Anatomy of an Attempted Malware Scam

Dynamoo writes "Malicious advertisements are getting more and more common as the Bad Guys try to use reputable ad networks to spread malware. Julia Casale-Amorim of Casale Media details the lengths that some fake companies will go to to convince ad networks to take the bait."

127.0.0.1 for Casale

[ScottCooperDotNet]

They've been on my HOSTS block for years, ever since one of those annoying GIF popups damn near gave me a seizure bouncing in its frame. Have they improved since?

Re:127.0.0.1 for Casale

Better to use 0.0.0.0 - since it's a real invalid IP, connecting to it fails instantly, while a program trying to connect to 127.0.0.1 will take a while before giving up.

Re:127.0.0.1 for Casale

Your firewall is misconfigured. Dropping instead of denying is a shitty default policy.

Re:127.0.0.1 for Casale

They created pop-up ads that deliberately circumvent Firefox's built-in pop-up blocking efforts. They've been doing it for years, and were still as of a few months ago. I can't believe a story about them made it to Slashdot. They've been in my router's hosts file for years.

Re:127.0.0.1 for Casale

not on windows.

which I was trying to argue with apk but his hears are filled with self importance so he can't hear any points against his 600MB host file

Re:127.0.0.1 for Casale

[cynyr]

but DENY lets the remote know you do exist, where as DROP makes you a black hole. I prefer TARPIT myself, but thats reserved for the throttling rules of things like my ssh blocker, and such.

Re:127.0.0.1 for Casale

[TheLink]

If the sites you visit are mostly http, you could run your own webserver on port 80 and serve up ads you want.

Like reminders to not surf so much ;).

Anyway, on one fine April 1st, I configured a webproxy to show the company's logo instead of some ads. I didn't get fired for that, hardly anyone noticed. I think I did save some bandwidth.

Re:127.0.0.1 for Casale

why bother to do it manually? You'd be better off with tools like PeerBlock.

google should be out of business for this..

they are not held accountable for anything, not for copyright, not for privacy issues as well. continue worshiping them and see what happens.

Good Job Scott... apk

"They've been on my HOSTS block for years, ever since one of those annoying GIF popups damn near gave me a seizure bouncing in its frame. Have they improved since? - by ScottCooperDotNet (929575) on Thursday August 05, @01:52AM (#33147212)

Good man, & same here: Mod ScottCooperDotNet up, because he knows what he's doing in using HOSTS files!

I say that because custom HOSTS files (especially for defense) are great stuff.

I.E./E.G.-> HOSTS files cover any and ALL "WebBound apps", unlike browser addons which are centered on specific webbrowser programs only. This means external email progs. for example, like Outlook/Outlook Express, are covered as well vs. HTML based email attacks etc./et al...

1 piece of advice though Scott - use 0.0.0.0 as your blocking address because it's smaller than 127.0.0.1, so it reads up from disk faster and thus inits itself quicker into memory, and yet it works the SAME as 127.0.0.1 for the same valuable blocking function vs. known bad sites/servers/hostnames-domainnames - on Windows VISTA/Server 2008/7, 0.0.0.0 is the most efficient blocking address you can utilize in fact for that purpose...

(Also on this account? IF you use Windows 2000, XP, or Server 2003?? You can do that even 1 better, by using 0 (vs. 0.0.0.0 & especially 127.0.0.1 & for the same reasons - better speed & efficiency of loads/reloads of your HOSTS file)).

APK

Re:Good Job Scott... apk

[agrif]

Good post, but for the record...

Using "0.0.0.0" instead of "127.0.0.1" is not more efficient because of size. There's only 2 bytes difference between the two; if your computer has a noticeable speedup just because it's reading 2 bytes less per HOSTS entry, you have way too many entries and probably more important problems.

The speedup, as pointed out by a different reply to GP, is because "0.0.0.0" is widely recognized as an invalid IP address, and just about every operating system will immediately fail if you try to connect to it. Using simply "127.0.0.1", the connect call has to go through the local loopback interface, and actually tries a connection, which adds up if you're accessing a lot of places at once (such as on a web page). The problem is even worse when the computer you're on is actually running something on port 80, in which case an actual connection is made, then fails, taking up more time. Or even worse: the connection times out!

Using "0.0.0.0" is good advice; I just wanted to make sure your reasons for using it are valid.

Re:Good Job Scott... apk

[sootman]

From my experience, any speedup gained from using 0.0.0.0 instead of 127.0.0.1 would only be detectable by measurement. I've been using a long, custom /etc/hosts file for many years now. I had one on my 800 MHz, single-core, G3 iBook and there was absolutely no noticeable slowdown--and I even had Apache up and running, serving up a custom 404 so I could see a note whenever it blocked an ad (in an IFRAME; images just came in as broken) and it even logged all 404s because I never bothered to turn logging off. It ran just fine, and today's hardware is one or two orders of magnitude faster. However, the speedUP due to blocked ads was QUITE noticeable.

Here's how to test: go to 127.0.0.1/blop. Maybe relead a few times. Watch how fast the page loads. Does it take a while? No? Then don't worry about it. I'm on an iMac right now with web serving off and when I type in that address and press 'enter', Safari finishes drawing its error message before my finger is off the key.

By the way, AdBlock and proxy servers are also cool but the thing I like about /etc/hosts is that it works with every browser, for every user, and needs no configuration. Then I also install a flash blocker on a per-browser basis and the Web is a happy place.

I'm Surprized...

[powerspike]

I read the article, and in doing reference checks in the digital age, esp when there is a large chance of fraud, that checking domain reg's etc only came in last. It's not hard to program in automatic checking, and by the sounds of it, would stop how easy this type of scam would be implemented. Also they could do reverse phone number checks etc as well. I'm quite sure if they had that information automatically populated during an application, any attempts to defraud the companies would be found out with alot less time.

Re:I'm Surprized...

[adamofgreyskull]

I'm also suitably stupefied. All the "pink" and "red" flags that they are obviously so clever to spot, and which she spends almost the entire article talking about, are just her dancing around the elephant in the room: that she and her team are complete fucking idiots.

Seriously. The important things they learnt, consolidated in the "6 steps" at the bottom of the article are pure common-sense. Even if they're not concerned about "malvertisements" (ick) they should already have been checking references properly (i.e. using a bank's listed number, not one provided by the "agency" and checking the certificates of incorporation of them and their referees). It's common fucking sense even when you are just trying to establish whether or not to extend a line of credit to them! I wish I could have avoided swearing, but it makes me feel physically sick to think that someone can publically admit to being such a colossal moron and still have a job. Not only that, but to have people thanking her for her insight!! Idiots! How much time was wasted by her, her sales droids, her marketers etc.? Idiots! Using the word "creative" as a noun when referring to banner-ad files? Idiot!! AAAGHHH!

Re:I'm Surprized...

[jkxx]

Me too.. or three - Verifying phone numbers and domain registrations is basic common sense stuff. These guys must've never heard of spammers or been victimized by the same. And they are running ads that will be unleashed on an unsuspecting audience? Perhaps running noscript/adblock/etc is no longer the paranoid thing to do - looks like it's becoming the only *right* thing to do.

Re:I'm Surprized...

[jimicus]

I'm also suitably stupefied. All the "pink" and "red" flags that they are obviously so clever to spot, and which she spends almost the entire article talking about, are just her dancing around the elephant in the room: that she and her team are complete fucking idiots.

Part of me wonders if there is a difference in industries which makes this look so damn stupid.

Anyone in IT has probably seen so much malware, so many phishing and scam attempts that there's a strong chance most of us would have checked any company registration numbers with the relevant authorities, checked WHOIS information and contacted the bank directly using one of the banks' own published numbers before even returning the first email. But if you didn't normally meet such rubbish (because the IT department has already filtered out most of the malware, scams and phishing attempts before they even hit your mailbox), I wonder if you'd develop the same level of cynicism?

Re:I'm Surprized...

[RDW]

There's a suitably harsh analysis here:

http://industrypace.com/frontpage/2010/8/4/who-can-you-trust-interactive-advertising-is-dangerous.html

Re:I'm Surprized...

How did she became the "CMO of Casale Media, Inc." without having even rudimentary knowledge of their most important medium today? GP is right, she's being lauded for describing her path from colossal moron to self-important moron.

Re:I'm Surprized...

[WrongSizeGlass]

I agree that she shouldn't be applauded for finally figuring out she was on 'Candid Camera', but keep in mind that it isn't always in their best interest to find these scammers out. They profit from providing their services to all comers, including those that happen to be in the malware business. Keeping the 'cash engine' running often serves up some blinders.

Some of our clients have forums on their sites. We train them to check the domain info of the user trying to join their forum, compare the IP to other IP's that have been blocked, actually *read* the username and e-mail username, etc, etc before approving the user. It's unfortunate that being suspicious is now a prerequisite to being good at what you do on the internet.

Re:I'm Surprized...

[Dynamoo]

Interesting.. but written by someone who works for Media Breakaway (formerly OptInRealBig) who don't exactly have a squeaky clean reputation when it comes to checking who they do business with.

Re:I'm Surprized...

[John+Hasler]

I agree that she shouldn't be applauded for finally figuring out she was on 'Candid Camera', but keep in mind that it isn't always in their best interest to find these scammers out.

But she did refuse their business in the end. Thus she would have saved money had she checked the bank phone number and therefor dropped them at the very beginning.

They profit from providing their services to all comers, including those that happen to be in the malware business. Keeping the 'cash engine' running often serves up some blinders.

This is true, and she notes it as a reason not to rely on the sales department to investigate new customers. In the old days this was handled by accounting (in all industries, not just advertising) and there was always tension between them and sales.

Re:I'm Surprized...

[couchslug]

"It's unfortunate that being suspicious is now a prerequisite to being good at what you do on the internet."

Being suspicious is a prerequisite to being good at life.

Re:I'm Surprized...

