Slashdot Mirror
Diagnose Conficker With Web-Based Eye Chart
thomsomc writes "Joe Stewart from the Conficker Working Group has created an eye chart that allows for online identification of Conficker B and C infections. Using basic knowledge of the blacklisting that Conficker employs to avoid attempting to infect IPs that belong to popular Anti-Virus and security firms (including Microsoft), the group whipped up this very simple test to see if you can load content from the various pages. If you can see all of the images, you're more than likely Conficker-free. According to Honeynet, 'This detection method should be more reliable than network scanning based tests. Happy scanning!'" Related: Tech Fragments notes in passing that nothing much seems to have come of conficker's dreaded April 1 deadline.
Am I the only one that read it as Jon Stewart and then spent a few minutes trying to figure out the joke on the page?
There are 10 kinds of people in the world; those that understand binary and those that do not.
a nice, easy, reliable way to detect a conficker infection.
great!
I'm glad the computer I'm using is not affected. I think it's funny how every few years the media picks up and runs with the new malware of the day. Remember that one that flashes the computer's BIOS? The one named after some famous artist?
Dog with head split in half.
Yesterday there was an warning about an Conficker infection on an FreeBSD. Now comes the eye chart with links to Linux and OpenBSD! OMG! This Conficker is worse than I imagined!
My w3m can not display the images!
Come on, it doesn't work in Lynx? I want my money back.
There's no -1 for "I don't get it."
"Using basic knowledge of the blacklisting that Conficker employs to avoid attempting to infect IPs that belong to popular Anti-Virus and security firms (including Microsoft), the group whipped up this very simple test to see if you can load content from the various pages. If you can see all of the images, you're more than likely Conficker-free." - Posted by timothy on Thursday April 02, @01:37PM
Per my subject-line? Interesting technique, & "GOOD JOB" fellas...
(I could see every image)
It sounds as if they're doing the LITERAL REVERSE of what I am into (usage of a custom HOSTS file, & one that contains lists of KNOWN bogus servers, + to the tune of 652,000++ of them, to block them out (or, conversely, "hardcode" IP-to-URL equations for sites I like to speed up access to they, & this is more of what they're about here imo, than blocking them out)).
I built the file to stop many of these bad sites, & not just for this "conficker" worm either, but, for others also!
(My HOSTS file uses data from reputable sources like STOPBADWARE.ORG, Dancho Danchev's ZDNet security column, & a HOSTS file I had built up since 1997-1998 using sources of my own, & those of every reputable HOSTS file there is, like mvps.org's & others @ the wikipedia site for HOSTS files).
It works on a simple principal - "IF YOU CAN'T GO INTO THE KITCHEN, YOU CAN'T GET BURNED"...
(Albeit, their test is more like "IF YOU CAN SEE THE FOOD IN THE KITCHEN, YOU HAVEN'T BEEN BURNED!")
APK
P.S.=> Yes, the same can be done in router tables, as well as Browser internal lists such as Opera's URLFILTER.INI/FILTER.INI, IE's RESTRICTED SITES, & FireFox's internal 'look away' lists also, & I use them all also, for layered security - get by 1 of these defenses? The other methods are in the way still... apk
And the first person to post noticing this fact... somehow was redundant. Your name isn't McFly by any chance?
Oh.......guess I need an eye chart.
Or a sense of humor. Hee-hee-hee, hah-hah-hah! This guy is named Joe Stewart. There is a comedian named Jon Stewart. They're not related in any other way but their names are very similar! Isn't that GREAT?! The epitome of amusement!!
How many posts do we need to point this out? After the first 5 or so, can we get past this and mention something else now? Please? If it was ever cute and clever and funny, it isn't now. The novelty has worn out, and it's debatable whether it existed in the first place.
Because there is so much money to be made by botnets these days, it has moved from a "look what I can do" feat to a real business in its own right (legality aside). It is widely assumed that Conficker is among the first of a new breed of very carefully produced viruses and worms, written by professional developers who are paid quite well for their computer security and anti-anti-virus skills.
This class of developer knows exactly how the anti-virus companies work. It should have been expected by the Conficker designers that their virus would be examined in isolated networks. The designers would therefore be able to take advantage of that (it's easy enough to detect -- no word from the master servers, no ability to further infect, etc), and that's what we saw yesterday. Planned panic for no reason. At this point, most people think Conficker is either no serious threat, or an April Fools' Day prank. These people could be very wrong.
With the pressure off, infected machines are now able to go about their intended business, which could be sending spam, using distributed computing, farming user data, coordinated attacks of one type or another, or merely a conspiracy to protect computers from infections (a virally spreading anti-virus utility that you can't detect, stop, or remove? ingenious!).
The merits of a secret anti-virus product are more down-to-earth than you might think; most high-end zombie masters write their viruses so that they can't be detected by users and so that they are the sole "pwners" of the system -- competition is bad in this field. What you end up with is zombie masters who are suddenly interested in maintaining your computer for you - virus-free (save their virus), clean, efficient. If this zombie master is your federal government, merely reserving the right to use ("draft") your system as a "minute man" for emergencies where your computing power or attacking capabilities are needed, that might be a fair "tax."
Use my userscript to add story images to Slashdot. There's no going back.
Clicked on the link, page unavaliable. A reload did work.
Should be in the summary: If the page doesn't load at all, that doesn't mean you're infected, that means "Poor Internet connection?" If the page loads but some of the images don't, THAT is a positive.
Whew, I haven't had that much relief since I accidentally ate that whole jar of exlax....
120 characters isn't enough to explain it.
Looks like it's slashdotted... or my ubuntu machine has Conficker!
when the page gets slashdotted and doesn't load at all.
Conficker Eye Chart
Conficker Eye Chart
How to interpret:
If you see this above:It probably means this:
= Normal/Not Infected by Conficker (or using proxy)
= Possibly Infected by Conficker (C variant or greater)
= Possibly Infected by Conficker A/B variant
= Image loading turned off in browser?
Any other combination= Poor Internet connection?
Explanation:
Conficker (aka Downadup, Kido) is known to block access to over 100 anti-virus and security websites.
If you are blocked from loading the remote images in the first row of the top table above (AV/security sites) but not blocked from loading the remote images in the second row (websites of alternative operating systems) then your Windows PC may be infected by Conficker (or some other malicious software).
If you can see all six images in both rows of the top table, you are either not infected by Conficker, or you may be using a proxy server, in which case you will not be able to use this test to make an accurate determination, since Conficker will be unable to block you from viewing the AV/security sites.
