Slashdot Mirror
Malvertising Up By Over 200%
An anonymous reader writes "Online Trust Alliance (OTA) Executive Director and President Craig Spiezle testified before the U.S. Senate's Homeland Security and Governmental Affairs Permanent Subcommittee on Investigations, outlining the risks of malicious advertising, and possible solutions to stem the rising tide. According to OTA research, malvertising increased by over 200% in 2013 to over 209,000 incidents, generating over 12.4 billion malicious ad impressions. The threats are significant, warns the Seattle-based non-profit—with the majority of malicious ads infecting users' computers via 'drive by downloads,' which occur when a user innocently visits a web site, with no interaction or clicking required."
And is expected to peak an the Monday before the first Tuesday in November
The others being performance and functionality related. I don't like ad's due to the security risk, and they can slow down my machine and make it very fucking hard to see the article.
If your site has harmless ad's, that is one thing.
On the other hand, if your site can only survive by being paid for with ads, you need a new business model.
If you ignore ACs because they are anonymous - you're an idiot.
> On the other hand, if your site can only survive by being paid for with ads, you need
> a new business model.
Like Slashdot, you mean? Or is this site supported by the Bandwidth Pixies?
I find NoScript extension convenient.
According to any slashdotter as long as you do not run any AV software and don't run downloads you will be perfectly fine! This all is a scam to force us to buy Av software that's it and my ff 3.6 with +100 holes as of now running admin is perfectly save because I am cautious user
http://saveie6.com/
It's useful, I don't know if it's convenient. Most sites won't even load anymore if you have Javascript turned off.
"Tell me doctor, with all of your defenses, are there any provisions for an attack by killer bees?"
testified before the U.S. Senate's Homeland Security and Governmental Affairs Permanent Subcommittee on Investigations
That has to be the most ridiculously long name for bullshit I've ever seen.
Again AV software has been proven not to work.
The biggest problem is always the user and if you weren't retarded and actually read the article you would see the user went to a weird site. Stick with the sites you know and for heavens sake don't click the blue E
Seriously. After getting nailed through (what else) a malware-spewing ad, I stopped being a cranky old man and dropped NoScript, AdBlock and Ghostery onto my browsers.
Approximately 90% of the web is completely broken for me unless I turn one or more of them off.
A lot of things exist entirely because of advertising, like television, alt-weekly newspapers, etc...why should it be any different on the web?
They're talking about 2 different things. Malware advertising is "your PC had errors. Click here to fix it" and it download some registry nagware bullshit. Drive by downloads are not ads at all. It's an exploit kit and it's what happens when the ad blocks get hacked. It's not like someone supplied exploit code to Google's advertising program. The article is talking about 2 completely different things.
I think he's saying all content needs to be either paywalled or made or sponsored by the wealthy and powerful.
How can I believe you when you tell me what I don't want to hear?
On the other hand, if your site can only survive by being paid for with ads, you need a new business model.
So you would rather them charge you directly?
That model has worked pretty well for Google too.
---- Booth was a patriot ----
Moral? A true sign of how far Society has fallen, we have fallen into so many different discussions over the morality of self-defence.
Wonder how long the moderators will treat metix007's comment like a yoyo over their own views? I miss the old good slashcode where even us forever ACs could view stats on up/down mods, but I do know they have gone up/down a few times already just from refreshes to check for new comments. Mod war without any real discussion from the other side is kind of a waste.
The first rule of the bandwidth pixies is you do not talk about the bandwidth pixies.
"It's useful, I don't know if it's convenient. Most sites won't even load anymore if you have Javascript turned off."
It's a huge timesaver. If they are not returning a webpage I figure that out immediately and move on to another site that does. With default settings on a modern browser you can only figure that out later through more subtle clues, and in the meantime you have infected your machine.
=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Friends don't let friends enable ecmascript.
> On the other hand, if your site can only survive by being paid for with ads, you need
> a new business model.
Like Slashdot, you mean? Or is this site supported by the Bandwidth Pixies?
Slashvertizement - dude.
"Articles" that are really press releases and "articles" that trumpet some company's product.
The movie industry has been doing this for years with product placement. Mike Meyers makes fun of it all the time.
Anyway, it's not our problem.
You might find this useful and intersting. I have so far http://it.slashdot.org/comment... because it sounds like a way to stop malicious code or script from ever getting to you in the first place by blocking sites with it out with ads and more threats also.
When the culprits are found, remove their digits via guillotine. If that doesn't persuade, remove thy arm... Problem solved the digital way! ; )
It's not a legal problem that needs another law. The business side of software development needs to stop forcing proprietary software with digital restrictions (Mozilla I'm looking at you) and other privacy and security related anti-features the masses don't need (like scripting within an image format, and a niche business-need doesn't qualify as a feature we need in a consumer piece of software, like macros) then there would be the possibility of reasonably secure OS (provided you didn't make everything idiot-proof to install, or only did so for evaluated applications, like a system such as Debians where developers and packagers are evaluated, approved, etc).
http://it.slashdot.org/comment...
* It works with what you have already, in kernelmode speed (higher CPU requests alloted out of Ring 0 in highly used & priveleged TCP/IP.SYS driver's why, for servicing it's requests...) doing MORE with LESS (by far) for added:
1.) SPEED
2.) SECURITY
3.) RELIABILITY
4.) ANONYMITY
Online, working on a VERY simple principle, of "What you can't touch, can't touch or harm you..."
(Especially vs. browser addons & even shoring up DNS security issues from redirects or even "downage"...)
Enjoy - it's 100% free, no strings attached, no tracking (or malicious stuff that ads even have been doing), etc.-et al!
