Slashdot Mirror

Oliver Day (SYMANTEC/SECURITYFOCUS):

http://www.securityfocus.com/c...

"The host file on my day-to-day laptop is now over 16,000 lines long. Accessing the Internet -- particularly browsing the Web -- is actually faster now."

"... More recently, projects like Spybot Search and Destroy offer lists of known malicious servers to add a layer of defense against trojans and other forms of malware"

OReilly on hosts for security -> http://oreilly.com/pub/a/windo... & For speed -> http://www.oreillynet.com/pub/...

Steve Gibson endorses hosts as good https://www.grc.com/sn/sn-045....

Aryeh Goretsky of ESET/NOD32: hosts = good security http://it.slashdot.org/comment...

Brocke Wilders of WILDERS' SECURITY does via an inferior clone of MY PROGRAM http://www.wilderssecurity.com...

Mr. Steven Burn of Malwarebytes hpHosts' Admin hosts + RECOMMENDS my work http://hosts-file.net/?s=Downl...

APK

P.S.=> What's that you said FAKE NAME for yer FAKE LIFE online loser? apk

Oliver Day (SYMANTEC/SECURITYFOCUS):

http://www.securityfocus.com/c...

"The host file on my day-to-day laptop is now over 16,000 lines long. Accessing the Internet -- particularly browsing the Web -- is actually faster now."

"... More recently, projects like Spybot Search and Destroy offer lists of known malicious servers to add a layer of defense against trojans and other forms of malware"

OReilly on hosts for security -> http://oreilly.com/pub/a/windo... & For speed -> http://www.oreillynet.com/pub/...

Steve Gibson endorses hosts as good https://www.grc.com/sn/sn-045....

Aryeh Goretsky of ESET/NOD32: hosts = good security http://it.slashdot.org/comment...

Brocke Wilders of WILDERS' SECURITY does via an inferior clone of MY PROGRAM http://www.wilderssecurity.com...

Mr. Steven Burn of Malwarebytes hpHosts' Admin hosts + RECOMMENDS my work http://hosts-file.net/?s=Downl...

APK

P.S.=> What's that you said FAKE NAME for your FAKE LIFE online loser? apk

Oliver Day (SYMANTEC/SECURITYFOCUS):

http://www.securityfocus.com/c...

"The host file on my day-to-day laptop is now over 16,000 lines long. Accessing the Internet -- particularly browsing the Web -- is actually faster now."

"... More recently, projects like Spybot Search and Destroy offer lists of known malicious servers to add a layer of defense against trojans and other forms of malware"

OReilly on hosts for security -> http://oreilly.com/pub/a/windo... & For speed -> http://www.oreillynet.com/pub/...

Steve Gibson endorses hosts as good https://www.grc.com/sn/sn-045....

Aryeh Goretsky of ESET/NOD32: hosts = good security http://it.slashdot.org/comment...

Brocke Wilders of WILDERS' SECURITY does via an inferior clone of MY PROGRAM http://www.wilderssecurity.com...

Malwarebytes hpHosts' Admin hosts + RECOMMENDS my work http://hosts-file.net/?s=Downl...

APK

P.S.=> Eat your words... apk

Oliver Day (SYMANTEC/SECURITYFOCUS):

http://www.securityfocus.com/c...

"The host file on my day-to-day laptop is now over 16,000 lines long. Accessing the Internet -- particularly browsing the Web -- is actually faster now."

"... More recently, projects like Spybot Search and Destroy offer lists of known malicious servers to add a layer of defense against trojans and other forms of malware"

OReilly on hosts for security -> http://oreilly.com/pub/a/windo... & For speed -> http://www.oreillynet.com/pub/...

Steve Gibson endorses hosts as good https://www.grc.com/sn/sn-045....

Aryeh Goretsky of ESET/NOD32: hosts = good security http://it.slashdot.org/comment...

Brocke Wilders of WILDERS' SECURITY does via an inferior clone of MY PROGRAM http://www.wilderssecurity.com...

Mr. Steven Burn of Malwarebytes hpHosts' Admin hosts + RECOMMENDS my work http://hosts-file.net/?s=Downl...

