Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Kenya Police: Our Fake Bomb Detectors Are Real

timothy posted about a year and a half ago | from the but-how-are-the-elephant-detectors? dept.

Crime 151

First time accepted submitter NF6X writes "Following the conviction of British conman James McCormick for selling fake bomb detectors which were in fact rebadged novelty golf ball divining rods, Nairobi police chief Benson Githinji stated to reporters that his department's fake bomb detectors are serviceable, and contributed towards a recent elimination of successful grenade attacks."

Sorry! There are no comments related to the filter you selected.

Slashdot criminal activity... apk (-1)

Anonymous Coward | about a year and a half ago | (#43558635)

* Breaking news: corrupt Slashdot administration attempted to ban me for blowing the whistle on their illegal activities, while not banning the criminal who stalks, harasses, and impersonates me. Whistleblower abuse is a federal felony. Lunatic Slashdot admin's have been owned by me in so many tech debates over the past decade that they conspire with criminals to effetely & vainly *try* to "hide" my posts and censor me. Jealousy at it's finest.

=> Lawsuit's and criminal prosecution against Slashdot are now inevitable. Moderation+posting records will be sequestered and anyone acting aginst me will be dealt with permanently.

Previous notice:

A corrupt slashdot luser has pentrated the moderation system to downmod all my posts while impersonating me.

Nearly 330++ times that I know of @ this point for all of March/April 2013 so far, & others here have told you to stop - take the hint, lunatic (leave slashdot)...

Sorry folks - but whoever the nutjob is that's attempting to impersonate me, & upset the rest of you as well, has SERIOUS mental issues, no questions asked! I must've gotten the better of him + seriously "gotten his goat" in doing so in a technical debate & his "geek angst" @ losing to me has him doing the:

---

A.) $10,000 challenges, ala (where the imposter actually TRACKED + LISTED the # of times he's done this no less, & where I get the 330 or so times I noted above) -> http://it.slashdot.org/comments.pl?sid=3585795&cid=43285307 [slashdot.org]

&/or

B.) Reposting OLD + possibly altered models - (this I haven't checked on as to altering the veracity of the info. being changed) of posts of mine from the past here

---

(Albeit massively repeatedly thru all threads on /. this March/April 2013 nearly in its entirety thusfar).

* Personally, I'm surprised the moderation staff here hasn't just "blocked out" his network range yet honestly!

(They know it's NOT the same as my own as well, especially after THIS post of mine, which they CAN see the IP range I am coming out of to compare with the ac spamming troll doing the above...).

APK

P.S.=> Again/Stressing it: NO guys - it is NOT me doing it, as I wouldn't waste that much time on such trivial b.s. like a kid might...

Plus, I only post where hosts file usage is on topic or appropriate for a solution & certainly NOT IN EVERY POST ON SLASHDOT (like the nutcase trying to "impersonate me" is doing for nearly all of March/April now, & 330++ times that I know of @ least)... apk

P.S.=> here is CORRECT host file information just to piss off the insane lunatic troll:

--

21++ ADVANTAGES OF CUSTOM HOSTS FILES (how/what/when/where/why):

Over AdBlock & DNS Servers ALONE 4 Security, Speed, Reliability, & Anonymity (to an extent vs. DNSBL's + DNS request logs).

1.) HOSTS files are useable for all these purposes because they are present on all Operating Systems that have a BSD based IP stack (even ANDROID) and do adblocking for ANY webbrowser, email program, etc. (any webbound program). A truly "multi-platform" UNIVERSAL solution for added speed, security, reliability, & even anonymity to an extent (vs. DNS request logs + DNSBL's you feel are unjust hosts get you past/around).

2.) Adblock blocks ads? Well, not anymore & certainly not as well by default, apparently, lol - see below:

Adblock Plus To Offer 'Acceptable Ads' Option

http://news.slashdot.org/story/11/12/12/2213233/adblock-plus-to-offer-acceptable-ads-option [slashdot.org] )

AND, in only browsers & their subprogram families (ala email like Thunderbird for FireFox/Mozilla products (use same gecko & xulrunner engines)), but not all, or, all independent email clients, like Outlook, Outlook Express, OR Window "LIVE" mail (for example(s)) - there's many more like EUDORA & others I've used over time that AdBlock just DOES NOT COVER... period.

Disclaimer: Opera now also has an AdBlock addon (now that Opera has addons above widgets), but I am not certain the same people make it as they do for FF or Chrome etc..

3.) Adblock doesn't protect email programs external to FF (non-mozilla/gecko engine based) family based wares, So AdBlock doesn't protect email programs like Outlook, Outlook Express, Windows "LIVE" mail & others like them (EUDORA etc./et al), Hosts files do. THIS IS GOOD VS. SPAM MAIL or MAILS THAT BEAR MALICIOUS SCRIPT, or, THAT POINT TO MALICIOUS SCRIPT VIA URLS etc.

4.) Adblock won't get you to your favorite sites if a DNS server goes down or is DNS-poisoned, hosts will (this leads to points 5-7 next below).

5.) Adblock doesn't allow you to hardcode in your favorite websites into it so you don't make DNS server calls and so you can avoid tracking by DNS request logs, OR make you reach them faster since you resolve host-domain names LOCALLY w/ hosts out of cached memory, hosts do ALL of those things (DNS servers are also being abused by the Chinese lately and by the Kaminsky flaw -> http://www.networkworld.com/news/2008/082908-kaminsky-flaw-prompts-dns-server.html [networkworld.com] for years now). Hosts protect against those problems via hardcodes of your fav sites (you should verify against the TLD that does nothing but cache IPAddress-to-domainname/hostname resolutions (in-addr.arpa) via NSLOOKUP, PINGS (ping -a in Windows), &/or WHOIS though, regularly, so you have the correct IP & it's current)).

* NOW - Some folks MAY think that putting an IP address alone into your browser's address bar will be enough, so why bother with HOSTS, right? WRONG - Putting IP address in your browser won't always work IS WHY. Some IP adresses host several domains & need the site name to give you the right page you're after is why. So for some sites only the HOSTS file option will work!

6.) Hosts files don't eat up CPU cycles (or ELECTRICITY) like AdBlock does while it parses a webpages' content, nor as much as a DNS server does while it runs. HOSTS file are merely a FILTER for the kernel mode/PnP TCP/IP subsystem, which runs FAR FASTER & MORE EFFICIENTLY than any ring 3/rpl3/usermode app can since hosts files run in MORE EFFICIENT & FASTER Ring 0/RPL 0/Kernelmode operations acting merely as a filter for the IP stack (via the "Plug-N-Play" designed IP stack in Windows) vs. SLOWER & LESS EFFICIENT Ring 3/RPL 3/Usermode operations (which webbrowsers run in + their addons like AdBlock slow down even MORESO due to their parsing operations).

7.) HOSTS files will allow you to get to sites you like, via hardcoding your favs into a HOSTS file, FAR faster than remote DNS servers can by FAR (by saving the roundtrip inquiry time to a DNS server, typically 30-100's of ms, vs. 7-10ms HardDisk speed of access/seek + SSD seek in ns, & back to you - hosts resolutions of IP address for host-domain names is FAR faster...). Hosts are only a filter for an already fast & efficient IP stack, no more layered b.s. (remote OR local). Hosts eat less CPU, RAM, I/O in other forms, + electricity than a locally running DNS server easily, and less than a local DNS program on a single PC. Fact. Hosts are easier to setup & maintain too.

8.) AdBlock doesn't let you block out known bad sites or servers that are known to be maliciously scripted, hosts can and many reputable lists for this exist:

GOOD INFORMATION ON MALWARE BEHAVIOR LISTING BOTNET C&C SERVERS + MORE (AS WELL AS REMOVAL LISTS FOR HOSTS):

http://www.mvps.org/winhelp2002/hosts.htm [mvps.org]
  http://someonewhocares.org/hosts/ [someonewhocares.org]
  http://hostsfile.org/hosts.html [hostsfile.org]
  http://hostsfile.mine.nu/downloads/ [hostsfile.mine.nu]
  http://hosts-file.net/?s=Download [hosts-file.net]
  https://zeustracker.abuse.ch/monitor.php?filter=online [abuse.ch]
  https://spyeyetracker.abuse.ch/monitor.php [abuse.ch]
  http://ddanchev.blogspot.com/ [blogspot.com]
  http://www.malware.com.br/lists.shtml [malware.com.br]
  http://www.stopbadware.org/ [stopbadware.org]
Spybot "Search & Destroy" IMMUNIZE feature (fortifies HOSTS files with KNOWN bad servers blocked)

And yes: Even SLASHDOT &/or The Register help!

(Via articles on security (when the source articles they use are "detailed" that is, & list the servers/sites involved in attempting to bushwhack others online that is... not ALL do!)).

2 examples thereof in the past I have used, & noted it there, are/were:

http://it.slashdot.org/comments.pl?sid=1898692&cid=34473398 [slashdot.org]
  http://it.slashdot.org/comments.pl?sid=1896216&cid=34458500 [slashdot.org]

9.) AdBlock & DNS servers are programs, and subject to bugs programs can get. Hosts files are merely a filter and not a program, thus not subject to bugs of the nature just discussed.

10.) HOSTS files protect you vs. DNS-poisoning &/or the Kaminsky flaw in DNS servers, and allow you to get to sites reliably vs. things like the Chinese are doing to DNS -> http://yro.slashdot.org/story/10/11/29/1755230/Chinese-DNS-Tampering-a-Real-Threat-To-Outsiders [slashdot.org]

11.) HOSTS files are EASILY user controlled, obtained (for reliable ones -> http://www.mvps.org/winhelp2002/hosts.htm [mvps.org] ) & edited too, via texteditors like Windows notepad.exe or Linux nano (etc.)

12.) With Adblock you had better be able to code javascript to play with its code (to customize it better than the GUI front does @ least). With hosts you don't even need source to control it (edit, update, delete, insert of new entries via a text editor).

13.) Hosts files are easily secured via using MAC/ACL (even moreso "automagically" for Vista, 7/Server 2008 + beyond by UAC by default) &/or Read-Only attributes applied.

