Do Not Track Ineffective and Dangerous, Says Researcher

Seeteufel writes "Nadim Kobeissi, security researcher, describes the Do Not Track standard of the W3C as dangerous. 'In fact, Google's search engine, as well as Microsoft's (Bing), both ignore the Do Not Track header even though both companies helped implement this feature into their web browsers. Yahoo Search also ignored Do Not Track requests. Some websites will politely inform you, however, of the fact that your Do Not Track request has been ignored, and explain that this has been done in order to preserve their advertising revenue. But not all websites, by a long shot, do this.' The revelations come as Congress and European legislators consider to tighten privacy standards amid massive advertiser lobbying. 'Do not track' received strong support from the European Commission."

So, what he's saying is...

Do Not Do Not Track?

Re:So, what he's saying is...

[rudy_wayne]

Google's search engine, as well as Microsoft's (Bing), both ignore the Do Not Track header . . . . . Yahoo Search also ignored Do Not Track requests . . . . . . this has been done in order to preserve their advertising revenue.

File this under: Well, DUH!!!

Legislation

[anthony_greer]

The days of the wild west on the net are gone...If the big boys in the industry cant get their shit together soon, we will get legislation, and that will be bad for everyone!

Just once I wish these companies could see that it is in the best interest of everyone to keep the government out and work together to reach a policy that will be adopted as a general standard without a law mandating it...

Re:Legislation

[jazman_777]

Most big companies see it in their best interest to use the government to crush their competitors, all while the government gives them a free hand.

Re:Legislation

How about we leave the government out of the fucking internet and people can vote with their visits? The fact that these sites are still popular shows that people overwhelmingly don't care about targeted advertisement. (and they shouldn't, as anyone with real intelligence already knows)

Just like with companies off the internet, if you don't want to deal with them, then don't use them! Blacklist facebook, bing, yahoo, etc in your hosts file.

Re:Legislation

It's 2013. Anyone who still thinks "vote with your wallet" works is a fucking idiot.

"Vote with the ballot box" is and will always be the fairest way: one person, one vote.

"Vote with your wallet" is similar but with the number of votes you get weighted by the size of your wallet.

DNT fails because large corporations are a bunch of lying, two-faced bastards. Abandoning DNT is no more sensible than repealing any law or policy "because rich people don't feel like following it".

Regulation works, except when regulatory capture happens. And regulatory capture happens when regulation is weak.

It's time to end Free Market As Religion. The balance that was social democracy represented the pinnacle of human civilisation, and it's time that America moved forwards to pre-Reaganite progress, and Europe to pre-Thatcherite progress.

Re:Legislation

[UltraZelda64]

Advertisers? Big boys? More like little bitches.

Laws or no laws to keep these assholes in line, no one is going to stop me from using Adblock, NoScript, DoNotTrackMe, etc. or similar tools. I don't trust these crooked fucks to even follow the law, so privacy extensions aren't going anywhere.

Re:Legislation

Regulation works, except when regulatory capture happens.

As you can tell by the total absence of email spam now that spamming is illegal.

Oh, wait...

Re:Legislation

"As you can tell by the total absence of murder now that murder is illegal."
"As you can tell by the total absence of rape now that rape is illegal."
"As you can tell by the total absence of theft now that theft is illegal."

See, that sophomoric black-and-white "X is not 100% effective therefore it is 0% effective" argument is shit. And it always will be shit.

As for spam:
1) There would be way more spam if spam were entirely legal;
2) Anyway, spam is very poorly regulated, thanks partly to regulatory capture: i) there are too many exceptions; ii) the deterrents are weak; and iii) enforcement of anti-spam legislation is lackadaisical.

You start chasing down all major spammers with jailtime and a 0% tolerance policy and watch the amount of spam plummet.

Re:Legislation

And, before you ask, regulation of drugs (from alcohol to morphine) is absolutely a good thing, but should not be confused with prohibition on possession of drugs.Prohibition on mere possession is the least effective form of regulation.

As far as I can see, the current anti-drugs laws are the perfect example of regulatory capture, creating the greatest profit for both the drugs lords and the part-privatised "justice" system, all at the expense of the users and those who happen to be in the wrong place at the wrong time.

Re:Legislation

How will that be bad for everyone? Legislation is at least open to read, and you can take it to court. /Worst/ is leaving it to the 'big boys' of an industry to take care of.

Democracy is continuously messy and aggravating, but it's a fuck of a lot better than being sheeple inside corporate dictatorships.

Re:Legislation

There would be way more spam if spam were entirely legal;

[citation needed]

Re:Legislation

Well put! Thank you, especially for the Free Market as Religion part. Been looking for a nice soundbite sort of way to say that.

Re:Legislation

[epyT-R]

Oppression is oppression, whether it's corporatocratic tyranny, or abuse by ivy league lawyers in governments who think what's best for them is best for everyone else...Oh wait, both have basically the same attitude. The real fun begins when each side helps the other out, as is happening more and more these days.

Re:Legislation

[epyT-R]

"Vote with the ballot box" is and will always be the fairest way: one person, one vote.

hahahaha..hah.. ha.... You say wallet-voting fails then defend voting? What planet are you from? Neither works in systems where consensus and feelings matter more than truth and facts. It's hard to manipulate people who stick with the latter two, leaving corporates and government without much power, thus they work to maintain an impulsive, emotional buyer/voter base..

DNT fails because it leaves the fox guarding the henhouse.. The only way to get rid of web tracking is to kill the scriptable browser.

Re:Legislation

"... we will get legislation..." These companies own the Federal and State Legislatures. The big corporations would love legislation. Then they could do what they want.

Re:Legislation

[epyT-R]

Spam isn't much of a problem because of reasonably good technical solutions, not because of law written by ivy league lawyer techno-weenies who think they know what it is they do to/for the rest of us.

Re:Legislation

[epyT-R]

Democracy is continuously messy and aggravating, but it's a fuck of a lot better than being sheeple inside corporate dictatorships.

There's less and less of a difference between corporate dictatorships and the smothering oppression coming from neo-socialists passing themselves off as leaders of 'democratic republics'. Both pass off actions that preserve/grow their power bases as caring for the citizen/customer. This results in the latter having sheeple status. They're both full of shit.

Re:Legislation

citation needed to prove this citation is needed.
did you forget the 90's or something?

Re:Legislation

[Luckyo]

And by "bad for everyone", you mean "bad for companies' bottom line and easy earnings". Consumers benefit. But consumers are rarely if ever part of that "everyone" when used by corporate shills.

Re:Legislation

[Opportunist]

The big boys in the industry ARE getting their shit together. That is exactly WHY we get legislation.

What did you expect, invention? Lobbying is where you spend your money these days as a company, not innovation. It's not the better product that makes the race, it's the better lobbying.

Re:Legislation

[Opportunist]

And now try to convince some government in a country the name of which ends in -stan that prosecuting spammers is a worthwhile endeavour. Hint: It's likely a big part of their GDP.

Please lemme be there, I promise I try not to laugh. Can't promise I won't laugh, but I'll try.

Another hint: Spam doesn't give a fuck about your local laws, and neither does it care for petty things like national borders.

Re:Legislation

[Opportunist]

Last time I checked "Vote with the wallet" worked for the ballot box just fine. Of course, provided your wallet is big enough to buy the right politicians.

Re:Legislation

[Opportunist]

I guess you're right. Maybe I should move.

Do you know a country that's not ruled by corporate dictatorships but by that "democracy" you talk about?

Re:Legislation

[davydagger]

"You say wallet-voting fails then defend voting?"
I do.

one is democracy, the other is essentially rule by those with enough money to vote.

Re:Legislation

[thegarbz]

The days of the wild west on the net are gone...

No they've just been pushed outside the view of the popular perception of the internet.

The wild west is still there and if the pirate sites rising and falling, or the sharing sites being brought up under the same name as they were previously despite actual current ongoing legal battles are any indication we're a long way from any kind of enforcement by governments or corporations.

Re:Legislation

[sgunhouse]

"DNT fails because it leaves the fox guarding the henhouse.. The only way to get rid of web tracking is to kill the scriptable browser."
Scriptable browsers are what makes most ad-blocking features work - and all online "apps", like Gmail etc. Advertisers would love it if you killed scriptable browsers, but online services would hate it. Kill cookies (other than session cookies), sure, but not scripting.

Re:Legislation

[Omestes]

(and they shouldn't, as anyone with real intelligence already knows)

Adblock. I love it. If illegal, I'll still use it.

That said, your cheap way of trying to be an authority via implied ad hominem is rather silly. I am intelligent, and I fucking hate ads. I think ads are pretty much absolute scum, and rather insulting (as a person of real intelligence I don't think anyone could find them otherwise).

But then again, you have a small point, since thanks to ads I no longer watch TV, or go to sports. The few magazines I read are completely ad free (they cost more, but who cares?). Sadly, I have "real intelligence" when a large enough to be profitable portion of the words population don't. Sadly these are only the ads I can avoid, sometimes I wish people would go Edward Abbey on billboards, and destroy them all. I have no choice about them, and receive no benefit from them.

As for internet ads, I don't give a shit. I'm not here to make you money. And if you can't produce content worth my time or money, then you deserve to die. No loss to me, I've got books, hobbies, and friends. I'm only looking out for me, which any rational person would do. If your service can't service, then surely it didn't deserve to. Not my problem.

Re:Legislation

[Hentes]

Tragedy of the commons. While many companies aren't playing fair when tracking their costumers, it's unrealistic to expect them to abandon that profit. I would say that the real blame lies with the W3C who have been completely ignoring all security concerns during standard design. If we want to make a safer web, we should make a safer web standard instead of handing control to the lawyers.

Re:Legislation

The ideal is competitive free market, both adjectives are critical parts of the ideal, so don't leave them out.

The market we do have has been increasingnly non-compettive and increasingly non-free for decades.
Name any field you can mention: competition is diminishing as one or a couple of multinationals kill of everyone else.

Regulatory capture, and regulation in general has also increased dramatically. As a consequence barriers to entry in a lot of fields are getting higher (there are now 8000+ professions in the US that require government licencing in at least some jurisdictions in the IS, hairdressing and interior design are just 2 of the more idiotic examples)

In other words, I'd actually love more of a 'competitive free market' as a religion, we might see actual pushback against increasingly few big multinationals owning everything directly or indirectly.

Re:Legislation

[hairyfeet]

I hate to break the news to ya sparky but in case you ain't kept up on current events the courts ruled "money equals speech" so your ballot box is worth jack and squat.

You honestly think the best candidates anybody could come up with were Obama and Romney? Even though I don't believe in libertarianism you might want to look up "Jon Stewart Ron Paul" to see how badly the media is rigged, they treated Paul as "he who shall not be named" and the video ends with a reporter talking to an anchor and the reporter says "Here we are talking about Palin and Christie, who aren't even running, and not saying anything about paul who is doing good in the polls here" and the anchor gets a douchebag smirk and says "if you get any footage of Christie or Ppalin send it in, you can keep the Paul stuff"

And THAT, that right there, is why your vote isn't worth used toilet paper. the media chooses which two shills you get, its coke in a can VS Coke in a bottle, because only pre-bought shills need apply. if you think voting would ever do anything ask yourself these questions: How many protested against the wars? How many sat out there in the cold during occupy? Think those people don't vote? of course they do but when your choice is Coke in a can VS in a bottle it don't really matter who you choose, its just different corporate masters. Obama is owned by the media cartels and his VP is the biggest media shill in DC, Romney was owned by Wall Street, 6 of one, half dozen of the other, either way you are fucked.

Re:Legislation

[Bing+Tsher+E]

You can't cite Jon Stewart as an example of journalism. He is the 'left' equivalent of Rush Limbaugh. When backed into a corner, either man will claim they are 'only an entertainer.'

Re:Legislation

[AmiMoJo]

I'm really, really glad that we are in the EU. Corporations don't rule us like they rule the US. Look at how much of a stink the "right to be forgotten" has caused.

People say the EU is undemocratic, but it seems to act in the interests of its citizens far more than out national parliament.

Re:Legislation

[GameboyRMH]

You bet, just as easily as they forgot pre-New-Deal America.

Re:Legislation

Isn't this the exact time of thinking that gave us the laws which were used against Arron Swartz?

"All we need is to craft some more regulations and then our holy elected officials will judiciously use them in the name of Good!"

Re:Legislation

Are you retarded?

Re:Legislation

[Gibgezr]

Jon Stewart is a comedian. It is a comedy routine. The Daily Show is aired on "Comedy Central".

WTF? How did this guy get modded "+4 Informative" for an insane diatribe like this?

Re:Legislation

[sudon't]

First of all - what hairyfeet said.

Second of all - the weird thing is that we have a comedian doing a better job of journalism than the so-called journalists. To equate John Stewart with Rush Limbaugh is simply absurd.

But the fact remains that you have to take control of your own privacy, as best you can. I use apps like Ghostery, AdBlock, and Cookies with my browser (Safari) to block tracking, ads, and for automatic cookie blocking and removal. Cookies removes most types of cookie, including Flash cookies and databases. And all of that on top of Privoxy.

If I want a little more privacy, I fire up the Tor Browser. Anyone relying on a Do Not Track header is out of their minds. It does nothing, my friends.

Re:Legislation

[Cajun+Hell]

It's 2013. Anyone who still thinks "vote with your wallet" works is a fucking idiot.

Not only do I think it works in many situations, I see that it has a good track record, confirmed again and again to be devastatingly effective strategy for dealing with many different kinds of shit. I'm talking about the exact opposite of Free Market As Religion. I have evidence, and it's repeatable so that you can recreate it whenever you want to.

For example, there was a computer company that sold a truly piece-of-shit music player. It couldn't play Vorbis many years after the codec was stabilized, and it required very strange (and hard-to-use) proprietary software (which was ported to very few platforms) in order to "sync" music to it, instead of just letting people mount it and copy to it. (You would never guess this anachronistic garbage came out in the 21st century, but it did.)

I looked at it and did what any rational person would do: I voted against it with my wallet.

The polls closed, the results being 1 vote for anything-but-iPod, and 0 votes for iPod.

Ah, but what were the results of the voting? Are election results enforced? Does voting work? Turns out it did. Even after all these years, I still don't have an iPod, and therefore I'm also not required to have iTunes. I don't think I have ever seen anything so effective and decisive; it's right up there with saying no to drugs and declining the Scientology cult's invitation to get a free personality test.

Another example: I walked by a restaurant which smelled like shit. I voted against it. Result: I ended up not eating amidst the smell of shit.

This is what voting with your wallet is all about. I don't fucking care that you think I "lost" my iPod election due to the fact that some people still have them, and that the company who made it, is still around. *I* still avoided it.

The great power of voting with one's wallet, is that the election outcomes are subjective. You and I can vote different ways, be absolutely opposites and yet somehow, BOTH OF US CAN WIN, and by a crushing landslide, too. It's awesome.

Voting with your wallet means that if you think "Tracking" (whatever the fuck that really means) is sufficiently bad for you, that you care a lot that it doesn't happen, then you need to stop talking to servers who don't say they comply with the request. If you do this (instead of abstaining from doing it, and then complaining that you didn't get what you want, because you're a whiny bitch) then you mostly win. All that leaves is the possibility of fraud. Go ahead and sic government on fraud; you'll have my full support on that, and I won't claim voting-with-wallets happens to work on that problem.

It's 2013. Anyone who hasn't seen the overwhelming success of voting with their wallet, probably never votes. It's a game anyone can play, even the poor, where even the poorest win. The power of the wallet isn't in how much money it contains, it's in the decisions of when to open the wallet and when to leave it closed. Vote today!

Re:Legislation

I can vote out a government, I have zero control over corporations who opt me in or track me against my wishes, and they will never "get their shit together" because their shit involves using me as their product.

The government is only a problem if you don't participate and allow corporations and ideologues to run your government for you.

Re:Legislation

[allo]

you're implying, there would be more murder, if it were legal.
No, it would not. But it needs to be illegal, so you can (legally) punish the murderer. You cannot do this, while its still legal.

Re:Legislation

And yet, in spite of being nothing more than a comedian, Jon Stewart somehow manages to deliver higher quality news than most media outlets does. This is how he got modded so highly.

Re:Legislation

The days of the wild west on the net are gone...If the big boys in the industry cant get their shit together soon, we will get legislation, and that will be bad for everyone!

Just once I wish these companies could see that it is in the best interest of everyone to keep the government out and work together to reach a policy that will be adopted as a general standard without a law mandating it...

Why is this Insightful, exactly? The solution is not regulation OR standards. The solution is to stop leaking data from your client instead of saying "But I told them not to pay attention to it!" Which is the point of the article.

Good job wasting your mod points, idiots.

Re:Legislation

"You say wallet-voting fails then defend voting?"
I do.
one is democracy, the other is essentially rule by those with enough money to vote.

Or you could just stop handing out your information and then expecting them to ignore it. Which renders your little tirade moot as you won't need either regulation or standards and won't have to vote with anything. Which is the point of the article- the entire idea of DNT is fucking stupid from the start, it's like hanging a key to your front door on your mailbox with a sign that reads "Do Not Use" and expecting it to deter would-be thieves.

Re:Legislation

Comedy can be truthful and funny.

I don't watch The Daily Show, I don't like Jon Stewart, but that bit on Big Media vs Ron Paul is spot-on.

And besides, who else would report the observation? You'd get fired or assassinated at Fox News for spouting something off-script like that.

Re:Legislation

[hairyfeet]

Did I SAY he was in any way a journalist? he simply compiled how obviously rigged the media was, which again go watch the video, judge for yourself. it is so fucking bad that in several cases they name who got first, second AND FOURTH while never saying third place even exists...wanna know who came in third? Fuck you he's not a pre-bought shill. And remember we are talking about RON PAUL here which Stewart made clear he did NOT support nor believes in any way with any part of the libertarian agenda, he just thought it was sorry the primary was so obviously rigged.

