Slashdot Mirror

"In this regard, AdBlock makes a significant difference if you tell it to not download ads at all, but I am not comfortable with denying revenue streams to the websites I visit, after all, they are providing me with a service I enjoy, for free." - by mr_da3m0n (887821) on Monday November 30, @12:41PM (#30271744) Homepage

Banner Ads slow you down massively, &, adbanners have been shown as infection by malware vectors too many times over the past few years now (see my p.s. below for evidence of that), &, they also cut into my linespeed I PAY FOR... that is a "no no", sorry webmaster, just a fact, that.

SO - Per my subject line above?

How about a GLOBAL solution, instead, & one that extends to ALL of your "webbound apps", instead, & NOT just to Mozilla softwares which is all your solution works for... (think IE, Outlook & other email programs even, + more), AND, the solution I propose also acts as "layered security" in combination with the FF/Mozilla only methods you use (which sadly, your methods are KNOWN to slow your browser down, use CPU cycles & more (like having bugs & security flaws in themselves too)... where this solution does not & covers ALL webbound apps, globally)??

Here is a GOOD SOLID WORK-AROUND, CALLED A HOSTS FILE!

(It works for more speed online, AND SECURITY ESPECIALLY... Also, it works for your money, because you pay for your linetime out of pocket most likely as I do, you can get back your speed, AND, gain security easily, & from a single easily edited file & a file eats no CPU cycles like a local DNS server can (& are not as security vulnerable either if you protect write access to a HOSTS file also)... Anyhow/anyways - Here goes:

SO - "that all said & aside"? Well, per your reply?? You're solutions cost CPU cycles & are KNOWN to slow down FF/Mozilla variants (as browser addons do), but... Hey - NO PROBLEM, because HOSTS files work alongside those addons too, & offer you more speed online AND more security, via a SINGLE EASILY EDITED + POPULATED FILE (called a HOSTS file):

I use a custom HOSTS file, in addition to the tools others here in this thread have noted (which MANY like FF addons only really function for FireFox/Mozilla products, but don't extend globally to all other webbound applications, & that is part of what HOSTS files give you above the methods you extoll + utilize: "GLOBAL COVERAGE", & of ALL webbound apps, not just FireFox/Mozilla ones via the addons you noted + use yourself...).

HOSTS files can be used to blockout KNOWN "bad" adserves, maliciously coded sites or adbanners, and "botnet C&C servers" too!

You can obtain reliable HOSTS files from reputable lists for more security online, but also for speed!

(More on that later & WHY/HOW (I use reliable lists for that, such as these HOSTS @ Wikipedia.com -> http://en.wikipedia.org/wiki/Hosts_file or those from mvps.org (a good one this one))

I also further populate & keep current my custom HOSTS file with up to date information in regards to all of those threats, via:

----

A.) Spybot "Search & Destroy" updates (populates HOSTS and browser block lists)

B.) Sites like ZDNet's Mr. Dancho Danchev's blog -> http://ddanchev.blogspot.com/

C.) Sites like FireEye -> http://blog.fireeye.com/

D.) SRI -> http://mtc.sri.com/

----

My HOSTS file incorporates ALL of the entries from the HOSTS files shown @ wikipedia as well... gaining me speed online (by blocking adbanners, which have been compromised many times the past few years now by malscripted exploits (examples below)).

(I combined ALL reputable HOSTS files with one of my own (30,000 entries), & I removed duplicates removed via a Borland Delphi ap

"But ads are useful." - by hey (83763) on Monday November 30, @12:40PM (#30271716)

Per my subject line above? Who are they useful to?? Webmasters leeching off users, or malware makers as well (see my p.s. below) but... I have the solution to that, & the speed that adbanners/banner ads take away from you (as well as proof of their infecting others too many times the past few years now also).

So - How about a GLOBAL solution, instead, & one that extends to ALL of your "webbound apps", instead, & NOT just to Mozilla softwares which is all browser addons soluations works for, in INDIVIDUAL BROWSERS ONLY... (Beyond FF/Mozilla stuff, or, even Opera? Think IE, Outlook & other email programs even, + more), AND, the solution I propose also acts as "layered security" in combination with the FF/Mozilla only methods many here, use (which sadly, your methods are KNOWN to slow your browser down, use CPU cycles & more (like having bugs & security flaws in themselves too)... where this solution does not & covers ALL webbound apps, globally)??

Here is a GOOD SOLID WORK-AROUND, CALLED A HOSTS FILE!

(It works for more speed online, AND SECURITY ESPECIALLY... Also, it works for your money, because you pay for your linetime out of pocket most likely as I do, you can get back your speed, AND, gain security easily, & from a single easily edited file & a file eats no CPU cycles like a local DNS server can (& are not as security vulnerable either if you protect write access to a HOSTS file also)... Anyhow/anyways - Here goes:

SO - "that all said & aside"? Well, per your reply?? You're solutions cost CPU cycles & are KNOWN to slow down FF/Mozilla variants (as browser addons do), but... Hey - NO PROBLEM, because HOSTS files work alongside those addons too, & offer you more speed online AND more security, via a SINGLE EASILY EDITED + POPULATED FILE (called a HOSTS file):

I use a custom HOSTS file, in addition to the tools others here in this thread have noted (which MANY like FF addons only really function for FireFox/Mozilla products, but don't extend globally to all other webbound applications, & that is part of what HOSTS files give you above the methods you extoll + utilize: "GLOBAL COVERAGE", & of ALL webbound apps, not just FireFox/Mozilla ones via the addons you noted + use yourself...).

HOSTS files can be used to blockout KNOWN "bad" adserves, maliciously coded sites or adbanners, and "botnet C&C servers" too!

You can obtain reliable HOSTS files from reputable lists for more security online, but also for speed!

(More on that later & WHY/HOW (I use reliable lists for that, such as these HOSTS @ Wikipedia.com -> http://en.wikipedia.org/wiki/Hosts_file or those from mvps.org (a good one this one))

I also further populate & keep current my custom HOSTS file with up to date information in regards to all of those threats, via:

----

A.) Spybot "Search & Destroy" updates (populates HOSTS and browser block lists)

B.) Sites like ZDNet's Mr. Dancho Danchev's blog -> http://ddanchev.blogspot.com/

C.) Sites like FireEye -> http://blog.fireeye.com/

D.) SRI -> http://mtc.sri.com/

----

My HOSTS file incorporates ALL of the entries from the HOSTS files shown @ wikipedia as well... gaining me speed online (by blocking adbanners, which have been compromised many times the past few years now by malscripted exploits (examples below)).

(I combined ALL reputable HOSTS files with one of my own (30,000 entries), & I removed duplicates removed via a Borland Delphi app I wrote to do so called "APK HOSTS File Grinder 4.0++". That program also functions to change the default larger & SLOWER 127.0.0.1 blocking 'loopback adapt

"no-script for the win, yet again." - by rgviza (1303161) on Monday November 30, @12:36PM (#30271676)

Per my subject line above? How about a GLOBAL solution, instead, & one that extends to ALL of your "webbound apps", instead, & NOT just to Mozilla softwares which is all your solution works for... (think IE, Outlook & other email programs even, + more), AND, the solution I propose also acts as "layered security" in combination with the FF/Mozilla only methods you use (which sadly, your methods are KNOWN to slow your browser down, use CPU cycles & more (like having bugs & security flaws in themselves too)... where this solution does not & covers ALL webbound apps, globally)??

Here is a GOOD SOLID WORK-AROUND, CALLED A HOSTS FILE!

(It works for more speed online, AND SECURITY ESPECIALLY... Also, it works for your money, because you pay for your linetime out of pocket most likely as I do, you can get back your speed, AND, gain security easily, & from a single easily edited file & a file eats no CPU cycles like a local DNS server can (& are not as security vulnerable either if you protect write access to a HOSTS file also)... Anyhow/anyways - Here goes:

SO - "that all said & aside"? Well, per your reply?? You're solutions cost CPU cycles & are KNOWN to slow down FF/Mozilla variants (as browser addons do), but... Hey - NO PROBLEM, because HOSTS files work alongside those addons too, & offer you more speed online AND more security, via a SINGLE EASILY EDITED + POPULATED FILE (called a HOSTS file):

I use a custom HOSTS file, in addition to the tools others here in this thread have noted (which MANY like FF addons only really function for FireFox/Mozilla products, but don't extend globally to all other webbound applications, & that is part of what HOSTS files give you above the methods you extoll + utilize: "GLOBAL COVERAGE", & of ALL webbound apps, not just FireFox/Mozilla ones via the addons you noted + use yourself...).

HOSTS files can be used to blockout KNOWN "bad" adserves, maliciously coded sites or adbanners, and "botnet C&C servers" too!

You can obtain reliable HOSTS files from reputable lists for more security online, but also for speed!