F-Secure and the F-Secure Logo are trademarks of F-Secure Corporation.
SecureWorks and the SecureWorks Logo are registered trademarks of SecureWorks Inc.
Trend Micro and the T-Ball logo are trademarks or registered trademarks of Trend Micro Inc.
Try the em tag.
Help fight poverty: Punch a poor person.
Not really that useful here in the states, but would this work in China? Are any of these current URLs normally blocked anyways?
"When you see a unixer brainwashed beyond saving, kick him out of the door." - Xah Lee
I tried the VIC-20, 64, 128 and Plus-4
None of them show the pictures....
Someone set us up the spambot.
Spam was way down most of this year, until yesterday. Then it shot back up to where it was last year.
Clearly someone tagged 4/1 as the day to start the spambots back up. Whether this is directly related to the conficker thing I couldn't tell.
I can't see the chart at all! Shit shit shit!
http://pinopsida.com
Hey I saw a report on CBS news about how devastating this worm would be. So I'm sure that this isn't a slashdotted page, but the first in a cascade that will surly bring down the global internet!
It even works on Lynx!
Proof.
...Conficker is patched to allow access to these specific images from these domains?
Pick your "Daily Show"-style punchline for this story:
Support Right To Repair Legislation.
What's wrong with the italics tag?
When our name is on the back of your car, we're behind you all the way!
All they have to do is fake the images on their servers and this test is toast. Give them another 4 hours to create a work around.
The people who made the chart apparently didn't think of server overload.
They should have posted a list of 26 links and told people to click on the link corresponding to the first letter of their name. Or something like that. Or gotten Google to host the page.
Considering how quickly and effectively we managed to slashdot this helpful site, It's pretty obvious that we are the worms.
"Possibly Infected by Conficker (C variant or greater)"
Or you have third party images disabled in FireFox.
...and the Conficker worm is irrelevant.
Dog with head split in half.
I see a Slashdotter. A Slashdotter who doesn't explain the reference he is making. Because the cool people have all the same tastes that you do, so surely anyone with half your sophistication will automatically recognize the reference. There is absolutely nothing presumptious or otherwise wrong with that, and furthermore, there is no sarcasm in this post. None at all.
And if you can see the top row and not the bottom one it means you work at Microsoft.
30 ms is 30 times faster than 0 ms?
wow.
every day http://en.wikipedia.org/wiki/Special:Random
It's got to be irony when, the day after April fools day, the day the virus in question was supposed to "detonate" for lack of a better word, the easiest method of detection is THIS.
Very cool.
I had a sucky sig.
What happens when those six sites see that they are getting leeched, and pull those images? Chaos ensues as man + dog believes themselves to be infected.
When those sites disable image hotlinking, everyone will think they're infected.
Hey, I didn't mean to slashdot the page :-( The Honeypot guys have a similar type of page here, but I'm not sure if it'll get slashdotted as well. Also, it's not nearly as much fun, as it only gives you a yes-or-no answer, with no cute .gifs to indicate your level of doom.
Could use Javascript to check that the images loaded (check image properties), then just display 'No Conficker detected' if it wasn't detected. For people without Javascript, use noscript tags to fall back to the existing page.
While technologically simple (or because of it), this is a truely amazing idea! One of these once-in-a-lifetime ideas, in fact.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
I did try the em tag, but it wasn't working either (at least not in preview). It looks like they fixed both now.
your mom's system is getting infected, and you can't switch her off of windows cause she doesn't know how to recompile kernels with command line options and shit like that.
http://blogs.msdn.com/e7/archive/2009/02/25/feedback-and-engineering-windows-7.aspx?CommentPosted=true#commentmessage
Quote of Mr. Oliver Day of SECURITYFOCUS.COM is there, where he notes he goes faster with a custom HOSTS file... apk
Separation of presentation and content
The em element provides meaning to the text in that you're emphasizing it, while the i element just makes it italic.
It's like using <h1>Blah</h1> for a header instead of <font size="6"><b>Blah</b></font>, which doesn't mean anything. The first will also be interpreted differently from the surrounding text by text browsers and screen readers, while the second may not.
No existe.
That conficker.c blocks anything with conficker in dns request. There's another one here, with a simpler interface: http://iv.cs.uni-bonn.de/fileadmin/user_upload/werner/cfdetector/
Disco.
If I could transfer my mod points to you I would.
Help fight poverty: Punch a poor person.
I didn't mean what's wrong from a philosophical viewpoint. Someone asserted that the italics tags were not working, and I was pointing out that they were.
When our name is on the back of your car, we're behind you all the way!
Try the em tag.
IT MEANS EMPHASIS!!!!1
Round trip time back from a DNS server is what is in question and I also see a 30 millisecond reply back here after pinging slashdot.org also. I don't have whatever toolkit you are using online in Windows 2000, and I think you are only trying to defend your erroneous reasoning by attempting to cut back down to 6 milliseconds from the 30 or more millisecond returns most people will see when resolving the url for slashdot to its ip address (which ping can do), only on your part via somekind of script kiddie madness that I am not aware of via your statement of 'time dig +short slashdot.org' (what exactly is that? Somekind of half-baked scripting language that most people don't have online via some second rate programming toolkit??). Given that I think your statement is complete horse maneur, it's more like he is saving 45 minutes or more a year as far as speed. I also note you won't even try to touch the security benefits of a hosts file though. Funny that.
Here is my improved version of the test... With proxy detection and text result output.
Conficker Tester
"How about a round trip ping to your DNS server. I'll bet its a lot less." - by Nos. (179609) on Friday April 03, @09:40AM (#27443937) Homepage
I just tried pinging 208.67.222.222 (resolver2.opendns.com) & 208.67.220.220 (208-67-200-200.coho.net), same result (which makes sense: They're really just remote computers, like any other you ping, & they're OpenDNS' resolvers for DNS URL-to-IP resolutions) - 30ms roundtrip, once more.
(I.E.-> You'd have lost your bet...)
Regardless of that?
A savings, is a savings & a gain, is a gain... & still, as MEK_LoveBug noted?
You seem to completely avoid the safety/security benefits of a custom HOSTS file (for blocking out known bad servers)... why is that? Because it's undeniable?? Absolutely.
----
"Even if you are the same guy that wrote the script, and it took 3 days (say 20 hours)" - by Nos. (179609) on Friday April 03, @09:40AM (#27443937) Homepage
It isn't "a script"... it's a Borland Delphi Win32 Portable Executable - I'll leave the "script kiddie stuff" to script kiddies on *NIX, ok?