APK
P.S.=> Here's some "substantiating evidence" for YOUR claim too -> http://it.slashdot.org/story/1... (AntiVirus, according to SYMANTEC/NORTON admitting it honestly @ lesat, ONLY STOPS ~ 55% of threats nowadays... my program's 100% IF you keep it up to date with current information (which it can do "automagically" too if need be))...
... apk
Will it be protected by DRM?
Or is this site supported by the Bandwidth Pixies?
At one point, yes. I was one of them. I worked at an ISP and we gave Rob Malda a Pentium Linux box (slackware, IIRC) to host images.slashdot.org when his T1 started getting full. We gave Slashdot free hosting and bandwidth for about 2-3 years, until he moved on to other servers.
-- I have a private email server in my basement.
Good, now I don't have to say it. I'll just be among those who agree with it.
This is no different, in my opinion, than having a "smart TV" (or an xbox360/one) in your livingroom and having advertisers gaining access to your entertainment device. For many people, there is literally no distinction. We are not required to hand over our privacy and security to support someone else's business model. Some would say "if you consume, you are morally obligated" but I disagree.
Someone needs to stand in front of congress and say "hey, this isn't a problem for Firefox users because they have a convenient and largely effective means by which they can protect themselves. MSIE and Chrome, not so much, and this is by design. Talk to the companies who support these malicious advertisers about why they choose not to protect their customers."
The offer Plan B pills for free from the local Uni.
This is why I give ABP as SOP for all of my builds and by doing so? I've dropped infections right off the chart. people send their families and friends and business partners to me because "When he sets it up they don't 'slow down' and 'get buggy' which with modern OSes mean malware. As I have said before if you want to support your website with ads? Fine then follow best practices, site based only, no leasing out to ad farms, no flash or java, and if you follow best practices? ABP will even put you in the "good adverts" column and whitelist you by default. But MY customers shouldn't have to pay me $75 a pop to clean the messes YOUR business mode makes. As I said on the Escapist when they did their "poo poo bad adblockers" bit "Either you stand by your website and pay the damages when you infect the viewers or you can STFU because nowhere does it say people have to put their machines at risk simply because you are too lazy to vet your ads". ironically the second I posted that? A half a dozen behind me slapped up links showing the number of infected ads run by the Escapist that year which put them in a "high risk" category. Needless to say they moved to another topic right quick LOL.
Oh and as for your sig? I ignore ACs because there is frankly no point in ACs at all. For every insightful AC there is a hundred trolls so having AC doesn't improve comments, and since an AC will never see your response there is no point in responding to them as it will never be seen. So as I see it ACs are only good for one thing, and that is posting without fear of taking a karma hit...aka being douchebags and trolls. So why should i waste my time giving a fuck about somebody too God damned lazy to spend a whole 2 minutes to make a UID?
ACs don't waste your time replying, your posts are never seen by me.
The usps should vet everyone that sends mail, to ensure consumers are protected. :-P
The others being performance and functionality related. I don't like ad's due to the security risk
Am I missing something here? How insecure does your browser have to be to allow insecure code to be run just by visiting a website? I thought we were past the days of IE6!
== Jez ==
Do you miss Firefox? Try Pale Moon.
- Find the criminal scum responsible.
- Break their arms and legs while their families watch.
- Throw them off a cliff into the ocean and see if they can swim.
Really? Adblocking has worked fine in Chrome for years. When it first shipped, the model was you still downloaded and ran the ad, then removed it from the page. But it has been a long time since those days.
When websites vet their advertisement and host the stupid things, I'll let them through (and in fact do so).
Too many web sites which run ads are buying them through a chain of multiple resellers. Under current law, the web site running the ad can usually disclaim responsibility for hostile ads. That may change. The article is about testimony before the U.S. Senate's committee on homeland security.
The site that displays the ads should be held responsible. Sites which run ads would then need to protect themselves by legal and technical means. For example, if you run ads on your site, your contract with the advertising provider should provide that they will indemify and defend you should a bad ad get through.
Well that's a powerfully stupid idea.
WTF has the website showing it got to do with the code in it? ZERO... that is wrong of them to even THINK about doing that!
* Anyways/anyhow - THIS is why I created my program for added speed, security, reliability, & anonymity online http://it.slashdot.org/comment... since it works BETTER than any single browser addon there is doing FAR MORE for users in the capacities noted above, for less (using what you have already, instead of "bolting more on" increasing complexity, resources usage, & chance of breakdown etc.) - it just works.
APK
P.S.=> Thanks for letting me know that - you're 1 of the FEW people around here I truly respect (since I know you've done work on the TCP/IP stack iirc - & I can respect THAT, bigtime - it's a lot more than MOST can say is why)...
... apk
NoScript allows you some measure of control - obnoxious Flash ads, Javascript-driven ads and other bits can often be turned off (due to separate origins) while the main functionality stays on.
Only a small minority of sites flat out won't work without scripting. Just cruise past those idiot webmasters (they were probably making Flash only sites back in the day) and find an analogous site, there are usually many.
Then there are some that bitch if you have it off, like YouTube (they cannot track you as well without it, which is why they whine). But they are still functional. I can make full use of YouTube without scripting, with a Flash downloader. I get better performance than with their shitty streaming thing, anyway.
And always send feedback if a company or individual is clearly clueless over how scripting should be optional to the functioning of a site. If you never write in, they will never know their site is broken in a secured environment.
V
So how can they be liable for what they didn't create? Just doesn't make sense to me is all.
APK
P.S.=> Heh - then again? It makes perfect sense, when "legal bureaucracy" steps in looking to CREATE A PROBLEM to further justify their budgets + payrolls (hence, their livelyhood) - & IF I am 'off' on any of this? My bad - didn't read the article yet (had to step out) but from what Animats said so far & he's pretty reliable? Well, again: It just sounds wrong to do is all (almost/sort of like being an innocent 3rd party to a sale which I firmly agree is a GOOD thing, not a bad one (sort of but in "reverse"... ah, I am not expressing myself well today so, take me with a grain of salt if I am way off here...))
