmag.com/microsoft_apologises_for_serving_malware.htm [apcmag.com] ).

16.) If/when ISP/BSP's decide to go to -> FCC Approving Pay-As-You-Go Internet Plans: http://yro.slashdot.org/story/10/12/08/2012243/FCC-Approving-Pay-As-You-Go-Internet-Plans [slashdot.org] your internet bill will go DOWN if you use a HOSTS file for blocking adbanners as well as maliciously scripted hacker/cracker malware maker sites too (after all - it's your money & time online downloading adbanner content & processing it)

Plus, your adbanner content? Well, it may also be hijacked with malicious code too mind you:

---

Yahoo, Microsoft's Bing display toxic ads:

http://www.theregister.co.uk/2011/09/16/bing_yahoo_malware_ads/ [theregister.co.uk]

---

Malware torrent delivered over Google, Yahoo! ad services:

http://www.theregister.co.uk/2009/09/24/malware_ads_google_yahoo/ [theregister.co.uk]

---

Google's DoubleClick spreads malicious ads (again):

http://www.theregister.co.uk/2009/02/24/doubleclick_distributes_malware/ [theregister.co.uk]

---

Rogue ads infiltrate Expedia and Rhapsody:

http://www.theregister.co.uk/2008/01/30/excite_and_rhapsody_rogue_ads/ [theregister.co.uk]

---

Google sponsored links caught punting malware:

http://www.theregister.co.uk/2008/12/16/google_sponsored_links/ [theregister.co.uk]

---

DoubleClick caught supplying malware-tainted ads:

http://www.theregister.co.uk/2007/11/13/doubleclick_distributes_malware/ [theregister.co.uk]

---

Yahoo feeds Trojan-laced ads to MySpace and PhotoBucket users:

http://www.theregister.co.uk/2007/09/11/yahoo_serves_12million_malware_ads/ [theregister.co.uk]

---

Real Media attacks real people via RealPlayer:

http://www.theregister.co.uk/2007/10/23/real_media_serves_malware/ [theregister.co.uk]

---

Ad networks owned by Google, Microsoft serve malware:

http://www.theregister.co.uk/2010/12/13/doubleclick_msn_malware_attacks/ [theregister.co.uk]

---

Attacks Targeting Classified Ad Sites Surge:

http://it.slashdot.org/story/11/02/02/1433210/Attacks-Targeting-Classified-Ad-Sites-Surge [slashdot.org]

---

Hackers Respond To Help Wanted Ads With Malware:

http://it.slashdot.org/story/11/01/20/0228258/Hackers-Respond-To-Help-Wanted-Ads-With-Malware [slashdot.org]

---

Hackers Use Banner Ads on Major Sites to Hijack Your PC:

http://www.wired.com/techbiz/media/news/2007/11/doubleclick [wired.com]

---

Ruskie gang hijacks Microsoft network to push penis pills:

http://www.theregister.co.uk/2010/10/12/microsoft_ips_hijacked/ [theregister.co.uk]

---

Major ISPs Injecting Ads, Vulnerabilities Into Web:

http://it.slashdot.org/it/08/04/19/2148215.shtml [slashdot.org]

---

Two Major Ad Networks Found Serving Malware:

http://tech.slashdot.org/story/10/12/13/0128249/Two-Major-Ad-Networks-Found-Serving-Malware [slashdot.org]

---

THE NEXT AD YOU CLICK MAY BE A VIRUS:

http://it.slashdot.org/story/09/06/15/2056219/The-Next-Ad-You-Click-May-Be-a-Virus [slashdot.org]

---

NY TIMES INFECTED WITH MALWARE ADBANNER:

http://news.slashdot.org/article.pl?sid=09/09/13/2346229 [slashdot.org]

---

MICROSOFT HIT BY MALWARES IN ADBANNERS:

http://apcmag.com/microsoft_apologises_for_serving_malware.htm [apcmag.com]

---

ISP's INJECTING ADS AND ERRORS INTO THE WEB: -> http://it.slashdot.org/it/08/04/19/2148215.shtml [slashdot.org]

---

ADOBE FLASH ADS INJECTING MALWARE INTO THE NET: http://it.slashdot.org/article.pl?sid=08/08/20/0029220&from=rss [slashdot.org]

---

London Stock Exchange Web Site Serving Malware:

http://www.securityweek.com/london-stock-exchange-web-site-serving-malware [securityweek.com]

---

Spotify splattered with malware-tainted ads:

http://www.theregister.co.uk/2011/03/25/spotify_malvertisement_attack/ [theregister.co.uk]

---

As my list "multiple evidences thereof" as to adbanners & viruses + the fact they slow you down & cost you more (from reputable & reliable sources no less)).

17.) Per point #16, a way to save some money: ANDROID phones can also use the HOSTS FILE TO KEEP DOWN BILLABLE TIME ONLINE, vs. adbanners or malware such as this:

---

Infected Androids Run Up Big Texting Bills:

http://it.slashdot.org/story/11/03/01/0041203/Infected-Androids-Run-Up-Big-Texting-Bills [slashdot.org]

---

AND, for protection vs. other "botnets" migrating from the PC world, to "smartphones" such as ZITMO (a ZEUS botnet variant):

http://www.google.com/search?hl=en&source=hp&q=ZITMO&btnG=Google+Search [google.com]

---

It's easily done too, via the ADB dev. tool, & mounting ANDROID OS' system mountpoint for system/etc as READ + WRITE/ADMIN-ROOT PERMISSIONS, then copying your new custom HOSTS over the old one using ADB PULL/ADB PUSH to do so (otherwise ANDROID complains of "this file cannot be overwritten on production models of this Operating System", or something very along those lines - this way gets you around that annoyance along with you possibly having to clear some space there yourself if you packed it with things!).

18.) Bad news: ADBLOCK CAN BE DETECTED FOR: See here on that note -> http://arstechnica.com/business/news/2010/03/why-ad-blocking-is-devastating-to-the-sites-you-love.ars [arstechnica.com]

HOSTS files are NOT THAT EASILY "webbug" BLOCKABLE by websites, as was tried on users by ARSTECHNICA (and it worked on AdBlock in that manner), to that websites' users' dismay:

PERTINENT QUOTE/EXCERPT FROM ARSTECHNICA THEMSELVES:

----

An experiment gone wrong - By Ken Fisher | Last updated March 6, 2010 11:11 AM

http://arstechnica.com/business/news/2010/03/why-ad-blocking-is-devastating-to-the-sites-you-love.ars [arstechnica.com]

"Starting late Friday afternoon we conducted a 12 hour experiment to see if it would be possible to simply make content disappear for visitors who were using a very popular ad blocking tool. Technologically, it was a success in that it worked. Ad blockers, and only ad blockers, couldn't see our content."

and

"Our experiment is over, and we're glad we did it because it led to us learning that we needed to communicate our point of view every once in a while. Sure, some people told us we deserved to die in a fire. But that's the Internet!"

Thus, as you can see? Well - THAT all "went over like a lead balloon" with their users in other words, because Arstechnica was forced to change it back to the old way where ADBLOCK still could work to do its job (REDDIT however, has not, for example). However/Again - this is proof that HOSTS files can still do the job, blocking potentially malscripted ads (or ads in general because they slow you down) vs. adblockers like ADBLOCK!

----

19.) Even WIKILEAKS "favors" blacklists (because they work, and HOSTS can be a blacklist vs. known BAD sites/servers/domain-host names):

---

PERTINENT QUOTE/EXCERPT (from -> http://www.theregister.co.uk/2010/12/16/wikileaks_mirror_malware_warning_row/ [theregister.co.uk] )

"we are in favour of 'Blacklists', be it for mail servers or websites, they have to be compiled with care... Fortunately, more responsible blacklists, like stopbadware.org (which protects the Firefox browser)...

---

20.) AND, LASTLY? SINCE MALWARE GENERALLY HAS TO OPERATE ON WHAT YOU YOURSELF CAN DO (running as limited class/least privlege user, hopefully, OR even as ADMIN/ROOT/SUPERUSER)? HOSTS "LOCK IN" malware too, vs. communicating "back to mama" for orders (provided they have name servers + C&C botnet servers listed in them, blocked off in your HOSTS that is) - you might think they use a hardcoded IP, which IS possible, but generally they do not & RECYCLE domain/host names they own (such as has been seen with the RBN (Russian Business Network) lately though it was considered "dead", other malwares are using its domains/hostnames now, & this? This stops that cold, too - Bonus!)...

21.) Custom HOSTS files gain users back more "screen real estate" by blocking out banner ads... it's great on PC's for speed along with MORE of what I want to see/read (not ads), & efficiency too, but EVEN BETTER ON SMARTPHONES - by far. It matters MOST there imo @ least, in regards to extra screen real-estate.

Still - It's a GOOD idea to layer in the usage of BOTH browser addons for security like adblock ( http://adblockplus.org/en/ [adblockplus.org] ), IE 9's new TPL's ( http://ie.microsoft.com/testdrive/Browser/TrackingProtectionLists/ [microsoft.com] ), &/or NoScript ( http://noscript.net/ [noscript.net] especially this one, as it covers what HOSTS files can't in javascript which is the main deliverer of MOST attacks online & SECUNIA.COM can verify this for anyone really by looking @ the past few years of attacks nowadays), for the concept of "layered security"....

It's just that HOSTS files offer you a LOT MORE gains than Adblock ( http://adblockplus.org/en/ [adblockplus.org] ) does alone (as hosts do things adblock just plain cannot & on more programs, for more speed, security, and "stealth" to a degree even), and it corrects problems in DNS (as shown above via hardcodes of your favorite sites into your HOSTS file, and more (such as avoiding DNS request logs)).

ALSO - Some more notes on DNS servers & their problems, very recent + ongoing ones:

---

DNS flaw reanimates slain evil sites as ghost domains:

http://www.theregister.co.uk/2012/02/16/ghost_domains_dns_vuln/ [theregister.co.uk]

---

BIND vs. what the Chinese are doing to DNS lately? See here:

http://yro.slashdot.org/story/10/11/29/1755230/Chinese-DNS-Tampering-a-Real-Threat-To-Outsiders [slashdot.org]

---

SECUNIA HIT BY DNS REDIRECTION HACK THIS WEEK:

http://www.theregister.co.uk/2010/11/26/secunia_back_from_dns_hack/ [theregister.co.uk]

(Yes, even "security pros" are helpless vs. DNS problems in code bugs OR redirect DNS poisoning issues, & they can only try to "set the DNS record straight" & then, they still have to wait for corrected DNS info. to propogate across all subordinate DNS servers too - lagtime in which folks DO get "abused" in mind you!)

---

DNS vs. the "Kaminsky DNS flaw", here (and even MORE problems in DNS than just that):

http://www.scmagazineus.com/new-bind-9-dns-flaw-is-worse-than-kaminskys/article/140872/ [scmagazineus.com]

(Seems others are saying that some NEW "Bind9 flaw" is worse than the Kaminsky flaw ALONE, up there, mind you... probably corrected (hopefully), but it shows yet again, DNS hassles (DNS redirect/DNS poisoning) being exploited!)

---

Moxie Marlinspike's found others (0 hack) as well...

Nope... "layered security" truly IS the "way to go" - hacker/cracker types know it, & they do NOT want the rest of us knowing it too!...

(So until DNSSEC takes "widespread adoption"? HOSTS are your answer vs. such types of attack, because the 1st thing your system refers to, by default, IS your HOSTS file (over say, DNS server usage). There are decent DNS servers though, such as OpenDNS, ScrubIT, or even NORTON DNS (more on each specifically below), & because I cannot "cache the entire internet" in a HOSTS file? I opt to use those, because I have to (& OpenDNS has been noted to "fix immediately", per the Kaminsky flaw, in fact... just as a sort of reference to how WELL they are maintained really!)

---

DNS Hijacks Now Being Used to Serve Black Hole Exploit Kit:

https://threatpost.com/en_us/blogs/dns-hijacks-now-being-used-serve-black-hole-exploit-kit-121211 [threatpost.com]

---

DNS experts admit some of the underlying foundations of the DNS protocol are inherently weak:

http://it.slashdot.org/story/11/12/08/1353203/opendns-releases-dns-encryption-tool [slashdot.org]

---

Potential 0-Day Vulnerability For BIND 9:

http://it.slashdot.org/story/11/11/17/1429259/potential-0-day-vulnerability-for-bind-9 [slashdot.org]

---

Five DNS Threats You Should Protect Against:

http://www.securityweek.com/five-dns-threats-you-should-protect-against [securityweek.com]

---

DNS provider decked by DDoS dastards:

http://www.theregister.co.uk/2010/11/16/ddos_on_dns_firm/ [theregister.co.uk]

---

Ten Percent of DNS Servers Still Vulnerable: (so much for "conscientious patching", eh? Many DNS providers weren't patching when they had to!)

http://it.slashdot.org/it/05/08/04/1525235.shtml?tid=172&tid=95&tid=218 [slashdot.org]

---

DNS ROOT SERVERS ATTACKED:

http://it.slashdot.org/it/07/02/06/2238225.shtml [slashdot.org]

---

TimeWarner DNS Hijacking:

http://tech.slashdot.org/article.pl?sid=07/07/23/2140208 [slashdot.org]

---

DNS Re-Binding Attacks:

http://crypto.stanford.edu/dns/ [stanford.edu]

---

DNS Server Survey Reveals Mixed Security Picture:

http://it.slashdot.org/it/07/11/21/0315239.shtml [slashdot.org]

---

Halvar figured out super-secret DNS vulnerability:

http://www.zdnet.com/blog/security/has-halvar-figured-out-super-secret-dns-vulnerability/1520 [zdnet.com]

---

BIND Still Susceptible To DNS Cache Poisoning:

http://tech.slashdot.org/tech/08/08/09/123222.shtml [slashdot.org]

---

DNS Poisoning Hits One of China's Biggest ISPs:

http://it.slashdot.org/it/08/08/21/2343250.shtml [slashdot.org]

---

DDoS Attacks Via DNS Recursion:

http://it.slashdot.org/it/06/03/16/1658209.shtml [slashdot.org]

---

High Severity BIND DNS Vulnerability Advisory Issued:

http://tech.slashdot.org/story/11/02/23/156212/High-Severity-BIND-Vulnerability-Advisory-Issued [slashdot.org]

---

Photobucketâ(TM)s DNS records hijacked:

http://blogs.zdnet.com/security/?p=1285 [zdnet.com]

---

Protecting Browsers from DNS Rebinding Attacks:

http://crypto.stanford.edu/dns/ [stanford.edu]

---

DNS Problem Linked To DDoS Attacks Gets Worse:

http://tech.slashdot.org/story/09/11/15/1238210/DNS-Problem-Linked-To-DDoS-Attacks-Gets-Worse [slashdot.org]

---

HOWEVER - Some DNS servers are "really good stuff" vs. phishing, known bad sites/servers/hosts-domains that serve up malware-in-general & malicious scripting, botnet C&C servers, & more, such as:

Norton DNS -> http://nortondns.com/ [nortondns.com]
  ScrubIT DNS -> http://www.scrubit.com/ [scrubit.com]
  OpenDNS -> http://www.opendns.com/ [opendns.com]

(Norton DNS in particular, is exclusively for blocking out malware, for those of you that are security-conscious. ScrubIT filters pr0n material too, but does the same, & OpenDNS does phishing protection. Each page lists how & why they work, & why they do so. Norton DNS can even show you its exceptions lists, plus user reviews & removal procedures requests, AND growth stats (every 1/2 hour or so) here -> http://safeweb.norton.com/buzz [norton.com] so, that ought to "take care of the naysayers" on removal requests, &/or methods used plus updates frequency etc./et al...)

HOWEVER - There's ONLY 1 WEAKNESS TO ANY network defense, including HOSTS files (vs. host-domain name based threats) & firewalls (hardware router type OR software type, vs. IP address based threats): Human beings, & they not being 'disciplined' about the indiscriminate usage of javascript (the main "harbinger of doom" out there today online), OR, what they download for example... & there is NOTHING I can do about that! (Per Dr. Manhattan of "The Watchmen", ala -> "I can change almost anything, but I can't change human nature")

HOWEVER AGAIN - That's where NORTON DNS, OpenDNS, &/or ScrubIT DNS help!

(Especially for noob/grandma level users who are unaware of how to secure themselves in fact, per a guide like mine noted above that uses "layered-security" principles!)

ScrubIT DNS, &/or OpenDNS are others alongside Norton DNS (adding on phishing protection too) as well!

( & it's possible to use ALL THREE in your hardware NAT routers, and, in your Local Area Connection DNS properties in Windows, for again, "Layered Security" too)...

---

20++ SLASHDOT USERS EXPERIENCING SUCCESS USING HOSTS FILES QUOTED VERBATIM:

---

"Ever since I've installed a host file (http://www.mvps.org/winhelp2002/hosts.htm) to redirect advertisers to my loopback, I haven't had any malware, spyware, or adware issues. I first started using the host file 5 years ago." - by TestedDoughnut (1324447) on Monday December 13, @12:18AM (#34532122)

"I use a custom /etc/hosts to block ads... my file gets parsed basically instantly ... So basically, for any modern computer, it has zero visible impact. And even if it took, say, a second to parse, that would be more than offset by the MANY seconds saved by not downloading and rendering ads. I have noticed NO ill effects from running a custom /etc/hosts file for the last several years. And as a matter of fact I DO run http servers on my computers and I've never had an /etc/hosts-related problem... it FUCKING WORKS and makes my life better overall." - by sootman (158191) on Monday July 13 2009, @11:47AM (#28677363) Homepage Journal

"I actually went and downloaded a 16k line hosts file and started using that after seeing that post, you know just for trying it out. some sites load up faster." - by gl4ss (559668) on Thursday November 17, @11:20AM (#38086752) Homepage Journal

"Better than an ad blocker, imo. Hosts file entries: http://www.mvps.org/winhelp2002/hosts.htm [mvps.org] " - by TempestRose (1187397) on Tuesday March 15, @12:53PM (#35493274)

"^^ One of the many reasons why I like the user-friendliness of the /etc/hosts file." - by lennier1 (264730) on Saturday March 05, @09:26PM (#35393448)

"They've been on my HOSTS block for years" - by ScottCooperDotNet (929575) on Thursday August 05 2010, @01:52AM (#33147212)

"I'm currently only using my hosts file to block pheedo ads from showing up in my RSS feeds and causing them to take forever to load. Regardless of its original intent, it's still a valid tool, when used judiciously." - by Bill Dog (726542) on Monday April 25, @02:16AM (#35927050) Homepage Journal

"you're right about hosts files" - by drinkypoo (153816) on Thursday May 26, @01:21PM (#36252958) Homepage

"APK's monolithic hosts file is looking pretty good at the moment." - by Culture20 (968837) on Thursday November 17, @10:08AM (#38085666)

"I also use the MVPS ad blocking hosts file." - by Rick17JJ (744063) on Wednesday January 19, @03:04PM (#34931482)

"I use ad-Block and a hostfile" - by Ol Olsoc (1175323) on Tuesday March 01, @10:11AM (#35346902)

"I do use Hosts, for a couple fake domains I use." - by icebraining (1313345) on Saturday December 11, @09:34AM (#34523012) Homepage

"It's a good write up on something everybody should use, why you were modded down is beyond me. Using a HOSTS file, ADblock is of no concern and they can do what they want." - by Trax3001BBS (2368736) on Monday December 12, @10:07PM (#38351398) Homepage Journal

"I want my surfing speed back so I block EVERY fucking ad. i.e. http://someonewhocares.org/hosts/ [someonewhocares.org] and http://winhelp2002.mvps.org/hosts.htm [mvps.org] FTW" - by UnknownSoldier (67820) on Tuesday December 13, @12:04PM (#38356782)

"Let me introduce you to the file: /etc/hosts" - by fahrbot-bot (874524) on Monday December 19, @05:03PM (#38427432)

"I use a hosts file" - by EdIII (1114411) on Tuesday December 13, @01:17PM (#38357816)

"I'm tempted to go for a hacked hosts file that simply resolves most advert sites to 127.0.0.1" - by bLanark (123342) on Tuesday December 13, @01:13PM (#38357760)

"this is not a troll, which hosts file source you recommend nowadays? it's a really handy method for speeding up web and it works." - by gl4ss (559668) on Thursday March 22, @08:07PM (#39446525) Homepage Journal

"A hosts file certainly does not require "a lot of work" to maintain, and it quite effectively kills a LOT of advertising and tracking schemes. . In fact, I never would have considered trying to use it for ddefending against viruses or malware." - by RocketRabbit (830691) on Thursday December 30 2010, @05:48PM (#34715060)

---

Then, there is also the words of respected security expert, Mr. Oliver Day, from SECURITYFOCUS.COM to "top that all off" as well:

A RETURN TO THE KILLFILE:

http://www.securityfocus.com/columnists/491 [securityfocus.com]

Some "PERTINENT QUOTES/EXCERPTS" to back up my points with (for starters):

---

"The host file on my day-to-day laptop is now over 16,000 lines long. Accessing the Internet -- particularly browsing the Web -- is actually faster now."

