Superfish Injects Ads In 1 In 25 Google Page Views

To save the internet from fake ads by the_skywise · 2015-05-07 11:07 · Score: 4, Interesting

Google sez we must remove ad blocker functionality!

I smell an ulterior motive..

Re:To save the internet from fake ads by future+assassin · 2015-05-07 11:29 · Score: 1

First they came for the non mobile sites
Then they came for the ad blockers
??????
Profit!

--
by TheSpoom (715771) Uncaring Linux user here. I have nothing to add to this but please continue. *munches popcorn*
Re: To save the internet from fake ads by Anonymous Coward · 2015-05-07 12:49 · Score: 0

You mean the functionality you can get directly from their official extension repository?
Re: To save the internet from fake ads by Anonymous Coward · 2015-05-07 13:21 · Score: 0

Reread the article... what they want will block those too.
Re:To save the internet from fake ads by Anonymous Coward · 2015-05-07 13:25 · Score: 0

I thought google was responsible for 90% of the ads we saw either it is a google page or not. Now google pointed out where the other 5% of the ads were from. Good work, All mighty google knows everything!
Re:To save the internet from fake ads by Anonymous Coward · 2015-05-07 13:27 · Score: 0

Seems simple to me, if Google can detect Superfish and other questionable ad-injection techniques then Google should easily be able to automatically strip it out for the user.
You gotta strip that crap
Give the ad exec a slap
Get me an App
Stop the bandwidth being sapped
When an ad comes along
You must strip it
Before the scam is out too long
You must strip it
When malware's goin' strong
You must strip it
Strip it, strip it now
Apologies to Devo
Re:To save the internet from fake ads by Anonymous Coward · 2015-05-07 13:40 · Score: 0

For the children, nodes.
Re:To save the internet from fake ads by swillden · 2015-05-07 14:21 · Score: 3, Informative

Google sez we must remove ad blocker functionality!
I smell an ulterior motive..
Reading comprehension fail. The summary says:

Amongst the report's recommendations to address the problem is the suggestion that browser makers "harden their environments against side-loading extensions or modifying the browser environment without user consent." Some of the most popular extensions for Chrome and Firefox, including ad-blockers, depend on this functionality.
I'd expect that most users who install ad blockers consent to having it modifying the browser environment.

--
Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
Re:To save the internet from fake ads by Anonymous Coward · 2015-05-07 14:25 · Score: 0

If it ever comes that somehow ad blockers are blocked from firefox and similar, then well they will just fork, and even if not, I can toss together a squid proxy server again, if needed and then configure it with all the necessary filters. Actually, if you could secure it, running a proxy that recompresses and filters like mad may save mobile bandwidth, assuming your mobile points to it. Certainly you don't need very big jpeg's and such on mobile sites. Of course, I'd really rather not have to bother. BTW, opera runs their own proxy that opera users can use. I tried it on my mother's slow connection and didn't actually see faster page loads, which was interesting. Still, it might be worthwhile for phones.
Re:To save the internet from fake ads by popo · 2015-05-07 20:20 · Score: 1

Keep in mind that Google themselves promotes AdBlockPlus pretty heavily within their Chrome store, and that Google is whitelisted in ABP.
If this is indeed an ulterior motive, then it would seem to indicate that Google has become concerned about other ad blockers that fall outside their control.

--
------ The best brain training is now totally free : )
Re: To save the internet from fake ads by Anonymous Coward · 2015-05-07 21:20 · Score: 0

If they do that, then expect Firefox to make a comeback within the tech community.
Re:To save the internet from fake ads by Anonymous Coward · 2015-05-08 02:33 · Score: 0

To bad it breaks in chrome more often than it does in firefox. There have been times where the page doesn't work properly in chrome with adblock plus installed while in firefox no issues viewing the same page. Remove the plugin on chrome and voila it suddenly shows the page properly. Get off my lawn google chrome!

No control is the real issue by cstec · 2015-05-07 11:13 · Score: 4, Funny

As a serious coffee consumer, their main problem is you can't customize the cup of coffee. I drink so much coffee that I started making it weaker, and weaker, and then half strength. The last time I stayed in an office with a Keurig setup, I think I nearly killed myself before I realized what was happening.

I'd love to have one, but the 'my way or the highway' reality of those little cups doesn't work. And don't even start on the cost.

Re: No control is the real issue by Anonymous Coward · 2015-05-07 11:15 · Score: 1

Lol wut
Re: No control is the real issue by cstec · 2015-05-07 11:17 · Score: 2, Informative

I have no idea. It looked a lot like the previous story on the screen!
Shouldn't have used the words "no control"
Re:No control is the real issue by Anonymous Coward · 2015-05-07 11:27 · Score: 4, Funny

So even the Keurig 2.0 is infected by Superfish? This is worse than I thought!
Re:No control is the real issue by Anonymous Coward · 2015-05-07 13:51 · Score: 0

I drink so much coffee that I started making it weaker, and weaker, and then half strength.
My office is awesome. We even have homeopathic coffee on tap!
Re:No control is the real issue by Anonymous Coward · 2015-05-07 14:19 · Score: 0

And I thought Superfish were sharks with frickin' lasers.
Re:No control is the real issue by SeaFox · 2015-05-07 17:01 · Score: 1