----
"and if it saves 45 minutes a year, it would take about 27 years for you to actually save any time. That's assuming that you never have to move or tweak your setup." - by Nos. (179609) on Friday April 03, @09:40AM (#27443937) Homepage
Whatever it saves me, speed-wise? I will GLADLY take...
(& still, you avoid the security benefits possible in customized HOSTS files... again, why is that??)
----
"Maintaining a hosts file for the purpose of speeding up DNS lookups isn't really going to help you out." - by Nos. (179609) on Friday April 03, @09:40AM (#27443937) Homepage
A custom HOSTS file doesn't "speed up DNS lookups"...
It actually acts as your own "private local DNS resolver", more-or-less...
(& it IS faster, & you even concede that, though you tried lessening its value (w/ a line of b.s. @ this point, because I did ping Open DNS' servers, & had the same 30ms return result)).
APK
P.S.=> There is also the fact that a noted security-pro, in Mr. Oliver Day (SECURITYFOCUS.COM) also notes that speed gains are possible using custom HOSTS files (& his isn't even blocking out adbanners, as mine does, for a lot more speed (as well as security, since they have been known to be infested w/ malware as well), see here:
Resurrecting the Killfile:
Oliver Day, 2009-02-04
http://www.securityfocus.com/columnists/491
PERTINENT QUOTE/EXCERPT:
----
"The host file on my day-to-day laptop is now over 16,000 lines long. Accessing the Internet particularly browsing the Web is actually faster now."
----
So, so much for YOUR "opinion"... apk
"I'm also assuming that a look up in the HOSTS file takes 0ms (which isn't actually true, but we'll stick with it)" - by Nos. (179609) on Friday April 03, @09:48AM (#27444085) Homepage
Funny: PING says it is... & it seems you read the analysis myself & Harm Sorensen did over @ MSDN (very good), & he made the same arguments, but found that (he & I both suspect this) the local diskcache is what is making up for caching the HOSTS file's content into memory (which makes sense, it IS, just a file like any other).
Still yes, I agree - There is disk access time involved, as well as the File I/O Open-Read/Write-Close cycle, but on today's disks (especially here, because I relocate mine to a TRUE SSD, a CENATEK RocketDrive, via this parameter -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters & the DataBasePath string value) make up for that (especially say, WD Raptors OR "PRT" utilizing disks which are GREAT on readspeeds)
Additionally? By my use of a smaller blocking IP address (smallest of 0)?? My reads of my custom HOSTS file is faster, since the filemass is smaller... doing "less with more", is typically thought of, as good engineering.
However, the bottom-line is this:
YOU GO FASTER... & YOU even concede that, though you tried "lessening it"
ALSO?
Resurrecting the Killfile:
Oliver Day, 2009-02-04
http://www.securityfocus.com/columnists/491 [securityfocus.com]
PERTINENT QUOTE/EXCERPT:
----
"The host file on my day-to-day laptop is now over 16,000 lines long. Accessing the Internet particularly browsing the Web is actually faster now."
----
ALSO - Per your suggestion to MEK_LoveBug, as a test?
Well - I pinged OpenDNS... 208.67.222.222 (resolver2.opendns.com) & 208.67.220.220 (208-67-200-200.coho.net), both as URL's & also as IP addys same result (which makes sense: They're really just remote computers, like any other you ping, & they're OpenDNS' resolvers for DNS URL-to-IP resolutions) - 30ms roundtrip, once more.
Again though, on speed gains (even by NOT blocking banners which helps a TON in addition to blocking javascript usage on "every site under the sun" bad move today security-wise)?
The speed gain "ancillary benefit" is the LESSER of the benefits of a custom HOSTS file, security is the greater gain, by far... funny how you avoid THAT aspect of it though (not really, it is, undeniable).
----
"If you really understand how DNS (and web surfing) works, you'll see that you're not saving any time, and you're giving up features that DNS provides." - by Nos. (179609) on Friday April 03, @09:48AM (#27444085) Homepage
You mean ones like being "DNS Poisoned"?
You mean like the recent bugs that existed for a decade++ in MS' own DNS server??
You mean like the bugs found VERY recently also, in djbdns???
(Now, don't go & try to tell us "that those never happen or don't exist", ok??)
APK
P.S.=>
"Its not a bad idea for blacklisting sites" - by Nos. (179609) on Friday April 03, @09:48AM (#27444085) Homepage
Aha - SO, you FINALLY admit that there ARE security benefits... good!
----
"but don't fool yourself, you're not saving any time." - by Nos. (179609) on Friday April 03, @09:48AM (#27444085) Homepage
Wait a second: NOW, you're "flipping the script" (reversing your statements now, suddenly, because it suits YOUR arguments)...
AFTER ALL - Earlier in this exchange, Didn't you admit to a lesser gain than PING shows you? A gain, is a gain... no matter HOW you try to lessen it, for speed... but, good to see you do NOT deny the MAIN BENEFIT of security, per my last quote of your words above... apk
Yeah, you're right. But compiling a linux kernel is easier than some of the things that I see her attempting to do with Windows. ;-)
Those who do study history are doomed to stand helplessly by while everyone else repeats it.
Didn't you say this earlier, conceding a speed gain exists, using a HOSTS file:
"So if you hit every site, every day for a year, you've saved yourself a whopping 9 minutes. Congratulations." - by Nos. (179609) on Thursday April 02, @06:10PM (#27437363) Homepage
Here earlier in this exchange? Sure you did... & it appears that you concede the speed gain possible, just as Mr. Oliver Day of SECURITYFOCUS.COM did here as well:
Resurrecting the Killfile
Oliver Day, 2009-02-04:
http://www.securityfocus.com/columnists/491
PERTINENT QUOTE/EXCERPT:
----
"The host file on my day-to-day laptop is now over 16,000 lines long. Accessing the Internet particularly browsing the Web is actually faster now."
----
A gain, is a gain, is a gain... &, others (reputable, professional others no less) also see & notice it as well!
(Proof's in the pudding (& quote above)).
So, even though YOU try to "minimize it"? The gain exists, & you admitted this (suddenly NOW though, lol, you don't... come on!)
(& your tests via my pinging Open DNS' name resolvers showed longer times (30ms) without using a HOSTS file for their URL-to-IP resolution, than using a hardcoded internal to HOSTS file IP-to-URL equation line in them for them in it, which was again, 0ms (as it is with ANY website you do this for)).