... apk
APK refuses to open source his software to prove it is malware-free. He can't prove it is malware-free because in fact it's just the opposite: his software is full of identity theft malware (and probably worse). See this thread for an example of APK stealing a Slashdot user's login credentials to post as the victim after the victim installed the APK malware engine: http://slashdot.org/comments.p...
APK trolls to get people to install his malware engine so that he can steal their identities. People should report his malware to their antivirus software companies so it can be properly flagged as the malware it is.
"On the other hand, if your site can only survive by being paid for with ads, you need a new business model."
So much for slashdot then.
Especially when they can speak for themselves? ;-)
Ezekiel 23:20
There is non-malicious advertising?
As far as I'm concerned, the only difference here is that regular advertisement attacks your mind (compare the old CIA PsyOps manuals with modern day advertisement psychology, you'll find quite a few similarities) while "malvertisement" attacks your computer.
I'd rather have my computer attacked. It can be firewalled or, if that fails, reinstalled.
Assorted stuff I do sometimes: Lemuria.org
If you're running flash, you have no need to worry about javascript, you're already vulnerable.
I think we've pushed this "anyone can grow up to be president" thing too far.
I thought we were past the days of IE6!
Yes, but so are the attackers.
Assorted stuff I do sometimes: Lemuria.org
If the free market worked, it wouldn't be a problem. Government is supposed to step in to correct the failures of the free market by making laws to ensure that businesses do not harm the citizens.
Until everyone can download and compile your software and produce the same checksum on the resultant binary, we have zero proof that you have not injected additional malware code into your software.
Everyone: it is very convenient, don't you think, that APK wants you to run his installer with elevated privileges? APK's malware engine could (and does!) run apk's secret malware code behind the scenes to steal your identity and send your confidential data to him.
Full open sourcing to EVERYONE is the only way his code could possibly be proven to be safe. Apk runs from doing this because he wants to steal your identity (or worse!).
That's very interesting, but how does it handle sites that distribute malware from aaaa.badsite.ru today and changes to bbbb.badsite.ru tomorrow? As far as I know, hosts files don't support wildcards.
thx
This is yet one more example illustrating precisely why ad blocking is necessary. The bloggers and others who make their living in the content business howl with righteous indignation at those of us who use these tools, but I submit that their anger is misdirected. On the contrary, it's the advertising networks who rightly deserve their wrath for allowing their business to become a cesspool of infectious viruses, worms and frankly worthless crap. Indeed, it seems that their motto is, "our advertising services are the right thing for anyone with a credit card, no questions asked." So I ask you, why should visiting your site without ad and script blocking enabled be akin to walking into the darkest corner of the bathhouse, bending over and letting everyone have their way with nary a condom nor a reach around in sight?
Indeed, I'm not running Flash either. I don't even have it installed. That is why I mentioned using a download utility to acquire videos from websites rather than viewing them in page.
V
I'm doing the same thing for work builds now. Because the Boeing and Airbus catalogs require IE8 or less I've taken the E off of the taskbar and put Firefox in with an adblocker. They have to click on the desktop icon that will take them to the exact site. Our GPO only lets IE visit the sites that we have vetted, and most of those are password protected sites to other vendors and manufacturers.
Since rolling out that image I've had quite a few cow-orkers ask how to adblock at home. I'm only too glad to show them.
-- I have a private email server in my basement.
That's swell, Arker. Not everyone is willing to go back to paper based financials for all their mortgages, credit cards, student loans, retirement accounts, etc.
Even better, not everyone can afford to refinance their mortgage simply to switch providers to one that *currently* uses a non-JS website (no guarantees for the future, of course).
No compromise approaches often have major drawbacks and should be instituted with care.
In the security community (on its CONFIG tab page), "automagically", or manually.
APK
P.S.=> Initially, it gives you CURRENT data 1-6++mb usually is the range daily - not much, compared to Almost ALL Ads blocked topping 4++gb!
(It's the most important data really - current)
That's initially (sort of like how AntiVirus programs did HIGH, LOW, MEDIUM type settings for signatures).
HOWEVER - you CAN do what I've done using it building up its hosts file over time!
(E.G.-> I have since 1997, I didn't release it until 2012 in GUI form out of respect for webmasters, but, once ads started getting infested to infect you? Out the door to the masses she went)
Which is to KEEP THEM ALL IN THERE over time, ONLY dumping out false positives when needed!
That's for good reasons I noted in my post you replied to - "FastFlux" &/or "Dynamic DNS" using botnets (which recycle & reuse domains they paid for OVER & OVER again with "dirty" hosting providers & rogue DNS servers, etc.)... apk
Per the post you replied to & I'm under no obligation to give my work away to everyone. I have that option.
APK
P.S.=> Despite your giving me orders? That's the way it's going to be, sorry... apk
You can pay directly to get rid of ads here. You can't say that for most other sites.
Guess you didn't hear about AdBlock memory/cpu overconsumption http://it.slashdot.org/comment...
BS.
The people who block ads by default, are idiots at best, assholes at worst.
"On the other hand, if your site can only survive by being paid for with ads, you need a new business model."
Double BS. Do you think your TV shows would still be filmed if they had to be exactly 60 minutes long instead of 43 for the inclusion of 17 minutes worth of ads? (Exact numbers from Fox's Fringe on Netflix)
It doesn't work that way, and consider that the number of incidents (12.4 billion) impressions is equal to about a blink of an eye in internet time.
The incidents are increasing just like SPAM increases. The weakness is the browser, not the ad delivery system.