How many cups do you drink total, though?
1) Get double-capacity mug.
2) Half fill with hot water.
3) Make one K-cup of coffee
4) Pour in larger mug.
5) Ta-da. 50% strength coffee,
Re:No control is the real issue by cstec · 2015-05-07 17:10 · Score: 1

I am humbled the score 5 Funny for "No control is the real issue". I should reply to the previous post more often!
I'd like to point out by "no control" I was really talking about Google, Apple, police brutality, congress, Depends, the morning after Super Sushi Night and memes with cats
Re:No control is the real issue by cstec · 2015-05-07 17:17 · Score: 1

How many cups do you drink total, though?
1) Get double-capacity mug.
As it happens, the SO got me this great TF2 'cup.' As it's double sized, I'm usually on #13-14 before I realize I need to Set the Twinkie Down and Step Away(tm)
Adding water is just.... gads, equal parts repulsive and rational

well, of course it does. by turkeydance · 2015-05-07 11:16 · Score: 1

that's what it's Supposed To Do.

Or disable javascript by Spy+Handler · 2015-05-07 11:17 · Score: 4, Insightful

whoever thought running scripts from random sites and ads was a good idea?

Re:Or disable javascript by Anonymous Coward · 2015-05-07 11:36 · Score: 2, Insightful

90% of sites now don't work at all without javascript. It makes for a very boring internet.
Re: Or disable javascript by Anonymous Coward · 2015-05-07 11:45 · Score: 1

Then leave. Those 90% of sites click baited you anyways. They never offered you anything that the 10% of actually functional sites can't do. Quit following the crowd if you despise it so much. Nothing I go to breaks from not allowing 3rd party connections and that includes here, YouTube, twitch...
Anyways, your 90% is BS because YouTube is 90% and it's not broken.
Re:Or disable javascript by Anonymous Coward · 2015-05-07 12:18 · Score: 1

whoever thought running scripts from random sites and ads was a good idea?
Probably the person who never realized somebody could run malicious activities from programs executed on your own computer, and that networking would turn it into a giant furball for the rest of the world.
Re:Or disable javascript by MadKeithV · 2015-05-07 19:31 · Score: 2

90% of sites now don't work at all without javascript. It makes for a very boring internet.
Most sites work fine once you enable their main URL. The ones that show up with a list a mile long of script sources are the ones where you just click the "X" instead.
Re:Or disable javascript by Anonymous Coward · 2015-05-07 19:33 · Score: 0

90% is a vastly overstated number, most sites work just fine (albeit often a lot uglier)

1/25 = 4% not 5% by Anonymous Coward · 2015-05-07 11:22 · Score: 1

Jeez!

Re:1/25 = 4% not 5% by Len · 2015-05-07 11:37 · Score: 1

4% is Superfish, 5% is ALL ad injection. Jeez.

Working in the online advertising industry... by Anonymous Coward · 2015-05-07 11:23 · Score: 0

...fuck those guys, seriously. Legitimate companies don't allow that shit in their creatives. Godawful javascript gives us all a bad name.

Re:Working in the online advertising industry... by Anonymous Coward · 2015-05-07 11:43 · Score: 0

lol...."legitimate advertising"
hah captcha: honest
Re: Working in the online advertising industry... by Anonymous Coward · 2015-05-07 11:59 · Score: 0

Yup. Even lawyers and cops hate their groups; well some similar but not directly related to them sub group.
Re: Working in the online advertising industry... by Anonymous Coward · 2015-05-07 14:38 · Score: 0

Legitimate Online Advertising: We are oxymorons4life

Math check by Anonymous Coward · 2015-05-07 11:24 · Score: 2, Informative

Since when is 5% the same as 1 in 25??

Re:Math check by dotancohen · 2015-05-07 11:49 · Score: 4, Informative

5% are affected, Superfish is responsible for 80% of those affected, i.e. 4% total. Here is a restatement of the fine summary, with some noncritical interjections removed (and TFS was missing a comma anyway):

5% of IP addresses accessing Google are interrupted by ad-injection techniques, and Superfish is the leading adware

--
It is dangerous to be right when the government is wrong.
Re:Math check by fph+il+quozientatore · 2015-05-07 18:04 · Score: 2

Also, 5% of IP addresses, not of machines. If one student in your whole university network has it, that still count as an infected address.

--
My first program:
Hell Segmentation fault

ad injection isn't all Silverfish does by Anonymous Coward · 2015-05-07 11:34 · Score: 1

It also hijacks all your SSL/TLS sessions via MITM attack with the installation of a self signed root cert. It also goes to some unusual lengths to hide itself to prevent uninstallation, IIRC. It's straightup spyware.

Why should add blocking require side-loading? by TheSunborn · 2015-05-07 11:36 · Score: 1

Why should the add blocking plugin require side-loading without user interaction?

It don't as far as I know.