(More on that later & WHY/HOW (I use reliable lists for that, such as these HOSTS @ Wikipedia.com -> http://en.wikipedia.org/wiki/Hosts_file or those from mvps.org (a good one this one))

I also further populate & keep current my custom HOSTS file with up to date information in regards to all of those threats, via:

----

A.) Spybot "Search & Destroy" updates (populates HOSTS and browser block lists)

B.) Sites like ZDNet's Mr. Dancho Danchev's blog -> http://ddanchev.blogspot.com/

C.) Sites like FireEye -> http://blog.fireeye.com/

D.) SRI -> http://mtc.sri.com/

----

My HOSTS file incorporates ALL of the entries from the HOSTS files shown @ wikipedia as well... gaining me speed online (by blocking adbanners, which have been compromised many times the past few years now by malscripted exploits (examples below)).

(I combined ALL reputable HOSTS files with one of my own (30,000 entries), & I removed duplicates removed via a Borland Delphi app I wrote to do so called "APK HOSTS File Grinder 4.0++". That program also functions to change the default larger & SLOWER 127.0.0.1 blocking 'loopback adapter' IP address to either 0.0.0.0 (for VISTA/Windows Server 2008/Windows 7, smaller & thus faster than 127.0.0.1 default) or the smallest & fastest 0 "blocking 'IP ADDRESS'" (for Windows 2000/XP/Server 2003 which can STILL use it (& it was added in a service pack on Windows 2000, only on 12/09/2008 MS patch tuesday was it removed for VISTA onwards (& n

Adblock is not good & WHY.

Here is a GOOD SOLID WORK-AROUND, CALLED A HOSTS FILE!

(It works for more speed online, AND SECURITY ESPECIALLY... Also, it works for your money, because you pay for your linetime out of pocket most likely as I do, you can get back your speed, AND, gain security easily, & from a single easily edited file & a file eats no CPU cycles like a local DNS server can (& are not as security vulnerable either if you protect write access to a HOSTS file also)... Anyhow/anyways - Here goes:

SO - "that all said & aside"? Well, per your reply??

Hey - NO PROBLEM, 110% agreement here on that account... & more (like more speed online AND more security, via a SINGLE EASILY EDITED + POPULATED FILE, called a HOSTS file):

I use a custom HOSTS file, in addition to the tools others here in this thread have noted (which MANY like FF addons only really function for FireFox/Mozilla products, but don't extend globally to all other webbound applications, & that is part of what HOSTS files give you above the methods you extoll + utilize: "GLOBAL COVERAGE", & of ALL webbound apps, not just FireFox/Mozilla ones via the addons you noted + use yourself...).

HOSTS files can be used to blockout KNOWN "bad" adserves, maliciously coded sites or adbanners, and "botnet C&C servers" too!

You can obtain reliable HOSTS files from reputable lists for more security online, but also for speed!

(More on that later & WHY/HOW (I use reliable lists for that, such as these HOSTS @ Wikipedia.com -> http://en.wikipedia.org/wiki/Hosts_file or those from mvps.org (a good one this one))

I also further populate & keep current my custom HOSTS file with up to date information in regards to all of those threats, via:

----

A.) Spybot "Search & Destroy" updates (populates HOSTS and browser block lists)

B.) Sites like ZDNet's Mr. Dancho Danchev's blog -> http://ddanchev.blogspot.com/

C.) Sites like FireEye -> http://blog.fireeye.com/

D.) SRI -> http://mtc.sri.com/

----

My HOSTS file incorporates ALL of the entries from the HOSTS files shown @ wikipedia as well... gaining me speed online (by blocking adbanners, which have been compromised many times the past few years now by malscripted exploits (examples below)).

(I combined ALL reputable HOSTS files with one of my own (30,000 entries), & I removed duplicates removed via a Borland Delphi app I wrote to do so called "APK HOSTS File Grinder 4.0++". That program also functions to change the default larger & SLOWER 127.0.0.1 blocking 'loopback adapter' IP address to either 0.0.0.0 (for VISTA/Windows Server 2008/Windows 7, smaller & thus faster than 127.0.0.1 default) or the smallest & fastest 0 "blocking 'IP ADDRESS'" (for Windows 2000/XP/Server 2003 which can STILL use it (& it was added in a service pack on Windows 2000, only on 12/09/2008 MS patch tuesday was it removed for VISTA onwards (& now all these "phunny little bugs" are showing up as FLAWS in this new NDIS6 approach via WFP as well in the firewall, which ROOTKIT.COM has stated (with code too no less on how it is done) -> http://www.rootkit.com/newsread.php?newsid=952 [rootkit.com] that it is EASIER TO UNHOOK (than was the design used in Windows 2000/XP/Server 2003))

Another EXCELLENT benefit of HOSTS file usage? More speed online, & also more security + reliability (especially in the case of DNS servers today, per folks like Dan Kaminsky &/or Moxie Marlinspike finding various security vulnerabilities in them the past couple years now)...

SO, to "CIRCUMVENT" THAT WHICH YOU NOTE & to get more speed online (besides/above potentially hijacked adbanners etc. e

Here is a GOOD SOLID WORK-AROUND, CALLED A HOSTS FILE!

(It works for more speed online, AND SECURITY ESPECIALLY... Also, it works for your money, because you pay for your linetime out of pocket most likely as I do, you can get back your speed, AND, gain security easily, & from a single easily edited file & a file eats no CPU cycles like a local DNS server can (& are not as security vulnerable either if you protect write access to a HOSTS file also)... Anyhow/anyways - Here goes:

SO - "that all said & aside"? Well, per your reply??

Hey - NO PROBLEM, 110% agreement here on that account... & more (like more speed online AND more security, via a SINGLE EASILY EDITED + POPULATED FILE, called a HOSTS file):

I use a custom HOSTS file, in addition to the tools others here in this thread have noted (which MANY like FF addons only really function for FireFox/Mozilla products, but don't extend globally to all other webbound applications, & that is part of what HOSTS files give you above the methods you extoll + utilize: "GLOBAL COVERAGE", & of ALL webbound apps, not just FireFox/Mozilla ones via the addons you noted + use yourself...).

HOSTS files can be used to blockout KNOWN "bad" adserves, maliciously coded sites or adbanners, and "botnet C&C servers" too!

You can obtain reliable HOSTS files from reputable lists for more security online, but also for speed!

(More on that later & WHY/HOW (I use reliable lists for that, such as these HOSTS @ Wikipedia.com -> http://en.wikipedia.org/wiki/Hosts_file or those from mvps.org (a good one this one))

I also further populate & keep current my custom HOSTS file with up to date information in regards to all of those threats, via:

----

A.) Spybot "Search & Destroy" updates (populates HOSTS and browser block lists)

B.) Sites like ZDNet's Mr. Dancho Danchev's blog -> http://ddanchev.blogspot.com/

C.) Sites like FireEye -> http://blog.fireeye.com/

D.) SRI -> http://mtc.sri.com/

----

My HOSTS file incorporates ALL of the entries from the HOSTS files shown @ wikipedia as well... gaining me speed online (by blocking adbanners, which have been compromised many times the past few years now by malscripted exploits (examples below)).

(I combined ALL reputable HOSTS files with one of my own (30,000 entries), & I removed duplicates removed via a Borland Delphi app I wrote to do so called "APK HOSTS File Grinder 4.0++". That program also functions to change the default larger & SLOWER 127.0.0.1 blocking 'loopback adapter' IP address to either 0.0.0.0 (for VISTA/Windows Server 2008/Windows 7, smaller & thus faster than 127.0.0.1 default) or the smallest & fastest 0 "blocking 'IP ADDRESS'" (for Windows 2000/XP/Server 2003 which can STILL use it (& it was added in a service pack on Windows 2000, only on 12/09/2008 MS patch tuesday was it removed for VISTA onwards (& now all these "phunny little bugs" are showing up as FLAWS in this new NDIS6 approach via WFP as well in the firewall, which ROOTKIT.COM has stated (with code too no less on how it is done) -> http://www.rootkit.com/newsread.php?newsid=952 [rootkit.com] that it is EASIER TO UNHOOK (than was the design used in Windows 2000/XP/Server 2003))

Another EXCELLENT benefit of HOSTS file usage? More speed online, & also more security + reliability (especially in the case of DNS servers today, per folks like Dan Kaminsky &/or Moxie Marlinspike finding various security vulnerabilities in them the past couple years now)...

SO, to "CIRCUMVENT" THAT WHICH YOU NOTE & to get more speed online (besides/above potentially hijacked adbanners etc. et al)?

WELL - I use another "

"This is the main reason I use Adblock Plus. If the advertisements weren't so annoying then I wouldn't mind them, there are a few text ads I don't block because they aren't intrusive at all. But when I see flash based ads that yes could have been done with HTML or JavaScript then I block those immediately." - by anglico (1232406) on Monday November 30, @12:31PM (#30271614)

Per my subject line above? How about a GLOBAL solution, instead, & one that extends to ALL of your "webbound apps", instead, AND acts as "layered security" in combination with the FF/Mozilla only methods you use (which slow your browser down, use CPU cycles & more... where this solution does not & covers ALL webbound apps, globally)??