14.) Custom HOSTS files also speed you up, unlike anonymous proxy servers systems variations (like TOR, or other "highly anonymous" proxy server list servers typically do, in the severe speed hit they often have a cost in) either via "hardcoding" your fav. sites into your hosts file (avoids DNS servers, totally) OR blocking out adbanners - see this below for evidence of that:

---

US Military Blocks Websites To Free Up Bandwidth:

http://yro.slashdot.org/story/11/03/16/0416238/US-Military-Blocks-Websites-To-Free-Up-Bandwidth [slashdot.org]

(Yes, even the US Military used this type of technique... because IT WORKS! Most of what they blocked? Ad banners ala doubleclick etc.)

---

Adbanners slow you down & consume your bandwidth YOU pay for:

ADBANNERS SLOW DOWN THE WEB: -> http://tech.slashdot.org/article.pl?sid=09/11/30/166218 [slashdot.org]

---

And people do NOT LIKE ads on the web:

PEOPLE DISLIKE ADBANNERS: http://yro.slashdot.org/yro/08/04/02/0058247.shtml [slashdot.org]

---

As well as this:

Users Know Advertisers Watch Them, and Hate It:

http://yro.slashdot.org/yro/08/04/02/0058247.shtml [slashdot.org]

---

Even WORSE still, is this:

Advertising Network Caught History Stealing:

http://yro.slashdot.org/story/11/07/22/156225/Advertising-Network-Caught-History-Stealing [slashdot.org]

---

15.) HOSTS files usage lets you avoid being charged on some ISP/BSP's (OR phone providers) "pay as you use" policy http://yro.slashdot.org/story/10/12/08/2012243/FCC-Approving-Pay-As-You-Go-Internet-Plans [slashdot.org] , because you are using less bandwidth (& go faster doing so no less) by NOT hauling in adbanner content and processing it (which can lead to infestation by malware/malicious script, in & of itself -> http://apcmag.com/microsoft_apologises_for_serving_malware.htm [apcmag.com] ).

16.) If/when ISP/BSP's decide to go to -> FCC Approving Pay-As-You-Go Internet Plans: http://yro.slashdot.org/story/10/12/08/2012243/FCC-Approving-Pay-As-You-Go-Internet-Plans [slashdot.org] your internet bill will go DOWN if you use a HOSTS file for blocking adbanners as well as maliciously scripted hacker/cracker malware maker sites too (after all - it's your money & time online downloading adbanner content & processing it)

Plus, your adbanner content? Well, it may also be hijacked with malicious code too mind you:

---

Yahoo, Microsoft's Bing display toxic ads:

http://www.theregister.co.uk/2011/09/16/bing_yahoo_malware_ads/ [theregister.co.uk]

---

Malware torrent delivered over Google, Yahoo! ad services:

http://www.theregister.co.uk/2009/09/24/malware_ads_google_yahoo/ [theregister.co.uk]

---

Google's DoubleClick spreads malicious ads (again):

http://www.theregister.co.uk/2009/02/24/doubleclick_distributes_malware/ [theregister.co.uk]

---

Rogue ads infiltrate Expedia and Rhapsody:

http://www.theregister.co.uk/2008/01/30/excite_and_rhapsody_rogue_ads/ [theregister.co.uk]

---

Google sponsored links caught punting malware:

http://www.theregister.co.uk/2008/12/16/google_sponsored_links/ [theregister.co.uk]

---

DoubleClick caught supplying malware-tainted ads:

http://www.theregister.co.uk/2007/11/13/doubleclick_distributes_malware/ [theregister.co.uk]

---

Yahoo feeds Trojan-laced ads to MySpace and PhotoBucket users:

http://www.theregister.co.uk/2007/09/11/yahoo_serves_12million_malware_ads/ [theregister.co.uk]

---

Real Media attacks real people via RealPlayer:

http://www.theregister.co.uk/2007/10/23/real_media_serves_malware/ [theregister.co.uk]

---

Ad networks owned by Google, Microsoft serve malware:

http://www.theregister.co.uk/2010/12/13/doubleclick_msn_malware_attacks/ [theregister.co.uk]

---

Attacks Targeting Classified Ad Sites Surge:

http://it.slashdot.org/story/11/02/02/1433210/Attacks-Targeting-Classified-Ad-Sites-Surge [slashdot.org]

---

Hackers Respond To Help Wanted Ads With Malware:

http://it.slashdot.org/story/11/01/20/0228258/Hackers-Respond-To-Help-Wanted-Ads-With-Malware [slashdot.org]

---

Hackers Use Banner Ads on Major Sites to Hijack Your PC:

http://www.wired.com/techbiz/media/news/2007/11/doubleclick [wired.com]

---

Ruskie gang hijacks Microsoft network to push penis pills:

http://www.theregister.co.uk/2010/10/12/microsoft_ips_hijacked/ [theregister.co.uk]

---

Major ISPs Injecting Ads, Vulnerabilities Into Web:

http://it.slashdot.org/it/08/04/19/2148215.shtml [slashdot.org]

---

Two Major Ad Networks Found Serving Malware:

http://tech.slashdot.org/story/10/12/13/0128249/Two-Major-Ad-Networks-Found-Serving-Malware [slashdot.org]

---

THE NEXT AD YOU CLICK MAY BE A VIRUS:

http://it.slashdot.org/story/09/06/15/2056219/The-Next-Ad-You-Click-May-Be-a-Virus [slashdot.org]

---

NY TIMES INFECTED WITH MALWARE ADBANNER:

http://news.slashdot.org/article.pl?sid=09/09/13/2346229 [slashdot.org]

---

MICROSOFT HIT BY MALWARES IN ADBANNERS:

http://apcmag.com/microsoft_apologises_for_serving_malware.htm [apcmag.com]

---

ISP's INJECTING ADS AND ERRORS INTO THE WEB: -> http://it.slashdot.org/it/08/04/19/2148215.shtml [slashdot.org]

---

ADOBE FLASH ADS INJECTING MALWARE INTO THE NET: http://it.slashdot.org/article.pl?sid=08/08/20/0029220&from=rss [slashdot.org]

---

London Stock Exchange Web Site Serving Malware:

http://www.securityweek.com/london-stock-exchange-web-site-serving-malware [securityweek.com]

---

Spotify splattered with malware-tainted ads:

http://www.theregister.co.uk/2011/03/25/spotify_malvertisement_attack/ [theregister.co.uk]

---

As my list "multiple evidences thereof" as to adbanners & viruses + the fact they slow you down & cost you more (from reputable & reliable sources no less)).

17.) Per point #16, a way to save some money: ANDROID phones can also use the HOSTS FILE TO KEEP DOWN BILLABLE TIME ONLINE, vs. adbanners or malware such as this:

---

Infected Androids Run Up Big Texting Bills:

http://it.slashdot.org/story/11/03/01/0041203/Infected-Androids-Run-Up-Big-Texting-Bills [slashdot.org]

---

AND, for protection vs. other "botnets" migrating from the PC world, to "smartphones" such as ZITMO (a ZEUS botnet variant):

http://www.google.com/search?hl=en&source=hp&q=ZITMO&btnG=Google+Search [google.com]

---

It's easily done too, via the ADB dev. tool, & mounting ANDROID OS' system mountpoint for system/etc as READ + WRITE/ADMIN-ROOT PERMISSIONS, then copying your new custom HOSTS over the old one using ADB PULL/ADB PUSH to do so (otherwise ANDROID complains of "this file cannot be overwritten on production models of this Operating System", or something very along those lines - this way gets you around that annoyance along with you possibly having to clear some space there yourself if you packed it with things!).

18.) Bad news: ADBLOCK CAN BE DETECTED FOR: See here on that note -> http://arstechnica.com/business/news/2010/03/why-ad-blocking-is-devastating-to-the-sites-you-love.ars [arstechnica.com]

HOSTS files are NOT THAT EASILY "webbug" BLOCKABLE by websites, as was tried on users by ARSTECHNICA (and it worked on AdBlock in that manner), to that websites' users' dismay:

PERTINENT QUOTE/EXCERPT FROM ARSTECHNICA THEMSELVES:

----

An experiment gone wrong - By Ken Fisher | Last updated March 6, 2010 11:11 AM

http://arstechnica.com/business/news/2010/03/why-ad-blocking-is-devastating-to-the-sites-you-love.ars [arstechnica.com]

"Starting late Friday afternoon we conducted a 12 hour experiment to see if it would be possible to simply make content disappear for visitors who were using a very popular ad blocking tool. Technologically, it was a success in that it worked. Ad blockers, and only ad blockers, couldn't see our content."

and

"Our experiment is over, and we're glad we did it because it led to us learning that we needed to communicate our point of view every once in a while. Sure, some people told us we deserved to die in a fire. But that's the Internet!"

Thus, as you can see? Well - THAT all "went over like a lead balloon" with their users in other words, because Arstechnica was forced to change it back to the old way where ADBLOCK still could work to do its job (REDDIT however, has not, for example). However/Again - this is proof that HOSTS files can still do the job, blocking potentially malscripted ads (or ads in general because they slow you down) vs. adblockers like ADBLOCK!

----

19.) Even WIKILEAKS "favors" blacklists (because they work, and HOSTS can be a blacklist vs. known BAD sites/servers/domain-host names):

---

PERTINENT QUOTE/EXCERPT (from -> http://www.theregister.co.uk/2010/12/16/wikileaks_mirror_malware_warning_row/ [theregister.co.uk] )

"we are in favour of 'Blacklists', be it for mail servers or websites, they have to be compiled with care... Fortunately, more responsible blacklists, like stopbadware.org (which protects the Firefox browser)...

---

20.) AND, LASTLY? SINCE MALWARE GENERALLY HAS TO OPERATE ON WHAT YOU YOURSELF CAN DO (running as limited class/least privlege user, hopefully, OR even as ADMIN/ROOT/SUPERUSER)? HOSTS "LOCK IN" malware too, vs. communicating "back to mama" for orders (provided they have name servers + C&C botnet servers listed in them, blocked off in your HOSTS that is) - you might think they use a hardcoded IP, which IS possible, but generally they do not & RECYCLE domain/host names they own (such as has been seen with the RBN (Russian Business Network) lately though it was considered "dead", other malwares are using its domains/hostnames now, & this? This stops that cold, too - Bonus!)...

21.) Custom HOSTS files gain users back more "screen real estate" by blocking out banner ads... it's great on PC's for speed along with MORE of what I want to see/read (not ads), & efficiency too, but EVEN BETTER ON SMARTPHONES - by far. It matters MOST there imo @ least, in regards to extra screen real-estate.