Re: Why should add blocking require side-loading? by Anonymous Coward · 2015-05-07 11:51 · Score: 0

Don't use a plug in. Those plug ins still establish connection to 3rd party servers. You still download the ad and are tracked by that download. The plug in just hides the ad. They never really blocked. I suggest using iptables on your router to not connect to ad servers. The world is depending on you! Good luck!
Re: Why should add blocking require side-loading? by Anonymous Coward · 2015-05-07 12:16 · Score: 1

Only crippled adblockers for chrome do that.
Re: Why should add blocking require side-loading? by Anonymous Coward · 2015-05-07 12:38 · Score: 0

You're drinking the kool aid. All adblockers have an ulterior motive. Plug ins can also be detected and worked around. Use a real blocking method! Don't invoke his name though.
Re: Why should add blocking require side-loading? by DMUTPeregrine · 2015-05-07 13:28 · Score: 1

Use a locally hosted caching DNS server. It's very fast even with large blocklists. Unlike a you-know-what that slows down significantly as the blocklist gets larger.

--
Not a sentence!
Re: Why should add blocking require side-loading? by Anonymous Coward · 2015-05-07 16:40 · Score: 0

http://goo.gl/7P6ZUC

Just don't allow all JavaScripts. by Futurepower(R) · 2015-05-07 11:44 · Score: 4, Informative

Just allow JavaScript on the main URL.

Re:Just don't allow all JavaScripts. by BlackPignouf · 2015-05-07 19:47 · Score: 1

Seems interesting and reasonable.
How do you do this? With Ghostscript/NoScript/...?
Does it work well? A lot of websites use 3rd party js plugins for map display for example.
Re:Just don't allow all JavaScripts. by davidleelambert · 2015-05-08 01:37 · Score: 1

That would prevent sites from using a cacheable common location, such as the CDNs that host YUI, for assets that are reused across sites.

--
note: I have at least one, possibly two other, Slashdot accounts because OpenID creds can't be merged with an older acco
Re:Just don't allow all JavaScripts. by Anonymous Coward · 2015-05-10 13:48 · Score: 0

Look how many PCI compliant areas showing or processing pages use CDNs for JS. Also login pages for various internet services. How is that allowed ?
(The concern just in case it is not obvious to less technical: all the data inputted and viewable in the web page that uses CDN served .js can be hijacked and send/collected somewhere else, the CDN might serve up a different copy 1-in-100 hits when the consuming site from the Referrer header matches secure.big-bank.com that contains bespoke code to do this)
If your site needs to be secure it should use a local copy of jquery.js (or whatever) copied into their own site and not load it from the public CDN. The usage of a CDN to serve up common JavaScript libraries is all wrong and backwards and rife for CDN providers (or other entities) to tamper with it. If you are hosting a wordpress blog and your site does not need to be secure then fine.
There should be a mechanism (in the HTML declaration) for the consuming site to checksum/hash/crypto-signature the expected JS data, and a way for multiple sources (multiple CDN networks) to supply that same data, including the disk cache of the browser viewing the data. This means that common JS CDN data will be loaded exactly once from a CDN to the browser (it then gets stored locally to storage) and every CDN consumer of the same data will keep using the browser cached copy and never hit the CDN to revalidate is the copy I have still valid (this is what happens now, even when jquery-1.11.1.js will never change in the future, if it needs to change it will become jquery-1.11.2.js).
Since we know and gave a crypto-signature in the HTML usage tag (from the origin site), we know the exact copy we have in browser persistent cache is the one we want and because of the signature we know the CDN can not tamper with the expected contents (much like the Superfish entity is tampering with the adverts on a page). Now we are getting back towards being PCI compliant again.
But will CDNs want this, since CDNs can actually be selling stats and data on the consumers, the IP, date/time, frequency, origin site, cookies info, other identifying data, etc... to targeted advertisers.
So until then I use Mozilla + RequestPolicy to block all but the target site. There is also another plugin that will remove the Referrer header from cross-origin requests, but I'm more for removing it from CDNs usage where is supposedly does not matter which site I am viewing to access the CDN data.
Re:Just don't allow all JavaScripts. by Anonymous Coward · 2015-05-10 14:04 · Score: 0

Just in case my point above was not explained, the "cacheable common location" still revalidates the contents, yes it can reduce network bandwidth (and this can decrease page loading times due to this) but wouldn't it be better to load just once and keep using that copy without the need to revalidate the contents ever again. Now there is zero network hit to wait for and you really do have a "cacheable common location".
Right now there is still the revalidation hit and there is still a bunch of identity leaking information that is transferred during that revalidation process.
There is no way for the origin website (consuming .js from CDN) to enforce exactly what is returned and accepted as valid, there is no way to provide a local copy of the same data on origin website as fallback. Thus you are now saying to the browser here are multiple locations of the same data and the contents must validate with this crypto-signature mechanism so if you have a local copy that matches you can use it.
The headline issue of this slashdot news item is very relevant to the use of public CDNs to serve .js.
Sorry posted AC as not logged in as OdinOdin_ today.

Do as I say, not as I do by Anonymous Coward · 2015-05-07 11:53 · Score: 0

So both companies show ads along side search results.

But one is bad (Superfish), another is good (Google).

Re:Do as I say, not as I do by Adriax · 2015-05-07 12:14 · Score: 2

Google is providing a service, or is serving ads on behalf of the webpage owner you are viewing.
Superfish is getting ad revenue without providing you a service.
If you can't tell the difference between a legitimate and limited advertiser and leech malware then you need your eyes checked.