Ok, well then - Here we go, & on that note, specifically:

Here is a GOOD SOLID WORK-AROUND, CALLED A HOSTS FILE!

(It works for more speed online, AND SECURITY ESPECIALLY... Also, it works for your money, because you pay for your linetime out of pocket most likely as I do, you can get back your speed, AND, gain security easily, & from a single easily edited file & a file eats no CPU cycles like a local DNS server can (& are not as security vulnerable either if you protect write access to a HOSTS file also)... Anyhow/anyways - Here goes:

SO - "that all said & aside"? Well, per your reply??

Hey - NO PROBLEM, 110% agreement here on that account... & more (like more speed online AND more security, via a SINGLE EASILY EDITED + POPULATED FILE, called a HOSTS file):

I use a custom HOSTS file, in addition to the tools others here in this thread have noted (which MANY like FF addons only really function for FireFox/Mozilla products, but don't extend globally to all other webbound applications, & that is part of what HOSTS files give you above the methods you extoll + utilize: "GLOBAL COVERAGE", & of ALL webbound apps, not just FireFox/Mozilla ones via the addons you noted + use yourself...).

HOSTS files can be used to blockout KNOWN "bad" adserves, maliciously coded sites or adbanners, and "botnet C&C servers" too!

You can obtain reliable HOSTS files from reputable lists for more security online, but also for speed!

(More on that later & WHY/HOW (I use reliable lists for that, such as these HOSTS @ Wikipedia.com -> http://en.wikipedia.org/wiki/Hosts_file or those from mvps.org (a good one this one))

I also further populate & keep current my custom HOSTS file with up to date information in regards to all of those threats, via:

----

A.) Spybot "Search & Destroy" updates (populates HOSTS and browser block lists)

B.) Sites like ZDNet's Mr. Dancho Danchev's blog -> http://ddanchev.blogspot.com/

C.) Sites like FireEye -> http://blog.fireeye.com/

D.) SRI -> http://mtc.sri.com/

----

My HOSTS file incorporates ALL of the entries from the HOSTS files shown @ wikipedia as well... gaining me speed online (by blocking adbanners, which have been compromised many times the past few years now by malscripted exploits (examples below)).

(I combined ALL reputable HOSTS files with one of my own (30,000 entries), & I removed duplicates removed via a Borland Delphi app I wrote to do so called "APK HOSTS File Grinder 4.0++". That program also functions to change the default larger & SLOWER 127.0.0.1 blocking 'loopback adapter' IP address to either 0.0.0.0 (for VISTA/Windows Server 2008/Windows 7, smaller & thus faster than 127.0.0.1 default) or the smallest & fastest 0 "blocking 'IP ADDRESS'" (for Windows 2000/XP/Server 2003 which can STILL use it (& it was added in a service pack on Windows 2000, only on 12/09/2008 MS patch tuesday was it removed for VISTA onwards (& now all these "phunny little bugs" a

"Top 3 addins for privacy: Better Privacy, AdBlock Plus, and NoScript, hands down imo." - by MollyB (162595) on Monday November 30, @01:37PM (#30272526)

Per my subject line above? How about a GLOBAL solution, instead, & one that extends to ALL of your "webbound apps", instead, AND acts as "layered security" in combination with the FF/Mozilla only methods you use (which slow your browser down, use CPU cycles & more... where this solution does not & covers ALL webbound apps, globally)??

Ok, well then - Here we go, & on that note, specifically:

Here is a GOOD SOLID & GLOBAL WORK-AROUND, CALLED A HOSTS FILE!

(It works for more speed online, AND SECURITY ESPECIALLY... Also, it works for your money, because you pay for your linetime out of pocket most likely as I do, you can get back your speed, AND, gain security easily, & from a single easily edited file & a file eats no CPU cycles like a local DNS server can (& are not as security vulnerable either if you protect write access to a HOSTS file also)... Anyhow/anyways - Here goes:

SO - "that all said & aside"? Well, per your reply??

Hey - NO PROBLEM, 110% agreement here on that account... & more (like more speed online AND more security, via a SINGLE EASILY EDITED + POPULATED FILE, called a HOSTS file that extends to EVERY WEBBOUND APP YOU HAVE):

I use a custom HOSTS file, in addition to the tools others here in this thread have noted (which MANY like FF addons only really function for FireFox/Mozilla products, but don't extend globally to all other webbound applications, & that is part of what HOSTS files give you above the methods you extoll + utilize: "GLOBAL COVERAGE", & of ALL webbound apps, not just FireFox/Mozilla ones via the addons you noted + use yourself...).

HOSTS files can be used to blockout KNOWN "bad" adserves, maliciously coded sites or adbanners, and "botnet C&C servers" too!

You can obtain reliable HOSTS files from reputable lists for more security online, but also for speed!

(More on that later & WHY/HOW (I use reliable lists for that, such as these HOSTS @ Wikipedia.com -> http://en.wikipedia.org/wiki/Hosts_file or those from mvps.org (a good one this one))

I also further populate & keep current my custom HOSTS file with up to date information in regards to all of those threats, via:

----

A.) Spybot "Search & Destroy" updates (populates HOSTS and browser block lists)

B.) Sites like ZDNet's Mr. Dancho Danchev's blog -> http://ddanchev.blogspot.com/

C.) Sites like FireEye -> http://blog.fireeye.com/

D.) SRI -> http://mtc.sri.com/

----

My HOSTS file incorporates ALL of the entries from the HOSTS files shown @ wikipedia as well... gaining me speed online (by blocking adbanners, which have been compromised many times the past few years now by malscripted exploits (examples below)).

(I combined ALL reputable HOSTS files with one of my own (30,000 entries), & I removed duplicates removed via a Borland Delphi app I wrote to do so called "APK HOSTS File Grinder 4.0++". That program also functions to change the default larger & SLOWER 127.0.0.1 blocking 'loopback adapter' IP address to either 0.0.0.0 (for VISTA/Windows Server 2008/Windows 7, smaller & thus faster than 127.0.0.1 default) or the smallest & fastest 0 "blocking 'IP ADDRESS'" (for Windows 2000/XP/Server 2003 which can STILL use it (& it was added in a service pack on Windows 2000, only on 12/09/2008 MS patch tuesday was it removed for VISTA onwards (& now all these "phunny little bugs" are showing up as FLAWS in this new NDIS6 approach via WFP as well in the firewall, which ROOTKIT.COM has stated (with code too no less on how it is done) ->

"I can't count how many times I've stared for 10+ seconds at a white screen with "connecting to foo.ads.doubleclick.com" is in the status bar at the bottom. I really don't know if its the browser(s), or if the pages in question are designed to load ads first.... either way, its goddamn annoying." - by Killall -9 Bash (622952) on Monday November 30, @12:39PM (#30271714) Homepage

Here is a GOOD SOLID WORK-AROUND, CALLED A HOSTS FILE!

(It works for more speed online, AND SECURITY ESPECIALLY... Also, it works for your money, because you pay for your linetime out of pocket most likely as I do, you can get back your speed, AND, gain security easily, & from a single easily edited file & a file eats no CPU cycles like a local DNS server can (& are not as security vulnerable either if you protect write access to a HOSTS file also)... Anyhow/anyways - Here goes:

SO - "that all said & aside"? Well, per your reply??

Hey - NO PROBLEM, 110% agreement here on that account... & more (like more speed online AND more security, via a SINGLE EASILY EDITED + POPULATED FILE, called a HOSTS file):

I use a custom HOSTS file, in addition to the tools others here in this thread have noted (which MANY like FF addons only really function for FireFox/Mozilla products, but don't extend globally to all other webbound applications, & that is part of what HOSTS files give you above the methods you extoll + utilize: "GLOBAL COVERAGE", & of ALL webbound apps, not just FireFox/Mozilla ones via the addons you noted + use yourself...).

HOSTS files can be used to blockout KNOWN "bad" adserves, maliciously coded sites or adbanners, and "botnet C&C servers" too!

You can obtain reliable HOSTS files from reputable lists for more security online, but also for speed!

(More on that later & WHY/HOW (I use reliable lists for that, such as these HOSTS @ Wikipedia.com -> http://en.wikipedia.org/wiki/Hosts_file or those from mvps.org (a good one this one))

I also further populate & keep current my custom HOSTS file with up to date information in regards to all of those threats, via:

----

A.) Spybot "Search & Destroy" updates (populates HOSTS and browser block lists)

B.) Sites like ZDNet's Mr. Dancho Danchev's blog -> http://ddanchev.blogspot.com/

C.) Sites like FireEye -> http://blog.fireeye.com/

D.) SRI -> http://mtc.sri.com/

----

My HOSTS file incorporates ALL of the entries from the HOSTS files shown @ wikipedia as well... gaining me speed online (by blocking adbanners, which have been compromised many times the past few years now by malscripted exploits (examples below)).

