Slashdot Mirror

See subject: 'enterprise class'? Symantec & ESET = that per your fails:

NOD32/ESET's says hosts = good security http://slashdot.org/comments.p... as I also "overturned a SECURITY expert" on a "false positive" on my Hosts program RIGHT there & he gave in!

(YOU FAIL #1)!

(Had to - MalwareBytes' employee VETTED my code & even host + HIGHLY RECOMMEND it for me @ top of -> http://hosts-file.net/?s=Downl...

(you FAIL #2)!

---

Mr. Oliver Day of Symantec/Norton/SecurityFocus does too http://www.securityfocus.com/c...

(you FAIL #3)!

YOU ALSO TRIED TO DENY it: It's there in PLAIN Black & White w/ his NAME on it!

"I don't see Oliver Day of SecurityFocus on there. Weren't you going to cite him?" - by bouldin (828821) on Thursday May 21, 2015 @08:43PM (#49747763)

FROM-> http://it.slashdot.org/comment...

(you FAIL #4)!

---

"Because nobody uses hosts files for security" - by bouldin (828821) on Thursday May 21, 2015 @05:53PM (#49746865)

FROM -> http://it.slashdot.org/comment...

SpyBot S&D does dimwit

(you FAIL #5)!

You LATER deny it's spybot's forums http://it.slashdot.org/comment...

Anyone can use it + see & MANY use that program stupid!

(you FAIL #6)!

---

WHOSE INITIALS ARE ON THIS - WINNER 2008 (added proof of paid for good layered security article):

http://forums.pcpitstop.com/in...

(YOU FAIL #7)!

Via the layered security/defense in depth methods my security guide? I've COMPLETELY shut down your "desperation" RARE edge cases you tried too!

(You FAIL #8)!

Do YOU have *ANYTHING* like it to YOUR name/credit? No.

(YOU FAIL #9)!

---

Do you write a ware that noted security pros second me on?? No.

(You FAIL #10)!

A ware that not only secures you but ALSO SPEEDS YOU UP (e.g. unlike antivirus which is not as effective anymore vs. online modern threats, mine is, stopping sources of infestation BEFORE they can get in you, & IF in you, stopping their communique BACK to C&C servers too!)

APK

P.S.=> LMAO: "Bouldin's GOLDEN top 10 'greatest hits'" (fails vs. me)... apk

Those = filemanagers (see subject & your fails list, lol):

"Because nobody uses hosts files for security" - by bouldin (828821) on Thursday May 21, 2015 @05:53PM (#49746865)

FROM -> http://it.slashdot.org/comment...

SpyBot S&D does dimwit

(you FAIL #1)!

You LATER deny it's spybot's forums http://it.slashdot.org/comment...

Anyone can use it + see they do & MANY use that program stupid!

(you FAIL #2)!

---

NOD32/ESET's says hosts = valuable security http://slashdot.org/comments.p... as I also "overturned a SECURITY expert" on a "false positive" on my Hosts program RIGHT there & he gave in!

(YOU FAIL #3)!

(Had to - MalwareBytes' employees VETTED my code & even host + HIGHLY RECOMMEND it for me near top of -> http://hosts-file.net/?s=Downl...

---

Mr. Oliver Day of Symantec/Norton/SecurityFocus does too http://www.securityfocus.com/c...

(you FAIL #4)!

YOU ALSO TRIED TO DENY it & it's there in PLAIN Black & White with his NAME on it!

"I don't see Oliver Day of SecurityFocus on there. Weren't you going to cite him?" - by bouldin (828821) on Thursday May 21, 2015 @08:43PM (#49747763)

FROM-> http://it.slashdot.org/comment...

(you FAIL #5)!

---

WHOSE INITIALS ARE ON THIS - WINNER IN 2008 (added proof of paid for good layered security article):

http://forums.pcpitstop.com/in...

(YOU FAIL #7)!

Via the layered security/defense in depth methods my security guide extolls? I've COMPLETELY shut down your "desperation" RARE edge cases you tried too!

(You FAIL #8)!

Do YOU have *ANYTHING* like it to YOUR name/credit? No.

(YOU FAIL #9)!

---

Do you write a ware that noted security pros even seconded me on?? No.

(You FAIL #10)!

A ware that not only secures you but ALSO SPEEDS YOU UP (e.g. unlike antivirus which is not as effective anymore vs. online modern threats, mine is, stopping sources of infestation BEFORE they can get into you, & IF in you, stopping their communications BACK to C&C servers too!)

APK

P.S.=> LMAO: "Bouldin's GOLDEN top 10 'greatest hits'"... apk

"Because nobody uses hosts files for security" - by bouldin (828821) on Thursday May 21, 2015 @05:53PM (#49746865)

FROM -> http://it.slashdot.org/comment...

SpyBot S&D does dimwit

(you FAIL #1)!

You LATER deny it's spybot's forums http://it.slashdot.org/comment...

Anyone can use it + see they do & MANY use that program stupid!

(you FAIL #2)!

---

NOD32/ESET's says hosts = valuable security http://slashdot.org/comments.p... as I also "overturned a SECURITY expert" on a "false positive" on my Hosts program RIGHT there & he gave in!

(YOU FAIL #3)!

(Had to - MalwareBytes' employees VETTED my code & even host + HIGHLY RECOMMEND it for me near top of -> http://hosts-file.net/?s=Downl...

---

Mr. Oliver Day of Symantec/Norton/SecurityFocus does too http://www.securityfocus.com/c...

(you FAIL #4)!

YOU ALSO TRIED TO DENY it & it's there in PLAIN Black & White with his NAME on it!

"I don't see Oliver Day of SecurityFocus on there. Weren't you going to cite him?" - by bouldin (828821) on Thursday May 21, 2015 @08:43PM (#49747763)

FROM-> http://it.slashdot.org/comment...

(you FAIL #5)!

---

WHOSE INITIALS ARE ON THIS - WINNER IN 2008 (added proof of paid for good layered security article):

http://forums.pcpitstop.com/in...

(YOU FAIL #7)!

Via the layered security/defense in depth methods my security guide extolls? I've COMPLETELY shut down your "desperation" RARE edge cases you tried too!

(You FAIL #8)!

Do YOU have *ANYTHING* like it to YOUR name/credit? No.

(YOU FAIL #9)!

---

Do you write a ware that noted security pros even seconded me on?? No.

(You FAIL #10)!

A ware that not only secures you but ALSO SPEEDS YOU UP (e.g. unlike antivirus which is not as effective anymore vs. online modern threats, mine is, stopping sources of infestation BEFORE they can get into you, & IF in you, stopping their communications BACK to C&C servers too!)

APK

P.S.=> LMAO: "Bouldin's GOLDEN top 10 'greatest hits'" (fails vs. me)... apk

NOD32/ESET's says hosts = valuable security http://slashdot.org/comments.p... as I also "overturned a SECURITY expert" on a "false positive" on my Hosts program RIGHT there & he gave in!

(YOU FAIL #3)!

(Had to - MalwareBytes' employees VETTED my code & even host + HIGHLY RECOMMEND it for me near top of -> http://hosts-file.net/?s=Downl...

---

"Because nobody uses hosts files for security" - by bouldin (828821) on Thursday May 21, 2015 @05:53PM (#49746865)

FROM -> http://it.slashdot.org/comment...

SpyBot S&D does dimwit

(you FAIL #1)!

You LATER deny it's spybot's forums http://it.slashdot.org/comment...

Anyone can use it + see they do & MANY use that program stupid!

(you FAIL #2)!

---

Mr. Oliver Day of Symantec/Norton/SecurityFocus does too http://www.securityfocus.com/c...

(you FAIL #4)!

YOU ALSO TRIED TO DENY it & it's there in PLAIN Black & White with his NAME on it!

"I don't see Oliver Day of SecurityFocus on there. Weren't you going to cite him?" - by bouldin (828821) on Thursday May 21, 2015 @08:43PM (#49747763)

FROM-> http://it.slashdot.org/comment...

(you FAIL #5)!

---

WHOSE INITIALS ARE ON THIS - WINNER IN 2008 (added proof of paid for good layered security article):

http://forums.pcpitstop.com/in...

(YOU FAIL #7)!

Via the layered security/defense in depth methods my security guide extolls? I've COMPLETELY shut down your "desperation" RARE edge cases you tried too!

(You FAIL #8)!

Do YOU have *ANYTHING* like it to YOUR name/credit? No.

(YOU FAIL #9)!

---

Do you write a ware that noted security pros even seconded me on?? No.

(You FAIL #10)!

A ware that not only secures you but ALSO SPEEDS YOU UP (e.g. unlike antivirus which is not as effective anymore vs. online modern threats, mine is, stopping sources of infestation BEFORE they can get into you, & IF in you, stopping their communications BACK to C&C servers too!)

APK

P.S.=> LMAO: "Bouldin's GOLDEN top 10 'greatest hits'" (fails vs. me)... apk

Your "GOLDEN HITS' (fails) quoted:

"Because nobody uses hosts files for security" - by bouldin (828821) on Thursday May 21, 2015 @05:53PM (#49746865)

FROM -> http://it.slashdot.org/comment...

SpyBot S&D does dimwit

(you FAIL #1)!

You LATER deny it's spybot's forums http://it.slashdot.org/comment...