APK

P.S.=> Still butthurt I prove you wrong https://yro.slashdot.org/comme...

Oliver Day (SYMANTEC/SECURITYFOCUS):

http://www.securityfocus.com/c...

"The host file on my day-to-day laptop is now over 16,000 lines long. Accessing the Internet -- particularly browsing the Web -- is actually faster now."

"... More recently, projects like Spybot Search and Destroy offer lists of known malicious servers to add a layer of defense against trojans and other forms of malware"

OReilly on hosts for security -> http://oreilly.com/pub/a/windo... & For speed -> http://www.oreillynet.com/pub/...

Steve Gibson endorses hosts as good https://www.grc.com/sn/sn-045....

Aryeh Goretsky of ESET/NOD32: hosts = good security http://it.slashdot.org/comment...

Brocke Wilders of WILDERS' SECURITY does via an inferior clone of MY PROGRAM http://www.wilderssecurity.com...

Malwarebytes hpHosts' Admin hosts + RECOMMENDS my work http://hosts-file.net/?s=Download/

APK

Oliver Day (SYMANTEC/SECURITYFOCUS):

http://www.securityfocus.com/c...

"The host file on my day-to-day laptop is now over 16,000 lines long. Accessing the Internet -- particularly browsing the Web -- is actually faster now."

"... More recently, projects like Spybot Search and Destroy offer lists of known malicious servers to add a layer of defense against trojans and other forms of malware"

OReilly on hosts for security -> http://oreilly.com/pub/a/windo... & For speed -> http://www.oreillynet.com/pub/...

Steve Gibson endorses hosts as good https://www.grc.com/sn/sn-045....

Aryeh Goretsky of ESET/NOD32: hosts = good security http://it.slashdot.org/comment...

Brocke Wilders of WILDERS' SECURITY does via an inferior clone of MY PROGRAM http://www.wilderssecurity.com...

Mr. Steven Burn of Malwarebytes hpHosts' Admin hosts + RECOMMENDS my work http://hosts-file.net/?s=Downl...

APK

P.S.=> Tavis Ormandy of Google found bugs in all antiviruses helped me even more... apk

"a host file is a solution to security" - by "YeTi" the NO BALLS unidentifiable Anonymous Coward

http://www.securityfocus.com/columnists/491 (SYMANTEC Oliver Day)

"The host file accessing the Internet particularly browsing the Web is actually faster now... as a means to block advertising and as a way to avoid being tracked by sites that use cookies"

OReilly: For security -> http://oreilly.com/pub/a/windows/2004/03/30/hosts.html/ & For speed -> http://www.oreillynet.com/pub/a/network/excerpt/winxphacks_chap1/index1.html?page=3/

Steve Gibson endorses hosts https://www.grc.com/sn/sn-045.htm/

Aryeh Goretsky NOD32/ESET endorses hosts http://it.slashdot.org/comments.pl?sid=7442373&cid=49747129/

Brocke Wilders SECURITY http://www.wilderssecurity.com/threads/hosts-block.378901/

MalwareBytes' hpHosts' hosts + RECOMMENDS my program!

APK

P.S.=> Dozens of /.'ers like & use my program - You're outnumbered by FAR... apk

I used this utility from Gibson Research Corp. Works great. https://www.grc.com/never10.ht...

Steve Gibson had suggested a configuration of three routers to isolate IoT devices. https://www.grc.com/sn/sn-545.... Again, it depends on how much you want to put "common consumers" through. I'd submit that unless it's ridiculously easy, the vast majority of consumers would simply scoff and claim it wasn't worth the trouble. (And those are the folks who probably were the main constituents of the recent botnets)

If you leave browsers up all all the time, they have the same problem. Firefox and Chrome. https://www.grc.com/sn/sn-580....

TrueCrypt 7.1a

TrueCrypt 7.1a hashes.

TrueCrypt from Switzerland -- Swiss Mirror

From the limited information, it looks like this is probably dependent on a centralized server somewhere doing the authentication. I would much prefer a system that is entirely between you and whatever sites you log into, with no central server to go down and take all your logins with it. SQRL seems like a pretty good approach. (But we're probably going to get stuck with a hundred different competing incompatible systems.)