APK
P.S.=>
"First off, I agree with the security benefits, I never suggested there was anything wrong with those" - by Nos. (179609) on Friday April 03, @12:31PM (#27446793) Homepage
Correct, & you can't - The security benefits are UNDENIABLE, & they're the MAIN REASON I espouse the use of CUSTOM HOSTS FILES... for security!
(Speed gains they can yield, as well as efficiency ones by not running a local DNS (wasting CPU cycles, RAM, & other forms of I/O also possibly) would be a waste, considering so many have bugs (MS' own, djbdns, & even BIND), OR, can be "DNS Poisoned" as well... apk
Whoops, small mistake above on my last reply, correcting it now:
It's MS access on HDD's also, admittedly, my bad
(Well, except for cases for those who are like myself, & use an SSD for this: THAT, IS NS speed of seek/access).
Still - let's say you have that 4ms - 8ms seek time (which is 4x-8x or more, of the time it takes to call out to a remote DNS server)
+ 250 lines worth of INITIAL I/O on READ (of the Seek/Open/Read/Close file IO cycle) of a HOSTS file in my case, of my hardcoded favorites in it (&, BEFORE CACHING of the OS diskcache subsystem occuring on the HOSTS during reads, which speeds it up yet more still??)
You're NOT looking @ 30 ms (the time it takes for pings to return from a remote DNS server) - pings, again, show 30ms or more returns from those remote DNS servers, and even IF those DNS servers get poisoned or are "taken down", you will STILL be able to reach your fav. sites...
APK
P.S.=> There IS a reason others such as Mr. Oliver Day have seen the gains I note... faster? IS FASTER!
And, PING TESTS show ANYONE this much also, & they show that via hardcodes of favorite sites one likes into the HOSTS file, works for more speed still (0ms return URL-to-IP address resolutions) &, blocking out AdBanners ONTOP OF HARDCODED ENTRIES?
That only makes this entire scenario, faster again (as does limiting the indiscriminate usage of javascript on "every site under the sun", in addition to yet more added security also).
& AGAIN:
I am, however, glad that you admit to/concede/realize the security gains possible... this? THIS is the "main gain" one makes... the speed gains? An "ancillary bonus" really, but, one I'll take (as a gain, is a gain, & faster IS faster, period)... apk
"Ahh, but its not zero time for a lookup is it?" - by Nos. (179609) on Friday April 03, @10:36PM (#27454221) Homepage
No, but the time taken, even on the INITIAL read (which only gets FASTER, once the diskcache subsystem reads in the HOSTS file, doubtless in 4kb increments, because the cache subsystem works closely w/ the memory manager subsystem (& that reads in data 4kb @ a time)) will be less even...
E.G.-> Given that the 1st 250 lines of my HOSTS file is for my favorites I "hardcode" into it for their URL-to-IP address equation resolution is only 8kb in size?
That's NOT going to take over 30ms, even on the 1st pass, before the OS diskcache caches the HOSTS file content portion that has my favs hardcoded into it, which is the start of my file AND, only a tiny %-age of its entire mass (the time it takes for URL-to-IP resolution to occur roundtrip from a remote DNS Server)...
(& especially not on later ones, once that data is cached by the diskcache & starts operating @ the speed of RAM)...
APK
"Why are you still arguing irrelevant points?" - by Nos. (179609) on Sunday April 05, @10:09AM (#27465191) Homepage
There's no "argument"... especially when you are unable to disprove the points I made in response to yours. You are now clearly unable to respond vs. that which I stated (I've been through this before, & know ALL the responses naysayers make on this subject is why).
Bottom-line is this - If my points are so "irrelavant"?
You'd be able to show how they are, & you are now unable to (which was my goal here).
Pretty simple... too bad I had to outline it for you so you could figure that out, & based on your effete reply now I am quoting? Apparently, I had to "spell it out" for you, and your weak reply illustrates I am correct (you have nothing left to stand on).
APK
unit Unit1;
interface
uses
Windows, Messages, SysUtils, Classes, Graphics, Controls, Forms, Dialogs, StdCtrls;
type
TForm1 = class(TForm)
ListBox1: TListBox;
Button1: TButton;
Button2: TButton;
procedure FormCreate(Sender: TObject);
procedure Button1Click(Sender: TObject);
procedure Button2Click(Sender: TObject);
private
public
end;
var
Form1: TForm1;
implementation
{$R *.dfm}
procedure TForm1.FormCreate(Sender: TObject); register; //start time... apk //end time... apk //Time difference, via subtraction of START TIME from END TIME... apk
{USES HiRes timers via QueryPerformanceCounter Win32 API call... apk}
var
APK:Int64;
JPK:Int64;
Result:Int64;
begin inherited;
QueryPerformanceCounter(APK);
ListBox1.Items.LoadFromFile('C:\Windows\system32\drivers\etc\SITES.TXT');
QueryPerformanceCounter(JPK);
Result:= JPK - APK;
ShowMessage('Time difference, via QueryPerformanceCounter API call = ' + IntToStr(Result div 1000000) + ' milliseconds');
end;
procedure TForm1.Button1Click(Sender: TObject); register; //start time... apk //Time difference, via subtraction of START TIME from END TIME... apk
{USES GetTickCount Win32 API call... apk}
var
APK:Int64;
Result:Int64;
begin inherited;
APK:= GetTickCount;
ListBox1.Items.LoadFromFile('C:\Windows\system32\drivers\etc\SITES.TXT');
Result:= GetTickCount - APK;
ShowMessage('Time difference, via GetTickCount Win32 API call = ' + IntToStr(Result div 1000000) + ' milliseconds');
end;
end.
----
BOTH RESULTS SHOW 0 ms!
Thus, meaning it takes NO TIME @ ALL (less than 1 millisecond) to load 250 of my HOSTS FILES' "hardcoded" favs into an array (a listbox, which is essentially a re-dimmable array, & not much diff. than the datastructure that is used for DNS caches, clientside, I wager)
(So, so much for you, "Doubting Thomas"...)
APK
P.S.=> How much MORE proof do you require @ this point? Sheesh... apk
"You do realize that in all my calculations, I've considered your lookup in your hosts file to take 0 time. All my calculations are using the time you told me of 30ms to do a lookup from your DNS server. So all your "proof" of faster lookups via a hosts file I've already agreed." - by Nos. (179609) on Friday April 10, @03:25PM (#27535231) Homepage
Prior to me PROVING YOU WRONG, about your stating there was NO SPEED GAIN in using hardcode favorites (and, don't even TRY to say you didn't state that, I will just quote you in your next reply where you DID state that, & that will only make you look even more foolish than you do already, because you did that already once here now), via this code -> http://tech.slashdot.org/comments.pl?sid=1185815&cid=27513545
?
