New Flash Vulnerability Being Exploited In the Wild

An anonymous reader writes: Researchers from Trend Micro report a new attack on fully-patched versions of Adobe Flash. The attacks originate from an espionage campaign run by the group known as Pawn Storm, and seem to target only government agencies. "Ministries of Foreign Affairs have become a particular focus of interest for Pawn Storm recently. Aside from malware attacks, fake Outlook Web Access (OWA) servers were also set up for various ministries. These are used for simple, but extremely effective, credential phishing attacks. One Ministry of Foreign Affairs got its DNS settings for incoming mail compromised. This means that Pawn Storm has been intercepting incoming e-mail to this organization for an extended period of time in 2015."

Surprise?

Really? What would be news here is if Flash DIDN'T have a vulnerability for a change...

Re:Surprise?

Flash makes Windows look secure.

Re:Surprise?

[Lunix+Nutcase]

If the day ends in 'Y' there's likely to be a Flash exploit in the wild.

Re:Surprise?

[Mogster]

+5 Funny?

I would say +5 Informative and +5 Insightful

Mind you I guess it's funny because it true

Re: Surprise?

What's flash?

Re:Surprise?

Used to. From Windows 8 onward, Windows comes with built in Flash which cannot be uninstalled. Which means that whenever Flash is insecure, so is Windows.

I'm guessing that somebody at Microsoft got angry about Adobe stealing away the title for "least secure software developer" from Microsoft, after Microsoft had the title from Windows 95 to ME.

Re:Surprise?

[Big+Hairy+Ian]

I thought flash was the vulnerability! Isn't html 5 meant to be killing it off anyway?

Re: Surprise?

It's the software that luddites install instead of realizing that app appers install apps. Apps!

Re:Surprise?

And Apple make Windows look secure.

Re:Surprise?

[ememisya]

This just means Adobe ain't playing ball. They surely could have hired competent programmers who can code by now. I'm all for canvas and HTML5 of course, but Adobe is a visionary old man. I have respect for the ones who brought us sites like http://www.eye4u.com/ in the 90s when the Interwebs was just ... plain and we had boxes that blinked. Browsers looked like local car sales commericals, big yellow exclamation marks and flashing text before Adobe came into the scene. Well actually it was Macromedia and Adobe just kind of absorbed them, but that's besides the point.

I'm sorry Adobe, we are the Internet. Your technological distinctiveness will be added to our own.

Re:Surprise?

Um, no it doesn't. Citation please.

Uninstall it.

[BrendaEM]

I uninstalled Flash on my computers, and the world did not end.

Re:Uninstall it.

Yeah I'm sorta lost as to why a government agency would have Flash installed in the first place.

Re:Uninstall it.

VMWare? sadly some legacy software like VMware still is reliant on it for some stuff.

Re:Uninstall it.

[peragrin]

I uninstalled flash on my computers, and then installed chrome for when i needed flash for websites.

you might be surprised at the number of sites that still use some flash. especially auto manufacturers though that is changing.

Re: Uninstall it.

Wait, WHAT? Source, please? Not doubting, just shocked.

Re:Uninstall it.

[PopeRatzo]

I uninstalled Flash on my computers, and the world did not end.

I threw my computers into the wood chipper, and the world did not end. So that's kind of a low bar, you know?

Re: Uninstall it.

[Lunix+Nutcase]

http://kb.vmware.com/selfservi...

Re:Uninstall it.

Because government workers like to watch funny cat videos on YouTube during their lunch break?

Re:Uninstall it.

[LordWabbit2]

To watch videos about cats, why else?

Re:Uninstall it.

[nnull]

Me neither. Stopped using flash completely after all the exploits coming out on a weekly basis. Adobe showed how one can destroy a product with their total incompetence, so much for flash being the future. Hope that $3.4 billion was worth it. It's amazing how fast Adobe Flash is disappearing from the web. I wonder what's going to happen to all those flash based games or the companies that have built on top of flash to build their products?

But oh well, I don't even use Adobe's PDF viewers anymore. The alternatives offer more options and less exploits than their own reader. I can't wait till they destroy their main flagship products as it seems they excel at destroying everything they've built and acquired than actually doing something useful.

Re:Uninstall it.