Yes.

My general instruction to people has been:

Step 1: Go here
Step 2: Copy a suitable string, depending on the limits of the system you're creating a password for
Step 3: Add a 4 - 6 digit PIN
Step 4: Paste it in, write it down, or use something like Keepass.

Hell, letting your browser remember your password is better than picking something stupid.

• Some people interpret this to mean each pixel should be one arc-minute or smaller. If that's your standard, then the pixel size has to be 1 / tan (1 arc-minute) = 3438 smaller than the viewing distance. If you're holding your phone 12 inches from your eye, that corresponds to 286 PPI being all that's needed. That's what the Retina displays target - 326 PPI before the iPhone 6+.
• Other people interpret this to mean you need two pixels per arc-minute. After all, to form a line pair with a separation, you need a row of white pixels with a row of black pixels in between. So then the pixel size becomes 1 / (0.5 arc-minutes) = 6875.5 smaller than the viewing distance. If you're holding your phone 12 inches from your eye, that corresponds to 573 PPI.

It should be noted though that this is for luminosity resolution - your ability to resolve details of any color. This is why printers target 600 PPI - because they print in black and white. Within a specific color, your eye's resolution is substantially worse. Especially for blue, and somewhat for red (the density of your red and blue cones is lower than for green cones and rods). This is the basis behind Pentile displays, which cuts the blue and red resolution in half.* All the bad press coverage they've gotten is by ignorant reporters who compare magnified photos of it completely oblivious that magnifying it defeats the whole purpose. This strategy of reducing red and blue resolution has been used since NTSC video transmissions, and is still used today in JPEG and MPEG encoding. You've been seeing pictures on the web and digital videos all this time with reduced red and blue resolution. If you've never notice this before, then you've basically affirmed that Pentile works.

Anyway, it's a moot point on the Samsung displays because they design them to be used in the Gear VR headsets. Those provide a 96 degree wide angle of view, which to fool 20/20 vision would require 5760 pixels for each eye. Which which correspond to a 11520x6480 resolution display on a 5.7 screen, or 2319 PPI. Any lower than that and you can "see this pixels." This is why the 3D graphics and display screen industries still have a lot of room left to grow, even though CPUs have pretty much hit the point where a low-end CPU is "good enough" for most people's needs.

* The more clever displays take further advantage of this difference between color resolution and luminosity resolution, and use something called subpixel rendering. For an RGB stripe, this corresponds to shifting the "pixel" by 1/3 pixel increments. So if you're trying to display a white dot using two pixels, you actually have 4 possible locations. RGB rgb, rGB Rgb, rgB RGb, and rgb RGB. The problem (for displays you can rotate) is that this extra resolution is only along one axis - usually the horizontal. Windows subpixel rendering for fonts (ClearType) basically turns your 1920x1080 display into a 5760x1080 display for fonts. Pentile overcomes this by using a subpixel layout which is symmetric in both the horizontal and vertical axes. So you can use the same subpixel rendering algorithm regardless of whether the display is in landscape or portrait mode. It really is a superior subpixel layout, which has gotten a bad rap because early implementations had too low a PPI and thus the pixels were visible and lines and fonts were "fuzzy".

This is also why these super-high resolution screens aren't as important for Windows as they are for Macs. Subpixel rendering like ClearType shifts the location of letters by up to 1/3 pixel to make them line up with the subpixel grid. Apple knew their computers were used by most page layout professionals which would find this unacceptable. So their font rendering engine (based o

They may be crap, but it does not appear that this attack would work with SQRL. The SQRL client hashes the URL of the website, signs the result, and then sends the result to the URL encoded in the QR code. In this attack, the client would see that there is a mismatch between the phishing website and the URL encoded in the QR code. If the attacker modifies the QR code to fix that discrepancy, the SQRL blob would have the wrong URL hashed and the server would reject the login attempt.

The researcher does not mention SQRL in his post or the github repo. That was added by the editor or the submitter.

https://www.grc.com/never10.ht...

https://voat.co/v/technology/c...

http://ultimateoutsider.com/do...

https://www.safer-networking.o...