[v1]

I thought that was downright hilarious, just taking numbers off the client's provided reference sheet, calling them, and getting the green light. With absolutely no verification of who was at the other end of the phone. There's absolutely zero point in taking references if you're going to implicitly trust them without any guarantee of who they are. The whole point of a reference is to get facts from a credible source. And all they were using it for is to get facts, completely skipping the "credible source" aspect.

IMHO, if I could either check ON the number or CALL the number, I'd chose to check ON it. References, however glowing, without a verified source, are next to worthless.

That, and only doing whois lookups after a red flag? wow. And these guys are patting themselves on the back for being such super sleuths. I'd say this was more of a very close call from a fairly amateur scammer than something to be proud of. I would be embarrassed to have this story get out, certainly not going to publish it.

Re:I'm Surprized...

[Dynamoo]

Corrected.. he *used* to work for Media Breakaway (but it seems not for long!)

Pink flag

[kaoshin]

"We've also highlighted some pink flags"

Is that close to a fuchsia, because I like totally need a flag like that to match my new outfit.

Re:Pink flag

[operagost]

That got me too. She was looking for a color to denote a situation that warranted concern, and she thought of pink instead of yellow. Does she throw out the white flag when everything's a go? Must be color blind.

Such high standards!

I'm comforted to know that Casale Media will pass on obnoxious mortgage refinance advertising from only verified and legitimate predatory lenders!

These checks aren't in place out of any concern for the security of ad viewers. Casale Media here is only concerned that the phantom business will disappear without paying once the botnet is established. Ad networks have demonstrated they don't give a damn so long as they get their cut.

My AdBlock Plus stays on.

Big Surprise

[VonSkippy]

And site owners and advertisers wonder why users go to such extremes with Adblock plus and NoScript to block ad's.

If the sites (or ad distributors) can't guarantee the safety of their own sites, then users have to do whatever is necessary to protect their own systems. If that means no advertising income for those sites - tough luck.

Re:Big Surprise

[toQDuj]

Not very extreme anymore. I just noticed that with the safari extensions, it is just one click away from the safari extensions gallery from being useful and implemented.

Re:Big Surprise

[Tapewolf]

And site owners and advertisers wonder why users go to such extremes with Adblock plus and NoScript to block ad's.

This. I don't mind advertisements, but after I got stung by a drive-by exploit on a work machine (either on Slashdot itself or one of its linked articles), I went straight for Adblock Plus.

I can't remember what the payload was now - something that installed 'XP Antivirus 2010' or whatever (*) - but at the time, only two AV suites could detect it and the company-mandated AV wasn't among these.

(*) Which gleefully detected 'viruses' in several ARM, MIPS and SH3 binaries before I was able to kill it

Re:Big Surprise

How ever all ad distributors will guarantee ads will play, Content of course is always hit or miss. There have been loads of times when video sites Force ads but fail to load sponsored TV segment. YES I'M LOOKING AT YOU CBS!

Adblock Plus is never going to be uninstalled or disabled from my machines.

Re:Big Surprise

[Sycraft-fu]

No kidding. I finally got ABP for Firefox. For a long time I didn't, because I understand sites need ads to be able to provide good content for free. I'm a realist. However, I finally got fed up and loaded it for three reasons:

1) Ads that block off the whole page, or redirect you while surfing and so on. Used to be just Flash shit did that so flashblock did the trick nicely. Not any more, now there's HTML ads that are massive problems. They don't want to show you an ad, they want to stop you from browsing and force you to deal with the ad. No. I'm not ok with that.

2) Ads lagging out websites. I'd go to a site and it wouldn't load because a fucking ad server was down and the site will not load until that loads.

3) Malware ads. Not only are they generally annoying, poping up "Click here to get protected," modal dialogue boxes, they are dangerous and they piss off my virus scanner.

So now ABP is on. I've got a few sites, Slashdot, Hardforum, etc that are whitelisted to they can still get ad money but everything else is blocked. If sites want it off, they have to start taking better steps to ensure their ads are acceptable.

Maybe it's me

[rk]

But if a WHOIS lookup on a new customer's domain isn't in your SOP from the get-go, you're strictly amateur hour.

Re:Maybe it's me

There is a bit of a work around.

The guys who provided a fresh set of domains really were not thinking through all of the angles.

You can easily purchase a dated domain for cheap and with any planning it would be trivial to wind up with a handful of older domains spanning various ages.

However, I do not know if the re-purchase resets the date. Otherwise, a private sale would have to be used.

In the end, these guys are likely hitting multiple sales agencies looking for a catch. While these guys might have not taken the bait I'm quite sure someone else would.

Re:Maybe it's me

[Kireas]

Oddly enough, that's what I thought...a WHOIS on the domains provided, as well as some checks on the bank (to check that the number you are given is actually their number) can't be that hard.

I mean, we have Google. Checking these things must only take another 10 minutes or so...? Nonetheless, can't blame them. 10 minutes adds up across many prospective clients.

Re:Maybe it's me

[Dynamoo]

Well, that's how *I* would start vetting, but then I work in the IT security field and not advertising!

But.. check the WHOIS for the registration date and valid contact details, check that the registrar isn't someone odd like China or Russia, check to see where the site is hosted, check the other sites on the same server and nearby IP addresses, also check the nameservers and if you are feeling more advanced check the MX handler. DomainTools or Robtex is your friend here.. very often you will find red flags using just those checks alone.

Re:Maybe it's me

[greed]

That, and accepting the bank phone number provided by the customer.

On the rare occasion my bank phones me, I ask them how I can call back with information I have (on my ATM card, on my statement, in my telephone book). Every single time they have complimented me on that procedure and provided the name and extension number to reach them. (OK, some times they've told me anyone in the call centre can help, and I don't need to talk to the person who called me in the first place.)

If you're verifying something someone provides you, you cannot use the information they provide you....

Re:Maybe it's me

[swb]

Isn't the part of the problem that these "ad networks" and the tangled webs of ad brokers, resellers, agencies, service providers, programmers, designers, etc that result the person offering the ad may well be thrice removed from the ad's actual creator, the company being advertised, etc?

For example, if I'm a small agency that wants to place banner ads, I'm not going to bother trying to place them directly with web sites, I go through a network. Now I may go through a small network that places its ads in a larger one. At this point, who is really paying attention to where the ads come from or who they belong to?

reputable ad networks?

[stephanruby]

reputable ad networks? What are those? Is he speaking of google ad-sense? or Hulu ads? Personally, I don't consider ad networks that use banner ads as anything that are reputable (this includes any of the shady ad-networks that Google purchased as well). Non-obtrusive text ads, I can deal with. Even Hulu ads, I can deal with since it's film on film. It's just that I hate banner ads, or animated ads, when I'm in reading-mode.

Re:reputable ad networks?

[Aphoxema]

reputable ad networks? What are those? Is he speaking of google ad-sense? or Hulu ads? Personally, I don't consider ad networks that use banner ads as anything that are reputable (this includes any of the shady ad-networks that Google purchased as well). Non-obtrusive text ads, I can deal with. Even Hulu ads, I can deal with since it's film on film. It's just that I hate banner ads, or animated ads, when I'm in reading-mode.

I've noticed more and more ads are finding ways to subtly act like they are a part of the site. Instead of the old crap that pretended to be a Windows window, now it's "Download now" or "Download Torrent Here" or "More about this here". What's even worse are one's that attempt to provide information in the middle of instructive articles misleading you.

It's all a monstrosity. There is nothing I despise more than advertising, it's the reason I stopped watching television years ago and it may yet be the reason I stop watching Hulu.

Re:reputable ad networks?

[sexconker]

"Reputable ad networks" is an oxymoron.
Like "trustworthy door-to-door salesman", "truthful infomercial", "respectable telemarketer", or "honest politician".

Even Hulu ads, I can deal with since it's

[klimaservisi]

SOP from the get-go, you're strictly amateur hour. pgup http://www.klimaservisii.com/

Don't know about anyone else...

[myrmidon666]

But, I'm not really surprised the lengths these "fake companies" will go. Money is a precious thing in this world and if you can't 'seem' to make it legally, you may just turn to crime. Even people who would have never considered doing something like this may be driven to new heights in desperation.

However, some of these people may or may not be the desperate, dirt poor, starving, "means-to-an-end" people I portrayed but, take a minute and think of the things you would probably do if there was truly, no other way you could think to survive in this messed up little world.

Re:Don't know about anyone else...

take a minute and think of the things you would probably do if there was truly, no other way you could think to survive in this messed up little world.

I've been there. It is not fun. BUT, I did things to get by that were more immediately productive and no where near as complex* as setting up fake advertising companies.

* - complex as in, required other resources (computers with internet access) to accomplish

Malicious malverts

[viralMeme]

Ultimately, how does the end users computer get infected by this `malware'?

Re:Malicious malverts

[asdf7890]

Ultimately, how does the end users computer get infected by this `malware'?

The site linked to by the advert includes code that exploits a drive-by install using an unpatched exploit for the user's browser/OS, or uses some form of human engineering to get them to install it (i.e. like the many many "your machine is infected, follow these instructions to fix this" things that are seen out there).

At least one ad network I've seen seems to allow advertises to include custom javascript in their adverts, either that or the advertisers have found a way around the filtering the ad network does on the content, at which point such unpatched flaws can be exploited without the user needing to click the ad at all.

shame on you

[viralMeme]

"I got stung by a drive-by exploit on a work machine .. something that installed 'XP Antivirus 2010"

Run your browser from a read-only device, that way you won't ever get stung.

Pendrive

Re:shame on you

[Tapewolf]

Run your browser from a read-only device, that way you won't ever get stung.

I did the next best thing and installed Xubuntu on an old laptop for browsing. Some of us have to develop on Windows, though. Unfortunately.

Re:shame on you

[Aphoxema]

"I got stung by a drive-by exploit on a work machine .. something that installed 'XP Antivirus 2010"

Run your browser from a read-only device, that way you won't ever get stung.

Pendrive

You could also just run your browser in a virtual machine and set the write-back to a file that's deleted every restart.