--
I don't suffer from insanity, I enjoy every minute of it!
Re:Do as I say, not as I do by peragrin · 2015-05-07 13:13 · Score: 1

Can you tell when looking at a normal webpage which ads are legit and which ones aren't?
The answer is of course no.
All advertising is malware.

--
i thought once I was found, but it was only a dream.
Re:Do as I say, not as I do by Adriax · 2015-05-07 16:18 · Score: 2

I don't see ads because I run adblock.
But I'm not deluded enough to believe ads don't have a legitimate use.
Slapping a sponsored link to adobe at the top of my search for "pdf editor" is vastly different than overwriting the links and sending me to a hack job website trying to sell me genuine counterfit handbags, black magic love slavery spells, and adobe pro licenses for 1/10th what they normally cost.

--
I don't suffer from insanity, I enjoy every minute of it!
Re:Do as I say, not as I do by thsths · 2015-05-08 05:14 · Score: 1

Exactly my thoughts. Both do it against the users interests.
But at least Google is nominally in control of the page, so they have a certain right to do it. Superfish would argue that the user installed it, and so they have a right, too, but the way that it prevents removal indicates otherwise.

Advertiser: Don't Block Ads by Anonymous Coward · 2015-05-07 12:16 · Score: 1

So Google, an advertising company, recommends that browser developers disable the capabilities that ad blockers rely on? Surprise, surprise. It sounds a little too much like the FBI saying we shouldn't use encryption because a few terrorists or perverts might take advantage. Sorry, I'm not into throwing out the browser with the bathwater.

Firefox hasn't been doing so well lately, but getting out of bed with Google might have been a big benefit.

Re:Advertiser: Don't Block Ads by swillden · 2015-05-07 14:23 · Score: 1

So Google, an advertising company, recommends that browser developers disable the capabilities that ad blockers rely on?
Actually, they recommend browsers disable those capabilities unless the user consents to enabling them.

--
Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
Re:Advertiser: Don't Block Ads by Anonymous Coward · 2015-05-07 15:57 · Score: 0

Actually, they recommend browsers disable those capabilities unless the user consents to enabling them.
Right, disable user-positive features by default unless the user reconfigures their browser to the contrary. This sounds precisely like a Google initiative. Think fast, how many average people (not coworkers, not IT people) do you know who routinely inspect or change their browser settings?
Re:Advertiser: Don't Block Ads by swillden · 2015-05-07 17:29 · Score: 1

Actually, they recommend browsers disable those capabilities unless the user consents to enabling them.
Right, disable user-positive features by default unless the user reconfigures their browser to the contrary.
No, disable potentially user-positive and potentially user-harmful features unless the user approves on a dialog containing suitably-scary text so they will stop and think about whether or not they trust this extension that they're giving control over and visibility into all of their browsing.
It's fine to actively prompt; no need to require users to go searching for the setting. But it's important to give users the control, so drive-by extension installs (like Superfish) don't assume it for them.

--
Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.

25th Post! by BadPirate · 2015-05-07 12:24 · Score: 1

Buy Viagra!

--
- Holy crap, I've got MOD points! Who thought that was a good idea.

Google chrome has become almost unusable on linux by Anonymous Coward · 2015-05-07 13:26 · Score: 0

Superfish sucks.

Mozilla could stop it by Anonymous Coward · 2015-05-07 14:31 · Score: 0

Mozilla could stop it, these extensions will be registering with mozillas addon site/updates, they could blacklist the GUID/extension name (like they do with Java), this is what the blacklist is for right? instantly revoking bad extensions.

Re: Why should add blocking require side-loading by Anonymous Coward · 2015-05-07 14:44 · Score: 0

You're a fucking corporate ad agency fucking shill.

How the fuck do you know that? Read the source code for the open source blockers? Ran a packet capture to see if you were really connecting?

Go spew your filth somewhere else.

Double your pleasure by UnixUnix · 2015-05-07 15:15 · Score: 1

I run two browsers, main one armored by Adblock Plus, NoScript, settings, etc and another one bare. If there is a hitch I move over to the latter. If it shows me a penis enlargement scheme guaranteed by Google top management I return to the first.

Re:Double your pleasure by Anonymous Coward · 2015-05-07 15:24 · Score: 0

Much the same here but the second one is in a non-persistent VM.
Re:Double your pleasure by Anonymous Coward · 2015-05-07 16:29 · Score: 0

My second browser is an incognito session. If you want to run your scripts, you don't get to save any state.
I really with browsers had multiple interdependently configurable modes. Chrome can almost sorta do 2 modes. I'd like to set of 3 or so modes (well, let me make as many as I want stupid browser...), and some different ways to move between them (A finite state machine really). I'd like to be able to fork my current low permissions session into an ephemeral script allowing session to do things like purchasing that needs scripts without losing my login or cart. Getting a new clean session with the current page loaded into it is another option I want. Each mode needs its own settings including which plugins are enabled, and a configurable set of transitions from that mode as buttons in the tool bar or context menu (Fork this link into mode x? Open this link in new mode Y?). This shouldn't be hard. Why do no browsers support it?

WTF? by Anonymous Coward · 2015-05-07 15:28 · Score: 0

Amongst the report's recommendations to address the problem is the suggestion that browser makers "harden their environments against side-loading extensions or modifying the browser environment without user consent."