Still - It's a GOOD idea to layer in the usage of BOTH browser addons for security like adblock ( http://adblockplus.org/en/ [adblockplus.org] ), IE 9's new TPL's ( http://ie.microsoft.com/testdrive/Browser/TrackingProtectionLists/ [microsoft.com] ), &/or NoScript ( http://noscript.net/ [noscript.net] especially this one, as it covers what HOSTS files can't in javascript which is the main deliverer of MOST attacks online & SECUNIA.COM can verify this for anyone really by looking @ the past few years of attacks nowadays), for the concept of "layered security"....

It's just that HOSTS files offer you a LOT MORE gains than Adblock ( http://adblockplus.org/en/ [adblockplus.org] ) does alone (as hosts do things adblock just plain cannot & on more programs, for more speed, security, and "stealth" to a degree even), and it corrects problems in DNS (as shown above via hardcodes of your favorite sites into your HOSTS file, and more (such as avoiding DNS request logs)).

ALSO - Some more notes on DNS servers & their problems, very recent + ongoing ones:

---

DNS flaw reanimates slain evil sites as ghost domains:

http://www.theregister.co.uk/2012/02/16/ghost_domains_dns_vuln/ [theregister.co.uk]

---

BIND vs. what the Chinese are doing to DNS lately? See here:

http://yro.slashdot.org/story/10/11/29/1755230/Chinese-DNS-Tampering-a-Real-Threat-To-Outsiders [slashdot.org]

---

SECUNIA HIT BY DNS REDIRECTION HACK THIS WEEK:

http://www.theregister.co.uk/2010/11/26/secunia_back_from_dns_hack/ [theregister.co.uk]

(Yes, even "security pros" are helpless vs. DNS problems in code bugs OR redirect DNS poisoning issues, & they can only try to "set the DNS record straight" & then, they still have to wait for corrected DNS info. to propogate across all subordinate DNS servers too - lagtime in which folks DO get "abused" in mind you!)

---

DNS vs. the "Kaminsky DNS flaw", here (and even MORE problems in DNS than just that):

http://www.scmagazineus.com/new-bind-9-dns-flaw-is-worse-than-kaminskys/article/140872/ [scmagazineus.com]

(Seems others are saying that some NEW "Bind9 flaw" is worse than the Kaminsky flaw ALONE, up there, mind you... probably corrected (hopefully), but it shows yet again, DNS hassles (DNS redirect/DNS poisoning) being exploited!)

---

Moxie Marlinspike's found others (0 hack) as well...

Nope... "layered security" truly IS the "way to go" - hacker/cracker types know it, & they do NOT want the rest of us knowing it too!...

(So until DNSSEC takes "widespread adoption"? HOSTS are your answer vs. such types of attack, because the 1st thing your system refers to, by default, IS your HOSTS file (over say, DNS server usage). There are decent DNS servers though, such as OpenDNS, ScrubIT, or even NORTON DNS (more on each specifically below), & because I cannot "cache the entire internet" in a HOSTS file? I opt to use those, because I have to (& OpenDNS has been noted to "fix immediately", per the Kaminsky flaw, in fact... just as a sort of reference to how WELL they are maintained really!)

---

DNS Hijacks Now Being Used to Serve Black Hole Exploit Kit:

https://threatpost.com/en_us/blogs/dns-hijacks-now-being-used-serve-black-hole-exploit-kit-121211 [threatpost.com]

---

DNS experts admit some of the underlying foundations of the DNS protocol are inherently weak:

http://it.slashdot.org/story/11/12/08/1353203/opendns-releases-dns-encryption-tool [slashdot.org]

---

Potential 0-Day Vulnerability For BIND 9:

http://it.slashdot.org/story/11/11/17/1429259/potential-0-day-vulnerability-for-bind-9 [slashdot.org]

---

Five DNS Threats You Should Protect Against:

http://www.securityweek.com/five-dns-threats-you-should-protect-against [securityweek.com]

---

DNS provider decked by DDoS dastards:

http://www.theregister.co.uk/2010/11/16/ddos_on_dns_firm/ [theregister.co.uk]

---

Ten Percent of DNS Servers Still Vulnerable: (so much for "conscientious patching", eh? Many DNS providers weren't patching when they had to!)

http://it.slashdot.org/it/05/08/04/1525235.shtml?tid=172&tid=95&tid=218 [slashdot.org]

---

DNS ROOT SERVERS ATTACKED:

http://it.slashdot.org/it/07/02/06/2238225.shtml [slashdot.org]

---

TimeWarner DNS Hijacking:

http://tech.slashdot.org/article.pl?sid=07/07/23/2140208 [slashdot.org]

---

DNS Re-Binding Attacks:

http://crypto.stanford.edu/dns/ [stanford.edu]

---

DNS Server Survey Reveals Mixed Security Picture:

http://it.slashdot.org/it/07/11/21/0315239.shtml [slashdot.org]

---

Halvar figured out super-secret DNS vulnerability:

http://www.zdnet.com/blog/security/has-halvar-figured-out-super-secret-dns-vulnerability/1520 [zdnet.com]

---

BIND Still Susceptible To DNS Cache Poisoning:

http://tech.slashdot.org/tech/08/08/09/123222.shtml [slashdot.org]

---

DNS Poisoning Hits One of China's Biggest ISPs:

http://it.slashdot.org/it/08/08/21/2343250.shtml [slashdot.org]

---

DDoS Attacks Via DNS Recursion:

http://it.slashdot.org/it/06/03/16/1658209.shtml [slashdot.org]

---

High Severity BIND DNS Vulnerability Advisory Issued:

http://tech.slashdot.org/story/11/02/23/156212/High-Severity-BIND-Vulnerability-Advisory-Issued [slashdot.org]

---

Photobucketâ(TM)s DNS records hijacked:

http://blogs.zdnet.com/security/?p=1285 [zdnet.com]

---

Protecting Browsers from DNS Rebinding Attacks:

http://crypto.stanford.edu/dns/ [stanford.edu]

---

DNS Problem Linked To DDoS Attacks Gets Worse:

http://tech.slashdot.org/story/09/11/15/1238210/DNS-Problem-Linked-To-DDoS-Attacks-Gets-Worse [slashdot.org]

---

HOWEVER - Some DNS servers are "really good stuff" vs. phishing, known bad sites/servers/hosts-domains that serve up malware-in-general & malicious scripting, botnet C&C servers, & more, such as:

Norton DNS -> http://nortondns.com/ [nortondns.com]
  ScrubIT DNS -> http://www.scrubit.com/ [scrubit.com]
  OpenDNS -> http://www.opendns.com/ [opendns.com]

(Norton DNS in particular, is exclusively for blocking out malware, for those of you that are security-conscious. ScrubIT filters pr0n material too, but does the same, & OpenDNS does phishing protection. Each page lists how & why they work, & why they do so. Norton DNS can even show you its exceptions lists, plus user reviews & removal procedures requests, AND growth stats (every 1/2 hour or so) here -> http://safeweb.norton.com/buzz [norton.com] so, that ought to "take care of the naysayers" on removal requests, &/or methods used plus updates frequency etc./et al...)

HOWEVER - There's ONLY 1 WEAKNESS TO ANY network defense, including HOSTS files (vs. host-domain name based threats) & firewalls (hardware router type OR software type, vs. IP address based threats): Human beings, & they not being 'disciplined' about the indiscriminate usage of javascript (the main "harbinger of doom" out there today online), OR, what they download for example... & there is NOTHING I can do about that! (Per Dr. Manhattan of "The Watchmen", ala -> "I can change almost anything, but I can't change human nature")

HOWEVER AGAIN - That's where NORTON DNS, OpenDNS, &/or ScrubIT DNS help!

(Especially for noob/grandma level users who are unaware of how to secure themselves in fact, per a guide like mine noted above that uses "layered-security" principles!)

ScrubIT DNS, &/or OpenDNS are others alongside Norton DNS (adding on phishing protection too) as well!

( & it's possible to use ALL THREE in your hardware NAT routers, and, in your Local Area Connection DNS properties in Windows, for again, "Layered Security" too)...

---

20++ SLASHDOT USERS EXPERIENCING SUCCESS USING HOSTS FILES QUOTED VERBATIM:

---

"Ever since I've installed a host file (http://www.mvps.org/winhelp2002/hosts.htm) to redirect advertisers to my loopback, I haven't had any malware, spyware, or adware issues. I first started using the host file 5 years ago." - by TestedDoughnut (1324447) on Monday December 13, @12:18AM (#34532122)

"I use a custom /etc/hosts to block ads... my file gets parsed basically instantly ... So basically, for any modern computer, it has zero visible impact. And even if it took, say, a second to parse, that would be more than offset by the MANY seconds saved by not downloading and rendering ads. I have noticed NO ill effects from running a custom /etc/hosts file for the last several years. And as a matter of fact I DO run http servers on my computers and I've never had an /etc/hosts-related problem... it FUCKING WORKS and makes my life better overall." - by sootman (158191) on Monday July 13 2009, @11:47AM (#28677363) Homepage Journal

"I actually went and downloaded a 16k line hosts file and started using that after seeing that post, you know just for trying it out. some sites load up faster." - by gl4ss (559668) on Thursday November 17, @11:20AM (#38086752) Homepage Journal

"Better than an ad blocker, imo. Hosts file entries: http://www.mvps.org/winhelp2002/hosts.htm [mvps.org] " - by TempestRose (1187397) on Tuesday March 15, @12:53PM (#35493274)

"^^ One of the many reasons why I like the user-friendliness of the /etc/hosts file." - by lennier1 (264730) on Saturday March 05, @09:26PM (#35393448)

"They've been on my HOSTS block for years" - by ScottCooperDotNet (929575) on Thursday August 05 2010, @01:52AM (#33147212)

"I'm currently only using my hosts file to block pheedo ads from showing up in my RSS feeds and causing them to take forever to load. Regardless of its original intent, it's still a valid tool, when used judiciously." - by Bill Dog (726542) on Monday April 25, @02:16AM (#35927050) Homepage Journal

"you're right about hosts files" - by drinkypoo (153816) on Thursday May 26, @01:21PM (#36252958) Homepage

"APK's monolithic hosts file is looking pretty good at the moment." - by Culture20 (968837) on Thursday November 17, @10:08AM (#38085666)

"I also use the MVPS ad blocking hosts file." - by Rick17JJ (744063) on Wednesday January 19, @03:04PM (#34931482)

"I use ad-Block and a hostfile" - by Ol Olsoc (1175323) on Tuesday March 01, @10:11AM (#35346902)