The ONLY points you agreed upon, prior to my coded example??
( @ least UP TO THE POINT of where I wrote out code that actually LOADS my list of 250 favorite sites I use, into an array, which literally took less than 1ms, & somewhere in the nanoseconds range (re-dimensionable essentially via a listbox, not as efficient as it can be EITHER, mind you, as would be a simple array (not a GUI control, this does have message passing & other overheads a non-GUI array would not)))???
YOU ONLY PREVIOUSLY AGREED WITH ME ON:
1.) The security benefits possible via HOSTS files
AND
2.) That blocking adbanners gives one more speed
(HOWEVER, on the latter point #2? Well, on that one?? Heh - You ONLY agreed, after I pointed out that Oliver Day of securityfocus.com is noticing tha (&, he's only using it lately, whereas by way of comparison? I have been doing this & getting the security AND SPEED benefits from it, for 12++ yrs. now already on Windows based PC's, & long before that in my *NIX &/or VMS days decades before it))...
However, NOW, "suddenly" (that IS sarcasm by the by)?
Well, NOW you state that you agree there is more speed using HOSTS files harcoded favorites... @ last!
Albeit now you say not ONLY from blocking out adbanners, but now also from using hardcoded favorites? Give me a break... I had to practically prove EVERY point to you, and get you to admit I was correct on ALL points noted!
(Again - albeit, only after I put up a fairly indisputable proof, via code that does the same thing as a HOSTS file read would take!
(AND, that is also before caching of HOSTS file content too, which would only make it faster avoiding diskbound I/O (AND, it would have been even faster if I populated a non-gui control as well, mind you), or, what a DNS client cache lookup would do into the C/C++ structure (or, Pascal record type) that holds the local DNS Client cache).
Yes - I put up code that you are FREE to try, AND VERIFY YOURSELF & try!
Verify it, might as well, right? After all the "doubting Thomas" replies you gave me here...
(So, please - DO VERIFY THE METHODS I USE, to prove you wrong... as to the API calls, the methods you use to time code (I do this in most of my apps, it's a primitive form of "code profiling" is why, work on the slowest areas this way, as the methods I used of QueryPerformanceCounter, & GetTick (less accurate of the two mind you) identify this for you), are you FINALLY AGREEING this takes less than the 30ms (or, more, mind you) that remote URL-to-IP resolutions take from a remote DNS server!)
APK
P.S.=>
"But you've invested more time in your setup then it will save you in the long run." - by Nos. (179609) on Friday April 10, @03:25PM (#27535231) Homepage
NO work, especially HARD work (that others cannot do), is EVER a waste, because in the doing of it, you only get stronger/better/smarter, for the doing of it... first of all.
Secondly? What I do with my OWN TIME, is my own business
Do you even read my posts?
The time you invested in putting your 250 sites in your hosts file will take decades to pay back. I've never debated that there are security benefits to placing pointers to 127.0.0.1 in your hosts file. I've never disagreed that putting ad sites in your hosts file will speed up browsing.
I'm only discussing the 250 favourites sites you have. You don't seem to be able to understand that.
"The time you invested in putting your 250 sites in your hosts file will take decades to pay back" - by Nos. (179609) on Saturday April 11, @09:33AM (#27541541) Homepage
How so? This code -> http://tech.slashdot.org/comments.pl?sid=1185815&cid=27513545 SHOWS ONLY nanoseconds (far less than milliseconds) of time it takes to read in the topmost 250 entries from a HOSTS file, which IS far faster by many orders of magnitude vs. the 30++ms (or more) resolutions from a remote DNS server, period!
(AND, as far as my hardcoded favorites? I place mine, @ the start of the file, which is only 8kb in length - once the diskcache/memmgt subsystems "suck that in", which takes @ most, 2 reads, it gets faster yet.... simply because the memmgt of Windows typically functions in 4kb reads? Then, it operates in the NANOSECOND ranges (the speed of RAM)).
However, per my coded example? That showed less than 1ms speeds loading them alone... & that is NOT the 30++ms (or more) it takes to resolve an URL-to-IP address conversion result from a remote DNS server, period.
(AND, it is NOT 30++ms also, even PRIOR to the OS diskcache speeding it up further)
Heck - & that's me writing it using a GUI listbox, which again, is NOT as efficient as it could be (far from it), for demonstration purposes only!
(Simply because the process of reading in my 250 favorite "hardcoded" IP-to-URL favorites in my HOSTS file would be MUCH faster still, IF I did it using a simple array (even a redimensionable one, vs. a statically sized one), & as say, a character mode app (here, I have seen literally 10-fold increases in speed over GUI apps), OR better still, via a Ring-0/RPL 0 operating driver? You'd see even MORE speed, a lot more in fact, on that initial read prior to caching even...))
QUESTION: What EXACTLY is your background in this art & science? Because @ this point?? I truly EXTREMELY doubt that I am speaking to a peer here @ least...
APK
P.S.=>
"I'm only discussing the 250 favourites sites you have. You don't seem to be able to understand that." - by Nos. (179609) on Saturday April 11, @09:33AM (#27541541) Homepage
At this point, after you said that? Well, didn't YOU, say THIS, here earlier:
----
"So all your "proof" of faster lookups via a hosts file I've already agreed" - by Nos. (179609) on Friday April 10, @03:25PM (#27535231) Homepage
----
?
(Sure you did, & you FINALLY agreed that there are speed gains possible via hardcoding the IP-to-URL address equation resolution in a HOSTS file, even though your first post in this exchange told me to "rethink that" (or, didn't YOU say that initially also? YES, you did, so make up your mind)
LOL, man ... contradicting yourself once more? Get real (& quit trolling already!)... apk
"Do you even read my posts?" - by Nos. (179609) on Saturday April 11, @09:33AM (#27541541) Homepage
Yes, why else do you think I quote you? To NOT miss your points but, question is, do you read mine: You don't, because I addressed this point, long ago, in a "p.s." in my recent posts here:
http://tech.slashdot.org/comments.pl?sid=1185815&cid=27539383
THAT? Is/was exactly in regards to this "point" from you, now:
"You have invested at least 20 hours in your setup. That puts you in the hole at 20 hours." - by Nos. (179609) on Monday April 13, @02:11PM (#27559873) Homepage
See the URL above, & it's P.S. section...