#1. Browsers allow document.write, .innerHTML or .eval() to be used at all, these are used by malware to bypass XSS checks. These should be disabled by default. The latter is used by JSON libraries so that means JSON itself is equally weak.
#2. Browsers allow new windows, new browser tabs, or replacement of the existing browser session without user input. These need to be treated the same as "popup" blocking, as current popup blocking is largely ineffective. Part of this problem is caused by how Chrome "sandboxes" so malware may get launched from one tab, but you won't know which ad in a tab did it. So one way this would be effective is to prevent non-interactive navigation. This would also force ad networks to use strictly iframe methods instead of Javascript.
#3. Plugins must be disabled by default, both flash and Java, and PDF readers. The web browser must tell the script on the page that it would like to use a plugin, and then wait for the user to confirm running the plugin for just this page or the entire domain that the content is loaded from. This would solve a lot more problems and this is actually how I have flash setup by default (I only have the x64 activeX plugins installed on windows and have the 32bit ones disabled, since malware tends to think everyone uses 32bit browsers.)
One of the things I do for friends computers is set the host files to auto-update from security malware sites. These update pretty regularly, unlike Adblock which, although useful, doesn't do everything. Noscript, Disconnect Me, Ghostery and the like are becoming defacto necessary security precautions. Were I running a consumer product's multi-million dollar ad campaign I'd be really pissed at the malware guys.
---- The above post was generated by the Turing Institute. Maybe.
Pre meditated crimes should be punished by summary execution a scam takes planning preparation and time to execute as most of these ads are mostly some form of scam execute a few the rest will quickly disappear. Alternatively make the companies who take their money responsible and execute one CEO the result will speak for itself
No, he's implying ad servers need to start acting like a responsible industry. They pollute the web with malware and make a lot of sites unreadable with adblocking, owing to the moving, flashing and sometimes audible garbage that cover some sites.
If a simple text article with a few associated photos causes my computer's fan to wheeze and slows it to a crawl, and the ads keep breaking my concentration, AND they pose a security threat that (over the years) has gone from significant to huge, then their business model is just attempting to use you as a pair of eyes with a wallet attached. FUCK THEM.
Website operators like Ars Technica and Slashdot should be researching ways to deliver ads that are safe and sane -- there is no justification for a friggin' advertisement to be otherwise. Its just too bad the advertisers don't trust the content creators to serve the ads themselves. So what we get is a cycle of mistrust and negligence that puts their readers at risk of attack. Its sicko.
correction: 'with adblocking' should be 'without adblocking'
Sorry, apk, you aren't going to trick this crowd into installing your identity theft malware. Your transparent ruse to claim that the source you provided one guy is the same as the trojaned malware you try to get us to install is pathetic.
You have been caught red handed stealing identities (as per my previous post documenting it), though once you were caught you obviously tried to deny it. I hope the feds eventually send you to prison for decades, you evil bastard.
It's very simple: Make ad companies liable for any damage done by ads they show. Wanna bet they start auditing the shit out of every letter they show?
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
AdBlock's highly inefficient in comparison to hosts files - As I've always maintained (& now it's proven)!
So... that might not be a great idea, or the best you could do. What is? You know!
* Try this instead ("you-know-who", lol (APK)) -> http://it.slashdot.org/comment...
(Yes, Yes - "shameless plug" but, we know each other!)
APK
P.S.=> I'm certain You'll find that read, VERY interestingWladimir Palant's AdBlock.org site in HIS response to that finding (huge ram bloat, & HIGH cpu etc.)
He removed my post too! Lmao...
(All it was, was my "std. reply" I use here - purest fact)
Both of them emailed me first.
I replied telling them they're only DESTROYING THEMSELVES attempting to hide the FACT that hosts do MORE by far than ANY SINGLE BROWSER ADDON there is, + for LESS resources consumed & from a FAR FASTER LEVEL OF OPERATIONS (ring 0/kernelmode)...
I challenged Wladir Palant (author of AdBlock) in reply mail to SHOW ME & PROVE AdBlock does more for end users in added speed, security, reliabilty, & even anonymity... he won't answer, especially AFTER HE SAID, verbatim, "Hosts are a shitty solution" ... yea? See link above!
"Gosh - I wonder WHY?" LOL, not...
He knows hosts are SUPERIOR by far on tons of levels vs. AdBlock's why - NO questions asked after that & ABOUT TIME I hit him "head to head" on it after using the naysayers here for a SOLID YEAR for research of my points which none here can dispute either...
Yes - "Things have a way of working out..." & in MY FAVOR! Thank you Lord...
... apk
My wares anything but what your libelous lies claim. In fact, it's the polar opposite vs. malware in general & illustrates (and achieves) the working principal of the forcefield, 'digitally', in fact, vs. threats of nearly all kinds online from 1 part end result.
See subject-line - you're off... way, Way, WAY off!
APK
P.S.=> To those of you what use it - Do me a favor sometime: Ask Wladimir Palant of AdBlock WHY he won't face a challenge to prove what's the more versatile & useful tool: Hosts vs. AdBlock (from a list I posted to him there's no DOUBT about in 16 points)... want to know a little secret? He knows AdBlock = INFERIOR vs. Hosts is why...
... apk
Google needs a new business model?
ayottesoftware.com
You can pay directly to get rid of ads here. You can't say that for most other sites.
Or just have high enough Karma that they'll let you turn the ads off for free.
Ask Mr. S. Burn (hpHosts MalwareBytes - part of the security community) @ http://hosts-file.net/?s=Downl...
He's seen my sourcecode & recommends it there as the best of its kind right there @ the top of that site in fact, since he verified it safe (along with Symantec/Norton, ArcaVir, Comodo, ClamAV, McAfee/Intel, etc - et al).