Anyone can use it + see they do & MANY use that program stupid!

(you FAIL #2)!

---

NOD32/ESET's says hosts = valuable security http://slashdot.org/comments.p... as I also "overturned a SECURITY expert" on a "false positive" on my Hosts program RIGHT there & he gave in!

(YOU FAIL #3)!

(Had to - MalwareBytes' employees VETTED my code & even host + HIGHLY RECOMMEND it for me near top of -> http://hosts-file.net/?s=Downl...

---

Mr. Oliver Day of Symantec/Norton/SecurityFocus does too http://www.securityfocus.com/c...

(you FAIL #4)!

YOU ALSO TRIED TO DENY it & it's there in PLAIN Black & White with his NAME on it!

"I don't see Oliver Day of SecurityFocus on there. Weren't you going to cite him?" - by bouldin (828821) on Thursday May 21, 2015 @08:43PM (#49747763)

FROM-> http://it.slashdot.org/comment...

(you FAIL #5)!

---

WHOSE INITIALS ARE ON THIS - WINNER IN 2008 (added proof of paid for good layered security article):

http://forums.pcpitstop.com/in...

(YOU FAIL #7)!

Via the layered security/defense in depth methods my security guide extolls? I've COMPLETELY shut down your "desperation" RARE edge cases you tried too!

(You FAIL #8)!

Do YOU have *ANYTHING* like it to YOUR name/credit? No.

(YOU FAIL #9)!

---

Do you write a ware that noted security pros even seconded me on?? No.

(You FAIL #10)!

A ware that not only secures you but ALSO SPEEDS YOU UP (e.g. unlike antivirus which is not as effective anymore vs. online modern threats, mine is, stopping sources of infestation BEFORE they can get into you, & IF in you, stopping their communications BACK to C&C servers too!)

APK

P.S.=> LMAO: "Bouldin's GOLDEN top 10 'greatest hits'" (fails vs. me)... apk

Everyone believes you said this quoted:

"Because nobody uses hosts files for security" - by bouldin (828821) on Thursday May 21, 2015 @05:53PM (#49746865)

FROM -> http://it.slashdot.org/comment...

SpyBot S&D does dimwit

(you FAIL #1)!

You LATER deny it's spybot's forums http://it.slashdot.org/comment...

Anyone can use it + see they do & MANY use that program stupid!

(you FAIL #2)!

---

NOD32/ESET's says hosts = valuable security http://slashdot.org/comments.p... as I also "overturned a SECURITY expert" on a "false positive" on my Hosts program RIGHT there & he gave in!

(YOU FAIL #3)!

(Had to - MalwareBytes' employees VETTED my code & even host + HIGHLY RECOMMEND it for me near top of -> http://hosts-file.net/?s=Downl...

---

Mr. Oliver Day of Symantec/Norton/SecurityFocus does too http://www.securityfocus.com/c...

(you FAIL #4)!

YOU ALSO TRIED TO DENY it & it's there in PLAIN Black & White with his NAME on it!

"I don't see Oliver Day of SecurityFocus on there. Weren't you going to cite him?" - by bouldin (828821) on Thursday May 21, 2015 @08:43PM (#49747763)

FROM-> http://it.slashdot.org/comment...

(you FAIL #5)!

---

WHOSE INITIALS ARE ON THIS - WINNER IN 2008 (added proof of paid for good layered security article):

http://forums.pcpitstop.com/in...

(YOU FAIL #7)!

Via the layered security/defense in depth methods my security guide extolls? I've COMPLETELY shut down your "desperation" RARE edge cases you tried too!

(You FAIL #8)!

Do YOU have *ANYTHING* like it to YOUR name/credit? No.

(YOU FAIL #9)!

---

Do you write a ware that noted security pros even seconded me on?? No.

(You FAIL #10)!

A ware that not only secures you but ALSO SPEEDS YOU UP (e.g. unlike antivirus which is not as effective anymore vs. online modern threats, mine is, stopping sources of infestation BEFORE they can get into you, & IF in you, stopping their communications BACK to C&C servers too!)

APK

P.S.=> LMAO: "Bouldin's GOLDEN top 10 'greatest hits'" (fails vs. me)... apk

"Because nobody uses hosts files for security" - by bouldin (828821) on Thursday May 21, 2015 @05:53PM (#49746865)

FROM -> http://it.slashdot.org/comment...

SpyBot S&D does, dimwit

(you FAIL #1)!

You LATER denied it's spybot's forums that said they do http://it.slashdot.org/comment...

Anyone can use it and see they do, & MANY use that program stupid!

(you FAIL #2)!

---

NOD32/ESET's lead says hosts = valuable security http://slashdot.org/comments.p... as I also "overturned a NOTED expert" on a "false positive" on my APK Hosts File Engine RIGHT there too & he gave in!

(YOU FAIL #3)!

(Had to - MalwareBytes' employees VETTED my code & even host it for me -> http://hosts-file.net/?s=Downl...

---

Mr. Oliver Day of Symantec/Norton/SecurityFocus does too http://www.securityfocus.com/c...

(you FAIL #4)!

YOU ALSO TRIED TO DENY that scumbag & it's there in PLAIN Black & White with his NAME on it!

"I don't see Oliver Day of SecurityFocus on there. Weren't you going to cite him?" - by bouldin (828821) on Thursday May 21, 2015 @08:43PM (#49747763)

FROM-> http://it.slashdot.org/comment...

(you FAIL #5)!

---

WHOSE INITIALS ARE ON THIS AS A WINNER IN 2008 (added proof of paid for good layered security article):

http://forums.pcpitstop.com/in...

(YOU FAIL #7)!

Via the layered security/defense in depth methods my security guide extolls? I've COMPLETELY shut down your "desperation" RARE edge cases you tried too, lol...

(You FAIL #8)!

Do YOU have *ANYTHING* like it to YOUR name/credit? No.

(YOU FAIL #9)!

---

Do you write a ware that other security pros have even seconded me on?? No.

(You FAIL #10)!

A ware that not only secures you but ALSO SPEEDS YOU UP (e.g. unlike antivirus which is not as effective anymore vs. online modern threats, whereas mine is, stopping sources of infestation BEFORE they can get into you, & IF in you, stopping their communications BACK to C&C servers too!)

APK

P.S.=> EVERY POST YOU MAKE on /. will have this right after it... apk

"Because nobody uses hosts files for security" - by bouldin (828821) on Thursday May 21, 2015 @05:53PM (#49746865)

FROM -> http://it.slashdot.org/comment...

SpyBot S&D does, dimwit (you FAIL #1)!

You LATER denied it's spybot's forums that said they do http://it.slashdot.org/comment...

Anyone can use it and see they do, & MANY use that program stupid (you FAIL #2).

---

NOD32/ESET's lead says hosts = valuable security http://slashdot.org/comments.p... as I also "overturned a NOTED expert" on a "false positive" on my APK Hosts File Engine RIGHT there too & he gave in! (YOU FAIL #3))

(Had to - MalwareBytes' employees VETTED my code & even host it for me -> http://hosts-file.net/?s=Downl...

---

Mr. Oliver Day of Symantec/Norton/SecurityFocus does too http://www.securityfocus.com/c... (you FAIL #4)

YOU ALSO TRIED TO DENY that scumbag & it's there in PLAIN Black & White with his NAME on it (you FAIL #5)

"I don't see Oliver Day of SecurityFocus on there. Weren't you going to cite him?" - by bouldin (828821) on Thursday May 21, 2015 @08:43PM (#49747763)

FROM-> http://it.slashdot.org/comment...

YOU FAIL #6

---

& WHOSE INITIALS ARE ON THIS AS A WINNER IN 2008 (added proof of paid for good layered security article):

http://forums.pcpitstop.com/in...

YOU FAIL #7

Via the layered security/defense in depth methods my security guide extolls? I've COMPLETELY shut down your "desperation" RARE edge cases you tried too, lol... you FAIL #8!

---

Do YOU have *ANYTHING* like it to YOUR name/credit? No. YOU FAIL #9!

---

Do you write a ware that other security pros have even seconded me on?? No. You FAIL #10!

A ware that not only secures you but ALSO SPEEDS YOU UP (e.g. unlike antivirus which is not as effective anymore vs. online modern threats, whereas mine is, stopping sources of infestation BEFORE they can get into you, & IF in you, stopping their communications BACK to C&C servers too!)

APK

P.S.=> LMAO @ U Bouldin, you failed (lots)... apk

Yes it's Oliver Day of SecurityFocus/Symantec http://www.securityfocus.com/c... liar... wow, you really ARE piss-poor @ losing, aren't you, "Mr. Citation"... unbelievable!

HOW CAN A PIECE OF CRAP LIKE YOU LIVE WITH HIMSELF?

And?

What's that image show when you hover over it, in the top right of that forums for Spybot (safer-networking IS spybot too, dumbass) https://forums.spybot.info/sho... ?

YOU FAIL, whimp... I love it!

APK

P.S.=> It's going to be a PLEASURE showing everyone on this forums what a COMPLETE fucking UTTER LITTLE WEASEL & WHIMP you are, Mr. Citation (it's that, or you are blatantly BLIND & ILLITERATE as well as stupid, all @ once). Can't take losing, & the fact you did it to yourself, vs. myself? Absolutely/no questions asked... lol! apk

1st of all, what's this "Mr. Citation"? https://forums.spybot.info/sho...