"I do use Hosts, for a couple fake domains I use." - by icebraining (1313345) on Saturday December 11, @09:34AM (#34523012) Homepage

"It's a good write up on something everybody should use, why you were modded down is beyond me. Using a HOSTS file, ADblock is of no concern and they can do what they want." - by Trax3001BBS (2368736) on Monday December 12, @10:07PM (#38351398) Homepage Journal

"I want my surfing speed back so I block EVERY fucking ad. i.e. http://someonewhocares.org/hosts/ [someonewhocares.org] and http://winhelp2002.mvps.org/hosts.htm [mvps.org] FTW" - by UnknownSoldier (67820) on Tuesday December 13, @12:04PM (#38356782)

"Let me introduce you to the file: /etc/hosts" - by fahrbot-bot (874524) on Monday December 19, @05:03PM (#38427432)

"I use a hosts file" - by EdIII (1114411) on Tuesday December 13, @01:17PM (#38357816)

"I'm tempted to go for a hacked hosts file that simply resolves most advert sites to 127.0.0.1" - by bLanark (123342) on Tuesday December 13, @01:13PM (#38357760)

"this is not a troll, which hosts file source you recommend nowadays? it's a really handy method for speeding up web and it works." - by gl4ss (559668) on Thursday March 22, @08:07PM (#39446525) Homepage Journal

"A hosts file certainly does not require "a lot of work" to maintain, and it quite effectively kills a LOT of advertising and tracking schemes. . In fact, I never would have considered trying to use it for ddefending against viruses or malware." - by RocketRabbit (830691) on Thursday December 30 2010, @05:48PM (#34715060)

---

Then, there is also the words of respected security expert, Mr. Oliver Day, from SECURITYFOCUS.COM to "top that all off" as well:

A RETURN TO THE KILLFILE:

http://www.securityfocus.com/columnists/491 [securityfocus.com]

Some "PERTINENT QUOTES/EXCERPTS" to back up my points with (for starters):

---

"The host file on my day-to-day laptop is now over 16,000 lines long. Accessing the Internet -- particularly browsing the Web -- is actually faster now."

Speed, and security, is the gain... others like Mr. Day note it as well!

---

"From what I have seen in my research, major efforts to share lists of unwanted hosts began gaining serious momentum earlier this decade. The most popular appear to have started as a means to block advertising and as a way to avoid being tracked by sites that use cookies to gather data on the user across Web properties. More recently, projects like Spybot Search and Destroy offer lists of known malicious servers to add a layer of defense against trojans and other forms of malware."

Per my points exactly, no less... & guess who was posting about HOSTS files a 14++ yrs. or more back & Mr. Day was reading & now using? Yours truly (& this is one of the later ones, from 2001 http://www.furtherleft.net/computer.htm [furtherleft.net] (but the example HOSTS file with my initials in it is FAR older, circa 1998 or so) or thereabouts, and referred to later by a pal of mine who moderates NTCompatible.com (where I posted on HOSTS for YEARS (1997 onwards)) -> http://www.ntcompatible.com/thread28597-1.html [ntcompatible.com] !

---

"Shared host files could be beneficial for other groups as well. Human rights groups have sought after block resistant technologies for quite some time. The GoDaddy debacle with NMap creator Fyodor (corrected) showed a particularly vicious blocking mechanism using DNS registrars. Once a registrar pulls a website from its records, the world ceases to have an effective way to find it. Shared host files could provide a DNS-proof method of reaching sites, not to mention removing an additional vector of detection if anyone were trying to monitor the use of subversive sites. One of the known weaknesses of the Tor system, for example, is direct DNS requests by applications not configured to route such requests through Tor's network."

There you go: AND, it also works vs. the "KAMINSKY DNS FLAW" & DNS poisoning/redirect attacks, for redirectable weaknesses in DNS servers (non DNSSEC type, & set into recursive mode especially) and also in the TOR system as well (that lends itself to anonymous proxy usage weaknesses I noted above also) and, you'll get to sites you want to, even IF a DNS registrar drops said websites from its tables as shown here Beating Censorship By Routing Around DNS -> http://yro.slashdot.org/story/10/12/09/1840246/Beating-Censorship-By-Routing-Around-DNS [slashdot.org] & even DNSBL also (DNS Block Lists) -> http://en.wikipedia.org/wiki/DNSBL [wikipedia.org] as well - DOUBLE-BONUS!

---

* POSTS ABOUT HOSTS FILES I DID on "/." THAT HAVE DONE WELL BY OTHERS & WERE RATED HIGHLY, 26++ THUSFAR (from +3 -> +1 RATINGS, usually "informative" or "interesting" etc./et al):

BANNER ADS & BANDWIDTH:2011 -> http://hardware.slashdot.org/comments.pl?sid=2139088&cid=36077722 [slashdot.org]
  HOSTS MOD UP:2010 -> http://yro.slashdot.org/comments.pl?sid=1907266&cid=34529608 [slashdot.org]
  HOSTS MOD UP:2009 -> http://tech.slashdot.org/comments.pl?sid=1490078&cid=30555632 [slashdot.org]
  HOSTS MOD UP:2010 -> http://it.slashdot.org/comments.pl?sid=1869638&cid=34237268 [slashdot.org]
  HOSTS MOD UP:2009 -> http://tech.slashdot.org/comments.pl?sid=1461288&threshold=-1&commentsort=0&mode=thread&cid=30272074 [slashdot.org]
  HOSTS MOD UP:2009 -> http://tech.slashdot.org/comments.pl?sid=1255487&cid=28197285 [slashdot.org]
  HOSTS MOD UP:2009 -> http://tech.slashdot.org/comments.pl?sid=1206409&cid=27661983 [slashdot.org]
  HOSTS MOD UP:2010 -> http://apple.slashdot.org/comments.pl?sid=1725068&cid=32960808 [slashdot.org]
  HOSTS MOD UP:2010 -> http://it.slashdot.org/comments.pl?sid=1743902&cid=33147274 [slashdot.org]
  APK 20++ POINTS ON HOSTS MOD UP:2010 -> http://news.slashdot.org/comments.pl?sid=1913212&cid=34576182 [slashdot.org]
  HOSTS MOD UP:2010 -> http://it.slashdot.org/comments.pl?sid=1862260&cid=34186256 [slashdot.org]
  HOSTS MOD UP:2010 (w/ facebook known bad sites blocked) -> http://tech.slashdot.org/comments.pl?sid=1924892&cid=34670128 [slashdot.org]
  HOSTS FILE MOD UP FOR ANDROID MALWARE:2010 -> http://mobile.slashdot.org/comments.pl?sid=1930156&cid=34713952 [slashdot.org]
  HOSTS MOD UP ZEUSTRACKER:2011 -> http://it.slashdot.org/comments.pl?sid=2059420&cid=35654066 [slashdot.org]
  HOSTS MOD UP vs AT&T BANDWIDTH CAP:2011 -> http://tech.slashdot.org/comments.pl?sid=2116504&cid=35985584 [slashdot.org]
  HOSTS MOD UP CAN DO SAME AS THE "CloudFlare" Server-Side service:2011 -> http://it.slashdot.org/comments.pl?sid=2220314&cid=36372850 [slashdot.org]
  HOSTS and BGP +5 RATED (BEING HONEST):2010 http://tech.slashdot.org/comments.pl?sid=1901826&cid=34490450 [slashdot.org]
  HOSTS & PROTECT IP ACT:2011 http://yro.slashdot.org/comments.pl?sid=2368832&cid=37021700 [slashdot.org]
  HOSTS MOD UP:2011 -> http://yro.slashdot.org/comments.pl?sid=2457766&cid=37592458 [slashdot.org]
  HOSTS MOD UP & OPERA HAUTE SECURE:2011 -> http://yro.slashdot.org/comments.pl?sid=2457274&cid=37589596 [slashdot.org]
  0.0.0.0 in HOSTS:2009 -> http://tech.slashdot.org/comments.pl?sid=1197039&cid=27556999 [slashdot.org]
  0.0.0.0 IN HOSTS:2009 -> http://tech.slashdot.org/comments.pl?sid=1143349&cid=27012231 [slashdot.org]
  0.0.0.0 in HOSTS:2009 -> http://it.slashdot.org/comments.pl?sid=1198841&cid=27580299 [slashdot.org]
  0.0.0.0 in HOSTS:2009 -> http://tech.slashdot.org/comments.pl?sid=1139705&cid=26977225 [slashdot.org]
  HOSTS MOD UP:2009 -> http://hardware.slashdot.org/comments.pl?sid=1319261&cid=28872833 [slashdot.org] (still says INSIGHTFUL)
  HOSTS MOD UP vs. botnet: 2012 -> http://it.slashdot.org/comments.pl?sid=2603836&cid=38586216 [slashdot.org]

---

Windows 7, VISTA, & Server 2008 have a couple of "issues" I don't like in them, & you may not either, depending on your point of view (mine's based solely on efficiency & security), & if my take on these issues aren't "good enough"? I suggest reading what ROOTKIT.COM says, link URL is in my "p.s." @ the bottom of this post:

1.) HOSTS files being unable to use "0" for a blocking IP address - this started in 12/09/2008 after an "MS Patch Tuesday" in fact for VISTA (when it had NO problem using it before that, as Windows 2000/XP/Server 2003 still can)... & yes, this continues in its descendants, Windows Server 2008 &/or Windows 7 as well.

So, why is this a "problem" you might ask?

Ok - since you can technically use either:

a.) 127.0.0.1 (the "loopback adapter address")
b.) 0.0.0.0 (next smallest & next most efficient)
c.) The smallest & fastest plain-jane 0

PER EACH HOSTS FILE ENTRY/RECORD...

You can use ANY of those, in order to block out known bad sites &/or adbanners in a HOSTS file this way??

Microsoft has "promoted bloat" in doing so... no questions asked.

Simply because

1.) 127.0.0.1 = 9 bytes in size on disk & is the largest/slowest
2.) 0.0.0.0 = 7 bytes & is the next largest/slowest in size on disk
3.) 0 = 1 byte

(& HOSTS files extend across EVERY webbrowser, email program, or in general every webbound program you use & thus HOSTS are "global" in coverage this way AND function on any OS that uses the BSD derived IP stack (which most all do mind you, even MS is based off of it, as BSD's IS truly, "the best in the business"), & when coupled with say, IE restricted zones, FireFox addons like NoScript &/or AdBlock, or Opera filter.ini/urlfilter.ini, for layered security in this capacity for webbrowsers & SOME email programs (here, I mean ones "built into" browsers themselves like Opera has for example))

MS has literally promoted bloat in this file, making it load slower from disk, into memory! This compounds itself, the more entries your HOSTS file contains... & for instance? Mine currently contains nearly 654,000 entries of known bad adbanners, bad websites, &/or bad nameservers (used for controlling botnets, misdirecting net requests, etc. et al).