(I combined ALL reputable HOSTS files with one of my own (30,000 entries), & I removed duplicates removed via a Borland Delphi app I wrote to do so called "APK HOSTS File Grinder 4.0++". That program also functions to change the default larger & SLOWER 127.0.0.1 blocking 'loopback adapter' IP address to either 0.0.0.0 (for VISTA/Windows Server 2008/Windows 7, smaller & thus faster than 127.0.0.1 default) or the smallest & fastest 0 "blocking 'IP ADDRESS'" (for Windows 2000/XP/Server 2003 which can STILL use it (& it was added in a service pack on Windows 2000, only on 12/09/2008 MS patch tuesday was it removed for VISTA onwards (& now all these "phunny little bugs" are showing up as FLAWS in this new NDIS6 approach via WFP as well in the firewall, which ROOTKIT.COM has stated (with code too no less on how it is done) -> http://www.rootkit.com/newsread.php?newsid=952 [rootkit.com] that it is EASIER TO UNHOOK (than was the design used in Windows 2000/XP/Server 2003))

Another EXCELLENT benefit of HOSTS file usage? M

"Technology: Are Ad Servers Bogging Down the Web? Yes. Period." - by Monkeedude1212 (1560403) on Monday November 30, @12:32PM (#30271618)

Here is a GOOD SOLID WORK-AROUND, CALLED A HOSTS FILE!

(It works for more speed online, AND SECURITY ESPECIALLY... Also, it works for your money, because you pay for your linetime out of pocket most likely as I do, you can get back your speed, AND, gain security easily, & from a single easily edited file & a file eats no CPU cycles like a local DNS server can (& are not as security vulnerable either if you protect write access to a HOSTS file also)... Anyhow/anyways - Here goes:

SO - "that all said & aside"? Well, per your reply??

Hey - NO PROBLEM, 110% agreement here on that account... & more (like more speed online AND more security, via a SINGLE EASILY EDITED + POPULATED FILE, called a HOSTS file):

I use a custom HOSTS file, in addition to the tools others here in this thread have noted (which MANY like FF addons only really function for FireFox/Mozilla products, but don't extend globally to all other webbound applications, & that is part of what HOSTS files give you above the methods you extoll + utilize: "GLOBAL COVERAGE", & of ALL webbound apps, not just FireFox/Mozilla ones via the addons you noted + use yourself...).

HOSTS files can be used to blockout KNOWN "bad" adserves, maliciously coded sites or adbanners, and "botnet C&C servers" too!

You can obtain reliable HOSTS files from reputable lists for more security online, but also for speed!

(More on that later & WHY/HOW (I use reliable lists for that, such as these HOSTS @ Wikipedia.com -> http://en.wikipedia.org/wiki/Hosts_file or those from mvps.org (a good one this one))

I also further populate & keep current my custom HOSTS file with up to date information in regards to all of those threats, via:

----

A.) Spybot "Search & Destroy" updates (populates HOSTS and browser block lists)

B.) Sites like ZDNet's Mr. Dancho Danchev's blog -> http://ddanchev.blogspot.com/

C.) Sites like FireEye -> http://blog.fireeye.com/

D.) SRI -> http://mtc.sri.com/

----

My HOSTS file incorporates ALL of the entries from the HOSTS files shown @ wikipedia as well... gaining me speed online (by blocking adbanners, which have been compromised many times the past few years now by malscripted exploits (examples below)).

(I combined ALL reputable HOSTS files with one of my own (30,000 entries), & I removed duplicates removed via a Borland Delphi app I wrote to do so called "APK HOSTS File Grinder 4.0++". That program also functions to change the default larger & SLOWER 127.0.0.1 blocking 'loopback adapter' IP address to either 0.0.0.0 (for VISTA/Windows Server 2008/Windows 7, smaller & thus faster than 127.0.0.1 default) or the smallest & fastest 0 "blocking 'IP ADDRESS'" (for Windows 2000/XP/Server 2003 which can STILL use it (& it was added in a service pack on Windows 2000, only on 12/09/2008 MS patch tuesday was it removed for VISTA onwards (& now all these "phunny little bugs" are showing up as FLAWS in this new NDIS6 approach via WFP as well in the firewall, which ROOTKIT.COM has stated (with code too no less on how it is done) -> http://www.rootkit.com/newsread.php?newsid=952 [rootkit.com] that it is EASIER TO UNHOOK (than was the design used in Windows 2000/XP/Server 2003))

Another EXCELLENT benefit of HOSTS file usage? More speed online, & also more security + reliability (especially in the case of DNS servers today, per folks like Dan Kaminsky &/or Moxie Marlinspike finding various security vulnerabilities in them the past couple years now)...

"Quite often you will be loading a website, and be staring at a blank screen with "making connection to ads.blablabla" at the bottom.... The page itself has loaded, but won't display until the browser has managed to retrieve the ads. Also you will see ad servers in completely different locations to the site you're viewing, and therefore much slower. Also, some ads are especially large, especially animated flash ones, and can add a noticeable delay to a page load even if the ad server isn't slow or lagged. My pet hate btw, are ads which have sound... I find that EXTREMELY annoying and quickly block access to any ad provider which serves such things. - by Bert64 (520050) on Monday November 30, @12:31PM (#30271612) Homepage

Per my subject-line, Hello Bert64 (again), & here is a GOOD SOLID WORK-AROUND (especially considering you pay for your linetime out of pocket most likely as I do, you can get back your speed, AND, gain security easily, & from a single easily edited file (which I am sure you know about, but, others may not, so... here goes):

NO PROBLEM, 110% agreement here on that account... & more (like more speed online AND more security, via a SINGLE EASILY EDITED + POPULATED FILE, called a HOSTS file):

I use a custom HOSTS file, in addition to the tools you noted (which only really function for FireFox/Mozilla products, but don't extend globally to all other webbound applications, & that is part of what HOSTS files give you above the methods you extoll + utilize: "GLOBAL COVERAGE", & of ALL webbound apps, not just FireFox/Mozilla ones via the addons you noted + use yourself...).

HOSTS files can be used to blockout KNOWN "bad" adserves, maliciously coded sites or adbanners, and "botnet C&C servers" too!

You can obtain reliable HOSTS files from reputable lists for more security online, but also for speed!

(More on that later & WHY/HOW (I use reliable lists for that, such as these HOSTS @ Wikipedia.com -> http://en.wikipedia.org/wiki/Hosts_file or those from mvps.org (a good one this one))

I also further populate & keep current my custom HOSTS file with up to date information in regards to all of those threats, via:

----

A.) Spybot "Search & Destroy" updates (populates HOSTS and browser block lists)

B.) Sites like ZDNet's Mr. Dancho Danchev's blog -> http://ddanchev.blogspot.com/

C.) Sites like FireEye -> http://blog.fireeye.com/

D.) SRI -> http://mtc.sri.com/

----

My HOSTS file incorporates ALL of the entries from the HOSTS files shown @ wikipedia as well... gaining me speed online (by blocking adbanners, which have been compromised many times the past few years now by malscripted exploits (examples below)).

(I combined ALL reputable HOSTS files with one of my own (30,000 entries), & I removed duplicates removed via a Borland Delphi app I wrote to do so called "APK HOSTS File Grinder 4.0++". That program also functions to change the default larger & SLOWER 127.0.0.1 blocking 'loopback adapter' IP address to either 0.0.0.0 (for VISTA/Windows Server 2008/Windows 7, smaller & thus faster than 127.0.0.1 default) or the smallest & fastest 0 "blocking 'IP ADDRESS'" (for Windows 2000/XP/Server 2003 which can STILL use it (& it was added in a service pack on Windows 2000, only on 12/09/2008 MS patch tuesday was it removed for VISTA onwards (& now all these "phunny little bugs" are showing up as FLAWS in this new NDIS6 approach via WFP as well in the firewall, which ROOTKIT.COM has stated (with code too no less on how it is done) -> http://www.rootkit.com/newsread.php?newsid=952 [rootkit.com] that it is EASIER TO UNHOOK (than was the design used in Windows 2000/XP/Server 2003))

"Give the UI back to the user and leave the flashing marquee tags in Las Vegas" - by eldavojohn (898314) * on Monday November 30, @12:27PM (#30271582) Homepage

NO PROBLEM, 110% agreement here on that account... & more (like more speed online AND more security, via a SINGLE EASILY EDITED + POPULATED FILE, called a HOSTS file):

I use a custom HOSTS file, in addition to the tools you noted (which only really function for FireFox/Mozilla products, but don't extend globally to all other webbound applications, & that is part of what HOSTS files give you above the methods you extoll + utilize: "GLOBAL COVERAGE", & of ALL webbound apps, not just FireFox/Mozilla ones via the addons you noted + use yourself...).

HOSTS files can be used to blockout KNOWN "bad" adserves, maliciously coded sites or adbanners, and "botnet C&C servers" too!

You can obtain reliable HOSTS files from reputable lists for more security online, but also for speed!