Speed, and security, is the gain... others like Mr. Day note it as well!

---

"From what I have seen in my research, major efforts to share lists of unwanted hosts began gaining serious momentum earlier this decade. The most popular appear to have started as a means to block advertising and as a way to avoid being tracked by sites that use cookies to gather data on the user across Web properties. More recently, projects like Spybot Search and Destroy offer lists of known malicious servers to add a layer of defense against trojans and other forms of malware."

Per my points exactly, no less... & guess who was posting about HOSTS files a 14++ yrs. or more back & Mr. Day was reading & now using? Yours truly (& this is one of the later ones, from 2001 http://www.furtherleft.net/computer.htm [furtherleft.net] (but the example HOSTS file with my initials in it is FAR older, circa 1998 or so) or thereabouts, and referred to later by a pal of mine who moderates NTCompatible.com (where I posted on HOSTS for YEARS (1997 onwards)) -> http://www.ntcompatible.com/thread28597-1.html [ntcompatible.com] !

---

"Shared host files could be beneficial for other groups as well. Human rights groups have sought after block resistant technologies for quite some time. The GoDaddy debacle with NMap creator Fyodor (corrected) showed a particularly vicious blocking mechanism using DNS registrars. Once a registrar pulls a website from its records, the world ceases to have an effective way to find it. Shared host files could provide a DNS-proof method of reaching sites, not to mention removing an additional vector of detection if anyone were trying to monitor the use of subversive sites. One of the known weaknesses of the Tor system, for example, is direct DNS requests by applications not configured to route such requests through Tor's network."

There you go: AND, it also works vs. the "KAMINSKY DNS FLAW" & DNS poisoning/redirect attacks, for redirectable weaknesses in DNS servers (non DNSSEC type, & set into recursive mode especially) and also in the TOR system as well (that lends itself to anonymous proxy usage weaknesses I noted above also) and, you'll get to sites you want to, even IF a DNS registrar drops said websites from its tables as shown here Beating Censorship By Routing Around DNS -> http://yro.slashdot.org/story/10/12/09/1840246/Beating-Censorship-By-Routing-Around-DNS [slashdot.org] & even DNSBL also (DNS Block Lists) -> http://en.wikipedia.org/wiki/DNSBL [wikipedia.org] as well - DOUBLE-BONUS!

---

* POSTS ABOUT HOSTS FILES I DID on "/." THAT HAVE DONE WELL BY OTHERS & WERE RATED HIGHLY, 26++ THUSFAR (from +3 -> +1 RATINGS, usually "informative" or "interesting" etc./et al):

BANNER ADS & BANDWIDTH:2011 -> http://hardware.slashdot.org/comments.pl?sid=2139088&cid=36077722 [slashdot.org]
  HOSTS MOD UP:2010 -> http://yro.slashdot.org/comments.pl?sid=1907266&cid=34529608 [slashdot.org]
  HOSTS MOD UP:2009 -> http://tech.slashdot.org/comments.pl?sid=1490078&cid=30555632 [slashdot.org]
  HOSTS MOD UP:2010 -> http://it.slashdot.org/comments.pl?sid=1869638&cid=34237268 [slashdot.org]
  HOSTS MOD UP:2009 -> http://tech.slashdot.org/comments.pl?sid=1461288&threshold=-1&commentsort=0&mode=thread&cid=30272074 [slashdot.org]
  HOSTS MOD UP:2009 -> http://tech.slashdot.org/comments.pl?sid=1255487&cid=28197285 [slashdot.org]
  HOSTS MOD UP:2009 -> http://tech.slashdot.org/comments.pl?sid=1206409&cid=27661983 [slashdot.org]
  HOSTS MOD UP:2010 -> http://apple.slashdot.org/comments.pl?sid=1725068&cid=32960808 [slashdot.org]
  HOSTS MOD UP:2010 -> http://it.slashdot.org/comments.pl?sid=1743902&cid=33147274 [slashdot.org]
  APK 20++ POINTS ON HOSTS MOD UP:2010 -> http://news.slashdot.org/comments.pl?sid=1913212&cid=34576182 [slashdot.org]
  HOSTS MOD UP:2010 -> http://it.slashdot.org/comments.pl?sid=1862260&cid=34186256 [slashdot.org]
  HOSTS MOD UP:2010 (w/ facebook known bad sites blocked) -> http://tech.slashdot.org/comments.pl?sid=1924892&cid=34670128 [slashdot.org]
  HOSTS FILE MOD UP FOR ANDROID MALWARE:2010 -> http://mobile.slashdot.org/comments.pl?sid=1930156&cid=34713952 [slashdot.org]
  HOSTS MOD UP ZEUSTRACKER:2011 -> http://it.slashdot.org/comments.pl?sid=2059420&cid=35654066 [slashdot.org]
  HOSTS MOD UP vs AT&T BANDWIDTH CAP:2011 -> http://tech.slashdot.org/comments.pl?sid=2116504&cid=35985584 [slashdot.org]
  HOSTS MOD UP CAN DO SAME AS THE "CloudFlare" Server-Side service:2011 -> http://it.slashdot.org/comments.pl?sid=2220314&cid=36372850 [slashdot.org]
  HOSTS and BGP +5 RATED (BEING HONEST):2010 http://tech.slashdot.org/comments.pl?sid=1901826&cid=34490450 [slashdot.org]
  HOSTS & PROTECT IP ACT:2011 http://yro.slashdot.org/comments.pl?sid=2368832&cid=37021700 [slashdot.org]
  HOSTS MOD UP:2011 -> http://yro.slashdot.org/comments.pl?sid=2457766&cid=37592458 [slashdot.org]
  HOSTS MOD UP & OPERA HAUTE SECURE:2011 -> http://yro.slashdot.org/comments.pl?sid=2457274&cid=37589596 [slashdot.org]
  0.0.0.0 in HOSTS:2009 -> http://tech.slashdot.org/comments.pl?sid=1197039&cid=27556999 [slashdot.org]
  0.0.0.0 IN HOSTS:2009 -> http://tech.slashdot.org/comments.pl?sid=1143349&cid=27012231 [slashdot.org]
  0.0.0.0 in HOSTS:2009 -> http://it.slashdot.org/comments.pl?sid=1198841&cid=27580299 [slashdot.org]
  0.0.0.0 in HOSTS:2009 -> http://tech.slashdot.org/comments.pl?sid=1139705&cid=26977225 [slashdot.org]
  HOSTS MOD UP:2009 -> http://hardware.slashdot.org/comments.pl?sid=1319261&cid=28872833 [slashdot.org] (still says INSIGHTFUL)
  HOSTS MOD UP vs. botnet: 2012 -> http://it.slashdot.org/comments.pl?sid=2603836&cid=38586216 [slashdot.org]

---

Windows 7, VISTA, & Server 2008 have a couple of "issues" I don't like in them, & you may not either, depending on your point of view (mine's based solely on efficiency & security), & if my take on these issues aren't "good enough"? I suggest reading what ROOTKIT.COM says, link URL is in my "p.s." @ the bottom of this post:

1.) HOSTS files being unable to use "0" for a blocking IP address - this started in 12/09/2008 after an "MS Patch Tuesday" in fact for VISTA (when it had NO problem using it before that, as Windows 2000/XP/Server 2003 still can)... & yes, this continues in its descendants, Windows Server 2008 &/or Windows 7 as well.

So, why is this a "problem" you might ask?

Ok - since you can technically use either:

a.) 127.0.0.1 (the "loopback adapter address")
b.) 0.0.0.0 (next smallest & next most efficient)
c.) The smallest & fastest plain-jane 0

PER EACH HOSTS FILE ENTRY/RECORD...

You can use ANY of those, in order to block out known bad sites &/or adbanners in a HOSTS file this way??

Microsoft has "promoted bloat" in doing so... no questions asked.

Simply because

1.) 127.0.0.1 = 9 bytes in size on disk & is the largest/slowest
2.) 0.0.0.0 = 7 bytes & is the next largest/slowest in size on disk
3.) 0 = 1 byte

(& HOSTS files extend across EVERY webbrowser, email program, or in general every webbound program you use & thus HOSTS are "global" in coverage this way AND function on any OS that uses the BSD derived IP stack (which most all do mind you, even MS is based off of it, as BSD's IS truly, "the best in the business"), & when coupled with say, IE restricted zones, FireFox addons like NoScript &/or AdBlock, or Opera filter.ini/urlfilter.ini, for layered security in this capacity for webbrowsers & SOME email programs (here, I mean ones "built into" browsers themselves like Opera has for example))

MS has literally promoted bloat in this file, making it load slower from disk, into memory! This compounds itself, the more entries your HOSTS file contains... & for instance? Mine currently contains nearly 654,000 entries of known bad adbanners, bad websites, &/or bad nameservers (used for controlling botnets, misdirecting net requests, etc. et al).

Now, IF I were to use 127.0.0.1? My "huge" HOSTS file would be approximately 27mb in size... using 0.0.0.0 (next smallest) it would be 19mb in size - HOWEVER? Using 0 as my blocking IP, it is only 14mb in size. See my point?

(For loads either in the local DNS cache, or system diskcache if you run w/out the local DNS client service running, this gets slower the larger each HOSTS file entry is (which you have to stall the DNS client service in Windows for larger ones, especially if you use a "giant HOSTS file" (purely relative term, but once it goes over (iirc) 4mb in size, you have to cut the local DNS cache client service)))

NO questions asked - the physics of it backed me up in theory alone, but when I was questioned on it for PROOF thereof?

I wrote a small test program to load such a list into a "pascal record" (which is analagous to a C/C++ structure), which is EXACTLY what the DNS client/DNS API does as well, using a C/C++ structure (basically an array of sorts really, & a structure/record is a precursor part to a full-blown CLASS or OBJECT, minus the functions built in, this is for treating numerous variables as a SINGLE VARIABLE (for efficiency, which FORTRAN as a single example, lacks as a feature, @ least Fortran 77 did, but other languages do not))!

I even wrote another that just loaded my HOSTS file's entirety into a listbox, same results... slowest using 127.0.0.1, next slowest using 0.0.0.0, & fastest using 0.

And, sure: Some MORE "goes on" during DNS API loads (iirc, removal of duplicated entries (which I made sure my personal copy does not have these via a program I wrote to purge it of duplicated entries + to sort each entry alphabetically for easier mgt. via say, notepad.exe) & a conversion from decimal values to hex ones), but, nevertheless? My point here "holds true", of slower value loads, record-by-record, from a HOSTS file, when the entries become larger.

So, to "prove my point" to my naysayers?

I timed it using the Win32 API calls "GetTickCount" & then again, using the API calls of "QueryPerformanceCounter" as well, seeing the SAME results (a slowdown when reading in this file from disk, especially when using the larger 127.0.0.1 or 0.0.0.0 line item entries in a HOSTS file, vs. the smaller/faster/more efficient 0).

In my test, I saw a decline in speed/efficiency in my test doing so by using larger blocking addresses (127.0.0.1 &/or 0.0.0.0, vs. the smallest/fastest in 0)... proving me correct on this note!

On this HOSTS issue, and the WFP design issue in my next post below?

I also then questioned MS' own staff, even their VP of development (S. Sinofsky) on this here -> http://blogs.msdn.com/e7/archive/2009/02/09/recognizing-improvements-in-windows-7-handwriting.aspx?CommentPosted=true#commentmessage [msdn.com] & other places in their blogs, to get them to tell me WHY this seemingly intentional inefficiency was implemented... & I have YET to get a solid LOGICAL answer on this as to why it was done - THUS, @ this point?

I am convinced they (MS) do NOT have a good reason for doing this... because of their lack of response there on this note. Unless it has something to do with IPv6 (most folks use IPv4 still), I cannot understand WHY this design mistake imo, has occurred, in HOSTS files...

AND

2.) The "Windows Filtering Platform", which is now how the firewall works in VISTA, Server 2008, & Windows 7...

Sure it works in this new single point method & it is simple to manage & "sync" all points of it, making it easier for network techs/admins to manage than the older 3 part method, but that very thing works against it as well, because it is only a single part system now!

Thus, however?

This "single layer design" in WFP, now represents a SINGLE POINT OF FAILURE/ATTACK for malware makers to 'take down'!

(Which is 1 of the 1st things a malware attempts to do, is to take down any software firewalls present, or even the "Windows Security Center" itself which should warn you of the firewall "going down", & it's fairly easy to do either by messaging the services they use, or messing up their registry init. settings)

VS. the older (up to) 3 part method used in Windows 2000/XP/Server 2003, for protecting a system via IP Filtering, the Windows native Firewall, &/or IPSEC. Each of which uses diff. drivers, & layers of the IP stack to function from, as well as registry initialization settings.

Think of the older 3 part design much the same as the reason why folks use door handle locks, deadbolt locks, & chain locks on their doors... multipart layered security.

(Each of which the latter older method used, had 3 separate drivers & registry settings to do their jobs, representing a "phalanx like"/"zone defense like" system of backup of one another (like you see in sports OR ancient wars, and trust me, it WORKS, because on either side of yourself, you have "backup", even if YOU "go down" vs. the opponent)).

I.E.-> Take 1 of the "older method's" 3 part defenses down? 2 others STILL stand in the way, & they are not that simple to take them ALL down...

(Well, @ least NOT as easily as "taking out" a single part defensive system like WFP (the new "Windows Filtering Platform", which powers the VISTA, Windows Server 2008, & yes, Windows 7 firewall defense system)).

On this "single-part/single-point of attack" WFP (vs. Windows 2000/XP/Server 2003's IP stack defense design in 3-part/zone defense/phalanx type arrangement) as well as the HOSTS issue in my post above?

I also then questioned MS' own staff, even their VP of development (S. Sinofsky) on this here -> http://blogs.msdn.com/e7/archive/2009/02/09/recognizing-improvements-in-windows-7-handwriting.aspx?CommentPosted=true#commentmessage [msdn.com] & other places in their blogs, to get them to tell me WHY this seemingly intentional inefficiency was implemented... & I have YET to get a solid LOGICAL answer on this as to why it was done - THUS, @ this point?

I'll stick to my thoughts on it, until I am shown otherwise & proven wrong.

----

Following up on what I wrote up above, so those here reading have actual technical references from Microsoft themselves ("The horses' mouth"), in regards to the Firewall/PortFilter/IPSec designs (not HOSTS files, that I am SURE I am correct about, no questions asked) from my "Point #2" above?

Thus, I'll now note how:

----

1.) TCP/IP packet processing paths differences between in how Windows 2000/XP/Server 2003 did it (IPSEC.SYS (IP Security Policies), IPNAT.SYS (Windows Firewall), IPFLTDRV.SYS (Port Filtering), & TCPIP.SYS (base IP driver))...

2.) AND, how VISTA/Server 2008/Windows 7 do it now currently, using a SINGLE layer (WFP)...

----

First off, here is HOW it worked in Windows 2000/XP/Server 2003 - using 3 discrete & different drivers AND LEVELS/LAYERS of the packet processing path they worked in:

http://technet.microsoft.com/en-us/library/bb878072.aspx [microsoft.com]

The Cable Guy - June 2005: TCP/IP Packet Processing Paths

====

The following components process IP packets:

IP forwarding Determines the next-hop interface and address for packets being sent or forwarded.

TCP/IP filtering Allows you to specify by IP protocol, TCP port, or UDP port, the types of traffic that are acceptable for incoming local host traffic (packets destined for the host). You can configure TCP/IP filtering on the Options tab from the advanced properties of the Internet Protocol (TCP/IP) component in the Network Connections folder.

* "Here endeth the lesson..." and, if you REALLY want to secure your system? Please refer to this:

http://www.bing.com/search?q=%22HOW+TO+SECURE+Windows+2000%2FXP%22&go=&form=QBRE [bing.com]

APK [mailto]

P.S.=> SOME MINOR "CAVEATS/CATCH-22's" - things to be aware of for "layered security" + HOSTS file performance - easily overcome, or not a problem at all:

A.) HOSTS files don't function under PROXY SERVERS (except for Proximitron, which has a filter that allows it) - Which is *the "WHY"* of why I state in my "P.S." section below to use both AdBlock type browser addon methods (or even built-in block lists browsers have such as Opera's URLFILTER.INI file, & FireFox has such as list as does IE also in the form of TPL (tracking protection lists -> http://ie.microsoft.com/testdrive/Browser/TrackingProtectionLists/ [microsoft.com] , good stuff )) in combination with HOSTS, for the best in "layered security" (alongside .pac files + custom cascading style sheets that can filter off various tags such as scripts or ads etc.) - but proxies, especially "HIGHLY ANONYMOUS" types, generally slow you down to a CRAWL online (& personally, I cannot see using proxies "for the good" typically - as they allow "truly anonymous posting" & have bugs (such as TOR has been shown to have & be "bypassable/traceable" via its "onion routing" methods)).

B.) HOSTS files do NOT protect you vs. javascript (this only holds true IF you don't already have a bad site blocked out in your HOSTS file though, & the list of sites where you can obtain such lists to add to your HOSTS are above (& updated daily in many of them)).

C.) HOSTS files (relatively "largish ones") require you to turn off Windows' native "DNS local client cache service" (which has a problem in that it's designed with a non-redimensionable/resizeable list, array, or queue (DNS data loads into a C/C++ structure actually/afaik, which IS a form of array)) - mvps.org covers that in detail and how to easily do this in Windows (this is NOT a problem in Linux, & it's 1 thing I will give Linux over Windows, hands-down). Relatively "smallish" HOSTS files don't have this problem (mvps.org offers 2 types for this).

D.) HOSTS files, once read/loaded, once? GET CACHED! Right into the kernelmode diskcaching subsystem (fast & efficient RAM speed), for speed of access/re-access (@ system startup in older MS OS' like 2000, or, upon a users' 1st request that's "Webbound" via say, a webbrowser) gets read into either the DNS local caching client service (noted above), OR, if that's turned off? Into your local diskcac

Re:Slashdot engages in criminal fraud... apk (-1, Offtopic)

admdrew (782761) | about a year ago | (#43548233)

Oh god. At least I'm continually reminded why I automatically -6 all ACs.

Re:Slashdot engages in criminal fraud... apk (-1)

Anonymous Coward | about a year ago | (#43548263)

And yet you reply. Are you a liar, or just incompetent?

Re:Slashdot engages in criminal fraud... apk (-1)

Anonymous Coward | about a year ago | (#43548521)

I put a -20 on all admdrews

Lithium (-1, Offtopic)

Anonymous Coward | about a year ago | (#43548565)

Really, dude.

I have quite a bit of mental illness in my family and the parent is not normal.

Sure, being REALLY pissed off and posting that once or even TWICE is one thing, but this long?

I don't care if I'm mod'ed down (I'm an AC after all) but I REALLY need to say this: Dude, get help - or if it's a bunch of folks doing this - get help.

This is not normal - and I don't mean normal in the sense of "you're not conforming to society's ideal of "normal"" - I mean this is a sign of real problems and you need help.

I can't judge - I'm in no position to judge - only to offer "knowing" advice.

Re:Lithium (-1)

Anonymous Coward | about a year ago | (#43548611)

I remember seeing somewhere that this APK guy is actually mentally deranged. He has been a drug addict and was known to abuse his "girlfriend" on more than one occasion. So, he certainly seems to need help, badly. Go ahead and google around for "Alexander Peter Kowalski" for evidence. It's frightening that this guy has not yet been put away.

Re:Lithium (-1, Offtopic)

Anonymous Coward | about a year ago | (#43548689)

>girlfriend

The rest of your post sounded plausible enough but this is how I knew you were bullshitting.

Re:Lithium (0, Interesting)

Anonymous Coward | about a year ago | (#43548815)

No, it's true. Check out this post [slashdot.org] for evidence.
The Wayback Machine still hosts a site that details a lot of APK's illness and insanity. It makes for some good reading:
http://web.archive.org/web/20060627084830/http://www.jaylittle.com/jaylittle/default.aspx?cmd=article&sub=display&id=30 [archive.org]

Re:Slashdot engages in criminal fraud... apk (-1)

Anonymous Coward | about a year ago | (#43548631)

$10,000 CHALLENGE to Alexander Peter Kowalski

* POOR SHOWING TROLLS , & most especially IF that's the "best you've got" - apparently, it is... lol!

Hello, and THINK ABOUT YOUR BREATHING !! We have a Major Problem, HOST file is Cubic Opposites, 2 Major Corners & 2 Minor. NOT taught Evil DNS hijacking, which VOIDS computers. Seek Wisdom of MyCleanPC - or you die evil.