[FrozenGeek]

Having worked for a government agency, let me just say that the level of computer savvy, not even to mention the level of computer security savvy, in government is appalling. People who know better have to work very hard to keep their heads from exploding at the stuff that goes on in government. It is worse than in private industry because the likelihood of being fired is so low.

Re:Uninstall it.

I uninstalled Flash on my computers, and the world did not end.

You could say the same about absolutely any computer related product.

Re: Uninstall it.

[KGIII]

That's the most nondescript URL I've seen in a while. Why the hell do companies still do that?

Re:Uninstall it.

Cause some old software and some updated software still require flash.
Just glad some have started to move away from Flash and Java to HTML5.

Re:Uninstall it.

Sadly, VMWare's flash interface isn't really legacy. It's a rather recent replacement for the "native" Windows administration tools they offered before.

And here we go.......

[JustAnotherOldGuy]

..........another excellent reason to use AdBlock and NoScript.

Flash not allowed to run? No Flash exploit, simple as that.

Re:And here we go.......

You mean another reason to not use Flash?

AdBlock... nothing to do with Flash. This is for blocking ads. While some ads are built in Flash, most are images or text or HTML5 based.

NoScript... A) If you are still blocking javascript you better adjust your tinfoil hat. b) Last website update for this plugin was in March of 2014, over a year ago... the plugin may have been recently updated however there is no clear log of dates. c) If Flash is an issue for you, just don't install it.

The problem is some people need Flash. Blocking it doesn't fix vulnerabilities. If your neighbors house is broken in to, do you tell them to board up all their doors and windows? Does that fix the broken locks and latches on their doors and windows? No! it covers them up and they still need to be un-covered so they are useful. What you should be telling you neighbors to do is to call the lock or latch company and ask for them to provide a solution for the easy lock or latch breaking techniques. However if these locks were given to you for free so you could use the keys from your Key company, then the Lock company is not your concern. You must contact the Key company and ask them to use different locks or you will not purchase their keys anymore in the future as you will be changing your locks.

Re:And here we go.......

[JustAnotherOldGuy]

You mean another reason to not use Flash?

AdBlock... nothing to do with Flash. This is for blocking ads. While some ads are built in Flash, most are images or text or HTML5 based.

I'd say that ~50% of all the ads I see (well, used to see, lol) were Flash. And sadly, Flash is still used all over the place, especially on older sites.

So for me, blocking Flash is a no-brainer.

As for NoScript, it blocks a lot of the javascript that's often used to launch the ads you see on sites, including the ads that use Flash.

If you've ever run ads from Advertising.com, Doubleclick, FastClick, etc etc, they're almost always pulled from the ad company's servers by a snippet of javascript that you paste into the page (or into your ad rotator). Blocking javascript knocks that shit out, period.

NoScript and AdBlock are indispensable for me, together they're a one-two punch that knocks out most of the stuff I'd normally have to worry about.

Re:And here we go.......

[DigiShaman]

Yeah, no, fuck that. Just uninstall Flash to begin with if you have it on your system; and don't ever EVER install it again. Be done with it already!

Re:And here we go.......

[JustAnotherOldGuy]

Yeah, no, fuck that. Just uninstall Flash to begin with if you have it on your system;

Well, sometimes I like to play some of the silly Flash games I have to kill a little time. I turn it on when I'm bored and turn it back off when I'm done.

But for browsing the web? No way, not a chance.

Re:And here we go.......

Or, you know, do what a smart person would do and just put Flash on click-to-play.
You need neither of those extensions for that.

Adblock and Noscript aren't going to stop a website from being hacked and serving you an infected flash file anyway.

Equally this is why your browsers should all be sandboxed as well.
99% of infections will never get through it, and if they do, it is because you were stupid, or you pissed a government off.

Re:And here we go.......

[phishybongwaters]

congrats on not knowing what the hell you are talking about. How are most ads delivered? Javascript. What do most ads do once loaded? Execute Javascript. How do ads deliver malware? Javascript. How do most nefarious sites check for, and execute, exploits? Javascript. If you remove flash you likely won't see THAT much of a difference. Many sites have already switched seamlessly to html5 for video, but not all. I happen to frequent a few that still use flash. If you are like me, you have a few options. #1 install noscript on whatever browser you use # Use chrome to load any pages which require flash Here's the option part. You can either do the above and HOPE you don't get nailed, or you can run a sandbox for the browser and only view flash content that way. Or... you can avoid entering passwords or doing anything like online banking on the machine, and just wipe and reinstall every few days. This won't fix you up if you get hit with something really nasty that stays resident on the service partition of your disc, or a rootkit / infected bios. But this will resolve 90% of the issues you'll get from running flash and actually connecting to the internet.