It is: Clearly!
(As it does more with less, & more by far than any single competitor (especially browser addons) in this arena!)
Simply by using tools you already have. Less is more is good engineering.
(Not bolting on more that operates in slower rings of privelege in usermode vs. a kernelmode subsystem doing the work perfected over decades now, in TCP/IP (which hosts is part of as a filter run from another kernelmode system for caching the way I do it, in the diskcaching subsystem (for large hosts files))).
APK
P.S.=> It works - & certainly MORE EFFICIENTLY than AdBlock https://blog.mozilla.org/nneth...
+
Hosts do FAR MORE than AdBlock/Ghostery/RequestPolicy etc. in added:
SPEED
SECURITY
RELIABILITY
ANONYMITY
For end-users of custom hosts files online!
... apk
No, he's implying ad servers need to start acting like a responsible industry. They pollute the web with malware and make a lot of sites unreadable with adblocking, owing to the moving, flashing and sometimes audible garbage that cover some sites.
Google demonstrated all that is really needed are text-only ads.That's the correct ad model, IMHO. No distracting flash, no vectors for malware, and they only take a small amount of screen space. Everything else is Doing It Wrong. Again, just my opinion, but as it turns out I'm always right :P
(Shrug) DRAM is a lot cheaper than my time.
ALL ADVERTISING IS MALICIOUS
Are you Bill Gates?
By email (after he emailed 1st) If Almost All Ads Blocked can do these things:
1.) Blocking out malware/malscripted sites (not just adbanners with bad code)
2.) Blocking out Known sites-servers/hosts-domains that are known to serve up malware (especially "fastflux" types, the predominant design that uses host-domain names vs. IP addresses (far easier to 'kill' in the latter is why)).
3.) Blocking out Bogus DNS servers malware makers use (via fastflux + rogue DNS servers).
4.) Blocking out Botnet C&C servers.
5.) Blocking out known PHISHERS.
6.) Blocking out TRACKERS.
7.) Blocking out SPAMMERS.
8.) Getting you back speed/bandwidth you paid for by blocking out adbanners + hardcoding in your favorite sites (faster than remote DNS server resolution).
9.) Added reliability (vs. downed or misdirect/poisoned DNS servers - since most are NOT patched vs. the Kaminsky flaw).
10.) Added "anonymity" (to an extent, vs. DNS request logs).
11.) The ability to bypass DNSBL's (DNS block lists you may not agree with).
12.) Truly UNIVERSAL PROTECTION (since any OS, even on smartphones, usually has a BSD derived IP stack & hosts 99.999% of the time).
13.) Faster & MORE EFFICIENT operation vs. browser plugins
14.) Custom hosts files work on ANY & ALL webbound apps (browser plugins do not).
15.) Custom hosts files offer a better, faster, more efficient way, & safer way to surf the web & are COMPLETELY controlled by the end-user of them WITHOUT having to know regular expressions.
---
* Can you tell me WHY he refuses to reply?
(I know why - he knows that if he admits hosts are more versatile, superior, & efficient than AdBlock - he's done: ClarityRay's going to assure that anyhow for him...)
APK
P.S.=> After all - that's an honest question!
... apk
APK, you will be disappointed because people here won't fall for your lies and install your identity theft malware (as was proven above). We are too smart to fall for your bait and switch. You provided a "clean" version of your software to some security guy, but distribute your trojaned malware to everyone else. Your software is only "useful" insofar as it is "useful" to have your identity stolen (and probably worse).
In other words, APK's malware engine is not useful at all. It doesn't matter who recommends it because the version you would be downloading is full of APK's trojans and identity theft malware. Once the APK malware engine is installed, it lets APK use your machine for his other illegal pursuits, and that means the feds will break down *your* door instead of his.
No one is going to respond to your stupid challenges because no one needs to compete against installing your malware. That's like challenging someone to find something superior to stabbing yourself in the eye. No one is going to bother with that challenge.
Stay safe, everyone! Stay safe, far away from APK and his malware.
http://it.slashdot.org/comment...
APK
This is APK's standard attempt to change the subject when he has been caught and proven to be a liar. Everyone can see how despicable his deceit is, and so he runs.
http://it.slashdot.org/comment...
Which Youtube video downloader do you recommend? Most of the ones I've tried have stopped working lately.
Lathering, rinsing, and repeating now, APK? You've been proven in public to be a lying, identity theft troll, shilling your criminal malware and all you can do is run. Go ahead and post your link to your own pathetic shame. Everyone can see how you and your malware engine can't stand up to public scrutiny.
Everyone can see you for the despicable scum you are. We won't fall for your lies. Shill your malware engine somewhere else, or better yet, grow a conscience and stop shilling it at all. How can you live with yourself, distributing evil software to further your criminal acts?
I get the data as it hits me. Sometimes, 1.000 a day, sometimes 15,000++ a day (new ones).
It blocks as needed & per my subject-line, if its in hosts? It's "toast" via the working digital illustration of the principle of the forcefield online... what you can't touch, can't touch (or harm), you!
(Transparently too, even with a 72mb sized hosts file here built up since 1997 - especially how I, or anyone, with a big hosts file does, saving cpu cycles, ram, + other forms of I/O on the faulty with larger hosts files usermode slow dnscache & instead using the kernelmode FASTER diskcaching subsystem as a more than equitable substitute).
Works great, better than any single browser addon by far, on more levels, more efficiently & with more versatile utility - bar none.
APK
P.S.=> You mentioned DNS - I actually work WITH it securing its redirect faults (hosts fix redirects of any type reallly) in security, & I place my favs @ the top of my hosts file (sites I spend 95++ or better of my time online @) in 24 of them, equating to up to ~ 2.5-3++ million indexed seeks (nobody hits that many sites a day that's human) - I miss a lookup? No diff. than DNS going into recursion (except using hosts = MINUS redirect issues - bonus), I do a lookup to DNSSEC secure OpenDNS to its upstream updaters... an EFFECTIIVE combination, for added speed, security, reliability (& even anonymity if you do it right)...