Re:I did cover loopback ops

windows doesn't have a loopback adapter, just to say. you have to install it or operation will be done in memory only

127.0.0.1 = loopback adapter address

http://wiki.answers.com/Q/What_is_a_computer's_loopback_IP_address

(Look there, you'll see it's been answered as 127.0.0.1, as was stated in my init. posts here also (that 127.0.0.1 is the loopback adapter address)

This also backs it as well:

"127.0.0.1 is the loopback adapter address present in every TCP/IP-enabled computer which causes the computer to refer to itself without knowledge of its own name or address"

(Pertinent Quote above is from here -> http://www.linuxsecurity.com/content/view/112264/ in fact).

Heck, I suppose you can check the RFC's themselves even to further verify this, but I think that attempting to further "nitpick" my points on this will be fruitless on your parts guys (I've been into this area since the mid 1980's really on *NIX systems, & put up a lot about it for PC users since, oh, 1996-1997 or so, online on forums etc.)

APK

Re:127.0.0.1 = loopback adapter address

you know why wireshark can intercept loopback traffic on windows?

because by design windows doesn't provide a compatible loopback system, insisting on doing it in memory for performance reason.

hey, for being an expert, you suck.

however, you can install it to become standard if that suits your need:
http://www.windowsreference.com/windows-7/how-to-install-a-loopback-adapter-in-windows-7/

but don't let facts get into the way of your 'expertise'

Re:I only said 127.0.0.1 = loopback adapter addy

sorry, you want so much being right by adding word on words but that is not changing the fact that using 0.0.0.0 won't save you from the loopback speed penalty on windows because there is no speed penalty on windows because there is no loopback tcp/ip excange on windows, because in violation of the rfc it's all done in memory jumping all the holes.

Re:I did cover loopback ops

All that was said was that 127.0.0.1 is the loopback adapter address used by Windows (and other Operating Systems that have an IP stack based on the BSD reference design model). That much is correct, so where are you coming from now with facts we already knew about that are actually quite useless here on the use of 127.0.0.1 in a hosts file (since installing a loopback adapter ware is really not required for the usage of either 127.0.0.1 or 0.0.0.0 or even 0 in some cases to work as a blocking method for known bad hosts names in a hosts file?). Your posts makes no sense and is actually quite non-sequitur really.

Re:I did cover loopback ops

[agrif]

Yes, I am aware that reading more data from the disk is slower. However, I would like to point out that the time it takes to read an additional two (or even eight) sequential bytes off the disk is insignificant compared to the potential time wasted in a timeout.

Using "0.0.0.0" is more efficient, but not because of the primary reason you listed, even if that is a contributing factor. It's like saying that the water is boiling faster because the air is drier, but not mentioning that you turned up the burner.

I was not aware of your other post, and I apologize for the redundancy.

I'm righter than you

I've been told it's weird when ACs try so hard. Also futile.

So disregard everything I said, I suck cocks.

APK

Re:I'm righter than you

[beerbear]

Obvious impersonating. Way too few funky characters.

Re:I'm righter than you

[operagost]

Bash.org FTW.

You lost me at "reputable ad networks"

[erroneus]

In so many words others have expressed what I have summarized down to "advertisers don't respect their audience." Their approach has almost always been the capitalist "what the market will bear" approach and as people have grown accustomed to being assaulted with ever more eye-catching colors, styles, techniques and technologies, the limits of what the market will bear erode. People no longer realize they are being disrespected. Their paid-for internet connection are being utilized. Their time is being wasted. They will install software that resists being uninstalled and drains performance and stability from their computers. I see no end to what they will do.

There is a blurry and indistinguishable line between "reputable ad networks" and "the bad guys." The reputable are certainly not constrained by morals and not by law. How can we know they aren't simply being complicit?

Re:You lost me at "reputable ad networks"

[foniksonik]

Most consumers pay a fixed fee for their connection and rarely use 50% of it's throughput. For these people ads are not taxing enough to be considered abusive even if the ads are being served partly on their dime. It's like TV or radio to them. Unmetered access so no opportunity cost.

Re:You lost me at "reputable ad networks"

[erroneus]

If I have 20 acres of land and someone decides they want to post a sign advertising their crap on an unused portion of my land, it is actionable. It does not matter that I do not use it. It's mine, not theirs. It is a form of trespass.

The same goes for any medium or service I pay for. Look at cable/satellite TV. I don't pay for it and never have. (I don't watch it any longer either because my cable guy wouldn't take a bribe the last go around.) I don't pay for anything to provide ad space for someone else.

Whether or not I have room for it, time for it or otherwise have resources for it is irrelevant.

Re:You lost me at "reputable ad networks"

Their approach has almost always been the capitalist "what the market will bear" approach and as people have grown accustomed to being assaulted with ever more eye-catching colors...

Capitalism is a political philosophy. "what the market will bear" is a pricing strategy. There are others, see here. To describe it as "capitalist" is to mistake two concepts. Unless you can take that wiki page and tell me which are the capitalist strategies and which are the non-capitalist strategies...

Re:You lost me at "reputable ad networks"

[Aphoxema]

In so many words others have expressed what I have summarized down to "advertisers don't respect their audience." Their approach has almost always been the capitalist "what the market will bear" approach and as people have grown accustomed to being assaulted with ever more eye-catching colors, styles, techniques and technologies, the limits of what the market will bear erode. People no longer realize they are being disrespected. Their paid-for internet connection are being utilized. Their time is being wasted. They will install software that resists being uninstalled and drains performance and stability from their computers. I see no end to what they will do.

There is a blurry and indistinguishable line between "reputable ad networks" and "the bad guys." The reputable are certainly not constrained by morals and not by law. How can we know they aren't simply being complicit?

They're disrespectful and idiots. What "targeted advertising" gets is showing people what they already have. I play EVE Online. I look up stuff on EVE Online. Going by my cookies and such, advertisers know I play EVE Online. So, what is advertised to me? To try EVE Online. They succeed in nothing.

Re:You lost me at "reputable ad networks"

[userw014]

I am not a customer of the advertisers. I (and my family) are a resource or commodity they don't have to pay for but are selling to other people. They only care about me insofar as my shrieks of pain at being abused don't cause the advertising customers (clients) to stop buying advertising from them, or the web hosting sites from selling space to them.

There are so many advertising agencies - all trying to harvest money from their clients - all chasing each other to the bottom of the gutter.

Given the lack of enforceable, public standards involving advertising - and given the innate nature of the relationships and accountability mechanisms involved, I don't see why I shouldn't block every advertising agency I encounter, as aggressively as I can. I also don't see this as being an unreasonable attitude. If anything, it strikes me as perfectly sane, like closing my windows before it rains, washing and bathing, and locking the doors to my house when I'm not home. Good, sane, common sense.

The cost to me of an advertising failure is enormous. Lost access to the web. Possible lost acccess to the internet for employment related uses. Huge chunks of time cleaning up some mess. The risk of Identity theft, etc.. There is even a cost to me of advertising success - slower access to web pages I do want to visit, and cluttered web pages too. But I don't see a benefit anymore. I don't even want to listen to them justify their existence anymore. Give me back my junk postal mail and local newspaper weighed down with advertising flyers. I feel much safer with them - and if paranoia strikes me there, I can handle that stuff with rubber gloves when dispossing of the dross - and only once a day at that.

Back in the misty reaches of the past (Internet Time), I could be convinced to tolerate advertising on the web as part of a mechanism to pay for the free content that I was interested in. Back in those misty times, I usually used Netscape on a Solaris box. I had a Windows/9x machine at home - but hardly used it for the Web because with a new family, I was too tired at night.

These days, for my home LAN, I agressively block huge chunks of the internet - with FreeBSD "ipfw" tables and by running my own DNS relay that blocks many domains - hphishing, advertising, hosting, and ISP (by making the authority a IP address in a range that my FreeBSD router returns a "network unreachable" for.) Firefox has AdBlock+ and NoScript. Safari is used rarely. Chrome only for 2 sites - all to keep the cookies segregated.

At home, web pages look like swiss cheese. Sometimes, I white-list a site - but not often. But I'm (mostly) satisfied. I'd like to block even more.

Re:Bad cop, no God for you.

[WrongSizeGlass]

God says... Whereas Into killed understand Old initiated credibility Madness increase feet approve helper convict closing harmed twice perisheth triumpheth Apostolic

I block tons of spam that have Subjects that are a lot like that ... but they have wavy images of pills attached. ;-)

Do something about pages that wont load noscript'd

[Marrow]

There are plenty of pages where the site just will not load unless you give permission to run layers and layers of 3rd,4th,5th party scripts. What can we do as consumers or developers to prevent such behavior on the part of websites?

"reputable ad network"...

[John+Hasler]

...is an oxymoron.

Re:Good point on "loopback operations" AC

Jesus Fucking CHRIST APK, do you have to pop up every time there's an article about hosts files?

Why do you have such a fucking hard-on for them anyway? Why can't you just get an account so we can fucking block your whining, retarded drivel?

Re:Thanks, & see URL @ bottom of this reply

875,000 hosts entries? You aren't just a prick, you're a STUPID prick. Well done!

Says the troll who impersonated me, lol!

"875,000 hosts entries? You aren't just a prick, you're a STUPID prick. Well done! - by Anonymous Coward
on Thursday August 05, @08:14AM (#33148620)

You're obviously the same defeated troll who impersonated me today here http://it.slashdot.org/comments.pl?sid=1743902&cid=33148504 first of all.

Secondly, I suggest you refer to some of the valid & reputable sources I use to populate my HOSTS file that I listed in the post of mine you replied to!

(I state that, simply because you obviously aren't aware of the sheer volume of known bad sites/servers/hostnames-domainnames there has been over time and currently continues to be).

Especially since you must resort to a technically challenged ad hominem based attack on myself, rather than my technical points.

APK

P.S.=> Better luck next time, troll... getting the best of you? Well, it's been, as-per-usual, "too, Too, TOO EASY!" (just TOO easy)... apk

Re:Says the troll who impersonated me, lol!