And yet Trend Micro had no new update in weeks

You'd think they'd do something ...

Solved

[Tablizer]

seem to target only government agencies

No problem, I'll just put my gov't work on a home server.

Re:Solved

[mbourgon]

Thank you, Madame Secretary, but that's the other story (http://politics.slashdot.org/story/15/10/13/1951232/clinton-home-servers-had-ports-open#comments).

A list of affected platforms would be nice

There's no information how or if this exploit is able to break out of the sandboxes employed by Chrome and later versions of IE.

Flwhat?

I vaguely remember you had to install that thing in order to browse retarded websites in 2008 or something.

Flash is either VERY buggy, or deliberately buggy.

[Futurepower(R)]

It seems to me that Adobe Systems is no longer a well-managed company, and hasn't been since Bruce Chizen got tired of managing Adobe, which was well before he resigned in 2007. Here is a story from 2007 about that: Bruce Chizen's legacy.

This is a comment from a reader of that story who called himself Tidewind: "I might be in the minority on this, but under Bruce Chizen, I felt Adobe became, well, arrogant." That was my experience, also.

Part of the attraction of Flash has been that it is used to violate the privacy provisions of browsers. Flash can be used to generate what are called Flash-cookies, Local Shared Objects (LSOs), or Super-Cookies, which are files placed on a visitor's computer by the Flash plug-in.

(To avoid permanent tracking: In Firefox, use the BetterPrivacy add-on.)

Now Adobe is trying to make money by making its very expensive products even more expensive by charging monthly for them.

Microsoft followed that monthly business model with Office 365: Pay every day, 365 days each year, even if some of those days you don't have internet access. (Read the comments about Microsoft's other methods of abuse, such as restricting each copy to one country.)

Flash is either VERY buggy, or deliberately buggy. Possibly one way Adobe Systems makes money is by allowing vulnerabilities supplied by secret government agencies. Those agencies can spend billions of dollars of taxpayer money without public oversight.

The new software company business model is apparently "Be abusive".

Re:Flash is either VERY buggy, or deliberately bug

[jonwil]

I would like to see someone with some resources dump something towards creating a nice open source replacement for Flash that doesn't have all the security holes and problems of the Adobe product.

Of course the real problem is all the content sites out there that (for some idiotic reason) are relying on Flash for DRM and which cant be made to work on any flash alternative due to the US DMCA and other similar laws around the world.

Re:Flash is either VERY buggy, or deliberately bug

I would like to see someone with some resources dump the source code of all Adobe products, that would be an interesting read!

Re:Flash is either VERY buggy, or deliberately bug

[0123456]

Adobe software has been bugware for as long as I remember. Adobe Premiere was the software that taught me to hit CTRL+S every few seconds, and save a backup copy every half hour.

'Crap, Premiere just crashed again.'
'Double crap. It corrupted my save file just before it crashed.'

Really?

[gstoddart]

Ministries of Foreign Affairs

*sigh* I would really think those agencies would have people who are sufficiently paranoid as to not allow Flash on those computers. Or are government officials all demanding they be able to watch YouTube videos?

Flash has been a gaping series of security holes for almost 20 years now, why the hell do people keep trusting it?

Re:Really?

Ministries of Foreign Affairs

Or are government officials all demanding they be able to watch YouTube videos?

Well, I could imagine that there are situations where it is convenient for workers at Ministries of Foreign Affairs to be able to pop into a news page and watch that news clip that is shown in a flash video player that isn't YouTube.
Sure, it would be great if they did that in a virtual machine, but those people aren't exactly techies.

Re:Really?

It's 2015. Almost all video players failover to HTML5 if they don't find flash. I have yet to find a porn site this year that requires Flash. Why are the porn sites so far ahead of the Ministries of Fucking Up The World?