Clue/New NEWS/NewsFlash: It's YOU EATING YOUR WORDS you little fuck - talking behind my back here too http://slashdot.org/comments.p...

NOW, I see *everyone* in ALL OF YOUR POSTS is seeing the fact I busted you up totally here, lol... I love it.

(How do you like them apples, fuckweasel?)

I love it...

APK

P.S.=> http://www.securityfocus.com/c... Take a read FUCKFACE... I see you like citations, I've given you 2 of a TRUCKLOAD that you will NOW *never* EVER hear the end of (so will all reading your bullshit you give everyone)... you brought it on yourself... apk

You were saying?

> It's arrogant as hell for Google to decide that 90 days is long enough, thank you.

Totally ridiculous. I've witnessed the "responsible disclosure" discussions a few years back, and even then, 4 weeks was considered generous. I'd say it's totally egotist of you to expect google to keep even quiet for more than 30 days.

I'd given them two weeks and gone out with it. And there's some researchers with a lot more clout than me, who would have given them exactly ZERO days: http://www.securityfocus.com/a...

I really don't see how that type of attitude helps with security? While I understand security researchers wanting to improve security and make things better for everyone, the elitest attitude that things need to be fixed right NOW doesn't actually help anyone.

Everyone here has a valid point! Most commercial interests like Microsoft and Apple do not take security as seriously as they should. There are of course many different reasons for this. For one, not all developers are security experts and another reason of course is that commercial operating systems like Mac OS X and Windows 8.1 are trying to Wow end users with flashy features that often aren't tested properly with regard to security.

While it would be great if we lived in an ideal world where we could have our cake and eat it too and have all the flashy bells and whistles and have great security to boot, that's never going to happen! Or if it does happen will take a monumental effort from both consumers and security experts to convince the corporations to make more secure software.

Regardless of how secure things are made, there will always be someone out there that finds a way around it. You can install a home alarm system, bars on all your windows, dead bolt locks on all your doors, and a turret on your house :) A determined thief will still find a way in if they want something in your house or if they know you have valuables in your house that make it worth their time.

So I feel the poster is correct and that Google shouldn't have disclosed the details until Microsoft had a patch out. Though it still doesn't give Microsoft an excuse to take so long to patch a security flaw.

> It's arrogant as hell for Google to decide that 90 days is long enough, thank you.

Totally ridiculous. I've witnessed the "responsible disclosure" discussions a few years back, and even then, 4 weeks was considered generous. I'd say it's totally egotist of you to expect google to keep even quiet for more than 30 days.

I'd given them two weeks and gone out with it. And there's some researchers with a lot more clout than me, who would have given them exactly ZERO days: http://www.securityfocus.com/a...

This reminds me of how the cable/satellite companies nuke counterfeit smart cards. My favorite part is how DirecTV personally "signed" the anti-hacker attack. The first 8 computer bytes of all hacked cards were rewritten to read "GAME OVER".

http://slashdot.org/story/01/01/25/1343218/directvs-secret-war-on-hackers
http://www.securityfocus.com/news/143
http://news.bbc.co.uk/2/hi/science/nature/1138550.stm

These are old articles but still begs the question about what a company should be allowed to do to protect itself. I’m all for it. But a popup notice would be nice so people could have some time to get non-counterfeit hardware. Or keep using the knockoff and not update the driver. However your moral compass points.
I know the main difference is the poor users who may or may not have known about the counterfeit chips vs those who clearly should have known their Satellite card was a fake or maybe they didn’t...

Not sure why this is "interesting": why no comments on CVE-2013-2094 (Local Privilege Escalation Vulnerability) which affects the most recent release of the Linux 2.4.37 kernel, and hasnt been patched for users on that kernel for a year now?

I mean after all, both XP and Linux 2.4 are about 12 years old.

Plenty of these have already happened.

Attempts have been discovered, ie http://www.securityfocus.com/news/7388

They haven't compromised trust to any significant degree, presumably because they're obscure?

I'm torn on the question of whether there's a deliberate backdoor at present. On one hand, discovered security breeches are like roaches (many exist for each one you discover), but on the other, I don't know of any found in actual releases and the find mentioned above was some damn fine code review.

There are a surprisingly large number of public key generators with weak random number generators:

• "Debian OpenSSL Package Random Number Generator Weakness"
• "Flaw Found in an Online Encryption Method"
• "NetBSD Intel Hardware Random Number Generator (RNG) Failure Encryption Weakness "
• "PasswordSafe 3.0 weak random number generator allows key recovery attack"

And those are the ones we know about.

For open source systems, the person or persons who inserted the weak code should be identified and kicked off the project. It may just be incompetence, but that's a good reason to keep them out of security-critical areas.

Weak keys don't just let the NSA in. They let the People's Liberation Army of China in, too.

I can only assume that you hadn't heard of L0pht Heavy Industries before. That shouldn't surprise me as much as it does, since they're older than the App Store and probably had shut down before some of this site's readers were even born, but if you have any interest in computer security and the way that things got to be the way they are then you may want to do a little reading on the subject.

Their slogan, cited at the very top of the linked page, is "Making the theoretical practical since 1992" which is a direct response to the "purely theoretical" defense. Since you like topical links, here's a column written by former L0pht member Weld Pond in which he describes the origin of that phrase:

"A decade and a half ago, an early hacking group known as L0pht Heavy Industries, of which I was a member, posted a quote from Microsoft — "That vulnerability is entirely theoretical." — to prove the point. The saying came about due to an email exchange in which the L0pht was reporting to Microsoft one of the first buffer overflows discovered in their software. (I later found out that Microsoft, internally, called such bugs a "L0pht-type" vulnerability.) They couldn’t imagine how someone could write an attack tool to take advantage of a stack overflow. No attack tool, to Microsoft, meant exploitation was entirely theoretical."

Not surprisingly an attack tool was quickly released, the theoretical was recognized as being practical, and the problem was eventually fixed. The lesson in not dismissing things as impossible just because you don't understand them is still one which needs to be learned.

For security -> http://oreilly.com/pub/a/windows/2004/03/30/hosts.html & For speed -> http://www.oreillynet.com/pub/a/network/excerpt/winxphacks_chap1/index1.html?page=3

"The host file on my day-to-day laptop is now over 16,000 lines long. Accessing the Internet -- particularly browsing the Web -- is actually faster now.

"From what I have seen in my research, major efforts to share lists of unwanted hosts began gaining serious momentum earlier this decade. The most popular appear to have started as a means to block advertising and as a way to avoid being tracked by sites that use cookies to gather data on the user across Web properties. More recently, projects like Spybot Search and Destroy offer lists of known malicious servers to add a layer of defense against trojans and other forms of malware.

BOTH of the latter quotes = SYMANTEC (SecurityFocus = subsidiary of theirs) http://www.securityfocus.com/columnists/491

Agreeing with myself (& I'm one of the "old guys" that Mr. Day read from, want proof? Ask) - On gains in better:

1.) "Layered-Security"/"Defense-in-Depth"

2.) Speed

3.) Reliability

4.) Anonymity

* QUESTION: What have YOU done better to help improve conditions, Mr. "naysayer" troll?

Zero, right?

(IF you wish to continually expose yourself as nothing more than a defeating lying failing ad hominem attack using technically WEAK troll? Continue this... I'll GLADLY oblige you!).

APK

P.S.=>

"Not ad hominem at all. I didn't say that your methods didn't work, so it can't be ad hominem." - by omnichad (1198475) on Monday August 12, 2013 @03:02PM (#44544679) Homepage

No? What about your wisecracks stating I need meds (etc.) from you in your 1st post reply here?? Please - you're obviously NOT very intelligent being unable to remember that which you yourself, stated...

... apk

I don't think Ken Thompson actually stuck a backdoor into Unix that propagated to other systems, but he described in a classic paper one way how it could be done using a compiler.

Not to add to the paranoia (if they were *that* interested they'd just break into your house, image your drives, and put everything back together again), some kind of backdoor almost got added to the 2.6 Linux kernel. The beauty of it was the appearance it was a simple coding error (assignment instead of comparison).

Here is my opinion about why the guy does not let MS know about the bug but rather posts on mailing list. He mentioned about "As vuln-dev is dead, I thought I'd post here, I don't have much free time to work on silly Microsoft code ..." at the time. What is the purpose of "Vuln Dev" site? The purpose of the site is quoted below (taken from http://www.securityfocus.com/archive/82/description ).

The VULN-DEV list is dedicated to the concept of full disclosure. We believe that release of exploit code serves the security community overall. Since the list is dedicated to interactively researching vulnerabilities, there will there will generally NOT be an opportunity to warn software vendors or authors. In many cases it will not be clear that there is a problem until the exploit or description is finalized, at which point all list subscribers will know. It is very appropriate to notify vendors or authors as soon as it is clear there is a problem.

My take on this is that he is not completely clear about the bug and needs clarification from security community. He was hoping to get clarification on Vuln-dev but he could not at the time (from the part "I don't have much free time ..."). As a result, he posted on seclists instead. That was on May 17, 2013. Therefore, I am not sure that your analogy is suitable to the situation at all because the meaning of "seeing something and let others know" is not the same as in computer security. The only thing I may agree is that once he completely understands the bug (as his second post on June 2), he should let MS know before he posts it.