APK
P.S.=> Your qualifications + experience in actual coding, as I did via providing you a literal example of a file open/load/close of 250 favs. of mine & how long it took, you'd understand that a character mode/tty app does it even faster, & a driver moreso - you said that would take too long & I ought to rethink it in your 1st reply no less here in this exchange... via my example, which I invited you to try & verify no less? Well, none of what I do in hardcodes of favs in a HOSTS file took 30++ms as a remote lookup to DNS servers would, & in fact, less than a millisecond on load into a GUI listbox no less (which has "slowness overheads" vs. other methods)... apk
Heh, beg to differ: Everytime I hit a site that is in my favorites list, I do & I proved it via code no less!
(Also? My hardcoded favorite sites I put in my HOSTS file is now only 3kb long)
I.E.-> I pruned it some, so I have only 1 memmgt + diskcache subsystem caching to take place no less, speeding up access to it even further since it's read in, in 4kb increments (& here specifically on MY setup? There is no 4-8ms seek time, up from my CENATEK RocketDrive TRUE SSD (does not use slow flash, which is slower on writes)))?
It's only going to take 1 read in to cache it (diskcache of filedata from HOSTS), tops...
Additionally?
Well, apparently, I have to restate here, what I said in my other posts' P.S. section (my last post's URL I posted):
----
"I give up. You've invested 20 hours in your setup. You will not recover that time." - by Nos. (179609) on Tuesday April 14, @10:57AM (#27570649) Homepage
NO work, especially HARD work (that others LIKE YOURSELF, apparently cannot do, because I gave you the code to verify it no less as well as the API calls here -> http://tech.slashdot.org/comments.pl?sid=1185815&cid=27513545 ), is EVER a waste, because in the doing of it, you only get stronger/better/smarter, for the doing of it... first of all.
Secondly? What I do with my OWN TIME, is my own business... but, I did so, for the benefit of others (read on):
Lastly??
E.G. #1-> Others who use the HOSTS file I have are showing great results - they're who I was helping out, for a security guide I wrote last year that has gone over 250,000 views & actually DOES WORK, to secure Windows -> http://www.tcmagazine.com/forums/index.php?s=c4c227eed40ee7b270887d405d9ea90d&showtopic=2662 [tcmagazine.com]
E.G. #2-> Folks using it are experiencing results like:
----
A.) NO malware infestations for months to years @ a time
and
B.) Easily more speed online, and one of my pals estimates it to be DOUBLE his usual internet speeds, minus using a HOSTS file (he doubles his online speed using one, bigtime)!
----
Would you like proofs & statements of THAT as well??? I can provide them, easily...
BOTTOM-LINE:
Faster is faster, & HOSTS file usage gives you that, as well as security benefits (which you agreed with)... AND, you also conceded that folks DO GO FASTER ONLINE, using a CUSTOM HOSTS FILE (for adbanner blocking @ least) after the quote I used from Oliver Day of SecurityFocus.com (which is that he goes faster online using HOSTS files, which may be for blocking adbanners, still faster IS FASTER) & also later after seeing that a small amount of file data like the favs I hardcode into my HOSTS file takes FAR LESS THAN 30++ms returns from remote DNS servers, period, & by MANY ORDERS OF MAGNITUDE no less...
APK
P.S.=> Did you ALSO, say this, & as your 1st statement here, no less ->
"You may want to rethink that part. For one, unless you have pathetic DNS servers, I doubt you'd ever notice doing the lookups." - by Nos. (179609) on Thursday April 02, @02:18PM (#27434051) Homepage
That IS what you stated, first, here, from here ->
http://tech.slashdot.org/comments.pl?sid=1185815&cid=27434051
?
You never said a THING about my "wasting time" in writing up an app for this, that was intended to help others mainly... YOU are ONLY TRYING TO "SAVE FACE" now, w/ this line of UTTER b.s. about my wasting time that I will never 'make up' by creating an app that removes HOSTS files duplicated entries, alphabetizes their or
You seem very intent on posting tons of irrelevant information.
As I've said and you've agreed, you'll not recover the time you've invested. If you use a trusted DNS server, you virtually eliminate poisoning. I work (and have certifications) in IT Security. I know what I'm talking about.
You also lose all the advantages that DNS offers.
If you're happy with your setup, great, keep using it. But its not a good solution. Even the security benefits you claim can be had far easier. The same goes for ad blocking. OpenDNS blocks a lot of malware sites. Plugins for firefox virtually eliminate ads. All of that takes a few minutes to setup. If you want to waste days of your time that requires maintenance and doesn't offer any real improvements, go right ahead.
"Even the security benefits you claim can be had far easier" - by Nos. (179609) on Tuesday April 14, @02:05PM (#27573945) Homepage
You know, for a guy that CLAIMS to have some 'security certifications'? Have YOU ever heard of the concept/term of "layered security"?
Look into it... & KNOW why I use MULTIPLER LAYERS of each of the things you noted... same reasoning as PORT FILTERING working w/ software firewalls, IP Security Policies, + hardware "NAT firewalling" & stateful packet inspecting routers, & more!
----
OK now, per my subject-line? Now - kindly answer the 3 simple questions, enumerated #1-#3 below, & IN REGARDS TO THIS STATEMENT FROM YOU:
----
"As I've said and you've agreed, you'll not recover the time you've invested" - by Nos. (179609) on Tuesday April 14, @02:05PM (#27573945) Homepage
1.) SHOW US ALL, WHERE DID I AGREE WITH YOU ONCE on hardcodes of my favorites into my HOSTS file for their URL-to-IP address resolution being slower, as you felt?
AND, which you CHANGED LATER (after question #2 below's code ONLY, that is):
"So all your "proof" of faster lookups via a hosts file I've already agreed." - by Nos. (179609) on Friday April 10, @03:25PM (#27535231) Homepage
?
(Tell us another one, ok? YOU CONTRADICTED YOURSELF IN THOSE QUOTES ABOVE, no less!)
Sheesh...
ANYHOW - The time I invested, was explained in my LAST post? (it was for the benefit of others!)
AND, again - I built my app for HOSTS file mgt. (removes repeat entries, alphabetizes ALL entries, changes BLOCKING entries from the larger/slower 127.0.0.1 or 0.0.0.0 to the smaller/faster/more efficient 0 blocking IP address, & also pings my favs to put into the HOSTS file w/ their current IP address, to avoid the 30++ ms it takes to call out to a remote DNS server) so others could gain by its use (in security, and YOU agreed to that right off) AND speed online also
(Which you conceded happens, ONLY after YOUR seeing Mr. Oliver Day's reply from securityfocus.com here -> http://www.securityfocus.com/columnists/491 )...