... apk
Yeah, I tend to switch around plug-ins, as Google changes things to mess up downloaders, downloaders adapt, but not at an equal rate. Right now this one seems to be working (so long as 720p is fine):
https://addons.mozilla.org/en-...
V
APK Hosts File Engine 9.0++ 32/64-bit:
http://start64.com/index.php?o...
(Details of hosts' benefits enumerated in link)
Summary:
---
A. ) Hosts do more than AdBlock ("souled-out" 2 Google/Crippled by default) + Ghostery (Advertiser owned) - "Fox guards henhouse", or Request Policy -> http://yro.slashdot.org/commen...
B. ) Hosts add reliability vs. downed or redirected DNS + secure vs. known malicious domains too -> http://tech.slashdot.org/comme... w/ less added "moving parts" complexity + room 4 breakdown,
C. ) Hosts files yield more speed (blocks ads & hardcodes fav sites - faster than remote DNS), security (vs. malicious domains serving mal-content + block spam/phish & trackers), reliability (vs. downed or Kaminsky redirect vulnerable DNS, 99% = unpatched vs. it & worst @ ISP level + weak vs FastFlux + DynDNS botnets), & anonymity (vs. dns request logs + DNSBL's).
---
Hosts do more w/ less (1 file) @ a faster level (ring 0) vs redundant browser addons (slowing up slower ring 3 browsers) via filtering 4 the IP stack (coded in C, loads w/ OS, & 1st net resolver queried w\ 45++ yrs.of optimization).
* Addons are more complex + slowup browsers & in message passing (use a few concurrently - you'll see)
** Addons slowdown SLOWER usermode browsers layering on MORE - bloating memory consumption too + hugely excessive CPU usage (4++gb extra in FireFox https://blog.mozilla.org/nneth...)
SO - Instead, I work w/ what you have in kernelmode, via hosts (A tightly integrated PART of the IP stack itself)
APK
P.S.=> "The premise is, quite simple: Take something designed by nature & reprogram it to make it work FOR the body, rather than against it..." - Dr. Alice Krippen "I AM LEGEND"
...apk
Given Google has a marketshare of approximately 98% of the online advertising space, that means we should be seeing text ads everywhere, right?
No, Google didn't demonstrate it. They simply cashed in on the novelty of text ads to buy up the ad networks and make more money because that's what people were paying money for. In fact, Google themselves probably is responsible for all the malware laced ads - given they own the ad networks that serve up the crap. Sure, Google wants to separate themselves away by keeping the original name rather than re-tagging them as Google (e.g., DoubleClick, a Google owned company, or AdMob, another Google owned company).
In fact, I rarely see Google ads these days - the advertising space seems to be like it was before Google Ads. Either Google isn't that good at advertising anymore, or Google realizes that Google Ads just don't rake in the money anymore - keyword targeted ads, and all their Google-owned ad networks are bringing in the real money. It's like Google Ads doesn't exist anymore.
Perhaps Google needs to screen their customers better to stop the plague of malware laced ads. They're the ones in the end serving it up, after all.
http://it.slashdot.org/comment...
.. so the guys at www.getadtrap.com are ahead of the curve?
oh bullshit, most sites load just fine without js (though they might not be as pretty), though there are some that will just load a blank page
You must not be an effective web user. Javascript is everywhere, you can't avoid it anymore. To say you won't use a webpage that requires it makes me think you're likely a bit of a nut.
You must spend your time cleaning malware:ABP doesn't do as good a job as hosts do on that end of things by a longshot so I can see that as a way for you to keep yourself in a job justifying your existence there by keeping machines infected so you can clean them up. A self-fulfilling prophecy.
"It's a bit disturbing that they haven't taken steps on their own since it provides a very good reason why people should block ads." - by sjames (1099) on Sunday May 18, 2014 @04:05PM (#47033381) Homepage
APK Hosts File Engine 9.0++ 32/64-bit:
http://start64.com/index.php?o...
(Details of hosts' benefits enumerated in link)
Summary:
---
A. ) Hosts do more than AdBlock ("souled-out" 2 Google/Crippled by default) + Ghostery (Advertiser owned) - "Fox guards henhouse", or Request Policy -> http://yro.slashdot.org/commen...
B. ) Hosts add reliability vs. downed or redirected DNS + secure vs. known malicious domains too -> http://tech.slashdot.org/comme... w/ less added "moving parts" complexity + room 4 breakdown,
C. ) Hosts files yield more speed (blocks ads & hardcodes fav sites - faster than remote DNS), security (vs. malicious domains serving mal-content + block spam/phish & trackers), reliability (vs. downed or Kaminsky redirect vulnerable DNS, 99% = unpatched vs. it & worst @ ISP level + weak vs FastFlux + DynDNS botnets), & anonymity (vs. dns request logs + DNSBL's).
---
Hosts do more w/ less (1 file) @ a faster level (ring 0) vs redundant browser addons (slowing up slower ring 3 browsers) via filtering 4 the IP stack (coded in C, loads w/ OS, & 1st net resolver queried w\ 45++ yrs.of optimization).
* Addons are more complex + slowup browsers & in message passing (use a few concurrently - you'll see)
** Addons slowdown SLOWER usermode browsers layering on MORE - bloating memory consumption too + hugely excessive CPU usage (4++gb extra in FireFox https://blog.mozilla.org/nneth...)