"You are the one who started this off-topic discussion about what you consider unfair down mods. I am staying on the topic of discussion you started, you are the one going off-topic. =P" - by Jeng (926980) on Saturday February 02, @11:19AM (#42771357)

Here's the root of the discussion tree between you & I -> http://news.slashdot.org/comments.pl?sid=3424523&cid=42760269

* :)

---

"Fine, what do you think of the hostfile modifications that Spybot does? Is their list comprehensive enough? - by Jeng (926980) on Saturday February 02, @11:19AM (#42771357)

It's pretty good, just not as comprehensive as mine is & I incorporate their data into mine too PLUS that of another dozen or so reputable & reliable sources for custom hosts files data that ends up gaining a user of them added speed, security, reliability, & even anonymity to an extent as well!

Here's a quote I often use from a respected security expert from a division of SYMANTEC in fact, regarding that very thing, Spybot & hosts files' efficacy too:

the words of respected security expert, Mr. Oliver Day, from SECURITYFOCUS.COM to "top that all off" as well:

A RETURN TO THE KILLFILE:

http://www.securityfocus.com/columnists/491

Some "PERTINENT QUOTES/EXCERPTS" to back up my points with (for starters):

---

"The host file on my day-to-day laptop is now over 16,000 lines long. Accessing the Internet -- particularly browsing the Web -- is actually faster now."

Speed, and security, is the gain... others like Mr. Day note it as well!

---

"From what I have seen in my research, major efforts to share lists of unwanted hosts began gaining serious momentum earlier this decade. The most popular appear to have started as a means to block advertising and as a way to avoid being tracked by sites that use cookies to gather data on the user across Web properties. More recently, projects like Spybot Search and Destroy offer lists of known malicious servers to add a layer of defense against trojans and other forms of malware."

Per my points exactly, no less... & guess who was posting about HOSTS files a 14++ yrs. or more back & Mr. Day was reading & now using? Yours truly (& this is one of the later ones, from 2001 http://www.furtherleft.net/computer.htm (but the example HOSTS file with my initials in it is FAR older, circa 1998 or so) or thereabouts, and referred to later by a pal of mine who moderates NTCompatible.com (where I posted on HOSTS for YEARS (1997 onwards)) -> http://www.ntcompatible.com/thread28597-1.html !

---

"Shared host files could be beneficial for other groups as well. Human rights groups have sought after block resistant technologies for quite some time. The GoDaddy debacle with NMap creator Fyodor (corrected) showed a particularly vicious blocking mechanism using DNS registrars. Once a registrar pulls a website from its records, the world ceases to have an effective way to find it. Shared host files could provide a DNS-proof method of reaching sites, not to mention removing an additional vector of detection if anyone were trying to monitor the use of subversive sites. One of the known weaknesses of the Tor system, for example, is direct DNS requests by applications not configured to route such requests through Tor's network."

There you go: AND, it also works vs. the "KAMINSKY DNS FLAW" & DNS poisoning/redirect attacks, for redirectable weaknesses in DNS servers (non DNSSEC type, & set into recursive mode especially) and also in the TOR system as well (that lends itself to anonymous proxy usage weaknesses I noted above also) and, you'll g

Slammer worm crashed Ohio nuke plant net

Slammer Worm Hit FirstEnergy

Slammer worm crashed Ohio nuke plant network

US blackout was computer related

There's a more interesting Ruby exploit (http://www.securityfocus.com/bid/57187) that can allows remote command execution.

"I have used host files and pac files in the past. Host files is *the* slowest way (up to 1/4th a second per lookup past 200k in the file). It is also broken in win7 and above as in some cases it can be ignored all together." - by Anonymous Coward on Thursday October 04, @04:20PM (#41552741)

Really? First of all - You're talking about a Ring 3/RPL 3/Usermode app LAYERED ONTOP OF A BROWSER (more complexity)...

Hosts files, by way of comparison?

Hosts files "RUN" IN A FAR FASTER & MORE EFFICIENT LAYER OF OPERATION: Ring 0/RPL 0/kernelmode (acting as a filter for the IP stack).

(So, you stating that hosts are SLOWER, especially once cached into RAM? LOL!)

---

Secondly:

I'll let others from /. show otherwise by THEIR experience using hosts files (for speed alone, & it does a HELL OF A LOT MORE THAN JUST THAT, & more + BETTER THAN ADBLOCK - which I'll also "get into" in my 'p.s.' below) which RADICALLY DIFFERS from yours:

---

8 SLASHDOT USERS EXPERIENCING SUCCESS USING HOSTS FILES QUOTED VERBATIM, ON SPEED (along with a security expert noting the same from SYMANTEC):

---

"I want my surfing speed back so I block EVERY fucking ad. i.e. http://someonewhocares.org/hosts/ and http://winhelp2002.mvps.org/hosts.htm FTW" - by UnknownSoldier (67820) on Tuesday December 13, @12:04PM (#38356782)

"this is not a troll, which hosts file source you recommend nowadays? it's a really handy method for speeding up web and it works." - by gl4ss (559668) on Thursday March 22, @08:07PM (#39446525)

"I use a custom /etc/hosts to block ads... my file gets parsed basically instantly ... So basically, for any modern computer, it has zero visible impact. And even if it took, say, a second to parse, that would be more than offset by the MANY seconds saved by not downloading and rendering ads. I have noticed NO ill effects from running a custom /etc/hosts file for the last several years. And as a matter of fact I DO run http servers on my computers and I've never had an /etc/hosts-related problem... it FUCKING WORKS and makes my life better overall." - by sootman (158191) on Monday July 13 2009, @11:47AM (#28677363)

"I actually went and downloaded a 16k line hosts file and started using that after seeing that post, you know just for trying it out. some sites load up faster." - by gl4ss (559668) on Thursday November 17, @11:20AM (#38086752)

"I'm currently only using my hosts file to block pheedo ads from showing up in my RSS feeds and causing them to take forever to load. Regardless of its original intent, it's still a valid tool, when used judiciously." - by Bill Dog (726542) on Monday April 25, @02:16AM (#35927050)

"Web browsing is really very fast, provided you turn off advertising. I set them up with a combo of Ad Block Plus on Firefox, and a customised hosts file. They can't believe the difference." - by VShael (62735) on Monday June 29 2009, @11:35AM (#28514655)

"I have several notorious slow adservers in my /etc/hosts" - by jandrese (485) on Friday August 17 2007, @01:00PM (#20263547)

---

Then, there is also the words of respected security expert, Mr. Oliver Day, from SECURITYFOCUS.COM to "top that all off" as well:

A RETURN TO THE KILLFILE:

http://www.securityfocus.com/columnists/491

Some "PERTINENT QUOTES/EXCERPTS" to back up my points with (for starters):

---

"The host file on my day-to-day laptop

How would they know these open access points are connected to the Internet without connecting to them?
If they did so and it crossed state lines, they could face federal charges.

In fact, some backdoors keeps being there for years until, well, it went open source, happened with Interbase. And it was just the initiative of a single programmer, not company policy or government agencies requirement.

You do know that backdoors have been inserted into Linux distro's in the past, and some of them took a great deal of time to be discovered. Then of course, one never really knows if a security vulnerability is intentional or not (on any platform).

The difference is if you are that serious about security then with Linux you at least have the option of inspecting the code. With Windows you don't.

There have also been some near calls as well in the kernel itself. For instance, who remembers this doozy?

http://www.securityfocus.com/news/7388

Yes, it was caught, but not because of "many eyes". It was because the attacker chose to try to modify the version control file directly. Had it gone in by some other means, it may not have been caught at all.

So some hacker tries and fails to slip a backdoor into the kernel and you think this shows Linux as insecure? It shows the opposite. He got caught! But, in your case, talk about trying to "weasel". Pot, meet kettle.

Nice weasel word there. Blatant. What makes you think that if there are backdoors in Windows they're blatent?

Think back to the AARD code, they went way out of their way to obfuscate it. Microsoft would not be so stupid as to put a well commented backdoor in there.

Of course, I'm sure someone will bring up the NSAKEY incident, which various security researches (such as Bruce Schneier) have dismissed as merely allowing the NSA to install their own key to be install for their internal systems without having to have MS sign it.

You do know that backdoors have been inserted into Linux distro's in the past, and some of them took a great deal of time to be discovered. Then of course, one never really knows if a security vulnerability is intentional or not (on any platform).

There have also been some near calls as well in the kernel itself. For instance, who remembers this doozy?

http://www.securityfocus.com/news/7388

Yes, it was caught, but not because of "many eyes". It was because the attacker chose to try to modify the version control file directly. Had it gone in by some other means, it may not have been caught at all.

I do trust that serious/critical bugs will get fixed almost immediately (sometimes even the same day a discovery is made) versus other vendors that can take months or years to fix (if they ever fix it at all, Microsoft is an example here, dunno about Apple.)

So what's the typical difference between time-of-developer-being-informed and time-of-fix for, say, Firefox or $PICK_YOUR_DESKTOP_ENVIRONMENTS_PDF_VIEWER or $PICK_YOUR_OTHER_FREE_SOFTWARE_BROWSER? This particular PDF vulnerability was reported to the vendor (the Xpdf developers, presumably) on 2007-10-17, and a KDE fix was announced on 2007-11-07, so that delta was about 3 weeks.