Any, or all, of those seem to be safe to use. Try one, or try them all. They mostly duplicate each other's measures, but they aren't quite all the same, either.

"Macs have hosts files too & they are just as useless for what APK wants" - by Coren22 ( 1625475 ) on Friday July 08, 2016 @03:40PM (#52473587)

Coren22 7 security & web pros disagree w/ your offtopic bs (just as our /. peers did too in the link in my ps below too):

Aryeh Goretsky NOD32/ESET hosts = good security http://it.slashdot.org/comment...
Steven Burn of Malwarebytes does (hosting & recommending my ware no less - something YOU can never ever manage, lol).
Oliver Day (SYMANTEC/SECURITYFOCUS) http://www.securityfocus.com/c...
Brocke Wilders of WILDERS' SECURITY does http://www.wilderssecurity.com...
Steve Gibson https://www.grc.com/sn/sn-045....
OReilly for security http://oreilly.com/pub/a/windo...
OReilly for speed http://www.oreillynet.com/pub/...

APK

P.S.=> "EAT YOUR WORDS" (again) just like here vs. your offtopic ASSBURGER mental defective brain bs here too WHERE OUR /. PEERS AGREE w/ ME, not you Coren22, lol-> https://apple.slashdot.org/com... ... apk

"Macs have hosts files too & they are just as useless for what APK wants" - by Coren22 ( 1625475 ) on Friday July 08, 2016 @03:40PM (#52473587)

Coren22 7 security & web pros disagree w/ your offtopic bs (just as our /. peers did too in the link in my ps below too):

Aryeh Goretsky NOD32/ESET hosts = good security http://it.slashdot.org/comment...
Steven Burn of Malwarebytes does (hosting & recommending my ware no less - something YOU can never ever manage, lol).
Oliver Day (SYMANTEC/SECURITYFOCUS) http://www.securityfocus.com/c...
Brocke Wilders of WILDERS' SECURITY does http://www.wilderssecurity.com...
Steve Gibson https://www.grc.com/sn/sn-045....
OReilly for security http://oreilly.com/pub/a/windo...
OReilly for speed http://www.oreillynet.com/pub/...

APK

P.S.=> "EAT YOUR WORDS" (again) just like here vs. your offtopic ASSBURGER mental defective brain bs here too WHERE OUR /. PEERS AGREE w/ ME, not you Coren22, lol-> https://apple.slashdot.org/com... ... apk

"Macs have hosts files too & they are just as useless for what APK wants" - by Coren22 ( 1625475 ) on Friday July 08, 2016 @03:40PM (#52473587)

Coren22 7 security & web pros disagree w/ your offtopic bs (just as our /. peers did per my last post):

Aryeh Goretsky NOD32/ESET hosts = good security http://it.slashdot.org/comment...
Steven Burn of Malwarebytes does (hosting & recommending my ware no less - something YOU can never ever manage, lol).
Oliver Day (SYMANTEC/SECURITYFOCUS) http://www.securityfocus.com/c...
Brocke Wilders of WILDERS' SECURITY does http://www.wilderssecurity.com...
Steve Gibson https://www.grc.com/sn/sn-045....
OReilly for security http://oreilly.com/pub/a/windo...
OReilly for speed http://www.oreillynet.com/pub/...

APK

P.S.=> "EAT YOUR WORDS" (again) just like here vs. your offtopic ASSBURGER mental defective brain bs here too https://apple.slashdot.org/com... ... apk

"Macs have hosts files too & they are just as useless for what APK wants" - by Coren22 ( 1625475 ) on Friday July 08, 2016 @03:40PM (#52473587)

7 security & web pros disagree w/ your offtopic bullshit:

Aryeh Goretsky NOD32/ESET hosts = good security http://it.slashdot.org/comment...
Steven Burn of Malwarebytes does (hosting & recommending my ware no less - something YOU can never ever manage, lol).
Oliver Day (SYMANTEC/SECURITYFOCUS) http://www.securityfocus.com/c...
Brocke Wilders of WILDERS' SECURITY does http://www.wilderssecurity.com...
Steve Gibson https://www.grc.com/sn/sn-045....
OReilly for security http://oreilly.com/pub/a/windo...
OReilly for speed http://www.oreillynet.com/pub/...