I'm not the guy impersonating you, I'm just another guy who can't abide your egomaniacal postings.

Yes. You are a complete idiot. Hosts files were not meant to have 875,000 entries. Top tip - it'll blow your tiny mind!

Re:Do something about pages that wont load noscrip

[pushf+popf]

There are plenty of pages where the site just will not load unless you give permission to run layers and layers of 3rd,4th,5th party scripts. What can we do as consumers or developers to prevent such behavior on the part of websites?

Install User Agent Switcher and browse as Google.

nobody blows off Google.

Re:Thanks, & see URL @ bottom of this reply

[agrif]

Yeah, in a file with that many entries, the extra 8 bytes per line would create a large performance hit.

I'm going to agree with the AC in a sibling thread, though: if your HOSTS file is larger than 10MB*, you're doing something with HOSTS it was never meant to do. It may be easier than setting up a proper DNS server, but it's not as efficient.

(I appreciate distributing a HOSTS file is easier than telling people how to setup a DNS server, though.)

I think if you start worrying about efficiency enough to start shaving bytes off of lines, you should consider the efficiency of loading a 10MB file instead of a proper DNS server, which can store this data more efficiently than a plain-text list.

My point stands for sane use cases. In my opinion, what you're doing is an abuse of HOSTS, even if it's a handy abuse.

* 10MB is an estimate. ~10 bytes per line * ~1 million lines

Re:Do something about pages that wont load noscrip

Don't go to the site?

Re:See my PS, back up your bluster, TROLL

I was suggesting you run your own DNS server on a box you control, you fucking tool.

Re:Impersonating me? Poor job!

It wasn't an attempt to impersonate you but to underline the silliness of you signing your AC posts, arguing back and forth, linking other AC posts ffs, and trying so very, very hard to appear right.

I have to admit, though, you getting all huffy about it is just golden and ridiculing you much more effectively than I could hope to achieve.

Re:Do something about pages that wont load noscrip

[John+Hasler]

What can we do as consumers or developers to prevent such behavior on the part of websites?

Take your business elsewhere.

Why? To waste CPU/RAM & security??

"I was suggesting you run your own DNS server on a box you control, you fucking tool. - by Anonymous Coward
on Thursday August 05, @09:11AM (#33149036)

Why? Because YOU said so?? Got a PHD in CSC or even an MS?? NO??? Didn't think so on your end, lol! Secondly?

See subject-line above, and this:

http://www.google.pl/search?hl=pl&source=hp&q=%22Dan+Kaminsky%22+and+%22DNS%22&btnG=Szukaj+w+Google

Dan Kaminsky's findings in DNS security hassles say it all for me, on DNS server usage here!

APK

P.S.=> No thanks to YOUR suggestions, and your continual name tossing and impersonating me out of your frustration at my being able to clearly show your "so called tech know how" stinks, since I can turn it on its head easily and with respected others backing my points also? Yea, ok, "whatever YOU say" (you, the no CSC degree AC, lol!)... apk

Re:See my PS, back up your bluster, TROLL

I like how you can tell which ACs are which. Here's a challenge for you: Who am I? I'll give you a hint, I'm posting as AC to avoid moderation done in this thread, but out of the top seven stories on slashdot at 9:35, EST, I have posted in exactly four of them, for a total of exactly 18 posts (not counting this one, or any other AC posts).

tl:dr as offtopic

tl:dr as offtopic

Re:Do this math inside then... apk

smaller files read in FAR faster than larger ones do, especially 50% larger ones!

Actually, Mr. BS CSC PHD, the file is almost 93% larger.

Re:Impersonating me a 2nd time troll?

you DO realize you're not talking to _one_ AC?

you're so full of self importance that you may be leaking, check under your chair before filling your mom basement

p.s. I'm the original one. and I'm still convinced that talking to loopback in windows has no penalty over not resolving 0.0.0.0 because there is no such thing as the tcp/ip overhead you talk about

but hey you were the one making out with a microsoft vice senior hiper managerTO so your word is bold (haha got the pun about the bold abuse?)

Stop impersonating ACs or I call the CSCAC cops!

I'm not sure who's trolling whom anymore, so I'll stop. If you're not trolling, get help.

APK

P.S.=> Seriously.

Why so many pink flags..?

'cause otherwise they'd have had to change the light bulb.

Re:See my PS, back up your bluster, TROLL

[psm321]

Dude, get mental help. And no, I am not any of the ACs posting here.

Re:Good point on "loopback operations" AC

[Abstrackt]

Why can't you just get an account so we can fucking block your whining, retarded drivel?

You may have answered your own question.

Re:Do this math inside then... apk

[psm321]

Attacking your abuse of HOSTS files is not an attack on you. Please understand that.

Now for an attack on you: How can you have a degree and yet think it's consistent to say that shaving 2 bytes per line off (going from 127.0.0.1 to 0.0.0.0) cuts a file size down by 9MB but then shaving an additional 6 bytes per line off (0.0.0.0 -> 0) cuts only 4MB?

Now I need to force myself to stop replying to this thread, I feel like I'm being drawn into this sort of situation: http://xkcd.com/386/

Re:Do this math inside then... apk

Don't fall for it. This is what APK does. He does this stream-of-conscious thing with just enough technical detail sprinkled in there to seem legitimate. When someone actually digs a bit and discovers it's all bullshit, he goes on the attack. He will then start a big copy-and-paste campaign (consisting of legitimate sources that often have very little to do with the subject at hand and previous posts from this and other message boards), stalking, and throwing around supposed achievements all in attempt to distract from the actual conversation. If you've managed to completely discredit him, he will then continue this for a period of following months.

Walk away now. This path leads to insanity.

Re:Do this math inside then... apk

Don't fall for it. This is what APK does. He does this stream-of-conscious thing with just enough technical detail sprinkled in there to seem legitimate. When someone actually digs a bit and discovers it's all bullshit, he goes on the attack. He will then start a big copy-and-paste campaign (consisting of legitimate sources that often have very little to do with the subject at hand and previous posts from this and other message boards), stalking, and throwing around supposed achievements all in attempt to distract from the actual conversation. If you've managed to completely discredit him, he will then continue this for a period of following months.

Walk away now. This path leads to insanity.

Re:ADBLOCK'S "Blockable" too, see inside... apk

Your message is being overshadowed by your delivery of it.

It's like if I asked about the weather, and some guy went on for 20 minutes screaming about how ONLY RUBBER UMBRELLAS KEEP OUT THE RAIN WITH 99% EFFICIENCY, AND EVERYBODY ELSE IS RETARDED BECAUSE THEY DON'T HAVE 875,000 RUBBER UMBRELLAS IN THEIR BASEMENT. I would no longer care about the point he was making, even if I secretly yearned for a higher-efficiency umbrella.

I read your very first post in this topic and was mildly interested in what you had to say about the HOSTS file. That interest very quickly disappeared.

- W

Re:Do something about pages that wont load noscrip

Naaaah. What can they do to my Dillo ?

I have not tried that, but would it work?

[Marrow]

I mean, the browser is hanging on approval to run the script. If I run the script, I take the risks. If I dont run the script, then the content stops loading.

Re:Good point on "loopback operations" AC

[narratorDan]

I think it was more of a rhetorical question. Perhaps they know each other in real life and this is how they bro-fist over the internet.

Re:ADBLOCK'S "Blockable" too, see inside... apk

ya know, obvious troll can't register and instead resorts to signing ac messages because he's an obvious troll

Re:Do this math inside then... apk

[agrif]

Now I need to force myself to stop replying to this thread, I feel like I'm being drawn into this sort of situation: http://xkcd.com/386/

Agreed. :D

Re:Do something about pages that wont load noscrip

[sjames]

I see those from time to time. I just google whatever topic I was wanting information on and go top one of those sites instead.

Sites that require all that crap to be even vaguely useful far too often prove that sufficiently advanced incompetence is indistinguishable from malice.

Casale Media - are a pack of cunts.

[dogzdik]

These fuckers - I have had my fights with them, they were the ones who installed advertising malware on my computer that stuck pop up adds on my system to get me to buy and do some bullshit - 3 X a day every day, internet connected or not.

.

They gave me some bullshit spiel "Oh our customer satisfaction surveys indicate that 99 out of 100 people just love our fuckhole popups running on their systems".

.

If I had my chance I'd give you fucking arseholes a dose of my customer satisfaction feedback.

Re:Do something about pages that wont load noscrip

[dkf]

nobody blows off Google.

But lots of people blow off Bing.

From TFA

[Legion303]

"During our investigation we discovered the phone number provided in the credit application was not a legit phone number for the bank. We also learned that the domains of each of the references provided were registered within two days of each other... and that the registrations took place only days before Bellas Interactive's request for credit was issued - despite the fact that the references "claimed" to be working with Bellas across a 6-24 month spread. And finally, the Bellas Interactive website claimed to be in operation since 1994, despite the fact that the domain was registered in April of this year."

Isn't this extremely basic stuff you should have checked beforehand?

"In Summary
Entities like this are cunning and smart."

No, greedy marketing fucks are stupid. A little research goes a long way. You idiots extended credit to a company without even verifying their "bank's" phone number? I know where to go if I ever need some quick cash.

Seems to me she's doing the same thing...

[rayk_sland]

"have created a false environment designed specifically to validate their non-existence." try "have created a false dichotomy (good guys and bad guys in the spyware advertising business) designed specifically to validate their parasitic existence." Wow. I'd never have thought that Casale would claim such a high moral ground. Serious labour has gone into removing their stuff from spyware ridden computers.

You only proved his point even more

"Actually, Mr. BS CSC PHD, the file is almost 93% larger." - by Anonymous Coward on Thursday August 05, @10:02AM (#33149446)

That even helps prove his point even more. He ought to thank you, you moron. You helped him prove not only look better and prove his other points by your impersonating him and avoiding disproving his other points (or failing to) earlier in this exchange, but you also now helped him look even more correct and better by proving his points for him even moreso. By the way, if you look at it from the point of view of the lowest sized file using 0 as the block address versus the next smallest in 0.0.0.0 being used, he is about right. Your using 127.0.0.1 which results in the largest sized file makes his point even moreso when compared to the 0 using block address hosts file.