You simply can't change a corrupt system by working within that system, why? Well the answer is self evident, its because its a corrupted system! And that is EXACTLY what we have, a handful of major corps own what more than 70% of Americans will EVER hear, read, or see, and those same corps own multiple companies that make insane amounts of money off the current system. do you HONESTLY think they are gonna let ANYBODY that could be a threat to that be heard?

You might as well go park your ass in that "free speech zone" 4 miles away from the cameras with your little sign for how much your voice will be heard in this country, voting is the biggest waste of time and will never change shit.

Re:Legislation

[RockDoctor]

If the big boys in the industry cant get their shit together soon, we will get legislation, and that will be

... ignored by organisations based outside whichever jurisdiction has passed the laws you're talking about. So, companies will re-structure themselves.

Countries that think that they're the only country in the world are in for a nasty shock, as multi-national corporations learn to "route around" the "damage" that legislation and taxes represent.

Re:Legislation

Great comments. I see so many people argue the free market point back and forth, with both side only half right. Yes, repealing regulation will turn back time to Robber baron style capitalism, but regulation is only beneficial to well established corporations. The root is the idea that any smuck has the right to do business and form a corporation to avoid liability. Do away with limited liability and yes the market will regulate itself.

meanwhile...

Many of us here have been saying DNT is a bad idea since it first appeared (and often, on slashdot, we've been downmodded for it). The right way to do this is NOT to depend on the good will of the remote side. Even you passed laws that demand compliance, the data collection will just move out of the jurisdiction of those laws, and anyway, the companies involved will buy themselves exceptions and find creative loopholes. You can't win, that way.

You CAN avoid giving them much data in the first place. You don't have to load their web bugs, their trackers, accept their cookies, or flash objects, and you can obscure your user agent string, and if you're really paranoid, even your IP address. Don't give them the data, and they can't track you with it, or at least, can't tie it to any real world identity.

And it goes without saying, don't use bloody Facebook.

Re:meanwhile...

Someone will say, "I shouldn't have to do that!", and they're right, they shouldn't. But the simple reality is that you do have to do all that, and some others in that ilk (only whitelist javascripts you trust). It's your computer which loads those trackers. You are free to tell it not to do that, but don't fool yourself into thinking businesses built around tracking your every move will ever have your best interests at heart.

Re:meanwhile...

[mister_playboy]

So what's the problem with blocking all the garbage with the many tools we have and also having a DNT flag on top as a clear statement that the fact my browser didn't load any of the tracking crap was entirely intentional?

Re:meanwhile...

None, I guess. You just can't depend on DNT doing jack by itself.

Re:meanwhile...

[Luckyo]

This would actually not work too well in this case. Sure, you yourself can move out of jurisdiction, but where does your advertisement revenue comes from? Most likely vast majority of it comes from EU companies or companies with legal presence in EU..

So let us imagine that getting dinged by this legislation bans EU based advertisers from selling advertisements to you under penalty of significant fine if caught. Suddenly all large advertisers face a clear cut choice: continue ignoring the law and lose vast majority of targeted local clients or honor the law and gain them.

I suspect that losses for ignoring would demolish profits far more then obeying but gaining all the local clients. Some things like gambling sites and porn could probably ignore this, but most of the major advertising networks mostly sell ads for local companies.

Re:meanwhile...

[grcumb]

Many of us here have been saying DNT is a bad idea since it first appeared (and often, on slashdot, we've been downmodded for it). The right way to do this is NOT to depend on the good will of the remote side....

What do you mean by 'us', Kemo Sabe?

Okay, seriously: It's almost axiomatic in programming that you never trust your inputs, and you never assume that just because the external party (be it a function, another object, or a completely separate system) says it's going to X, that X will actually happen. So I'm good with the principle so far....

You CAN avoid giving them much data in the first place. You don't have to load their web bugs, their trackers, accept their cookies, or flash objects, and you can obscure your user agent string, and if you're really paranoid, even your IP address.

That's all well and good, but sometimes part of protecting yourself consists of telling someone else to stop doing what they're doing. Instead of just avoiding a particular street because of its dangers, why not roll a cruiser through from time to time and maybe make it clear that certain kinds of behaviour are Not Cool? That won't necessarily make the street safe, but it might serve to make it safer.

It is unfortunate that Do Not Track seems more like politely asking the school bully, 'Please stop taking my lunch money.' But sometimes it's a matter of getting the rule first, and adding teeth to it after the fact. All of this is, however, predicated on making it clear that wanton, indiscriminate data collection is decidedly Not Cool.

It's a first step. A pretty feeble first step, as the story makes clear. But it's a necessary one.

And it goes without saying, don't use bloody Facebook.

For a great many people, that's practically impossible. My employer operates a page where I share administrative duties, but you have to have a personal account in order to be granted admin access. Yes, I know that I'm not compelled to put anything personally incriminating there; I'm just saying that there are social and economic pressures that exist which sometimes make 'bloody Facebook' unavoidable.

Re:meanwhile...

[IndustrialComplex]

The question is, HOW does someone go about doing that without their wife/parents getting annoyed when their school/office website chokes due to a blocked script. My general course of action is to install noscript and adblock, but the fine tuning involved makes the whole thing a hassle.

For me, it's not hard to slowly add/deny portions of sites since I'm marginally familiar with how the web works, but I'm at a loss as to how to make it transparent for the SO.

Re:meanwhile...

[Cajun+Hell]

It is unfortunate that Do Not Track seems more like politely asking the school bully, 'Please stop taking my lunch money.'

It is indeed unfortunate that people see it in such an unrealistic way. School bullies initiate action; they come to you, telling you to give them your lunch money. And if you refuse, then they do something bad to hurt you.

Web tracking is where you make the decision to talk to someone else, and they decide to remember the conversation happened (and a lot of other details, like where the two of you were when you started talking, who you are and what history you have with each other, etc). That can be good, totally unimportant, vaguely creepy, or bad.

DNT is where you start a conversation, and the first words out of your mouth are "after this conversion, please forget that it happened."

People are suggesting that the word "please" doesn't belong in that sentence, and that we ought to be pointing a gun at someone's face when we make that demand. Maybe there really is a bully in this story, after all.

I find this all so distasteful, becuse you don't need to point a gun at them, to effectively deny them the knowledge. The simplest answer is to not walk up to them, striking up conversations. This is extremely effective (pretty much a sure-fire strategy which can't lose) and easy, too.

There's another approach, assuming the above one isn't good enough. It's harder (especially to do well, and it's hard to know whether or not you've done it right) but possible to wear a mask, so they are talking to a different pseudonymous person every time someone walks up to them. This doesn't completely deny them the knowledge of the conversation, but makes it so that can't reliably infer connections wityh previous conversions with you. Some people might say this is deception and dishonest, a type of fraud, but compared to pointing guns at peoples' faces, I think it's relatively benign.

Either way, your worst case scenario, compared to a bully doing bad things to you, is that the perosn you walk up to, might decide to not talk to you. If the Silent Treatment is comparable to being bullied, then I guess you were entitled to the conversation. Were you?

And it goes without saying, don't use bloody Facebook.

For a great many people, that's practically impossible. My employer operates a page where I share administrative duties, but you have to have a personal account in order to be granted admin access. Yes, I know that I'm not compelled to put anything personally incriminating there; I'm just saying that there are social and economic pressures that exist which sometimes make 'bloody Facebook' unavoidable.

Now we get to the true heart of the matter. It's analogous to someone voting for Republicrats in spite of hating them. Or voting with your wallet for the iPod, even though you don't like it, "everyone else has one and I want to fit in." You know that the action is self-defeating and against your interests, but at some level, you obtain some short-term gain (or avoid a short-term loss) by hurting yourself.

I advocate that people look at it like that, and acknowledge what's really happening. Say it out loud, "I am doing this self-harming thing, for a short-term slightly mitigating payment." If you're not angry, then you're not thinking.

Now, when you go crying to the government, remember what actually happened, the whole picture. Are you sure the problem is really inside Facebook's computer, and that it isn't, say, your relationship with your employer?

Or could the problem even be with your own expectations? Most people aren't admins for their employers' facebook page. You are. So am I. Most of the people in my office, though, aren't. As strange as it sounds, you sort of chose a "

Poisoning the well

[morcego]

For a long time, advertisement didn't bother me. I refused to use ad blocking addons, and considered ads just part of a trade. Sites give me content, I look at the ads.

Then came pop-ups. Pop-unders. Flash adds. Ads with music. Ads that would make my cockatiel go into convulsion, and start to drool and chase the neighbor's cat. And I have to tell you, my neighbor really loves her cat. And being chased by a drooling cockatiel will really humiliate a cat, and all dogs will start making fun of it. Not an idea situation.

So, back to the issue at hand. What MOST sites did was poison the well: no one can drink front it. It got so bad that I eventually had to start using ad blocking addons.

Now people want to implement VOLUNTARY sensitive advertisement and privacy practices. Obviously, they are trying to convince people we no longer need our ad blocking addons. By saying they will do something that is exactly the opposite of what they have done so far, ostensibly.

Sure, some sites will do the would Do Not Track dance. But those are the same sites that already respect our privacy and my neighbor's cat. Exactly the ones that don't need it.

The ones that need it the most, will just ignore it.

Fun, isn't it?

Fuck Do No Track. I will keep my Javascript and Ad blocking addons.

Re:Poisoning the well

[bmo]

Then came pop-ups. Pop-unders. Flash adds. Ads with music. Ads that would make my cockatiel go into convulsion, and start to drool and chase the neighbor's cat. And I have to tell you, my neighbor really loves her cat. And being chased by a drooling cockatiel will really humiliate a cat, and all dogs will start making fun of it. Not an idea situation.

What you left out of that extensive list was malware served up through ad networks. It's not enough to go to "trusted sites" but you have to trust their ad servers too. On one site I still frequent, there was an ad serving up malware for an exploit in Windows. They have since clamped down on who their ad server is, but after that people installed adblock plus as a security measure.

--
BMO

Re:Poisoning the well

Pointless to make your sig the same as your username.

Why haven't you seen this by now?

Re:Poisoning the well

[mister_playboy]

My filesystem is case-sensitive, you insensitive clod.

Re:Poisoning the well

You might want to think a bit more about the meaning of the word signature.

Re:Poisoning the well

I'm sorry to hear your connection is so poor, that you have to complain about downloading an additional 3 bytes.

Re:Poisoning the well

I agree but I still check the "do not track" checkbox.... maybe one day I will be in a class action lawsuit and get $1... hahaha

Re:Poisoning the well

Obviously some people don't mind being pointless.

Re:Poisoning the well

[VortexCortex]

Then came pop-ups. Pop-unders. Flash adds. Ads with music. Ads that would make my cockatiel go into convulsion, and start to drool and chase the neighbor's cat.
...
Fuck Do No Track. I will keep my Javascript and Ad blocking addons.

FYI: You're a fool, but not for the reason you think. DNT:1 isn't going to stop any of that crap you're railing against. DNT:1 doesn't prevent you from using an ad-blocker. The Do Not Track header is a key piece of technology that legislation can be built around to limit the unwanted aggregation of data that even your precious Ad blocking addons are leaking by your mere visiting of the page. Hell run WireShark with ABP enabled and watch it leak like a damned sieve. Fucking moron. Protip: Try to actually understand what the fuck something is before you write it off like some stupid monkey tossing a bowl of banana slices out of the cage because there's nothing to peel.

Re:Poisoning the well

There are plenty of sites I WANT to support and I'm not completely against ads, but rather the implementation, so I have developed fairly simple rules. The first time I see

-Popup
-Large flashing thing with obscene colours
-Scam ad

, I will edit site preferences, selectively enable ad-blocking and disable plugins and javascript. Have fun not getting revenue from me ever again.

Re:Poisoning the well

[L4t3r4lu5]

Came here to post this. You're already at +5, so I'll say that I agree instead.

Do Not Track was the only current way in which advertisers would have me stop black-holing their networks at the border. As it is, I guess I'll just keep it as it is. More fool you, advertising networks. I'll just be sure to let the sites which ignore Do Not Track know that I'm blocking advertisements on their site.

Re:Poisoning the well

It's not even a proper signature, the idiot actually pastes it into each and every one of his posts. Sigs are normally not shown when you browse slashdot without logging in.

Re:Poisoning the well

The DNT solution doesn't work, because it doesn't represent the user's choice and is indiscriminate. It should be abandoned or replaced with something better.

When it comes to adhering to it: the standard for DNT promotes servers to reply with the proper DNT value to indicate whether they honored the browser's DNT bit (or not). In my opinion the web browser should do something with that. For example show a privacy warning sign if the user does not want to be tracked but the server did not indicate it honored that privacy wish.

Re:Poisoning the well

[allo]

a good reason to sign the post manually

Re:Poisoning the well

[allo]

you do not support sites by allowing ads, without buying the products.
A ad costs the advertiser money: money for the space at the homepage (the money you want the homepage owner to have) and hosting cost (traffic, server rent). If the advertiser shows you the ad, its costly for him. If you buy something, its profitable. But if you do not buy something, the sum is negative, so he will lower the pay for the homepage owner in the long run. So only unblock ads, if you plan buying stuff from them.
Most intelligent people do not buy because of ads, so its pointless to unblock them.

Re:Poisoning the well

Most intelligent people do not buy because of ads, so its pointless to unblock them.

citation needed

Most advertisers are still stuck in the 1970's.

[Andy+Prough]

They still act like there are just 3 network TV stations, and that if they write a witty line in an ad, 50 million people will see it and go buy their crap. Like "Think Mink", or "Got Milk?". They still think they can bombard the public's eyeballs with ads and force us to robotically buy whatever they are selling. "Do Not Track" isn't even a speed-bump for these geniuses.

Re:Most advertisers are still stuck in the 1970's.

[anthony_greer]

I don't know about the tag line thing for the examples you give: Milk is a staple, been around long before modern advertising...and Think Mink? I never heard of it and cant really tell what they want me to buy with a quick google search for that term...

Re:Most advertisers are still stuck in the 1970's.

[alvinrod]

It still works on some level though, otherwise they wouldn't bother doing it. Same reason there's still loads of spam. You don't need 50 million people to buy what you're selling. Just over the cost is fine, and anything beyond that is gravy. The market is relatively free, so it's going to tend towards equilibrium. So baring any external forces (e.g. government regulations) or some other massive change in the market, advertising isn't going to go away. At least there're things like ad block on the internet. Prior to DVRs there wasn't a good way to get around advertising on TV or the radio. Even if you left the room while it was on, it still ate into the program schedule. Even if you don't block ads on the web, they're by and large less obtrusive than what we had before.

Re:Most advertisers are still stuck in the 1970's.

Prior to DVRs there wasn't a good way to get around advertising on TV or the radio.

Of course there was. It was called a VCR. Not only could you skip commercials by fast forwarding, but when you bought a movie you could also fast forward past trailers and those stupid piracy warnings.

Before the VCR? We liked commercials! It gave us a chance to pee and get another beer.

Not a technical solution

The poster asserts that DNT is a (not very good) technical solution to a technical problem, and proposes other technical solutions.

The problem is that DNT is neither a technical solution, nor is it trying to solve a technical problem.

DNT is the first step in a legal solution to a social problem.

You may argue whether legal or technical solutions (or both, or neither) are more effective against this social problem. However, put DNT into the right bucket first!

Re:Not a technical solution

[shentino]

Wrong.

Tracking is not a technical problem in the first place. It's an economic and social problem where people choose to track visitors on purpose for the sake of advertising revenue.

It's not a technical problem because it's working exactly as intended.

Killer 'Do Not Track' App?

[blitzkrieg3]

I seem to remember the imputus for this stupid technology was that a Mozilla researcher was about to make available some technology that either blocked tracking cookies or made them relatively anonymous, but then Google and others stepped in and stopped it, and came up with this easily ignorable solution instead. Has anyone else heard of this or am I making it up? Since the story first broke I haven't been able to find any references to it.

Re:Killer 'Do Not Track' App?

This? https://wiki.mozilla.org/Security/Anonymous_Browsing

Re:Killer 'Do Not Track' App?

[alostpacket]

Interesting, but I am pretty sure DNT was Mozilla's Idea. And frankly, it always seemed like a waste of time. Given all the ways that one can be tracked though, a technical solution seems difficult as well.

- Cookies
- JavaScript
- tracking pixels
- HTML local DBs
- Flash objects
- fonts
- screen size/colors
- plugin config/versions
- User agent
- IP address
- and now.... "DNT" toggle...

It almost seems as the only way to keep from being tracked is via the TOR browser incognito mode in a freshly wiped VM or something. I honestly wonder if the 'net need to move more towards mesh/tor/ad-hoc networking. Basically if the "darknet" should be the "mainnet".

Anyways, some info:

EFF tool to see how well you can be tracked (fingerprinted)
https://panopticlick.eff.org/index.php?action=log

NAI (Network Advertising Initiative)
Tracking opt out of 99 of some of the largest ad networks, including Google and MS (but guess who isn't there?)
http://www.networkadvertising.org/choices/

Apple iAd opt out
http://support.apple.com/kb/HT4228

Re:Killer 'Do Not Track' App?

NAI (Network Advertising Initiative)
Tracking opt out of 99 of some of the largest ad networks, including Google and MS (but guess who isn't there?)
http://www.networkadvertising.org/choices/

Sure - the first thing this NAI website does is set a cookie, then it won't work (whatever it does) without javascript enabled. What's wrong with this picture?

Re:Killer 'Do Not Track' App?

[fahrbot-bot]

I seem to remember the impetus for this stupid technology was that a Mozilla researcher was about to make available some technology that either blocked tracking cookies or made them relatively anonymous, but then Google and others stepped in and stopped it, and came up with this easily ignorable solution instead. Has anyone else heard of this or am I making it up?

Interesting, but I am pretty sure DNT was Mozilla's Idea.

Hmm... From Mozilla Foundation:

The Mozilla Foundation was founded by the Netscape-affiliated Mozilla Organization, and is funded almost exclusively by Google Inc.

Re:Killer 'Do Not Track' App?

[alostpacket]

It sets a cookie with an ID of 0 (or -1, or the like) -- As far as I understand it this is the only way they can "know" not to track you.