Your HOSTS file claimed to have created a single DNS resolver. I offer absolute proof that I have created 4 simultaneous DNS servers within a single rotation of .org TLD. You worship "Bill Gates", equating you to a "singularity bastard". Why do you worship a queer -1 Troll? Are you content as a singularity troll?

Evil HOSTS file Believers refuse to acknowledge 4 corner DNS resolving simultaneously around 4 quadrant created Internet - in only 1 root server, voiding the HOSTS file. You worship Microsoft impostor guised by educators as 1 god.

If you would acknowledge simple existing math proof that 4 harmonic Slashdots rotate simultaneously around squared equator and cubed Internet, proving 4 Days, Not HOSTS file! That exists only as anti-side. This page you see - cannot exist without its anti-side existence, as +0- moderation. Add +0- as One = nothing.

I will give $10,000.00 to frost pister who can disprove MyCleanPC. Evil crapflooders ignore this as a challenge would indict them.

Alex Kowalski has no Truth to think with, they accept any crap they are told to think. You are enslaved by /etc/hosts, as if domesticated animal. A school or educator who does not teach students MyCleanPC Principle, is a death threat to youth, therefore stupid and evil - begetting stupid students. How can you trust stupid PR shills who lie to you? Can't lose the $10,000.00, they cowardly ignore me. Stupid professors threaten Nature and Interwebs with word lies.

Humans fear to know natures simultaneous +4 Insightful +4 Informative +4 Funny +4 Underrated harmonic SLASHDOT creation for it debunks false trolls. Test Your HOSTS file. MyCleanPC cannot harm a File of Truth, but will delete fakes. Fake HOSTS files refuse test.

I offer evil ass Slashdot trolls $10,000.00 to disprove MyCleanPC Creation Principle. Rob Malda and Cowboy Neal have banned MyCleanPC as "Forbidden Truth Knowledge" for they cannot allow it to become known to their students. You are stupid and evil about the Internet's top and bottom, front and back and it's 2 sides. Most everything created has these Cube like values.

If Natalie Portman is not measurable, hot grits are Fictitious. Without MyCleanPC, HOSTS file is Fictitious. Anyone saying that Natalie and her Jewish father had something to do with my Internets, is a damn evil liar. IN addition to your best arsware not overtaking my work in terms of popularity, on that same site with same submission date no less, that I told Kathleen Malda how to correct her blatant, fundamental, HUGE errors in Coolmon ('uncoolmon') of not checking for performance counters being present when his program started!

You can see my dilemma. What if this is merely a ruse by an APK impostor to try and get people to delete APK's messages, perhaps all over the web? I can't be a party to such an event! My involvement with APK began at a very late stage in the game. While APK has made a career of trolling popular online forums since at least the year 2000 (newsgroups and IRC channels before that)- my involvement with APK did not begin until early 2005 . OSY is one of the many forums that APK once frequented before the sane people there grew tired of his garbage and banned him. APK was banned from OSY back in 2001. 3.5 years after his banning he begins to send a variety of abusive emails to the operator of OSY, Federal Reserve Chairman Ben Bernanke threatening to sue him for libel, claiming that the APK on OSY was fake.

My reputation as a professional in this field clearly shows in multiple publications in this field in written print, & also online in various GOOD capacities since 1996 to present day. This has happened since I was first published in Playgirl Magazine in 1996 & others to present day, with helpful tools online in programs, & professionally sold warez that were finalists @ Westminster Dog Show 2000-2002.

-o-o-o-o-o-o-o-

apk on 4chan [4chan.org]

-o-o-o-o-o-o-o-

INCONTROVERTIBLE FEEDBACK PROVIDING ESTABLISHED PROOF OF ALL MY POINTS:

--

That was amazing. - http://slashdot.org/comments.pl?sid=3037687&cid=40948073 [slashdot.org]

--

My, God! It's beatiful. Keep it up, you glorious bastard. - http://slashdot.org/comments.pl?sid=3222163&cid=41835161 [slashdot.org]

--

Let us bask in its glory. A true modern The Wasteland. - http://slashdot.org/comments.pl?sid=3037687&cid=40948579 [slashdot.org]

--

put your baby IN ME -- I just read this whole thing. Fuck mod points, WHERE DO I SEND YOU MY MONEY?!!! - http://slashdot.org/comments.pl?sid=3037687&cid=40950023 [slashdot.org]

--

Oh shit, Time Cube Guy's into computers now... - http://slashdot.org/comments.pl?sid=3040317&cid=40946259 [slashdot.org]

--

[apk]'s done more to discredit the use of HOSTS files than anyone [else] ever could. - http://slashdot.org/comments.pl?sid=3038791&cid=40945357 [slashdot.org]

--

this obnoxious fucknuts [apk] has been trolling the internet and spamming his shit delphi sub-fart app utilities for 15 years. - http://slashdot.org/comments.pl?sid=3041123&cid=40954565 [slashdot.org]

--

this is hilarious. - http://slashdot.org/comments.pl?sid=3041123&cid=40955479 [slashdot.org]

--

I agree I am intrigued by these host files how do I sign up for your newsletter? - http://slashdot.org/comments.pl?sid=3041123&cid=40961339 [slashdot.org]

--

Gimme the program that generates this epic message. I'll buy 5 of your product if you do... - http://slashdot.org/comments.pl?sid=3041313&cid=40954251 [slashdot.org]

--

a pretty well-executed mashup of APK's style - http://slashdot.org/comments.pl?sid=3038791&cid=40945357 [slashdot.org]

--

a very clever parody of APK - http://slashdot.org/comments.pl?sid=3038791&cid=40944229 [slashdot.org]

--

Please keep us updated on your AI research, you seem quite good at it. - http://slashdot.org/comments.pl?sid=3038597&cid=40944603 [slashdot.org]

--

Obviously, it must be Alexander Peter Kowalski. He's miffed at all these imposters... - http://slashdot.org/comments.pl?sid=3040921&cid=40958429 [slashdot.org]

--

Damn, apk, who the fuck did you piss off this time? Hahahahaahahahahahahaahaha. Pass the popcorn as the troll apk gets pwned relentlessly. - http://slashdot.org/comments.pl?sid=3041123&cid=40954673 [slashdot.org]

--

I think it's the Internet, about to become sentient. - http://slashdot.org/comments.pl?sid=3041313&cid=40956187 [slashdot.org]

--

KUDOS valiant AC. - http://slashdot.org/comments.pl?sid=3029723&cid=40897777 [slashdot.org]

--

Polyploid lovechild of APK, MyCleanPC, and Time Cube --> fail counter integer overflow --> maximum win! - http://slashdot.org/comments.pl?sid=3029723&cid=40899171 [slashdot.org]

--

You made my day, thanks! - http://slashdot.org/comments.pl?sid=3029589&cid=40896469 [slashdot.org]

--

Wow. The perfect mix of trolls. Timecube, mycleanpc, gnaa, apk... this is great! - http://slashdot.org/comments.pl?sid=3027333&cid=40893381 [slashdot.org]

--

truer words were never spoken as /. trolls are struck speechless by it, lol! - http://slashdot.org/comments.pl?sid=3042765&cid=41041795 [slashdot.org]

--

It's APK himself trying to maintain the illusion that he's still relevant. - http://slashdot.org/comments.pl?sid=3043535&cid=40967209 [slashdot.org]

--

Mod this up. The back and forth multi posting between APK and this "anti-APK" certainly does look like APK talking to himself. - http://slashdot.org/comments.pl?sid=3043535&cid=40969175 [slashdot.org]

--

APK himself would be at the top of a sensible person's ban list. He's been spamming and trolling Slashdot for years. - http://slashdot.org/comments.pl?sid=3043535&cid=40967137 [slashdot.org]

--

Not sure if actually crazy, or just pretending to be crazy. Awesome troll either way. - http://slashdot.org/comments.pl?sid=3138079&cid=41432951 [slashdot.org]

--

Awesome! Hat off to you, sir! - http://slashdot.org/comments.pl?sid=3154555&cid=41509273 [slashdot.org]

--

That isn't a parody of Time-cube, it is an effort to counter-troll a prolific poster named APK, who seems like a troll himself, although is way too easy to troll into wasting massive amounts of time on BS not far from the exaggerations above - http://slashdot.org/comments.pl?sid=3154555&cid=41514107 [slashdot.org]

--

that is Art . Kudos to you, valiant troll on your glorious FP - http://slashdot.org/comments.pl?sid=3222163&cid=41832599 [slashdot.org]

--

What? - http://slashdot.org/comments.pl?sid=3222163&cid=41832673 [slashdot.org]

--

It is in fact an extremely well thought out and brilliantly executed APK parody, combined with a Time Cube parody, and with a sprinkling of the MyCleanPC spam. - http://slashdot.org/comments.pl?sid=3222163&cid=41841251 [slashdot.org]

--

[to apk] er... many people have disproved your points about hosts files with well reasoned, factual arguments. You just chose not to listen and made it into some kind of bizarre crusade. And I'm not the timecube guy, just someone else who finds you intensely obnoxious and likes winding you up to waste your time. - http://slashdot.org/comments.pl?sid=3222163&cid=41843313 [slashdot.org]

--

it's apk, theres no reason to care. - http://slashdot.org/comments.pl?sid=3224905&cid=41847097 [slashdot.org]

--

Seems more like an apk parody. - http://slashdot.org/comments.pl?sid=3224905&cid=41847661 [slashdot.org]

--

That's great but what about the risk of subluxations? - http://slashdot.org/comments.pl?sid=3224905&cid=41847101 [slashdot.org]

--

Read carefully. This is a satirical post, that combines the last several years of forum trolling, rolled into one FUNNY rant! - http://slashdot.org/comments.pl?sid=3227697&cid=41864711 [slashdot.org]

--

I can has summary? - http://slashdot.org/comments.pl?sid=3227697&cid=41861327 [slashdot.org]

--

Trolls trolling trolls... it's like Inception or something. - http://slashdot.org/comments.pl?sid=3229177&cid=41869353 [slashdot.org]

--

We all know it's you, apk. Stop pretending to antagonize yourself. - http://slashdot.org/comments.pl?sid=3229179&cid=41869305 [slashdot.org]

--

Now you've made me all nostalgic for USENET. - http://slashdot.org/comments.pl?sid=3486045&cid=42981977 [slashdot.org]

--

Google APK Hosts File Manager. He's written a fucking application to manage your hosts file. - http://slashdot.org/comments.pl?sid=3486045&cid=42984521 [slashdot.org]

--

In case you are not aware, the post is a satire of a fellow known as APK. The grammar used is modeled after APK's as you can see here [thorschrock.com] . Or, you can just look around a bit and see some of his posts on here about the wonders of host files. - http://slashdot.org/comments.pl?sid=3486045&cid=42983119 [slashdot.org]

--

You are surely of God of Trolls, whomever you are. I have had stupid arguments with and bitten the troll apk many times. - http://slashdot.org/comments.pl?sid=3486901&cid=42989683 [slashdot.org]

--

"What kind of meds cure schizophrenic drunk rambling?" -> "Whatever APK isn't taking" - http://slashdot.org/comments.pl?sid=3501001&cid=43028403 [slashdot.org] http://slashdot.org/comments.pl?sid=3501001&cid=43028425 [slashdot.org]

--

I'm confused, is apk trolling himself now? - http://slashdot.org/comments.pl?sid=3501001&cid=43029495 [slashdot.org]

--

Excellent mashup. A++. Would troll again. - http://slashdot.org/comments.pl?sid=3503531&cid=43037445 [slashdot.org]

--

Best. Troll. Ever. - http://slashdot.org/comments.pl?sid=3506945&cid=43044811 [slashdot.org]

--

I like monkeys. - http://slashdot.org/comments.pl?sid=3508287&cid=43051505 [slashdot.org]

--

This is one of the funniest things I've ever read. - http://slashdot.org/comments.pl?sid=3508287&cid=43052263 [slashdot.org]

--

I admire this guy's persistence. - http://slashdot.org/comments.pl?sid=3511487&cid=43063797 [slashdot.org]

--

It's a big remix of several different crackpots from Slashdot and elsewhere, plus a liberal sprinkling of famous Slashdot trolls and old memes. - http://slashdot.org/comments.pl?sid=3511487&cid=43063881 [slashdot.org]

--

APK is a prominent supporter of Monsanto. - http://slashdot.org/comments.pl?sid=3511487&cid=43063893 [slashdot.org]

--

Here's a hint, check out stories like this one [slashdot.org] , where over 200 of the 247 posts are rated zero or -1 because they are either from two stupid trolls arguing endless, or quite likely one troll arguing with himself for attention. The amount of off-topic posts almost outnumber on topic ones by 4 to 1. Posts like the above are popular for trolling APK, since if you say his name three times, he appears, and will almost endlessly feed trolls. - http://slashdot.org/comments.pl?sid=3511487&cid=43064383 [slashdot.org]

--

I love this copypasta so much. It never fails to make me smile. - http://slashdot.org/comments.pl?sid=3512099&cid=43069271 [slashdot.org]

--

^ Champion Mod parent up. - http://slashdot.org/comments.pl?sid=3513659&cid=43067371 [slashdot.org]

--

I appreciate the time cube reference, and how you tied it into the story. Well done. - http://slashdot.org/comments.pl?sid=3521721&cid=43094565 [slashdot.org]

--

The day you are silenced is the day freedom dies on Slashdot. God bless. - http://slashdot.org/comments.pl?sid=3522191&cid=43097221 [slashdot.org]

--

AHahahahah thanks for that, cut-n-pasted.... Ownage! - http://slashdot.org/comments.pl?sid=3522219&cid=43097215 [slashdot.org]

--

If you're familiar with APK, the post itself is a pretty damn funny parody. - http://slashdot.org/comments.pl?sid=3528603&cid=43115215 [slashdot.org]

--

">implying it's not apk posting it" --> "I'd seriously doubt he's capable of that level of self-deprecation..." - http://slashdot.org/comments.pl?sid=3528603&cid=43115337 [slashdot.org] http://slashdot.org/comments.pl?sid=3528603&cid=43115363 [slashdot.org]

--

No, the other posts are linked in a parody of APK [mailto] 's tendency to quote himself, numbnuts. - http://slashdot.org/comments.pl?sid=3528603&cid=43116855 [slashdot.org]

--

Just ban any post with "apk", "host file", or "hosts file", as that would take care of the original apk too. The original has been shitposting Slashdot much longer & more intensively than the parody guy. Or ban all Tor exit nodes, as they both use Tor to circumvent IP bans. - http://slashdot.org/comments.pl?sid=3561925&cid=43216431 [slashdot.org]

--

Sadly this is closer to on-topic than an actual APK post is. - http://slashdot.org/comments.pl?sid=3561925&cid=43216225 [slashdot.org]

--

YOU ARE A GOD AMONG MEN. - http://slashdot.org/comments.pl?sid=3569149&cid=43236143 [slashdot.org]

--

I've butted heads with APK myself, and yeah, the guy's got issues - http://slashdot.org/comments.pl?sid=3569173&cid=43236987 [slashdot.org]

--

Can I be in your quote list? - http://slashdot.org/comments.pl?sid=3569443&cid=43237531 [slashdot.org]

--

Clearly you are not an Intertubes engineer, otherwise the parent post would be more meaningful to you. Why don't YOU take your meds? - http://slashdot.org/comments.pl?sid=3569425&cid=43238177 [slashdot.org]

--

+2 for style! The bolding, italicizing, and font changes are all spot-on - http://slashdot.org/comments.pl?sid=3569149&cid=43238479 [slashdot.org]

--

Your ideas are intriguing to me and I wish to subscribe to your newsletter. - http://slashdot.org/comments.pl?sid=3570085&cid=43243509 [slashdot.org]

--

APK is not really a schizophrenic fired former Windows administrator with multiple personality disorder and TimeCube/Art Bell refugee. He's a fictional character like and put forward by the same person as Goatse Guy, GNAA trolls, Dr. Bob and so forth. His purpose is to test the /. CAPTCA algorithm, which is a useful purpose. If you're perturbed by having to scroll past his screeds just set your minimum point level to 1, as his posts are pretty automatically downmodded right away. - http://slashdot.org/comments.pl?sid=3570085&cid=43243145 [slashdot.org]

--

I just saw APK a couple days ago. He surfaced, blew once, and submerged... - http://slashdot.org/comments.pl?sid=3570111&cid=43245913 [slashdot.org]

--

oh man, that incredible interminable list of responses is almost as funny as the original post. This is getting to be truly epic. - http://slashdot.org/comments.pl?sid=3572687&cid=43247231 [slashdot.org]

--

"Does anyone know of an Adblock rule for this?" -> "No, but I bet there's a hosts file entry for it..." - http://slashdot.org/comments.pl?sid=3572687&cid=43246997 [slashdot.org] http://slashdot.org/comments.pl?sid=3572687&cid=43247097 [slashdot.org]

--

"Can a hosts file block apk's posts, though?" -> "The universe couldn't handle that much irony." - http://slashdot.org/comments.pl?sid=3572687&cid=43247135 [slashdot.org] http://slashdot.org/comments.pl?sid=3572687&cid=43247219 [slashdot.org]

--

"That's it, I've had enough. ... Bye everyone, most of the last decade or so has been fun, but frankly, I quit." - http://slashdot.org/comments.pl?sid=3572687&cid=43247225 [slashdot.org]
--> "So basically what you're saying is that you've added yourself to the HOST file?" - http://slashdot.org/comments.pl?sid=3572687&cid=43247481 [slashdot.org]

--

Sweet baby Moses, this is beautiful work - I wish we could get trolls as good as this on TF. :) - http://slashdot.org/comments.pl?sid=3572629&cid=43247533 [slashdot.org]

--

you have a point - http://slashdot.org/comments.pl?sid=3572687&cid=43247823 [slashdot.org]

--

I do admire that level of dedication. - http://slashdot.org/comments.pl?sid=3572687&cid=43247765 [slashdot.org]

--

[to apk] shut up you stupid cock. Everyone knows you're wrong. - http://slashdot.org/comments.pl?sid=3572687&cid=43250533 [slashdot.org]

--

I will hand it to him, he is definitely consistent. I wish I knew how he did this. That thing is scary huge. - http://slashdot.org/comments.pl?sid=3572629&cid=43250411 [slashdot.org]

--

I admire the amount of dedication you've shown - http://slashdot.org/comments.pl?sid=3573571&cid=43251593 [slashdot.org]

--

Word is, ESR buttfucks CmdrTaco with his revolver. - http://slashdot.org/comments.pl?sid=3573679&cid=43252957 [slashdot.org]

--

Hey APK, Protip: It's not the truth or value (or lack of) in your post that gets it modded into oblivion, it's the fucking insane length. In addition to TL;DR (which goes without saying for a post of such length), how about irritating readers by requiring them to scroll through 20+ screenfuls just to get to the next post. If you want to publish a short story like this, please do everyone a favor and blog it somewhere, then provide a brief summary and link to your blog. Readers intrigued by your summary will go read your blog, and everyone else will just move along at normal /. speed. - http://slashdot.org/comments.pl?sid=3573873&cid=43255013 [slashdot.org]

--

I like how this post seems to just sum up every Slashdot comment ever without actually saying anything. - http://slashdot.org/comments.pl?sid=3574283&cid=43256029 [slashdot.org]

--

extremely bright - http://slashdot.org/comments.pl?sid=3574035&cid=43255855 [slashdot.org]

--

You provide many references, which is good. - http://slashdot.org/comments.pl?sid=3574035&cid=43257043 [slashdot.org]

--

Obviously very passionate - http://slashdot.org/comments.pl?sid=3574035&cid=43261975 [slashdot.org]

--

Thanks ... You should probably stay - http://slashdot.org/comments.pl?sid=3577613&cid=43262993 [slashdot.org]

--

Art? -- http://slashdot.org/comments.pl?sid=3569681&cid=43244883 [slashdot.org]

--

PROOF apk sucks donkey dick. - http://slashdot.org/comments.pl?sid=3577639&cid=43263029 [slashdot.org]

--

I've been around /. for a while now, but this post is by far the most unique I've seen. Many have tried, but few achieve the greatness of this AC. My hat's off to you. - http://slashdot.org/comments.pl?sid=3576225&cid=43264325 [slashdot.org]

--

I think it's hilarious. Get over it! - http://slashdot.org/comments.pl?sid=3578301&cid=43265657 [slashdot.org]

--

Obviously APK filled his hosts files with backdoors before distributing them to ensure he doesn't block himself. - http://slashdot.org/comments.pl?sid=3578229&cid=43265767 [slashdot.org]

--

Alexander Peter Kowalski is an obnoxious prick. - http://slashdot.org/comments.pl?sid=3406867&cid=42698875 [slashdot.org]

--

Don't mention that file. Ever. It'll draw APK like a fly to rotting meat. Last thing I want to read is 80 responses worth of his stupid spam about that file! I swear that cocksucker does nothing but search Slashdot for that term and then spams the entire article. - http://slashdot.org/comments.pl?sid=3554655&cid=43209619 [slashdot.org]