Re:Really?

Pornsites have always been ahead of the curve when it comes to video streaming on Internet, and it isn't the Ministries that are behind the curve, they aren't even streaming video.
News pages on the other hand are far behind on that part and journalists have never been on the side of science and technology.

Re:Really?

[wbr1]

Unprotected sex has been a gaping source of STDs for 1000's of years now, why the hell do people keep having it?

Re:Really?

Because if you die of an STD, at least you got laid.

Do it often enough and you'll leave behind some spawn.

Re:Really?

[KGIII]

I was using a little hand-held Tandy with an external modem to upload content to a newspaper a long time ago when I was doing some freelance work for extra money. So, I dunno... I'm not sure where I'm going with that but I don't think you're *quite* accurate.

Re:Really?

I work at an FFRDC and was surprised when my latest new laptop came with Flash installed as part of the standard package. I had already gotten rid of it at home and not missed it at all, and it was in the midst of the latest series of flash exploits. There appear to be some internal corporate things that depend on it, though it might be time to just have an installer and an uninstaller on the desktop and install it on the rare occasions that it seems to be really required, and dump it immediately after.

Re:Really?

Or are government officials all demanding they be able to watch YouTube videos?http://theweek.com/articles/494883/secs-porn-scandal

The types of videos government officials watch aren't on YouTube.

Re:Plugins are for COWS

[Memnos]

Considering how much you say MOOOO, perhaps it's you that is the cow.

Definition of Flash

[Mike+Van+Pelt]

Flash: A reeking bottomless pit of zero-day vulnerabilities, all different.

Re:Definition of Flash

[KGIII]

Hmm... Fucking Long-term Assinine Security Hazard.

Re:Flash is either VERY buggy, or deliberately bug

Microsoft followed that monthly business model with Office 365 [time.com]: Pay every day, 365 days each year

Yes, but the upside is you get one day free every leap year.

Adobe Reader

[Dan+East]

It seems to me that Adobe Systems is no longer a well-managed company, and hasn't been since Bruce Chizen got tired of managing Adobe, which was well before he resigned in 2007.

"no longer"??? Adobe Reader was one of the biggest attack vectors that has ever existed in the history of the web, going back way before 2007. I kid you not, a new exploit came out month after month after month. It was ridiculous. Adobe Flash is actually slightly better in that regard, if that tells you anything.

Re:Adobe Reader

[Dutch+Gun]

Remember when we just had to worry about making things functional? It's hard to imagine that just a few decades ago, someone thought it was a great idea if, when you inserted a CD (later DVD, then USB drive) your computer would automatically execute binaries found on that media? Or that you could attach a random executable to an e-mail, send it to anyone in the world, and they could execute said binary with a single click? Remember when Windows computers were attached to the internet with default ports open, so anyone on the internet could see whatever drives and printers they decided to share? How about embedding scripting languages inside documents? Automatically executing binary plugins on the web? Neat stuff!

This was the era in which these technologies were born.

Take a look at this list of vulnerabilities in Acrobat Reader and just shake your head. 434 and counting. Since PDF was invented in 1991 (and presumably Acrobat came shortly after), that's on average a new vulnerability discovered every 20 days over the past 24 years.

Flash is already well ahead at 568 and counting. That's a new vulnerability found every 12 days over the past 19 years. Go Flash!

NEWS FLASH!

Uninstall flash!

100% Secure from all Flash vulnerabilities!

Large amount of internet still works!

Try it today! :D

Re:thank,s

[JustAnotherOldGuy]

go to russin wed site
http://syria.crap/

Keep your shit-spam to yourself, asshole.

There IS the "HTML5" alternative... apk

See subject: HOWEVER, we haven't seen all the "ins-&-outs" of that yet either - give it time! Bet it shows glaring vulnerabilities too (despite the state of modern computer science being what it is, one HELL of a LOT better than it was when I started it in 1981 but, men made it - men, screwup!).

Sad truth coming from experience over decades in the art & science of computing here on that above. We're not 100% guaranteed solid in LOTS of things out there now.

On HTML5 - I've tried it in IE11 "latest/greatest patched" etc. - et al, it plays ok - as good as Flash - & I'd wager it's had time & early base design vs. issues that plague flash till it's ultimate dying day... most likely. We tend to learn from our mistakes & build better, next time.