"Good will"

[stafil]

Anything that leaves your privacy on the "good will" of the companies is inefficient to protect my privacy.

If I do want to protect it, I'll use tools like Ghostery and DNT+ where I can choose *myself* what info I send, and not rely on them honoring the DNT.

I know I will be flagged "flame" but honestly the DNT looks a lot like the "evil bit" to me.

Re:"Good will"

What you say is exactly right, but it depends on people giving a shit about their own privacy, which 98% of the population doesn't (or they wouldn't be using facebook and google and whatever else), so it's a doomed approach.

It's a little bewildering. Ever since the Eternal September netizens have been acting in a way perfectly consistent with supporting such tracking. Then, the tracking happens, and people act all surprised and indignant. Go figure.

Re:"Good will"

[Legion303]

"Anything that leaves your privacy on the 'good will' of the companies is inefficient to protect my privacy.

If I do want to protect it, I'll use tools like Ghostery [snip]"

So you're relying on the "good will" of a company that provides marketing data to the DMA? That seems kind of odd given your stated position on privacy.

Re:"Good will"

[AmiMoJo]

DNT was never designed to be a replacement for ad blocking, Ghostery and the like. It was to create a way of applying pressure to advertisers, via laws enforcing it if necessary, without creating an undue burden on the user.

Instead of clicking "opt out of tracking" on every web site and every ad the user ticks one box in the browser. Self respecting companies with a reputation will hopefully honour it. It's like the telephone preference list / do not call list.

Re:"Good will"

[stafil]

Completely agree. I didn't compare DNT to the tools. I compared it to the "evil bit". I think as you mention the "do not call list" is better analogy.

Re:"Good will"

[stafil]

Man good point. I was not aware of that. Thanks for bringing it up!

evil bit

[shentino]

Next up, being unarmed and begging pretty please shown not to prevent robberies.

This is just like the evil bit. Anything requiring cooperation from assholes is doomed to failure.

Re:evil bit

Next up, being unarmed and begging pretty please shown not to prevent robberies.

With a follow-up on that immediately afterwards, showing that drawing first kills innocent people and drawing last gets you killed.

Google, MS etc. do not ignore DNT

[ark1]

They use it as yet another indicator of your personality to better target ads.

Re:Google, MS etc. do not ignore DNT

[allo]

[citation needed]

Use Ghostery

[Sarusa]

Relying on the people who want to track you to honor your "Please don't" request is just guaranteeing disappointment.

Now there are plenty of ways you can clamp down on the tracking and cross-site leakage, from NoScript to RefControl, but the single easiest cross-browser cross-platform way to do it is Ghostery: https://www.ghostery.com/

Most importantly, unlike the other methods (NoScript in particular) it only very rarely breaks a page. So it's just set up and forget.

I'm sure it's not as effective as some other tactics, but the 'works on everything' and 'just works' is really key to just using it all the time everywhere.

Re:Use Ghostery

Except Ghostery tracks you. NoScript does not.

Also, they stack. You're not limited to a single plugin to block this crap. They don't fight for control like AV software does. Line up a series of privacy plugins and they'll cover each others' loopholes.

Personally, I run Adblock Plus (with the sell-out option turned off), NoScript, FlashBlock (since click-to-play is just now finally becoming mainstream), and Ghostery (with GhostRank turned off). I also keep especially egregious offenders in the hosts file, including the ones in ABP's sell-out option and all of the GhostRank crap, just in case those making the plugins decide to refuse to honor those configuration options. They'll say it's for "the greater good" or some crap, then you're up the proverbial creek without a hosts file.

Hah! The captcha is "stealer". No, no I'm not. Fuck off, ad networks.

What's the point?

I don't even understand the point of the "Do not track" feature in web browsers if the websites you visit can forcibly ignore it. Isn't that the whole point of it being there anyway?

Here's a question to the /. crowd; has anyone made an application/program/extension that forcibly makes websites not track you? Has anyone used one? And if so do websites prevent you from viewing their content when it's on?

-And to the point about advertising:
1) Almost zero ads shown to me, apply to me.
2) Didn't someone just post on here that malware is prevalent in legitimate ads? I've know this for a while and so I never click ads ever.
3) There are plenty of extensions that specifically block only ads, and lots of people use them.
So stating that they ignore the do not follow for ad purposes seems moot.

-Anonymous Coward because I'm too lazy to do a "I forgot my password" on /.

No kidding

[Sycraft-fu]

Advertisers need to STFU as they are the reason all this happened. Most people really don't mind non-invasive ads that much. They'll let them happen and likely not even complain. However the advertisers seem to think that more obnoxious, more invasive, etc is the way to get attention. Eventually, it pushes people over the edge and they will block it.

Happened to me. I was fine with ads, I understand the need. However I really hated popups. No problem, popup blocker. Then game the fucking flash ads, ok fine so a flash blocker with click to pay for the stuff I want. Then, HTML 5 ads that take over a page. Ok, fuck you, all ads are blocked, I've had enough.

Happens with more people I know too. They'll ask me if there's a way to deal with it and I'll point them to Adblock.

Advertisers really need to understand that if you don't want your market to go away, you have to stop being dicks about it. Keep the ads low key and not fraudulent, and people will probably be ok with it by and large. Some won't, but most won't mind, at least not enough to do something. However the more invasive you are, the more people will block it out.

Re:No kidding

How much are you willing to pay to view your favorite sites?

Unfortunately, the reality is that running websites costs money, and people do not want to pay to access them. You pay to access them by viewing advertising. When you block ads, you are effectively stealing from the sites you visit. If you were shopping for cars and the seller was asking too much for one you really liked, you wouldn't steal it. You would buy a different one. If you don't like how the sites you visit advertise, go to different ones. If you insist on using those sites, deal with it.

Re:No kidding

[NitWit005]

What most advertisers do is irrelevant. They can't force everyone else to play fair. All you need to ruin everything is one advertiser who serves up millions of horrible pop ups, autoplay video and viruses. Everyone will be forced to use adblock because of the one jerk.

Re:No kidding

Wrong.
If it wasn't already paid for all you'd get is a huge "Server Not Found."
I pay for my bandwidth every month, it is up to the servers to pay for their bandwidth as well.
It is not my responsibility to pay for you to host ads and make money. And if its a commercial site you are hosting, you really have no business passing the cost of that to the consumers through ads or any other means. That's like those retarded catalogs you have to pay for the privilege of seeing that they have nothing of interest.
Nothing goes online unless it has been paid for already or there is a shared way to host it, in which case it's still fucking paid for already.

Re:No kidding

[Mandrel]

Advertisers really need to understand that if you don't want your market to go away, you have to stop being dicks about it. Keep the ads low key and not fraudulent, and people will probably be ok with it by and large.

Making ads low-key only really works for sites where the ads are almost as compelling as the content — sites like search engines and content farms. Sites with top-quality content have a greater need for intrusive ads to pull people's attention away from that content. So I don't think the promotion of non-intrusive advertising is a solution to funding the media.

Re:No kidding

[Omestes]

And if they aren't worth my money... I don't care. I don't need your content. Mostly I don't care about it, it is a distraction, nothing more. Perhaps a pleasurable one, but no more pleasurable than my hobbies, books, or friends. Something will fill the gap, we lived for hundred of thousands of years without your blog, and we can live a couple hundred thousand more without it again.

  Adapt or die. And the second you try to exploit me, is the second where I shop giving a shit about exploiting you.

I will ad block, and if they die ask me for actual money. If I don't pay, it tells you what I think your worth. There is no right to profit.

Further, you almost run into the RIAA fallacy. If no one paid, people would still make content. People always make content, it is what we do. I post reams of shit online (art, text, etc...) and will never get paid a cent for it. So do millions of other people. Sure, the volume will go down, but whose to say that the shit/quality ratio won't improve?

Re:No kidding

[azalin]

I think the "allow unobtrusive adds" feature in Adblock plus is a valid way to go. I don't mind the adds next to my search results and I don't mind un-animated picture adds on a site. Hell once in a while I actually clicked one, because it sounded interesting. These days though with fullscreen click through layers, flash tracking and malware serving ad servers it's simply a bad idea not to use a blocker.
Sites require funding and advertisement provides funding. But advertisements does not "require" animation, sound, popups, tracking feature or malware attack vectors. Play nice again and so will I.

Re:No kidding

[azalin]

There is an "allow unobtrusive adds" feature in ABP which might provide a solution to this dilemma. It provides reasons and rewards for playing nice. Should this idea take hold in a big way (yeah, the day pigs learn to fly) companies might actually choose the static, boring but seen by everyone ad over the fancy, super tracking, animated attention whore add seen only by the few slobs who don't have blocking yet.
Of course the whole thing will be gamed and I have no idea, if it will ever take off.

Re:No kidding

oh get real, merely meeting the C10K challenge would server the vast vast majority of sites just fine.

Meeting the C10K challenge is not hard these days, you can do it on a 5$ a month VPS if you set up your site sensibly.

In other words running your run-of-the-mill website is dirtcheap from a business perspective if you do it right (making it might cost you some, but that's the digital equivalent of doing your store front and/or store display)

Re:No kidding

[AmiMoJo]

I'm surprised advertisers have not started deploying counter-measures already, but I suppose the number of users is too low. For example text ads can only be blocked easily if they come in a nice DIV you can name. Image ads are easier but again only if they have a file name or come in a named DIV that gives them away. The ad images could even be overlaid onto content images dynamically, making them virtually impossible to filter without making the site unusable.

Sites help ad-blocking a lot with named HTML elements.

Re:No kidding

You can cut out a load of ads by simply blocking the right domains. When sites stop using third party ad providers or start proxying their content, then the names of elements might be the most useful hint.

Re:No kidding

[Tom]

Advertisers need to STFU as they are the reason all this happened.

+100

Anyone who listens to the people who brought all this about is either stupid or corrupt or both. The entire discussion should happen with the advertisers excluded.

I want DNT. I want it to be enabled by default on all browsers. And I want ignoring DNT to carry a fine large enough that intentionally doing it large-scale will bancrupt your company. And I want that kind of intentionally ignoring it carry criminal penalties for the C-level executives.

Because that's the only way short of shooting them that they'll learn to behave like responsible members of a community instead of psychopathic parasites.

Re:No kidding

[Darinbob]

Adblock also greatly improves the performance of browsing the web, especially if you're on a slow network or dialup.

Re:No kidding

[Darinbob]

No, I am not stealing. The web sites are provided free and I'm just viewing some of the content they provide. Maybe I'm not viewing it the way they would like me to view it, but that is not the same as stealing and it is not immoral or unethical. This is little different from my throwing away my junk mail unopened.

Do not blame the viewers of the web sites for this. Blame the the advertisers who came up with abusive ads and the companies that continue to buy the abusive ads. If the companies would behave like responsible poeple then we wouldn't be forced to engage in self defense.

Re:No kidding

[Darinbob]

Why fund the media? Find a job or source of income that isn't about pretending to be a journalist. This stuff is turning the net into a low-tech venture where it's about content instead of actually doing something new and interesting and advancing the state of the art.

Re:No kidding

[Mandrel]

Why fund the media? Find a job or source of income that isn't about pretending to be a journalist. This stuff is turning the net into a low-tech venture where it's about content instead of actually doing something new and interesting and advancing the state of the art.

If you find some content useful, either because it's informative or entertaining, it's worth finding ways to encourage the producer of that content to make some more. I think the common view that there will always be an unlimited supply of free or cheaper just-as-good alternatives to any piece of quality content doesn't hold water.

Quality doesn't have to be new and interesting. It's usually mundane. Most work is like that, but it keeps the world turning.

Dangerous?

Exaggerating much? DNT is worthless at most. I don't see any reason why anyone will be able to better protect their own privacy without the existence of DNT. If they don't understand how DNT works, then they likely won't understand how their privacy is violated when they browse the web either. Even when they take other measures and use other tools to avoid being tracked, if they do not understand how tracking works, they will inevitably leak out enough information to get tracked.

This blog post sounds like just another "researcher" looking for attention by making more noise.

trivial, 99% effective fix

[bcrowell]

There is a trivial, 99% effective fix for this problem. In firefox, go to Edit:Preferences:Privacy and tell it to forget all cookies when you end a browser session. There is also a facility for whitelisting cookies from certain sites so that, for example, you don't have to log in to slashdot every time. Cookies from the whitelisted sites are remembered across browser sessions.

Re:trivial, 99% effective fix

They can still track by IP address and you're browser fingerprint. Browser fingerprinting can be defeated though current browsers don't seem to want to help make it easier to do so.

I'm not sure what we'll do when IPv6 rolls around and every device has a unique address. Either you go back to NAT and share addresses, which is not completely effective due to fingerprinting, or you change your address every few hours or days. Either solution defeats the purpose of IPv6.

The only real solution is to use adblock, but that's not available on all browsers and isn't possible on certain platforms like mobile devices or consoles.

Re:trivial, 99% effective fix

[dririan]

They can still track by IP address and you're browser fingerprint. Browser fingerprinting can be defeated though current browsers don't seem to want to help make it easier to do so.

AC is right. Deleting cookies at the end of each session may help a bit, but there are still plenty of ways to identify you especially if you include your IP address (but that's not always reliable).

I'm not sure what we'll do when IPv6 rolls around and every device has a unique address. Either you go back to NAT and share addresses, which is not completely effective due to fingerprinting, or you change your address every few hours or days. Either solution defeats the purpose of IPv6.

There's already a solution for that. Use the randomly-generated address for normal things, but use your static address for servers and the like. IPv6 privacy extensions are supported on Windows, Mac, and Linux.

Re:trivial, 99% effective fix

I'm not sure what we'll do when IPv6 rolls around and every device has a unique address.

! ! ! Your computer may be broadcasting an IPv6 address ! ! !

Re:trivial, 99% effective fix

[Tarmas]

That's no good for for those of us who put our computers to sleep instead of shutting down.

Re:trivial, 99% effective fix

[bcrowell]

That's no good for for those of us who put our computers to sleep instead of shutting down.

The cookies go away when you restart your browser, not just when you shut down your computer.

Re:trivial, 99% effective fix

That doesn't address this issue.

Re:trivial, 99% effective fix

There is a trivial, 99% effective fix for this problem. In firefox, go to Edit:Preferences:Privacy and tell it to forget all cookies when you end a browser session. There is also a facility for whitelisting cookies from certain sites so that, for example, you don't have to log in to slashdot every time. Cookies from the whitelisted sites are remembered across browser sessions.

This, and a slew of other reasons is why I am a staunch Opera user. Right-click on any page and set up per-site settings for cookie handling, javascript, redirects, plugins, etc. F12 brings up "Quick Preferences" and you can globally toggle moving images, plugins (Flash), javascript, etc. There is also full content blocking based on IP or URL.

I don't know why any technical person, or privacy caring person, would not use Opera. No, I have nothing to do with the company- I just love a product that works.

Re:trivial, 99% effective fix

[Sockatume]

Blocking thirdparty cookies is also worth a crack, although as Google demonstrated, that can be worked around.

Re:trivial, 99% effective fix

[KPU]

How dare people chop of the trailing bits of an IPv6 address, thus rendering IPv6 privacy extensions ineffective.

Re:trivial, 99% effective fix

[AmiMoJo]

Deleting cookies at the end of each session may help a bit, but there are still plenty of ways to identify you especially if you include your IP address (but that's not always reliable).

What we need is an extension that doesn't delete cookies, it alters them to randomize unique ID numbers and other valuable data. As well as cookies it would randomize the browser user agent string and referrer when sending requests to known ad servers. The "proxy-for" header is also fun to play with and might help combat IP addressed based tracking.

Don't just block tracking, screw it up and poison the databases with fake nonsense data.

Re:trivial, 99% effective fix

[dririan]

If you do that, then the IPv6 prefix is just as effective as a NAT'd IPv4 address tracking-wise. No more, no less. But you're right, no one dares to track you by your IPv4 address these days...

Re:trivial, 99% effective fix

[allo]

they can only work around flawed implementations of blocking third-party cookies (i.e. generating exceptions on the fly)

Re:trivial, 99% effective fix

IPv6 privacy extensions are supported on Windows, Mac, and Linux.

Oh, please. In IPv6, each subscriber (= home) gets a /48 (or /56) prefix. The privacy extension hides the physical device within the household.

Re:trivial, 99% effective fix

[dririan]

As I said over an hour before you posted, the IPv6 prefix is just as effective as a NAT'd IPv4 address tracking-wise. The privacy extensions don't improve the situation compared to IPv4, merely bring it to the same level. Try reading before you post next time, please.

Re:trivial, 99% effective fix

the IPv6 prefix is just as effective as a NAT'd IPv4 address tracking-wise.

The IPv6 prefix will be like your home address, last name and phone number. I bet you will be able to google the remote client's IPv6 address and get back the family photo. Smile, you're on the whois database.

Schemes have been proposed to fudge the prefix, but they go against the grain of IPv6. You want to have a static IPv6 prefix so your appliances and applications and you can be reached from the Internet.

Re:trivial, 99% effective fix

The IPv6 prefix will be like your home address, last name and phone number. I bet you will be able to google the remote client's IPv6 address and get back the family photo. Smile, you're on the whois database.

BTW, that's the situation I'm in now: my laptop is NATted, but my family has a static IPv4 address. The staff at Slashdot will be able to goole my address and see my picture. Not that I care (at the moment), but the marketers are going to have a field day when all accesses identify you.

There will be other fun dimensions to this. With Mobile IPv6, your regular IPv6 address is going to get translated to a dynamic one that identifies your location (airport, hotel, café).

Ineffective, yes, but 'dangerous'?

FTA:

The main problem with Do Not Track is that it lulls users into a completely false sense of privacy. Do Not Track works by simply asking the websites youâ(TM)re visiting not to track you â" the websites are completely free to ignore this request, and in most cases itâ(TM)s impossible for the user to find out that their Do Not Track request was in fact discarded.

That's the main problem (the article doesn't claim any secondary problems)? That doesn't make it dangerous. Everyone knows it has no teeth, and anyone unaware of that clearly isn't concerned about online privacy/security to begin with.