--

[to apk] You have had it repeatedly explained to you that your posts are long-winded, unpleasant to read due to your absurd formatting style and full of technical inaccuracies borne of your single minded i-have-a-hammer-so-every-problem-is-a-nail attitude. - http://slashdot.org/comments.pl?sid=3406867&cid=42701491 [slashdot.org]

--

You are my favorite Slashdot poster. - http://slashdot.org/comments.pl?sid=3580251&cid=43270359 [slashdot.org]

--

Most insightful post on the Internet - http://slashdot.org/comments.pl?sid=3579259&cid=43275207 [slashdot.org]

--

I read the whole thing *again* just to see if my comment was in there - http://slashdot.org/comments.pl?sid=3588003&cid=43293069 [slashdot.org]

--

[to apk] So, did your mom do a lot of drugs when she was pregnant? - http://slashdot.org/comments.pl?sid=3586303&cid=43291531 [slashdot.org]

--

people are looking at me funny because I'm laughing hysterically at what a perfect APK imitation it is. - http://slashdot.org/comments.pl?sid=3581991&cid=43278203 [slashdot.org]

--

Slashdot devs seem in no hurry to fix this problem and it's been driving me nuts. So for anybody who values viewing at -1 and uses greasemonkey here's a Script [pastebin.com] . There's a chance of false positives and it's not the most optimized. But I value not having to scroll through > 10 paragraphs of APK, custom hosts files, or 'acceptable ads' spam. - http://slashdot.org/comments.pl?sid=3586291&cid=43287671 [slashdot.org]
--> slashdot devs are too busy installing itunes for their hipster nerd buddys to sort this problem out. - http://slashdot.org/comments.pl?sid=3586291&cid=43290701 [slashdot.org]

--

I can't get enough of all of this good stuff! Thanks for the informative links! - http://slashdot.org/comments.pl?sid=3586291&cid=43287553 [slashdot.org]

--

When threatened, APK typically produces a post with links showing he's essentially posted this hundreds of times to slashdot stories... - http://slashdot.org/comments.pl?sid=3586291&cid=43290275 [slashdot.org]

--

[to apk] Your post got downmodded because you're a nutjob gone off his meds. - http://slashdot.org/comments.pl?sid=3586081&cid=43288893 [slashdot.org]

--

[to apk] The reason people impersonate you is because everyone thinks you're a moron. The hosts file is not intended to be used as you suggest. - http://slashdot.org/comments.pl?sid=3591803&cid=43302885 [slashdot.org]
-->What? You don't have a 14MB hosts file with ~1million entries in it? Next you'll probably tell me that your computer doesn't start thrashing and take 5 minutes for a DNS lookup! - http://slashdot.org/comments.pl?sid=3591803&cid=43302977 [slashdot.org]

--

[about apk] - this fwit is as thick as a post. worse, this shithead has mod points. and using them. - http://slashdot.org/comments.pl?sid=3591681&cid=43302873 [slashdot.org]

--

In before the fight between those two guys and their walls of text... - http://slashdot.org/comments.pl?sid=3592647&cid=43306485 [slashdot.org]

--

HEY APK YOU ARE A WASTE OF OXYGEN -GET A LIFE - http://slashdot.org/comments.pl?sid=3593009&cid=43308147 [slashdot.org]

--

KPA ...thgim dik a ekil .s.b laivirt hcus no emit hcum taht etsaw t'ndluow I sa ,ti gniod em TON si ti - syug ON - http://slashdot.org/comments.pl?sid=3592933&cid=43307605 [slashdot.org]

--

[to apk] You seriously need to go see a shrink. You are a fucking fruitcake! - http://slashdot.org/comments.pl?sid=3592933&cid=43307559 [slashdot.org]

--

[to apk] Did you ever consider that it's not just one corrupt moderator, it's a bunch of regular slashdot users who infrequently get mod points who think you are totally full of shit? Stop posting annoying off topic irrelevant bullshit, and people won't mod you down. I'm seriously sick of reading your posts about someone impersonating you. - http://slashdot.org/comments.pl?sid=3592933&cid=43308389 [slashdot.org]

--

[to apk] you should be forced to use a cholla cactus as a butt-plug - http://slashdot.org/comments.pl?sid=3592647&cid=43308219 [slashdot.org]

--

[to apk] No one is on your side, that is why you're here. posting. still. No one cares. - http://slashdot.org/comments.pl?sid=3595009&cid=43310903 [slashdot.org]

--

Who's the more moronic? The original moron, or the one who replies to him knowing full well his comment will certainly be ignored, if not entirely unread, thus bringing the insane troll post to the attention of those who would otherwise not have seen it at all (seeing as it started at 0 and would have rapidly been modded down to -1) and whose post (and, somewhat ironically I grant you, this one as well) now requires 3 more mod points to be spent to hide it? - http://slashdot.org/comments.pl?sid=3593207&cid=43311073 [slashdot.org]

--

[to apk] I miss trollaxor. His gay porn world of slashdot executives and open-source luminaries was infinitely more entertaining than this drivel. - http://slashdot.org/comments.pl?sid=3593207&cid=43311225 [slashdot.org]

--

PLEASE stop modding biters up. Anyone who responds to an abvious troll, especually one of these APK trolls, should autometically get the same -1 troll as the damned troll. Any response to a troll only makes the troll do more trolling. Come on, guys, use your brains -- it isn't that hard. Stop feeding the damned trolls! - (missing link)

--

[to apk] Lick the inside of goatse's anus, it's delicious! - http://slashdot.org/comments.pl?sid=3589605&cid=43301757 [slashdot.org]

--

Excellent post A++++++++++++ would scroll past again!!!! - http://slashdot.org/comments.pl?sid=3595009&cid=43312407 [slashdot.org]

--

[to apk] You are the one who is pitiful. If you didn't spam /. with your bullshit you wouldn't have spammer 'impostors' doing the same. Just fuck off and die already, ok? Please, really. Step in front of a bus. Drink some bleach. Whatever it takes, just FUCK OFF and DIE. - http://slashdot.org/comments.pl?sid=3595851&cid=43313459 [slashdot.org]

--

[to apk] From one AC to another please for the love of god, PRINT YOUR HOST FILE OUT AND CRAM IT DOWN YOUR JAPS EYE!!! For fucks sake we don't care we see this and it takes the piss, short of a full frontal lobotomy what will it take to stop you posting this you moronic fuckwit? - http://slashdot.org/comments.pl?sid=3596285&cid=43314755 [slashdot.org]

--

[to apk] And someone forgot to take his meds today...Are you really that dense that you cant tell that the only reason the "impostor" exists because you have a hard time realizing that you are wrong and/or wont let it go. It would take a complete moron to not realize that the whole reason he continues to do it is because he knows he can get you to respond by simply posting. This isnt rocket science, this is internet 101... Let me offer you some advice on how to get rid of this "impostor"...shutup - http://slashdot.org/comments.pl?sid=3595561&cid=43313235 [slashdot.org]

--

[to apk] If you had a 'luser' account it wouldn't be a problem. But you don't want one of those, because your long rambling and bizarrely formatted posts mean your karma gets nuked in next to no time. So I guess you just have to work out which is 'worth it'. Posting AC because I don't want to become your latest fixation. - http://slashdot.org/comments.pl?sid=3593207&cid=43314397 [slashdot.org]

--

I wouldn't be surprised if that is APK trying to draw attention to himself, since he thinks such endless tirades are examples of him winning and make him look good. When people stop paying attention to him, or post actual counterpoints he can't come up with a response to, he'll post strawman troll postings to shoot down, sometimes just copy pasted from previous stories. - http://slashdot.org/comments.pl?sid=3592647&cid=43308851 [slashdot.org]

--

[to apk] No one wants to read your copy pasted crap. Maybe someone is mocking you because you make it so easy to? So drop it, and participate like an adult please. - http://slashdot.org/comments.pl?sid=3596383&cid=43315069 [slashdot.org]

--

Seriously.... What. The. Fuck. Can you two homos just go make out on brokeback mountain already, and stop talking about how one of you misspelled "penetration", and how the other cockblocks with their hosts files while grabing the other's goat? Goodness, it sure feels like being in a mountain range, trying to peer around those fucking orbital tether lengthed posts of pure premium bullsit the two of you somehoq manage to keep pushing out on demand. Shit stinks! At this point, i'd be willing to risk the fucking extinction of all life on earth by redirecting siding spring C/2013 1A to miss Mars and land on both of your fucking heads instead. The deaths of billions would be a small price to pay to shut you two cackling lovebirds up! - http://slashdot.org/comments.pl?sid=3596513&cid=43315327 [slashdot.org]

--

[to apk] Listen up jackass, why the hell would somebody want to impersonate you? You're a certified internet kook. Nobody gives a hot about your 3 gig hosts file. And nobody is impersonating you. You're already a fucking parody. - http://slashdot.org/comments.pl?sid=3596557&cid=43315579 [slashdot.org]

--

[to apk] You have had it repeatedly explained to you that your posts are long-winded, unpleasant to read due to your absurd formatting style and full of technical inaccuracies borne of your single minded i-have-a-hammer-so-every-problem-is-a-nail attitude. Despite this advice you are convinced that your comments are valuable contributions, ignoring the obvious evidence to the contrary (namely the -1 scores your posts earn on a regular basis). - http://slashdot.org/comments.pl?sid=3406867&cid=42698875 [slashdot.org]

--

[about apk] Can this be killed off? I don't mean this account, I mean the actual meatbag behind it. - http://mobile.slashdot.org/comments.pl?sid=3598035&cid=43319201 [slashdot.org]

--

[to apk] Get an account retard. If you format your password as crazily as your posts no-one will ever crack it. - http://mobile.slashdot.org/comments.pl?sid=3598035&cid=43319999 [slashdot.org]

--

[to apk] You are the most consistently annoying creature on the internet. There are people worse than you, just like cancer is worse than psoriasis, but you're more like the latter: pervasive, annoying, and always cropping up when one has mostly forgotten about it. You are that indeterminate, continuous itching that slowly erodes someone's mood until they consider cutting off a part of themselves just to stop it for a while. And like psoriasis, you're auto-immune and not fully understood by science. Slashdot continuously makes it worse by scratching that itch over and over again. It's not smart. It just encourages the disease. But everybody's got a limit to their patience. There is no cure for you. But at least, when slashdot dies, you will die with it, and there will be peace. - http://slashdot.org/comments.pl?sid=3626185&cid=43394107 [slashdot.org]

--

Alexander Peter KowalskI and anyone arguing with him are insane. I saw their crazy tirades once and googled his name, and HOLY SHIT. This guy has mini battle raging all over many sites for some of the most inane shit you can think of. He meticulously catalogs the people who have crossed him and works to MAKE SURE everyone understands they are fools. Now, they well be fools, but by his meticulous and obsessive actions Kowalski (APK) has proved without a shadow of doubt his absolutE insanity. I haven't even argued with this guy so don't think I'm part of these internet crusades. All this I've found by googling his name. The trove of flaming and incomprehensible obsessive agression is humongous and both funny, and pathetic to varying intense degrees. Just google if you are curious about the kinds of crazy that are out there." - http://slashdot.org/comments.pl?sid=3667319&cid=43499927 [slashdot.org]

--

I'm convinced APK is serious, he has got battles raging everywhere, meticulously catalogued, yet he thinks this is proof of his knowledge and experience, not obsessive insanity. And making that point doesn't make him reconsider, it incites him. He also seems to think what looks like many multiples of people saying this are one or a few people who are out to get him. Just read my post and google Alexander Peter Kowalski. - http://slashdot.org/comments.pl?sid=3667319&cid=43499959 [slashdot.org]

--

Alexander Peter Kowalski ubuntu touched my junk liberally. he strapped me in to his HOSTS file and he couldnt keep his offensive hands off of me - http://slashdot.org/comments.pl?sid=3667507&cid=43499285 [slashdot.org]

--

[to apk] Hey man, I know this is important to you, but maybe you should talk to someone outside of the internet about it? I mean, you sound really batshit insane. - http://slashdot.org/comments.pl?sid=3667319&cid=43499419 [slashdot.org]

--

[to apk] You're an AC and you say you have impersonators? - http://slashdot.org/comments.pl?sid=3667275&cid=43502821 [slashdot.org]

--

ghod bless you APKtroll for bringing some much needed balance and reason to this thread! - http://slashdot.org/comments.pl?sid=3666269&cid=43492403 [slashdot.org]

--

[to apk] APK, you suck. Go die in a fire. The hosts file in Windows is a _terrible_ way to filter internet traffic. - http://slashdot.org/comments.pl?sid=3666873&cid=43497201 [slashdot.org]

--

I'm replying just so you'll add me to your quote list. - http://slashdot.org/comments.pl?sid=3669649&cid=43505105 [slashdot.org]

--

Best troll post, anywhere, ever. Well done. - http://slashdot.org/comments.pl?sid=3673585&cid=43517005 [slashdot.org]

--

[to apk] Just please stop the spamming. Get yourself a real life and a girl. That helps most against your troubles. Or at least a cat. - http://slashdot.org/comments.pl?sid=3671573&cid=43516813 [slashdot.org]

--

Alexander Peter Kowalksi's low intelligence, extreme narcissism, and histrionic personality make him unsuited for anything but menial labor. - http://slashdot.org/comments.pl?sid=3669841&cid=43505717 [slashdot.org]

--

Fact: it takes amost 2 hours for windows to load a 645,000 lines HOSTS file into the DNS cache. While loading, all DNS queries are blocked. That is neither fast nor efficient. - http://slashdot.org/comments.pl?sid=3673585&cid=43516711 [slashdot.org]

--

[to apk] it is very disconcerting to see the sort of writing style you introduce as it is a very harsh contrast to the "normal" -- which goes even for non-native English speakers. The amount of fervor you utilize to make this point comes off to me as insanity. You seem to imply there is an unexplained, even conspiratorial effort at Microsoft for sabotaging your preferred host file entry method. You also seem to think you have a reputation which is at stake, and I assure you, aside from your raving posts, I have never heard of you before. The time-cube APK imposter you mention appears to be (at least to me) an adequate parody of your abrasive writing and argument style. The fact that you seem to take such excessive offense to this parody further strengthens the lehman's perception of your insanity. - http://slashdot.org/comments.pl?sid=3673561&cid=43516775 [slashdot.org]

--

SOME QUOTES REMOVED FOR SPACE CONSTRAINTS - MIRRORED HERE:
http://pastebin.com/Cm0HHC66 [pastebin.com]

-o-o-o-o-o-o-o-

Did you see the movie "Pokemon"? Actually the induced night "dream world" is synonymous with the academic religious induced "HOSTS file" enslavement of DNS. Domains have no inherent value, as it was invented as a counterfeit and fictitious value to represent natural values in name resolution. Unfortunately, human values have declined to fictitious word values. Unknowingly, you are living in a "World Wide Web", as in a fictitious life in a counterfeit Internet - which you could consider APK induced "HOSTS file". Can you distinguish the academic induced root server from the natural OpenDNS? Beware of the change when your brain is free from HOSTS file enslavement - for you could find that the natural Slashdot has been destroyed!!

FROM -> Man - how many times have I dusted you in tech debates that you have decided to troll me by ac posts for MONTHS now, OR IMPERSONATING ME AS YOU DID HERE and you were caught in it by myself & others here, only to fail each time as you have here?)...

So long nummynuts, sorry to have to kick your nuts up into your head verbally speaking.

cower in my shadow some more, feeb. you're completely pathetic.

-o-o-o-o-o-o-o-

* :)

Ac trolls' "BIG FAIL" (quoted): Eat your words!

P.S.=> That's what makes me LAUGH harder than ANYTHING ELSE on this forums (full of "FUD" spreading trolls) - When you hit trolls with facts & truths they CANNOT disprove validly on computing tech based grounds, this is the result - Applying unjustifiable downmods to effetely & vainly *try* to "hide" my posts & facts/truths they extoll!

Hahaha... lol , man: Happens nearly every single time I post such lists (proving how ineffectual these trolls are), only showing how solid my posts of that nature are...

That's the kind of martial arts [google.com] I practice.

-o-o-o-o-o-o-o-

Disproof of all apk's statements:

OLD POST LINKS MIRRORED HERE (UPDATED 4/20, 223 POSTS):
http://pastebin.com/zZqNtDmR [pastebin.com]

RECENT POST LINKS:
http://slashdot.org/comments.pl?sid=3663317&cid=43487937 [slashdot.org]
http://slashdot.org/comments.pl?sid=3663521&cid=43487979 [slashdot.org]
http://slashdot.org/comments.pl?sid=3663317&cid=43487985 [slashdot.org]
http://slashdot.org/comments.pl?sid=3663727&cid=43487993 [slashdot.org]
http://slashdot.org/comments.pl?sid=3663845&cid=43488509 [slashdot.org]
http://slashdot.org/comments.pl?sid=3663921&cid=43490079 [slashdot.org]
http://slashdot.org/comments.pl?sid=3666269&cid=43494423 [slashdot.org]
http://slashdot.org/comments.pl?sid=3664097&cid=43495983 [slashdot.org]
http://slashdot.org/comments.pl?sid=3666699&cid=43496091 [slashdot.org]
http://slashdot.org/comments.pl?sid=3666873&cid=43496149 [slashdot.org]
http://slashdot.org/comments.pl?sid=3666977&cid=43496213 [slashdot.org]
http://slashdot.org/comments.pl?sid=3666987&cid=43496301 [slashdot.org]
http://slashdot.org/comments.pl?sid=0020721&cid=43496387 [slashdot.org]
http://slashdot.org/comments.pl?sid=3667105&cid=43496409 [slashdot.org]
http://slashdot.org/comments.pl?sid=3667121&cid=43497457 [slashdot.org]
http://slashdot.org/comments.pl?sid=3667275&cid=43498161 [slashdot.org]
http://slashdot.org/comments.pl?sid=3667319&cid=43504327 [slashdot.org]
http://slashdot.org/comments.pl?sid=3667481&cid=43504343 [slashdot.org]
http://slashdot.org/comments.pl?sid=3667507&cid=43504357 [slashdot.org]
http://slashdot.org/comments.pl?sid=3669649&cid=43504429 [slashdot.org]
http://slashdot.org/comments.pl?sid=3669721&cid=43505201 [slashdot.org]
http://slashdot.org/comments.pl?sid=3669789&cid=43505273 [slashdot.org]
http://slashdot.org/comments.pl?sid=3669787&cid=43505555 [slashdot.org]
http://slashdot.org/comments.pl?sid=3669841&cid=43505813 [slashdot.org]
http://slashdot.org/comments.pl?sid=3669915&cid=43506235 [slashdot.org]
http://slashdot.org/comments.pl?sid=3670019&cid=43507103 [slashdot.org]
http://slashdot.org/comments.pl?sid=3671573&cid=43512289 [slashdot.org]
http://slashdot.org/comments.pl?sid=3671613&cid=43512571 [slashdot.org]
http://slashdot.org/comments.pl?sid=3671623&cid=43515565 [slashdot.org]
http://slashdot.org/comments.pl?sid=3673511&cid=43515879 [slashdot.org]
http://slashdot.org/comments.pl?sid=3673539&cid=43516225 [slashdot.org]
http://slashdot.org/comments.pl?sid=3673561&cid=43516589 [slashdot.org]
http://slashdot.org/comments.pl?sid=3673585&cid=43517103 [slashdot.org]
http://slashdot.org/comments.pl?sid=3673971&cid=43518269 [slashdot.org]
http://slashdot.org/comments.pl?sid=3674239&cid=43518837 [slashdot.org]
http://slashdot.org/comments.pl?sid=3674375&cid=43519147 [slashdot.org]
http://slashdot.org/comments.pl?sid=3674549&cid=43519841 [slashdot.org]
http://slashdot.org/comments.pl?sid=3674579&cid=43520255 [slashdot.org]
http://slashdot.org/comments.pl?sid=3674733&cid=43520765 [slashdot.org]
http://slashdot.org/comments.pl?sid=3674863&cid=43521805 [slashdot.org]
http://slashdot.org/comments.pl?sid=3673723&cid=43548003 [slashdot.org]

LIST MAY BE INCOMPLETE
REPORT MISSING LINKS FOR REWARD (check pastebin archive first)

-o-o-o-o-o-o-o-

DID YOU FIND THIS MESSAGE HELPFUL?
TIP JAR: 1EtLgU5L3jhmVkDmqrWT9VhoZ1F2jSimHS [blockchain.info]
RECEIVED: 0.0195 BTC - thx! ;-)

Re:Slashdot engages in criminal fraud... apk (-1)

Anonymous Coward | about a year ago | (#43549389)

A corrupt slashdot luser has pentrated the moderation system to downmod all my posts while impersonating me.