Here’s what you need to know about rainbow tables: no modern password scheme is vulnerable to them.

Like "Spybot 'Search & Destroy'" & Mr. Oliver Day of Symantec/Norton/SecurityFocus.com:

"Anyone who thinks that a custom hosts file is a viable defense from malicious URLs is an idiot. (This means you, APK.)" - by Anonymous Coward on Friday May 25, @02:18PM (#40111181)

Ok, there's your "opinion", & here's some contrary ones from "those in the know" (not a troll, like U)!

---

A RETURN TO THE KILLFILE:

http://www.securityfocus.com/columnists/491

Some "PERTINENT QUOTES/EXCERPTS" to back up my points with (for starters):

---

"From what I have seen in my research, major efforts to share lists of unwanted hosts began gaining serious momentum earlier this decade. The most popular appear to have started as a means to block advertising and as a way to avoid being tracked by sites that use cookies to gather data on the user across Web properties. More recently, projects like Spybot Search and Destroy offer lists of known malicious servers to add a layer of defense against trojans and other forms of malware."

---

Plus, your own peers @ /. tend to "seal the deal" on that even moreso:

---

"Ever since I've installed a host file (http://www.mvps.org/winhelp2002/hosts.htm) to redirect advertisers to my loopback, I haven't had any malware, spyware, or adware issues. I first started using the host file 5 years ago." - by TestedDoughnut (1324447) on Monday December 13, @12:18AM (#34532122)

"A hosts file certainly does not require "a lot of work" to maintain, and it quite effectively kills a LOT of advertising and tracking schemes. . In fact, I never would have considered trying to use it for ddefending against viruses or malware." - by RocketRabbit (830691) on Thursday December 30 2010, @05:48PM (#34715060)

---

* Had enough, troll? Obviously YOU have...

Face it:

You CANNOT disprove points I've made on custom HOSTS file benefits in not only "layered-security"/"defense-in-depth", but also for speed, reliability, & even more 'anonymity' to an extent (vs. DNSBL's that aren't just, but moreso vs. DNS request logs)), & "that's-that", period!

APK

P.S.=> See - I absolutely KNOW when I've won though, when trolls avoid questions I put to them or challenges like disproving points on hosts files I've made here...

All they have in "effete retaliation"? Bogus unjustified downmods... lol!

... apk

Like "Spybot 'Search & Destroy'" & Mr. Oliver Day of Symantec/Norton/SecurityFocus.com:

"Anyone who thinks that a custom hosts file is a viable defense from malicious URLs is an idiot. (This means you, APK.)" - by Anonymous Coward on Friday May 25, @02:18PM (#40111181)

Ok, there's your "opinion", & here's some contrary ones from "those in the know" (not a troll, like U)!

---

A RETURN TO THE KILLFILE:

http://www.securityfocus.com/columnists/491

Some "PERTINENT QUOTES/EXCERPTS" to back up my points with (for starters):

---

"From what I have seen in my research, major efforts to share lists of unwanted hosts began gaining serious momentum earlier this decade. The most popular appear to have started as a means to block advertising and as a way to avoid being tracked by sites that use cookies to gather data on the user across Web properties. More recently, projects like Spybot Search and Destroy offer lists of known malicious servers to add a layer of defense against trojans and other forms of malware."

---

Plus, your own peers @ /. tend to "seal the deal" on that even moreso:

---

"Ever since I've installed a host file (http://www.mvps.org/winhelp2002/hosts.htm) to redirect advertisers to my loopback, I haven't had any malware, spyware, or adware issues. I first started using the host file 5 years ago." - by TestedDoughnut (1324447) on Monday December 13, @12:18AM (#34532122)

"A hosts file certainly does not require "a lot of work" to maintain, and it quite effectively kills a LOT of advertising and tracking schemes. . In fact, I never would have considered trying to use it for ddefending against viruses or malware." - by RocketRabbit (830691) on Thursday December 30 2010, @05:48PM (#34715060)

---

* Had enough, troll? Obviously YOU have...

(You CANNOT disprove points I've made on custom HOSTS file benefits in not only "layered-security"/"defense-in-depth", but also for speed, reliability, & even more 'anonymity' to an extent (vs. DNSBL's that aren't just, but moreso vs. DNS request logs)).

APK

P.S.=> I absolutely KNOW when I've won though, when trolls avoid questions I put to them or challenges like disproving points on hosts files I've made here... & all they have in "effete retaliation"? Bogus unjustified downmods... lol!

... apk

http://www.securityfocus.com/columnists/491

Like "Spybot 'Search & Destroy'" & Mr. Oliver Day of Symantec/Norton/SecurityFocus.com:

"Anyone who thinks that a custom hosts file is a viable defense from malicious URLs is an idiot. (This means you, APK.)" - by Anonymous Coward on Friday May 25, @02:18PM (#40111181)

Ok, there's your "opinion", & here's some contrary ones from "those in the know" (not a troll, like U)!

---

A RETURN TO THE KILLFILE:

http://www.securityfocus.com/columnists/491

Some "PERTINENT QUOTES/EXCERPTS" to back up my points with (for starters):

---

"From what I have seen in my research, major efforts to share lists of unwanted hosts began gaining serious momentum earlier this decade. The most popular appear to have started as a means to block advertising and as a way to avoid being tracked by sites that use cookies to gather data on the user across Web properties. More recently, projects like Spybot Search and Destroy offer lists of known malicious servers to add a layer of defense against trojans and other forms of malware."

---

Plus, your own peers @ /. tend to "seal the deal" on that even moreso:

---

"Ever since I've installed a host file (http://www.mvps.org/winhelp2002/hosts.htm) to redirect advertisers to my loopback, I haven't had any malware, spyware, or adware issues. I first started using the host file 5 years ago." - by TestedDoughnut (1324447) on Monday December 13, @12:18AM (#34532122)

"A hosts file certainly does not require "a lot of work" to maintain, and it quite effectively kills a LOT of advertising and tracking schemes. . In fact, I never would have considered trying to use it for ddefending against viruses or malware." - by RocketRabbit (830691) on Thursday December 30 2010, @05:48PM (#34715060)

---

* Had enough, troll? Obviously YOU have...

(You CANNOT disprove points I've made on custom HOSTS file benefits in not only "layered-security"/"defense-in-depth", but also for speed, reliability, & even more 'anonymity' to an extent (vs. DNSBL's that aren't just, but moreso vs. DNS request logs)).

APK

P.S.=> I absolutely KNOW when I've won though, when trolls avoid questions I put to them or challenges like disproving points on hosts files I've made here... & all they have in "effete retaliation"? Bogus unjustified downmods... lol!

... apk

http://www.securityfocus.com/columnists/491

Well, say what you WANT about me, but how about these folks (your peers on /., as well as security pros & more):

Then, there is also the words of respected security expert, Mr. Oliver Day, from SECURITYFOCUS.COM to "top that all off" as well:

A RETURN TO THE KILLFILE:

http://www.securityfocus.com/columnists/491

Some "PERTINENT QUOTES/EXCERPTS" to back up my points with (for starters):

---

"The host file on my day-to-day laptop is now over 16,000 lines long. Accessing the Internet -- particularly browsing the Web -- is actually faster now."

Speed, and security, is the gain... others like Mr. Day note it as well!

---

"From what I have seen in my research, major efforts to share lists of unwanted hosts began gaining serious momentum earlier this decade. The most popular appear to have started as a means to block advertising and as a way to avoid being tracked by sites that use cookies to gather data on the user across Web properties. More recently, projects like Spybot Search and Destroy offer lists of known malicious servers to add a layer of defense against trojans and other forms of malware."

Per my points exactly, no less... & guess who was posting about HOSTS files a 14++ yrs. or more back & Mr. Day was reading & now using? Yours truly (& this is one of the later ones, from 2001 http://www.furtherleft.net/computer.htm (but the example HOSTS file with my initials in it is FAR older, circa 1998 or so) or thereabouts, and referred to later by a pal of mine who moderates NTCompatible.com (where I posted on HOSTS for YEARS (1997 onwards)) -> http://www.ntcompatible.com/thread28597-1.html !

---

"Shared host files could be beneficial for other groups as well. Human rights groups have sought after block resistant technologies for quite some time. The GoDaddy debacle with NMap creator Fyodor (corrected) showed a particularly vicious blocking mechanism using DNS registrars. Once a registrar pulls a website from its records, the world ceases to have an effective way to find it. Shared host files could provide a DNS-proof method of reaching sites, not to mention removing an additional vector of detection if anyone were trying to monitor the use of subversive sites. One of the known weaknesses of the Tor system, for example, is direct DNS requests by applications not configured to route such requests through Tor's network."

There you go: AND, it also works vs. the "KAMINSKY DNS FLAW" & DNS poisoning/redirect attacks, for redirectable weaknesses in DNS servers (non DNSSEC type, & set into recursive mode especially) and also in the TOR system as well (that lends itself to anonymous proxy usage weaknesses I noted above also) and, you'll get to sites you want to, even IF a DNS registrar drops said websites from its tables as shown here Beating Censorship By Routing Around DNS -> http://yro.slashdot.org/story/10/12/09/1840246/Beating-Censorship-By-Routing-Around-DNS & even DNSBL also (DNS Block Lists) -> http://en.wikipedia.org/wiki/DNSBL as well - DOUBLE-BONUS!