I personally will continue to leave the "Do Not Track" box ticked because it is a great idea that is important to support. Think of it this way: If the websites gathering data see only 12% of users have DNT enabled, they'll surmise that nobody minds being tracked so they can continue to ignore it and possibly employ more invasive privacy violations. On the other hand, if these data gathering websites see 65% of users with DNT enabled (even though it may be ineffective), it sends a strong message that people do care about online privacy, and has the potential to encourage stronger privacy solutions.

Just because big companies are openly ignoring their users' wishes to not be tracked is no reason to disable DNT. In fact, the message it sends is that perhaps we need to reconsider what companies we support.

Re:Ineffective, yes, but 'dangerous'?

[peppepz]

I agree. Like most words in Oldspeak, “dangerous” has a precise meaning and the author is redefining it.

Users who actively enable do not track know what it is and how it works. If they don’t know, then they’re not more in “danger” than if they did, because the only actualisation of that danger, i.e. getting spied by Google et al, lies still there unchanged whether do not track is offered and enabled or not.

Would the author claim that, say, air bags give a false sense of security to drivers and therefore should be abolished?

Didn't everyone see that coming?

What a surprise: sleazy advertisers remain sleazy.

Here's something that I wrote in 2010 on the subject:

Simply put, all of the "opt-out" ideas that I've heard have been horrible. In short, they rely at best on unenforceable behavior and at worst on something that is an inherent contradiction.

Donottrack.gov?

The first "solution" that I've heard proposed is something akin to the popular Do Not Call Registry. There's a fundamental problem with this. How on earth do you determine if a visitor to or user of your site is on the registry? Well... they'd have to present some sort of unique identifier that could be matched up to a central database and... hang on... isn't this starting to sound like what we want to avoid?

Trust the browser, trust the servers

Ok, so let's leave the idea of a "do not track registry" to die in a corner, and instead focus on something that would obviate the need for a unique fingerprint. Let's have the browser send a special header, perhaps something like X-Do-Not-Track that denotes the preference of the user. At first glance, this looks a bit better. We don't have to uniquely identify ourselves, and we're not dependent on a central source of information, ripe for the harvesting. We'll just configure the browser to send something saying that we don't want to be tracked, and sites will act accordingly.

That won't work. Here's why:

There is a tremendous incentive to track people using it, as they have self-identified as being part of a group that might otherwise be harder to track. (In other words, less competition for those unscrupulous enough to ignore the header.)
There is no practical way for end-users to determine whether or not the header was received, understood, and obeyed. If I sign up for the "Do Not Call Registry" and a telemarketer calls me, their violation is obvious. If my browser sends a header stating that I don't want to be tracked, but the server ignores (or never receives) it, how can I tell? I can't.
Few advertising-dependent/marketing-aware companies (if any) are likely to voluntarily undertake the implementation cost, especially since doing so would actually make their job more difficult.
Legislation mandating compliance with the header (the only remaining option) would likely work about as well as the CAN-SPAM Act has worked: poorly at best, and even then only in places subject to US law. (And that's for a law governing something that is eminently more visible and traceable!)
Sometimes we do want to be tracked. Pretty much any sane, secure, and usable website with a login system has to do at least some tracking (at a minimum they must keep track of IPs, session IDs, and the association between the two). How exactly is one to enforce that this information only be used for that purpose? The more I think about this, the more I'm reminded of the evil bit: "Track me, but not in a bad way..." While I don't think it's impossible or even unlikely that people with technical know-how could write some decent legislation differentiating between the various sorts of "tracking", I do think it's exceedingly unlikely that Congress would be able to do so.

So at best, we'll have a system that's entirely opt-in on the advertiser side and will only be observed by the most noble companies (but not all of them, and not all the time.) Anyone intent on data mining/tracking/etc. for nefarious purposes will continue to do so, same as before, and will happily ignore the header with absolutely no consequences, while overly-optimistic or misinformed users will feel semi-anonymous.

What a waste.

The Solution

There is no simple solution.

There is no one technology, law, or other magic bullet that will guarantee you privacy on the internet. Sorry.

Instead, you have to use a combination of technologies and tactics to enforce your own privacy policy. As fo

Adblock + Noscript

Ads can go to hell. I've had enough malware served up that I don't give a rat's ass about "ad revenue".

Sorry website owners, your advertisers have proven they cannot be trusted. Until that changes, their ads will not be viewed. If you try to circumvent this, I will gladly do without your useless little site; there are no unique sites on today's Internet.

It's not tracking that is the problem

[twistofsin]

It's intrusive and/or obnoxious behavior. I don't use a form of ad blocking on all my machines, and the ones I see that I can confidently say are influenced by the other sites I've visited are generally tolerable. Compared to the canned ads for the wireless company/car manufacturer/etc that has a contract with the media company who bought out a website I frequent they look reasonable. They generally don't autoplay any audio or video, nor do they take up my whole screen if my mouse accidentally violates their airspace.

Evil bit?

[Blaskowicz]

It sounds like a serious comittee and companies got an inspiration from the Evil Bit proposal, even though that one was an april fools joke.

Government will get involved

Eventually the government will get involved "for the children" or "for the " and will create computer registration, aka Computer Safety. Remotely installable "Assult Software" will be banned and only applications approved by the local Housing Authority will be approved, unless you take a computer safety course with the appropriate insurance purchased, of course. Houses with more than 5 computer will eventually be banned and zoning restrictions, for energy conservation, of course, will be enforced with rigor.

Re:Government will get involved

[Opportunist]

Could you please be quiet? I can already see some pencil pusher go "hey, good idea!"

Lack Of Trust

[EXTomar]

Both in terms of the idea and design. There is no level of Trust in the design of "Do Not Track". The server on the other end has no real obligation to honor the flag. The client has no real way to check if it is honoring the flag.

Also something people miss: You can't legislate trust. How do you prove violations? Random audits on paper sound like the way to tackle conformance but again who is building that tool? Google, Microsoft, Amazon, etc? Again we have a lack of trust....

It's not about whether the site honors it or not

[Todd+Knarr]

For me, I don't care whether the site honors that header or not. If they're going to abuse tracking, they're not likely to suddenly come over all ethical and change their servers to not track. What the DNT header does is give a standard, recognized signal present in every single browser request that I do not consent to tracking. It's like the fence with the locked gates and "Private Property - No Trespassing" signs around a property: it's not going to keep trespassers out, but it's a clear and more importantly legally-recognized demarcation. If they jump over the fence onto my land and get in trouble because of being there, the court's going to look at the fact the land was clearly posted and tell them "Sorry, we don't accept your claim that you didn't know it was private property.". With the DNT header, no Web site can claim they didn't know I didn't consent to tracking. They can't claim implicit consent, because there's explicit non-consent in the very request they serviced. And this is why the advertisers are making such a play to get the DNT header dismissed and abandoned. Up to now they've taken the position of "You must consent as a condition of access, you accessed so we can assume your consent.". As long as there's no standard way of saying "I do not consent.", they can get away with that. But with a standard DNT header they can't argue that it's infeasible to check every possible way of not consenting. There's just one, and it's not ambiguous. The counter-argument of "If they don't want to allow access to those who don't consent, why did they not simply return an HTTP error when they saw the DNT header?" becomes rather more convincing.

The secret the advertisers don't want to state up front is that they don't want to require consent to tracking. They just want to track everybody whether they consent or not. Anything that provides a clear, unambiguous message to them about consent or lack thereof is a threat to that position, because it makes it harder for them to argue a basis for their assuming consent.

And a message to every Web-site and ad-network operator out there: if you're serious, stop whining and configure your servers to return 403 Forbidden to every request with the DNT header set. It's not that hard.

Re:It's not about whether the site honors it or no

[drinkypoo]

I'm surprised that this is a minority view. This is a legal issue. There are no technical means to utterly prevent tracking, but this provides a legal means for punishing people who do it. Anyone who says DNT is harmful is selling something, or bought something stupid from someone who is.

Nobody Uses It Anyway

Just use a good ad and cookie blocker, and Do Not Track becomes a moot issue. My cookie blocker allows me to alternate between blocking the cookie entirely, replying with random gibberish, or replying with whatever crap I want to put into it. "123';drop table;" is a favorite, though I don't resort to that unless the web site blocks the back button or uses popunders or commits some similar sin that is deserving of such a response.

So how come only Google was sued?

I suspect Microsoft is behind a lot of the litigation against Google. And in almost every case, Microsoft is doing the same thing.

Re:So how come only Google was sued?

[Sockatume]

Google was sued because Google are the ones who breached privacy in that instance, obviously. Do you really believe that it should only be possible to prosecute a crime if you can round up every single person who has committed a particular offense?

Great

[darkfeline]

We've created a completely, utterly useless specification that every single (mainstream) browser now implements as a feature. In all, countless megabytes (gigabytes?) and countless manhours and processing-hours have been wasted, all for the sake of doing nothing.

Of course, anyone with half a brain saw this coming.

Re:BUY A GUN AND KILL PEOPLE

[Opportunist]

Ya know, last time I checked it was still illegal.

And I bet it's been lobbied into existence by some manager who wanted to make sure we can't get rid of 'em... sneaky bastards...

Re:It's not about whether the site honors it or no

[Opportunist]

Hmm... if someone comes illegally onto my property after I clearly marked it, I may shoot him in defense. Say... does that work on that DNT too?

Please, oh please say yes...

They can track me, I just don't want to see ads.

[fahrbot-bot]

My subject says it all. I don't really care about being tracked, I just really don't want to see *any* ads and will actively block obtrusive or irrelevant ads through various browser extensions and Proxomitron.

DNT by Default

[PhrstBrn]

You mean, when all the major browsers enable DNT by default, everybody ends up just ignoring the flag, putting us back to where we started? I'm shocked.

Re:DNT by Default

What are you talking about?

Advertisers were always going to ignore DNT regardless. Blaming the default setting on internet explorer is and always was a scapegoat used by the advertising industry to try and convince everyone that they really, really want to protect our privacy, but their hand has oh so unfairly been forced by the big evil Microsoft.

I cannot believe anyone honestly thought DNT had a snowball's chance in hell. The entire concept is flawed from start to finish, because it requires placing trust in the only people who have a strong financial incentive to violate it.

No, DNT was only ever about the advertising industry trying to cover their ass and keep the government regulators at bay so they could keep reaming us. How anyone could be so gullible to believe otherwise is beyond me.

DIY Do not track

[wakeboarder]

Hosts file and no script, only enable the stuff that you need. Plus with all of that worthless javascript wasting cpu cycles and memory gone, you can use your computers resources for something more useful, like a hundred more tabs.

Ghostery's true background

Ghostery's true background (Score:3, Interesting)

"Seems like a lot of people are praising Ghostery, which leads me to believe that you haven't heard the backstory.

Evidon, which makes Ghostery, is an advertising company. They were originally named Better Advertising, Inc., but changed their name for obvious PR reasons. Despite the name change, let's be clear on one thing: their goal still is building better advertising, not protecting consumer privacy. Evidon bought Ghostery, an independent privacy tool that had a good reputation. They took a tool that was originally for watching the trackers online, something people saw as a legitimate privacy tool, and users were understandably concerned. The company said they were just using Ghostery for research. Turns out they had relationships with a bunch of ad companies and were compiling data from which sites you visited when you were using Ghostery, what trackers were on those sites, what ads they were, etc., and building a database to monetize.

When confronted about it, they made their tracking opt-in and called it GhostRank, which is how it exists today. They took an open-source type tool, bought it, turned it from something thatâ(TM)s actually protecting people from the ad industry, to something where the users are actually providing data to the advertisers to make it easier to track them. This is a fundamental conflict of interest.

To sum up: Ghostery makes its money from selling supposedly de-indentified user data about sites visited and ads encountered to marketers and advertisers. You get less privacy, they get more money. That's an inverse relationship. Better Advertising/Evidon continually plays up the story that people should just download Ghostery to help them hide from advertisers. Their motivation to promote it, however, isn't for better privacy; it's because they hope that you'll opt in to GhostRank and send you a bunch of information. They named their company Better Advertising for a reason: their incentive is better advertising, not better privacy."

http://yro.slashdot.org/comments.pl?sid=2931443&cid=40412193

"I know I will be flagged "flame""

Why, are you a homosexual?

Well, now I'm beginning to question the efficacy

[Rogerborg]

Of my "Please Do Not Mug" t-shirt.

In a world where advertisers are willing to lie

We have an online world where advertisers are willing to bare faced lie.

* Adverts try to fake the UI of the web site that hosts them, example Facebook and SourceForge.
* Adverts saying "You have a message", "Three friends have unfriended you" - yet they can't know this and in the case of a test account - it didn't have any friends or anyone to send it messages.
* Messages like "According to our records you are owed £3056.23 in PPI" - If you're going to lie to me why should I trust you with financial details?

With things like this common place do we expect them to honour DNT?

Re:In a world where advertisers are willing to lie

Facebook is an advertisement that fakes the UI of a social network.

NoScript rocks (AdBlock no longer does & why)

"Ads can go to hell. I've had enough malware served up that I don't give a rat's ass about "ad revenue"." - by Anonymous Coward on Wednesday February 13, @09:10PM (#42891241)

Per my subject above: NoScript's FF's BEST addon, bar-none, but Adblock "just ain't what it used to be" (proofs below)!

Plus, "oddly enough" (lol, "not"), the advertisers + webmasters OMIT 1 VERY IMPORTANT FACT:

Fact being they not only INFECT you via adbanners (numerous examples below from reputable sources cited in that regard) BUT they also ROB YOU of your bandwidth/speed you PAID FOR MONTHLY TO YOUR ISP for online access! To the tune of 40% of the "weight" of every site online that displays ad banners no less on average!!!

I decided to do something about it, and you can too, should you elect to try this application I designed (works with a native tightly integrated feature of the IP stack itself in the hosts file @ ring 0/rpl 0/kernelmode via tcpip.sys, a driver, fast as it gets & right off the bat, making adblock REDUNDANT actually, since browsers & addons CANNOT operate without knowing where to go, first, & hosts load @ OS startup once the IP stack loads (@ bootup & fully on 1st request to the internet, in Windows &/or MacOS X)):

---

APK Hosts File Engine 5.0++ 32/64-bit:

http://start64.com/index.php?option=com_content&view=article&id=5851:apk-hosts-file-engine-64bit-version&catid=26:64bit-security-software&Itemid=74

Which, if you read the list of what it can do for you as an end user of the resulting output it produces listed in the link above, you'll understand how/why...

"It's as strong as steel, & a 3rd of the weight" - Howard Stark from the film "Captain America"

---

Especially vs. competing alternate 'solutions', noted below in AdBlock/Ghostery & yes even DNS servers, next, as 'examples thereof'...

Solutions that used to be good & I even recommended them in security guides I wrote up over the decades now -> http://www.google.com/search?hl=en&tbo=d&output=search&sclient=psy-ab&q=%22HOW+TO+SECURE+Windows+2000/XP%22&btnG=Submit&gbv=1&sei=ka3yUKzxB-6_0QHLroCQCA

That did extremely well for myself (and users of them), for Windows users, for "layered-security"/"defense-in-depth" purposes - the BEST THING WE HAVE GOING vs. threats of all kinds, currently!

(Not anymore though, & certainly NOT far as AdBlock's concerned especially, not after this):

---

Adblock Plus To Offer 'Acceptable Ads' Option:

http://news.slashdot.org/story/11/12/12/2213233/adblock-plus-to-offer-acceptable-ads-option

(Meaning by default, which MOST USERS WON'T CHANGE, it doesn't block ALL ads - they "souled-out"... talk about "foxes guarding the henhouse")!

---

Plus, Adblock CAN'T DO AS MUCH & not from a single file solution that runs in Ring 0/RPL 0/kernelmode via tcpip.sys, a driver (since it's part of the IP stack & tightly integrated into it) which is far, Far, FAR FASTER than ring 3/rpl 3/usermode apps like browsers, & addons slow them down (known issue in FireFox).

To wit, 10++ things AdBlock can't do, hosts can:

---

1.) Blocking rogue DNS servers malware makers use

2.) Blocking known sites/servers that serve up malware... like known sites/servers/hosts-domains that serve up malicious scripts

3.) Speeding up your FAVORITE SI

Actually

[dutchwhizzman]

Actually legislation helps a lot. By outlawing spam you have over 99% of companies in countries that have outlawed it not sending spam any more. By outlawing spam, ISPs get a legal reason to filter spam. There have been lawsuits against ISPs in the past from companies claiming large losses due to ISPs filtering their spam and the spam thus not reaching the ISPs subscribers. Yes, even though it's illegal in quite a few countries, it still happens. However, it's substantially less and legislation has helped the technical solutions to stay in place. Both have to work together in this case. The same should apply to privacy laws. If a certain company refuses to obey a countries privacy laws, it should be taken to court and fined so hard that any profit they might have gained will be taken from them plus an extra amount to make sure they or others will never try to do this again. Technical ways to stop tracking people are very hard to implement and the only real solution is to not visit web sites that track you any more. Either that, or have proper legislation in place and active prosecution of companies not following the rules.

Well of course it is ineffective.

It took like bloody 12 or more years to come out after switching developers and publishers, and losing half its team.

We are talking about Duke Nukem Forever, right? Forever starts with a T, right? I mean, F is just T with his other hand down at his side.

AdBlock = inferior to custom hosts

"Sadly, I have "real intelligence" when a large enough to be profitable portion of the words population don't" - by Omestes (471991) on Thursday February 14, @02:21AM (#42893107) Homepage

Sadly, you're wrong (per my subject-line above) since AdBlock doesn't block all ads anymore, by default (& can't do 10++ things custom hosts files can, listed below) - same goes for Ghostery & even DNS servers!

Additionally: I hate doing this too, but it's "doesn't" in that case per your quoted words above, not "don't" in that turn of a phrase (grammar picking yes, sorry - ordinarily I don't do that, as it is off-topic, but it fits here!).