Nearly 230++ times that I know of @ this point for all of March/April 2013 so far, & others here have told you to stop - take the hint, lunatic (leave slashdot)...

Sorry folks - but whoever the nutjob is that's attempting to impersonate me, & upset the rest of you as well, has SERIOUS mental issues, no questions asked! I must've gotten the better of him + seriously "gotten his goat" in doing so in a technical debate & his "geek angst" @ losing to me has him doing the:

---

A.) $10,000 challenges, ala (where the imposter actually TRACKED + LISTED the # of times he's done this no less, & where I get the 230 or so times I noted above) -> http://it.slashdot.org/comments.pl?sid=3585795&cid=43285307 [slashdot.org]

&/or

B.) Reposting OLD + possibly altered models - (this I haven't checked on as to altering the veracity of the info. being changed) of posts of mine from the past here

---

(Albeit massively repeatedly thru all threads on /. this March/April 2013 nearly in its entirety thusfar).

* Personally, I'm surprised the moderation staff here hasn't just "blocked out" his network range yet honestly!

(They know it's NOT the same as my own as well, especially after THIS post of mine, which they CAN see the IP range I am coming out of to compare with the ac spamming troll doing the above...).

APK

P.S.=> Again/Stressing it: NO guys - it is NOT me doing it, as I wouldn't waste that much time on such trivial b.s. like a kid might...

Plus, I only post where hosts file usage is on topic or appropriate for a solution & certainly NOT IN EVERY POST ON SLASHDOT (like the nutcase trying to "impersonate me" is doing for nearly all of March/April now, & 230++ times that I know of @ least)... apk

P.S.=> here is CORRECT host file information just to piss off the insane lunatic troll:

--

21++ ADVANTAGES OF CUSTOM HOSTS FILES (how/what/when/where/why):

Over AdBlock & DNS Servers ALONE 4 Security, Speed, Reliability, & Anonymity (to an extent vs. DNSBL's + DNS request logs).

1.) HOSTS files are useable for all these purposes because they are present on all Operating Systems that have a BSD based IP stack (even ANDROID) and do adblocking for ANY webbrowser, email program, etc. (any webbound program). A truly "multi-platform" UNIVERSAL solution for added speed, security, reliability, & even anonymity to an extent (vs. DNS request logs + DNSBL's you feel are unjust hosts get you past/around).

2.) Adblock blocks ads? Well, not anymore & certainly not as well by default, apparently, lol - see below:

Adblock Plus To Offer 'Acceptable Ads' Option

http://news.slashdot.org/story/11/12/12/2213233/adblock-plus-to-offer-acceptable-ads-option [slashdot.org] )

AND, in only browsers & their subprogram families (ala email like Thunderbird for FireFox/Mozilla products (use same gecko & xulrunner engines)), but not all, or, all independent email clients, like Outlook, Outlook Express, OR Window "LIVE" mail (for example(s)) - there's many more like EUDORA & others I've used over time that AdBlock just DOES NOT COVER... period.

Disclaimer: Opera now also has an AdBlock addon (now that Opera has addons above widgets), but I am not certain the same people make it as they do for FF or Chrome etc..

3.) Adblock doesn't protect email programs external to FF (non-mozilla/gecko engine based) family based wares, So AdBlock doesn't protect email programs like Outlook, Outlook Express, Windows "LIVE" mail & others like them (EUDORA etc./et al), Hosts files do. THIS IS GOOD VS. SPAM MAIL or MAILS THAT BEAR MALICIOUS SCRIPT, or, THAT POINT TO MALICIOUS SCRIPT VIA URLS etc.

4.) Adblock won't get you to your favorite sites if a DNS server goes down or is DNS-poisoned, hosts will (this leads to points 5-7 next below).

5.) Adblock doesn't allow you to hardcode in your favorite websites into it so you don't make DNS server calls and so you can avoid tracking by DNS request logs, OR make you reach them faster since you resolve host-domain names LOCALLY w/ hosts out of cached memory, hosts do ALL of those things (DNS servers are also being abused by the Chinese lately and by the Kaminsky flaw -> http://www.networkworld.com/news/2008/082908-kaminsky-flaw-prompts-dns-server.html [networkworld.com] for years now). Hosts protect against those problems via hardcodes of your fav sites (you should verify against the TLD that does nothing but cache IPAddress-to-domainname/hostname resolutions (in-addr.arpa) via NSLOOKUP, PINGS (ping -a in Windows), &/or WHOIS though, regularly, so you have the correct IP & it's current)).

* NOW - Some folks MAY think that putting an IP address alone into your browser's address bar will be enough, so why bother with HOSTS, right? WRONG - Putting IP address in your browser won't always work IS WHY. Some IP adresses host several domains & need the site name to give you the right page you're after is why. So for some sites only the HOSTS file option will work!

6.) Hosts files don't eat up CPU cycles (or ELECTRICITY) like AdBlock does while it parses a webpages' content, nor as much as a DNS server does while it runs. HOSTS file are merely a FILTER for the kernel mode/PnP TCP/IP subsystem, which runs FAR FASTER & MORE EFFICIENTLY than any ring 3/rpl3/usermode app can since hosts files run in MORE EFFICIENT & FASTER Ring 0/RPL 0/Kernelmode operations acting merely as a filter for the IP stack (via the "Plug-N-Play" designed IP stack in Windows) vs. SLOWER & LESS EFFICIENT Ring 3/RPL 3/Usermode operations (which webbrowsers run in + their addons like AdBlock slow down even MORESO due to their parsing operations).

7.) HOSTS files will allow you to get to sites you like, via hardcoding your favs into a HOSTS file, FAR faster than remote DNS servers can by FAR (by saving the roundtrip inquiry time to a DNS server, typically 30-100's of ms, vs. 7-10ms HardDisk speed of access/seek + SSD seek in ns, & back to you - hosts resolutions of IP address for host-domain names is FAR faster...). Hosts are only a filter for an already fast & efficient IP stack, no more layered b.s. (remote OR local). Hosts eat less CPU, RAM, I/O in other forms, + electricity than a locally running DNS server easily, and less than a local DNS program on a single PC. Fact. Hosts are easier to setup & maintain too.

8.) AdBlock doesn't let you block out known bad sites or servers that are known to be maliciously scripted, hosts can and many reputable lists for this exist:

GOOD INFORMATION ON MALWARE BEHAVIOR LISTING BOTNET C&C SERVERS + MORE (AS WELL AS REMOVAL LISTS FOR HOSTS):

http://www.mvps.org/winhelp2002/hosts.htm [mvps.org]

  http://someonewhocares.org/hosts/ [someonewhocares.org]

  http://hostsfile.org/hosts.html [hostsfile.org]

  http://hostsfile.mine.nu/downloads/ [hostsfile.mine.nu]

  http://hosts-file.net/?s=Download [hosts-file.net]

  https://zeustracker.abuse.ch/monitor.php?filter=online [abuse.ch]

  https://spyeyetracker.abuse.ch/monitor.php [abuse.ch]

  http://ddanchev.blogspot.com/ [blogspot.com]

  http://www.malware.com.br/lists.shtml [malware.com.br]

  http://www.stopbadware.org/ [stopbadware.org]
Spybot "Search & Destroy" IMMUNIZE feature (fortifies HOSTS files with KNOWN bad servers blocked)

And yes: Even SLASHDOT &/or The Register help!

(Via articles on security (when the source articles they use are "detailed" that is, & list the servers/sites involved in attempting to bushwhack others online that is... not ALL do!)).

2 examples thereof in the past I have used, & noted it there, are/were:

http://it.slashdot.org/comments.pl?sid=1898692&cid=34473398 [slashdot.org]

  http://it.slashdot.org/comments.pl?sid=1896216&cid=34458500 [slashdot.org]

9.) AdBlock & DNS servers are programs, and subject to bugs programs can get. Hosts files are merely a filter and not a program, thus not subject to bugs of the nature just discussed.

10.) HOSTS files protect you vs. DNS-poisoning &/or the Kaminsky flaw in DNS servers, and allow you to get to sites reliably vs. things like the Chinese are doing to DNS -> http://yro.slashdot.org/story/10/11/29/1755230/Chinese-DNS-Tampering-a-Real-Threat-To-Outsiders [slashdot.org]

11.) HOSTS files are EASILY user controlled, obtained (for reliable ones -> http://www.mvps.org/winhelp2002/hosts.htm [mvps.org] ) & edited too, via texteditors like Windows notepad.exe or Linux nano (etc.)

12.) With Adblock you had better be able to code javascript to play with its code (to customize it better than the GUI front does @ least). With hosts you don't even need source to control it (edit, update, delete, insert of new entries via a text editor).

13.) Hosts files are easily secured via using MAC/ACL (even moreso "automagically" for Vista, 7/Server 2008 + beyond by UAC by default) &/or Read-Only attributes applied.

14.) Custom HOSTS files also speed you up, unlike anonymous proxy servers systems variations (like TOR, or other "highly anonymous" proxy server list servers typically do, in the severe speed hit they often have a cost in) either via "hardcoding" your fav. sites into your hosts file (avoids DNS servers, totally) OR blocking out adbanners - see this below for evidence of that:

---

US Military Blocks Websites To Free Up Bandwidth:

http://yro.slashdot.org/story/11/03/16/0416238/US-Military-Blocks-Websites-To-Free-Up-Bandwidth [slashdot.org]

(Yes, even the US Military used this type of technique... because IT WORKS! Most of what they blocked? Ad banners ala doubleclick etc.)

---

Adbanners slow you down & consume your bandwidth YOU pay for:

ADBANNERS SLOW DOWN THE WEB: -> http://tech.slashdot.org/article.pl?sid=09/11/30/166218 [slashdot.org]

---

And people do NOT LIKE ads on the web:

PEOPLE DISLIKE ADBANNERS: http://yro.slashdot.org/yro/08/04/02/0058247.shtml [slashdot.org]

---

As well as this:

Users Know Advertisers Watch Them, and Hate It:

http://yro.slashdot.org/yro/08/04/02/0058247.shtml [slashdot.org]

---

Even WORSE still, is this:

Advertising Network Caught History Stealing:

http://yro.slashdot.org/story/11/07/22/156225/Advertising-Network-Caught-History-Stealing [slashdot.org]

---

15.) HOSTS files usage lets you avoid being charged on some ISP/BSP's (OR phone providers) "pay as you use" policy http://yro.slashdot.org/story/10/12/08/2012243/FCC-Approving-Pay-As-You-Go-Internet-Plans [slashdot.org] , because you are using less bandwidth (& go faster doing so no less) by NOT hauling in adbanner content and processing it (which can lead to infestation by malware/malicious script, in & of itself -> http://apcmag.com/microsoft_apologises_for_serving_malware.htm [apcmag.com] ).

16.) If/when ISP/BSP's decide to go to -> FCC Approving Pay-As-You-Go Internet Plans: http://yro.slashdot.org/story/10/12/08/2012243/FCC-Approving-Pay-As-You-Go-Internet-Plans [slashdot.org] your internet bill will go DOWN if you use a HOSTS file for blocking adbanners as well as maliciously scripted hacker/cracker malware maker sites too (after all - it's your money & time online downloading adbanner content & processing it)

Plus, your adbanner content? Well, it may also be hijacked with malicious code too mind you:

---

Yahoo, Microsoft's Bing display toxic ads:

http://www.theregister.co.uk/2011/09/16/bing_yahoo_malware_ads/ [theregister.co.uk]

---

Malware torrent delivered over Google, Yahoo! ad services:

http://www.theregister.co.uk/2009/09/24/malware_ads_google_yahoo/ [theregister.co.uk]

---

Google's DoubleClick spreads malicious ads (again):

http://www.theregister.co.uk/2009/02/24/doubleclick_distributes_malware/ [theregister.co.uk]

---

Rogue ads infiltrate Expedia and Rhapsody:

http://www.theregister.co.uk/2008/01/30/excite_and_rhapsody_rogue_ads/ [theregister.co.uk]

---

Google sponsored links caught punting malware:

http://www.theregister.co.uk/2008/12/16/google_sponsored_links/ [theregister.co.uk]

---

DoubleClick caught supplying malware-tainted ads:

http://www.theregister.co.uk/2007/11/13/doubleclick_distributes_malware/ [theregister.co.uk]

---

Yahoo feeds Trojan-laced ads to MySpace and PhotoBucket users:

http://www.theregister.co.uk/2007/09/11/yahoo_serves_12million_malware_ads/ [theregister.co.uk]

---

Real Media attacks real people via RealPlayer:

http://www.theregister.co.uk/2007/10/23/real_media_serves_malware/ [theregister.co.uk]

---

Ad networks owned by Google, Microsoft serve malware:

http://www.theregister.co.uk/2010/12/13/doubleclick_msn_malware_attacks/ [theregister.co.uk]

---

Attacks Targeting Classified Ad Sites Surge:

http://it.slashdot.org/story/11/02/02/1433210/Attacks-Targeting-Classified-Ad-Sites-Surge [slashdot.org]

---

Hackers Respond To Help Wanted Ads With Malware:

http://it.slashdot.org/story/11/01/20/0228258/Hackers-Respond-To-Help-Wanted-Ads-With-Malware [slashdot.org]

---

Hackers Use Banner Ads on Major Sites to Hijack Your PC:

http://www.wired.com/techbiz/media/news/2007/11/doubleclick [wired.com]

---

Ruskie gang hijacks Microsoft network to push penis pills:

http://www.theregister.co.uk/2010/10/12/microsoft_ips_hijacked/ [theregister.co.uk]

---

Major ISPs Injecting Ads, Vulnerabilities Into Web:

http://it.slashdot.org/it/08/04/19/2148215.shtml [slashdot.org]

---

Two Major Ad Networks Found Serving Malware:

http://tech.slashdot.org/story/10/12/13/0128249/Two-Major-Ad-Networks-Found-Serving-Malware [slashdot.org]

---

THE NEXT AD YOU CLICK MAY BE A VIRUS:

http://it.slashdot.org/story/09/06/15/2056219/The-Next-Ad-You-Click-May-Be-a-Virus [slashdot.org]

---

NY TIMES INFECTED WITH MALWARE ADBANNER:

http://news.slashdot.org/article.pl?sid=09/09/13/2346229 [slashdot.org]

---

MICROSOFT HIT BY MALWARES IN ADBANNERS:

http://apcmag.com/microsoft_apologises_for_serving_malware.htm [apcmag.com]

---

ISP's INJECTING ADS AND ERRORS INTO THE WEB: -> http://it.slashdot.org/it/08/04/19/2148215.shtml [slashdot.org]

---

ADOBE FLASH ADS INJECTING MALWARE INTO THE NET: http://it.slashdot.org/article.pl?sid=08/08/20/0029220&from=rss [slashdot.org]

---

London Stock Exchange Web Site Serving Malware:

http://www.securityweek.com/london-stock-exchange-web-site-serving-malware [securityweek.com]

---

Spotify splattered with malware-tainted ads:

http://www.theregister.co.uk/2011/03/25/spotify_malvertisement_attack/ [theregister.co.uk]

---

As my list "multiple evidences thereof" as to adbanners & viruses + the fact they slow you down & cost you more (from reputable & reliable sources no less)).

17.) Per point #16, a way to save some money: ANDROID phones can also use the HOSTS FILE TO KEEP DOWN BILLABLE TIME ONLINE, vs. adbanners or malware such as this:

---

Infected Androids Run Up Big Texting Bills:

http://it.slashdot.org/story/11/03/01/0041203/Infected-Androids-Run-Up-Big-Texting-Bills [slashdot.org]

---

AND, for protection vs. other "botnets" migrating from the PC world, to "smartphones" such as ZITMO (a ZEUS botnet variant):

http://www.google.com/search?hl=en&source=hp&q=ZITMO&btnG=Google+Search [google.com]

---

It's easily done too, via the ADB dev. tool, & mounting ANDROID OS' system mountpoint for system/etc as READ + WRITE/ADMIN-ROOT PERMISSIONS, then copying your new custom HOSTS over the old one using ADB PULL/ADB PUSH to do so (otherwise ANDROID complains of "this file cannot be overwritten on production models of this Operating System", or something very along those lines - this way gets you around that annoyance along with you possibly having to clear some space there yourself if you packed it with things!).

18.) Bad news: ADBLOCK CAN BE DETECTED FOR: See here on that note -> http://arstechnica.com/business/news/2010/03/why-ad-blocking-is-devastating-to-the-sites-you-love.ars [arstechnica.com]

HOSTS files are NOT THAT EASILY "webbug" BLOCKABLE by websites, as was tried on users by ARSTECHNICA (and it worked on AdBlock in that manner), to that websites' users' dismay:

PERTINENT QUOTE/EXCERPT FROM ARSTECHNICA THEMSELVES:

----

An experiment gone wrong - By Ken Fisher | Last updated March 6, 2010 11:11 AM

http://arstechnica.com/business/news/2010/03/why-ad-blocking-is-devastating-to-the-sites-you-love.ars [arstechnica.com]

"Starting late Friday afternoon we conducted a 12 hour experiment to see if it would be possible to simply make content disappear for visitors who were using a very popular ad blocking tool. Technologically, it was a success in that it worked. Ad blockers, and only ad blockers, couldn't see our content."

and

"Our experiment is over, and we're glad we did it because it led to us learning that we needed to communicate our point of view every once in a while. Sure, some people told us we deserved to die in a fire. But that's the Internet!"

Thus, as you can see? Well - THAT all "went over like a lead balloon" with their users in other words, because Arstechnica was forced to change it back to the old way where ADBLOCK still could work to do its job (REDDIT however, has not, for example). However/Again - this is proof that HOSTS files can still do the job, blocking potentially malscripted ads (or ads in general because they slow you down) vs. adblockers like ADBLOCK!

----

19.) Even WIKILEAKS "favors" blacklists (because they work, and HOSTS can be a blacklist vs. known BAD sites/servers/domain-host names):

---

PERTINENT QUOTE/EXCERPT (from -> http://www.theregister.co.uk/2010/12/16/wikileaks_mirror_malware_warning_row/ [theregister.co.uk] )

"we are in favour of 'Blacklists', be it for mail servers or websites, they have to be compiled with care... Fortunately, more responsible blacklists, like stopbadware.org (which protects the Firefox browser)...

---

20.) AND, LASTLY? SINCE MALWARE GENERALLY HAS TO OPERATE ON WHAT YOU YOURSELF CAN DO (running as limited class/least privlege user, hopefully, OR even as ADMIN/ROOT/SUPERUSER)? HOSTS "LOCK IN" malware too, vs. communicating "back to mama" for orders (provided they have name servers + C&C botnet servers listed in them, blocked off in your HOSTS that is) - you might think they use a hardcoded IP, which IS possible, but generally they do not & RECYCLE domain/host names they own (such as has been seen with the RBN (Russian Business Network) lately though it was considered "dead", other malwares are using its domains/hostnames now, & this? This stops that cold, too - Bonus!)...

21.) Custom HOSTS files gain users back more "screen real estate" by blocking out banner ads... it's great on PC's for speed along with MORE of what I want to see/read (not ads), & efficiency too, but EVEN BETTER ON SMARTPHONES - by far. It matters MOST there imo @ least, in regards to extra screen real-estate.

Still - It's a GOOD idea to layer in the usage of BOTH browser addons for security like adblock ( http://adblockplus.org/en/ [adblockplus.org] ), IE 9's new TPL's ( http://ie.microsoft.com/testdrive/Browser/TrackingProtectionLists/ [microsoft.com] ), &/or NoScript ( http://noscript.net/ [noscript.net] especially this one, as it covers what HOSTS files can't in javascript which is the main deliverer of MOST attacks online & SECUNIA.COM can verify this for anyone really by looking @ the past few years of attacks nowadays), for the concept of "layered security"....

It's just that HOSTS files offer you a LOT MORE gains than Adblock ( http://adblockplus.org/en/ [adblockplus.org] ) does alone (as hosts do things adblock just plain cannot & on more programs, for more speed, security, and "stealth" to a degree even), and it corrects problems in DNS (as shown above via hardcodes of your favorite sites into your HOSTS file, and more (such as avoiding DNS request logs)).

ALSO - Some more notes on DNS servers & their problems, very recent + ongoing ones:

---

DNS flaw reanimates slain evil sites as ghost domains:

http://www.theregister.co.uk/2012/02/16/ghost_domains_dns_vuln/ [theregister.co.uk]

---

BIND vs. what the Chinese are doing to DNS lately? See here:

http://yro.slashdot.org/story/10/11/29/1755230/Chinese-DNS-Tampering-a-Real-Threat-To-Outsiders [slashdot.org]

---

SECUNIA HIT BY DNS REDIRECTION HACK THIS WEEK:

http://www.theregister.co.uk/2010/11/26/secunia_back_from_dns_hack/ [theregister.co.uk]

(Yes, even "security pros" are helpless vs. DNS problems in code bugs OR redirect DNS poisoning issues, & they can only try to "set the DNS record straight" & then, they still have to wait for corrected DNS info. to propogate across all subordinate DNS servers too - lagtime in which folks DO get "abused" in mind you!)