(More on that later & WHY/HOW (I use reliable lists for that, such as these HOSTS @ Wikipedia.com -> http://en.wikipedia.org/wiki/Hosts_file or those from mvps.org (a good one this one))

I also further populate & keep current my custom HOSTS file with up to date information in regards to all of those threats, via:

----

A.) Spybot "Search & Destroy" updates (populates HOSTS and browser block lists)

B.) Sites like ZDNet's Mr. Dancho Danchev's blog -> http://ddanchev.blogspot.com/

C.) Sites like FireEye -> http://blog.fireeye.com/

D.) SRI -> http://mtc.sri.com/

----

My HOSTS file incorporates ALL of the entries from the HOSTS files shown @ wikipedia as well... gaining me speed online (by blocking adbanners, which have been compromised many times the past few years now by malscripted exploits (examples below)).

(I combined ALL reputable HOSTS files with one of my own (30,000 entries), & I removed duplicates removed via a Borland Delphi app I wrote to do so called "APK HOSTS File Grinder 4.0++". That program also functions to change the default larger & SLOWER 127.0.0.1 blocking 'loopback adapter' IP address to either 0.0.0.0 (for VISTA/Windows Server 2008/Windows 7, smaller & thus faster than 127.0.0.1 default) or the smallest & fastest 0 "blocking 'IP ADDRESS'" (for Windows 2000/XP/Server 2003 which can STILL use it (& it was added in a service pack on Windows 2000, only on 12/09/2008 MS patch tuesday was it removed for VISTA onwards (& now all these "phunny little bugs" are showing up as FLAWS in this new NDIS6 approach via WFP as well in the firewall, which ROOTKIT.COM has stated (with code too no less on how it is done) -> http://www.rootkit.com/newsread.php?newsid=952 [rootkit.com] that it is EASIER TO UNHOOK (than was the design used in Windows 2000/XP/Server 2003))

Another EXCELLENT benefit of HOSTS file usage? More speed online, & also more security + reliability (especially in the case of DNS servers today, per folks like Dan Kaminsky &/or Moxie Marlinspike finding various security vulnerabilities in them the past couple years now)...

SO, to "CIRCUMVENT" THAT WHICH YOU NOTE & to get more speed online (besides/above potentially hijacked adbanners etc. et al)?

WELL - I use another "technique" called "hardcoding" an IP address to domainname/hostname in my HOSTS files, for my FAVORITE websites:

This allows me to FIRST bypass any remote/external DNS lookups, which also would in theory @ least, make me "proofed" vs. DNS request logs by my ISP/BSP also.

(Especially since I use external DNS servers too, OpenDNS ones to be specific, that go beyond my hardcoded favs in my HOSTS file because I can't ping &

"One of the things that pisses me off to no end, are third party ads that are spewing crap/malware to driveby web browsing. I don't personally get infecgted by them, because I run all the latest anti-malware defenses (adblock, noscript, firefox etc). But I'm in IT, and I see way too many machines compromized by the lastest "Antivirus 2010" styple crap/malware all the time. Websites that house such malware should be blacklisted. Screw them if they can't make a living without using dubious adverts - by Archangel Michael (180766) on Monday November 30, @12:33PM (#30271632)

Archangel Michael, meet "the LORD OF HOSTS" (just in keeping with your nick/handle here, AND the fact that much of what you note is covered by another tool you omitted mentioning that is easily edited, everyone has one (if their OS IP stack is BSD based, most all are iirc), & eats no CPU cycles like a local DNS server can (& are not as security vulnerable either if you protect write access to a HOSTS file also):

I use a custom HOSTS file, in addition to the tools you noted (which only really function for FireFox/Mozilla products, but don't extend globally to all other webbound applications, & that is part of what HOSTS files give you above the methods you extoll + utilize: "GLOBAL COVERAGE", & of ALL webbound apps, not just FireFox/Mozilla ones via the addons you noted + use yourself...).

HOSTS files can be used to blockout KNOWN "bad" adserves, maliciously coded sites or adbanners, and "botnet C&C servers" too!

You can obtain reliable HOSTS files from reputable lists for more security online, but also for speed!

(More on that later & WHY/HOW (I use reliable lists for that, such as these HOSTS @ Wikipedia.com -> http://en.wikipedia.org/wiki/Hosts_file or those from mvps.org (a good one this one))

I also further populate & keep current my custom HOSTS file with up to date information in regards to all of those threats, via:

----

A.) Spybot "Search & Destroy" updates (populates HOSTS and browser block lists)

B.) Sites like ZDNet's Mr. Dancho Danchev's blog -> http://ddanchev.blogspot.com/

C.) Sites like FireEye -> http://blog.fireeye.com/

D.) SRI -> http://mtc.sri.com/

----

My HOSTS file incorporates ALL of the entries from the HOSTS files shown @ wikipedia as well... gaining me speed online (by blocking adbanners, which have been compromised many times the past few years now by malscripted exploits (examples below)).

(I combined ALL reputable HOSTS files with one of my own (30,000 entries), & I removed duplicates removed via a Borland Delphi app I wrote to do so called "APK HOSTS File Grinder 4.0++". That program also functions to change the default larger & SLOWER 127.0.0.1 blocking 'loopback adapter' IP address to either 0.0.0.0 (for VISTA/Windows Server 2008/Windows 7, smaller & thus faster than 127.0.0.1 default) or the smallest & fastest 0 "blocking 'IP ADDRESS'" (for Windows 2000/XP/Server 2003 which can STILL use it (& it was added in a service pack on Windows 2000, only on 12/09/2008 MS patch tuesday was it removed for VISTA onwards (& now all these "phunny little bugs" are showing up as FLAWS in this new NDIS6 approach via WFP as well in the firewall, which ROOTKIT.COM has stated (with code too no less on how it is done) -> http://www.rootkit.com/newsread.php?newsid=952 [rootkit.com] that it is EASIER TO UNHOOK (than was the design used in Windows 2000/XP/Server 2003))

Another EXCELLENT benefit of HOSTS file usage? More speed online, & also more security + reliability (especially in the case of DNS servers today, per folks like Dan Kaminsky &/or Moxie Marlinspike finding various security vuln

"require"?

Medical - http://www.sri.com/esd/med_devel/robotic-systems.html. Since 2000 the FDA has cleared a system for telepresence surgery "for thoracoscopic (chest) surgery, for cardiac procedures performed with adjunctive incisions, and urologic and gynecologic procedures."

Education - this being slashdot, let's skip over U.C. and the many, similar others who offer long-distance learning options at the undergraduate level and go hard-core. http://sdm.mit.edu/distance.html. The SDM distance-learning option is a 24-month program—MIT’s first graduate-degree program offered primarily at a distance.

See subject line above & this guide (specifically Post #20) in regards to ComboFix (& SmitFraudFix + ProcessExplorer)

----

HOW TO SECURE Windows 2000/XP/Server 2003 & even VISTA, plus make it "fun-to-do", via CIS Tool Guidance (&, beyond):

http://www.tcmagazine.com/forums/index.php?showtopic=2662

----

Between those 3 programs?

Well - There really isn't much (heck, anything "malware" really) that you CANNOT "get rid of" (other than memory resident rootkits, because you can "blow out" bootsector originated types & that post #20 goes into that as well)...

APK

P.S.=> Another STRONG measure of defense in that guide is the HOSTS file: Using it, you can "suck in" these infectors/infestors, & not have to worry about them "getting orders from the mothership", because IF/WHEN you use an UP TO DATE HOSTS FILE? You block off their ability to even 'talk back' to mama...

How so??

WELL - IF/WHEN you add in the domainnames/hostnames of the "command & control" servers that botnets use? Then, the workstation with said newly amended HOSTS file CANNOT EVEN REACH THEM FOR NEW "ORDERS", period.

Same thing would work on servers also, no questions asked.

(There are plenty of GOOD reliable & reputable sources for that kind of information, as to getting a good currently updated HOSTS file, & my personal favs are SpyBot "Search & Destroy" via its "immunize" feature, ZDNet's Mr. Dancho Danchev's blogspot here -> http://ddanchev.blogspot.com/ & also SRI, here -> http://mtc.sri.com/ as well as other reputable & kept-up-to-date HOSTS files listed here @ wikipedia -> http://en.wikipedia.org/wiki/Hosts_file )

This technique, works... & on a VERY simple principle:

"IF YOU CAN'T GO INTO THE KITCHEN, YOU CAN'T GET BURNED..."

This can also be done via DENY commands in a routers' routing tables also, as an alternate to HOSTS file usage, but personally, I'd recommend doing it in BOTH places, for added "layered security" (if not also adding these to various browsers' "block lists", such as IE's "restricted zones" &/or Opera's urlfilter.ini-filter.ini files as well as FireFox's too)... apk

"For me, the solution is to just whitelist the sites I visit frequently, only allowing scripts/cookies when I know they can be trusted." - by Anonymous Coward on Monday September 28, @10:21AM (#29565353)

See subject-line, because you have hit it right on the head perfectly as far as I am concerned personally. Opera makes this the easiest to do, imo @ least, via first GLOBALLY disabling javascript on all sites (via the tools menu, preferences option, advanced tab, content item OR via tools quick preferences).