---

* POSTS ABOUT HOSTS FILES I DID on "/." THAT HAVE DONE WELL BY OTHERS & WERE RATED HIGHLY, 26++ THUSFAR (from +3 -> +1 RATINGS, usually "informative" or "interesting" etc./et al):

BANNER ADS & BANDWIDTH:2011 -> http://hardware.slashdot.org/comments.pl?sid=2139088&cid=36077722
HOSTS MOD UP:2010 -> http://yro.slashdot.org/comments.pl?sid=1907266&cid=34529608

Wherever you see the term "QUESTION #", or a question mark? Answer & DISPROVE my points (which have backing from the security community a few times no less, & you stated they "laugh @ me", didn't you?)

QUESTION #1: Are these people FASTER or SLOWER websurfing w/ custom HOSTS files here (your /. peers AND a security expert (from a division of SYMANTEC/NORTON & yet you said "the security community was laughing @ me & my ideas on hosts files" didn't you?))?

---

E.G. #1 - The words of a security expert, Oliver Day (SECURITYFOCUS) CLEARLY disagree w/ you:

A RETURN TO THE KILLFILE:

http://www.securityfocus.com/columnists/491

Some "PERTINENT QUOTES/EXCERPTS" to back up my points with (for starters):

---

"The host file on my day-to-day laptop is now over 16,000 lines long. Accessing the Internet -- particularly browsing the Web -- is actually faster now."

CLEARLY - Speed is a gain... Mr. Day note it as well & he IS a 'security expert' who does work for SYMANTEC/NORTON via their securityfocus.com site... & you said security experts were laughing @ me on my ideas on hosts files?

(QUESTION #2: Explain that too... is that security expert "laughing @ me" & my points on hosts files? Clearly, no...)

---

QUESTION #3: Are these /. forums members going FASTER or SLOWER using custom HOSTS files?

8++ SLASHDOT USERS EXPERIENCING SUCCESS USING HOSTS FILES FOR SPEED, QUOTED VERBATIM:

---

"I want my surfing speed back so I block EVERY fucking ad. i.e. http://someonewhocares.org/hosts/ and http://winhelp2002.mvps.org/hosts.htm FTW" - by UnknownSoldier (67820) on Tuesday December 13, @12:04PM (#38356782)

"this is not a troll, which hosts file source you recommend nowadays? it's a really handy method for speeding up web and it works." - by gl4ss (559668) on Thursday March 22, @08:07PM (#39446525) Homepage Journal

"I use a custom /etc/hosts to block ads... my file gets parsed basically instantly ... So basically, for any modern computer, it has zero visible impact. And even if it took, say, a second to parse, that would be more than offset by the MANY seconds saved by not downloading and rendering ads. I have noticed NO ill effects from running a custom /etc/hosts file for the last several years. And as a matter of fact I DO run http servers on my computers and I've never had an /etc/hosts-related problem... it FUCKING WORKS and makes my life better overall." - by sootman (158191) on Monday July 13 2009, @11:47AM (#28677363) Homepage Journal

"I actually went and downloaded a 16k line hosts file and started using that after seeing that post, you know just for trying it out. some sites load up faster." - by gl4ss (559668) on Thursday November 17, @11:20AM (#38086752) Homepage Journal

"I'm currently only using my hosts file to block pheedo ads from showing up in my RSS feeds and causing them to take forever to load. Regardless of its original intent, it's still a valid tool, when used judiciously." - by Bill Dog (726542) on Monday April 25, @02:16AM (#35927050) Homepage Journal

"I'm tempted to go for a hacked hosts file that simply resolves most advert sites to 127.0.0.1" - by bLanark (123342) on Tuesday December 13, @01:13PM (#38357760)

"A hosts file certainly does not require "a lot of work" to maintain, and it quite effectively kills a LOT of advertising and tracking schemes. . In fact, I never would have considered try

"4. You lie - by Anonymous Coward on Friday May 04, @02:52PM (#39893819)

That was specifically in regards to DNS request logs, where I show they cannot track you...

Thus, YOU LOSE/YOU FAIL, as usual & anyone can read it here now too, in my requoting myself on it WITH the actual link & text + context I used (regarding DNS tracking logs)...

(Where you not only PARTIALLY QUOTED ME, a weak "troll tactic", but altered my post when you did in your last reply (doubly weak)).

These were my original words, used in the context of DNS request logs, specifically:

"Not with DNS request logs for my hardcoded favorites they don't & CAN'T if I don't query a DNS server of theirs? No possible tracking" - by Anonymous Coward on Friday May 04, @01:45AM (#39886991) FROM -> http://linux.slashdot.org/comments.pl?sid=2820335&cid=39886991

Plus, I even specifically noted in my replies here that DPI can track you, but they do NOT do THAT to everyone...

(U FAIL AS USUAL & on bogus tactics too... lol!)

---

"1. you say that you get it faster. for one you have no source to prove it"" - by Anonymous Coward on Friday May 04, @02:52PM (#39893819)

WTF? Ok - Check how often Norton SafeWeb for example, updates (They're another one of my respected security community sources I didn't mention earlier alongside ZEUS & SPYEYE trackers, + hpHosts/malwarebytes too) here:

http://safeweb.norton.com/buzz

* AGAIN, "U FAIL"... totally "EPIC FAIL #2", lol...

---

"for two, it still takes days/weeks before you're "protected", so yes, you (or anyone relying on your "guide") are doomed. you loose." - by Anonymous Coward on Friday May 04, @02:52PM (#39893819)

LOL, considering I don't use JAVA, javascript, Adobe plugins OR others? How can I be "infested"?? Clue - I can't... those are the things used against users by malware makers... lol!

(I do it via Opera's options for this BY SITE, & by default, I keep it OFF for all sites, & only make exceptions for ones I KNOW are safe that I need to activate them on (plus, I haven't had an infection of ANY KIND since 1996/16++ years now as proof too)).

Plus again - I DO GET UPDATES TO MY HOSTS FILE EVERY 15 MINUTES (quicker if I wish too) & FROM SITES THAT ARE REPUTABLE SECURITY SITES and respected too! The odds of my entering your malicious site you intend to create before I update it is astronomical as well, and I won't click on links you post either...

(Man, are you dumb!)

---

"3. and you are an idiot, I didn't say caching was useless (it is useful and fast as opposed to disk I/O), but it's moot as a point for how fast your access to website has become "thanks" to your host file." - by Anonymous Coward on Friday May 04, @02:52PM (#39893819)

Well, since my word isn't good enough on how much speed gain one gets from a custom HOSTS file? Once more:

I'll post your /. peers who gained speed, as well as Mr. Oliver Day a security expert from SYMANTEC/NORTON division, SecurityFocus:

A RETURN TO THE KILLFILE:

http://www.securityfocus.com/columnists/491

Some "PERTINENT QUOTES/EXCERPTS" to back up my points with (for starters):

---

"The host file on my day-to-day laptop is now over 16,000 lines long. Accessing the Internet -- particularly browsing the Web -- is actually faster now."

---

"I want my surfing speed back so I block EVERY fucking ad. i.e. http://someonewhocares.org/hosts/ and

http://www.securityfocus.com/news/6767

Not actually touching the reactor, but if you've studied systems safety engineering you know that screwing up a display or warning system is a perfectly adequate way to wreck things.

First of all - You've made VERY FUNDAMENTAL "rookie" mistake's here on hosts files above!

Both gents pdubs & logicalscope above overlooked this:

The local kernelmode diskcaching subsystem caching the hosts file!

Since, like any file that is referenced and subsequently re-referenced, it will get cached that way, even if one were to turn off their local DNS clientside cache in Windows - there IS another method, but why use it? The DNS clientside cache won't handle larger hosts files, and wastes CPU cycles, memory, & other forms of I/O as well since the local kernelmode diskcaching subsystem can assume duties caching it!

(Windows DNS clientside cache service is built on a faulty premise in a non-flexible structure & with large hosts files, it will "lag" you, so turn it off IF you use a larger hsots file - this is a design problem in Windows itself, Linux for example has no such issue (it is 1 thing I will give Linux in fact, over Windows))

Thus, the local kernelmode diskcaching subsystem will take over caching hosts file data for fast "in memory" lookups of its record entries, just like the DNS clientside cache does, but without the "lag" you would get with a large hosts file due to faults in the DNS clientside cache service's design (static structure).

* This is basic stuff fellas, you overlooked it.

---

Secondly:

2 items you have overlooked for speed that hosts files give you pdubs & logicalscope:

A.) You can also additionally "speed up" accesss to your favorite websites by "hardcoding in" your favorites into hosts files like so (examples):

100.1.2.3 yourfavsite1.com

101.4.5.6 yourfavsite2.com

--

Which not only speeds up access to them for the reasons noted above, but, also "proofs you" vs. DNS poisoned-redirected remote DNS servers, OR "downed" DNS servers (an added security AND RELIABILITY feature).

This can also be used to bypass DNS request logs (for better "anonymity" to an extent, but doesn't fool Deep Packet Inspections) & DNSBL's (dns block lists IF necessary).