All, so OTHERS USING MY SECURITY GUIDE gain by it, & it works for BOTH added security AND SPEED online (250,000++ views strong in 1 yrs.' time online, often HIGHLY rated or made an "essential guide" etc. or is most viewed across 20++ forums online, such as here -> http://www.tcmagazine.com/forums/index.php?s=395376e859fcee5140c0853e11b8fc8f&showtopic=2662 )...
So THEY could save time in building a GOOD HOSTS FILE, & use the file I distribute for them to in HOSTS files!
(AND AGAIN? Folks using my security guide, and YES MY HOSTS FILE, are showing 1++ yr. of time w/ NO MALWARE INFESTATIONS NO LESS, & going faster online and locally also - so, see my last post in fact as to testimonies to that (or, I can provide them w/ URL's & PERTINENT QUOTES as proof thereof))...
(Man - It's the "techies" out there, just like YOU, that "f things up" badly: Your kind's unwilling to do necessary work for security because you say it's "too much time burned", & that's B.S. - I say YOU'RE LAZY (or unqualified to write code), is more like it - I mean, per the bottom of my P.S. below? Do YOU EVEN KNOW WHAT "layered security" means? I don't think so...)
SO, since you said I "agreed with you"? Well then - do what I do, & provide us a quote of MY agreeing w/ you on that, since you said I have... ok??
----
2.) Did the coded illustration ->
http://tech.slashdot.org/comments.pl?sid=1185815&cid=27513545
there, of loading 250
1) Hard coding your favourites into your hosts file will save time on lookups, I've never debated that fact. What I've said is the time invested isn't worth it. You still refuse to address that other than saying its your time and you'll do with what you like. Fine... but others should be aware that in the long run it won't save them any time and could cost them time.
2)Who cares how long it takes your script to run. My point has been how long it took for you to do the coding and the testing, and migrate your setup to other machines.
3)So your telling me that your senses are so fine tuned that when you type http://slashdot.org/ (or click a bookmark) you can tell a difference of .03 seconds in the load time of the site? Wow... I'm impressed.
Oh, and by the way. I've done a fair bit of coding in my day. I wrote several hundred thousand lines of code that runs a busy web hosting company's control panel. Interfacing with mail servers, ftp servers, dns servers, web servers, datbase servers, etc. It does incremental backups that are restorable by the user. I custom built the database backends. Its also useable by resellers to create custom frontends. It handles the frontend for billing (and I helped with the backend billing). That's one coding project I did. There've been many others and even though I'm no longer in a programming position I still find myself doing some coding.
I've been working professionally in IT for enough years. I've done security research at a University, and am now employed by a mid-sized telecommunications company as a lead IT security person. I've received awards from other IT managers in the company for finding and recommending fixes to security issues.
I'm the lead IT person on our PCI-DSS compliance project. I'm the lead IT person on our AV, IPS, and DLP implementations.
I've assisted on investigations on possible breaches.
I've written custom applications to do log analysis on our internal custom apps.
Question my qualifications all you want, and try to change the subject, and manipulate what I said all you want. It doesn't make you right, or distract from the points I've made. First, very few people are going to notice a savings of 30ms on the load time of their favourite sites (and that savings is only the FIRST time its loaded that day - depending the cache times). It doesn't change the fact that by using your setup, they lose a lot of the features that DNS provides.
"1) Hard coding your favourites into your hosts file will save time on lookups, I've never debated that fact. What I've said is the time invested isn't worth it. You still refuse to address that other than saying its your time and you'll do with what you like. Fine... but others should be aware that in the long run it won't save them any time and could cost them time." - by Nos. (179609) on Wednesday April 15, @01:12AM (#27582533) Homepage
SO: Gee I wonder - Are YOU the kind of person who would've said that to say, Jonas Salk, as he spent time on curing POLIO, too?
STRANGE YOU OMIITED THIS -> That I also stated it was FOR THE BENEFIT OF OTHERS (quit skimming - OR, rather "conveniently omitting", this ->) also, in THIS quote in my last post above:
http://tech.slashdot.org/comments.pl?sid=1185815&threshold=1&commentsort=0&mode=thread&cid=27581413
----
I built my app for HOSTS file mgt. (removes repeat entries, alphabetizes ALL entries, changes BLOCKING entries from the larger/slower 127.0.0.1 or 0.0.0.0 to the smaller/faster/more efficient 0 blocking IP address, & also pings my favs to put into the HOSTS file w/ their current IP address, to avoid the 30++ ms it takes to call out to a remote DNS server) so others could gain by its use (in security, and YOU agreed to that right off) AND to also get better speed online also
(Which you conceded happens, ONLY after YOUR seeing Mr. Oliver Day's reply from securityfocus.com here -> http://www.securityfocus.com/columnists/491 [securityfocus.com] )...
All, so OTHERS USING MY SECURITY GUIDE gain by it, & it works for BOTH added security AND SPEED online (250,000++ views strong in 1 yrs.' time online, often HIGHLY rated or made an "essential guide" etc. or is most viewed across 20++ forums online, such as here -> http://www.tcmagazine.com/forums/index.php?s=395376e859fcee5140c0853e11b8fc8f&showtopic=2662 )...
So THEY could save time in building a GOOD HOSTS FILE, & use the file I distribute for them to in HOSTS files!
(AND AGAIN? Folks using my security guide, and YES MY HOSTS FILE, are showing 1++ yr. of time w/ NO MALWARE INFESTATIONS NO LESS, & going faster online and locally also - so, see my last post in fact as to testimonies to that (or, I can provide them w/ URL's & PERTINENT QUOTES as proof thereof))...
(Man - It's the "techies" out there, just like YOU, that "f things up" badly: Your kind's unwilling to do necessary work for security because you say it's "too much time burned", & that's B.S. - I say YOU'RE LAZY (or unqualified to write code), is more like it - I mean, per the bottom of my P.S. below? Do YOU EVEN KNOW WHAT "layered security" means? I don't think so...)" - by Anonymous Coward on Tuesday April 14, @10:06PM (#27581413)
----
AND? THUS - ANOTHER "UNTRUTH" FROM YOU IS REVEALED, ONCE MORE, IN THIS PORTION OF THE ABOVE QUOTE (of MY OWN WORDS, above, & from my earlier post here, no less, as proof) , vs. YOUR UNTRUTHFUL STATEMENT BELOW I quote next:
"You still refuse to address that other than saying its your time" - by Nos. (179609) on Wednesday April 15, @01:12AM (#27582533) Homepage
Hey - It IS my "own time" & how I use it? Is to help others out in security in this field (and a LOT more, like coding or network engineering tasks, & over 16++ yrs. professionally, & 26++ yrs. TOTAL time...):
(Folks can & HAVE + DO USE the HOSTS file I build each day, & successfully... some even stating no malware infestations for m
I've done most ALL of that, if not ALL, + FAR MORE, & CAN PROVE IT (unlike you - & though I do NOT really LIKE doing this part below? Now, I have to, since you have "put out yours" etc./et al)...