Then, I 'whitelist' (allow) a site to use javascript, when I cannot use said site without javascript (done via right-clicking on the page itself, & using the popup menu & the item entitled "Edit Site Preferences"... thus, allowing it to use javascript (& only it or others I do this for).

This cuts WAY down on the possibles of WHERE I may have gotten infested (I never really do though, because I use a HOSTS file that is kept up to date weekly if not daily, from reputable sources such as -> SpyBot "Search & Destroy" via its "immunize" feature, ZDNet's Mr. Dancho Danchev's blogspot here -> http://ddanchev.blogspot.com/ & also SRI, here -> http://mtc.sri.com/ as well as other reputable & kept-up-to-date HOSTS files listed here @ wikipedia -> http://en.wikipedia.org/wiki/Hosts_file

APK

P.S.=> It works, & I haven't been infected/infested in more than a DECADE++ because of this practice... apk

"This is the reason traditional antivirus scanning will not work. If the specific malware is only inside your company or a few hundred PC's, there isn't signatures for them either. You have to educate your company's workers and restrict access in OS instead of blindly trusting your antivirus providers. Now the same approach doesn't work in homes or educating those random users, but it should work inside your company. - by sopssa (1498795) * on Friday September 25, @09:51AM (#29538977)

See my subject-line, & IF/WHEN you add in the domainnames/hostnames of the "command & control" servers that botnets use? Then, the workstation with said newly amended HOSTS file CANNOT EVEN REACH THEM FOR NEW "ORDERS", period.

Same thing would work on servers also, no questions asked.

(There are plenty of GOOD reliable & reputable sources for that kind of information, & my personal favs are SpyBot "Search & Destroy" via its "immunize" feature, ZDNet's Mr. Dancho Danchev's blogspot here -> http://ddanchev.blogspot.com/ & also SRI, here -> http://mtc.sri.com/ as well as other reputable & kept-up-to-date HOSTS files listed here @ wikipedia -> http://en.wikipedia.org/wiki/Hosts_file )

This technique, works... & on a VERY simple principle:

"IF YOU CAN'T GO INTO THE KITCHEN, YOU CAN'T GET BURNED..."

APK

P.S.=> This can also be done via DENY commands in a routers' routing tables also, as an alternate to HOSTS file usage, but personally, I'd recommend doing it in BOTH places, for added "layered security" (if not also adding these to various browsers' "block lists", such as IE's "restricted zones" &/or Opera's urlfilter.ini-filter.ini files as well as FireFox's too)... apk

This is wrong. The GOES satellites are geo-synchronous, meaning they remain at continuous location with respect to the Earth. This also means that they are not in polar orbits. These satellites are similar to the LANL satellites but occupy the western hemisphere. You may be thinking of the DMSP satellites.

GOES is useful at measuring the magnetic fields. It does not, however, measure the ionospheric particles such as is done with the SuperDARN coherent scatter radars or the EISCAT or PFISR incoherent scatter radars. The group at the University of Saskatchewan has also received money to build a new radar which is scheduled to be built on the NE corner of Baffin Island in the Canadian Arctic. It will be their 5th radar.

"The Dark Side of the Force is a pathway to MANY abilities, some consider to be... unnatural!" - Darth Sidious/Lord Palpatine, last of the SITH LORDS...

Or, my 'naysayers' really in THEY essentially being "the jedi"... what I propose here is often beyond their limited "I read it in a manual or a forums & that MUST be the 'only way' or 'best way'" type b.s. they try to pass off as "know-how"... lol! They're merely "users with a better password", who merely USE what guys like myself (who have done their job, & FAR MORE, as a coder/software engineer/programmer as well as network engineer/admin/tech too in my time professionally in this art & science) created for them to USE... & that is about it.

They're SEVERELY "limited in scope" as to their abilities, period. At least by comparison to coders... by far.

HOW CAN I SAY THAT? Simple, look @ their suggestions & my replies in rebuttal (I easily shut them down on every point, with proofs or tests they themselves can try even (IF they could code, most of them? Cannot... limited!)

"You must break thru the fog of lies the jedi have created around you. Let me help you to know the subtleties of the force...Anakin, if one is to understand the 'great mystery' one must understand, ALL OF ITS ASPECTS... NOT just the narrow, dogmatic view of the Jedi: IF you wish to become a wise leader, one must embrace... a LARGER view of the force..." - Darth Sidious/Lord Palpatine, last of the SITH LORDS...

(Especially in light of this article, plus Dan Kaminsky's findings regarding problems in DNS servers, as well as Network Solutions going batty this week (iirc, & afaik, due to DNS poisoning in part (don't quote me on that though)) PLUS the fact that a HOSTS file does make you go faster, period, to which I also provide not only my own testimony thereof, but that of noted others + others responses here too?)

Hey - Well... read on:

"Duuude, by the time you setup your host file for all the sites you visit, the Internet age will be gone....Talk about "FAST"." - by flibuste (523578) on Wednesday July 29, @11:37AM (#28867215)

Not true, because MANY reputable sources for HOSTS files that already work well, exist, such as the one @ WIKIPEDIA (steer clear of the ones from FRANCE though):

http://en.wikipedia.org/wiki/Hosts_file

AND, to further populate it for security? You can use sites like these (excellent for it):

ZDNet's Mr. Dancho Danchev's weekly blog -> http://ddanchev.blogspot.com/

SRI -> http://mtc.sri.com/

& others, such as "Spybot 'Search & Destroy'", which also populates your HOSTS file (plus, Opera's filter.ini, FireFox/Mozilla's internal to browser 'block lists' as well as IE's "restricted zones" too...

(Stopbadware.org is good too - they're essentially, GOOGLE or partnered w/ them, afaik...)

APK

P.S.=> "The Dark Side of the Force is a pathway, to many abilities... some consider to be, 'unnatural'" but, it works for MANY abilities, including being faster & safer online (& this thread has plenty of evidence from myself + others to that effect as proof thereof, such as Mr. Oliver Day from SECURITYFOCUS.COM) but, "Is it possible to learn this power?" & answer is "NOT FROM A JEDI" - the 'jedi' being these 'users with a better password only at best/most' in network techs/network admins, with their LIMITED scope & knowledge in this field (as opposed to the TRUE 'sith', in coders/programmers/software engineers, who invent the tools those same "jedi" MERELY USE, but do not create, themselves, period)... apk

'The dry, technical language of Microsoft's October update did not indicate anything particularly untoward. A security flaw in a port that Windows-based PCs use to send and receive network signals, it said, might be used to create a "wormable exploit"'

Don't they mean a BUG in the Operating System and defects in the Memory Management unit lead to the worst virus/worm infestation in years.

'One major implication from the Conficker B and C variants, as well as other now recently emerging malware families, is the sophistication with which they are able to terminate, disable, reconfigure, or blackhole native operating system (OS) and third-party security services'

'The dry, technical language of Microsoft's October update did not indicate anything particularly untoward. A security flaw in a port that Windows-based PCs use to send and receive network signals, it said, might be used to create a "wormable exploit"'

Don't they mean a BUG in the Operating System and defects in the Memory Management unit lead to the worst virus/worm infestation in years.

'One major implication from the Conficker B and C variants, as well as other now recently emerging malware families, is the sophistication with which they are able to terminate, disable, reconfigure, or blackhole native operating system (OS) and third-party security services'

Although we could have sent a blank conguration le to potentially remove the web sites currently targeted by Torpig, we did not do so to avoid unforeseen consequences (e.g., changing the behavior of the malware on critical computer systems, such as a server in a hospital). We also did not send a conguration le with a different HTML injection server IP address for the same reasons. To notify the affected institutions and victims, we stored all the data that was sent to us, in accordance with Principle 2, and worked with ISPs and law enforcement agencies, including the United States Department of Defense (DoD) and FBI Cybercrime units, to assist us with this effort. This cooperation also led to the suspension of the current Torpig domains owned by the cyber criminals.

FTFA, they snaked a domain name they knew the botnet was going to use before the bad guys could, then just collected info sent to them by all the compromised systems.

The submission header and the body are encrypted using the Torpig encryption algorithm (base64 and XOR)

Torpig encryption algorithm: base64 and XOR. In contrast, Conficker uses all kinds of crypto (RC4, RSA, and MD-6).

W

Surely what they are doing is illegal.. DMCA & copyright in general. The conficker source has been posted online: http://mtc.sri.com/Conficker/contrib/#example-code , and I bet they didn't get written permission either.

Lucky the conficker authors aren't more like the RIAA.

(I get the impression that they have the algorithm, rather than doing some sort of playforward attack as is being discussed here)

Yes, the Conflicker Working Group have extensively researched and reverse-engineered most components of the worm, including the routines that generate the domain names that it will scan.

you could tell all people to try and open this web page: http://www.clamav.net/ or ping it. (also many other security sites, see list here http://mtc.sri.com/Conficker/addendumC/index.html#dns-prevention ) If they can't then ConfickerC is probably blocking them. I'm not sure this would work for cached domains, though.