---

DNS vs. the "Kaminsky DNS flaw", here (and even MORE problems in DNS than just that):

http://www.scmagazineus.com/new-bind-9-dns-flaw-is-worse-than-kaminskys/article/140872/ [scmagazineus.com]

(Seems others are saying that some NEW "Bind9 flaw" is worse than the Kaminsky flaw ALONE, up there, mind you... probably corrected (hopefully), but it shows yet again, DNS hassles (DNS redirect/DNS poisoning) being exploited!)

---

Moxie Marlinspike's found others (0 hack) as well...

Nope... "layered security" truly IS the "way to go" - hacker/cracker types know it, & they do NOT want the rest of us knowing it too!...

(So until DNSSEC takes "widespread adoption"? HOSTS are your answer vs. such types of attack, because the 1st thing your system refers to, by default, IS your HOSTS file (over say, DNS server usage). There are decent DNS servers though, such as OpenDNS, ScrubIT, or even NORTON DNS (more on each specifically below), & because I cannot "cache the entire internet" in a HOSTS file? I opt to use those, because I have to (& OpenDNS has been noted to "fix immediately", per the Kaminsky flaw, in fact... just as a sort of reference to how WELL they are maintained really!)

---

DNS Hijacks Now Being Used to Serve Black Hole Exploit Kit:

https://threatpost.com/en_us/blogs/dns-hijacks-now-being-used-serve-black-hole-exploit-kit-121211 [threatpost.com]

---

DNS experts admit some of the underlying foundations of the DNS protocol are inherently weak:

http://it.slashdot.org/story/11/12/08/1353203/opendns-releases-dns-encryption-tool [slashdot.org]

---

Potential 0-Day Vulnerability For BIND 9:

http://it.slashdot.org/story/11/11/17/1429259/potential-0-day-vulnerability-for-bind-9 [slashdot.org]

---

Five DNS Threats You Should Protect Against:

http://www.securityweek.com/five-dns-threats-you-should-protect-against [securityweek.com]

---

DNS provider decked by DDoS dastards:

http://www.theregister.co.uk/2010/11/16/ddos_on_dns_firm/ [theregister.co.uk]

---

Ten Percent of DNS Servers Still Vulnerable: (so much for "conscientious patching", eh? Many DNS providers weren't patching when they had to!)

http://it.slashdot.org/it/05/08/04/1525235.shtml?tid=172&tid=95&tid=218 [slashdot.org]

---

DNS ROOT SERVERS ATTACKED:

http://it.slashdot.org/it/07/02/06/2238225.shtml [slashdot.org]

---

TimeWarner DNS Hijacking:

http://tech.slashdot.org/article.pl?sid=07/07/23/2140208 [slashdot.org]

---

DNS Re-Binding Attacks:

http://crypto.stanford.edu/dns/ [stanford.edu]

---

DNS Server Survey Reveals Mixed Security Picture:

http://it.slashdot.org/it/07/11/21/0315239.shtml [slashdot.org]

---

Halvar figured out super-secret DNS vulnerability:

http://www.zdnet.com/blog/security/has-halvar-figured-out-super-secret-dns-vulnerability/1520 [zdnet.com]

---

BIND Still Susceptible To DNS Cache Poisoning:

http://tech.slashdot.org/tech/08/08/09/123222.shtml [slashdot.org]

---

DNS Poisoning Hits One of China's Biggest ISPs:

http://it.slashdot.org/it/08/08/21/2343250.shtml [slashdot.org]

---

DDoS Attacks Via DNS Recursion:

http://it.slashdot.org/it/06/03/16/1658209.shtml [slashdot.org]

---

High Severity BIND DNS Vulnerability Advisory Issued:

http://tech.slashdot.org/story/11/02/23/156212/High-Severity-BIND-Vulnerability-Advisory-Issued [slashdot.org]

---

Photobucketâ(TM)s DNS records hijacked:

http://blogs.zdnet.com/security/?p=1285 [zdnet.com]

---

Protecting Browsers from DNS Rebinding Attacks:

http://crypto.stanford.edu/dns/ [stanford.edu]

---

DNS Problem Linked To DDoS Attacks Gets Worse:

http://tech.slashdot.org/story/09/11/15/1238210/DNS-Problem-Linked-To-DDoS-Attacks-Gets-Worse [slashdot.org]

---

HOWEVER - Some DNS servers are "really good stuff" vs. phishing, known bad sites/servers/hosts-domains that serve up malware-in-general & malicious scripting, botnet C&C servers, & more, such as:

Norton DNS -> http://nortondns.com/ [nortondns.com]

  ScrubIT DNS -> http://www.scrubit.com/ [scrubit.com]

  OpenDNS -> http://www.opendns.com/ [opendns.com]

(Norton DNS in particular, is exclusively for blocking out malware, for those of you that are security-conscious. ScrubIT filters pr0n material too, but does the same, & OpenDNS does phishing protection. Each page lists how & why they work, & why they do so. Norton DNS can even show you its exceptions lists, plus user reviews & removal procedures requests, AND growth stats (every 1/2 hour or so) here -> http://safeweb.norton.com/buzz [norton.com] so, that ought to "take care of the naysayers" on removal requests, &/or methods used plus updates frequency etc./et al...)

HOWEVER - There's ONLY 1 WEAKNESS TO ANY network defense, including HOSTS files (vs. host-domain name based threats) & firewalls (hardware router type OR software type, vs. IP address based threats): Human beings, & they not being 'disciplined' about the indiscriminate usage of javascript (the main "harbinger of doom" out there today online), OR, what they download for example... & there is NOTHING I can do about that! (Per Dr. Manhattan of "The Watchmen", ala -> "I can change almost anything, but I can't change human nature")

HOWEVER AGAIN - That's where NORTON DNS, OpenDNS, &/or ScrubIT DNS help!

(Especially for noob/grandma level users who are unaware of how to secure themselves in fact, per a guide like mine noted above that uses "layered-security" principles!)

ScrubIT DNS, &/or OpenDNS are others alongside Norton DNS (adding on phishing protection too) as well!

( & it's possible to use ALL THREE in your hardware NAT routers, and, in your Local Area Connection DNS properties in Windows, for again, "Layered Security" too)...

---

20++ SLASHDOT USERS EXPERIENCING SUCCESS USING HOSTS FILES QUOTED VERBATIM:

---

"Ever since I've installed a host file (http://www.mvps.org/winhelp2002/hosts.htm) to redirect advertisers to my loopback, I haven't had any malware, spyware, or adware issues. I first started using the host file 5 years ago." - by TestedDoughnut (1324447) on Monday December 13, @12:18AM (#34532122)

"I use a custom /etc/hosts to block ads... my file gets parsed basically instantly ... So basically, for any modern computer, it has zero visible impact. And even if it took, say, a second to parse, that would be more than offset by the MANY seconds saved by not downloading and rendering ads. I have noticed NO ill effects from running a custom /etc/hosts file for the last several years. And as a matter of fact I DO run http servers on my computers and I've never had an /etc/hosts-related problem... it FUCKING WORKS and makes my life better overall." - by sootman (158191) on Monday July 13 2009, @11:47AM (#28677363) Homepage Journal

"I actually went and downloaded a 16k line hosts file and started using that after seeing that post, you know just for trying it out. some sites load up faster." - by gl4ss (559668) on Thursday November 17, @11:20AM (#38086752) Homepage Journal

"Better than an ad blocker, imo. Hosts file entries: http://www.mvps.org/winhelp2002/hosts.htm [mvps.org] " - by TempestRose (1187397) on Tuesday March 15, @12:53PM (#35493274)

"^^ One of the many reasons why I like the user-friendliness of the /etc/hosts file." - by lennier1 (264730) on Saturday March 05, @09:26PM (#35393448)

"They've been on my HOSTS block for years" - by ScottCooperDotNet (929575) on Thursday August 05 2010, @01:52AM (#33147212)

"I'm currently only using my hosts file to block pheedo ads from showing up in my RSS feeds and causing them to take forever to load. Regardless of its original intent, it's still a valid tool, when used judiciously." - by Bill Dog (726542) on Monday April 25, @02:16AM (#35927050) Homepage Journal

"you're right about hosts files" - by drinkypoo (153816) on Thursday May 26, @01:21PM (#36252958) Homepage

"APK's monolithic hosts file is looking pretty good at the moment." - by Culture20 (968837) on Thursday November 17, @10:08AM (#38085666)

"I also use the MVPS ad blocking hosts file." - by Rick17JJ (744063) on Wednesday January 19, @03:04PM (#34931482)

"I use ad-Block and a hostfile" - by Ol Olsoc (1175323) on Tuesday March 01, @10:11AM (#35346902)

"I do use Hosts, for a couple fake domains I use." - by icebraining (1313345) on Saturday December 11, @09:34AM (#34523012) Homepage

"It's a good write up on something everybody should use, why you were modded down is beyond me. Using a HOSTS file, ADblock is of no concern and they can do what they want." - by Trax3001BBS (2368736) on Monday December 12, @10:07PM (#38351398) Homepage Journal

"I want my surfing speed back so I block EVERY fucking ad. i.e. http://someonewhocares.org/hosts/ [someonewhocares.org] and http://winhelp2002.mvps.org/hosts.htm [mvps.org] FTW" - by UnknownSoldier (67820) on Tuesday December 13, @12:04PM (#38356782)

"Let me introduce you to the file: /etc/hosts" - by fahrbot-bot (874524) on Monday December 19, @05:03PM (#38427432)

"I use a hosts file" - by EdIII (1114411) on Tuesday December 13, @01:17PM (#38357816)

"I'm tempted to go for a hacked hosts file that simply resolves most advert sites to 127.0.0.1" - by bLanark (123342) on Tuesday December 13, @01:13PM (#38357760)

"this is not a troll, which hosts file source you recommend nowadays? it's a really handy method for speeding up web and it works." - by gl4ss (559668) on Thursday March 22, @08:07PM (#39446525) Homepage Journal

"A hosts file certainly does not require "a lot of work" to maintain, and it quite effectively kills a LOT of advertising and tracking schemes. . In fact, I never would have considered trying to use it for ddefending against viruses or malware." - by RocketRabbit (830691) on Thursday December 30 2010, @05:48PM (#34715060)

---

Then, there is also the words of respected security expert, Mr. Oliver Day, from SECURITYFOCUS.COM to "top that all off" as well:

A RETURN TO THE KILLFILE:

http://www.securityfocus.com/columnists/491 [securityfocus.com]

Some "PERTINENT QUOTES/EXCERPTS" to back up my points with (for starters):

---

"The host file on my day-to-day laptop is now over 16,000 lines long. Accessing the Internet -- particularly browsing the Web -- is actually faster now."

Speed, and security, is the gain... others like Mr. Day note it as well!

---

"From what I have seen in my research, major efforts to share lists of unwanted hosts began gaining serious momentum earlier this decade. The most popular appear to have started as a means to block advertising and as a way to avoid being tracked by sites that use cookies to gather data on the user across Web properties. More recently, projects like Spybot Search and Destroy offer lists of known malicious servers to add a layer of defense against trojans and other forms of malware."

Per my points exactly, no less... & guess who was posting about HOSTS files a 14++ yrs. or more back & Mr. Day was reading & now using? Yours truly (& this is one of the later ones, from 2001 http://www.furtherleft.net/computer.htm [furtherleft.net] (but the example HOSTS file with my initials in it is FAR older, circa 1998 or so) or thereabouts, and referred to later by a pal of mine who moderates NTCompatible.com (where I posted on HOSTS for YEARS (1997 onwards)) -> http://www.ntcompatible.com/thread28597-1.html [ntcompatible.com] !

---

"Shared host files could be beneficial for other groups as well. Human rights groups have sought after block resistant technologies for quite some time. The GoDaddy debacle with NMap creator Fyodor (corrected) showed a particularly vicious blocking mechanism using DNS registrars. Once a registrar pulls a website from its records, the world ceases to have an effective way to find it. Shared host files could provide a DNS-proof method of reaching sites, not to mention removing an additional vector of detection if anyone were trying to monitor the use of subversive sites. One of the known weaknesses of the Tor system, for example, is direct DNS requests by applications not configured to route such requests through Tor's network."

There you go: AND, it also works vs. the "KAMINSKY DNS FLAW" & DNS poisoning/redirect attacks, for redirectable weaknesses in DNS servers (non DNSSEC type, & set into recursive mode especially) and also in the TOR system as well (that lends itself to anonymous proxy usage weaknesses I noted above also) and, you'll get to sites you want to, even IF a DNS registrar drops said websites from its tables as shown here Beating Censorship By Routing Around DNS -> http://yro.slashdot.org/story/10/12/09/1840246/Beating-Censorship-By-Routing-Around-DNS [slashdot.org] & even DNSBL also (DNS Block Lists) -> http://en.wikipedia.org/wiki/DNSBL [wikipedia.org] as well - DOUBLE-BONUS!

---

* POSTS ABOUT HOSTS FILES I DID on "/." THAT HAVE DONE WELL BY OTHERS & WERE RATED HIGHLY, 26++ THUSFAR (from +3 -> +1 RATINGS, usually "informative" or "interesting" etc./et al):

BANNER ADS & BANDWIDTH:2011 -> http://hardware.slashdot.org/comments.pl?sid=2139088&cid=36077722 [slashdot.org]

  HOSTS MOD UP:2010 -> http://yro.slashdot.org/comments.pl?sid=1907266&cid=34529608 [slashdot.org]

  HOSTS MOD UP:2009 -> http://tech.slashdot.org/comments.pl?sid=1490078&cid=30555632 [slashdot.org]

  HOSTS MOD UP:2010 -> http://it.slashdot.org/comments.pl?sid=1869638&cid=34237268 [slashdot.org]

  HOSTS MOD UP:2009 -> http://tech.slashdot.org/comments.pl?sid=1461288&threshold=-1&commentsort=0&mode=thread&cid=30272074 [slashdot.org]

  HOSTS MOD UP:2009 -> http://tech.slashdot.org/comments.pl?sid=1255487&cid=28197285 [slashdot.org]

  HOSTS MOD UP:2009 -> http://tech.slashdot.org/comments.pl?sid=1206409&cid=27661983 [slashdot.org]

  HOSTS MOD UP:2010 -> http://apple.slashdot.org/comments.pl?sid=1725068&cid=32960808 [slashdot.org]

  HOSTS MOD UP:2010 -> http://it.slashdot.org/comments.pl?sid=1743902&cid=33147274 [slashdot.org]

  APK 20++ POINTS ON HOSTS MOD UP:2010 -> http://news.slashdot.org/comments.pl?sid=1913212&cid=34576182 [slashdot.org]

  HOSTS MOD UP:2010 -> http://it.slashdot.org/comments.pl?sid=1862260&cid=34186256 [slashdot.org]

  HOSTS MOD UP:2010 (w/ facebook known bad sites blocked) -> http://tech.slashdot.org/comments.pl?sid=1924892&cid=34670128 [slashdot.org]

  HOSTS FILE MOD UP FOR ANDROID MALWARE:2010 -> http://mobile.slashdot.org/comments.pl?sid=1930156&cid=34713952 [slashdot.org]

  HOSTS MOD UP ZEUSTRACKER:2011 -> http://it.slashdot.org/comments.pl?sid=2059420&cid=35654066 [slashdot.org]

  HOSTS MOD UP vs AT&T BANDWIDTH CAP:2011 -> http://tech.slashdot.org/comments.pl?sid=2116504&cid=35985584 [slashdot.org]

  HOSTS MOD UP CAN DO SAME AS THE "CloudFlare" Server-Side service:2011 -> http://it.slashdot.org/comments.pl?sid=2220314&cid=36372850 [slashdot.org]

  HOSTS and BGP +5 RATED (BEING HONEST):2010 http://tech.slashdot.org/comments.pl?sid=1901826&cid=34490450 [slashdot.org]

  HOSTS & PROTECT IP ACT:2011 http://yro.slashdot.org/comments.pl?sid=2368832&cid=37021700 [slashdot.org]

  HOSTS MOD UP:2011 -> http://yro.slashdot.org/comments.pl?sid=2457766&cid=37592458 [slashdot.org]

  HOSTS MOD UP & OPERA HAUTE SECURE:2011 -> http://yro.slashdot.org/comments.pl?sid=2457274&cid=37589596 [slashdot.org]

  0.0.0.0 in HOSTS:2009 -> http://tech.slashdot.org/comments.pl?sid=1197039&cid=27556999 [slashdot.org]

  0.0.0.0 IN HOSTS:2009 -> http://tech.slashdot.org/comments.pl?sid=1143349&cid=27012231 [slashdot.org]

  0.0.0.0 in HOSTS:2009 -> http://it.slashdot.org/comments.pl?sid=1198841&cid=27580299 [slashdot.org]

  0.0.0.0 in HOSTS:2009 -> http://tech.slashdot.org/comments.pl?sid=1139705&cid=26977225 [slashdot.org]

  HOSTS MOD UP:2009 -> http://hardware.slashdot.org/comments.pl?sid=1319261&cid=28872833 [slashdot.org] (still says INSIGHTFUL)

  HOSTS MOD UP vs. botnet: 2012 -> http://it.slashdot.org/comments.pl?sid=2603836&cid=38586216 [slashdot.org]

---

Windows 7, VISTA, & Server 2008 have a couple of "issues" I don't like in them, & you may not either, depending on your point of view (mine's based solely on efficiency & security), & if my take on these issues aren't "good enough"? I suggest reading what ROOTKIT.COM says, link URL is in my "p.s." @ the bottom of this post:

1.) HOSTS files being unable to use "0" for a blocking IP address - this started in 12/09/2008 after an "MS Patch Tuesday" in fact for VISTA (when it had NO problem using it before that, as Windows 2000/XP/Server 2003 still can)... & yes, this continues in its descendants, Windows Server 2008 &/or Windows 7 as well.

So, why is this a "problem" you might ask?

Ok - since you can technically use either:

a.) 127.0.0.1 (the "loopback adapter address")
b.) 0.0.0.0 (next smallest & next most efficient)
c.) The smallest & fastest plain-jane 0

PER EACH HOSTS FILE ENTRY/RECORD...

You can use ANY of those, in order to block out known bad sites &/or adbanners in a HOSTS file this way??

Microsoft has "promoted bloat" in doing so... no questions asked.

Simply because

1.) 127.0.0.1 = 9 bytes in size on disk & is the largest/slowest
2.) 0.0.0.0 = 7 bytes & is the next largest/slowest in size on disk
3.) 0 = 1 byte

(& HOSTS files extend across EVERY webbrowser, email program, or in general every webbound program you use & thus HOSTS are "global" in coverage this way AND function on any OS that uses the BSD derived IP stack (which most all do mind you, even MS is based off of it, as BSD's IS truly, "the best in the business"), & when coupled with say, IE restricted zones, FireFox addons like NoScript &/or AdBlock, or Opera filter.ini/urlfilter.ini, for layered security in this capacity for webbrowsers & SOME email programs (here, I mean ones "built into" browsers themselves like Opera has for example))

MS has literally promoted bloat in this file, making it load slower from disk, into memory! This compounds itself, the more entries your HOSTS file contains... & for instance? Mine currently contains nearly 654,000 entries of known bad adbanners, bad websites, &/or bad nameservers (used for controlling botnets, misdirecting net requests, etc. et al).

Now, IF I were to use 127.0.0.1? My "huge" HOSTS file would be approximately 27mb in size... using 0.0.0.0 (next smallest) it would be 19mb in size - HOWEVER? Using 0 as my blocking IP, it is only 14mb in size. See my point?

(For loads either in the local DNS cache, or system diskcache if you run w/out the local DNS client service running, this gets slower the larger each HOSTS file entry is (which you have to stall the DNS client service in Windows for larger ones, especially if you use a "giant HOSTS file" (purely relative term, but once it goes over (iirc) 4mb in size, you have to cut the local DNS cache client service)))

NO questions asked - the physics of it backed me up in theory alone, but when I was questioned on it for PROOF thereof?

I wrote a small test program to load such a list into a "pascal record" (which is analagous to a C/C++ structure), which is EXACTLY what the DNS client/DNS API does as well, using a C/C++ structure (basically an array of sorts really, & a structure/record is a precursor part to a full-blown CLASS or OBJECT, minus the functions built in, this is for treating numerous variables as a SINGLE VARIABLE (for efficiency, which FORTRAN as a single example, lacks as a feature, @ least Fortran 77 did, but other languages do not))!

I even wrote another that just loaded my HOSTS file's entirety into a listbox, same results... slowest using 127.0.0.1, next slowest using 0.0.0.0, & fastest using 0.