How the fuck are you linking that statement to Superfish? Superfish isn't a browser add-on or extension, it's a TCP traffic filter on ports 80 and 443 that supports re-encrypting SSL traffic. It's essentially the same thing as the Fiddler developer proxy tool and operating in the same way - re-encrypting SSL traffic with a private key that it's installed in the Trusted Root Certificate Store on the client machine. And because of that it will be intercepting all SSL traffic, including your precious Outlook mail clients.

Welcome to 2015 by Anonymous Coward · 2015-05-07 22:32 · Score: 0

The web runs on javascript. Period.

Your assertion that 90% of websites that use js "clickbaited" you anyway, is silly.

There are millions of sites that provide a vastly better experience because of js, and won't work at all without it.

SearchProtect is much worse and widespread by Anonymous Coward · 2015-05-07 23:11 · Score: 0

I highly, VEHEMENTLY doubt superfish has even a fifth the market share of SearchProtect & Co. do. Unless Superfish is thatone of the co. apps, which I doubt as I to uninstall it at least twice a month of friends and family computers, and have never seen a reference to "superfish".

The moment a reliable, useful application distributor agrees to bundle his software with the likes of SearchProtect, is the moment that app stops being reliable and limits the scope of its usefulness (i.e. it dies in my mind) . When distributors of multiple apps like SourceForge force-bundle their app retrieval/installation with unsolicited, opt-out malware as default, with minor user or EVEN DEVELOPER warning, that action should be considered a cybercrime: it hogs the personal and professional capability of the non-IT individuals that rely on PC processing power and resources to evolve socially, to create more value in the economy by putting projects into practice, and further down the consequence chain, translating to reducing government tax revenue and technological development of a community overall. Oh, and they prevent adblock action too. And adblock installation. And anti-virus action and installation. And block access to pages with information on how to remove them manually... And they keep morphing like a runway criminal that is being chased by enforcers with no authority to enforce anything or prosecute them.

It's about time adware, crapware and whatever fits the definition of Potentially (CERTAINLY) UNWANTED PROGRAM to be criminalized. It's about time to get the entities that help these reach the end user penalized, and it's about time the developers of such applications suffer jail-time-bound legal action, just like black hat hackers do for penetrating financial, federal, commercial, institutional or personal environments that are meant to be private.

No, Stupid by allquixotic · 2015-05-08 02:17 · Score: 1

The relevant software products that are getting extensions sideloaded into them -- Firefox and Chrome -- are both open source. If a vendor like Lenovo wants to put ads in your browser with an extension, what do you think is going to happen when Google shuts off outside extensions in Chrome? That's right -- they're going to ship a fork of Chromium and call it "Lenovo Browser" and make it the default browser. You read it here first, folks.

The solution, for consumers, is simple. Don't use the pre-loaded OS installed on your system. Use a program to get your product key back, then wipe and reinstall from the original OS media. Or if you happen to be able to tolerate a non-Windows OS, just install one of those.

It's also worth mentioning that, as long as Chromium or Firefox is open source, people who want to use ad-blockers will be able to use them, no matter how hard Google tries to stop people from using them. Even if Google used their might to convince Mozilla to take Firefox closed source, another community fork would spring up to maintain Firefox and keep it up to date.

These companies need to understand that you can't strong-arm an idea. Open source code is basically an idea, and as long as there are people, there will be people who are building open source projects that do things that make you lose money. If that keeps you from getting any sleep at night, tough cookies. It's exactly the same reason that we can't defeat terrorism no matter how many people we kill. You can't kill your way through an idea, unless you kill every last human on the planet. This is especially true when tightening your grip makes people want to do that thing you don't want them to do *even more* -- ad blocking has this characteristic to it, too.

Re:No, Stupid by mujadaddy · 2015-05-08 06:53 · Score: 1

You can't kill your way through an idea, unless you kill every last human on the planet.
They're working on that, too.

--
Populus vult decipi, ergo decipiatur...
"Force shits upon Reason's back." - Poor Richard's Almanac

I'm Rick James, Bitch by Anonymous Coward · 2015-05-08 03:09 · Score: 0

That site is pretty wild now;
The site's a super fish;
The kind of site you read about
In the new wave magazines.
That site is pretty kinky;
The girl's a super fish;
I'd really like to visit
Ev'ry time I surf.
She's all right; she's all right;
That girl's all right with me yeah.
She's a super fish, super fish,
She's super fishy; super fish, super fish.

5% is 1 in 20, not 25 by Anonymous Coward · 2015-05-08 04:57 · Score: 0

Do the math.-Ignacio Agulló

Re:5% is 1 in 20, not 25 by Anonymous Coward · 2015-05-08 04:59 · Score: 0

The entry implies that all of the ad-injection comes from Superfish.-Ignacio Agulló

Protection vs. SuperFish + Ads = Hosts by Anonymous Coward · 2015-05-08 06:41 · Score: 0

APK Hosts File Engine 9.0++ SR-2 32/64-bit:

http://start64.com/index.php?o...