(Only thing I really *REALLY* wonder about HTML5 is, is IF "the infamous they" using it for 'nefarious' purposes, ala tracking & what-not/what have you...)

APK

P.S.=> Honestly? I thought they'd have ALL of Windows "bugs/security issues" gone by 2013-2014 outside @ the latest... hasn't happened yet - same point as above... apk

Re:thank,s

I already have a russian bride. Thanks though.

Zero-day exploit hits fully patched Flash???

[Tony+Isaac]

Really? By definition, a zero-day exploit would affect fully patched versions of anything. Duh! If they had time to patch it to fix the exploit, it wouldn't be zero-day any more, would it!

Re:Zero-day exploit hits fully patched Flash???

[Dutch+Gun]

This information is brought to you by the Department of Redundancy Dept, who has brought you this information.

Re:thank,s

What's her hurry?

Flash?

Does anything but ads actually use Flash in this day and age? I haven't had it installed for several years!

Re:Flash?

[ReeceTarbert]

Does anything but ads actually use Flash in this day and age? I haven't had it installed for several years!

Let's see... these are just some results using Firefox 41.0.1 on OS X Mavericks:

Spotify: "To enjoy Spotify, please install Adobe Flash. It's free."

Pandora: "In order to use Pandora internet radio, please upgrade to a more current browser or install a newer version of Flash (v.10 or later)."

Hulu: "Hulu requires Flash Player 11.0.1.152 or higher. Please download and install the latest version of Flash Player before continuing."

I'm sure there are plenty more, but just these three are enough to prove that you're dead wrong -- or just trolling. And no, there's no love lost between Flash and me, either.

RT.

Re:Flash?

[nnull]

Even though I don't use those services, I just tried your links. Spotify works and Pandora works as well (Music plays fine). Hulu is the only one that does not work without flash.

Re:Flash?

[ReeceTarbert]

Even though I don't use those services, I just tried your links. Spotify works and Pandora works as well (Music plays fine). Hulu is the only one that does not work without flash.

Interesting... what browser/OS combination? The latest Safari complains in exactly the same way.

RT.

Re:Flash?

I bet they're doing some kind of stupid browser detection to decide whether or not to require flash. Try changing your user-agent string to one for an ipad/iphone.

Re: Plugins are for COWS

And maybe too unpleasant to look at so moo boy stays in mommy's basement where it's safe and dark.

Re:Flash is either VERY buggy, or deliberately bug

Adobe software has been bugware for as long as I remember.

Indeed it is, but the real fault lies with Microsoft and their shoddy OS security that allows trivial privilige escalation. A rouge application running as a standard user should not be about to install malware at its cousins. Flash running within IE (or another browser) should not be able to escape that threat and do it's own thing. All of this is the fault of the application hooking into flash run-time blobs and the underlying OS that fails the most elementary protection protocols.

Surprised...

[mschaffer]

I am surprised...not that there's another Flash exploit, but that people still use flash.

"Yea though I walk thru the valley of /. ..."

See subject: "... I shall fear no Flash, for thou art with me" -> APK Hosts File Engine 9.0++ SR-2 32/64-bit http://start64.com/index.php?o...

* :)

That, & Psalm 23:4...

APK

P.S.=> ... & no troll downmods can affect me as you can see either, ala the last time I posted this -> http://tech.slashdot.org/comme... as I can merely easily repost it, again, nullifying your PUNY abused downmods - lol!

... apk

Insert free advert for Trend Micro ..

[nickweller]

"Based on our analysis, the Flash zero-day affects at least Adobe Flash Player versions 19.0.0.185 and 19.0.0.207."

Does this Flash Zero-Day work on OS or Linux?

Might be legit

[ThatsNotPudding]

Possibly one way Adobe Systems makes money is by allowing vulnerabilities supplied by secret government agencies. Those agencies can spend billions of dollars of taxpayer money without public oversight.

Given that Adobe, while being the major vector of insecurity on the web, has never even been lashed with a wet noodle by the Feds, one can only conclude they are given cover for exactly this.

It's almost as funny as the US public still believing their elected officials are actually in control of the organs of state security (thems wit everbodys skeletons).