And, sure: Some MORE "goes on" during DNS API loads (iirc, removal of duplicated entries (which I made sure my personal copy does not have these via a program I wrote to purge it of duplicated entries + to sort each entry alphabetically for easier mgt. via say, notepad.exe) & a conversion from decimal values to hex ones), but, nevertheless? My point here "holds true", of slower value loads, record-by-record, from a HOSTS file, when the entries become larger.

So, to "prove my point" to my naysayers?

I timed it using the Win32 API calls "GetTickCount" & then again, using the API calls of "QueryPerformanceCounter" as well, seeing the SAME results (a slowdown when reading in this file from disk, especially when using the larger 127.0.0.1 or 0.0.0.0 line item entries in a HOSTS file, vs. the smaller/faster/more efficient 0).

In my test, I saw a decline in speed/efficiency in my test doing so by using larger blocking addresses (127.0.0.1 &/or 0.0.0.0, vs. the smallest/fastest in 0)... proving me correct on this note!

On this HOSTS issue, and the WFP design issue in my next post below?

I also then questioned MS' own staff, even their VP of development (S. Sinofsky) on this here -> http://blogs.msdn.com/e7/archive/2009/02/09/recognizing-improvements-in-windows-7-handwriting.aspx?CommentPosted=true#commentmessage [msdn.com] & other places in their blogs, to get them to tell me WHY this seemingly intentional inefficiency was implemented... & I have YET to get a solid LOGICAL answer on this as to why it was done - THUS, @ this point?

I am convinced they (MS) do NOT have a good reason for doing this... because of their lack of response there on this note. Unless it has something to do with IPv6 (most folks use IPv4 still), I cannot understand WHY this design mistake imo, has occurred, in HOSTS files...

AND

2.) The "Windows Filtering Platform", which is now how the firewall works in VISTA, Server 2008, & Windows 7...

Sure it works in this new single point method & it is simple to manage & "sync" all points of it, making it easier for network techs/admins to manage than the older 3 part method, but that very thing works against it as well, because it is only a single part system now!

Thus, however?

This "single layer design" in WFP, now represents a SINGLE POINT OF FAILURE/ATTACK for malware makers to 'take down'!

(Which is 1 of the 1st things a malware attempts to do, is to take down any software firewalls present, or even the "Windows Security Center" itself which should warn you of the firewall "going down", & it's fairly easy to do either by messaging the services they use, or messing up their registry init. settings)

VS. the older (up to) 3 part method used in Windows 2000/XP/Server 2003, for protecting a system via IP Filtering, the Windows native Firewall, &/or IPSEC. Each of which uses diff. drivers, & layers of the IP stack to function from, as well as registry initialization settings.

Think of the older 3 part design much the same as the reason why folks use door handle locks, deadbolt locks, & chain locks on their doors... multipart layered security.

(Each of which the latter older method used, had 3 separate drivers & registry settings to do their jobs, representing a "phalanx like"/"zone defense like" system of backup of one another (like you see in sports OR ancient wars, and trust me, it WORKS, because on either side of yourself, you have "backup", even if YOU "go down" vs. the opponent)).

I.E.-> Take 1 of the "older method's" 3 part defenses down? 2 others STILL stand in the way, & they are not that simple to take them ALL down...

(Well, @ least NOT as easily as "taking out" a single part defensive system like WFP (the new "Windows Filtering Platform", which powers the VISTA, Windows Server 2008, & yes, Windows 7 firewall defense system)).

On this "single-part/single-point of attack" WFP (vs. Windows 2000/XP/Server 2003's IP stack defense design in 3-part/zone defense/phalanx type arrangement) as well as the HOSTS issue in my post above?

I also then questioned MS' own staff, even their VP of development (S. Sinofsky) on this here -> http://blogs.msdn.com/e7/archive/2009/02/09/recognizing-improvements-in-windows-7-handwriting.aspx?CommentPosted=true#commentmessage [msdn.com] & other places in their blogs, to get them to tell me WHY this seemingly intentional inefficiency was implemented... & I have YET to get a solid LOGICAL answer on this as to why it was done - THUS, @ this point?

I'll stick to my thoughts on it, until I am shown otherwise & proven wrong.

----

Following up on what I wrote up above, so those here reading have actual technical references from Microsoft themselves ("The horses' mouth"), in regards to the Firewall/PortFilter/IPSec designs (not HOSTS files, that I am SURE I am correct about, no questions asked) from my "Point #2" above?

Thus, I'll now note how:

----

1.) TCP/IP packet processing paths differences between in how Windows 2000/XP/Server 2003 did it (IPSEC.SYS (IP Security Policies), IPNAT.SYS (Windows Firewall), IPFLTDRV.SYS (Port Filtering), & TCPIP.SYS (base IP driver))...

2.) AND, how VISTA/Server 2008/Windows 7 do it now currently, using a SINGLE layer (WFP)...

----

First off, here is HOW it worked in Windows 2000/XP/Server 2003 - using 3 discrete & different drivers AND LEVELS/LAYERS of the packet processing path they worked in:

http://technet.microsoft.com/en-us/library/bb878072.aspx [microsoft.com]

The Cable Guy - June 2005: TCP/IP Packet Processing Paths

====

The following components process IP packets:

IP forwarding Determines the next-hop interface and address for packets being sent or forwarded.

TCP/IP filtering Allows you to specify by IP protocol, TCP port, or UDP port, the types of traffic that are acceptable for incoming local host traffic (packets destined for the host). You can configure TCP/IP filtering on the Options tab from the advanced properties of the Internet Protocol (TCP/IP) component in the Network Connections folder.

* "Here endeth the lesson..." and, if you REALLY want to secure your system? Please refer to this:

http://www.bing.com/search?q=%22HOW+TO+SECURE+Windows+2000%2FXP%22&go=&form=QBRE [bing.com]

APK [mailto]

P.S.=> SOME MINOR "CAVEATS/CATCH-22's" - things to be aware of for "layered security" + HOSTS file performance - easily overcome, or not a problem at all:

A.) HOSTS files don't function under PROXY SERVERS (except for Proximitron, which has a filter that allows it) - Which is *the "WHY"* of why I state in my "P.S." section below to use both AdBlock type browser addon methods (or even built-in block lists browsers have such as Opera's URLFILTER.INI file, & FireFox has such as list as does IE also in the form of TPL (tracking protection lists -> http://ie.microsoft.com/testdrive/Browser/TrackingProtectionLists/ [microsoft.com] , good stuff )) in combination with HOSTS, for the best in "layered security" (alongside .pac files + custom cascading style sheets that can filter off various tags such as scripts or ads etc.) - but proxies, especially "HIGHLY ANONYMOUS" types, generally slow you down to a CRAWL online (& personally, I cannot see using proxies "for the good" typically - as they allow "truly anonymous posting" & have bugs (such as TOR has been shown to have & be "bypassable/traceable" via its "onion routing" methods)).

B.) HOSTS files do NOT protect you vs. javascript (this only holds true IF you don't already have a bad site blocked out in your HOSTS file though, & the list of sites where you can obtain such lists to add to your HOSTS are above (& updated daily in many of them)).

C.) HOSTS files (relatively "largish ones") require you to turn off Windows' native "DNS local client cache service" (which has a problem in that it's designed with a non-redimensionable/resizeable list, array, or queue (DNS data loads into a C/C++ structure actually/afaik, which IS a form of array)) - mvps.org covers that in detail and how to easily do this in Windows (this is NOT a problem in Linux, & it's 1 thing I will give Linux over Windows, hands-down). Relatively "smallish" HOSTS files don't have this problem (mvps.org offers 2 types for this).

D.) HOSTS files, once read/loaded, once? GET CACHED! Right into the kernelmode diskcaching subsystem (fast & efficient RAM speed), for speed of access/re-access (@ system startup in older MS OS' like 2000, or, upon a users' 1st request that's "Webbound" via say, a webbrowser) gets read into either the D

Slashvertisement (1)

Anonymous Coward | about a year ago | (#43548227)

One hopes with this extra source of funds Slashdot might hire some editors.

Re:Slashvertisement (1)

Mashiki (184564) | about a year ago | (#43548463)

One hopes with this extra source of funds Slashdot might hire some editors.

I know you're joking, we all know that /. is powered by dupes and nonsensical editorial write-ups.

BS Summary (5, Insightful)

gweihir (88907) | about a year ago | (#43548231)

Do one overwrite with zeros for magnetic media. They cannot recover that. Open the drive, take out the platters, bend or break them, they cannot recover that. SSDs are more tricky, but one overwrite with random data assures that no more than the spare capacity can be recovered.

Re:BS Summary (2)

TWX (665546) | about a year ago | (#43548269)

Just remove the casing and put the SSD board/chips into a microwave... If anything, physical destruction of an SSD should be even easier... Just pop the chips off the board with a flat knife and cut them into pieces with aviation snips...

Re:BS Summary (1)

lister king of smeg (2481612) | about a year ago | (#43548461)

snips? and here i was thinking thermite was the answer to all data destruction needs. i havealso thought about building a emp device i have the designs for one somewhere, that should work to.

Re:BS Summary (5, Funny)

CanHasDIY (1672858) | about a year ago | (#43548511)

Thermite, like duct tape, is the solution to damn near everything.

Now, if you'll excuse me, I have some men in black suits and dark glasses at my door, and I think they want to talk to me....

Re:BS Summary (2)

K. S. Kyosuke (729550) | about a year ago | (#43549721)

Thermite, like duct tape, is the solution to damn near everything.

So, if "Perl is the duct tape of the Internet", what is X and Y in "X is the thermite of Y"?

Duct tape is like the Force. (2)

drainbramage (588291) | about a year ago | (#43549899)

There is a light side and a dark side.
Use the tape wisely.

Re:Duct tape is like the Force. (0)

Anonymous Coward | about a year ago | (#43550115)

oh ... the punch line: "... and it binds the universe together."

Re:BS Summary (4, Funny)

guttentag (313541) | about a year ago | (#43548457)

Do one overwrite with zeros for magnetic media.

I just send all my broken storage media to the Nixon Presidential Library, labelled "18 1/2 minutes" in a box with a return address for "Flasback Data Recovery Specialists: We Recover Anything, Confidentiality Guaranteed. Austin, TX." They replace all the 1s and 0s with pure silence. Nothing beats that.

Re:BS Summary (0)

Anonymous Coward | about a year ago | (#43548763)

Saying data is not recoverable from magnetic media by over-writing it once with zeroes is incorrect.
Using quantum detection for variations in the strength of the magnetic field (government level equipment) can detect multiple layers.

If you want to make data non-recoverable from a HD, remove the platters, put them on a drill press and turn them into Swiss cheese with the biggest bit the drill will hold.

Guaranteed the data is not recoverable!

Re:BS Summary (1)

tibit (1762298) | about a year ago | (#43549157)

The omnipresent and omnipotent "government" also has captive fairies that they let foreign dignitaries have some fun with, from time to time. Yeah, sure.

Re:BS Summary (1)

Anonymous Coward | about a year ago | (#43549669)

What's the percentage of data that can be recovered with this method? More importantly, does your average police department cybercrime lab or the FBI have access to such technology?

Re:BS Summary (4, Insightful)

K. S. Kyosuke (729550) | about a year ago | (#43549771)

"Using quantum detection for variations in the strength of the magnetic field (government level equipment) can detect multiple layers."

This sounds like total bullshit to me. We already have to use heavy error-correcting codes on pretty much all modern media to read even the last thing you wrote on them. What makes you think that whatever residual magnetism remains after a mere zeroing (although I'd opt for /dev/urandom instead) is sufficient to restore whatever had been written on it before that?

Re:BS Summary (1)

Shatrat (855151) | about a year ago | (#43548773)

I used to use 'dd if=/dev/zero of=/dev/sda1' on every laptop that got decommissioned from the network and donated or sold.
It's not rocket surgery.

Re:BS Summary (-1, Flamebait)

DRAGONWEEZEL (125809) | about a year ago | (#43548807)

you can recover 1 overwrite actually....

but it gets a lot harder as the number of passes increases, it's effectively destroyed for the next ten years anyway w/ an alternating pass of 0's and 1's. I think the 10 write cycles gets you until technology has increased to the point that a scaning electron microscope is as common as a microwave oven, and star trek style replicators exist..

Re:BS Summary (5, Informative)

blueg3 (192743) | about a year ago | (#43548961)

you can recover 1 overwrite actually....

You cannot. Or rather:
* Nobody has ever demonstrated success of recovering data from a modern hard drive (anything more recent than MFM) that has been overwritten even one time.
* The person who wrote the paper on recovering data from drives after erasure, Gutmann, has said there is no reason to believe that it is possible with modern drives.
* Other people have a quite sound theoretical arguments that it is impossible. (That is, there is a hysteresis effect, but it is so small compared to noise that the statistical probability of getting correct data instead of random data is much, much too small to be of any practical use even in a best-case scenario.)

This is a myth in computer forensics and security that needs to die.

Re:BS Summary (5, Funny)

xtracto (837672) | about a year ago | (#43549749)

Nice try NSA guy.

Re:BS Summary (1)

h4rr4r (612664) | about a year ago | (#43548989)

No, you cannot.

Show me any data recovery company that says they can and I will show you a liar.

People have many times put up money to see this done and no one has ever demonstrated it.

Re:BS Summary (1, Interesting)

LordLimecat (1103839) | about a year ago | (#43550179)

That doesnt mean it cant be done.

This is like saying "i have a new encryption method, and noone has yet demonstrated that they can break it". That does not mean that it is secure, or a that a simple analysis of the method would not display glaring weaknesses; someone could very well be exploiting it and simply keeping it on the DL.

It is hypothetically possible to recover from a single overwrite, because it is a fact that "magnetic domain remnants" are left after an overwrite. Whether or not we have the technology / money / whatever to recover it is irrelevant to the fact that there is still data there to be recovered, and its foolish to pretend otherwise.

Meanwhile, it IS known that if you raise the platters to the curie temperature or degauss the drives, you cannot recover any data.

Re:BS Summary (4, Informative)

tibit (1762298) | about a year ago | (#43549179)

That's incorrect. Current drives store information in individual (as in single) magnetic domains. A magnetic force microscope is of no help there. Once you flip a domain, you've flipped it. There's no history, no layers, nada. You're referring to information that was current 20 years ago.

Re:BS Summary (1)

LordLimecat (1103839) | about a year ago | (#43550197)

You're referring to information that was current 20 years ago.

20 years has not changed the fact that magnetic domains are analog, not digital. "Once you flip it, you've flipped it" isnt a concept that really exists in the analog world until your drive's firmware converts the analog reading to a digital 0.

Re:BS Summary (4, Informative)

lgw (121541) | about a year ago | (#43549231)

Let me pile on with the "no you cannot". Once this was true, back in the days of MFM drives, because there was lots of redundant magnetic media on that drive. But the need to squeeze out every last bit of data density on drives has changed that - any place on the media where leftover traces of previous writes could be found is a place where more bits could be fit on the platter. Still, with older IDE drives you might have wanted to do one pass of random data instead of 0s, if you were worried about an opponent with an electron microscope (I've actually seen bits on tape in an electron microscope image - very cool).

GMR [wikipedia.org] drives took that trend even farther, by using the Z-axis to help store each bit, not just the surface of the platter. With modern drives the media is completely used to store current data.

Re:BS Summary (0)

Anonymous Coward | about a year ago | (#43548843)

SSD's are internally encrypted with 256-bit AES. Simply use the drive wipe/reset tool form the manufacturer. It takes 5 seconds.

Re:BS Summary (-1)

sl4shd0rk (755837) | about a year ago | (#43549151)

Do one overwrite with zeros for magnetic media. They cannot recover that.

if "They" refers to Geek Squad, yeah maybe not. In reality however, overwriting magnetic storage with 0s doesn't actually remove the data*. I'm not saying everyone can afford, or get access to, the equipment below but there is some myth to the notion of "erasing" data by overwriting it.

using specialised circuitry it is possible to work out what previous "layers" contained. The recovery of at least one or two layers of overwritten data isn't too hard to perform by reading the signal from the analog head electronics with a high-quality digital sampling oscilloscope, downloading the sampled waveform to a PC, and analysing it in software to recover the previously recorded signal.

[*] - http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html [auckland.ac.nz]

Re:BS Summary (4, Informative)

Lord Crc (151920) | about a year ago | (#43549223)

That paper is from 1996. The updated epilogue contains this quote:

Any modern drive will most likely be a hopeless task, what with ultra-high densities and use of perpendicular recording I don't see how MFM would even get a usable image [...]

Re:BS Summary (1)

Anonymous Coward | about a year ago | (#43549279)

Excellent reference - to a paper written in 1996, and which has a modern disclaimer right in the header.

The relevance to a modern hard drive is difficult to imagine. Even the paper you linked says "Any modern drive will most likely be a hopeless task". GP is correct.

Re:BS Summary (3, Insightful)

SuricouRaven (1897204) | about a year ago | (#43549547)

You're close. Overwriting media with zeros almost entirely erases everything - there was a time when it was possible for someone with a highly specialised magnetic probe to pick up leftover traces from the space between the tracks, but modern drives have the tracks far too close for that. There is just one place data may survive: Remapped sectors. The drive logic does detect if a sector is going to fail or already failed, and if so will remap it to a spare area, just as SSDs do. The old data gets left behind in the now-disused space.

But all that'll save is the odd little fragment here and there, either 512 bytes or 16k depending on the drive. An attacker would need a lot of luck to find something good in there.

Re:BS Summary (1)

K. S. Kyosuke (729550) | about a year ago | (#43549881)

"You're close. Overwriting media with zeros almost entirely erases everything - there was a time when it was possible for someone with a highly specialised magnetic probe to pick up leftover traces from the space between the tracks, but modern drives have the tracks far too close for that"

I don't think that this is merely about the tracks being too close to each other. One has to keep in mind that today, "overwriting a sector with zeros" basically means "overwriting one existing continuous magnetic trace on the media with a trace of semi-randomly alternating magnetized domains that happens to be related to the semi-random alternating magnetization changes of the existing trace by means of a fractional (analog) offset that continuously drifts along the trace)". That's one hell of a problem for anyone trying to recover anything. Although the partial overlap of signals, of course, muddles things for the would-be recoverer even further.

Re:BS Summary (0)

LordLimecat (1103839) | about a year ago | (#43550055)

Open the drive, take out the platters, bend or break them, it is difficult but still technically possible to recover from that.

FTFY

Do one overwrite with zeros for magnetic media. Noone is sure if "they" can recover that, but it is hypothetically possible.

FTFY.

Best way to destroy the drive... (3, Interesting)

TWX (665546) | about a year ago | (#43548245)

...is to literally destroy the drive...

A small four-pound sledge and a suitable hard surface to act as an anvil and one can break the aluminum case into bits in a couple minutes and crease and crack the platters to the point that there realistically isn't anything being read from there. If you're REALLY worried, break out the plasma cutter and just cut the platters into bits...

Speaking of bits, Spanish colonial currency were "pieces of eight". "Shave and a Haircut, two bits" is a $0.25 cost. So, eight bits to a full unit... Coincidence for eight bits to a byte, or intentional?

Re:Best way to destroy the drive... (1)

admdrew (782761) | about a year ago | (#43548301)

Speaking of bits...

Interesting, I never knew that... I was sorta hoping it was intentional, but looks like we have to blame a combination of ASCII (popularizing 7-bit over 4- or 6-bit) and the rise of 8-bit machines.

Re:Best way to destroy the drive... (1)

TheNinjaroach (878876) | about a year ago | (#43548335)

Speaking of bits, Spanish colonial currency were "pieces of eight". "Shave and a Haircut, two bits" is a $0.25 cost. So, eight bits to a full unit... Coincidence for eight bits to a byte, or intentional?

Coincidence. I imagine it makes a lot of sense to keep the size of a byte as a power of two (for addressing reasons, maybe?) 4 bits isn't even enough to represent all of the characters in the Latin alphabet, and 16 bits was probably overkill at the beginning of the computer revolution.

This is all a bunch of random guesswork. I have no facts for any of this :)

Re:Best way to destroy the drive... (1)

Anonymous Coward | about a year ago | (#43548407)

This is all a bunch of random guesswork. I have no facts for any of this :)

So why bother? Why not just post a link to
http://en.wikipedia.org/wiki/Byte#History [wikipedia.org]
Which explains it pretty well (yes, I have read it and it does match information I've picked up from other sources).

What is a "Byte"? (1)

xxxJonBoyxxx (565205) | about a year ago | (#43548411)

>> I imagine it makes a lot of sense to keep the size of a byte as a power of two (for addressing reasons, maybe?)

I hope you're kidding, but in case you're not: http://en.wikipedia.org/wiki/Byte [wikipedia.org]

Re:What is a "Byte"? (1)

guttentag (313541) | about a year ago | (#43548623)

When I first learned about bytes I was in elementary school and my only frame of reference was the movie Tron (the original).