SO - Instead, I work w/ what you have in kernelmode, via hosts (A tightly integrated PART of the IP stack itself)
APK
P.S.=> "The premise is, quite simple: Take something designed by nature & reprogram it to make it work FOR the body, rather than against it..." - Dr. Alice Krippen "I AM LEGEND"
...apk
I've been using LiveStreamer lately. It's worked on every video I point it to.
Were you on the internet 15-20 years ago? There was no advertising to speak of, no paywalls, and plenty of meaningful content - which was very definitely not driven by the wealthy or powerful.
Fittingly, adblock doesn't block google's content -- partially because Google pays them, but also probably because their text ads aren't the sort of ads people really hate.
I think most people are ok with dealing with some level of advertising in order to get the sites they want, but the problem comes when that advertising overwhelms the signal of the website, or is malicious to the point that people who visit the website are getting hacked.
The day I decided to start paying for hosting was the day I nearly got hacked by an unscrupulous advertiser on my own website. At that point, I was embarrassed that my website had associated with such a sketchy brand, and for decades since, pay the hosting, because I'm not going to associate with that scum.
"...companies 'should be afforded protection from regulatory oversight as well as frivolous lawsuits.'"
This smacks of "tort reform" and "security through obscurity" and we all know how well both of those worked in favor of consumers.
Some days it's just not worth
chewing through my restraints.
Google sells far more than just adspace. Google sells information.
If you ignore ACs because they are anonymous - you're an idiot.
AC/ghowel or whatever your username is.
You really have no clue about what you are talking about and sound like a fool. Have you tried his software in a virtual machine and observed if any network connections are made? Have you submitted this file to Virus Total and let them distribute the file to around 40 commercial AV creators for further analysis? If so, post proof and you will be taken seriously otherwise you're just sounding like a whiney little bitch. It usually isn't hard to dox somebody and you can't hold that as proof his software had anything to do with that. Also, in regard to the software requiring admin rights, you try to edit your own host file - it is impossible without elevated rights unless Windows isn't running.
I support oss to an extent, however with a lot of the applications I've written, I would not make them open source. Some applications take a while to write or could have an excerpt of code that I'm particularly proud of and don't necessarily want people taking and repacking without appropriate credit (this is probably a common perspective for some others too).
Don't get me wrong, his spamming has been annoying me, especially the childish formatting, however you have absolutely zero proof that his software does any of the things you claim. I won't prove it for you and I genuinely don't know if it is malicious, however I urge you to investigate further before just claiming straight up bullshit that you and we all know isn't credible or informed in the slightest.
Back when I was reading the Internet on a 14.4-kbps modem, the bandwidth used by ad banners was annoying, but you could block some of them with a hosts file, and the others weren't really that annoying unless they were using blink tags or animated GIFs. (Popups were annoying enough that most people blocked them pretty quickly.)
But sorry, if my browser is going to run random Javascript or Flash, it means my browser is going to run slowly and unreliably, and there's a risk of malicious content, and it's not safe to allow that kind of stuff.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
See subject-line & again - thanks. I've been thru all of those tests (JOTTI online + VirusTotal) which Mr. S. Burn of Malwarebytes/hpHosts knows about & even has seen my sourcecode for doing so!
(That's literally where we disproved false positives of it with Symantec/Norton, ArcaVir, ClamAV, Comodo, McAfee/Intel etc. of 80 or so possibles only those came back "bad" & I proved them wrong, they rescinded them...)
APK
P.S.=> Mr. Burn's easily contacted where he hosts my APK Hosts File Engine 9.0++ 32/64-bit here to corroborate & substantiate my words above as purest truth, here (where he literally recommends my app as THE BEST OF ITS KIND no less) -> http://hosts-file.net/?s=Downl...
... apk
"What if you go to a webpage and there is a malicious IFRAME with a src of http://zzzasdferas.badsite.ru.... Then you press F5 to reload the page, and the bad IFRAME now has a src of http://aaaaawerasdre.badsite.r... Press F5 again and it's another new address. All of them point to the same bad server..... you cannot hard code these into a hosts file, so how does it help?" - by Anonymous Coward on Monday May 19, 2014 @03:18PM (#47040449)
SURE YOU CAN - Here's how, easily (once you're aware of them, add them blocked):
0.0.0.0 zzzasdferas.badsite.ru
0.0.0.0 aaaaawerasdre.badsite.ru
Per my subject-line above AND my last reply you responded to! As they're added by my sources in the security community (and they are) they're blocked by being in hosts is how.
Disabling frames/iframes is yet another way - & I've found that most of the time, I surf JUST FINE doing so here!
(Opera of all builds allows that for example)
As well as disabling javascript (since it's abused so much for malicious purposes) as well for added protection.
There's always a way!
APK
P.S.=> That's how - There you are... apk
Its also an outright lie because they are confusing ADBLOCK with ADBLOCK PLUS, which are two DIFFERENT PRODUCTS. It would be like someone telling you to get an iPhone and the guy behind you says "I bought an iPhoneY and they sucks"...not the same thing, just has a similar name because the one is trying to piggyback on the other. I have been running ABP for several years and the difference with both Chromium based and gecko based browsers with and without ABP is so low as to not even be worth calculating, somewhere on the order of a couple hundred MB and that is with multiple tabs. if you figure up how much those tabs would be taking if you let the flash ads load? it would be more than ABP is taking, so its a wash really and the amount of time wasted cleaning malware makes running ABP worth a couple hundred MB.
ACs don't waste your time replying, your posts are never seen by me.
Then read how AdBlock's author ran from apk's question & tell us why he did http://it.slashdot.org/comment...
Keep running, troll APK.
http://slashdot.org/comments.p...
ROTFLMAO mmell caught trying to ac post "support himself" http://slashdot.org/comments.p... You're a fool that projected his own modus operandi doing it no less.