In other words, you have no backing

See subject line, and we also realize you are unable to disprove the points used by the ac apk. I suppose he can thank you all for losing so disgracefully on all your parts as well as watching you all run with your tails between your legs after the technical shellacking you're all received from him. This only makes sense since its coming from a pack of amateur trolls with no credible backing or professional experience behind you (or between your ears in knowledge). It's not the first time he silences your lot here, so badly, that you must resort to both impersonating he, but also to ad hominem attacks with no valid backing behind them either. You're an amusing pack of registered lusers but only for short while mind you.

Adhominem attacks only?

Dude, get mental help. And no, I am not any of the ACs posting here. by psm321 (450181)
on Thursday August 05, @11:12AM (#33150284)

Is what is in the subject line the best you have versus facts? Apparently so. If anyone needs any help here, it's you and yours with your rinvalid in debate ad hominem attack tactics plus impersonating the ac apk, and both so called weak trolling tactics are only signals that you're all losing badly here I feel. Especially from 8 digit id registered lusers here like yourself.

Re:Adhominem attacks only?

[psm321]

1.) Learn to count... 6!=8
2.) This particular comment was meant very seriously in an attempt to help you, and not as an attack at all. Please take it under consideration.

Funny you can't disprove apk's points

See subject above. You're the one talking the bullshit here with your invalid mere ad hominem attacking baseless rhetoric on your part as your "defense", and no one is listening to you, we're only laughing hugely at you in fact. I state that simply because all you've done is run from disproving technical points apk made that also had not only valid technical points and research on his part that math and programs verified for him which others here had to agree are valid, but apk also utilized the words of respected others in quotes in the field of computing as well in the post you replied to and in others he made as well here to other naysayers who eventually resorted to what I note next on your and your fellow trolls parts: I mean, really, do you think your not only impersonating him 2 times or more is effective alongside your effete ad hominem attacks directed apk's way? Guess again. We can all read you know, and clearly You fail. You lose. You made him look good also. APK ought to thank you. Until then, you have had every opportunity to prove his points incorrect, and so far, to date? The results on that account from you and yours? You clearly have not, trolls.

Yet another impersonation of myself? apk

Please, how WEAK can you trolls be? Attempting to impersonating me again?? Give us a break.

It's bad enough your fragile and unqualified (no degrees or technical professional experience to your names/credit) egos get the best of you when you can't disprove tech points I made (that have not only mathematical and programmtic testing as my backing but also the fact that I used valid and verifiable quotes from respected others to help me prove my points) and you are unable to disprove either method I utilize nor the words of the respected others I quoted in favor of HOSTS files, but you also have impersonated me here several times now in several posts, as well as repeatedly baselessly ad hominem attacking me here many times also? Please...

People can read you know, and judging by my posts being repeatedly modded up here as well as others noting you impersonated me many times as well? LMAO, @ YOU and "your kind" (the lowest of the LOW online, as trolling scum).

Trolls: Your POOR SHOWING HERE is only making me look better in the eyes of others reading here, so I have to thank you for such a poor "fail showing" on your parts here trolls.

APK

Thanks for making me look good

"Now for an attack on you: How can you have a degree and yet think it's consistent to say that shaving 2 bytes per line off (going from 127.0.0.1 to 0.0.0.0) cuts a file size down by 9MB but then shaving an additional 6 bytes per line off (0.0.0.0 -> 0) cuts only 4MB?" - by psm321 (450181) on Thursday August 05, @11:24AM (#33150474)

First of all? Thanks for proving my point and admitting a smaller file will result by using 0 as a block address in HOSTS files vs. using either 0.0.0.0 or 127.0.0.1, and smaller files read in faster than larger ones, period.

You also obviously cannot read. Here were the approximate figures/numbers I used, dolt! Again/Once more:

----

In using 127.0.0.1, I get approximately a 27mb sized HOSTS file.

Using 0.0.0.0, I get an 18mb sized HOSTS file.

Using 0 in my HOSTS file as the blocking address, I get only a 14mb sized HOSTS file.

----

(That's nearly an order of magnitude between 27 & 14mb sized files and around 30 % size diff. between the 14mb size of the 0 based version vs. the 18mb size of the 0.0.0.0 version. The numbers are incredibly similar to those ratios and numbers (27mb may be upper 26mb AND lowest sized may be upper 14mb size, but the point is there))

Average 80-90% (0 vs. 127.0.0.1) & 30% (0 vs. 0.0.0.0), you get around what I said overall comparing 0 usage to both 127.0.0.1 and 0.0.0.0: Around 50% overall avg. better by using 0 as your block address in a HOSTS file.

Heck - Even Foredecker, a poster here who is also the Senior VP at Microsoft in their "Windows Client Performance Division" conceded that fact to me as a win here, as have others here in this very exchange (& on that very point).

Please - Give up already trolls, You're only helping ME prove my points!

(Simply because the math, the testing of this point on my part via programmatic loads of list boxes and even C style datastructures (as the DNS client cache does in fact also) proved that for me, as well as quotes of respected pros in this art & science of computing had in my other posts and you even admit the file ends up smaller. Once more, because above all else, in case you had not noticed? Smaller files will read in faster than larger ones, period)

Fact is, there's no debating that fact and it was so apparent that not only did my naysayers such as yourself have to outright admit it, but you also resorted to impersonating me, trolling me and avoiding other numerous technical points I made in favor of HOSTS files here.

----

"Attacking your abuse of HOSTS files" - by psm321 (450181) on Thursday August 05, @11:24AM (#33150474)

LMAO - my making a HOSTS file smaller to read into the DNS client cache or local diskcache faster is "abusing" a HOSTS file? LOL, my god, are you HIGH, or what?? How is THAT "abusing a HOSTS file"??

(This I have to hear, lol... and funnier still will be my tearing you apart even further after your undoubtedly technically weak or ad hominem attack based reply, or impersonating me (which has occurred here 3-4 times now already on both of the latter points or more))

APK

P.S.=> SO, all those facts "said & aside"? Well, I am taking the advice others even posted here: Thanks for making me look good by proving my point(s) quoted in your own words in my reply here, above... apk

Re:Thanks for making me look good

[psm321]

I'm not sure what about 50% of your rambling there means. The math in my previous comment stands for itself as I'm sure other readers can see. If you care to contest the fact that 2 bytes * x = 9MB and 6 bytes * x = 4MB are fundamentally inconsistent, please do so directly and succinctly (for example by providing a value for x for which both those equations work).

Also, I repeat my assertion that I have not posted as AC in this thread. Those you claim are impersonating you, are not me.

Making a HOSTS file smaller with 0's is not an abuse of HOSTS. In fact, I never contested your assertion that smaller HOSTS files are quicker to read. Go ahead and tout that as another "win". The fact is, HOSTS files were simply not designed for millions of lines (no, I don't have a cite... it's common sense). DNS servers were designed for that. You are abusing HOSTS by using it to replace the functionality of a DNS server. Because the OS is not designed for such huge HOSTS files, it will be slower than using DNS as intended (even for example a DNS server running on your local machine to blackhole all those domains for you)

See here (and other google results if you care) for Microsoft MVPs stating that having a large HOSTS file is a known cause for the DNS Cache service (which handles that file) consuming 100% CPU

http://www.tomshardware.com/forum/117268-45-svchost-consumes-startup

This will be my last reply to you in this thread. Consider yourself victorious if you so desire. Those reading the thread can decide for themselves.

Re:Thanks for making me look good

[psm321]

Sorry, one last reply (yes, I'm bad at stopping myself). I will say that me questioning your degree just because of your inconsistent numbers was an uncalled-for attack, and I apologize for that.

Thanks for helping prove my point sootman

"From my experience, any speedup gained from using 0.0.0.0 instead of 127.0.0.1 would only be detectable by measurement." - by sootman (158191) on Thursday August 05, @11:52PM (#33158038) Homepage

Thanks sootman, because as you do indeed state? It is measureable, and does result in speed/efficiency boosts (especially in LARGER hosts files).

Which I indeed, did perform sootman, as far as "tests" of that via listbox loads & more (see my posts to Foredecker or ask him yourself, as he posts here and is the Senior VP of "Windows Client Performance Division" @ Microsoft in fact, & he too conceded I am correct on this much (that 0 &/or 0.0.0.0 result in a smaller hosts file than does 127.0.0.1 utilizing ones, and will indeed internally parse faster due to less characters as well as load & reload faster due to less size)).

It's common sense stuff, but as you can see?

It clearly "eludes" the "idiot savants" of slashdot (in my naysayers here (who not only avoided disproving tech points I made here such as this one in favor of HOSTS files, but also helped me prove others, lol, and then they either ad hominem attacked me or impersonated me in their other failing replies in this very exchange as they are often "wont to do" when their "legend in their own mind" technical "prowess" (lol, not) is proven wrong & overturned as well as shown to be weak! "Geek Angst" & "fragile egos" is a common thing here on /., home of the wannabe tech guru (who as all here can see reading, did not do well vs. myself, as per usual!)))

APK

P.S.=> Try using 0 vs. 127.0.0.1 especially (still works on 2000/XP/Server 2003, whereas it will not on VISTA (not after MS "Patch Tuesday" 12/09/2008 which I also informed ForeDecker here (Richard Russell of MS, Senior level VP in fact, AND he has a CSC degree unlike many with his title I have found), Windows Server 2008, & Windows7 about as well due to what you noted above and I have expounded upon vs. the trolls & naysayers here about too)).