THIS creates that custom hosts file I note from 10++ reputable & reliable sources, "automagically":

---

APK Hosts File Engine 5.0++ 32/64-bit:

http://start64.com/index.php?option=com_content&view=article&id=5851:apk-hosts-file-engine-64bit-version&catid=26:64bit-security-software&Itemid=74

Which, if you read the list of what it can do for you as an end user of the resulting output it produces listed in the link above, you'll understand how/why...

"It's as strong as steel, & a 3rd of the weight" - Howard Stark from the film "Captain America"

---

Especially vs. competing alternate 'solutions', noted below in AdBlock/Ghostery & yes even DNS servers, next, as 'examples thereof'...

Solutions that used to be good & I even recommended them in security guides I wrote up over the decades now -> http://www.google.com/search?hl=en&tbo=d&output=search&sclient=psy-ab&q=%22HOW+TO+SECURE+Windows+2000/XP%22&btnG=Submit&gbv=1&sei=ka3yUKzxB-6_0QHLroCQCA

That did extremely well for myself (and users of them), for Windows users, for "layered-security"/"defense-in-depth" purposes - the BEST THING WE HAVE GOING vs. threats of all kinds, currently!

(Not anymore though, & certainly NOT far as AdBlock's concerned especially, not after this):

---

Adblock Plus To Offer 'Acceptable Ads' Option:

http://news.slashdot.org/story/11/12/12/2213233/adblock-plus-to-offer-acceptable-ads-option

(Meaning by default, which MOST USERS WON'T CHANGE, it doesn't block ALL ads - they "souled-out"... talk about "foxes guarding the henhouse")!

---

Plus, Adblock CAN'T DO AS MUCH & not from a single file solution that runs in Ring 0/RPL 0/kernelmode via tcpip.sys, a driver (since it's part of the IP stack & tightly integrated into it) which is far, Far, FAR FASTER than ring 3/rpl 3/usermode apps like browsers, & addons slow them down (known issue in FireFox).

To wit, 10++ things AdBlock can't do, hosts can:

---

1.) Blocking rogue DNS servers malware makers use

2.) Blocking known sites/servers that serve up malware... like known sites/servers/hosts-domains that serve up malicious scripts

3.) Speeding up your FAVORITE SITES that hosts can speed up via hardcoded line item entries properly resolved by a reverse DNS ping

4.) AdBlock works on Mozilla products (browser & email), hosts work on ANY webbound app AND are multiplatform.

5.) AdBlock can't protect external to FireFox email programs, hosts can (think OUTLOOK, Eudora, & others)

6.) AdBlock can't help you blow past DNSBL's (DNS block lists)

7.) AdBlock can't help you avoid DNS request logs (hosts can via hardcoded favorites)

8.) AdBlock can't

Re:Adblock = INFERIOR to custom hosts

Change your browser to send an id string that will get you the mobile version of whatever site. There isn't room for ads on a cellphone. Noscript seems to succeed in blocking a majority of ads. A pfSense box running squid + squidguard with the advertisement category blocked does a lot for the rest. It even strips ads out of some you tube videos.

Something that works WITH Proxomitron

Per my subject-line above, custom hosts files = superior to browser addons!

(Since hosts are a TIGHTLY INTEGRATED native part of the IP stack itself, running in Ring 0/rpl 0/kernelmode, vs. layering ontop of far, Far, FAR SLOWER Ring 3/rpl 3/usermode browsers, slowing them down even more (known issue, stack a few FF addons up, & see for yourself))!

In fact, Proxomitron is 1 of the FEW tools like it that actually works WELL with custom hosts files that I know of!

HOWEVER: Proxomitron http://en.wikipedia.org/wiki/Proxomitron bills itself as "the universal filter"... it's NOT AS UNIVERSAL AS CUSTOM HOSTS FILES ARE!

(Which again, are part of ANY OS' IP stack that's based on the BSD original & most all today, if not all, ARE based on it - even on smartphones, & does Proxomitron run on those? Not afaik... hosts, can & do (may have to run a DosToUnix utility over them IF you import them from Windows (ASCII vs. EBCIDIC & other issues are overcome that way), but that's about it for complexity of import/export)):

---

APK Hosts File Engine 5.0++ 32/64-bit:

http://start64.com/index.php?option=com_content&view=article&id=5851:apk-hosts-file-engine-64bit-version&catid=26:64bit-security-software&Itemid=74

Which, if you read the list of what it can do for you as an end user of the resulting output it produces listed in the link above, you'll understand how/why...

"It's as strong as steel, & a 3rd of the weight" - Howard Stark from the film "Captain America"

---

Especially vs. competing alternate 'solutions', noted below in AdBlock/Ghostery & yes even DNS servers, next, as 'examples thereof'...

Solutions that used to be good & I even recommended them in security guides I wrote up over the decades now -> http://www.google.com/search?hl=en&tbo=d&output=search&sclient=psy-ab&q=%22HOW+TO+SECURE+Windows+2000/XP%22&btnG=Submit&gbv=1&sei=ka3yUKzxB-6_0QHLroCQCA

That did extremely well for myself (and users of them), for Windows users, for "layered-security"/"defense-in-depth" purposes - the BEST THING WE HAVE GOING vs. threats of all kinds, currently!

(Not anymore though, & certainly NOT far as AdBlock's concerned especially, not after this):

---

Adblock Plus To Offer 'Acceptable Ads' Option:

http://news.slashdot.org/story/11/12/12/2213233/adblock-plus-to-offer-acceptable-ads-option

(Meaning by default, which MOST USERS WON'T CHANGE, it doesn't block ALL ads - they "souled-out"... talk about "foxes guarding the henhouse")!

---

Plus, Adblock CAN'T DO AS MUCH & not from a single file solution that runs in Ring 0/RPL 0/kernelmode via tcpip.sys, a driver (since it's part of the IP stack & tightly integrated into it) which is far, Far, FAR FASTER than ring 3/rpl 3/usermode apps like browsers, & addons slow them down (known issue in FireFox).

To wit, 10++ things AdBlock can't do, hosts can:

---

1.) Blocking rogue DNS servers malware makers use

2.) Blocking known sites/servers that serve up malware... like known sites/servers/hosts-domains that serve up malicious scripts

3.) Speeding up your FAVORITE SITES that hosts can speed up via hardcoded line item entries properly resolved by a reverse DNS ping

4.) AdBlock works on Mozilla products (browser & email), hosts work on ANY webbound app

Reconsider that (ads CAN & DO infect you)

Per my subject-line above: See the list of evidences of that over time, listed below...

And?

Witness this program below, since it is a both TECHNICALLY SUPERIOR method of blocking vs. browser addons & more efficient also!

(Since browser addons for that purposed noted below run in already SLOWER ring 3/rpl 3/usermode, vs. hosts being part of tcpip.sys/IP stack & merely a filter for it, running via device driver ring 0/rpl 0/kernelmode too... far, Far, FAR FASTER, & addons slowup webbrowsers (known fact, stack up a few in FireFox for example, & see))!

This program below I designed simply builds up what is a NATIVE TIGHTLY INTEGRATED PART OF THE IP STACK ITSELF UP vs. adbanners (& other threats online such as known maliciously scripted sites/servers/hosts-domains, vs. botnets + their C&C Servers & bogus DNS servers & more...) from 10++ reputable & reliable sources for custom hosts file data!

---

APK Hosts File Engine 5.0++ 32/64-bit:

http://start64.com/index.php?option=com_content&view=article&id=5851:apk-hosts-file-engine-64bit-version&catid=26:64bit-security-software&Itemid=74

Which, if you read the list of what it can do for you as an end user of the resulting output it produces listed in the link above, you'll understand how/why...

"It's as strong as steel, & a 3rd of the weight" - Howard Stark from the film "Captain America"

---

Especially vs. competing alternate 'solutions', noted below in AdBlock/Ghostery & yes even DNS servers, next, as 'examples thereof'...

Solutions that used to be good & I even recommended them in security guides I wrote up over the decades now -> http://www.google.com/search?hl=en&tbo=d&output=search&sclient=psy-ab&q=%22HOW+TO+SECURE+Windows+2000/XP%22&btnG=Submit&gbv=1&sei=ka3yUKzxB-6_0QHLroCQCA

That did extremely well for myself (and users of them), for Windows users, for "layered-security"/"defense-in-depth" purposes - the BEST THING WE HAVE GOING vs. threats of all kinds, currently!

(Not anymore though, & certainly NOT far as AdBlock's concerned especially, not after this):

---

Adblock Plus To Offer 'Acceptable Ads' Option:

http://news.slashdot.org/story/11/12/12/2213233/adblock-plus-to-offer-acceptable-ads-option

(Meaning by default, which MOST USERS WON'T CHANGE, it doesn't block ALL ads - they "souled-out"... talk about "foxes guarding the henhouse")!

---

Plus, Adblock CAN'T DO AS MUCH & not from a single file solution that runs in Ring 0/RPL 0/kernelmode via tcpip.sys, a driver (since it's part of the IP stack & tightly integrated into it) which is far, Far, FAR FASTER than ring 3/rpl 3/usermode apps like browsers, & addons slow them down (known issue in FireFox).

To wit, 10++ things AdBlock can't do, hosts can:

---

1.) Blocking rogue DNS servers malware makers use

2.) Blocking known sites/servers that serve up malware... like known sites/servers/hosts-domains that serve up malicious scripts

3.) Speeding up your FAVORITE SITES that hosts can speed up via hardcoded line item entries properly resolved by a reverse DNS ping

4.) AdBlock works on Mozilla products (browser & email), hosts work on ANY webbound app AND are multiplatform.

5.) AdBlock can't protect external to FireFox email programs, hosts can (think OUTLOOK, Eudora, & others)

6.) AdBlock can't help y

A message to users vs. this & other threats

"And a message to every Web-site and ad-network operator out there: if you're serious, stop whining and configure your servers to return 403 Forbidden to every request with the DNT header set. It's not that hard." - by Todd Knarr (15451) on Wednesday February 13, @10:45PM (#42892005) Homepage

Per my subject-line above: I created a solution vs. trackers & FAR more that is malicious to end-users/consumers of website data - vs. botnet C&C servers, trackers, spammers, phishers, maliciously coded scripts on sites & yes, in adbanners (tons of evidences of that over time are listed below for your reference & that of others)...

A solution that is far MORE efficient than competing 'solutions' that are either advertiser OWNED, or crippled by default, in browser addons, no less & even over DNS servers, which custom hosts, the end result of the program below, can actually supplement & reinforce on a NUMBER of levels no less!

(Most DNS servers worldwide, especially worst @ the ISP level, remain unpatched for 1/2 a decade vs. the Kaminsky redirection dns-poisoning flaw, see link below for proof, when setup in recursive mode especially & MOST are, & have to be).

It's more efficient than browser addons OR even DNS servers in usermode, since it operates in Ring 0/rpl 0/kernelmode as a native TIGHTLY INTEGRATED part of the IP stack itself! The IP stack has over 44++ yrs. of refinement & optimization poured into it also... for efficiencies' sake as well as for security too!

(Which is far, Far, FAR faster & more efficient via tcpip.sys itself in kernelmode & loads as your OS does + fully on 1st request by web-bound client programs, which makes things like Adblock or Ghostery REDUNDANT & WASTEFUL in fact because of that very fact!)

It's better overall, vs. browser addons layering in over already SLOWER webbrowsers running in usermode/ring 3/rpl 3, & addons end up even slowing them down even more!

(TEST - Stack up a few addons in FireFox, see what I mean on that account - it is a KNOWN issue with browser addons in messagepassing alone (even if "in process"))

&

The program builds up a simple easily edited single-file solution that's TRULY "universal" & to ANY OS that runs a BSD-derived IP stack (most all, if not ALL today, do), including smartphones (might have to run a DosToUnix converter on it IF you import it from Windows though)).

Fact is - I kept it to myself 2003-2012, & I had it done before competitors did, long before...

I did so since I was NOT out to harm websites mainly who draw revenues from adbanners, & thus/again - I kept it to myself, that is, until adbanners began to show malicious script (see lists below)!

&

Also the fact ADBANNERS SUCK UP UP TO 40% OF AN AVERAGE WEBPAGE DOWNLOAD in mass sent/received, as well as CPU cycles, RAM, & other forms of I/O also, that you pay for in electricity AND your monthly bill to your ISP for online access!

(Thus, ads steal your bandwidth/speed YOU PAY FOR, in other words, as well as infesting you!)

However: The "explosion" of malware-in-general made me release it "to the masses"... mostly!

(From bad scripts, bad adbanners, malware servers, botnets etc./et al)

That happened mostly 2005 onwards imo since I've built up a custom hosts file here since 1997 & have a pretty GOOD idea when it really "kicked into gear" as to exploits in general online REALLY starting up more!

That prompted its release from me to the "general public", as well as adbanners themselves HOUSING MALICIOUS SCRIPT (last link @ the bottom of this post SHOULD interest you on that very note in fact...)):

---

APK Hosts File Engine 5.0++ 32/64-bit:

More evidence & a BETTER method by far

As to advertiser b.s. & also "solutions" vs. it (advertisers owned (ghostery), or crippled by default (adblock), or full of security issues (DNS)):

Per my subject-line above:

I created a solution vs. trackers & FAR more that is malicious to end-users/consumers of website data - vs. botnet C&C servers, trackers, spammers, phishers, maliciously coded scripts on sites & yes, in adbanners (tons of evidences of that over time are listed below for your reference & that of others)...

A solution that is far MORE efficient than competing 'solutions' that are either advertiser OWNED, or crippled by default, in browser addons, no less & even over DNS servers, which custom hosts, the end result of the program below, can actually supplement & reinforce on a NUMBER of levels no less!

(Most DNS servers worldwide, especially worst @ the ISP level, remain unpatched for 1/2 a decade vs. the Kaminsky redirection dns-poisoning flaw, see link below for proof, when setup in recursive mode especially & MOST are, & have to be).

It's more efficient than browser addons OR even DNS servers in usermode, since it operates in Ring 0/rpl 0/kernelmode as a native TIGHTLY INTEGRATED part of the IP stack itself! The IP stack has over 44++ yrs. of refinement & optimization poured into it also... for efficiencies' sake as well as for security too!

(Which is far, Far, FAR faster & more efficient via tcpip.sys itself in kernelmode & loads as your OS does + fully on 1st request by web-bound client programs, which makes things like Adblock or Ghostery REDUNDANT & WASTEFUL in fact because of that very fact!)

It's better overall, vs. browser addons layering in over already SLOWER webbrowsers running in usermode/ring 3/rpl 3, & addons end up even slowing them down even more!

(TEST - Stack up a few addons in FireFox, see what I mean on that account - it is a KNOWN issue with browser addons in messagepassing alone (even if "in process"))

&

The program builds up a simple easily edited single-file solution that's TRULY "universal" & to ANY OS that runs a BSD-derived IP stack (most all, if not ALL today, do), including smartphones (might have to run a DosToUnix converter on it IF you import it from Windows though)).

Fact is - I kept it to myself 2003-2012, & I had it done before competitors did, long before...

I did so since I was NOT out to harm websites mainly who draw revenues from adbanners, & thus/again - I kept it to myself, that is, until adbanners began to show malicious script (see lists below)!

&

Also the fact ADBANNERS SUCK UP UP TO 40% OF AN AVERAGE WEBPAGE DOWNLOAD in mass sent/received, as well as CPU cycles, RAM, & other forms of I/O also, that you pay for in electricity AND your monthly bill to your ISP for online access!

(Thus, ads steal your bandwidth/speed YOU PAY FOR, in other words, as well as infesting you!)

However: The "explosion" of malware-in-general made me release it "to the masses"... mostly!

(From bad scripts, bad adbanners, malware servers, botnets etc./et al)

That happened mostly 2005 onwards imo since I've built up a custom hosts file here since 1997 & have a pretty GOOD idea when it really "kicked into gear" as to exploits in general online REALLY starting up more!

That prompted its release from me to the "general public", as well as adbanners themselves HOUSING MALICIOUS SCRIPT (last link @ the bottom of this post SHOULD interest you on that very note in fact...)):

---

APK Hosts File Engine 5.0++ 32/64-bit:

http://start64.com/index.php?option=com_content&view=article&id=5851:apk-hosts-file-engine-64bit-version&catid=26:64bit-security-software&Itemid=

Re:More evidence & a BETTER method by far

Please, go die in a fire already.

Re:More evidence & a BETTER method by far

Eating your words still Sardaukar86? Absolutely -> http://it.slashdot.org/comments.pl?sid=3406867&cid=42701491 ROTFLMAO!

"Great minds think alike"... apk

http://yro.slashdot.org/comments.pl?sid=3459251&cid=42893891

* :)

APK

P.S.=>

"Hosts file and no script, only enable the stuff that you need. Plus with all of that worthless javascript wasting cpu cycles and memory gone, you can use your computers resources for something more useful, like a hundred more tabs." - by wakeboarder (2695839) on Thursday February 14, @01:24AM (#42892845)

Since you have the GOOD sense to use custom hosts files?

(Vs. other INFERIOR & less efficient + less easily managed advertiser owned (Ghostery), crippled by default (AdBlock), or full of security faults/flaws (DNS))

?

Well - You *MAY* find the program listed there in the link above QUITE useful for automating the acquisition, deduplication, & more in a custom hosts file: From 10++ reputable & reliable sources for that data, no less - as well as other data listed in the link above too...

... apk

Ghostery = ADVERTISER OWNED

Per my subject-line above: It's a "fox guarding the henhouse" & you'd have to be a 'CLUCK' to use it after knowing that (no offense intended, you *MAY* not be aware of what's listed below is why), in other words!

(Especially vs. this solution which is FAR superior technically, & in efficiency as well) - evidence of that is below:

---

APK Hosts File Engine 5.0++ 32/64-bit:

http://start64.com/index.php?option=com_content&view=article&id=5851:apk-hosts-file-engine-64bit-version&catid=26:64bit-security-software&Itemid=74

Which, if you read the list of what it can do for you as an end user of the resulting output it produces listed in the link above, you'll understand how/why...