Now, IF I were to use 127.0.0.1? My "huge" HOSTS file would be approximately 27mb in size... using 0.0.0.0 (next smallest) it would be 19mb in size - HOWEVER? Using 0 as my blocking IP, it is only 14mb in size. See my point?

(For loads either in the local DNS cache, or system diskcache if you run w/out the local DNS client service running, this gets slower the larger each HOSTS file entry is (which you have to stall the DNS client service in Windows for larger ones, especially if you use a "giant HOSTS file" (purely relative term, but once it goes over (iirc) 4mb in size, you have to cut the local DNS cache client service)))

NO questions asked - the physics of it backed me up in theory alone, but when I was questioned on it for PROOF thereof?

I wrote a small test program to load such a list into a "pascal record" (which is analagous to a C/C++ structure), which is EXACTLY what the DNS client/DNS API does as well, using a C/C++ structure (basically an array of sorts really, & a structure/record is a precursor part to a full-blown CLASS or OBJECT, minus the functions built in, this is for treating numerous variables as a SINGLE VARIABLE (for efficiency, which FORTRAN as a single example, lacks as a feature, @ least Fortran 77 did, but other languages do not))!

I even wrote another that just loaded my HOSTS file's entirety into a listbox, same results... slowest using 127.0.0.1, next slowest using 0.0.0.0, & fastest using 0.

And, sure: Some MORE "goes on" during DNS API loads (iirc, removal of duplicated entries (which I made sure my personal copy does not have these via a program I wrote to purge it of duplicated entries + to sort each entry alphabetically for easier mgt. via say, notepad.exe) & a conversion from decimal values to hex ones), but, nevertheless? My point here "holds true", of slower value loads, record-by-record, from a HOSTS file, when the entries become larger.

So, to "prove my point" to my naysayers?

I timed it using the Win32 API calls "GetTickCount" & then again, using the API calls of "QueryPerformanceCounter" as well, seeing the SAME results (a slowdown when reading in this file from disk, especially when using the larger 127.0.0.1 or 0.0.0.0 line item entries in a HOSTS file, vs. the smaller/faster/more efficient 0).

In my test, I saw a decline in speed/efficiency in my test doing so by using larger blocking addresses (127.0.0.1 &/or 0.0.0.0, vs. the smallest/fastest in 0)... proving me correct on this note!

On this HOSTS issue, and the WFP design issue in my next post below?

I also then questioned MS' own staff, even their VP of development (S. Sinofsky) on this here -> http://blogs.msdn.com/e7/archive/2009/02/09/recognizing-improvements-in-windows-7-handwriting.aspx?CommentPosted=true#commentmessage [msdn.com] & other places in their blogs, to get them to tell me WHY this seemingly intentional inefficiency was implemented... & I have YET to get a solid LOGICAL answer on this as to why it was done - THUS, @ this point?

I am convinced they (MS) do NOT have a good reason for doing this... because of their lack of response there on this note. Unless it has something to do with IPv6 (most folks use IPv4 still), I cannot understand WHY this design mistake imo, has occurred, in HOSTS files...

AND

2.) The "Windows Filtering Platform", which is now how the firewall works in VISTA, Server 2008, & Windows 7...

Sure it works in this new single point method & it is simple to manage & "sync" all points of it, making it easier for network techs/admins to manage than the older 3 part method, but that very thing works against it as well, because it is only a single part system now!

Thus, however?

This "single layer design" in WFP, now represents a SINGLE POINT OF FAILURE/ATTACK for malware makers to 'take down'!

(Which is 1 of the 1st things a malware attempts to do, is to take down any software firewalls present, or even the "Windows Security Center" itself which should warn you of the firewall "going down", & it's fairly easy to do either by messaging the services they use, or messing up their registry init. settings)

VS. the older (up to) 3 part method used in Windows 2000/XP/Server 2003, for protecting a system via IP Filtering, the Windows native Firewall, &/or IPSEC. Each of which uses diff. drivers, & layers of the IP stack to function from, as well as registry initialization settings.

Think of the older 3 part design much the same as the reason why folks use door handle locks, deadbolt locks, & chain locks on their doors... multipart layered security.

(Each of which the latter older method used, had 3 separate drivers & registry settings to do their jobs, representing a "phalanx like"/"zone defense like" system of backup of one another (like you see in sports OR ancient wars, and trust me, it WORKS, because on either side of yourself, you have "backup", even if YOU "go down" vs. the opponent)).

I.E.-> Take 1 of the "older method's" 3 part defenses down? 2 others STILL stand in the way, & they are not that simple to take them ALL down...

(Well, @ least NOT as easily as "taking out" a single part defensive system like WFP (the new "Windows Filtering Platform", which powers the VISTA, Windows Server 2008, & yes, Windows 7 firewall defense system)).

On this "single-part/single-point of attack" WFP (vs. Windows 2000/XP/Server 2003's IP stack defense design in 3-part/zone defense/phalanx type arrangement) as well as the HOSTS issue in my post above?

I also then questioned MS' own staff, even their VP of development (S. Sinofsky) on this here -> http://blogs.msdn.com/e7/archive/2009/02/09/recognizing-improvements-in-windows-7-handwriting.aspx?CommentPosted=true#commentmessage [msdn.com] & other places in their blogs, to get them to tell me WHY this seemingly intentional inefficiency was implemented... & I have YET to get a solid LOGICAL answer on this as to why it was done - THUS, @ this point?

I'll stick to my thoughts on it, until I am shown otherwise & proven wrong.

----

Following up on what I wrote up above, so those here reading have actual technical references from Microsoft themselves ("The horses' mouth"), in regards to the Firewall/PortFilter/IPSec designs (not HOSTS files, that I am SURE I am correct about, no questions asked) from my "Point #2" above?

Thus, I'll now note how:

----

1.) TCP/IP packet processing paths differences between in how Windows 2000/XP/Server 2003 did it (IPSEC.SYS (IP Security Policies), IPNAT.SYS (Windows Firewall), IPFLTDRV.SYS (Port Filtering), & TCPIP.SYS (base IP driver))...

2.) AND, how VISTA/Server 2008/Windows 7 do it now currently, using a SINGLE layer (WFP)...

----

First off, here is HOW it worked in Windows 2000/XP/Server 2003 - using 3 discrete & different drivers AND LEVELS/LAYERS of the packet processing path they worked in:

http://technet.microsoft.com/en-us/library/bb878072.aspx [microsoft.com]

The Cable Guy - June 2005: TCP/IP Packet Processing Paths

====

The following components process IP packets:

IP forwarding Determines the next-hop interface and address for packets being sent or forwarded.

TCP/IP filtering Allows you to specify by IP protocol, TCP port, or UDP port, the types of traffic that are acceptable for incoming local host traffic (packets destined for the host). You can configure TCP/IP filtering on the Options tab from the advanced properties of the Internet Protocol (TCP/IP) component in the Network Connections folder.

* "Here endeth the lesson..." and, if you REALLY want to secure your system? Please refer to this:

http://www.bing.com/search?q=%22HOW+TO+SECURE+Windows+2000%2FXP%22&go=&form=QBRE [bing.com]

APK [mailto]

P.S.=> SOME MINOR "CAVEATS/CATCH-22's" - things to be aware of for "layered security" + HOSTS file performance - easily overcome, or not a problem at all:

A.) HOSTS files don't function under PROXY SERVERS (except for Proximitron, which has a filter that allows it) - Which is *the "WHY"* of why I state in my "P.S." section below to use both AdBlock type browser addon methods (or even built-in block lists browsers have such as Opera's URLFILTER.INI file, & FireFox has such as list as does IE also in the form of TPL (tracking protection lists -> http://ie.microsoft.com/testdrive/Browser/TrackingProtectionLists/ [microsoft.com] , good stuff )) in combination with HOSTS, for the best in "layered security" (alongside .pac files + custom cascading style sheets that can filter off various tags such as scripts or ads etc.) - but proxies, especially "HIGHLY ANONYMOUS" types, generally slow you down to a CRAWL online (& personally, I cannot see using proxies "for the good" typically - as they allow "truly anonymous posting" & have bugs (such as TOR has been shown to have & be "bypassable/traceable" via its "onion routing" methods)).

B.) HOSTS files do NOT protect you vs. javascript (this only holds true IF you don't already have a bad site blocked out in your HOSTS file though, & the list of sites where you can obtain such lists to add to your HOSTS are above (& updated daily in many of them)).

C.) HOSTS files (relatively "largish ones") require you to turn off Windows' native "DNS local client cache service" (which has a problem in that it's designed with a non-redimensionable/resizeable list, array, or queue (DNS data loads into a C/C++ structure actually/afaik

Re:Slashdot criminal activity... apk (-1, Offtopic)

Anonymous Coward | about a year and a half ago | (#43558737)

I hope I never get as bored as you.

If the only enjoyment I could get out of life were to post long, boring drivil that nobody will take seriously, in a pathetic and ineffective attempt to troll people... I'd rather kill myself.

Seriously. Trolling's about the LULZ not the YAWNZ...

Re:Slashdot criminal activity... apk (-1)

Anonymous Coward | about a year and a half ago | (#43559311)

Holy crap if you're referring to the massive post we've all seen 100 times it's gone! I don't see it anywhere, but I assume that's what you were referring to.

This is literally the only time I've ever seen that post deleted. Thank mod.

Re:Slashdot criminal activity... apk (0, Insightful)

Anonymous Coward | about a year and a half ago | (#43559573)

STOP REPLYING TO THESE. The only reason I can see them is because you reply and then get modded up which brings the entire post into my view.

Re:Slashdot criminal activity... apk (-1, Offtopic)

Barsteward (969998) | about a year and a half ago | (#43559107)

just fuck off

Re:Slashdot criminal activity... apk (-1)

Anonymous Coward | about a year and a half ago | (#43559157)

Again/Stressing it: NO guys - it is NOT me doing it,

You're doing it Right NOW
I suggest adding to your hosts file: 127.0.0.1 slashdot.org 127.0.0.1 yro.slashdot.org etc

Re:Slashdot criminal activity... apk (-1)

Anonymous Coward | about a year and a half ago | (#43560535)

Didn't you read? "0.0.0.0 slashdot.org" saves 2 characters and makes your hosts file ~2% smaller! For a 650,000 lines hosts file, that's a big deal!