This technique is a "white-list" of your favorite sites in essence!

It also allows for FASTER host-domain name lookups by FAR!

(In fact, many orders of magnitude so, since disk access (7-10ms nowadays) is faster than roundtrip calls & callbacks in the API to a remote DNS server (30-to 100's of ms) - & speed of parsing is NO DIFFERENT in the diskcache than it would be in the faulty Windows DNS clientside cache service... it's a memory based parse either way).

---

B.) HOSTS files can be also used to blockout adbanners to gain more easily NOTICEABLE SPEED online, as well as security also (since adbanners have borne malicious script in them MANY times the past few years, if you would like a partial list of that? Ask)

There's no question that adbanners slow down websurfing massively.

Hosts can do away with that lag, AND add security as well + more.

By the way - your suggestion on AdBlock?

AdBlock "ain't what it used to be" by default & does NOT block all ads:

http://news.slashdot.org/story/11/12/12/2213233/adblock-plus-to-offer-acceptable-ads-option

These are 2 other "fundamentals" you've overlooked in the capabilities of a hosts file pdubs & logicalscope.

---

There is also the words of Mr. Oliver Day of SecurityFocus (a division of Symantec) from the article of his on HOSTS files!

It supports my points as well on how hosts files can speed one up and secure one additionally via "layered security"/"defense in depth" via known bad hosts-domains:

A RETURN TO THE KILLFILE:

http://www.securityfocus.com/columnists/491

Some "PERTINENT QUOTES/EXCERPTS" to back up my points with (for starters):

---

"The host file on my day-to-day laptop is now over 16,000 lines long. Acce

How would you like your Tor traffic dumped to plain text on your hard drive in REAL TIME?

Don't let yourself get FUCKED IN THE ASS!

*
Tor Browser Bundle for Linux (2.2.35-8) "EVIL bug"
*** NEVER FORGET ***
*
- http://seclists.org/bugtraq/2012/Mar/85
- http://www.securityfocus.com/archive/1/522003/30/0/threaded
*
"There is an EVIL bug in at least the Linux (2.2.35-8) Tor Browser Bundle start-tor-browser script. It will log things
like domain names to a file in the root of the browser bundle."

https://trac.torproject.org/projects/tor/ticket/5417

Ticket #5417 (new defect)

RelativeLink.sh in Tor browser bundle has small typo causing debug mode to be always turned on

Reported by: cypherpunks
Priority: critical
Component: Tor bundles/installation

Description

TBB starts in debug mode disregardless of --debug switch used or not. This is caused by small bug on line 208 on
RelativeLink.sh, where it says

if [ "${debug}" ];

where it should say

if [ "${debug}" == 1];

or

if [ ${debug} -eq 1 ];

*
Thank you for the warning. I expected something like this to happen, given the last slip up with a mistake in FF versions. This, "error", if you wish to call it such, shouldn't have happened. Again, this is a lack of testing.

I hope no one in Iran, China, or other freedom starved regions were screwed because of this.

I hope a fix is released and quickly.

These mistakes should be posted in the Tor announcements mailing list (no announcements at all since Dec/11 is pathetic) and on the blog.

It would help Tor users even more if you were to actually create web forums for discussions (but I doubt you will, we've only been asking for this for years!) where you could sticky-pin these types of mistakes and communicate better with the broad range of users.

A large number of people will never use a bug tracker, and/or never use mailing lists. They are simpler minded people or too busy, this is where web based discussion forums come in. Users should not have to scramble to unofficial .onion forums which are up one day and down the next and which may (and have in the past!) contain malicious posts/threads to target the user's browser and/or Tor itself.

With errors like this, perhaps you should let Mickey Mouse sign the future Linux release bundles with his fictional GPG key. He couldn't do any worse.

I've also noticed FF crashing more often since the last few releases.

I guess it's time for us Linux bundle users to run W.I.N.E. and the Windows version of the bundle on Linux so we know we are not getting borked with some new fantastic bug or lack of oversight like this again.

But will this post be approved for others to see, or swept under the rug like one previous post about a similar issue.

Now I'm looking forward to the next release, not for use, but just to see what type of bug(s) it may contain. THANKS!

*
Nick Mathewson
Mon, 19 Mar 2012 09:40:43 -0700

It seems that a fix was merged yesterday: see
https://trac.torproject.org/projects/tor/ticket/5417 and
https://lists.torproject.org/pipermail/tor-commits/2012-March/041036.html
.

I bet there will be new TBBs out very soon.

In the meantime, Linux users should delete vidalia-debug-log and
symlink it to /dev/null. (Haven't tested that, but it should work:

#
Tor Browser Bundle for Linux (2.2.35-8) "EVIL bug"
*** NEVER FORGET ***
#
- http://seclists.org/bugtraq/2012/Mar/85
- http://www.securityfocus.com/archive/1/522003/30/0/threaded
#
"There is an EVIL bug in at least the Linux (2.2.35-8) Tor Browser Bundle start-tor-browser script. It will log things
like domain names to a file in the root of the browser bundle."

https://trac.torproject.org/projects/tor/ticket/5417

Ticket #5417 (new defect)

RelativeLink.sh in Tor browser bundle has small typo causing debug mode to be always turned on

Reported by: cypherpunks
Priority: critical
Component: Tor bundles/installation

Description

TBB starts in debug mode disregardless of --debug switch used or not. This is caused by small bug on line 208 on
RelativeLink.sh, where it says

if [ "${debug}" ];

where it should say

if [ "${debug}" == 1];

or

if [ ${debug} -eq 1 ];

#
Thank you for the warning. I expected something like this to happen, given the last slip up with a mistake in FF versions. This, "error", if you wish to call it such, shouldn't have happened. Again, this is a lack of testing.

I hope no one in Iran, China, or other freedom starved regions were screwed because of this.

I hope a fix is released and quickly.

These mistakes should be posted in the Tor announcements mailing list (no announcements at all since Dec/11 is pathetic) and on the blog.

It would help Tor users even more if you were to actually create web forums for discussions (but I doubt you will, we've only been asking for this for years!) where you could sticky-pin these types of mistakes and communicate better with the broad range of users.

A large number of people will never use a bug tracker, and/or never use mailing lists. They are simpler minded people or too busy, this is where web based discussion forums come in. Users should not have to scramble to unofficial .onion forums which are up one day and down the next and which may (and have in the past!) contain malicious posts/threads to target the user's browser and/or Tor itself.

With errors like this, perhaps you should let Mickey Mouse sign the future Linux release bundles with his fictional GPG key. He couldn't do any worse.

I've also noticed FF crashing more often since the last few releases.

I guess it's time for us Linux bundle users to run W.I.N.E. and the Windows version of the bundle on Linux so we know we are not getting borked with some new fantastic bug or lack of oversight like this again.

But will this post be approved for others to see, or swept under the rug like one previous post about a similar issue.

Now I'm looking forward to the next release, not for use, but just to see what type of bug(s) it may contain. THANKS!

#
Nick Mathewson
Mon, 19 Mar 2012 09:40:43 -0700

It seems that a fix was merged yesterday: see
https://trac.torproject.org/projects/tor/ticket/5417 and
https://lists.torproject.org/pipermail/tor-commits/2012-March/041036.html
.

I bet there will be new TBBs out very soon.

In the meantime, Linux users should delete vidalia-debug-log and
symlink it to /dev/null. (Haven't tested that, but it should work:

% ln -sf /dev/null /path/to/vidalia-debug-log
% ls -l /path/to/vid

#
Tor Browser Bundle for Linux (2.2.35-8) "EVIL bug"
*** NEVER FORGET ***
#
- http://seclists.org/bugtraq/2012/Mar/85
- http://www.securityfocus.com/archive/1/522003/30/0/threaded
#
"There is an EVIL bug in at least the Linux (2.2.35-8) Tor Browser Bundle start-tor-browser script. It will log things
like domain names to a file in the root of the browser bundle."

https://trac.torproject.org/projects/tor/ticket/5417

Ticket #5417 (new defect)

RelativeLink.sh in Tor browser bundle has small typo causing debug mode to be always turned on

Reported by: cypherpunks
Priority: critical
Component: Tor bundles/installation

Description

TBB starts in debug mode disregardless of --debug switch used or not. This is caused by small bug on line 208 on
RelativeLink.sh, where it says

if [ "${debug}" ];

where it should say

if [ "${debug}" == 1];

or

if [ ${debug} -eq 1 ];

#
Thank you for the warning. I expected something like this to happen, given the last slip up with a mistake in FF versions. This, "error", if you wish to call it such, shouldn't have happened. Again, this is a lack of testing.

I hope no one in Iran, China, or other freedom starved regions were screwed because of this.

I hope a fix is released and quickly.

These mistakes should be posted in the Tor announcements mailing list (no announcements at all since Dec/11 is pathetic) and on the blog.

It would help Tor users even more if you were to actually create web forums for discussions (but I doubt you will, we've only been asking for this for years!) where you could sticky-pin these types of mistakes and communicate better with the broad range of users.

A large number of people will never use a bug tracker, and/or never use mailing lists. They are simpler minded people or too busy, this is where web based discussion forums come in. Users should not have to scramble to unofficial .onion forums which are up one day and down the next and which may (and have in the past!) contain malicious posts/threads to target the user's browser and/or Tor itself.