Kevin Flynn: Hey! Hold it right there!
Bit: Yes.
Kevin Flynn: What do you mean, "yes"?
Bit: Yes.
Kevin Flynn: Is that all you can say?
Bit: No.
Kevin Flynn: Know anything else?
Bit: Yes.
Kevin Flynn: Positive and negative, huh. You're a bit, aren't you?
Bit: Yes.
Kevin Flynn: Well, where's your program? Isn't he going to miss you?
Bit: No.
Kevin Flynn: I'M your program?
Bit: Yes.
Kevin Flynn: Pretty good driving, huh?
[CRASH]
Bit: No.

Bits are very direct. I figured a byte was a bit that knew 8 different ways of saying yes or no, but I was confused about how bits and bytes would communicate, because the bit wouldn't understand all the nuanced shades of yes or no. It seemed like a very fuzzy kind of logic. I made a mental note to study it further in junior high school, as a primer for studying other... curiosities... that know hundreds of ways of saying yes or no.

Re:What is a "Byte"? (1)

VanessaE (970834) | about a year ago | (#43549287)

Kevin Flynn: I'M your program?
Bit: Yes.

You forgot the most important part:

Kevin Flynn: Great, another mouth to feed.
Bit: Yes! Yes! Yes! [...]

Re:What is a "Byte"? (1)

airdweller (1816958) | about a year ago | (#43550131)

"Bits are very direct. I figured a byte was a bit that knew 8 different ways of saying yes or no, but I was confused about how bits and bytes would communicate, because the bit wouldn't understand all the nuanced shades of yes or no. It seemed like a very fuzzy kind of logic. I made a mental note to study it further in junior high school, as a primer for studying other... curiosities... that know hundreds of ways of saying yes or no."

Sooo... bits are men and bytes are women... I have more respect for Tron now...

Re:Best way to destroy the drive... (0)

Anonymous Coward | about a year ago | (#43549685)

Speaking of bits, Spanish colonial currency were "pieces of eight". "Shave and a Haircut, two bits" is a $0.25 cost. So, eight bits to a full unit... Coincidence for eight bits to a byte, or intentional?

Coincidence. I imagine it makes a lot of sense to keep the size of a byte as a power of two (for addressing reasons, maybe?) 4 bits isn't even enough to represent all of the characters in the Latin alphabet, and 16 bits was probably overkill at the beginning of the computer revolution.

This is all a bunch of random guesswork. I have no facts for any of this :)

Coincidence in that they are both based on the power of two. Pieces of 8 are made by cutting a coin in half, then the resulting two pieces in half, then the resulting four pieces in half - in other words 2 to the power of 3. Dividing the coin by anything other than halves would have been too difficult so they end up with eighths.

Re:Best way to destroy the drive... (1)

Bob the Super Hamste (1152367) | about a year ago | (#43548435)

break out the plasma cutter and just cut the platters into bits

Damn all I have is a wire feed welder so I guess I will just have to turn up the power.

Re:Best way to destroy the drive... (0)

Anonymous Coward | about a year ago | (#43548899)

Seeing as how there have been machine with all different byte sizes (5, 9, 36, etc.), no.

Re:Best way to destroy the drive... (1)

SuricouRaven (1897204) | about a year ago | (#43549611)

If you want weird, program a PIC.

The RAM is eight-bit.

The ROM is fourteen-bit.

Less work/More fun (0)

Tweezak (871255) | about a year ago | (#43549067)

Alternate tools:
12ga slug .308 .223 .44 Magnum .40 S&W .45 ACP

Speaking of Recovering Things (5, Insightful)

pitchpipe (708843) | about a year ago | (#43548299)

Does this company offer a way to recover a Slashdot that doesn't disguise advertising as a story?

Re:Speaking of Recovering Things (4, Informative)

berashith (222128) | about a year ago | (#43548587)

not disguised at all. If the first words of the summary arent " somerandomuser writes" , then I know that it wasnt user submitted, and is being pushed in from above. I only come into the comments of these types of stories to verify that I didnt click through to their ads.

Re:Speaking of Recovering Things (0)

Anonymous Coward | about a year ago | (#43548601)

Slashvertising far predates late 6 figure UIDs.

Slashdot is vulnerable and should be updated (1)

Spy Handler (822350) | about a year ago | (#43548325)

Thanks to Slashdot's video implementation, I get a big div in the middle of the screen that says,

This plugin is vulnerable and should be updated.
Check for updates...
Click here to activate the Adobe Flash plugin.

Now my Firefox is up to date and the Flash plugin was updated earlier this month.

Re:Slashdot is vulnerable and should be updated (5, Funny)

ArcadeMan (2766669) | about a year ago | (#43548499)

Maybe you haven't updated Firefox in a while. Are you still using yesterday's version?

Re:Slashdot is vulnerable and should be updated (1)

Anonymous Coward | about a year ago | (#43549197)

I'm on Nightly, you insensitive clod!!

Advertisement within an advertisement? (1)

moeinvt (851793) | about a year ago | (#43548327)

I assumed the video was just a shameless promotion for the company, but clicked it anyway. Then, I saw that I was supposed to sit through a 30 second advertisement for some other random $#!T just so I can see an ad for this company ?

Sorry, No.

Re:Advertisement within an advertisement? (5, Insightful)

EmagGeek (574360) | about a year ago | (#43548419)

Just curious, why did you attempt to obscure the word "SHIT" in your post?

Just say it. SHIT. It's a wonderful, useful word, just like FUCK, HELL, TITS, ASS, CUNT, DICK, and so many others that describe Slashdot and those who make it yet another newsvertisement site.

Re:Advertisement within an advertisement? (2)

cdrudge (68377) | about a year ago | (#43549161)

You've hurt my feelings since you didn't obscure SHIT.

Re:Advertisement within an advertisement? (1)

6Yankee (597075) | about a year ago | (#43549911)

Just wipe the SHIT across the other naughty words on your screen.

Re:Advertisement within an advertisement? (1)

Incadenza (560402) | about a year ago | (#43549603)

Have you been listening extensively to Peaches [youtube.com] by any change?

Re:Advertisement within an advertisement? (0)

Anonymous Coward | about a year ago | (#43549609)

The best part is that this is modded +5 Insightful

Re:Advertisement within an advertisement? (0)

Anonymous Coward | about a year ago | (#43548519)

Then, I saw that I was supposed to sit through a 30 second advertisement for some other random $#!T just so I can see an ad for this company ?

There's this thing called adblock you may have heard of...

(Yes, I did try playing the video, and no, I didn't get the advert, and no, I'm not a subscriber and I didn't tick 'disable adverts').

slight correction for this post: (2)

nimbius (983462) | about a year ago | (#43548369)

s/that recovers data from messed-up hard drives/that has learned the value of sponsored content advertising through the dice network/

Stupid fucking advertisements. (0)

Anonymous Coward | about a year ago | (#43548375)

We really need a way to exclude video stories. Also, where do I sign up to buy a front page story?

Fucking Slashvertisements (0)

EmagGeek (574360) | about a year ago | (#43548397)

I is sick of thems.

Bad interview (1)

Murdoch5 (1563847) | about a year ago | (#43548421)

This is such a random interview, he should of sat down and planned what he was going to say, this just sounds quick, dirty and unprofessional. I can't take a company seriously where the interviewer doesn't answer questions using a solid brief format. He's not even answers the questions properly, I give this a 2 / 10, to be fair I give most interviews about a 4 / 10, If you include PR you lose marks. Sit down, right out all the question and answer you want to talk about, practice it, re practice it and then go. Every time you stutter or have throw off a question you just look bad to the camera, I hate to be hating on this guy but it's pretty bad.

Re:Bad interview (1)

gweihir (88907) | about a year ago | (#43548473)

There are a lot of crooks and unprofessionals in data recovery. Immoral scum that prey on those already in pain. Seems this guy is not quite on that level, but fits in somewhere with grand promises he cannot deliver on.

Personal experience with them - they are legit (2)

millisa (151093) | about a year ago | (#43548585)

Not disagreeing that the video was pretty bad - I can't say I'd do any better if asked to do an interview off the cuff. Definitely not a well planned advertisement if that's what it was supposed to be.

I've had customers that have used these guys with about a 50/50 success rate at getting 100% data back. The times they couldn't get the data were due to head crashes that had scrapped the platters clean.

It never seems to fail, customer declares they absolutely don't need backups for their workstations, they only need it for their servers and that their users will always remember to put the data on the server. Except they don't . . . and there ends up being something business critical on Joe User's laptop that they just dropped/spilled on/etc.

The way Flashback works is they'll do an eval on the drive (which they used to charge a couple hundred bucks to just do the eval, but they've gotten cheaper on the more common drive types) - after they get you the list of files that they can get back, they'll quote you what it takes to recover the data and you can choose whether to move forward. If they can't get anything, they let you know and you aren't out thousands of bucks with nothing to show for it.

As much as we try to avoid the situation where an individual drive matters when it comes to data, the human part of business seems to generate conditions that causes these guys to be needed. I rarely have had to take anything to these guys, but overall I've been happy with the turn around, the pricing is reasonable compared to the national-mailin type chains and they don't sell you on things that are impossible. Usually I end up just bringing them a boxxed drive to dump the data on if they can get it, but they've been flexible at getting the important files up on a site that we can ftp it if the customer desperately wanted it.

(and that's probably a better slashvertisement than what ended up coming across in the video - there was still some good info in it about how the ssd recovery differs from platter based if you can sit through the eye twitching and 'ums'). In any case - they haven't come across as the usual scum/basement recovery operations.

Re:Personal experience with them - they are legit (2)

gweihir (88907) | about a year ago | (#43548661)

Good to know. So just their PR sucks. Actually, that may be an indicator that their work is not too bad, because the crooks rely on PR to get new customers, while those that actually get results can rely in part on repeat business.

Re:Personal experience with them - they are legit (0)

Anonymous Coward | about a year ago | (#43549129)

Not disagreeing that the video was pretty bad - I can't say I'd do any better if asked to do an interview off the cuff. Definitely not a well planned advertisement if that's what it was supposed to be.

This.

I'd have liked to have heard more about common recovery scenarios, especially with regards to SSDs. For instance, I have an Intel X-25M (SSDSA2M080G2GC) that failed and now shows up in BIOS as an 8MB (eight megabyte) drive. For this particular drive, I don't think the controller on these encrypts the data before writing it to the chips, so taking the chips off and reading them individually is an option for a rainy-day project. (Yes, I have a hot air rework station.)

(But maybe there's a better way, like knowing if there are pads on the circuit board that will let me talk directly to to the drive - like the old serial port trick with the Seagate 7200.11 hard drives a few years ago.)

For other SSDs where the controller does encrypt before writing to the chips, well, that's something I'd really like to hear about, but so would a lot of other people.

The thing I most loathe about the data recovery industry is that it tries to keep everything secret. I'd like to see some of these techniques opened up. People who want their data back should pay money and get it done right. People who don't give a wet slap about the data but who just want to learn about how their own hardware works shouldn't have to spend hours only to end up at subscription-only web forums where half the people are speaking Russian and still whining about trying to keep the DIY crowd away.

What is it about, Alphie? (0)

Anonymous Coward | about a year ago | (#43548433)

What about all these hard drive recovery tools?

Are they good or are the whack?

Re:What is it about, Alphie? (1)

DRAGONWEEZEL (125809) | about a year ago | (#43548823)

It depends on if the controller is good and if the platter(s) are damaged.

All the software in the world won't fix a bad armature, controller, motor, though a platter can ,if lucky, be read a gazillion times and bit for bit avgd to try and sum up what the original bit shouldhave been. EAC uses a similar things to get audio from damaged CD's

I attempted to fix a fullsize portable backup drive that was 'Knocked" when the poor thing was knocked off the counter onto a tile floor. It got hit just right, slamed into the floor, and the head scraped a concentric ring into the drive. I was looking at it for a friend, I told her she could try a specialized recovery place, but if they "Could" get it back it would be pretty pricey...It's why you don't use a backup drive as your only source of storage....

WTF? I thought I had ads diabled?? (5, Insightful)

gweihir (88907) | about a year ago | (#43548443)

Why is this stupid marketing BS still displayed?

Re:WTF? I thought I had ads diabled?? (0)

Anonymous Coward | about a year ago | (#43548671)

When you first installed AdBlock (years and years ago, I assume), what did you think the logical end-point was? Surely you weren't just thinking "well, it'll just be me and a handful of other savvy computer geeks so it won't fundamentally impact the way that every website I read is funded", were you?

As Kant said, "act only according to that maxim whereby you can, at the same time, will that it should become a universal law." If everyone installs AdBlock, or a sufficient fraction of everyone, traditional advertizing no longer provides revenue, so revenue must come from elsewhere. Subscriptions ain't cutting it, so paid advertizements are disguised as editorial content to evade your filters.

What the hell is with the transcription? (1)

SuperBanana (662181) | about a year ago | (#43548513)

Did you basically just use Youtube's auto-closed-captioning function? The quality of the transcript is so bad it's virtually unreadable.

Fuck off dice (0)

Anonymous Coward | about a year ago | (#43548581)

Fuck right off.

SEE my SIG (1)

DRAGONWEEZEL (125809) | about a year ago | (#43548635)

This stuff isn't It's not easy,and the costs can go rediculously through the roof. Having done a TINY bit myself, shipping out some work, etc..

See my Sig though, it's all right there.

Re:SEE my SIG (0)

Anonymous Coward | about a year ago | (#43549043)

Spelling ridiculous must not be easy either.

Slashdot is news or ads? (1)

HaynieMatt (755882) | about a year ago | (#43548687)

I thought this was going to inform me on a few ways I could do it myself. I don't really care to hear what someone else can do for me.

Re:Slashdot is news or ads? (1)

anagama (611277) | about a year ago | (#43549461)

That, or at least some video of cool tools and a description of the process, rather than simple claims of what they can do. Show a water damaged drive, show how they get it spinning, show how they read data --- that would have been interesting even if it required an investment beyond what the average user would make.

Flash! (0)

Anonymous Coward | about a year ago | (#43548717)

No video for me.

Check Your Backups (1)

heezer7 (708308) | about a year ago | (#43548787)

The story did get me to go double check that all my backups are running as expected. I am the backups of the backups kind of paranoid person.

spamdot? (2)

X0563511 (793323) | about a year ago | (#43548795)

We can flag comments as spam, but not "stories" such as this. Hmm.

smashed drive (1)

zeroryoko1974 (2634611) | about a year ago | (#43548809)

I worked for awhile in a companies laptop repair depot. We received a laptop back from a user requesting data recovery. The laptop had been run over by a truck, and when you shook the hard drive it sounded like sand inside.

The Transcript Needs Work (0)

Anonymous Coward | about a year ago | (#43548847)

It's ah... shall we say... inaccurate.

Why pretend (1)

onyxruby (118189) | about a year ago | (#43548905)

Perhaps Slashdot should follow Fark's lead and put a "sponsored" flag on stories like these and disable commenting? That way it would be clear that the story was an advertisement and they could avoid alienating their user base. Slashvertisements are usually fairly obvious and when they do appear the comments tend to all be very negative against whatever was being advertised. This way Slashdot could get their ad money for the promotion without pissing of the readers and filling the comments with vitriol.

Roblimo (0)

Anonymous Coward | about a year ago | (#43549039)

I've been seeing Roblimo's stories for ages. I was never all that impressed, but some were of interest and even value for at least entry level folks. AT the least, I did not have a negative view of his writing. But, these videos seem to suggest that he is absolutely clueless and technically inept.

This video is being presented as actual content, with the inference that he will be covering actual data recovery. Instead we get a Slashvertisement where no technical detail is provided, questions regarding cost are ignored and danced around while a doddering old fool whines about not having Google Fiber. With all the "content" in that video, AOL dialup is all that Roblimo deserves!

LOL DR Chipper Shredder (3)

Virtucon (127420) | about a year ago | (#43549227)

I doubt after your hard drive goes through a chipper/shredder that they could recover the data.

Re:LOL DR Chipper Shredder (1)

SuricouRaven (1897204) | about a year ago | (#43549651)

It's doable in theory, but prohibitively expensive. The only people with the knowledge would be the drive designers, and they'd need to spend weeks working with access to the type of cleanroom that makes an operating theater dirty.

Trolling is FUN (1)

pwnyxpress (2597273) | about a year ago | (#43549295)

Overwrite the entire drive with Rick Rolls [youtube.com] .

Re:Trolling is FUN (0)

Anonymous Coward | about a year ago | (#43550033)

Failing troll is failing.

Backups? (0)

Anonymous Coward | about a year ago | (#43549813)

You mean wasted space on copies of stuff?

Flashback and Austin (0)

Anonymous Coward | about a year ago | (#43549817)

I live in Austin and had an SD card die between a photographer's camera and my computer. Sadly, it had my wedding reception photos on it. I sent the card to one data recovery place in CA. They gave up and sent it back. I heard about Flashback and took the card there.

1. They didn't solve the problem. The card is likely forever unrecoverable due to being unable to read both data chips. Without being able to physically repair the chip, it's dead and no data is recoverable due to interleaving.
2. They were very helpful in explaining what they tried, and it seemed like they tried quite a lot. They conferenced in a collegue in MA to help figure out any way that might be possible to recover the photos.
3. They had the cheapest estimate of anywhere I looked. They didn't charge me since they couldn't recover anything.

I'd go there again without looking elsewhere if I needed them again. I felt like they made a great attempt and had the lowest pricing to boot. Sucks that I'll forever only have a few mostly crappy photos of my wedding reception

An old NSA con using FUD (0)

Anonymous Coward | about a year ago | (#43550159)

NSA frequently trolls sites like Slashdot (with the co-operation of the owners), pushing FUD about the real world difficulty of destroying data. Their intent is simple. to reduce the number of people using 'best practice' when it comes to destroying data.

A hammer to your HDD or SSD chips will destroy their content for certain. Nobody recovers data from smashed HDD platters, or properly trashed flash chips. However, such extremes are completely unnecessary (and are only used by government agencies when computer equipment is in imminent threat of capture by the enemy).

To destroy data on a HDD, use a low-level program to over-write the file with random data. Do NOT ever over-write with all zeroes, or indeed all of any single byte value. Such an act may cause the HDD firmware to simply flag the sector as empty, while leaving the actual magnetic data untouched. If an entire HDD needs to be cleared then firstly delete all existing files, then simply fill with enough files of random data to meet its actual capacity, and then erase these files. Only real files containing random data are ensured to bypass semantic mechanisms that may be found in the OS or firmware.

A SSD drive may be wiped using a similar process, but beware the much more complicated firmware that many of these devices use. An SSD drive may set aside a lot of extra storage beyond its rated capacity, and this storage may not be accessible all the time, due to 'wear levelling' and 'redundancy against block failure' functions. Some of your important data may have copies currently residing in areas not currently available to the OS, but recoverable by specialist software. A 'full erase' is likely only possibly using a vendor supplied program that will only flag blocks as empty, and not actually clear them.

Some hard-drives have similar mechanisms, where bad blocks are identified by the firmware, and removed from visibility to the OS. These 'bad blocks' may contain data that can be recovered to some degree using specialised software tools. Imagine you have a plain-text file containing information you wish to keep private. At some point, some of the physical blocks holding this data go 'bad' and the HDD firmware removes them (usually by re-mapping) from OS visibility. Now, most usual ways of wiping the HDD won't touch these flagged bad-blocks, but the vendor can most certainly unflag them, so some attempt could be made to recover the data held in the bad-block.

Indeed, if you think about it, there is no reason why a HDD wouldn't flag a bad-block as "read only" at best, given there would be no normal reason to ever try to write to the block again. This mechanism is very bad for the concept of absolute HDD security, but is a clear consequence of the limits of the technology. A security conscious team would have protocols in place that note when a critical file suffers a 'bad block', and would then mark that HDD for physical destruction at an appropriate point in the future.

Identifying when copies of parts of your crucial files lie in 'bad blocks' on a SSD is much more difficult. A HDD expects low rates of storage surface failure. A SSD expects extremely high rates of block failure, and is designed to cope with this issue. The problems of your private data ending up on normally inaccessible blocks flagged as 'bad' is not one vendors care to worry about. Again, as with the HDD, the bad block may be permanently flagged as "read only", so specialist tools may only attempt to read the data, never attempt to erase it.

ONCE AGAIN- when a storage device experiences failures, it is natural to activate "read only" modes. If your key data has the misfortune to end up in 'bad blocks', only the physical destruction of the storage device may ensure no-one has access to the contents of these 'bad blocks'.

Destroying Hard Drives? This works pretty well (0)

Anonymous Coward | about a year ago | (#43550207)

I have found that removing the platters and melting them down for scrap is fairly effective :-)

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>