Re:Slashdot criminal activity... apk (-1)

Anonymous Coward | about a year and a half ago | (#43559413)

Why haven't they banned the IP address of the people posting the above crap... Or LIMIT the dam amount of characters in a post..

apk annoying activicties... dfcp (-1)

Anonymous Coward | about a year and a half ago | (#43559531)

I really hope they forbid you and prevent you from posting those crappy and annoying HOSTS BULLSHIT.

This is RUINING slashdot. If I wanted to know about HOSTS file I would TYPE MAN HOSTS

P.S. => Of course, I would type it in MINUSCULES.

P.S. => Can I add APK to my HOSTS file?

Re:Slashdot criminal activity... apk (0)

Anonymous Coward | about a year and a half ago | (#43559835)

How do I modify my host files so I don't see this bullshit all the time?

Works just fine (5, Funny)

Anonymous Coward | about a year and a half ago | (#43558655)

1) Give intern new shiny bomb detector
2) Send intern to walk around field for a while
3) Intern blows up
4) Success - bomb detected!
5) Added bonus - bomb removed!

Won't work. (5, Funny)

msauve (701917) | about a year and a half ago | (#43559113)

Didn't you read the summary? It's a fake bomb detector. It won't detect real bombs.

Re:Won't work. (4, Funny)

interval1066 (668936) | about a year and a half ago | (#43559313)

The shining endorsement is by a people who also believe in sympathetic magic and possession by evil spirits. Of course the bomb detectors work; you just have to activate them by burning insense in a slot on the side of the detector and appealing to "J'mbibwe", god of bombs and bush babies.

I'm going on the young, female, porn star diet. (-1, Offtopic)

postofreason (1305523) | about a year and a half ago | (#43559501)

I can eat as many of them as I want.

Re:Won't work. (-1, Troll)

firex726 (1188453) | about a year and a half ago | (#43560303)

Also don't they think that if you rape a baby you can cure your STDs?

Just goes to show how badly proper education is needed there.

Re:Won't work. (1)

Anonymice (1400397) | about a year and a half ago | (#43561719)

Dear Mr Pot, ...

Re:Won't work. (0)

Anonymous Coward | about a year and a half ago | (#43559643)

That's what the expendable intern is for. It doesn't work without that component attached to it.

Re:Won't work. (0)

Anonymous Coward | about a year and a half ago | (#43560433)

You didn't get the joke? The intern will detect the real bombs with the fake detector.

Re:Won't work. (1)

Darinbob (1142669) | about a year and a half ago | (#43560519)

However, once you've detected all of the fake bombs then all of the remaining bombs must be real!
Elementary.

Re:Works just fine (0)

Anonymous Coward | about a year and a half ago | (#43559527)

And this guy still has his job? The police brass et all?

Re:Works just fine (2)

WhiteDragon (4556) | about a year and a half ago | (#43559773)

1) Give intern new shiny bomb detector
2) Send intern to walk around field for a while
3) Intern blows up
4) Success - bomb detected!
5) Added bonus - bomb removed!

That's the premise of the game Unexploded Cow [boardgamegeek.com] , only instead of interns, it's cows with Mad Cow Disease.

Re:Works just fine (0)

Anonymous Coward | about a year and a half ago | (#43561053)

It's something of a sad day when a Cheepass Game premise makes more sense than a government policy.

Re:Works just fine (0)

Anonymous Coward | about a year and a half ago | (#43560157)

Bomb detectors are fake.
As long as the bombs are real,
the money keeps coming.
Burma-Shave

http://www.linuxadvocates.com/p/support.html (-1)

Anonymous Coward | about a year and a half ago | (#43558669)

Dear Linux Advocate,

Money doesn't grow on trees. And, Linux Advocates is growing. Naturally, we anticipate operating costs and hope to be able to meet them.

But, any amount you feel you are able to donate in support of our ongoing work will be most surely appreciated and put to very good use. Your contributions keep Linux Advocates growing.

Show your support by making a donation today.

Thank you.

Dieter T. Schmitz
Linux Advocates, Owner

http://www.linuxadvocates.com/p/support.html [linuxadvocates.com]

Re: http://www.linuxadvocates.com/p/support.html (-1)

Anonymous Coward | about a year and a half ago | (#43558801)

Suck my Johnson, Dieter.

Re:http://www.linuxadvocates.com/p/support.html (-1)

Anonymous Coward | about a year and a half ago | (#43558825)

Consider yourself no longer invited to write for Slashdot.

Re:http://www.linuxadvocates.com/p/support.html (-1)

Anonymous Coward | about a year and a half ago | (#43558927)

Linux is faget.

Linux Advocate is faget.

German are faget.

You are faget worse than Michael Jackson.

Re:http://www.linuxadvocates.com/p/support.html (-1)

Anonymous Coward | about a year and a half ago | (#43559125)

wut?

Faget can refer to:
People
Jean Charles Faget (1818 – 1884), American physician
Faget sign medical sign of fever and bradycardia indicating yellow fever
Guy Henry Faget (1891 – 1947), American physician
Maxime Faget (1921 – 2004), American engineer
Mignon Faget, American jewelry designer
Other
Faget (song), a song by the nu metal group Korn from their album Korn
Le Faget, commune in the Haute-Garonne department in southwestern France
Faget-Abbatial commune in the Gers department in southwestern France
Mount Faget, Antarctic mountain

Re:http://www.linuxadvocates.com/p/support.html (-1)

Anonymous Coward | about a year and a half ago | (#43559131)

It's spelled "faggot," not "faget."

Re:http://www.linuxadvocates.com/p/support.html (-1)

Anonymous Coward | about a year and a half ago | (#43559245)

LOL your spelling faget! I bet your one of those liberal faget nerds who fucks they're own father. Haha, fucken faget so uptight about spelling, get a fucken life. I'm just telling it like it is.

Re:http://www.linuxadvocates.com/p/support.html (-1)

Anonymous Coward | about a year and a half ago | (#43559351)

lol only fagets spell it faggot lol

Faget

Re:http://www.linuxadvocates.com/p/support.html (-1)

Anonymous Coward | about a year and a half ago | (#43559449)

I'm not a cigarette you cock smoker.

How's that working for you? (-1, Offtopic)

dsvick (987919) | about a year and a half ago | (#43559499)

To regularly spam the people you want to get to donate money to you.

Re:How's that working for you? (0)

aicrules (819392) | about a year and a half ago | (#43559595)

When did all this anonymous post spamming start...I was off slashdot for only a few months, so is this pretty new?

I have a pussy detector (-1)

Anonymous Coward | about a year and a half ago | (#43558679)

I have a fake pussy detector and it's a real bitch.

Re:I have a pussy detector (-1, Offtopic)

Anonymous Coward | about a year and a half ago | (#43558765)

Thats not a fake pussy... it's an asshole!

Re:I have a pussy detector (-1, Offtopic)

ls671 (1122017) | about a year and a half ago | (#43558843)

According to TFS, they use "divining rods". For pussies, I just detect them with my own built-in rod which isn't fake.

Re:I have a pussy detector (0)

Type44Q (1233630) | about a year and a half ago | (#43558909)

I just detect them with my own built-in rod which isn't fake.

That works great until you get koro [wikipedia.org] and can't find it...

:p

no testing I guess? (2)

Trepidity (597) | about a year and a half ago | (#43558771)

You'd think if you were buying some devices claiming to detect something-or-other, you would try out a specimen and see if it works. Did all of these countries he sold them to fail to do any testing on whether they worked?

Re:no testing I guess? (4, Insightful)

jythie (914043) | about a year and a half ago | (#43558889)

Problem is confirmation bais is really easy to sell on people, so they honestly believe they did test it out and it worked.

Re:no testing I guess? (5, Funny)

nitehawk214 (222219) | about a year and a half ago | (#43559471)

Problem is confirmation bais is really easy to sell on people, so they honestly believe they did test it out and it worked.

You are only saying that because you want people to believe in confirmation bias.

Re:no testing I guess? (1)

Sentrion (964745) | about a year and a half ago | (#43560829)

And to confirm that bais is the proper way to spell bais.

Re:no testing I guess? (2)

edcalaban (1077719) | about a year and a half ago | (#43558899)

> Did all of these countries he sold them to fail to do any testing on whether they worked?

They passed the bribe test successfully. What more do we need?

Re:no testing I guess? (5, Insightful)

Hatta (162192) | about a year and a half ago | (#43558963)

Police work in any country is more about the appearance of security than actual security. It doesn't matter if it works. It only matters if it keeps people calm.

I'm not advocating this as the way it should be, just the way it is. We'd all actually be safer if we switched to evidence based policing. But then the government couldn't get away with shit like the War on Drug Users.

Re:no testing I guess? (1)

CdBee (742846) | about a year and a half ago | (#43559431)

Also , in that particular culture the appearance of not having been duped / not losing face is worth more than any degree of integrity and honesty. Plus - maybe the bomb un-detectors have a placebo effect on potential bombers?

Re:no testing I guess? (2)

eugene6 (2627513) | about a year and a half ago | (#43559611)

I think you're right. Run three lines with conspicuous fake bomb detectors on two, and all the bombs will pass through the third line.

Re:no testing I guess? (2)

flanders123 (871781) | about a year and a half ago | (#43560333)

I agree with the "appearance of security" bit.

I have season tickets to an NFL team. The stadium security staff "scans" everyone entering using hand-held devices (metal detectors?) that I believe to be fake.

They have been using these for a few years, I have never once seen anyone stopped after a scanning. No one is asked to empty pockets. The devices do not appear to omit any audible or visual feedback....even when going over cell phones, keys, or flasks of whiskey.

If it helps some people feel more secure, I'm ok with that I guess.

Re:no testing I guess? (0)

Anonymous Coward | about a year and a half ago | (#43561131)

I agree with the "appearance of security" bit.

I have season tickets to an NFL team. The stadium security staff "scans" everyone entering using hand-held devices (metal detectors?) that I believe to be fake.

They have been using these for a few years, I have never once seen anyone stopped after a scanning. No one is asked to empty pockets. The devices do not appear to omit any audible or visual feedback....even when going over cell phones, keys, or flasks of whiskey.