FREE & adds speed, security, + reliability, doing more with less, more efficiently vs. addons + fixes DNS' redirect security issues:

---

A.) Hosts do more than:

1.) AdBlock ("souled-out" 2 Google/Crippled by default http://techcrunch.com/2013/07/... & ABP too http://finance.yahoo.com/news/... )
2.) Ghostery (Advertiser owned) - "Fox guards henhouse" http://en.wikipedia.org/wiki/G...
3.) Request Policy -> http://yro.slashdot.org/commen...

B.) Hosts add reliability vs. downed/redirected dns (& overcome site redirects e.g. /. beta).

C.) Hosts secure vs. malicious domains too -> http://tech.slashdot.org/comme... w/ less "moving parts" complexity

D.) Hosts files yield more:

1.) Speed (adblock & hardcodes fav sites - faster than remote dns)
2.) Security (vs. malicious domains serving malcontent + block spam/phish & trackers)
3.) Reliability (vs. downed, Kaminsky redirected (99% ISP DNS' = unpatched vs. it), DGA, Fastflux, & dynDNS botnets)
4.) Anonymity (vs. dns request logs + dnsbl's).

---

* Hosts do more w/ less (1 file) @ faster levels (ring 0) vs redundant inefficient addons (slowing slower ring 3 browsers) via filtering 4 the IP stack (coded in C, loads w/ os, & 1st net resolver queried w\ 45++ yrs.of optimization).

* Addons = more complex + slow browsers in messagepassing (use a few concurrently & see) & are nullified by native browser methods - It's how Clarityray's destroying Adblock.

* Addons slowup slower usermode browsers layering on more - & bloat RAM consumption + excessive cpu use too (4++gb extra in FireFox https://blog.mozilla.org/nneth...)

(Instead, work w/ a more capable native kernelmode part you already have - hosts (An integrated part of the ip stack))

APK

P.S.=> "The premise is quite simple: Take something designed by nature & reprogram it to make it work for the body rather than against it..." - Dr. Alice Krippen: "I am legend"

...apk

Add 0.0.0.0 superfish.com to hosts by Anonymous Coward · 2015-05-08 06:53 · Score: 0

See subject: Do so by using my program in post parent to this one, OR, by manually editing %WinDir%\System32\drivers\etc\hosts

(Using notepad.exe or any text editor, using full admin rights mode, or it won't save there since it's protected & save as type "ALL FILES" vs. *.txt, the default in notepad.exe, should you choose to do so manually, yourself...).

* :)

(I suggest using my program since it offers FAR more benefits than just protection vs. SuperFish only, & pretty much ANY malware out there since it derives its data for protection from 10 reputable & reliable sites in the security community, daily... & it also speeds up access to your favorite sites where you spend MOST of your time online, also making you more reliably connected as well as faster, plus protects you vs. downed OR exploited DNS servers too...)

APK

P.S.=> APK Hosts File Engine 9.0++ SR-2 32/64-bit -> http://start64.com/index.php?o...

MalwareBytes' hpHosts Admin (MalwareBytes employee) hosts & recommends it -> http://hosts-file.net/?s=Downl... & MalwareBytes = BEST antivirus http://www.av-test.org/en/news...

... apk

AdBlock = Inferior + 'Souled-Out by Anonymous Coward · 2015-05-08 06:55 · Score: 0

APK Hosts File Engine 9.0++ SR-2 32/64-bit:

http://start64.com/index.php?o...

FREE & adds speed, security, + reliability, doing more with less, more efficiently vs. addons + fixes DNS' redirect security issues:

---

A.) Hosts do more than:

1.) AdBlock ("souled-out" 2 Google/Crippled by default http://techcrunch.com/2013/07/... & ABP too http://finance.yahoo.com/news/... )
2.) Ghostery (Advertiser owned) - "Fox guards henhouse" http://en.wikipedia.org/wiki/G...
3.) Request Policy -> http://yro.slashdot.org/commen...

B.) Hosts add reliability vs. downed/redirected dns (& overcome site redirects e.g. /. beta).

C.) Hosts secure vs. malicious domains too -> http://tech.slashdot.org/comme... w/ less "moving parts" complexity

D.) Hosts files yield more:

1.) Speed (adblock & hardcodes fav sites - faster than remote dns)
2.) Security (vs. malicious domains serving malcontent + block spam/phish & trackers)
3.) Reliability (vs. downed, Kaminsky redirected (99% ISP DNS' = unpatched vs. it), DGA, Fastflux, & dynDNS botnets)
4.) Anonymity (vs. dns request logs + dnsbl's).

---

* Hosts do more w/ less (1 file) @ faster levels (ring 0) vs redundant inefficient addons (slowing slower ring 3 browsers) via filtering 4 the IP stack (coded in C, loads w/ os, & 1st net resolver queried w\ 45++ yrs.of optimization).

* Addons = more complex + slow browsers in messagepassing (use a few concurrently & see) & are nullified by native browser methods - It's how Clarityray's destroying Adblock.

* Addons slowup slower usermode browsers layering on more - & bloat RAM consumption + excessive cpu use too (4++gb extra in FireFox https://blog.mozilla.org/nneth...)