I saw the article today on CBC (Canada's equivalent of the BBC).

This effort may help, but given that the worm has so many other TLDs to choose from, it may not help much. Making the 110 TLDs only 109 (or even 75 if other TLD authorities do the same) will not help that much.

Moreover, there is another mechanism which is not very clear, whereby the infected nodes will contact each other via a See Peer to Peer protocl. So, once the botnet gets going, the need for the domain name (so called "Internet Rendevouz points") may diminish.

Also, the article contains some inaccuracies:

"... expected to launch its attack once the system date on an infected machine is on or after April 1, 2009".

Actually, the worm author(s) are aware that the user may change the clock of the PC to avoid the worm from triggering. So they query several well known sites and check the date/time on the HTTP headers to make this defense point moot. See Internet Date Checking

"... will try to generate and connect to 50,000 web URLs a day ..."

It will query only 500 out of 50,000 generated domain names. See the domain generation algorithm.

I bet there will be a revision D shortly before April 1st, and the author(s) will address many of the potential defenses in revision C.

I saw the article today on CBC (Canada's equivalent of the BBC).

This effort may help, but given that the worm has so many other TLDs to choose from, it may not help much. Making the 110 TLDs only 109 (or even 75 if other TLD authorities do the same) will not help that much.

Moreover, there is another mechanism which is not very clear, whereby the infected nodes will contact each other via a See Peer to Peer protocl. So, once the botnet gets going, the need for the domain name (so called "Internet Rendevouz points") may diminish.

Also, the article contains some inaccuracies:

"... expected to launch its attack once the system date on an infected machine is on or after April 1, 2009".

Actually, the worm author(s) are aware that the user may change the clock of the PC to avoid the worm from triggering. So they query several well known sites and check the date/time on the HTTP headers to make this defense point moot. See Internet Date Checking

"... will try to generate and connect to 50,000 web URLs a day ..."

It will query only 500 out of 50,000 generated domain names. See the domain generation algorithm.

I bet there will be a revision D shortly before April 1st, and the author(s) will address many of the potential defenses in revision C.

I saw the article today on CBC (Canada's equivalent of the BBC).

This effort may help, but given that the worm has so many other TLDs to choose from, it may not help much. Making the 110 TLDs only 109 (or even 75 if other TLD authorities do the same) will not help that much.

Moreover, there is another mechanism which is not very clear, whereby the infected nodes will contact each other via a See Peer to Peer protocl. So, once the botnet gets going, the need for the domain name (so called "Internet Rendevouz points") may diminish.

Also, the article contains some inaccuracies:

"... expected to launch its attack once the system date on an infected machine is on or after April 1, 2009".

Actually, the worm author(s) are aware that the user may change the clock of the PC to avoid the worm from triggering. So they query several well known sites and check the date/time on the HTTP headers to make this defense point moot. See Internet Date Checking

"... will try to generate and connect to 50,000 web URLs a day ..."

It will query only 500 out of 50,000 generated domain names. See the domain generation algorithm.

I bet there will be a revision D shortly before April 1st, and the author(s) will address many of the potential defenses in revision C.

Read this: http://mtc.sri.com/Conficker/addendumC/ and then you will see all you have to do is try to access one of the banned domains.

Looking at http://mtc.sri.com/Conficker/addendumC/, it appears that it gets the time from an HTTP response coming from a few dozen major websites. The responding IP is checked against a blacklist of IPs. Additionally, if the returned IP is a duplicate of one returned from a previous request, that IP is blocked as well. So the network time could be spoofed, but you'd need to set up multiple http servers,each with unique IPs that are aren't on the blacklist.

The worm uses peer-to-peer communication with rendezvous points, not client-server. There are an estimated 10 million infected machines. Which one is the control center? Take your time.

From TFA:

For example, C's latest revision of Conficker's now well-known Internet rendezvous logic may represent a direct retort to the action of the Conficker Cabal, which recently blocked all domain registrations associated with the A and B strains. C now selects its rendezvous points from a pool of over 50,000 randomly generated domain name candidates each day. C further increases Conficker's top-level domain (TLD) spread from five TLDs in Conficker A, to eight TLDs in B, to 110 TLDs that must now be involved in coordination efforts to track and block C's potential DNS queries. With this latest escalation in domain space manipulation, C not only represents a significant challenge to those hoping to track its census, but highlights some weaknesses in the long-term viability of how Internet address and name space governance is conducted.

I have personally analyzed Downadup, so I can speak from experience here.

Downadup.A had the potential to contact a randomly generated domain and download and run a signed executable from it. The problem with the Downadup.A version of the worm is that the domain generation algorithm was decyphered, and it only generated 250 unique domains per day. This made it easy for security researchers to register the domains before the worm authors could, and thus Downadup.A was nullified.

Downadup.C is a worse breed: the domain generation algorithm was bumped from 250 domains per day to 50,000 domains per day. It's now a nearly impossible task for security researchers to register every possible domain Downadup.C will attempt to download code from. As an aside, Downadup.C also actively fights against security-related processes: it has a list of several Anti-Virus and Anti-Malware programs that it automatically kills if the user attempts to run it.

One thing to note about all Downadup variants: you would think that, if the security researchers could force Downadup to run an executable of their choice by registering a domain, couldn't they force Downadup to run remove_downadup.exe? Not so. Downadup cryptographically verifies the signatures of any executable it runs with a 4096-bit key. If the signature doesn't match, it doesn't run the program.

Downadup is easily the most advanced worm I have ever analyzed. Its anti-debugging techniques are impeccable, and the code is completely solid. I would love to meet the authors over a beer to ask how they did it, and then stab them in the face.

If you'd like more information on Downadup from a technical perspective, here's an excellent analysis of the worm: http://mtc.sri.com/Conficker/addendumC/

The implications of these connections are as follows. The systems that performed these connections employed applications that computed a set of Conficker A domain names. However, these systems employed the Conficker B URL string request, which Conficker A victims are incapable of producing. Furthermore, Conficker B victims include a trigger to prevent connections to any Internet rendezvous points prior to 1 January 2009. This temporal trigger, along with the targeting of a Conficker A domain, indicates that these victims cannot be running B. Thus, these connections must either be associated with a hand-generated request with awareness of variant B's URL format, or a variant application that combined both functions with A and B, i.e., a hybrid test application. The Kiev Ukraine geolocation of connection 1 offers further potential interest because Kiev is also associated as a registered location of Baka Software (baka.kiev.ua).

Is it that difficult to get a warrant and a search for these guys? It seems pretty obvious to me they are responsible.

http://mtc.sri.com/Conficker/

Both Conficker A and B clients incorporate a binary validation mechanism to ensure that a downloaded binary has been signed by the Conficker authors.

'Variants of Conficker use a variety of methods to spread, including exploiting the MS08-067 vulnerability in the Microsoft Windows server service patched by Redmond in October'

I am dumbfounded that someone who reads slashdot is stupid enough to have the home version of Norton on their computer. It is a complete POS and offers similar benefits to dragging an anchor behind your car.

And it is not exactly doing a great job of catching viruses either: http://mtc.sri.com/live_data/av_rankings/

Xerox invented the GUI and the mouse.

Nope. That was done at SRI. So was the base research for the gui (scrolling pages, interacting with screens using the mouse etc). All funded with war money iirc.

The researches from there ended up at Xerox PARC. Steve Jobs was introduced to the GUI at PARC, but it hardly started there.

If you are interested in the history of the PC (and its tie-ins to drug use and the counter culture) I reccomend the book 'What the dormouse said: How the Sixties Counterculture Shaped the Personal Computer Industry. Some of it was a bit dry, but overall a good read about the early days of the PC and how we got to where we are today.

Furthermore, why isn't Adblock stopping these things in the first place?

Because they are not ads.
That's the dumb thing about the whole 'protect your pc' scam which IMHO is bigger than most people think.

In the late 90's The big 3 US antiviral companies only scanned for viruses and left the door open for other US companies to provide software firewalls like Zone Alarm.
The European antivirals however went a step further by not distinguishing virus from worms or trojans and started to include spyware in their scan databases.
As time went on, pretty much everyone is offering 2 or 3 tiered scanning systems that incorporate firewalls, phishing, popups, malware, spyware, rogueware, trojans, worms and viruses.
In 2008/9 there are a few more 'threats' like rootkits and the very latest are 'botscans' like http://mtc.sri.com/
Trend Micro have their own too.... http://www.trendsecure.com/portal/en-US/tools/security_tools/rubotted ... It's the flavor of the month!

Now MS is getting its act together and are doing what they should have in the first place, is to block holes and to provide a level of free security scans for their products.

The question that interests me the most is what is pressuring MS to do this?
Are they growing a conscience? Or do they realise that their precious OS is the main cause of most of the internet abuse in the world?