Using 0, vs. 0.0.0.0, you'll see even MORE of a speed boost, due to less characters to parse/reparse in internal file record line by line reads as well as faster loads/reloads of the HOSTS file in its entirety into the DNS ClientCache OR DiskCache due to smaller filesize resulting... apk

I found it very interesting

I found it so interesting that I am now a new user of host files from mvps.org which was one of the sources apk listed as an up to date host file.

modded down troll? lmao

You're modded down and off topic, as well as doing the whining here, not apk, so speak for yourself. After your epic "fail" here, we all truly don't think others are going to follow your orders, you off topic whining little weasel. Do you think run this place troll? New News: You do not. So go home and rattle your playpen or crib rails and your mama may respond and bring you a bottle sunshine, lol, but we won't. We'll only continue laughing at your off topic evasions of disproving valid tech points apk made versus you and yours resorting to not only impersonating apk but also your clearly off topic ad hominem trolling tactics. You fail and I get the impression you and your fellow naysayers are afraid of the abilities of hosts files apk extolls in his posts on hosts files.

Epic fail by you, troll

not on windows. by Anonymous Coward on Sunday August 08, @02:20PM

Both 0 and 0.0.0.0 drop requests instantly, whereas by way of comparison, 127.0.0.1, which is the address of the loopback adapter on any bsd nased ip stack using OS, does a loopback step also (which is more work in more steps and is thus slower) you utter dimwit! You fail, troll. Badly. Quit misinforming others here, because it's clear you do not even understand what you're talking about you nimrod!

Where did you discredit him?

You haven't discredited him a single time here that I have ever witnessed. Care to show us the proof of where you have, even once, and beyond a doubt? Somehow, based solely on your performance here, I don't think you'll be able to produce such evidence.

What is the MS loopback adapter?

What is the Microsoft Loopback adapter

http://www.windowsitpro.com/article/john-savills-windows-faqs/what-is-the-microsoft-loopback-adapter-and-why-do-i-need-it-for-sql-server-.aspx

PERTINENT QUOTE/EXCERPT:

----

"If you don't have a network card then go to control panel/networks, choose add adapter and then add the Microsoft loopback adapter - which is just a "dummy driver, no hardware involved. This needs to have working network protocol(s) bound to it.

----

So in other words, all the loopback adapter is, is a dummy network card interface (that's all).

Want more?? OK:

http://tools.ietf.org/html/rfc1223

"Although the type field cannot change the protocol server at the final destination of the message, the type field can be used by intermediate processes on the network to process the message before it reaches the server destination. An obvious example is the 0xFF00 message loopback type function, where network processing to loop back the message results in nondelivery to the TO address."

And, as you can see, and as I stated here many times now as well? Additional processing does occur, which means more work, which means loopback adapter address work means more work and that it is slower because it's doing more work!

Here's even MORE backing that as well from more RFC's:

http://tools.ietf.org/html/draft-ietf-ipoib-channel-adapter-mib-08

"Loopback support allows for the sending and receiving of self-addressed packets that do not go out on the wire."

And also again: It's not a loopback jack (dongle type) in hardware, it's just a dummy interface if you install the optional loopback so that stuff like SQL Server can work if you don't have a NIC... but it always works at the 127.0.0.1 loopback adapter address, and yes, it does extra processing vs. using 0 or 0.0.0.0 which do immediate drops & with less work and thus, less time and processing vs. 127.0.0.1 (all per the links and RFC's above)...

Plus, in memory or not (it always is, even with a driver for the loopback adapter dummy driver itself)? You're just plain doing MORE WORK using 127.0.0.1 & doing loopbacks than not using 0 &/or 0.0.0.0 (& both of these latter resolve out to 0.0.0.0), and besides: ALL I EVER MENTIONED WAS THAT 127.0.0.1 IS THE IP ADDRESS USED TO TALK TO THE LOOPBACK ADAPTER (though sometimes, I have even seen 192.18.1.1 used this way also).

APK

P.S.=> As per usual, myself vs. my "naysayers" here (who are usually just a pack of amateurs & wannabes, who when proven wrong troll, impersonate, and continually try to harass me to no avail via impersonating me or unjustly modding down my posts with no technical justifications why via their multiple registered usernames here (see this entire exchange as evidence to that effect) lol!)? Ah, lmao, I gotta say it - "too, Too, TOO EASY!" (just TOO easy)... apk

Thanks for proving MY point... apk

"Actually, Mr. BS CSC PHD, the file is almost 93% larger." - by Anonymous Coward on Thursday August 05, @10:02AM (#33149446)

I used a rough averages!

I.E.-> When comparing your ~ 92++%/near order of magnitude calculation, on your end (127.0.0.1 @ 27mb size HOSTS file, & 0 @ 14mb size HOSTS file), and also then 30% (0.0.0.0 @ 18mb size HOSTS file, & 0 @ 14mb size HOSTS file)?

Well, that's 90 + 30 = 120 / 2 tests & that = around 50%!

(Which, of course, IS just as I stated initially it would be: Around 50% (as any avg. of them both (especially considering that the file changes sizes because I have to remove lines in it every so often that no longer are sites in existence, or ones that do prove "clean", if only eventually, PLUS "false positives" etc./et al))).

Get it?

(I love it though on 1 final account though - Thanks, because your statement quoted above really only helps prove my point that using 0 as a "blocking address" (which on Windows 2000/XP/Server 2003 it ping resolves back to 0.0.0.0 anyhow though if you use 0 in a HOSTS file to make it smaller for faster internal line by line reads due to less characters and for smaller sized HOSTS files for faster reads into RAM as well) makes for a SMALLER, FASTER, & MORE EFFICIENT HOSTS FILE, which was my initil point here anyhow, see my first posts & replies!)

APK

P.S.=> Gotta go now, thanks for helping me prove my initial point here (see my 1st posts on that note): I am on vacation touring Europe & this week? It's in Prague ("PRAHA")! Prague is the COOLEST CITY I have seen so far (been in London, Berlin, Paris, Warsaw, St. Petersburg, & Madrid so far)...

Enjoying life, and winning debates @ /. at the same time here on MY part? LOL, I love it! apk

Adblock's blockable (HOSTS aren't)

In addition to what you noted? Arstechnica did that to adblock/adblock plus users:

ArsTechnica blocking Adblock?

https://adblockplus.org/forum/viewtopic.php?f=2&t=5266

However, they could NOT do that to HOSTS files users though!

Due to that?

Well, HOSTS files are better than adblock (especially adblock alone) on that account above alone, PLUS these also:

10 ADVANTAGES OF HOSTS FILES OVER BROWSER ADDONS ALONE, & EVEN DNS SERVERS:

http://forums.windowsforum.org/index.php?s=35faafcfc2596ff0fdd2a54a2717153b&showtopic=33716&st=60

1.) HOSTS files eat A LOT LESS CPU cycles than browser addons do no less (since browser addons have to parse each HTML page & tag content in them)!

2.) HOSTS files are also NOT severely LIMITED TO 1 BROWSER FAMILY ONLY... browser addons, are. HOSTS files cover & protect (for security) and speed up (all apps that are webbound) any app you have that goes to the internet (specifically the web).

3.) HOSTS files allow you to bypass DNS Server requests logs (via hardcoding your favorite sites into them to avoid not only the TIME taken roundtrip to an external DNS server, but also for avoiding those logs OR a DNS server that has been compromised (see Dan Kaminsky online, on that note)).

4.) HOSTS files will allow you to get to sites you like, via hardcoding your favs into a HOSTS file, FAR faster than DNS servers can by FAR (by saving the roundtrip inquiry time to a DNS server & back to you).

5.) HOSTS files also allow you to not worry about a DNS server being compromised, or downed (if either occurs, you STILL get to sites you hardcode in a HOSTS file anyhow in EITHER case).

6.) HOSTS files are EASILY user controlled, updated and obtained (for reliable ones see mvps.org ) & edited too, via texteditors like Windows notepad.exe or Linux nano or kate (etc.)

7.) HOSTS files aren't as vulnerable to "bugs" either like programs/libs/extensions of that nature are, OR even DNS servers, as they are NOT code, & because of what's next too

8.) HOSTS files are also EASILY secured well, via write-protection "read-only" attributes set on them, or more radically, via ACL's even.

9.) HOSTS files are a solution which also globally extends to EVERY WEBBOUND APP YOU HAVE - NOt just a single webbrowser type (e.g. FireFox/Mozilla & its addons exemplify this, such as ADBLOCK)

10.) AND, LASTLY? SINCE MALWARE GENERALLY HAS TO OPERATE ON WHAT YOU YOURSELF CAN DO (running as limited class/least privlege user, hopefully, OR even as ADMIN/ROOT/SUPERUSER)? HOSTS "LOCK IN" malware too, vs. communicating "back to mama" for orders (provided they have name servers + C&C botnet servers listed in them, blocked off in your HOSTS that is) - You might think they use a hardcoded IP, which IS possible, but generally they do not & RECYCLE domain/host names they own, & this? This stops that cold, too! Bonus...

Still, it's a GOOD idea to layer in the usage of BOTH browser addons for security like adblock, &/or NoScript (especially this one, as it covers what HOSTS files can't in javascript which is the main deliverer of MOST attacks online & SECUNIA.COM can verify this for anyone really by looking @ the past few years of attacks nowadays), for the concept of "layered security".

APK

P.S.=> The rest of this exchange covers what my naysayers attempted to say to put what's above "down", to no avail though, from here http://it.slashdot.org/comments.pl?sid=1743902&cid=33147274 on down in that/this very exchange!

(I think those of you reading here will find it quite INFORMATIVE, overall if you're interested in speeding yourself up online, as well as securing

Awww, poor little off topic troll!

"Jesus Fucking CHRIST APK, do you have to pop up every time there's an article about hosts files?" - by Anonymous Coward on Thursday August 05, @08:06AM (#33148586)

Listen troll: I'll do WHAT I WANT, WHERE I WANT, ANYTIME I WANT... and you and "your kind" (cowardly trolls) can't stop me... how's that suit you?

You'll have to deal with it, because I SAY SO, not you, and the likes of you certainly have no power over me, hell, even the moderators here do not and they have tried to 'snuff out my posts before' too, and failed. So eat it and like it.