If it helps some people feel more secure, I'm ok with that I guess.

Those are the same "metal detector wands" they used to use at airports to follow up on a walk-through metal detector alert as they can narrow down where the metal that triggered the walk through is (helps distinguish between a plate in your head and a gun down you pants). If they detect something they will make an audible sound. However if you don't care about finding people's keys or piercings, you can turn them off and just pretend they will catch guns and mostly be OK (people only rarely bring guns to sporting events or on airplanes).

Re:no testing I guess? (1)

squiggleslash (241428) | about a year and a half ago | (#43561387)

There's a warehouse store I frequent, with the unlikely name of "BJs [bjs.com] , that insists on checking everyone leaving for, well, supposedly stolen merchandise.

They do this by asking for the receipt. They then look for items listed on the receipt, and verify those items are in the shopping basket. After a couple of checks to make sure different items listed on the receipt are in your basket, they wish you a good day and wave you on.

Yes, that's right. They check you have the items you bought, not that you have items you didn't buy. I'm sure the presence of a check makes people feel like they wouldn't get away with stealing anything though.

Re:no testing I guess? (2)

Plunky (929104) | about a year and a half ago | (#43561799)

They do this by asking for the receipt. They then look for items listed on the receipt, and verify those items are in the shopping basket. After a couple of checks to make sure different items listed on the receipt are in your basket, they wish you a good day and wave you on.

They are not checking you, they are checking that the checkout staff are not in collusion with thieves.. I worked in a large DIY store once, and their stated theory was that 90% of the thieves were customers but that 90% of the value stolen was staff, as the staff had vastly more opportunity.. so to keep the shrinkage down, the security watched the staff.

Re:no testing I guess? (1)

b4upoo (166390) | about a year and a half ago | (#43561271)

It sort of starts with the meaning of security. To lock down or prevent movement is one definition of security. So a security guard walking by a client who does not move and is stretched out on the asphalt in the parking area need do nothing. The body would be even more secure if it were chained to a tree. The guard's duty is to observe and report so if he notices that the building is on fire he should note it in his report for end of shift.

Re:no testing I guess? (1, Funny)

rwise2112 (648849) | about a year and a half ago | (#43559137)

You'd think if you were buying some devices claiming to detect something-or-other, you would try out a specimen and see if it works. Did all of these countries he sold them to fail to do any testing on whether they worked?

You see they are not using them right. They are trying to detect 'real bombs', when clearly this is a 'fake bomb' detector!

bribery (1)

SuperBanana (662181) | about a year and a half ago | (#43559149)

You'd think if you were buying some devices claiming to detect something-or-other, you would try out a specimen and see if it works. Did all of these countries he sold them to fail to do any testing on whether they worked?

The inventor is being accused of bribery as well, paying "millions" of pounds to Iraqi politicians/leaders.

Set up a simple demo which "shows" the detector finding something so that they have plausible deniability or actually believe the "test", and then hand them a fat wad of cash so they don't care one way or the other.

I'm sure the demos consisted of someone walking up to a defused-but-otherwise-real "bomb" and the thing going "beep" either because it was basic metal detector, or because someone was pushing a button or twiddling a knob. I'd be amazed if they felt the need to demonstrate it *not* finding something.

Re:no testing I guess? (2)

Culture20 (968837) | about a year and a half ago | (#43559917)

Sure, but they used golfballs as filler in their mock-bombs for the testing.

Re:no testing I guess? (2)

sabt-pestnu (967671) | about a year and a half ago | (#43560739)

A follow-up poster replied "confirmation bias". I have to say "so what?"

To function as a bomb detector, all it has to do go bleep when it detects some kind of thing, used in some kind of bomb. Chemical compounds, object density, ferrous metal content, anything.

To be useful as a bomb detector, it doesn't even have to do that - it just has to help reinforce safe handling procedures for "unknown objects".

False positives don't matter - if you have a device that, one time, keeps one operator from doing something that causes a live bomb from going off and killing him, then you've got a win. False negatives do matter, if the person operating the device doesn't recognize the possibility of a false negative and simply relies on the device to say yes or no. Confirmation bias? Someone who finds bombs on a regular basis is likely to recognize signs, consciously or unconsciously. To that end, a dowsing rod would be as useful.

So even if the devices were PURE snake oil, they'd still be useful as a mental prop.

Re:no testing I guess? (1)

safetyinnumbers (1770570) | about a year and a half ago | (#43561417)

The pendulum spins clockwise when held over a genuine one.

Other useful devices (1)

kruach aum (1934852) | about a year and a half ago | (#43558779)

Perhaps they would have benefited more from a gullible idiot detector. Though thinking about it, I guess that's already an additional purpose of these devices. The irony being, of course, than you can't use them for that purpose when you're a gullible idiot yourself.

Re:Other useful devices (1)

nitehawk214 (222219) | about a year and a half ago | (#43559523)

Perhaps they would have benefited more from a gullible idiot detector.

They are called eyes. And mine constantly detect them.

Re:Other useful devices (2)

wonkey_monkey (2592601) | about a year and a half ago | (#43559873)

Perhaps they would have benefited more from a gullible idiot detector.

Good news. These devices are equally effective at that as they are at detecting bombs!

Always wanted to detect fake bombs (1)

Anonymous Coward | about a year and a half ago | (#43558817)

Good! Glad to know someone out there has developed easy-to-use technology to detect if a bomb is fake! That'll certainly be a load off my mind whenever I see a shoddily-constructed homemade bomb. I'll be able to easily check to see if it's authentic or if it's just made by some poser looking to bite a popular style.

Reminiscent of Bagdad-Bob (1)

Doug Otto (2821601) | about a year and a half ago | (#43558959)

"There are no US tanks in Bagdad!"

Re:Reminiscent of Bagdad-Bob (2, Funny)

Anonymous Coward | about a year and a half ago | (#43559465)

He knew this because his tank detector was reading zero.

Thailand too.... (5, Interesting)

ShawnDoc (572959) | about a year and a half ago | (#43559015)

About 2 years ago, when it came to light these bomb detectors were totally fake, the Thai government, who has bought a whole bunch of these came out insisting they were real and worked. My hunch is there are no "real" portable bomb detectors (other than a trained dog), and government middle managers under pressure to buy bomb detectors bought the only thing on the market claiming to do that regardless of whether it worked or not. They knew it didn't work, but the politicians further up the chain didn't care, they just wanted to be able to say they'd purchased bomb detectors and people would be safe. Alternately, maybe James was just really good at structuring kickbacks and bribes to the decision makers. Its not like Thailand, Iraq or Kenya's governments are corruption free.

Re:Thailand too.... (3, Insightful)

Dahamma (304068) | about a year and a half ago | (#43559269)

Yeah, if there was such thing as a *reliable* portable bomb detector, you'd think US law enforcement would stop detonating people's "suspicious" laptops and grocery bags left on the street.

Re:Thailand too.... (2)

K. S. Kyosuke (729550) | about a year and a half ago | (#43560515)

Yeah, if there was such thing as a *reliable* portable bomb detector, you'd think US law enforcement would stop detonating people's "suspicious" laptops and grocery bags left on the street.

Why would they do it? Do you know how much fun it is to blow things up AND get paid for it by the government? It seriously beats blowing things up and getting thrown into jail by the same government. I'm certain they have them but don't want to get rid of the fun.

Don't forget: (1)

drainbramage (588291) | about a year and a half ago | (#43560765)

They also get hazardous duty pay and any overtime multiplies that rate.
And you get to blow thing s up.

Re:Thailand too.... (0)

Anonymous Coward | about a year and a half ago | (#43561107)

But it's fun!

Re:Thailand too.... (0)

Anonymous Coward | about a year and a half ago | (#43561245)

Portable X-ray? Many dentists have digital X-ray systems. Stick the sensor in your mouth, move the zapper to the other side, retreat to a safe distance and press the button. Couldn't be too difficult to have that thing powered by a car battery, and have the sensor and zapper move around automatically. There are portable X-ray systems for metallurgy analysis, so if they can get X-ray through plate steel, a suitcase should be easy.

Re:Thailand too.... (1)

K. S. Kyosuke (729550) | about a year and a half ago | (#43560349)

About 2 years ago, when it came to light these bomb detectors were totally fake, the Thai government, who has bought a whole bunch of these came out insisting they were real and worked.

Wasn't there a story some time ago on this very site about the Iraqis doing exactly the same thing?

Re:Thailand too.... (1)

mcmonkey (96054) | about a year and a half ago | (#43560435)

My hunch is there are no "real" portable bomb detectors (other than a trained dog), and government middle managers under pressure to buy bomb detectors bought the only thing on the market claiming to do that regardless of whether it worked or not. They knew it didn't work, but the politicians further up the chain didn't care, they just wanted to be able to say they'd purchased bomb detectors and people would be safe.

Yeah, about that...

http://www.science20.com/gerhard_adam/how_reliable_are_sniffing_dogs-95956 [science20.com]

I just don't know. (0)

briancox2 (2417470) | about a year and a half ago | (#43559121)

I suppose I could read the stories of deception on this matter and draw the conclusion that the bomb detectors don't work. But have I tested them? No. I think it's important to know what it is we don't know while reading news stories.

I would not be surprised that the bomb detectors have some usefulness. I am sure they do not meet the quality and reliability standards of the Western world. But the third world is often making good use of technology we would simply throw away. Look at medical science. Third world hospitals will often solve problems without the use of million dollar medical devices because something works. Maggot therapy isn't very popular for fighting infection in the US, but it works and it works very well, without the side effect of developing resistive bacterial strains. It saves lives where "better solutions" are not available.

Re:I just don't know. (4, Informative)

chaodyn (1313729) | about a year and a half ago | (#43559385)

I don't think they have any usefulness... they don't have any electronic parts, batteries, or such - they use a paper card to "select" what you are searching for - it's basically a plastic handle with a metal antenna not connected to anything. It's a divining rod, and that's all. I think the buyers should have realized something was fishy when the manufacturer said they were powered by static electricity of the user "walking around."

Re:I just don't know. (2)

omnichad (1198475) | about a year and a half ago | (#43559945)

Nevermind the fact that if there were that much static around it might set off a bomb. But there's so many types of explosives, they wouldn't all react anywhere near the same electrically.

Re:I just don't know. (1)

jcochran (309950) | about a year and a half ago | (#43559455)

You think that a retractable antenna on a swivel would fail to meet the quality and reliability standards of the Western world? I would agree with you on that point. However, I would also say that the same thing would fail to meet the quality and reliability standards of anyone who has two or more brain cells on speaking terms with each other regardless of where they happen to live in this world.