In other news, Symantec/Norton have rewrote their internet suite (due to complaints I bet) and are offering 3 months for free (maybe Australia only?)! http://www.asecondchance.com.au/ I didn't know if I should laugh or feel sympathetic.

The abuse that internet aware MS systems are exposed to is massive and a lot of people from both sides are making lots of money. Money to be made 'protecting the pc' and money to be made by attacking it and money to be made by 'cleaning it'.
I deal with this sort of stuff every day and there is not one single product - professional or free, that can identify, delete and repair all the threats out there.

And yes, while the ball is rolling and money is to be made, then the game goes on.

I was just speaking with Mark Causa, a forums admin of his, this weekend in fact!

(Kevin Hazard's their "SUPER ADMIN" in fact).

(It was in regards to a "IPS Driver Error" I was CONSTANTLY seeing on a posting of mine there, in an attempt to update/edit it, on THEPLANET's forums (in regards to securing Windows))...

WoW! I was trying to point them to security issues too... & they were VERY helpful guys too, trying to help ME out (& going overboard imo in some ways)

I was also today, in fact, prior to seeing this - going to note they were being listed as a site that had problems with hacker/cracker types abusing them as well, per one of these sites:

http://www.castlecops.com/

http://mtc.sri.com/

http://www.spamhaus.org/sbl/latest.lasso

http://www.phishtank.com/

(or, one of the numerous others I look @ daily, like SANS, PacketStorm, etc.)

They were listing theplanet as being abused etc. the past few weeks now in fact, by hacker/cracker/spammer types.

APK

P.S.=> I doubt this is due to "hacker/crackers" though, personally... just bad setup in the server room! apk

Why the hell would they link to PC World, anyway? Popular Mechanics has a video, The Register has a entertaining writeup, and SRI's site has pictures, a diagram and some specs. All PC World has is tons of ads.

"why blacklist them? It sounds reasonable at first, but blacklisting an IP cause it has a botnet is a poor idea of security, because all it takes is a new IP/new machine. If you are that afraid of getting hit by one, just try to keep up to date on your security information(at least patch monthly)." - by VeNoM0619 (1058216) on Thursday May 08, @03:11PM (#23341642) Come on man - that sounds like something a botmaster WOULD say! Keeping up on them's relatively child's play if you have good solid sources like:

http://mtc.sri.com/

&/or

http://ddanchev.blogspot.com/

"Oh, don't BOTHER 'blacklist' those sites in your HOSTS file, bots are my lifeblood" etc. et al... which is what anyone who runs these botnet herds would most likely say + tell others to do most likely!

QUESTION: Do you know that a great program called SpyBot "Search & Destroy" also helps you this way, & the reason? S E C U R I T Y!

(That is EXACTLY what you can do, & spybot even does, for you to get security from using a custom HOSTS file)...

Just by using a custom HOSTS file to secure yourself vs. virus/spywares/trojans & more!

In essence, using a custom HOSTS file gets you this:

"If you can't go into that bad URL poisoned code or adbanner kitchen, you can't get burnt"

(+ IF you do it right, you can go a LOT faster, blocking out adbanners (which have had a load of bad javascript code in them the past few years now no less, Fortune 100's-500's no less as well) & use less CPU cycles running their code in scripted banners & more, & data bandwidth downloading it, & disk I/O & RAM also).

USING A HOSTS FILE FOR SECURITY, Works...

& In addition to that, stopping the indiscriminate use of tools & methods trojans/virus/spyware & the like use/take advantage of in webbrowser & email programs, like javascript/activescripting/IFrames/bad plugins...

By trimming (if not outright stopping) the 'wholesale use' of javascript &/or IFrames on every site under the sun, you stay safer too, becaue face it - not every site's javascript code's to your advantage (certainly not in speed & NOT in security sometimes even per my examples above). Limit it to where you really need it, data access sites like shopping & banking ones are examples thereof.

(Do that, especially vs. bogus javascript etc. like you see in adbanners the past few years now in fact? If you do that, end-user/clientside even on corporate networks to EXTERNAL sources? You stay a LOT cleaner vs. infestations, hands-down (implementable in group policies fairly easy on an NTFS/AD network) Local standalone systems as well benefit too, same way (more speed & more security))

It works, don't say otherwise either, for speed & security, no questions asked. Editing it is simple via notepad.exe too, for instance, & a child could do it.

APK

P.S.=> Sure, occasionally, (on scripting) - You HAVE to/are forced to use scripting for banking &/or shopping sites, so do so, for data access & to get full function, but be S M A R T, & limit those sites to that type only, ones you know & trust...

Also, use better browsers! IE specific sites yes, you have to sometimes use IE on, but using a safe(r) browser, like Opera (safer, AND F A S T E R, w/ 0% known defects per SECUNIA in its shipping non-beta 9.27 model)? Opera's better & faster stuff, especially on low memory rigs (I saw it run like a champ on a Pentium II 400mhz Celeron w/ only 64mb of RAM on it, under XP)

BUT, in addition to HOSTS files usage? Hey - to stay truly safe & clean online, TURN OFF unlimited usage of scriptings/plugins/adbanners & the like and keep a system you can keep running a decade or more, w/out constant rebuilds... especially today, vs. virus & the like... apk

Artificial Muscle Inc. got it from:
http://www.sri.com/esd/automation/actuators.html

The Web 2 model of browser-based scripting and interactivity has made the overall security model exceptionally difficult. It is too hard to develop secure web sites without XSS or XRF vulns, and it is too easy to use human engineering to overcome technical defenses on the end user platform -- "install this update for improved security", etc. I am highly dubious that general consumer devices are adequate for usage for arbitrary financial transactions -- features sell and what you need is assurance.

Payment of bills to known organizations / vendors can be done with reasonable risk from a home system. Monitoring accounts can be done as well. I do not believe that home systems have the necessary assurance for stock trading or similar operations without use of adjunct trusted devices to validate specific transactions as screen displays and keyboard interactions can be modified by malware.

I have a security professional friend who is now making a living as a trader. She uses locked down Windows PC's for her trading and does nothing else from them. She keeps them updated, but uses a different system for her browsing, e-mail, and general web activities. When doing security critical operations, harden the system, minimize the system functionality, and do nothing else but those operations from the system -- rather similar to a domain admin who uses a dedicated machine for their administrative tasks.

This is not what users want to believe. Sorry.

As for me, I do not do general financial operations over the web at all. I do not use ATM / debit cards. I do my selected purchases via credit card from trusted retailers from my notebook, which is running a beta of LongHorn server with me running as a normal user, not as a member of the administrators group. No one else has an account on the notebook and I don't install or run snap-ins or apps without careful consideration. My family uses the desktops, which are relatively untrusted.

Fission uses neutrons which do have a finite life time so I suppose that with a very big plant and some magnets you could extract a current when they decay. The gamma radiation might be converted to a current as well since Compton scattering (by definition) transfers momentum to electrons. I kind of suspect you'll get more of what you want with coal http://www.sri.com/news/releases/11-11-05.html. That said, I feel that renewable energy kind of closes down options for nuclear power generation http://mdsolar.blogspot.com/2007/01/why-renewables -displace-nukes-first.html.
--
Get solar! http://mdsolar.blogspot.com/2007/01/slashdot-users -selling-solar.html

can anyone tell me how is this all different from the AI in 1970s and 80s (SHAKEY etc)

• Learning
• Planning
• KnowledgeBase/Knowledge Representation

Grow up ppl...a simple electro-mechincal piece of hardware layered with cute-teddy-bear-look and all above critical components hard-coded is not anything new..

Neither this article or nor the recent documentary on Nova says anything about any new technical development.

Looks like these are descendants of Shakey the Robot. Funny how Shakey's not mentioned anywhere in those links...

There is development currently underway (called TraumaPod) of a robotic telesurgery platform that will be deployable and can get to soldiers almost immediately after being wounded. These systems would provide trauma-mitigation care during transport to a facility where more advanced care can be given.

For now, telesurgical systems are focused on expanding the surgeon's "reach" to those who don't have access to surgical care (on the very front lines of a battlefield, in space, remote locations, etc).

For more info: http://www.sri.com/news/releases/03-28-05.html

The robot used for this mission was developed by SRI International, a non-profit research firm; one of whose spinoffs is Intuitive Surgical. This two-armed robot was developed initially for open trauma surgery for the military, and was upgraded before the NEEMO 9 mission as a deployable system. Here's a link with some information (note that the pictures are rather old; the surgeon side of the system looks different now):
http://www.sri.com/esd/med_devel/telepresence.html

You can read more about the mission here and see a very cool picture of the robot suturing with fish in the background:
http://www.sri.com/news/releases/04-20-06.html

Not long after suturing was demonstrated at lunar latency; rock samples were picked up with the same manipulators, demonstrating the application flexibility of the robotic arms.
http://spaceflight.nasa.gov/gallery/images/behindt hescenes/training/html/jsc2006e13997.html