APK

P.S.=> "EAT YOUR WORDS" (again) just like here too https://apple.slashdot.org/com... ... apk

Aryeh Goretsky NOD32/ESET hosts = good security http://it.slashdot.org/comment...
Steven Burn of Malwarebytes does (hosting & recommending my ware no less - something YOU can never ever manage, lol).
Oliver Day (SYMANTEC/SECURITYFOCUS) http://www.securityfocus.com/c...
Brocke Wilders of WILDERS' SECURITY does http://www.wilderssecurity.com...
Steve Gibson https://www.grc.com/sn/sn-045....
OReilly for security http://oreilly.com/pub/a/windo...
OReilly for speed http://www.oreillynet.com/pub/...

APK

P.S.=> "EAT YOUR WORDS" (again) just like here today too https://apple.slashdot.org/com... hmmm?... apk

I find it faster to google for Never10 and run it than to launch Regedit and find the keys. (Both do the same thing.)

Still enslaved?

NEVER10!

The escape hatch to freedom is here!

For awhile, used Steve Gibson's Perfect Passwords page - https://www.grc.com/passwords....

Then decided to go in-house - eavesdropping on an SSL connection? That's possible? ;)

Started with this script: https://gist.github.com/tylerh...

Changed it up a little so I could pass a number (otherwise it defaults to 63 chars), removed the limitation of zero vs upper-O, number one vs lower-L, etc. (didn't make sense as I'd just be pasting anyway), and put an alias in my bash init so I could call it without typing .php every time.

Decided never, ever to use a password on more than one site.

Of course, if I lose the password file, I'm screwed.. ;)

Use a variation of it to generate alpha-numeric folder names (say, for a Laravel code folder, or many other uses).

GRC's Ultra High Security Password Generator

A long easy to remember and enter password beats a short complex password that requires finger gymnastics. As others have pointed out, the XKCD comic says it all https://xkcd.com/936/ Also look at https://www.grc.com/haystack.h... Now if you are always going to use a password manager to enter the password for you, then long and complex is the best of both worlds, as long as you do not personally need to do the finger gymnastics of entering the long complex password. And if using a password manager, make the access to the password manager a long easy to remember and enter password, as that is the one you will be typing a lot.

Try Never10 from https://www.grc.com/never10.ht... Never 10 is an easy to use utility which gives users control over whether their Windows 7 or 8.1 will upgrade itself to Windows 10.

False. Refuse all the optional updates, accept all the critical updates. You can easily configure windows update to do this.

THIS. I have Windows 7 with GWX Control Panel (reviewed here) installed,
and under Control Panel --> Windows Update --> Change settings, I am set to "Check for updates but let me choose whether to download and install them",
and (most important) "Recommended updates" is UN-checked.

There is also a tool Never 10 (Peter Thurrott writes about it here). But always make sure you make the changes above to Windows Update.

When updates announce themselves, accept only those updates for Windows listed "critical" and "security", as well as Windows Defender updates. That's it.

So far, no problems on any of my systems. MS is being pretty shitty about all this, but they haven't yet stooped to calling 10 a critical/security update. However, anyone not savvy enough to take the above steps (e.g., parents) might be in for some trouble. So, spread the word, or suffer endless calls from suffering masses.

ctrl + shift + escape -> end task

Also Process Explorer and Never10.

If you do what the parent says and reboot, the Nag is gone for good

For the Less Technically inclined:
https://www.grc.com/never10.ht...

Works just as well and also cleans up space that the Win10 background download takes up.

Or download and run Never10 from Steve Gibson. Makes the approved registry changes for you, and removes any pre-downloaded installation files you may have.

Until this is over, the simplest thing to do is to disable Windows Update.

Get Never 10. It sets the Group Policy, that so far Microsoft isn't ignoring.

I have to have a single Windows 7 machine for a few apps, and though it's rarely turned on, so far I've been safe.

Stop this shit with GWX Control Panel or Never10. I started off using the former on my g/fs computer but once I saw they were stepping up their "optional upgrade" (It's neither), I looked again and found an even better alternative. This is just an executable - I ran it through totalvirus.com first I'm sure you will too.