(Additionally, you can cut the swearing, because J.C. has nothing to do with it, and it only "shows your tell" in your frustration at being so technically weak in the art & science of computing you cannot disprove the tech points in favor of HOSTS files I extoll).

----

"Why do you have such a fucking hard-on for them anyway?" - by Anonymous Coward on Thursday August 05, @08:06AM (#33148586)

No, let's ask YOU why YOU have such a problem with HOSTS files instead, shall we? Oh, we pretty much know why...

----

I.E.-> You are either a:

1.) Pissed off webmaster who is losing ad banner profits

or

2.) A malware maker/cracker type who misuses ad banners to botnet load and control other people's machines etc.

----

(And since HOSTS files block banners, as only 1 of their many virtues which both speeds up users websurfing online and secures them better in the same motion no less? Well, it's QUITE OBVIOUS why you are against them in any way possible. Too bad you're losing eh?)

----

" Why can't you just get an account so we can fucking block your whining, retarded drivel?" - by Anonymous Coward on Thursday August 05, @08:06AM (#33148586)

First of all, on "retarded drivel"?

Funny how you & yours cannot disprove the technical merits of HOSTS files I put up here, and you are only left with effte & ineffectual ad hominem attacks on myself rather than my points I make... and you have the gall to call ME, "retarded"? Hey, I am not the one swearing, plus using profanities while foaming at the mouth as you are, lol!

Secondly, you're now "barking orders" at me??

LMAO - Well, guess what: I don't obey your orders and you certainly do not have any kind of control of me, and you do not run the show here in any capacity whatsoever, get it???

APK

P.S.=> No, I'll keep doing as I please, instead, and know I am also frustrating the piss out of you at the same time in doing so... lol, and do remember 1 thing, above all else:

I get HUGE laughs out of reactions like yours, absolutely HUGE ones... why?

Well, simply because you & yours only show me you are steamed over my getting the best of you at every turn to the point where you are reduced to ad hominem attacks effete & failing attempts at that directed my way, rather than attacking my tech points, as well as your nigh constant and off topic b.s. like you are quoted in above, as well as impersonating me here (3x in this exchange here already on that latter note), rather than you attacking & disproving the technical points I put up in favor of HOSTS files usage... which you are QUITE UNABLE TO DO, due to your only being a mere wannabe in the art & sciences of computing instead of a pro with actual know how, saavy, & experience, obviously, as well as the fact that what I put up in favor of HOSTS files is absolutely unassailable even by pros with actual know how & experience in this field, because what I use are only truths & facts! apk

MS Loopback Adapter's a dummy NIC only

"p.s. I'm the original one. and I'm still convinced that talking to loopback in windows has no penalty over not resolving 0.0.0.0 because there is no such thing as the tcp/ip overhead you talk about" - by Anonymous Coward on Thursday August 05, @10:27AM (#33149678)

When you load the Microsoft TCP/IP Loopback Adapter, which also uses 127.0.0.1?

It's only to function as a dummy NIC (stuff like SQL Server won't install right w/out it for example iirc).

Also, guess what??

It's implemented in a driver, which loads from disk into RAM and as you stated earlier?? Anything operating in RAM is F A S T.

However, its also doing extra work in doing a loopback op, as does the non-driver one by using 127.0.0.1, so it is indeed, slower, because it's doing MORE WORK, period! A dropped packet (which is essentially what 0 &/or 0.0.0.0 do) is worked on faster than a DENIED packet (127.0.0.1 basically does this but has processing work)... that's a fact, so get over that much already also.

So, you can "unconvince" yourself already of your assertions based on the above evidence of the mechanics of how the loopback adapter device MS uses for making a dummy NIC works.

NOW - As well as that material above??

The use of 127.0.0.1 over 0.0.0.0 or 0 (best one for size & speed of file efficiency is this latter one, & it resolves to 0.0.0.0 on pings mind you on Windows 2000/XP/Server 2003 still, so it's legit on them to this very day no less) is still faster & more efficient for both overall filesize as I noted for faster loads/reloads of the HOSTS file into the local DNS Client Cache or DiskCache in Windows, as well as being faster for internal-to-file parsing due to less characters per line present (which especially manifests itself in a larger HOSTS file, but still does in smaller ones too, because it's just physics).

APK

P.S.=> I suspect you are either a malware maker, or disgruntled webmaster losing revenues due to adbanner blocking actually, because I cannot figure out what it is you & yours have against the "layered security" power of HOSTS files for security, and their WELL KNOWN BENEFITS FOR ONLINE SPEED (due to adbanner blocking & Hostname/DomainName hardcodes in a HOSTS file)...

ADDITIONALLY?

You still have to overcome the 10 points in favor of HOSTS files I list here (especially over things like AdBLOCK browser addons alone) -> http://it.slashdot.org/comments.pl?sid=1743902&cid=33148818 , & to date?? You & yours have not, not at all, & I LOVE IT! "too, Too, TOO EASY" (just TOO easy) ... apk

MS loopback adapter = dummy NIC driver only

"You are just wrong & I am RIGHT." - by Anonymous Coward on Thursday August 05, @09:33AM (#33149194)

NO, YOU'RE WRONG AGAIN ON WHAT THE MS LOOPBACK DRIVER REALLY IS and WHAT IT ACTUALLY DOES, as it's merely a dummy NIC for things like SQL Server to install properly only (for systems that don't have NICS, for example, so a dev can still work with SQLServer in those cases).

(Also - Well, YOU ARE IMPERSONATING ME, AGAIN, & for the what? Fourth time now on YOUR part?? Please... )

Anyhow, read these 2 URL's below, as they'll explain how & why you're "off" on what the loopback adapter driver from MS truly REALLY does and functions as (a dummy NIC only really, so that SQL Server for example, installs properly even IF you do NOT HAVE A NIC in your machine), & as a driver it loads into RAM so it operates as fast as the other method which both use the 127.0.0.1 address anyhow, but, both STILL perform a loopback type op!

----

ON LOOPBACK ADAPTER DUMMY NIC DRIVER:

http://it.slashdot.org/comments.pl?sid=1743902&cid=33202530

and

What is the Microsoft Loopback adapter

http://www.windowsitpro.com/article/john-savills-windows-faqs/what-is-the-microsoft-loopback-adapter-and-why-do-i-need-it-for-sql-server-.aspx [windowsitpro.com]

PERTINENT QUOTE/EXCERPT:

"If you don't have a network card then go to control panel/networks, choose add adapter and then add the Microsoft loopback adapter - which is just a "dummy driver, no hardware involved. This needs to have working network protocol(s) bound to it.

----

Read those, get your head straight finally (won't you, please?) because you're attempting trolling of myself only ended up with you wearing egg on your face... oh yea - once more? READ BELOW, "Drink in & digest it" as it's food 4 thought 4U:

IMPERSONATING ME HERE 4 TIMES NOW ONLY SHOWS OTHERS HOW BAD OF A LOSER YOU ARE, AND HOW BADLY YOU'VE BEEN THRASHED NOT ONLY BY MYSELF AND FACTS I USE, BUT ALSO YOUR OWN "GEEK ANGST" AND "WOUNDED FRAGILE EGO"...

Impersonating me again also is pretty damned lame, but I suppose it's to be expected as I school lame trolls like yourself (Funny part is you only selected only 1 part of 11 that I post in favor of HOSTS files (which even the poster agrif here agreed with myself on, as well as others like sootman too), and you were unable to combat the 10 points in favor of HOSTS files I posted here -> http://it.slashdot.org/comments.pl?sid=1743902&cid=33191488 )

So the score is still 11 to nothing in favor of myself vs. yourself troll... lol! "too, Too, TOO EASY" (just TOO easy, as usual)

APK

P.S.=>

"P.S.=> What's wrong with sucking cocks anyway... apk - by Anonymous Coward on Thursday August 05, @09:33AM (#33149194)

Oh, & you're an ESPECIALLY pitiful troll - Especially because of the sucking c**** part of your juvenile comment in your ad hominem attack attempt on myself quoted above whilst you impersonated myself yet again out of your "geek angst" in defeating yourself yet again!

Heh, is your fav. color "transparent or what?

I mean, that's SO obvious you impersonated me here for the 4th or 5th time now, to which even operagost http://it.slashdot.org/comments.pl?sid=1743902&cid=33150504 noted & identified you as a troll from BASH.ORG forums (bm is your name there)...

Lastly, though this news may disappoint you?

SORRY: I am NOT a homosexual, & you're obviously "projecting" your own insecurities here... so go find yourself another "dish" flamer, because I am NOT on "the menu"! ... apk

You only consider 0, not 0.0.0.0 vs. 127.0.0.1

"I'm not sure what about 50% of your rambling there means. The math in my previous comment stands for itself as I'm sure other readers can see." - by psm321 (450181) on Tuesday August 10, @11:29AM (#33204740)

See subject line above, & this explanation (for the 3rd time now) of where I got my 50% avg. from:

----

Using 0, I get a 14mb sized HOSTS file (0 is a valid "blocking address" that resolves to 0.0.0.0 on Windows 2000/XP/Server 2003 & even VISTA prior to 12/09/2008)

Using 0.0.0.0, I get a 18mb sized HOSTS file

Using 127.0.0.1, I get a 27mb sized HOSTS file

----

(Each HOSTS file version in each case above has the same data in each as well, just diff. preceeding blocking addresses prior to each line record item for BLOCKED domainnames/hostsnames entries)

So, when comparing 0.0.0.0 & 127.0.0.1 versions, you get about a 30% size gain!

(I.E.-> You don't get a 92% gain, as you stated... you get a much smaller one (since 0.0.0.0 = 7 bytes, & 127.0.0.1 = 9 bytes))...

However, when comparing 0 based HOSTS files, vs. 127.0.0.1, you do get around 90++ % gains in nearly an entire order of magnitude as you noted.

So, averaging 30% & 90%? 90 + 30 = 120 / 2 (the two diff. block address gains vs. 127.0.0.1)?? You get, as I stated, around 50% on average...