(Instead, work w/ a more capable native kernelmode part you already have - hosts (An integrated part of the ip stack))

APK

P.S.=> "The premise is quite simple: Take something designed by nature & reprogram it to make it work for the body rather than against it..." - Dr. Alice Krippen: "I am legend"

...apk

Ask yourself these questions... apk by Anonymous Coward · 2015-05-08 06:57 · Score: 0

Can "Almost ALL AdsBlocked" do 16 things hosts do for speed, security, & reliability:

1.) Protect vs. malicious sites/servers (beyond malicious ads: See 2-10 next)
2.) Protect vs. fastflux botnets + stop communication to C&C servers
3.) Protect vs. dynamic dns botnets + stop communication to C&C servers
4.) Protect vs. DGA botnets + stop communication to C&C servers
5.) Protect vs. downed DNS (adds reliability)
6.) Protect vs. DNS redirect poisoned dns
7.) Protect vs. trackers
8.) Protect vs. spam
9.) Protect vs. phishing
10.) Protect vs. bandwidth caps
11.) Get you past a dnsbl
12.) Keep you off dns request logs
13.) Speed up websurfing by adblocks & hardcoded fav. sites
14.) Work on ANY webbound app (think stand-alone email programs) multiplatform.
15.) Give you easily texteditor controlled data for the above
16.) Do all that & block ads (better than addons) more efficiently in cpu cycles + memory usage

* ANSWER ="NO" to each above on AdBlock doing it as well or at all!

APK

P.S.=> AdBlock does FAR less than hosts do & FAR less efficiently - hosts by way of comparison, do MORE w/ less + Hosts start w/ the IP stack before REDUNDANT inefficient addons BEGIN to operate (as 1st resolver queried):

AdBlock's 4++gb & 100% CPU usage flooring inefficiency -> https://blog.mozilla.org/nneth... + ClarityRay defeats it + it 'souled-out' & is crippled by default paid off to not do its job http://techcrunch.com/2013/07/... & ABP too http://finance.yahoo.com/news/...

AdBlock adds complexity/room for breakdown/exploit + from a slower mode of operations (usermode = more messagepassing overheads vs. hosts in kernelmode).

For the BEST hosts file?

APK Hosts File Engine 9.0++ SR-2 32/64-bit -> http://start64.com/index.php?o...

MalwareBytes' hpHosts Admin (MalwareBytes employee) hosts & recommends it -> http://hosts-file.net/?s=Downl... & MalwareBytes = BEST antivirus http://www.av-test.org/en/news...

... apk

I asked AdBlock's creator those questions... apk by Anonymous Coward · 2015-05-08 06:59 · Score: 0

Result? W. Palant RAN after he wrote me by email 1st saying "hosts are a shitty solution" to which I replied:

"Show us adblock can do more for added speed, security, reliability, & anonymity than hosts can, + that adblock does it more efficiently than hosts"

Which on my latter 'point-in-challenge' on efficiency AdBlock's proven by research to be MASSIVELY inefficient -> https://blog.mozilla.org/nneth... & adblock does FAR less than hosts (especially crippled by default).

I sent Wladimir Palant that challenge in response to his statement from 2 different email addresses I use!

Result = Still no answer from him in regard to my challenge put to him to this very day MONTHS later - that tell you anything? It did me!

He knows his addon is less efficient & features laden by FAR vs. hosts - Wladimir Palant RAN like a scared rabbit!

ClarityRay's also DESTROYING AdBlock - via native browser methods to DUMP what addons you use (it can't DO THAT to hosts files).

I only tell it how it is on hosts' superiority vs. AdBlock - Funny part is, Wladimir Palant running does too!

Especially considering "Almost ALL Ads Blocked" has 'souled-out' -> Google & Others Pay Adblock Plus To Show You Ads Anyway: http://news.slashdot.org/comme... & ABP too http://finance.yahoo.com/news/...

APK

P.S.=> Bottom-Line: Hosts = a superior solution that also fixes DNS redirect security issues (vs. browser addons & their inefficiencies + messagepassing overheads as well as myriad lack of abilities hosts have from 1 file that's part of the IP stack itself - faster, more efficient, & less redundant as well, since TCP/IP has 45++ yrs. of refinement & optimization in it, & runs in a higher CPU serviced ring of privelege & operations in kernelmode vs. slower usermode layering over browsers slowing them more, & hosts = 1st resolver queried by the OS itself also)... apk

Hosts have no "ulterior motive" from me... apk by Anonymous Coward · 2015-05-08 07:03 · Score: 0

APK Hosts File Engine 9.0++ SR-2 32/64-bit:

http://start64.com/index.php?o...

FREE & adds speed, security, + reliability, doing more with less, more efficiently vs. addons + fixes DNS' redirect security issues:

---

A.) Hosts do more than:

1.) AdBlock ("souled-out" 2 Google/Crippled by default http://techcrunch.com/2013/07/... & ABP too http://finance.yahoo.com/news/... )
2.) Ghostery (Advertiser owned) - "Fox guards henhouse" http://en.wikipedia.org/wiki/G...
3.) Request Policy -> http://yro.slashdot.org/commen...

B.) Hosts add reliability vs. downed/redirected dns (& overcome site redirects e.g. /. beta).