ALL, via these easily verified "tidbits" to evidence that for myself (in addition to MIS (b.s.) &/or Comp. Sci. (associates) degrees + coursework above & beyond that as well, like the certs YOU have for example):
---
Windows NT Magazine (now Windows IT Pro) April 1997 "BACK OFFICE PERFORMANCE" issue, page 61
(&, for work done for EEC Systems/SuperSpeed.com on PAID CONTRACT (writing portions of their SuperCache program increasing its performance by up to 40% via my work) albeit, for their SuperDisk & HOW TO APPLY IT, took them to a finalist position @ MS Tech Ed, two years in a row).
WINDOWS MAGAZINE, 1997, "Top Freeware & Shareware of the Year" issue page 210, #1/first entry in fact (my work is there)
PC-WELT FEB 1998 - page 84, again, my work is featured there
WINDOWS MAGAZINE, WINTER 1998 - page 92, insert section, MUST HAVE WARES, my work is again, there
PC-WELT FEB 1999 - page 83, again, my work is featured there
CHIP Magazine 7/99 - page 100, my work is there
GERMAN PC BOOK, Data Becker publisher "PC Aufrusten und Repairen" 2000, where my work is contained in it
HOT SHAREWARE Numero 46 issue, pg. 54 (PC ware mag from Spain), 2001 my work is there, first one featured, yet again!
Also, a British PC Mag in 2002 for many utilities I wrote, saw it @ BORDERS BOOKS but didn't buy it... by that point, I had moved onto other areas in this field besides coding only...
Lastly, being paid for an article that made me money over @ PCPitstop in 2008 for writing up a guide that has people showing NO VIRUSES/SPYWARES & other screwups, via following its point, such as THRONKA sees here -> http://www.xtremepccentral.com/forums/showthread.php?s=ee926d913b81bf6d63c3c7372fd2a24c&t=28430&page=3
---
Was fun... all of it (mostly)!
----
"I wrote several hundred thousand lines of code" - by Nos. (179609) on Wednesday April 15, @01:21AM (#27582591) Homepage
HEY: I've written MANY MILLIONS of lines of code, & in @ LEAST 10 different languages as well, PLUS, over a 16++ yrs. long PROFESSIONAL career in this field, & in both sharewares/freewares that have even gone into COMMERCIALLY SOLD SUCCESSFUL WARES also...
(Again - See Windows IT Pro magazine above, for instance, on that account, which also did well @ MS Tech-Ed 2 yrs. in a row, in the HARDEST CATEGORY THERE, of SQLServer performance enhancement, as a single "f'instance" thereof)...
(That's changed though, especially the past 10 yrs. now, & to mostly "enterprise class projects" (millions of lines in size, when I code that is) the past 10++ yrs. now, MOSTLY (while coding - I do other things on various jobs or during coding jobs, also))
----
"very few people are going to notice a savings of 30ms on the load time of their favourite sites (and that savings is only the FIRST time its loaded that day - depending the cache times)" - by Nos. (179609) on Wednesday April 15, @01:21AM (#27582591) Homepage
I do, & did...
You, 'suddenly now' seem to "fail to recall" that many others (notable even/perhaps), also use HOSTS files for not only security benefits they provide in extra layered security, which YOU conceded/agreed to, immediately... but, also for SPEED!
Others such as Mr. Oliver Day of SECURITYFOCUS.COM as well (whom I quoted earlier, in HIS noting speed gains particularly while websurfing & using a HOSTS file) here ->
I'm not going to waste my time on this anymore. You continually bring up security and performance gains from blocking ads. I've never disagreed with either point. I AGREE with them, though I think there are better ways to do it.
I'll stand by my point that hard coding your favourites sites into your HOSTS file is neither a timesaver (in the long run) nor is it particularly beneficial. If you believe it is, great. Have fun with it.
I won't be replying again.
" You continually bring up security and performance gains from blocking ads. I've never disagreed with either point. I AGREE with them, though I think there are better ways to do it.
on Wednesday April 15, @09:50AM (#27585443) Homepage
The "best way" is LAYERED security (i.e.-> Using MULTIPLE redundant layers of security), & IN YOURSELF, (for a guy that CLAIMS to have a security background in this field in yourself), one would figure you'd KNOW that! Use all you do, AND THEN SOME!
(as I do, in case the layers you use only get "taken down", or otherwise get compromised, like DNS servers have been due to bugs that stood for decades in BIND which D. Kaminsky only discovered & fixed w/ others like MS this year, as well as those in djbdns, & even Microsoft's OWN DNS server service, which was only patched after decades, last month (last patch Tuesday)).
----
"I'll stand by my point that hard coding your favourites sites into your HOSTS file is neither a timesaver (in the long run) nor is it particularly beneficial. If you believe it is, great. Have fun with it." - by Nos. (179609) on Wednesday April 15, @09:50AM (#27585443) Homepage
You cannot seem to "explain away" how a load of 8kb worth (250 of them) took less than 1ms of time to load up, & in basically the SAME MANNER in which the DNS API loads them into its local DNS cache buffers/datastructures....
(WHICH IS FAR LESS THAN THE 30++ (or more) ms it takes for a URL-to-IP resolution from a possibly DNS poisoned, or buggy, remote DNS server)
AND, this code illustrates AND PROVES harcodes of favorites into a HOSTS file is faster (via QueryPerformanceCounters &/or GetTickCount Win32 API calls no less) than solely depending on remote DNS servers for URL-to-IP address resolutions, via this code -> http://tech.slashdot.org/comments.pl?sid=1185815&cid=27513545 for that purpose... period.
("Argue w/ the numbers" as the saying goes... & the Win32 API (good luck))
----
"I won't be replying again." - by Nos. (179609) on Wednesday April 15, @09:50AM (#27585443) Homepage
OH, sure:
I heard THAT ONE from YOU, before... here -> http://tech.slashdot.org/comments.pl?sid=1185815&cid=27570649 , in your "I give up" statement there.
(AND, you didn't "keep your word" then, either)
APK