Re:I just don't know. (4, Interesting)

lxs (131946) | about a year and a half ago | (#43559469)

You know, about 15 years ago I worked in an electronics store. For an April fools joke I once stuck an antenna and an LED in a mains plug and put it in the shop window as a "wireless extension cord - 29.95" I got quite a few interested customers for this item. From what I have picked up from the coverage of the trial these devices are about as sophisticated as my five minute handywork.
I can build one and sell it to you for an inflation adjusted price. You could draw the conclusion from my post that I'm selling you a bunch of junk, but have you tested it? No.

Come to think of it, your post reminds me of the poor sods coming in for a 555 timer IC a 9V battery clip and a couple of passive components, convinced that they could build a cancer defeating device described in some quack book. No use in arguing with them but I felt sad after they'd gone, and bad for taking their money.

Re:I just don't know. (1)

tibit (1762298) | about a year and a half ago | (#43561123)

There is no such thing as a portable bomb detector. It's pure fantasy at this point. Just because you wish for something very hard doesn't make it possible. Yes, those things do have some usefulness. You can use them as paperweights. They are very lousy doorstops.

"Security theatre" for real? (3, Interesting)

kheldan (1460303) | about a year and a half ago | (#43559219)

I'm taking this story to mean that they've got these fake, non-functional bomb/drug/illicit substance detectors, and they know they're fake, but "officially" they work great, thus they use the fiction of their functionality to support their "finding" of said illicit substances, where in reality they used methods that otherwise would not be admissable in court; it's a con-job turned on it's head. I can't condone it, if I'm correct then they're completely corrupt, but it's still clever of them, if rather scary that any police force could be allowed to function that way.

Re:"Security theatre" for real? (5, Insightful)

Impy the Impiuos Imp (442658) | about a year and a half ago | (#43559341)

They would be useful, even if fake, if terrorists thought them real and skipped attempts.

FBI and friends use lie detectors even though they are hogwash. I assume it's for the same reason: to scare people rather than use as a physical filter. Only the high-level strategists need know it doesn't work -- the plebe agents don't.

Re:"Security theatre" for real? (1)

Anonymous Coward | about a year and a half ago | (#43559549)

Oh definitely, long time ago I had to take a polygraph for a job and during the exam, I felt as if a game was being played in which I hadn't been informed as to the rules. They had issues with my results and scheduled a follow up exam. And during that time, I decided to research the polygraph. I did from time to time see references to a 'classified study' on their effectiveness, but never saw the study of course. However, if said study happened to match what I found out in publicly available literature, and if I were to be a classification authority, I too would have classified such a study. The reason is quite simple. To summarize my findings. As a tool for detecting lies from truth, totally worthless. You might as well flip a coin. However, as a tool for eliciting voluntary confessions from naive subjects? Extremely effective. The key there is 'naive subjects'. Once you know it's bullshit and refuse to talk, it's effectiveness goes away.

Props for Security Theater (1)

Comboman (895500) | about a year and a half ago | (#43559415)

I'm sure they work just as well as other Security Theater props like porno-scanners and face-recognition cameras. In fact, they probably have a lot lower rate of false positives.

Someone is sweating (3, Insightful)

paiute (550198) | about a year and a half ago | (#43559291)

I think we can figure out from the summary alone who took kickback money to buy these things.

So a quadrotracker? (2)

Riceballsan (816702) | about a year and a half ago | (#43559301)

So essentially it sounds to me like the Quadro QRS 250G "Detector" device sold a few decades back http://skepdic.com/quadro.html [skepdic.com] . Of which even after they were proven to be just an antenna, hooked to a box filled with dead ants. Many schools found it worth it to keep them for detecting drugs because the security theatre aspect, if the students think a machine can detect drugs... they will be afraid to bring drugs.

Re:So a quadrotracker? (1)

RobinH (124750) | about a year and a half ago | (#43560207)

Any "detector" can detect drugs in a high school, if it tells you to open enough lockers.

Re:So a quadrotracker? (1)

Darinbob (1142669) | about a year and a half ago | (#43560609)

It could be. The earlier BBC report about the trial says that they were based on "novelty" golf ball detectors.

Of course (-1, Flamebait)

Dishevel (1105119) | about a year and a half ago | (#43559439)

because Kenyans are in fact ...
Idiots.

Re:Of course (1)

wonkey_monkey (2592601) | about a year and a half ago | (#43559903)

because people are in fact ...
Idiots.

FTFY. Also MILR.

Great news for Nigerian princes! (2, Funny)

Anonymous Coward | about a year and a half ago | (#43559473)

If these things don't work, it's great news for all those Nigerian princes trying to move money - just route it through Kenya! No more depending on those greedy and overly-skeptical first-world emailers.

They are real, not fake (1)

Anonymous Coward | about a year and a half ago | (#43559541)

Oh, don't get me wrong- the 'bomb detectors' most certainly cannot detect anything to do with real bombs, but that was NEVER their purpose. They are intended to be a tool of the police-state. Justification for uniformed goons to stop you, interrogate you, and take you off to torture centres using the 'bomb detector' as an excuse.

The USA has torture facilities all across our planet. Other states are able to argue that if kidnap and torture is good enough for America, it most certainly is good enough for them also. All that one needs is ANY justification to round up the 'suspects' in the first place.

The UK used exactly the same trick during its 'war' against the IRA. It employed (now discredited) forensic 'scientists' to create 'bomb tests' that almost everyone was certain to fail. Of course, positive results were only of interest when those that showed such results were already the targets of the British government. Hand swabs were used that would either detect bomb chemical residue, or common household plastics with exactly the same indication. Dozens of Irish men, women and children (yes, kids as well) were falsely accused as a result of such tests, and later convicted to decades in prison. All were subsequently released as completely innocent people set up by fake forensic evidence.

The intelligence services in the UK knew the people they accused of being bombers were innocent, but they needed to look as if they were making progress in combating the real militants in the IRA- people who were far too good, and far too well protected to easily fall prey to the public school chumps that attempted to catch them. To the public, an innocent Irish person could easily be sold as a deadly IRA terrorist because the British mass media (including the BBC) would run massive propaganda campaigns after each conviction 'proving' to the sheeple that the conviction was justified. The BBC and ITV in particular would produce documentaries detailing how the convicted patsies (each of whom would be later given a full pardon, remember) were clearly violent, radical, and well trained terrorists.

You Yankees are seeing exactly the same process with the aftermath coverage of the marathon bombings in Boston. Had the British tortured and murdered its fake IRA patsies, as you torture and murder your fake 'Muslim' patsies, even today people in Britain would think these people still responsible for IRA bombing atrocities. The truth came out in Britain because the innocent victims of Britain's intelligence agencies were (relatively) well treated, given an ordinary criminal trial, and sent to ordinary prisons after conviction. As a result, their supporters were able to ensure the truth eventually came out.

Britain has a long history of providing a full spectrum of police-state tools and services to 'friendly' despotic regimes. Britain's friends get the support required to ruthlessly quash even the mildest opposition to even the most brutal regime. Britain's enemies find that even their most vile and unreasonable opposition movements get full funding, military training, and all the most murderous arms they need to conduct the foulest of terrorist campaigns against the ordinary civilian population (see Libya and Syria for the most recent examples).

It works just fine..... (2, Funny)

Anonymous Coward | about a year and a half ago | (#43559659)

you're just not holding it right.

Jobs

a thought (2)

nimbius (983462) | about a year and a half ago | (#43559723)

terrorist: so does that bomb detector really work? i need to know because it takes a super long time to put one of these things together and i dont want to waste a bunch of time just getting arrested.
trollface kenyan officer: they dont not work.
terrorist: ok but a court in the UK said the detectors were all fake.
trollface kenyan officer: our fake detectors work.

Denial (3, Insightful)

dkleinsc (563838) | about a year and a half ago | (#43559765)

It's not just a river with sources in Kenya.

email massacre (0)

Anonymous Coward | about a year and a half ago | (#43559783)

If you didn't mind having the blood of thousands of innocents on your hands, you could drop them a revised user's manual documenting the 'witchcraft detector' and 'gaydar' features of this highly capable unit.

Here's how they work... (3, Insightful)

Beorytis (1014777) | about a year and a half ago | (#43559985)

Two ways they might work:
  1. Officer using detector is forced to get up off his butt and wave the magic wand around. In the process he notices the bomb.
  2. Potential bomber sees officer with magic gadget and decides to bomb somewhere else.

Gives police an excuse to search (0)

Anonymous Coward | about a year and a half ago | (#43561995)

Here's how it really works: Officer decides someone "looks funny" because of their race, religion, dress, etc. and goes looking for an excuse to search them. Consciously or unconsciously, they cause the dowsing rod to go off, seemingly validating their suspicion and providing a facade of objectivity.

As long as no one challenges whether the device actually detects bombs, they can search people arbitrarily without cause. Of course they don't want to admit it's a fraud.

the american president (0)

Anonymous Coward | about a year and a half ago | (#43560195)

is from kenya too.

Re:the american president (1)

drainbramage (588291) | about a year and a half ago | (#43560799)

Should have used the bomb detector on that joke.....

Typical Africa (-1)

Anonymous Coward | about a year and a half ago | (#43560613)

And this, ladies and gentlemen, is why Africa will always be a backward, violence-, poverty- and disease-ridden hell hole with no hope: endemic superstitious belief.

They cling to all kinds of superstition, whether it's apocalyptic Christianity, Islamic Fundamentalism, AIDS denial, stone-age mysticism..

english grammer (0)

Anonymous Coward | about a year and a half ago | (#43560755)

I'm confused, is it:

(fake bomb) detector

or

fake (bomb detector)

This is a way to create probable cause (1)

spiritplumber (1944222) | about a year and a half ago | (#43560785)

This is a way to create probable cause. The "bomb detector" wriggled? That's our cue/excuse to take your car apart, call in the bomb sniffer dogs, and so on. It's science woo at its purest. These things were used in Iraq for a while as well, there was a similar scandal.

They do work (1)

jeti (105266) | about a year and a half ago | (#43561009)

The feedback of the indicator is open to interpretation. If you want to search a car, just use it and claim a positive reading. This gives you probable cause for a search. Same as K9 dogs. They are able to detect stuff, but that seems to be becoming merely an additional benefit.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?