"It's as strong as steel, & a 3rd of the weight" - Howard Stark from the film "Captain America"

---

Especially vs. competing alternate 'solutions', noted below in AdBlock/Ghostery & yes even DNS servers, next, as 'examples thereof'...

Solutions that used to be good & I even recommended them in security guides I wrote up over the decades now -> http://www.google.com/search?hl=en&tbo=d&output=search&sclient=psy-ab&q=%22HOW+TO+SECURE+Windows+2000/XP%22&btnG=Submit&gbv=1&sei=ka3yUKzxB-6_0QHLroCQCA

That did extremely well for myself (and users of them), for Windows users, for "layered-security"/"defense-in-depth" purposes - the BEST THING WE HAVE GOING vs. threats of all kinds, currently!

(Not anymore though, & certainly NOT far as AdBlock's concerned especially, not after this):

---

Adblock Plus To Offer 'Acceptable Ads' Option:

http://news.slashdot.org/story/11/12/12/2213233/adblock-plus-to-offer-acceptable-ads-option

(Meaning by default, which MOST USERS WON'T CHANGE, it doesn't block ALL ads - they "souled-out"... talk about "foxes guarding the henhouse")!

---

Plus, Adblock CAN'T DO AS MUCH & not from a single file solution that runs in Ring 0/RPL 0/kernelmode via tcpip.sys, a driver (since it's part of the IP stack & tightly integrated into it) which is far, Far, FAR FASTER than ring 3/rpl 3/usermode apps like browsers, & addons slow them down (known issue in FireFox).

To wit, 10++ things AdBlock can't do, hosts can:

---

1.) Blocking rogue DNS servers malware makers use

2.) Blocking known sites/servers that serve up malware... like known sites/servers/hosts-domains that serve up malicious scripts

3.) Speeding up your FAVORITE SITES that hosts can speed up via hardcoded line item entries properly resolved by a reverse DNS ping

4.) AdBlock works on Mozilla products (browser & email), hosts work on ANY webbound app AND are multiplatform.

5.) AdBlock can't protect external to FireFox email programs, hosts can (think OUTLOOK, Eudora, & others)

6.) AdBlock can't help you blow past DNSBL's (DNS block lists)

7.) AdBlock can't help you avoid DNS request logs (hosts can via hardcoded favorites)

8.) AdBlock can't protect you vs. TRACKERS (hosts can)

9.) AdBlock can't protect you vs. DOWNED or "DNS-poisoned" redirected DNS servers (hosts can by hardcodes)

10.) Hosts are EASIER to manage, they're just a text file (adblock means you had BEST know your javascript, perl, & python (iirc as to what languages are used to make it from source)).

& more... as a tiny 'sampling' & proofs thereof!

---

Same with Ghostery:

---

GHOSTERY = ADVERTISER OWNED!

Per my subject-line above: It's a "fox guarding the henhouse" & you'd have to be a 'CLUCK' to use it after knowing that (no offense intended, you *MAY* not be aware of what's listed below is why), in other words!

(Especially vs. this solution which is FAR superior technically, & in efficiency as well) - evidence of that is below:

---

APK Hosts File Engine 5.0++ 32/64-bit:

http://start64.com/index.php?option=com_content&view=article&id=5851:apk-hosts-file-engine-64bit-version&catid=26:64bit-security-software&Itemid=74

Which, if you read the list of what it can do for you as an end user of the resulting output it produces listed in the link above, you'll understand how/why...

"It's as strong as steel, & a 3rd of the weight" - Howard Stark from the film "Captain America"

---

Especially vs. competing alternate 'solutions', noted below in AdBlock/Ghostery & yes even DNS servers, next, as 'examples thereof'...

Solutions that used to be good & I even recommended them in security guides I wrote up over the decades now -> http://www.google.com/search?hl=en&tbo=d&output=search&sclient=psy-ab&q=%22HOW+TO+SECURE+Windows+2000/XP%22&btnG=Submit&gbv=1&sei=ka3yUKzxB-6_0QHLroCQCA

That did extremely well for myself (and users of them), for Windows users, for "layered-security"/"defense-in-depth" purposes - the BEST THING WE HAVE GOING vs. threats of all kinds, currently!

(Not anymore though, & certainly NOT far as AdBlock's concerned especially, not after this):

---

Adblock Plus To Offer 'Acceptable Ads' Option:

http://news.slashdot.org/story/11/12/12/2213233/adblock-plus-to-offer-acceptable-ads-option

(Meaning by default, which MOST USERS WON'T CHANGE, it doesn't block ALL ads - they "souled-out"... talk about "foxes guarding the henhouse")!

---

Plus, Adblock CAN'T DO AS MUCH & not from a single file solution that runs in Ring 0/RPL 0/kernelmode via tcpip.sys, a driver (since it's part of the IP stack & tightly integrated into it) which is far, Far, FAR FASTER than ring 3/rpl 3/usermode apps like browsers, & addons slow them down (known issue in FireFox).

To wit, 10++ things AdBlock can't do, hosts can:

---

1.) Blocking rogue DNS servers malware makers use

2.) Blocking known sites/servers that serve up malware... like known sites/servers/hosts-domains that serve up malicious scripts

3.) Speeding up your FAVORITE SITES that hosts can speed up via hardcoded line item entries properly resolved by a reverse DNS ping

4.) AdBlock works on Mozilla products (browser & email), hosts work on ANY webbound app AND are multiplatform.

5.) AdBlock can't protect external to FireFox email programs, hosts can (think OUTLOOK, Eudora, & others)

6.) AdBlock can't help you blow past DNSBL's (DNS block lists)

7.) AdBlock can't help you avoid DNS request logs (hosts can via hardcoded favorites)

8.) AdBlock can't protect you vs. TRACKERS (hosts can)

9.) AdBlock can't protect you vs. DOWNED or "DNS-poisoned" redirected DNS servers (hosts can by hardcodes)

10.) Hosts are EASIER to manage, they're just a text file (adblock means you had BEST know your javascript, perl, & python (iirc as to what languages are used to make it from source)).

& more... as a tiny 'sampling' & proofs thereof!

---

Same with Ghostery:

---

Untrue "the IP stack provideth" (superior way)

"Scriptable browsers are what makes most ad-blocking features work" - by sgunhouse (1050564) on Thursday February 14, @01:56AM (#42892973)

Per my subject-line above: Here is that more efficient/less redundant FASTER way to do the job of stopping not only trackers, adbanners, botnet C&C servers, bogus DNS they use, spammers/phishers, known malware serving sites + maliciously scripted sites too, & more!

All of which rob you of your monies via taking speed/bandwidth you paid your ISP for monthly out of pocket since they take up, on average, 40% of the "mass" of what you download from a website to view its pages, & CPU cycles, RAM, & other forms of I/O as well - meaning adbanners also cost you in terms of electricity bills raised as well!

If not taking your monies & time since they infest/infect you with malicious code also (plenty of evidence of that is below as well from reputable sites)...

(The program below operates right from when your IP stack loads @ OS startup, &/or 1st request to the web from webbound clients of ALL kinds (Windows + MacOS X) - AND, in not just webbrowsers, but also for example, email programs, if an external program, like Outlook/Outlook Express, eudora & others too since the 1st thing requested IS the hosts file for IP address resolution from host-domain names).

The application solution below is MORE efficient since it doesn't use redundant and yes, advertiser owned or crippled by default browser addons!

Yes, there's proof of that below too... unbelievable as it seems... read on!

For starters:

---

1.) Addons slowdown browsers even more!

(Fact: stack up a few FF addons & see what happens... it's a KNOWN issue!).

2.) A custom hosts file also operates @ a far, Far, FAR faster & more efficient layer of operations too (ring 0/rpl 0/kernelmode vs. browser in ring 3/rpl 3/usermode, being slowed down EVEN MORE by layering in addons - which wouldn't be SO BAD, if they weren't advertiser owned OR crippled by default... see below on that very note!).

3.) It also is TIGHTLY INTEGRATED as part of the IP stack itself, that has over 44++ yrs. of security & speed refinement put into it, written in C & Assembly code (far faster than browser addons like Adblock written in slower javascript, python or perl, & layered in over an already slower usermode app as far as webbound client programs go).

---

This loads it for you, from 10++ reputable & reliable sites for custom hosts file data vs. threats of all kinds online:

APK Hosts File Engine 5.0++ 32/64-bit:

http://start64.com/index.php?option=com_content&view=article&id=5851:apk-hosts-file-engine-64bit-version&catid=26:64bit-security-software&Itemid=74

Which, if you read the list of what it can do for you as an end user of the resulting output it produces listed in the link above, you'll understand how/why...

"It's as strong as steel, & a 3rd of the weight" - Howard Stark from the film "Captain America"

---

Especially vs. competing alternate 'solutions', noted below in AdBlock/Ghostery & yes even DNS servers, next, as 'examples thereof'...

Solutions that used to be good & I even recommended them in security guides I wrote up over the decades now -> http://www.google.com/search?hl=en&tbo=d&output=search&sclient=psy-ab&q=%22HOW+TO+SECURE+Windows+2000/XP%22&btnG=Submit&gbv=1&sei=ka3yUKzxB-6_0QHLroCQCA

That did extremely well for myself (and users of them

Thank you Captain Obvious

[GameboyRMH]

No seriously. Thank you, Nadim Kobeissi, for using your media clout to bring the obvious to attention.

The world needs real Captain Obviouses. Chisel-jawed men with flashy capes and booming voices to land out of the sky and say what masses of experts already know but nobody has been listening to.

Re:It's not about whether the site honors it or no

And yet, there is also no legal means of enforcing this same flag. Do you propose that every server must then be programmed to respect the laws of the country of origin for every request it receives? This is realistically completely infeasible, not only due to the sheer number of different jurisdictions it could receive a request from, but also because laws are subject to change.

Further, if you base the legal enforcement of the flag on the request's point of origin, servers will simply be relocated to a country which does not legally cooperate with other countries thus defeating whatever legislation is set up to support DNT. If, on the other hand, you base the legality on the jurisdiction the server is in, servers will be relocated to the country with the most lax enforcement of legal protections for DNT, again defeating the measure.

As such, there should be no surprise that the idea that DNT is a legal issue is a minority view.

By any other name.

They tighten privacy standards in one way, but in private, they expose it more in other ways.

Adblock & Ghostery = inferior to custom hosts

http://yro.slashdot.org/comments.pl?sid=3459251&cid=42895157

* :)

There's a LOT of "FYI" from reputable sources in that link that YOU just *may* not be aware of... especially in regards to GHOSTERY (advertiser owned) & ADBLOCK too (sadly now crippled by default, as well as technically inferior to custom hosts & redundant!

Yes, even also DNS (sadly neglected vs. the Kaminsky flaw for 1/2 a decade++ now in fact, & that is a DANGEROUS one since most dns servers HAVE to be in recursive mode, aren't patched fully, don't use filtering DNSBL's vs. threats (I list those that DO from reputable sources & ARE POINTED TO Icann/verisign DNSSEC secured parent servers & patched as well, especially OpenDNS, they're KNOWN for doing that right away asap))...

---

So, how can I make those statements? See the link above for details but here 'tis in a "nutshell":

Simply since hosts load as soon as your OS & IP stack driver does (tcpip.sys) & do the job already, BEFORE webbound clients can or do!

(Think email programs external to browsers that adblock doesn't cover like outlook, eudora, & others (+ and yes, browsers too)

Custom host are @ work before usermode apps that are webbound even BEGIN to operate!

Thus - making adblock (sadly crippled by default, I used to recommend it before that in fact) redundant and yes, also wasteful too!

---

That, also along with the fact that yes, BROWSER ADDONS slow up browsers!

(TEST - Stack a few in FF, & see for yourself - it's a KNOWN issue)

---

Browser addons also operate in a far, Far, FAR slower mode of operation vs. hosts (ring 0/rpl 0/kernelmode as a filter for the IP stack in an easily edited & controlled simple text file))

Since browser addons are running in ring 3/rpl 3/usermode, layered over already slower usermode webbound apps!

Plus, browser addons (like adblock) are written in SLOW interpreted languages mostly (python, perl, javascript & such)!

Vs.

Whereas the IP stack has 44++ yrs. of security AND SPEED refinement poured into it, & is written in C &/or Assembly, which is far faster by default (vs. interpreted code browser addons are generally created in...)

APK

P.S.=> Above all else? DO enjoy the program I wrote a decade++ ago, & finally released for the "general public"/"the masses" mid 2012, for populating & deduplicating/normalizing a custom hosts file from 10++ reputable & reliable sources for it also, should you elect to try + use it (100% free, no strings attached)...

---

I "held off" on releasing it, & had it LONG before others like it were out (& it's literally 10x smaller & does MORE than a competitor called hostsman, no less, & is BOTH 32 + 64-bit code in its single distro file I put out that malwarebytes' hpHosts hosts for me in fact, as part of the security community, hostsman isn't & neither is any other like it)...

Why?

Well - simple: I didn't WANT to hurt websites' revenue...

Not until I realized THEY & their advertiser paymasters were robbing me of speed/bandwidth I pay for OUT OF POCKET to my ISP monthly for online access by forcing me to download & process up to 40% MORE of what I was after to consume website data (on average, that's the 'mass' of adbanners forced on you)

Additionally, which also, in turn, leads to more CPU usage, RAM usage, & other forms of I/O used needlessly which raises your electricity bill as well, robbing you yet AGAIN... for starters!

AND

Not until the "malware explosion" online started (late 2004 imo) & also adbanners being found to house malicious code (near last link in that link above WILL "enlighten" & perhaps SURPRIS

Use the "Good Will Hunting" method then

"Anything that leaves your privacy on the "good will" of the companies is inefficient to protect my privacy." - by stafil (1220982) on Wednesday February 13, @08:09PM (#42890707)

A more efficient, not crippled by default (adblock) & advertiser owned (ghostery) for TRACKING PURPOSES, or riddled with security issues & negligence worldwide (DNS, especially vs. the Kaminsky flaw @ the ISP level remaining unpatched for 1/2 a decade++ currently, details & proof below, to all points noted) method, no less!

(Per my subject-line & that excellent film it references?? It's just plain SMARTER too & NOT subject to the flaws or being "souled out"/bought out as those above are & have been, obviously - & since it references 10++ reputable & reliable sources for custom hosts file data vs. threats of MANY kinds online? Not neglected either - read on!)...

---

APK Hosts File Engine 5.0++ 32/64-bit:

http://start64.com/index.php?option=com_content&view=article&id=5851:apk-hosts-file-engine-64bit-version&catid=26:64bit-security-software&Itemid=74

Which, if you read the list of what it can do for you as an end user of the resulting output it produces listed in the link above, you'll understand how/why...

"It's as strong as steel, & a 3rd of the weight" - Howard Stark from the film "Captain America"

---

Especially vs. competing alternate 'solutions', noted below in AdBlock/Ghostery & yes even DNS servers, next, as 'examples thereof'...

Solutions that used to be good & I even recommended them in security guides I wrote up over the decades now -> http://www.google.com/search?hl=en&tbo=d&output=search&sclient=psy-ab&q=%22HOW+TO+SECURE+Windows+2000/XP%22&btnG=Submit&gbv=1&sei=ka3yUKzxB-6_0QHLroCQCA

That did extremely well for myself (and users of them), for Windows users, for "layered-security"/"defense-in-depth" purposes - the BEST THING WE HAVE GOING vs. threats of all kinds, currently!

(Not anymore though, & certainly NOT far as AdBlock's concerned especially, not after this):

---

Adblock Plus To Offer 'Acceptable Ads' Option:

http://news.slashdot.org/story/11/12/12/2213233/adblock-plus-to-offer-acceptable-ads-option

(Meaning by default, which MOST USERS WON'T CHANGE, it doesn't block ALL ads - they "souled-out"... talk about "foxes guarding the henhouse")!

---

Plus, Adblock CAN'T DO AS MUCH & not from a single file solution that runs in Ring 0/RPL 0/kernelmode via tcpip.sys, a driver (since it's part of the IP stack & tightly integrated into it) which is far, Far, FAR FASTER than ring 3/rpl 3/usermode apps like browsers, & addons slow them down (known issue in FireFox).

To wit, 10++ things AdBlock can't do, hosts can:

---

1.) Blocking rogue DNS servers malware makers use

2.) Blocking known sites/servers that serve up malware... like known sites/servers/hosts-domains that serve up malicious scripts

3.) Speeding up your FAVORITE SITES that hosts can speed up via hardcoded line item entries properly resolved by a reverse DNS ping

4.) AdBlock works on Mozilla products (browser & email), hosts work on ANY webbound app AND are multiplatform.

5.) AdBlock can't protect external to FireFox email programs, hosts can (think OUTLOOK, Eudora, & others)

6.) AdBlock can't help you blow past DNSBL'

Adblock & Ghostery = inferior to custom hosts

I have NO ISSUE with NoScript though (best addon for FireFox there is imo @ least): HOWEVER - I do with the tools noted in my subject-line above, & here is EXACTLY why (& what I did about it for gratis/100% free, no strings attached) vs.:

A.) Adblock (crippled by default now)

B.) Ghostery (advertiser owned & a tracker itself)

C.) Even DNS servers, especially IF/WHEN run locally on a separate system @ home + setup in recursive mode, which it will HAVE to be so to get data from parent servers & if they're NOT ICANN/Verisign DNSSEC pointed at? You are vulnerable as hell!

(Wasteful as a separate system, or even as a separate service, less wasteful & redundant there though, but still wasteful with its daemons/services & front-ends (in usermode especially) vs. the SINGLE FILE SOLUTION noted below that is part of the IP stack itself, especially since running DNS above & beyond hosts wastes CPU cycles, RAM, & other forms of I/O + thus, by derivation, also electricity, costing you more yet again... that, along with NEGLIGENCE in patching it vs. the Kaminsky flaw for 1/2 a decade++ now worldwide MOSTLY, especially @ the ISP level no less (documented from reputable sources below on tha very note no less)):

---

APK Hosts File Engine 5.0++ 32/64-bit:

http://start64.com/index.php?option=com_content&view=article&id=5851:apk-hosts-file-engine-64bit-version&catid=26:64bit-security-software&Itemid=74

Which, if you read the list of what it can do for you as an end user of the resulting output it produces listed in the link above, you'll understand how/why...