Personally I have Win 7 Ultimate on my primary machine (gamer here) and have never seen an nag window but other machines have other versions that have and I'm sick of it. I've even seen a few at work which are supposed to be disabled.

Come on Valve, this is your time to shine. Go STEAMOS Go.

GWX does suck. Two free options to disable it: Never 10 (Peter Thurrott writes about it here), and GWX Control Panel (written about here).

https://www.grc.com/never10.ht...

Share it with all of your friends on Windows 7/8 who don't want to be forced into a Windows 10 upgrade.

Lots of PC laptops hit or beat the size/wight of the Macbooks. The screen is a bit dodgy since the Macbook Pros (I assume you mean the Pros, since the Airs have crappy low-res TN panels) are specialized for photo/video/graphics work, which is a pretty limited market. There are a few dozen PC laptops which will hit 100% sRGB like the MBPs, or close to it. Up from about 4-5 just 7 years ago. And a few which surpass it by targeting AdobeRGB. A couple of them even claim to calibrate the screen like the MBPs do. If this is what you need, you know what to look for. If you don't need all that color gamut, then you're spending a lot of money just to get slightly more saturated colors which (unless you get an AdobeRGB screen) don't even match the color gamut we used to get on CRTs. Also, pretty much every external monitor can hit 100% sRGB, so it really boils down to a question of if you really need that color gamut on your laptop screen for it to be worth paying the price premium for it.

The higher resolution screens aren't as necessary PC laptops because Windows uses subpixel rendering (MS calls it ClearType) to effectively triple the horizontal resolution of the screen. Many decades ago, Apple made the choice not to go down that route. Subpixel rendering aliases fonts to align with the subpixel grid - it shifts the letters slightly left or right to line them up with the subpixels. Since one of Apple's core demographics was page layout graphics artists, Apple decided to eschew subpixel rendering in order to prioritize accuracy. A Mac will display a page render with the fonts positioned more accurately, even if it is blurrier (their rendering engine, a great great grandson of Postscript, will anti-alias the font's pixels for any exact location on the screen). If you've still got one of those old 1024x768 LCDs around, try connecting it to a Windows PC, then to a Mac. The fonts on the Mac will look like blurry crap compared to the PC. Consequently, the only way for the Macbooks to improve the appearance of fonts was by cranking up screen resolution, while higher resolution is less important for Windows PCs.

As for the Macbook chassis, nobody else designs theirs that way because it's a stupid design. There are no vent holes on the bottom. Airflow comes in through a few vent holes along the sides, runs across the mainboard, and is vented out by the fan. This means the air gets heated up by other components before it reaches the hottest components, reducing heat transfer rate. On PC laptops, there are vent holes placed underneath the hottest parts, so fresh cool air contacts those parts first maximizing heat transfer to the air (heat transfer rate is proportional to temperature differential). Also, if you spill liquid into the laptop, it'll drain out of most PC laptops through those vent holes (although not all are designed to channel water away from vital components). The bottom half of a Macbook OTOH makes a nice bathtub unless it's tilted so water can drain out those side vents. The Macbook chassis is the epitome of prioritizing form over function. If you've ever wondered why Apple won't put a decent GPU into their 15" MBP, this is why - they can't because it would overheat.

Yeah, but you might want to see what GRC has to say about that:

The GWX Control Panel (an early popular solution at 2.4 megabytes) was a useful first step. But it was wrong in too many ways. Its design and operation seemed ill suited to the simple task of preventing upgrades to Windows 10. It was confusing and offered an array of actions, options and status reports, when all anyone really wanted was simply for Windows to not upgrade itself and to leave us alone. Instead, the GWX Control Panel makes itself the center of attention. It needs to be "installed", is resident and persistent afterward, and it pops up all the time to tell us what a great job it's doing... which is exactly the kind of nonsense most people are fed up with in this era where "your attention" is what commercial interests all want to obtain more of. But more than anything, none of that was necessary . . .

Never10 seems a lot less obnoxious than that control panel. I chose the manual registry route myself though.