(Actually a WEE BIT better at around 60%, but it's been awhile since I did this calculated avg. and the file does change line records items, in deletes too, and the lines are NOT consistent in length, like 25 bytes long each time etc. (& I am doing deletes this evening in fact as I write this to my HOSTS file)).

Get it?

----

"Making a HOSTS file smaller with 0's is not an abuse of HOSTS. In fact, I never contested your assertion that smaller HOSTS files are quicker to read. Go ahead and tout that as another "win". - by psm321 (450181) on Tuesday August 10, @11:29AM (#33204740)

Thanks - I will (especially since you said so)...

----

"The fact is, HOSTS files were simply not designed for millions of lines (no, I don't have a cite... it's common sense)" - by psm321 (450181) on Tuesday August 10, @11:29AM (#33204740)

Oh, really? No, I knew you would not have a damned thing to back you, which is WHY I asked it of you... I confronted MS' own personnel on this, Foredecker is his name & he posts here in fact (senior mgt. there in fact & he has his CSC degree too), & he had to concede all I have written here as well... I've been thru it, in other words, with folks in this science that are your technical superior (unless you can show me an MS or PHD to YOUR name/credit that is, or an RFC that states contrary data to what I do).

As to common sense?? Yea, ok... see below:

----

"DNS servers were designed for that. You are abusing HOSTS by using it to replace the functionality of a DNS server. Because the OS is not designed for such huge HOSTS files, it will be slower than using DNS as intended (even for example a DNS server running on your local machine to blackhole all those domains for you) - by psm321 (450181) on Tuesday August 10, @11:29AM (#33204740)

#1 ON DNS:

Look up Dan Kaminsky sometime, & see how "reliable" & "attack proof" DNS servers are, ok? Here, take a read, be enlightened -> http://www.google.pl/search?hl=pl&source=hp&q=%22Dan+Kaminsky%22+and+%22DNS%22&btnG=Szukaj+w+Google & I do NOT intend to waste both CPU & RAM + other forms of I/O on a clearly faulty solution, when a HOSTS file does the job & for far less cost!

Also again - prove to us all reading that how I use a HOSTS file for increased speed & security online in a layered fashion is abusing a HOSTs FILE... SOMETHIN

On DNS Servers + Client Cache & more

Your first point? I've known about that since 1999 & Windows 2000!

(Ask the moderator DosFreak at either Arstechnica OR NTCompatible.com (iirc, he mods both))

OR

Some of the "proofs to that effect" below I cite, because me?

I back what I state with verifiable evidences, unlike most others here, yes, even despite the fact I am degreed in the art & science of computing & far more (16++ yrs. of pro experience, commercial code to my credit, & code + ideas that were FINALIST work in MS' Tech Ed 2000 & 2001 consecutively, as well as my appearing for softwares I wrote in reputable publications in computing such as Windows IT Pro Mag 10x or more from 1996-2008).

Here we go:

----

"See here (and other google results if you care) for Microsoft MVPs stating that having a large HOSTS file is a known cause for the DNS Cache service (which handles that file) consuming 100% CPU" - by psm321 (450181) on Tuesday August 10, @11:29AM (#33204740)

#1 ON DNS Client Cache (MS one's faulty as hell):

New NEWS with proof: I am the guy that brought that up to Microsoft, directly, here (as Alexander Peter Kowalski (hence, my "APK" I sign posts with here)):

http://blogs.msdn.com/b/e7/archive/2009/02/25/feedback-and-engineering-windows-7.aspx?CommentPosted=true&PageIndex=3#comments

and earlier here to my other "naysayers" as well in THIS VERY EXCHANGE NO LESS:

http://it.slashdot.org/comments.pl?sid=1743902&cid=33149084

And many MANY times here in posts on HOSTS files too!

So, yes, I am QUITE aware of it, but there is a valid workaround~!

(It's, your local diskcache, since it assumes that task of caching HOSTS file data as it does any other file on disk into its FIFO buffers in RAM in fact, actually NEGATING the need for the faulty design of MS' local DNS clientcache in fact)

VERY IMPORTANT POINT FOR YOU ESPECIALLY : That all said & aside? Well, so you can see, I not only avoid wasting RAM, CPU, & other forms of I/O on a faulty system like DNS servers, but also the faulty DNS clientcache service in Windows too by using HOSTS files!

(DOUBLE BONUS!)

And not only to the head of MS dev teams in S. Sinofsky on the note of HOSTS files and DNS issues (clientside cache to MS only though on DNS), but before that to MS senior mgt. in Foredecker here http://slashdot.org/comments.pl?sid=1467692&cid=30384918 on this very website also before your article in fact, ask him yourself, because he conceded my points there & it is quoted!

(Foredecker also happens to be senior MS mgt. & VP head of "Windows Client Performance Division" because he POSTS HERE in fact - & all my points, & again he HAS his CSC BS? HE agreed with me, albeit not until I had to drag it all out of he on all points I made here as well... ask he yourself!)

#2 ON DNS clientside faulty cache for MS

(Yes, I have tested not only programmatic loads of diff. hosts file setups to verify the math theory, but tests for even when the DNS client cache is turned off, the local diskcache takes over on that account keeping performance high, as it does for ANY file (vs. MS' faulty DNS cache client))

----

"DNS servers were designed for that. You are abusing HOSTS by using it to replace the functionality of a DNS server. Because the OS is not designed for such huge HOSTS files, it will be slower than using DNS as intended (even for example a DNS server running on your local machine to blackhole all those domains for you) - by psm321 (450181) on Tuesday August 10, @11:29AM (#33204740)

#3 ON DNS SERVERS FOR SECURITY AND

Learn to keep your word

"1.) Learn to count... 6!=8" - by Anonymous Coward on Tuesday August 10, @06:40PM

See subject line, and your own words quoted below next on my subject line above, first, ok?

(Try to have some HONOR & stay quit when you said you would, & going off topic and nitpicking others on MINOR crap?? Please troll - is this the "best you've got"? Apparently so!)

I mean, well... after all, YOU ALSO SAID you were leaving first of all, didn't you? See below on THAT account!

(Plus, I didn't make that post above you replied to by the way, either but I do see his point - you're new here relatively speaking. As to MY replies? Hey - I sign mine in case you hadn't noticed & I'm rather "infamous" for it in fact, & the "almighty wannabe registered user 'elite' (lol, yea right: More like "easily tracked for trolling fools") know this largely around here & so do the mods/metamods, for nearly 9 yrs. now running).

HOWEVER, in this case? Well... I am going to help those who supported me in this case & others in this exchange so... here we go!

I have to show you cannot keep your word, off topic as you are now and technically defeated on tech points on HOSTS files too:

http://it.slashdot.org/comments.pl?sid=1743902&cid=33204740

"This will be my last reply to you in this thread. Consider yourself victorious if you so desire." - by psm321 (450181)
on Tuesday August 10, @11:29AM (#33204740) Journal

Thanks, I will... Especially after this was how I closed that from you above -> http://it.slashdot.org/comments.pl?sid=1743902&cid=33210038 where facts, not off topic b.s. nitpicking like you're now forced to resort to, did you in, easily!

----

"2.) This particular comment was meant very seriously in an attempt to help you, and not as an attack a all. Please take it under consideration." - by Anonymous Coward on Tuesday August 10, @06:40PM

Oh, same to you & same here... lol, especially after what I quote NEXT, from YOU, below!

"Dude, get mental help" - by psm321 (450181) on Thursday August 05, @11:12AM (#33150284) Journal

That is not only an obvious attack, it's clearly libeling myself as well (by the way - got a PHD to go with your "prognosis" doctor? No?? I didn't think so. It's also not a diagnosis, because you haven't performed a formal professional diagnosis of myself either... so you like to libel others and that's NOT legal you know, you can get into trouble for it!)...

Well... then, how about THIS one then (which you horribly did a technical "fail" on as well when I replied & tore it apart):

"Now for an attack on you" - by psm321 on Thursday August 05, @11:24AM (#33150474)

No, you don't go & TROLLISHLY ATTACK OTHERS HERE, NOW DO YOU? Naw (sarcasm)... well, your own words above clearly show otherwise now, don't they? Yes, they do! SEE ABOVE...

APK

P.S.=> Anyone reading here's FREE to read this url's data http://it.slashdot.org/comments.pl?sid=1743902&cid=33210038 especially from this very exchange, since it's NOT "off topic" as you've apparently had to resort to (going off topic's a troll's last resort usually in fact I've noted), & cover your rather weak + failed attempts at discrediting me and trolling myself AND OTHERS HERE TOO...

Facts always do your kind RIGHT in, everytime (RIGHT ALONG WITH QUOTES OF YOUR OWN WORDS ANYONE CAN READ THAT CONTRADICT YOUR TYPE'S OUTRIGHT TROLLISH b.s.)! apk

Re:Learn to keep your word

[psm321]

Check the timestamps on the posts for your claim (the actual ones, not the random ones you made up while quoting). And I did apologize for the earlier attack and you claimed to accept my apology. Now you made me _actually_ break my word by replying :(

I am sorry for any offense I have caused you.

You can't keep your word

"Now you made me _actually_ break my word by replying" - by psm321 (450181) on Wednesday August 11, @02:14AM (#33212552)

B.S. - I didn't make YOU do anything, except apologize:

"I am sorry for any offense I have caused you." - by psm321 (450181) on Wednesday August 11, @02:14AM (#33212552)

You ought to be apologizing to those you trolled besides myself, and you caused yourself offense, in that you proved You definitely cannot stick to your guns & keep your word in saying you were done here, that's quite obvious.

Not only that, but you tried to nitpick others and not only myself as well and in doing so, you meandered FAR off topic. I know why though, & it's all RIGHT HERE in my reply to you -> http://it.slashdot.org/comments.pl?sid=1743902&cid=33210038

APK

P.S.=> Especially that URL from this very exchange, since it's NOT "off topic" as you've apparently had to resort to (going off topic's a troll's last resort usually in fact I've noted), & cover your rather weak + failed attempts at discrediting me and trolling myself AND OTHERS HERE TOO... apk