"It's as strong as steel, & a 3rd of the weight" - Howard Stark from the film "Captain America"

---

Especially vs. competing alternate 'solutions', noted below in AdBlock/Ghostery & yes even DNS servers, next, as 'examples thereof'...

Solutions that used to be good & I even recommended them in security guides I wrote up over the decades now -> http://www.google.com/search?hl=en&tbo=d&output=search&sclient=psy-ab&q=%22HOW+TO+SECURE+Windows+2000/XP%22&btnG=Submit&gbv=1&sei=ka3yUKzxB-6_0QHLroCQCA

That did extremely well for myself (and users of them), for Windows users, for "layered-security"/"defense-in-depth" purposes - the BEST THING WE HAVE GOING vs. threats of all kinds, currently!

(Not anymore though, & certainly NOT far as AdBlock's concerned especially, not after this):

---

Adblock Plus To Offer 'Acceptable Ads' Option:

http://news.slashdot.org/story/11/12/12/2213233/adblock-plus-to-offer-acceptable-ads-option

(Meaning by default, which MOST USERS WON'T CHANGE, it doesn't block ALL ads - they "souled-out"... talk about "foxes guarding the henhouse")!

---

Plus, Adblock CAN'T DO AS MUCH & not from a single file solution that runs in Ring 0/RPL 0/kernelmode via tcpip.sys, a driver (since it's part of the IP stack & tightly integrated into it) which is far, Far, FAR FASTER than ring 3/rpl 3/usermode apps like browsers, & addons slow them down (known issue in FireFox).

To wit, 10++ things AdBlock can't do, hosts can:

---

1.) Blocking rogue DNS servers malware makers use

2.) Blocking known sites/servers that serve up malware... like known sites/servers/hosts-domains that serve up malicious scripts

3.) Speeding up your FAVORITE SITES that hosts can speed up via hardcoded li

Tracking and Advertising

[allo]

Two totally different things. No need to track me, to present ads to me.

Re:Adblock & Ghostery = inferior to custom hos

Not sure if you'll ever read this, and no need to reply, but I just wanted to thank you sincerely for the best (albeit probably the longest) Slashdot post I've ever read in 14 (or so) years. I will study your excellent post and learn and grow in the coming months. Thank you!

As an Opera user for more than 12 years, I don't feel the pain and frustration that so many do. All of these problems would be solved if people would just use Opera, or if all browsers would let you do per-site control, blocking, etc. It just amazes me at how much time and energy people will put into discussing this stuff when a simple solution is available.

Other than this post, I'm the only other person to comment about Opera. Sigh. I know I have a high IQ... maybe governments should be run only by people with high IQs? Please people- just use Opera- problem solved.

Some things to be aware of

TOR & anon. proxies SLOW YOU DOWN all to hell, 1st of all. Secondly, Ghostery = advertiser owned & tracks you by default... Thirdly, AdBlock DOES NOT BLOCK ALL ADS BY DEFAULT ANYMORE (all documented from reputable & reliable sources below):

---

APK Hosts File Engine 5.0++ 32/64-bit:

http://start64.com/index.php?option=com_content&view=article&id=5851:apk-hosts-file-engine-64bit-version&catid=26:64bit-security-software&Itemid=74

Which, if you read the list of what it can do for you as an end user of the resulting output it produces listed in the link above, you'll understand how/why...

"It's as strong as steel, & a 3rd of the weight" - Howard Stark from the film "Captain America"

---

Especially vs. competing alternate 'solutions', noted below in AdBlock/Ghostery & yes even DNS servers, next, as 'examples thereof'...

Solutions that used to be good & I even recommended them in security guides I wrote up over the decades now -> http://www.google.com/search?hl=en&tbo=d&output=search&sclient=psy-ab&q=%22HOW+TO+SECURE+Windows+2000/XP%22&btnG=Submit&gbv=1&sei=ka3yUKzxB-6_0QHLroCQCA

That did extremely well for myself (and users of them), for Windows users, for "layered-security"/"defense-in-depth" purposes - the BEST THING WE HAVE GOING vs. threats of all kinds, currently!

(Not anymore though, & certainly NOT far as AdBlock's concerned especially, not after this):

---

Adblock Plus To Offer 'Acceptable Ads' Option:

http://news.slashdot.org/story/11/12/12/2213233/adblock-plus-to-offer-acceptable-ads-option

(Meaning by default, which MOST USERS WON'T CHANGE, it doesn't block ALL ads - they "souled-out"... talk about "foxes guarding the henhouse")!

---

Plus, Adblock CAN'T DO AS MUCH & not from a single file solution that runs in Ring 0/RPL 0/kernelmode via tcpip.sys, a driver (since it's part of the IP stack & tightly integrated into it) which is far, Far, FAR FASTER than ring 3/rpl 3/usermode apps like browsers, & addons slow them down (known issue in FireFox).

To wit, 10++ things AdBlock can't do, hosts can:

---

1.) Blocking rogue DNS servers malware makers use

2.) Blocking known sites/servers that serve up malware... like known sites/servers/hosts-domains that serve up malicious scripts

3.) Speeding up your FAVORITE SITES that hosts can speed up via hardcoded line item entries properly resolved by a reverse DNS ping

4.) AdBlock works on Mozilla products (browser & email), hosts work on ANY webbound app AND are multiplatform.

5.) AdBlock can't protect external to FireFox email programs, hosts can (think OUTLOOK, Eudora, & others)

6.) AdBlock can't help you blow past DNSBL's (DNS block lists)

7.) AdBlock can't help you avoid DNS request logs (hosts can via hardcoded favorites)

8.) AdBlock can't protect you vs. TRACKERS (hosts can)

9.) AdBlock can't protect you vs. DOWNED or "DNS-poisoned" redirected DNS servers (hosts can by hardcodes)

10.) Hosts are EASIER to manage, they're just a text file (adblock means you had BEST know your javascript, perl, & python (iirc as to what languages are used to make it from source)).

& more... as a tiny 'sampling' & proofs thereof!

---

Same with Ghostery:

---

FROM ->

Adblock = INFERIOR to custom hosts

"The only real solution is to use adblock" - by Anonymous Coward on Wednesday February 13, @09:05PM (#42891201)

NewsFlash: AdBlock doesn't block ALL ADS ANYMORE by default (they ought to call it "almost all ads blocked" instead nowadays, lol), for starters.

Ghostery (advertiser owned, "foxes guard the henhouse" yet again & thus, knowing that + what I stated above about AdBlock too? You'd have to be a "cluck" to use it OR adblock, since they've both "souled out"...)

DNS is RIDDLED with security issues out of NEGLIGENCE mainly!

(Especially since most DNS servers worldwide are UNPATCHED vs. the Kaminsky flaw (DNS redirection poisoning) for 1/2 a decade++ now... pure negligence!).

So - What's better on a myriad of levels for YOU the end-user? THIS (and why in detail):

---

APK Hosts File Engine 5.0++ 32/64-bit:

http://start64.com/index.php?option=com_content&view=article&id=5851:apk-hosts-file-engine-64bit-version&catid=26:64bit-security-software&Itemid=74

Which, if you read the list of what it can do for you as an end user of the resulting output it produces listed in the link above, you'll understand how/why...

"It's as strong as steel, & a 3rd of the weight" - Howard Stark from the film "Captain America"

---

Especially vs. competing alternate 'solutions', noted below in AdBlock/Ghostery & yes even DNS servers, next, as 'examples thereof'...

Solutions that used to be good & I even recommended them in security guides I wrote up over the decades now -> http://www.google.com/search?hl=en&tbo=d&output=search&sclient=psy-ab&q=%22HOW+TO+SECURE+Windows+2000/XP%22&btnG=Submit&gbv=1&sei=ka3yUKzxB-6_0QHLroCQCA

That did extremely well for myself (and users of them), for Windows users, for "layered-security"/"defense-in-depth" purposes - the BEST THING WE HAVE GOING vs. threats of all kinds, currently!

(Not anymore though, & certainly NOT far as AdBlock's concerned especially, not after this):

---

Adblock Plus To Offer 'Acceptable Ads' Option:

http://news.slashdot.org/story/11/12/12/2213233/adblock-plus-to-offer-acceptable-ads-option

(Meaning by default, which MOST USERS WON'T CHANGE, it doesn't block ALL ads - they "souled-out"... talk about "foxes guarding the henhouse")!

---

Plus, Adblock CAN'T DO AS MUCH & not from a single file solution that runs in Ring 0/RPL 0/kernelmode via tcpip.sys, a driver (since it's part of the IP stack & tightly integrated into it) which is far, Far, FAR FASTER than ring 3/rpl 3/usermode apps like browsers, & addons slow them down (known issue in FireFox).

To wit, 10++ things AdBlock can't do, hosts can:

---

1.) Blocking rogue DNS servers malware makers use

2.) Blocking known sites/servers that serve up malware... like known sites/servers/hosts-domains that serve up malicious scripts

3.) Speeding up your FAVORITE SITES that hosts can speed up via hardcoded line item entries properly resolved by a reverse DNS ping

4.) AdBlock works on Mozilla products (browser & email), hosts work on ANY webbound app AND are multiplatform.

5.) AdBlock can't protect external to FireFox email programs, hosts can (think OUTLOOK, Eudora, & others)

6.) AdBlock can't help you blow past DNSBL's (DNS block lists)

7.) AdBlock can't help you avoid DNS request logs

Adblock = inferior to custom hosts

"I think the "allow unobtrusive adds" feature in Adblock plus is a valid way to go." - by Anonymous Coward on Wednesday February 13, @09:05PM (#42891201)

See what John Nagle a contributor to the IP stack itself has to say on that note!

(He posts here on /., as "Animats", as a user here, a RESPECTED one for great reasons noted near the termination of my post below, has to say about THAT... i.e.-> The STRONG will survive regardless of advertising revenue, & the weak will DIE: Law of the jungle, even an economic one of today!).

Additionally, some FACTS you ought be aware of:

NewsFlash: AdBlock doesn't block ALL ADS ANYMORE by default (they ought to call it "almost all ads blocked" instead nowadays, lol), for starters.

Ghostery (advertiser owned, "foxes guard the henhouse" yet again & thus, knowing that + what I stated above about AdBlock too? You'd have to be a "cluck" to use it OR adblock, since they've both "souled out"...)

DNS is RIDDLED with security issues out of NEGLIGENCE mainly!

(Especially since most DNS servers worldwide are UNPATCHED vs. the Kaminsky flaw (DNS redirection poisoning) for 1/2 a decade++ now... pure negligence!).

So - What's better on a myriad of levels for YOU the end-user? THIS (and why in detail):

---

APK Hosts File Engine 5.0++ 32/64-bit:

http://start64.com/index.php?option=com_content&view=article&id=5851:apk-hosts-file-engine-64bit-version&catid=26:64bit-security-software&Itemid=74

Which, if you read the list of what it can do for you as an end user of the resulting output it produces listed in the link above, you'll understand how/why...

"It's as strong as steel, & a 3rd of the weight" - Howard Stark from the film "Captain America"

---

Especially vs. competing alternate 'solutions', noted below in AdBlock/Ghostery & yes even DNS servers, next, as 'examples thereof'...

Solutions that used to be good & I even recommended them in security guides I wrote up over the decades now -> http://www.google.com/search?hl=en&tbo=d&output=search&sclient=psy-ab&q=%22HOW+TO+SECURE+Windows+2000/XP%22&btnG=Submit&gbv=1&sei=ka3yUKzxB-6_0QHLroCQCA

That did extremely well for myself (and users of them), for Windows users, for "layered-security"/"defense-in-depth" purposes - the BEST THING WE HAVE GOING vs. threats of all kinds, currently!

(Not anymore though, & certainly NOT far as AdBlock's concerned especially, not after this):

---

Adblock Plus To Offer 'Acceptable Ads' Option:

http://news.slashdot.org/story/11/12/12/2213233/adblock-plus-to-offer-acceptable-ads-option

(Meaning by default, which MOST USERS WON'T CHANGE, it doesn't block ALL ads - they "souled-out"... talk about "foxes guarding the henhouse")!

---

Plus, Adblock CAN'T DO AS MUCH & not from a single file solution that runs in Ring 0/RPL 0/kernelmode via tcpip.sys, a driver (since it's part of the IP stack & tightly integrated into it) which is far, Far, FAR FASTER than ring 3/rpl 3/usermode apps like browsers, & addons slow them down (known issue in FireFox).

To wit, 10++ things AdBlock can't do, hosts can:

---

1.) Blocking rogue DNS servers malware makers use

2.) Blocking known sites/servers that serve up malware... like known sites/servers/hosts-domains that serve up m

"Rinse, Lather, & Repeat"

"There is an "allow unobtrusive adds" feature in ABP which might provide a solution to this dilemma." - by azalin (67640) on Thursday February 14, @03:55AM (#42893501)

See what John Nagle a contributor to the IP stack itself has to say on that note!

(He posts here on /., as "Animats", as a user here, a RESPECTED one for great reasons noted near the termination of my post below, has to say about THAT... i.e.-> The STRONG will survive regardless of advertising revenue, & the weak will DIE: Law of the jungle, even an economic one of today!).

Additionally, some FACTS you ought be aware of:

NewsFlash: AdBlock doesn't block ALL ADS ANYMORE by default (they ought to call it "almost all ads blocked" instead nowadays, lol), for starters.

Ghostery (advertiser owned, "foxes guard the henhouse" yet again & thus, knowing that + what I stated above about AdBlock too? You'd have to be a "cluck" to use it OR adblock, since they've both "souled out"...)

DNS is RIDDLED with security issues out of NEGLIGENCE mainly!

(Especially since most DNS servers worldwide are UNPATCHED vs. the Kaminsky flaw (DNS redirection poisoning) for 1/2 a decade++ now... pure negligence!).

So - What's better on a myriad of levels for YOU the end-user? THIS (and why in detail):

---

APK Hosts File Engine 5.0++ 32/64-bit:

http://start64.com/index.php?option=com_content&view=article&id=5851:apk-hosts-file-engine-64bit-version&catid=26:64bit-security-software&Itemid=74

Which, if you read the list of what it can do for you as an end user of the resulting output it produces listed in the link above, you'll understand how/why...

"It's as strong as steel, & a 3rd of the weight" - Howard Stark from the film "Captain America"

---

Especially vs. competing alternate 'solutions', noted below in AdBlock/Ghostery & yes even DNS servers, next, as 'examples thereof'...

Solutions that used to be good & I even recommended them in security guides I wrote up over the decades now -> http://www.google.com/search?hl=en&tbo=d&output=search&sclient=psy-ab&q=%22HOW+TO+SECURE+Windows+2000/XP%22&btnG=Submit&gbv=1&sei=ka3yUKzxB-6_0QHLroCQCA

That did extremely well for myself (and users of them), for Windows users, for "layered-security"/"defense-in-depth" purposes - the BEST THING WE HAVE GOING vs. threats of all kinds, currently!

(Not anymore though, & certainly NOT far as AdBlock's concerned especially, not after this):

---

Adblock Plus To Offer 'Acceptable Ads' Option:

http://news.slashdot.org/story/11/12/12/2213233/adblock-plus-to-offer-acceptable-ads-option

(Meaning by default, which MOST USERS WON'T CHANGE, it doesn't block ALL ads - they "souled-out"... talk about "foxes guarding the henhouse")!

---

Plus, Adblock CAN'T DO AS MUCH & not from a single file solution that runs in Ring 0/RPL 0/kernelmode via tcpip.sys, a driver (since it's part of the IP stack & tightly integrated into it) which is far, Far, FAR FASTER than ring 3/rpl 3/usermode apps like browsers, & addons slow them down (known issue in FireFox).

To wit, 10++ things AdBlock can't do, hosts can:

---

1.) Blocking rogue DNS servers malware makers use

2.) Blocking known sites/servers that serve up malware... like known sites/servers/hosts-domains t

Competition and DNT=ACK

[dumky2]

High tech and software industries are some of the most competitive out there. Yet, I see many claims in the comments that the industry ignore its customers, that customers have much demand for such privacy features, etc. I would like to see such commenters at least trying to address this apparent discrepancy.

That said I agree with the editorial (DNT as implemented in browser does not offer functioning feature until providers support it). In my mind, the browsers jumped the gun and claimed victory where there was none. As implemented, the browser setting did not account for providers taking time to implement their part.

The DNT flag should not just be sent from the browser (and assume that the provider accepts it). The browser should assume that the provider has legacy behavior (ie still doing third party tracking) unless it receives some kind of acknowledgement back from the service.
The browser can display a warning to the user if not such DNT=ACK is returned by the site, so that the user is properly informed and not misled.

Adblock/Ghostery/DNS = inferior to hosts

"They'll ask me if there's a way to deal with it and I'll point them to Adblock." - by Sycraft-fu (314770) on Wednesday February 13, @08:24PM (#42890843)

1st of all: Adblock does NOT block all ads anymore by default (they ought to call it "almost all ads blocked" nowadays instead, lol)... it's crippled from its former efficacy!

Secondly - Ghostery = ADVERTISER OWNED & tracks you... not good!

Lastly - DNS = riddled with security issues (via the UNPATCHED, mostly WORLDWIDE, Kaminsky bug (redirection dns poisoning) for 1/2 a decade++ now, pure negligence - & WORST OF ALL, @ the ISP LEVEL we all use..).

So - What's better for added speed, security, reliability, & even anonymity to an extent (vs. DNS request logs &/or DNSBLs you may not agree with as well)?

THIS:

---

APK Hosts File Engine 5.0++ 32/64-bit:

http://start64.com/index.php?option=com_content&view=article&id=5851:apk-hosts-file-engine-64bit-version&catid=26:64bit-security-software&Itemid=74

Which, if you read the list of what it can do for you as an end user of the resulting output it produces listed in the link above, you'll understand how/why...