C.) Hosts secure vs. malicious domains too -> http://tech.slashdot.org/comme... w/ less "moving parts" complexity

D.) Hosts files yield more:

1.) Speed (adblock & hardcodes fav sites - faster than remote dns)
2.) Security (vs. malicious domains serving malcontent + block spam/phish & trackers)
3.) Reliability (vs. downed, Kaminsky redirected (99% ISP DNS' = unpatched vs. it), DGA, Fastflux, & dynDNS botnets)
4.) Anonymity (vs. dns request logs + dnsbl's).

---

* Hosts do more w/ less (1 file) @ faster levels (ring 0) vs redundant inefficient addons (slowing slower ring 3 browsers) via filtering 4 the IP stack (coded in C, loads w/ os, & 1st net resolver queried w\ 45++ yrs.of optimization).

* Addons = more complex + slow browsers in messagepassing (use a few concurrently & see) & are nullified by native browser methods - It's how Clarityray's destroying Adblock.

* Addons slowup slower usermode browsers layering on more - & bloat RAM consumption + excessive cpu use too (4++gb extra in FireFox https://blog.mozilla.org/nneth...)

(Instead, work w/ a more capable native kernelmode part you already have - hosts (An integrated part of the ip stack))

APK

P.S.=> "The premise is quite simple: Take something designed by nature & reprogram it to make it work for the body rather than against it..." - Dr. Alice Krippen: "I am legend"

...apk

DNS = exploitable & less efficient by Anonymous Coward · 2015-05-08 07:14 · Score: 0

See subject: No slowdown results in hosts IF you disable the known faulty local DNS clientside cache usermode slower service too (it breaks on large hosts files AND is slower than hosts being serviced by a highly priveleged driver in kernelmode using hosts as a protection filter AND a method of speeding you up BY AVOIDING CALLING OUT TO REMOTE DNS SERVERS - most of which are NOT patched vs. the kaminsky redirect flaw!).

Blocking ads ALONE guarantees a speed gain, far outweighing parse time in a LARGE hosts file!

(Especially once cached, even by the local kernelmode diskcache operating in unison w/ the kernelmode IP stack (tcpip.sys) as well, with NO context-switching overheads into usermode in that transaction as well...)

You're also using more "moving parts" for potential breakdown OR exploit too, as well as using up more RAM, cpu cycles, & very possibly more memory (since with equal datalists, hosts doesn't need to run programs to do its job, it's just a filter on a nearly 50 yr. proven kernelmode subsystem in the IP stack itself).

WANT EVEN MORE SPEED FROM HOSTS? Alter its priority in the registry this way:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\ServiceProvider]
"Class"=dword:00000008
"DnsPriority"=dword:00000006
"HostsPriority"=dword:00000005
"LocalPriority"=dword:00000007
"Name"="TCP/IP"

(Which SHOULD make it perform much faster/better than the default settings, by far...)

APK

P.S.=> You need to brush up on your advice & to learn what is above from me - getting around slowdowns using hosts = EASY, as I noted above, with larger hosts files... apk

Ask yourself these questions... apk by Anonymous Coward · 2015-05-08 07:31 · Score: 0

Can "Almost ALL AdsBlocked" do 16 things hosts do for speed, security, & reliability:

1.) Protect vs. malicious sites/servers (beyond malicious ads: See 2-10 next)
2.) Protect vs. fastflux botnets + stop communication to C&C servers
3.) Protect vs. dynamic dns botnets + stop communication to C&C servers
4.) Protect vs. DGA botnets + stop communication to C&C servers
5.) Protect vs. downed DNS (adds reliability)
6.) Protect vs. DNS redirect poisoned dns
7.) Protect vs. trackers
8.) Protect vs. spam
9.) Protect vs. phishing
10.) Protect vs. bandwidth caps
11.) Get you past a dnsbl
12.) Keep you off dns request logs
13.) Speed up websurfing by adblocks & hardcoded fav. sites
14.) Work on ANY webbound app (think stand-alone email programs) multiplatform.
15.) Give you easily texteditor controlled data for the above
16.) Do all that & block ads (better than addons) more efficiently in cpu cycles + memory usage

* ANSWER ="NO" to each above on AdBlock doing it as well or at all!

APK

P.S.=> AdBlock does FAR less than hosts do & FAR less efficiently - hosts by way of comparison, do MORE w/ less + Hosts start w/ the IP stack before REDUNDANT inefficient addons BEGIN to operate (as 1st resolver queried):

AdBlock's 4++gb & 100% CPU usage flooring inefficiency -> https://blog.mozilla.org/nneth... + ClarityRay defeats it + it 'souled-out' & is crippled by default paid off to not do its job http://techcrunch.com/2013/07/... & ABP too http://finance.yahoo.com/news/...

AdBlock adds complexity/room for breakdown/exploit + from a slower mode of operations (usermode = more messagepassing overheads vs. hosts in kernelmode).

For the BEST hosts file?

APK Hosts File Engine 9.0++ SR-2 32/64-bit -> http://start64.com/index.php?o...

MalwareBytes' hpHosts Admin (MalwareBytes employee) hosts & recommends it -> http://hosts-file.net/?s=Downl... & MalwareBytes = BEST antivirus http://www.av-test.org/en/news...

... apk

I asked AdBlock's creator those questions... apk by Anonymous Coward · 2015-05-08 07:34 · Score: 0