AdBlock+ = inferior & 'souled-out' vs. hosts

Can adblock+ do 16 things hosts do 4 speed, security & reliability:

1.) Protect vs. malicious sites (past ads)
2.) Protect vs. fastflux botnets + stop C&C talkback
3.) Protect vs. dynamic dns botnets + stop C&C talkback
4.) Protect vs. DGA botnets + stop C&C talkback
5.) Protect vs. downed DNS (for reliability)
6.) Protect vs. DNS redirect poisoning
7.) Protect vs. trackers
8.) Protect vs. spam
9.) Protect vs. phish
10.) Protect vs. caps
11.) Get you past dns blocks
12.) Keep you off dns request logs
13.) Speed up surfing by adblocks & hardcoded fav. sites
14.) Work on anything webbound multiplatform.
15.) Easily controlled data
16.) Do all that & block ads better vs. addons more efficiently in cpu cycles + memory usage

* ANSWER ="NO" on ab+ doing it as well or @ ALL + hosts = already on every device natively.

APK

P.S.=> Ab+ does less than hosts & less efficiently - hosts do MORE w/ less + Hosts start w/ the IP stack before REDUNDANT inefficient addons BEGIN to operate (as 1st resolver).

---

Ab+'s 128mb memory inefficiency http://cdn.ghacks.net/wp-conte... (hosts consume 3-11mb using my program initially).

---

ClarityRay defeats it dumping addons in use in browsers via native browser methods!

---

Ab+'s paid to not do its job by default http://www.businessinsider.com... & ABP bought out adblock http://www.theregister.co.uk/2...

---

Ab+ adds complexity in a slower mode of operations (usermode = more messagepassing overhead vs. hosts in kernelmode).

---

AdBlock's SLOWER vs. hosts: http://superuser.com/questions...

---

What's best?

APK Hosts File Engine 9.0++ SR-2 32/64-bit http://start64.com/index.php?o...

MalwareBytes' hpHosts Admin (MalwareBytes employee) hosts & recommends it http://hosts-file.net/?s=Downl... & MalwareBytes = BEST antivirus http://www.av-test.org/en/news...

&

It's safe per 57 antivirus programs in BOTH its 64-bit model https://www.virustotal.com/en/...

+

a 32-bit model too https://www.virustotal.com/en/...

... apk

Re:AdBlock+ = inferior & 'souled-out' vs. host

[phishybongwaters]

Have fun maintaining that host file you idiot. Routers beat hosts file, so your whole deal falls apart because your network stack still gets involved with hosts. Blocking this stuff on the router means it never even gets on your network, no wasted cycles. But again, this means you will spend the rest of your life maintaining this growing hosts file or block list, when adblock and other browser plugins do this, and update it, for you. That said, since adblock has been sold and no one will say to whom, and this nonsense of "Acceptable ads", I wouldn't recommend using and trusting it for much longer. But I'd still suggest that over whatever crap you are spamming on each and every thread even remotely close to this subject. Gee... I wonder if you might be on the payroll for this "application" that requires administrator permissions to merely update your host file. No thanks.

Re:"Yea though I walk thru the valley of /. ..."

[phishybongwaters]

Yup, having to continually spam your questionable software makes it less questionable. Said no one, ever.

Re:Flash is either VERY buggy, or deliberately bug

[KGIII]

What has a pink/red color got to do with the application, anyhow? Perhaps you meant 'rogue?' I don't know if it is always you but this seems to be a common one for ACs. Well, I finally got bored enough to point it out. While maybe not you, 'alot' is not a word and there's a difference between fewer and less.

Re:Flash is either VERY buggy, or deliberately bug

Of course the real problem is all the content sites out there that (for some idiotic reason) are relying on Flash for DRM and which cant be made to work on any flash alternative due to the US DMCA and other similar laws around the world.

It works great for DRM! Since I uninstalled flash, I not only don't copy their content (which I already didn't), I don't even view it! Problem solved.

CISCO 2811 & other models anyone?

See subject & tell us - How're they doing lately being exploited so much? How many folks have routers that can take up to 3,800,960++ entries of KNOWN BAD ads, sites/servers, botnets, etc. - et al (that are threats online)??