You fail, troll APK...
http://slashdot.org/comments.p...
Telling libelous lies about apk you had to admit were lies http://slashdot.org/comments.p...
Everyone already knows the truth.
http://slashdot.org/comments.p...
As you "eat your words" mmell http://slashdot.org/comments.p...
You fail, lying troll APK: http://slashdot.org/comments.p...
You fail again, troll apk: http://slashdot.org/comments.p...
APK showed how rotten AdBlock is (you're not troll) http://it.slashdot.org/comment...
Can't change the subject, APK. You fail.
http://slashdot.org/comments.p...
You're not, troll: APK shows how rotten AdBlock is http://it.slashdot.org/comment...
You fail again, troll APK:
http://slashdot.org/comments.p...
You're not, troll: APK showed how rotten AdBlock is http://it.slashdot.org/comment...
You fail again, troll APK:
http://slashdot.org/comments.p...
APK demonstrated Adblock's crappiness http://it.slashdot.org/comment...
You will always fail, troll APK. Grow a conscience and stop shilling your malware:
http://slashdot.org/comments.p...
You're not. Apk showed how awful adblock is http://it.slashdot.org/comment...
You can't change the subject. You fail as always, troll APK:
http://slashdot.org/comments.p...
You're not. Apk showed Hairyfeet how awful adblock is http://it.slashdot.org/comment...
How's your Tuesday going?
You can't change the subject, though: http://slashdot.org/comments.p...
Apk showed Hairyfeet how awful adblock is http://it.slashdot.org/comment...
Keeping busy?
You aren't allowed to change the subject, though: http://slashdot.org/comments.p...
Apk showed Hairyfeet how lousy AdBlock is on CPU + RAM resources http://it.slashdot.org/comment... as well as the fact that Almost All Ads Blocked doesn't do a fraction of what custom hosts files can for added speed, security, reliability, & anonymity.
Troll APK, you so crazy! You can't change the subject!
http://slashdot.org/comments.p...
Apk showed Hairyfeet how lousy AdBlock is on CPU + RAM resources http://it.slashdot.org/comment... vs. custom hosts files superior ablities doing FAR more for the end-user of them in added speed, security, reliablity, & even anonymity online. No single browser addon does more nor from as efficient a level in kernelmode.
You and your binary software simply are not trustworthy. It doesn't matter if you continue to troll us for the rest of eternity, you won't change our minds. Take your malware and shill it elsewhere, or better yet, grow a conscience and stop shilling it entirely.
http://slashdot.org/comments.p...
They even HOST it, & it's proven safe/clean & better than AdBlock by a mile in doing more for FAR LESS resources consumed (CPU & RAM)
Per my subject-line: Ask Mr. Steven Burn (hpHosts MalwareBytes - part of the security community) @ http://hosts-file.net/?s=Downl...
Since he's seen my sourcecode & recommends it there as the best of its kind @ the top of that site in fact, since he verified it safe (along with Symantec/Norton, ArcaVir, Comodo, ClamAV, McAfee/Intel, etc - et al).
It is. Clearly - as it does more with less, & more by far than any single competitor (especially browser addons) in this arena!
Simply by using tools you already have - "Less is more is good engineering".
(Not bolting on more that operates in slower rings of privelege in usermode vs. a kernelmode subsystem doing the work perfected over decades now, in TCP/IP (which hosts is part of as a filter run from another kernelmode system for caching the way I do it, in the diskcaching subsystem (for large hosts files))).
APK
P.S.=> It works - & certainly MORE EFFICIENTLY than AdBlock, + doing FAR MORE than AdBlock/Ghostery/RequestPolicy etc. in added:
SPEED
SECURITY
RELIABILITY
ANONYMITY
For end-users of custom hosts files online!
... apk
I don't trust you not to have added Trojans into your binaries. I don't trust you to have admin rights on my box.
Keep your malware to yourself.
http://slashdot.org/comments.p...
What makes you more of an expert than MalwareBytes/Norton-Symantec/Comodo/ClamAV/ArcaVir/McAfee-Intel (they ALL passed my code as clean & so did the other 80++ or so AntiVirus tests @ JOTTI + VirusTotal) -> http://it.slashdot.org/comment...
?
NOTHING does - you don't have a leg to stand on with ANY of your blatantly libelous false accusations...
APK
P.S.=> You're not, you're wrong (& you know it) - you're just a trolling moron, nothing more... apk
APK, angrily demanding admin rights on people's boxes while trolling forums and acting like a creep isn't going to get anyone to trust you.
Besides, despite your bluster you don't explain how your malware engine is Trojan free. You claim you let someone see your source and then they host binaries you provided.
You run from providing your source because you know that if others would compile it themselves it would be obvious that your binaries are full of malware you added.
Keep running, troll apk! You have no argument to support yourself, so you run! It's a great feeling to knock the stuffing out of evil, malware-shilling trolls like you.
http://slashdot.org/comments.p...
Troll APK runs from the truth because his lies can't stand up to scrutiny!
http://slashdot.org/comments.p...
You haven't actually opened your code. Besides, there's absolutely zero proof the code you showed some people is the same code as you used to build your binaries.
We don't want your trojan-filled malware engine. We don't even want the source code; it's simply the only way your code could be trustworthy.
You aren't the kind of person I would grant admin rights to on my box, which is what your software demands. Angrily insisting I give you admin rights will get you nowhere.
We won't download your trojan-infested malware engine binaries. You can't prove you didn't add in your identity theft malware (and probably worse!) when preparing your malware engine for binary distribution.
It's always a pleasure to knock the stuffing out of criminal, malware-shilling trolls like you. Keep running, troll ApK... you know your lies won't stand up to scrutiny, and so you run!
http://slashdot.org/comments.p...