With errors like this, perhaps you should let Mickey Mouse sign the future Linux release bundles with his fictional GPG key. He couldn't do any worse.

I've also noticed FF crashing more often since the last few releases.

I guess it's time for us Linux bundle users to run W.I.N.E. and the Windows version of the bundle on Linux so we know we are not getting borked with some new fantastic bug or lack of oversight like this again.

But will this post be approved for others to see, or swept under the rug like one previous post about a similar issue.

Now I'm looking forward to the next release, not for use, but just to see what type of bug(s) it may contain. THANKS!

#
Nick Mathewson
Mon, 19 Mar 2012 09:40:43 -0700

It seems that a fix was merged yesterday: see
https://trac.torproject.org/projects/tor/ticket/5417 and
https://lists.torproject.org/pipermail/tor-commits/2012-March/041036.html
.

I bet there will be new TBBs out very soon.

In the meantime, Linux users should delete vidalia-debug-log and
symlink it to /dev/null. (Haven't tested that, but it should work:

% ln -sf /dev/null /path/to/vidalia-debug-log
% ls -l /path/to/vid

##
Tor Browser Bundle for Linux (2.2.35-8) "EVIL bug"
*** NEVER FORGET ***
#
- http://seclists.org/bugtraq/2012/Mar/85
- http://www.securityfocus.com/archive/1/522003/30/0/threaded
#
"There is an EVIL bug in at least the Linux (2.2.35-8) Tor Browser Bundle start-tor-browser script. It will log things
like domain names to a file in the root of the browser bundle."

https://trac.torproject.org/projects/tor/ticket/5417

Ticket #5417 (new defect)

RelativeLink.sh in Tor browser bundle has small typo causing debug mode to be always turned on

Reported by: cypherpunks
Priority: critical
Component: Tor bundles/installation

Description

TBB starts in debug mode disregardless of --debug switch used or not. This is caused by small bug on line 208 on
RelativeLink.sh, where it says

if [ "${debug}" ];

where it should say

if [ "${debug}" == 1];

or

if [ ${debug} -eq 1 ];

#
Thank you for the warning. I expected something like this to happen, given the last slip up with a mistake in FF versions. This, "error", if you wish to call it such, shouldn't have happened. Again, this is a lack of testing.

I hope no one in Iran, China, or other freedom starved regions were screwed because of this.

I hope a fix is released and quickly.

These mistakes should be posted in the Tor announcements mailing list (no announcements at all since Dec/11 is pathetic) and on the blog.

It would help Tor users even more if you were to actually create web forums for discussions (but I doubt you will, we've only been asking for this for years!) where you could sticky-pin these types of mistakes and communicate better with the broad range of users.

A large number of people will never use a bug tracker, and/or never use mailing lists. They are simpler minded people or too busy, this is where web based discussion forums come in. Users should not have to scramble to unofficial .onion forums which are up one day and down the next and which may (and have in the past!) contain malicious posts/threads to target the user's browser and/or Tor itself.

With errors like this, perhaps you should let Mickey Mouse sign the future Linux release bundles with his fictional GPG key. He couldn't do any worse.

I've also noticed FF crashing more often since the last few releases.

I guess it's time for us Linux bundle users to run W.I.N.E. and the Windows version of the bundle on Linux so we know we are not getting borked with some new fantastic bug or lack of oversight like this again.

But will this post be approved for others to see, or swept under the rug like one previous post about a similar issue.

Now I'm looking forward to the next release, not for use, but just to see what type of bug(s) it may contain. THANKS!

#
Nick Mathewson
Mon, 19 Mar 2012 09:40:43 -0700

It seems that a fix was merged yesterday: see
https://trac.torproject.org/projects/tor/ticket/5417 and
https://lists.torproject.org/pipermail/tor-commits/2012-March/041036.html
.

I bet there will be new TBBs out very soon.

In the meantime, Linux users should delete vidalia-debug-log and
symlink it to /dev/null. (Haven't tested that, but it should work:

% ln -sf /dev/null /path/to/vidalia-debug-log
% ls -l /path/to/vi

Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information,

There have been exploits in the past, but they have been fixed. Also, Java and flash are the most common because those are the main languages that run as plugins in your browser. Of course that's where everyone is going to look for these problems. It wouldn't be a big deal to find a similar bug in PHP or Python, because you couldn't get people's browser to execute them.

Ugh.
securityfocus.com

select vendor microsoft
framework .net

whatever version you use

there's about a dozen vulnerabilities in version 4.0 alone, including this one overrunning an array

http://www.securityfocus.com/bid/48212/discuss

Shithead fanboy. Understand the tools you use. Marketing theory is not implementation reality.

Yes, they've been found. Yes, they're open. And your question reveals absolutely horrific ignorance and shows that you've drank the kool-aid instead of doing some research.

Next time you choose a platform, ask yourself what the possible vulnerabilities are, and then do a google search for them. Had you done this, you'd realize that Java is one of the exploit platforms of choice, second only to flash -- and has been for years.

Java is portable and scripting languages are portable, with fewer porting problems than C/C++.

So, what's the JVM for iOS?

C# with .NET is meant to replace the Win32 API, so if that's your target, portability isn't a concern.

Which in many cases - like, for example, browsers - is.

But by using the memory-safe languages, much less code is created that suffers these problems. If you look at the Java API, for example, a lot of the API is written in Java itself.

And yet it still suffers from buffer overflows - in their image parsers, no less!

There's no silver bullet, and managed languages certainly aren't one. Languages with decent typing systems (so, not Java or C#) are better because they can solve a lot at compile time, but they're still not perfect.

> From a bunch of MP3 files? How, pray tell, does that work?
http://www.securityfocus.com/archive/1/374433 for example.

I'd be curious to know if a particular application-level vulnerability was used in this event. There has been several vulnerabilities of late related to Java/Apache/PHP such as the hash-collision vulnerability with exploit code here http://www.securityfocus.com/bid/51193/info that has demonstrated to be very effective - so much so that a single host can bring down a relatively large site by exhausting CPU on the web server.... does anyone know the particulars of this event??

The standard recommendation I've seen is to overwrite at least 3, perhaps 5, 7, or even 9 times[0], often with a final all-zero overwrite[1] at the end (since an all-zero nominal image might discourage someone from looking harder, while a disk full of random-looking data can only result from a random overwrite or a full-disk encryption system).

The "kill it with fire" technique is more a question of speed and when you can afford to destroy disks. I've heard the NSA burns their disks, and Google physically mangles disks, but consider that those organizations are going to get rid of disks either when the device using them is past its useful lifetime, or when the disk starts failing. At that point the future value of keeping the disk around is low. It's more cost effective to use a quick method that prevents data recovery (of the desired level depending on threat model), rather than tying up computers and personnel in lengthy overwrite procedures when the disk is probably going to be thrown out anyway.

The reason for multiple overwrites is that if you look at absolute magnetic readings from the disk at each bit storage position, it's not digital. Instead of "1" or "0", you might see .998 or .005.

The one in-depth article I read a while back said that an overwrite moves the charge roughly 90% of the way to the opposite value. If a bit was "1" and is overwritten with "0", the new value would be 0.1 Subsequent overwrites similarly attenuate past data. Given disk error rates today, I think 90% is optimistically high.

For the sake of simplicity, if each overwrite pass changes the data value exactly 90% of the way from the current value to the target value, every bit on the disk is going to be either between 0 and 0.1 or between .9 and 1.0. More specifically, there are four possibilities for each bit. If the reading is close to the range 0.00 to 0.01, both the current and last image stored a zero. If the reading is close to the range 0.09 to 0.10, the current image is zero and the last image was a 1. Similarly for 0.90 to 0.91 and 0.99 to 1.00 ranges.

With a perfectly accurate magnetic detector and a HDD write mechanism that is perfectly accurate, and a perfectly linear and resilient magnetic layer on the disk, you could discover past images one by one... once you determine the last image logical value, you apply a function, possibly a linear map, to strip out the computer-visible layer and derive the exact magnetic reading as it would have been before the last overwrite. Repeat, wash, rinse...

The objective of overwriting several times is to push the magnetic differences caused by the last "real" stored data into the range where it's obscured by noise, either noise of the magnetic imager used to take raw magnetic readings, or much more likely, noise of the HDD writing mechanism (it isn't writing a perfect "1" value each time), or noise or imperfections of the magnetic substrate leading to imperfect magnetic storage.

I think recommendations for 35 overwrites, or even 9 overwrites, may be overestimating the capabilities of an adversary. Not because of anything the adversary does, but because of modern hard drives. Data is crammed into such small magnetic wells that the absolute magnetic readings are less consistent than ever before. Given the error rates of modern TB-sized disks, I would expect many blocks with unrecoverable (2+ bit errors per block) read errors upon reconstruction of even the second to last magnetic image. Repeating the process, I would expect errors to increase non-linearly. My WAG is that before 9 overwrites you're in a situation where even a perfect magnetic detector is reading only low-level noise from the drive. (I'm talking about noise from the non-perfect magnetic layer on the disk surface, and fluctuating magnetic field write strength from the drive head.)

[0] see, for instance, http://www.securityfocus.com/archive/1/310128