"It's as strong as steel, & a 3rd of the weight" - Howard Stark from the film "Captain America"

---

Especially vs. competing alternate 'solutions', noted below in AdBlock/Ghostery & yes even DNS servers, next, as 'examples thereof'...

Solutions that used to be good & I even recommended them in security guides I wrote up over the decades now -> http://www.google.com/search?hl=en&tbo=d&output=search&sclient=psy-ab&q=%22HOW+TO+SECURE+Windows+2000/XP%22&btnG=Submit&gbv=1&sei=ka3yUKzxB-6_0QHLroCQCA

That did extremely well for myself (and users of them), for Windows users, for "layered-security"/"defense-in-depth" purposes - the BEST THING WE HAVE GOING vs. threats of all kinds, currently!

(Not anymore though, & certainly NOT far as AdBlock's concerned especially, not after this):

---

Adblock Plus To Offer 'Acceptable Ads' Option:

http://news.slashdot.org/story/11/12/12/2213233/adblock-plus-to-offer-acceptable-ads-option

(Meaning by default, which MOST USERS WON'T CHANGE, it doesn't block ALL ads - they "souled-out"... talk about "foxes guarding the henhouse")!

---

Plus, Adblock CAN'T DO AS MUCH & not from a single file solution that runs in Ring 0/RPL 0/kernelmode via tcpip.sys, a driver (since it's part of the IP stack & tightly integrated into it) which is far, Far, FAR FASTER than ring 3/rpl 3/usermode apps like browsers, & addons slow them down (known issue in FireFox).

To wit, 10++ things AdBlock can't do, hosts can:

---

1.) Blocking rogue DNS servers malware makers use

2.) Blocking known sites/servers that serve up malware... like known sites/servers/hosts-domains that serve up malicious scripts

3.) Speeding up your FAVORITE SITES that hosts can speed up via hardcoded line item entries properly resolved by a reverse DNS ping

4.) AdBlock works on Mozilla products (browser & email), hosts work on ANY webbound app AND are multiplatform.

5.) AdBlock can't protect external to FireFox email programs, hosts can (think OUTLOOK, Eudora, & others)

6.) AdBlock can't help you blow past DNSBL's (DNS block lists)

7.) AdBlock can't help

You're welcome (& thank you too)... apk

"Not sure if you'll ever read this, and no need to reply, but I just wanted to thank you sincerely for the best (albeit probably the longest) Slashdot post I've ever read in 14 (or so) years. I will study your excellent post and learn and grow in the coming months. Thank you!" - by Anonymous Coward on Thursday February 14, @01:05PM (#42897779)

See subject-line above, & thank you in return - I only hope you're not some "troll" that's going to accuse ME of being YOU (posting ac) etc./et al (there's TONS of experienced trolls around here that *think* they're clever pulling that shit on myself & others that elect to post AC is why I state this).

I am GLAD you enjoyed it - as I only strive for truth, & to learn more myself (nobody knows it all), & to share good news/facts with others also!

Just to "better myself" - that's what technical forums in computing are REALLY about (not trolling morons who ruin it for everyone)...

---

"As an Opera user for more than 12 years, I don't feel the pain and frustration that so many do. All of these problems would be solved if people would just use Opera, or if all browsers would let you do per-site control, blocking, etc. It just amazes me at how much time and energy people will put into discussing this stuff when a simple solution is available." - by Anonymous Coward on Thursday February 14, @01:05PM (#42897779)

Agreed, it is, as I have called it MANY TIMES BEFORE HERE (& was even modded up for a couple times, ala -> OPERA "SUPERIOR WARRIOR":2009 -> http://developers.slashdot.org/comments.pl?sid=1309763&threshold=-1&commentsort=0&mode=thread&pid=28768721
    ) "THE SUPERIOR WARRIOR" in webbrowsers & was "modded up" for it, IF that says anything here in regard to our feelings/thoughts & experiences using it vs. other webbrowsers as our "weapon-of-choice" online!

The solution I propose, combined custom hosts files (since they're better than Adblock + Ghostery as I noted with backing valid data, & DNS servers alone (especially locally vs. filtering custom remote ones I listed imo)) + OPERA's "By Site Preferences" make most all threats online, a lot less possible, for you to be "bushwhacked" by... just fact!

At least YOU realize it too ('great minds think alike', lol)...

---

"Other than this post, I'm the only other person to comment about Opera. Sigh. I know I have a high IQ... maybe governments should be run only by people with high IQs? Please people- just use Opera- problem solved." - by Anonymous Coward on Thursday February 14, @01:05PM (#42897779)

My "IQ" clocks in typically between 130-135, so not THAT "high", & I've worked alongside many other coders in particular that were 150++ & above... I do KNOW there IS a difference.

I've heard one person here not TOO long ago say that "Opera is for SMART INDEPENDENT PEOPLE" though, so I am inclined to agree (perhaps smart is not the right word - "better informed" might be a BETTER choice!).

APK

P.S.=> Smart = relative. Depends on who's doing the judging after all, reality IS a matter of perception & all that (as well as how HIGH your IQ is vs. your judges, lol, not that it really matters though imo @ least)... anyhow/anyways - glad you liked the post!

... apk

It's not even out of committee yet...

...so saying that it's not implemented is rather a "well, duh!" moment, isn't it?

"Rinse-Lather & Repeat", trolls (U FAIL)

Doesn't change a thing vs. verifiable undeniable facts extolled http://yro.slashdot.org/comments.pl?sid=3459251&cid=42895851 in that link, per my subject-line above's statement of fact!

* To the downmodder of my post? Well, see above, & YOU KNOW IT, I know it, & anyone with 1/2 a brain does as well!

(Especially since all you have is an effete downmod to *try* to "hide" its points from others, & yet you have NO refutation of my points + you are clearly unable to disprove them with VALID counter-points!)...

LMAO - especially since you blew your modpoints not onlly on the parent post, but also this one already before too here -> http://yro.slashdot.org/comments.pl?sid=3459251&cid=42897131

(Showing YOUR "fail" trolls, vs. truths & documented facts that leave you helpless & eating my dust!)

Keep blowing your mod points - you'll "run dry" sooner or later, & when you do? I will STILL post again beneath my original post you downmodded invalidly... & win, as always!

APK

P.S.=> Ah, yes... the downmodder's just MAKING ME just HAVE to say it (and long time /.'ers know what THAT means, lol):

THIS? This was just "too, Too, TOO EASY - just '2ez'" & always is: Especially vs. trolls that have nothing more than bogus unjustifiable downmods vs. points in my posts (backed by reputable sources cited no less)...

... apk

"Rinse, Lather, & Repeat" trolls (U FAIL!)

Doesn't change a thing vs. verifiable undeniable fact extolled http://yro.slashdot.org/comments.pl?sid=3459251&cid=42895943 in that link to my original post you downmodded with NO technicals disproving my points (thus it's invalid downmod troll b.s., nothing more), per my subject-line above's statement of fact!

* To the downmodder of my post? Well, see above, & YOU KNOW IT, I know it, & anyone with 1/2 a brain does as well!

(Especially since all you have is an effete downmod to *try* to "hide" its points from others, & yet you have NO valid refutation of my points either, + you are clearly unable to disprove them with VALID counter-points!)

Funniest of all is the FACT you blew your modpoints 2x already on the post above, & yes, this SAME post -> http://yro.slashdot.org/comments.pl?sid=3459251&cid=42897211 I am reposting that shows YOU FAIL trolls!

(You truly can't do anymore than *try* to vainly "hide" this post, but others DO see it since most here post WELL BELOW the b.s. default /. puts on ac posters, and downmodded posts (you can't disprove my points & "best you got" is b.s. invalid downmods, lol!))

So, go on: Keep blowing your mod points - Since you will "run dry" & I'll just post beneath the initial post once more to drag it back into view, & you fail again, lol...

APK

P.S.=> Ah, yes... the downmodder's just MAKING ME just HAVE to say it (and long time /.'ers know what THAT means, lol):

THIS? This was just "too, Too, TOO EASY - just '2ez'" & yes, ESPECIALLY vs. trolls that have nothing more than bogus unjustifiable downmods vs. points in my posts (backed by reputable sources cited no less)...

... apk

Bogus downmods = "best ya got", trolls?

Doesn't change a thing vs. verifiable undeniable facts extolled, here -> http://yro.slashdot.org/comments.pl?sid=3459251&cid=42894807 in that link to my original post you had NOTHING VALID to disprove its points with (only bogus unjustifiable downmods, nothing more), per my subject-line above's statement of fact!

* To the downmodder of my post? Well, see above, & YOU KNOW IT, I know it, & anyone with 1/2 a brain does as well!

(Especially since all you have is an effete downmod to *try* to "hide" its points from others, & yet you have NO refutation of my points + you are clearly unable to disprove them with VALID counter-points!)

Face facts since that's "the best ya got" trolls - YOU FAILs & can't do anymore than *try* to vainly "hide" this post!

HOWEVER: Others here DO see it since most here post WELL BELOW the b.s. default /. puts on ac posters, and downmodded posts (you can't disprove my points & "best you got" is b.s. invalid downmods, lol!).

Keep blowing your mod points: You'll "run dry" & I'll just post beneath the initial post once more to drag it back into view, & you fail again, lol...

APK

P.S.=> Ah, yes... the downmodder's just MAKING ME just HAVE to say it (and long time /.'ers know what THAT means, lol):

THIS? This was just "too, Too, TOO EASY - just '2ez'" & yes, ESPECIALLY vs. trolls that have nothing more than bogus unjustifiable downmods vs. points in my posts (backed by reputable sources cited no less)...

... apk

Effete, vain, & invalid downmods trolls? U FAI

Doesn't change a thing vs. verifiable undeniable facts extolled here-> http://yro.slashdot.org/comments.pl?sid=3459251&cid=42895579 in that link to my original post here you bogusly downmoderated with NO valid technical justifications disproving my points therein, ALL per my subject-line above's statement of fact!

* To the downmodder of my post? Well, see above, & YOU KNOW IT, I know it, & anyone with 1/2 a brain does as well!

(Especially since all you have is an effete downmod to *try* to "hide" its points from others, & yet you have NO refutation of my points in the link above, + you are clearly unable to disprove my points there with VALID counter-points!)

So, face facts trolls - YOU, FAIL... lol!

APK

P.S.=> Ah, yes... the downmodder's just MAKING ME just HAVE to say it (and long time /.'ers know what THAT means, lol):

THIS? This was just "too, Too, TOO EASY - just '2ez'" & yes, ESPECIALLY vs. trolls that have nothing more than bogus unjustifiable downmods vs. points in my posts (backed by reputable sources cited no less)...

... apk

Unjustifiable downmods trolls? You FAIL!

Doesn't change a thing vs. verifiable undeniable facts extolled here-> http://yro.slashdot.org/comments.pl?sid=3459251&cid=42896527 in that link to my original post here you bogusly downmoderated with NO valid technical justifications disproving my points therein, per my subject-line above's statement of fact!

* To the downmodder of my post? Well, see above, & YOU KNOW IT, I know it, & anyone with 1/2 a brain does as well!

(Especially since all you have is an effete downmod to *try* to "hide" its points from others, & yet you have NO refutation of my points in the link above, + you are clearly unable to disprove my points there with VALID counter-points!)

APK

P.S.=> Ah, yes... the downmodder's just MAKING ME just HAVE to say it (and long time /.'ers know what THAT means, lol):

THIS? This was just "too, Too, TOO EASY - just '2ez'" & yes, ESPECIALLY vs. trolls that have nothing more than bogus unjustifiable downmods vs. points in my posts (backed by reputable sources cited no less)...

... apk

AdBlock = Inferior to custom hosts

"Adblock also greatly improves the performance of browsing the web, especially if you're on a slow network or dialup." -

Not as well as custom hosts files do, 1 of 2 ways:

---

A.) By doing what adblock does, but better (since adblock no longer blocks ALL ads by default, they "souled out" imo) - in blocking adbanners (also due to them infesting folks with malicious code, not just for speed gains - See links below for numerous "proofs thereof)

AND

B.) By using "hardcoded favorites entries" which is FASTER than calling out to remote DNS servers since it is locally done by FAR (& the 1st thing your OS loads for online access IS the tcpip.sys file/IP stack & hosts are a simple textfile filter for it, cached into RAM either by the local DNS clientside cache service in Windows, or as I do it, since that service IS 'buggy' with larger hosts files, the local kernelmode diskcaching subsystem - as well as any webbound client programs (browsers, email programs external to browsers like Outlook, Eudora & others adblock does NOT protect there vs. spam/phishing/maliciously scripted HTML mail etc. either) since the 1st thing queried is the hosts file itself, before ANYTHING else, & browser addons + browsers CANNOT determine the IP address resolution by themselves, first).

That's just a sampling - there are also 10++ things custom hosts files do for better speed, security, reliability, & even added anonymity to an extent (vs. DNS request logs + vs. DNSBL's you may NOT agree with as well), that adblock just PLAIN CANNOT DO, that is to YOUR ADVANTAGE as a user of the web!

See below for that list... read on:

---

What do I use to populate mine? This (I designed it):

---

APK Hosts File Engine 5.0++ 32/64-bit:

http://start64.com/index.php?option=com_content&view=article&id=5851:apk-hosts-file-engine-64bit-version&catid=26:64bit-security-software&Itemid=74

Which, if you read the list of what it can do for you as an end user of the resulting output it produces listed in the link above, you'll understand how/why...

"It's as strong as steel, & a 3rd of the weight" - Howard Stark from the film "Captain America"

---

Especially vs. competing alternate 'solutions', noted below in AdBlock/Ghostery & yes even DNS servers, next, as 'examples thereof'...

Solutions that used to be good & I even recommended them in security guides I wrote up over the decades now -> http://www.google.com/search?hl=en&tbo=d&output=search&sclient=psy-ab&q=%22HOW+TO+SECURE+Windows+2000/XP%22&btnG=Submit&gbv=1&sei=ka3yUKzxB-6_0QHLroCQCA

That did extremely well for myself (and users of them), for Windows users, for "layered-security"/"defense-in-depth" purposes - the BEST THING WE HAVE GOING vs. threats of all kinds, currently!

(Not anymore though, & certainly NOT far as AdBlock's concerned especially, not after this):

---

Adblock Plus To Offer 'Acceptable Ads' Option:

http://news.slashdot.org/story/11/12/12/2213233/adblock-plus-to-offer-acceptable-ads-option

(Meaning by default, which MOST USERS WON'T CHANGE, it doesn't block ALL ads - they "souled-out"... talk about "foxes guarding the henhouse")!

---

Plus, Adblock CAN'T DO AS MUCH & not from a single file solution that runs in Ring 0/RPL 0/kernelmode via tcpip.sys, a driver (since it's part of the IP stack & tightly integrated

Tell me more on this id string you speak of

NoScript's excellent (one of the best, if not THE best addon for Mozilla FireFox variants there is): I noted that in another post in this article's thread, here -> http://yro.slashdot.org/comments.pl?sid=3459251&cid=42896911 .

It's "good stuff" since javascript's OFTEN misused quite a lot!

(It's right up there with Adobe Flash, & JAVA itself being misused, albeit they get misused for diff. reasons, in that they have "inbuilt" vulnerabilities that get taken advantage of by the "bad guys", whereas javascript's a programming tool with a faulty DOM imo).

IMPORTANT - on the browser sending an id string: I use Opera, & it offers options to "mask" itself, or "identify as" OPERA, IE, or FIREFOX... is THAT what you meant? I don't have any other options other than those though... in other words, no option here for changing to "mobile" IF this is what you meant!

APK

P.S.=> That idea sounds clever actually - can you tell me more? Thanks... & my apologies for such a belated reply to you, I was busy with other posts & "domestic duties" (fixing a door here and hanging venetian blinds in all of the windows, lol!

... apk

To trolls downmodding my post?

You're more than welcome to disprove my points in favor of hosts here -> http://yro.slashdot.org/comments.pl?sid=3459251&cid=42894545 instead - that'd be FAR MORE EFFECTIVE, don't you agree?

1 problem though - you can't: YOU know it, I KNOW IT, & so does anyone else reading here with 1/2 a brain also!

* :)

So, see my subject-line above, & realize this: YOU FAIL!

APK

P.S.=> Ah, it's always the SAME b.s. over & over, seeing my 'detractors' being unable to validly disprove my points on the benefits of custom hosts files for speed, security, reliability, & even anonymity to an extent (vs. DNS request logs + DNSBL's they may not like also it allows them to get past) - & thus?

Well... lol, you just KNOW you're MAKING ME just HAVE to say it, as-is-per my own "inimitable style":

THIS? This was just "too, Too, TOO EASY - just '2ez'"

Always is!

Just in seeing whoever downmodded my post I just replied to, unjustifiably (by lacking the ability to disprove my points on hosts that benefit end users of them via valid computing technical critique on THEIR part to do so), have to resort to the "last resort of trolls" (lol) in unjusitifiable downmods to *try* to vainly & effetely "hide" my post so others won't see it!

New NEWS/NewsFlash/Clue: Most folks here browse WELL BELOW the bogus slashdot default pageview (in order to see all points posted) & will + DO see it, + I just post beneath the post you do it to, & it drags it right back into view... so, so much for that on YOUR parts, trolls!

Folks see it, & many times, start using them (anyone want proofs of that too? "Ask & YE SHALL RECEIVE" since I have, oh, roughly 100 of them here or so as proof thereof).

No, lmao, instead, what do I get??

Bogus downmods to try hide my posts, & a "Run, Forrest - RUN!!! when I make that challenge I did above to these worms who do these "hit & run" bogus downmods of my posts, every single time - which not a SINGLE ONE here has managed to disprove in my posts' points listed in favor of custom hosts files & what they can do that is of benefit to end users of them!

(Man - It is UTTERLY hilarious... & consistently so in fact - but, it also allows me to know I am doing the RIGHT thing by others, perhaps that is the most important fact of all here... unlike the trolls downmodding my posts unjustifiably)

... apk