You get the Win 10 prevention apps this won't be a problem. It's not like the upgrade happens exactly at boot time. Never 10 from Steve Gibson

Easy enough even my 70 yr old mother was able to run it successfully on her own :)

There are a couple of software solutions that claim to disable the Windows 10 upgrade. I can't vouch for them, but maybe someone else can. They are:

GRC Never10 https://www.grc.com/never10.ht...

GWC Control Panel http://blog.ultimateoutsider.c...

Thanks. It's too late for me but hopefully this will help someone else.

Two things to do: 1) Turn off auto-updates 2) Disable the upgrade with GRC's Never10

In my general paranoia of not upgrading software that isn't broken, I never upgraded from 8 to 8.1. Maybe I'm open to all sorts of attack vectors from malevolent parties, but I feel safer knowing that the party that can hide their malware the easiest (Microsoft) isn't getting their software automatically installed on my machine.
Of course, I never really thought it would come this.

There are a couple of software solutions that claim to disable the Windows 10 upgrade. I can't vouch for them, but maybe someone else can. They are:
GRC Never10 https://www.grc.com/never10.ht...
GWC Control Panel http://blog.ultimateoutsider.c...

For folks who aren't terribly computer savvy (So.. theoretically not Slashdot)

Go get "Never 10" freeware from GRC... it uses the officially Microsoft sanctioned means of permanently disabling the whole "Get Windows 10" stuff

https://www.grc.com/never10.ht...

This is a good option for "mom support"

For those willing to muck about in the registry:

Open Regedit, navigate to the following key.

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate

Important: If that key doesn't exist, you'll need to create it.

Create a DWORD value called DisableOSUpgrade and set it to 1

There's also a good quick and dirty:
http://www.windowsmechanic.com...

https://www.grc.com/never10.ht... Perhaps that might help ?

Try this:
https://www.grc.com/never10.ht...

Steve Gibson (grc.com) has written a tiny freeware program called "Never10" https://www.grc.com/never10.ht... (Warning: GRC has always been an ugly website). It's basically a simple user interface to the Windows GPE and other tools that Microsoft provided but made difficult to find.

Steve Gibson (grc.com) has written a tiny freeware program called "Never10" https://www.grc.com/never10.ht... (Warning: GRC has always been an ugly website). It's basically a simple user interface to the Windows GPE and other tools that Microsoft provided but made difficult to find.

For those that haven't seen it, take a look at Never 10. It's a simple utility that disables GWX (Get Windows 10) by doing the registry / group policy editing for you. You just run it once; you don't need to install anything or keep it running in the background.

No prompts, no upgrades, and no Windows 10 installation files taking up space on your drive.

These days I'd recommend the freeware utility Never10, which uses the officially sanctioned MS method to disable the update, just wrapping it up in a tiny, easy-to-use utility. It provides some additional functionality as well, such as making sure you have the pre-requisite patches to do that, as well as optionally cleaning up any files previous downloaded by the Windows 10 update process.

Aryeh Goretsky NOD32/ESET hosts = good security http://it.slashdot.org/comment...
Steven Burn of Malwarebytes does
Oliver Day (SYMANTEC/SECURITYFOCUS) http://www.securityfocus.com/c...
Brocke Wilders of WILDERS' SECURITY does http://www.wilderssecurity.com...
Steve Gibson https://www.grc.com/sn/sn-045....
OReilly for security http://oreilly.com/pub/a/windo...
OReilly for speed http://www.oreillynet.com/pub/...

APK

P.S.=> Would you like more above & beyond them + our fellow /.'ers by the 100's using hosts (w/ millions online too) -> https://news.slashdot.org/comm... ? apk

According to this site (I have no idea how accurate it is, sorry) a string of 10 random ASCII characters would take 19.24 years to crack at a rate of 100 billion guesses per second. (I assume that's beyond the capabilities off a P90 :) ) A text string like "thequickbrownFox" - 16 characters, just lower and upper alphas - would take 9.27 million centuries to brute force. Of course, using that password in a system that stores in plaintext that is later compromised means the password would be cracked in 0 seconds. And indeed as you say, a 44 character string of just lowercase characters would take much longer than the universe can accommodate.