ANSWER = NOT TOO MANY - & you're asking folks SPEND MORE MONEY + "Bolt on 'MoAr'" instead of using what they already natively have... lol, blowing added electricity too.

* Trying to "move the goalposts"?

APK

P.S.=> Too bad it's not working after the above... lol - however, there's NO getting around how much + HOW BADLY routers are & have been exploited the past few years now... apk

Re:AdBlock+ = inferior & 'souled-out' vs. host

Moving the goalposts changing to routers is evidence you can't validly technically prove apk wrong here http://slashdot.org/comments.p...

Re:AdBlock+ = inferior & 'souled-out' vs. host

Now Windows and OS X ignore the hosts file.

APK is going to have to find something productive to do.

Yes, Youtube Works without Flash

[BrendaEM]

Unless you play games, or need DRM content, you might be okay.

Re:AdBlock+ = inferior & 'souled-out' vs. host

I use both. Neither ignores hosts on adblocking, blocking botnets or malware from bad sites. What you smoking?

Re:"Yea though I walk thru the valley of /. ..."

If others post on adblock apk's free to inform them of facts from reputable sources and he does. Nobody proves him validly technically wrong.

Re:"Yea though I walk thru the valley of /. ..."

You trying to move the goalpost against apk wasn't successful was it Rob McDonald http://tech.slashdot.org/comme... He creamed you for it.

APK Hosts File Engine unquestionably works

"Yup, having to continually spam your questionable software" - by Rob MacDonald (3394145) on Wednesday October 14, 2015 @09:36AM (#50725231)

See subject: Better than what you can't disprove validly vs. AlmostALLAdsBlocked -> http://tech.slashdot.org/comme...

LMAO!

---

(Then you tried "moving the goalposts" to routers & I smoked you on that too -> http://tech.slashdot.org/comme... )

* :)

---

Keep "Bolting on 'MoAr' illogically when I use what I already have natively doing the job & MORE by far vs. AlmostALLAdsBlocked above, for FAR LESS resources consumed...

APK

P.S.=> So - per my subject above: What's questionable about this data Rob McDonald (other than your questionable limited skills in computing)?

MalwareBytes' hpHosts Admin (MalwareBytes employee) hosts & recommends it -> http://hosts-file.net/?s=Downl... & MalwareBytes = BEST antivirus per this VERY recent testing of them all http://www.av-test.org/en/news...

&

It's safe proven by 57 antivirus programs recently in BOTH its 64-bit model https://www.virustotal.com/en/...

+

In its 32-bit model too https://www.virustotal.com/en/...

Hmmm? apk

WoW, you ARE stupid... apk

"I wonder if you might be on the payroll for this "application" that requires administrator permissions to merely update your host file" - by Rob MacDonald (3394145) on Wednesday October 14, 2015 @09:32AM (#50725207)

See subject: I wrote it - There's no other way to update hosts programmatically vs. using admin privelege stupid.

---

"this means you will spend the rest of your life maintaining this growing hosts file or block list, when adblock and other browser plugins do this, and update it, for you" - by Rob MacDonald (3394145) on Wednesday October 14, 2015 @09:32AM (#50725207)

AlmostALLAdsBlocked+ bought out adblock-> http://www.theregister.co.uk/2...

&

NEITHER blocks all ads due to bribery not to & to be crippled by default -> http://www.businessinsider.com...

AT LEAST HOSTS WORK FULLY RATHER THAN BEING A 'SOULED-OUT" SHELL OF AN APPLICATIONS like "AlmostALLAdsBlocked"

(& hosts do FAR MORE for FAR LESS resources consumed and they do it all faster too...)

---

"Routers beat hosts file" - by Rob MacDonald (3394145) on Wednesday October 14, 2015 @09:32AM (#50725207)

Yea? Routers beat hosts @ being EXPLOITED -> http://www.theregister.co.uk/2...

How many MORE of those EXPLOITS IN ROUTERS happening this year ALONE do I need to crush you some more on that very note??

(Just ask & "ye shall receive"... as I am fairly sure I can come up with ~ 1/2 dozen++ or more easily)

APK

P.S.=> It has been a PLEASURE utterly knocking the snot out of you easily... apk

Re:Flash is either VERY buggy, or deliberately bug

It's how you can tell who has been around long enough to have played rogue.

It's like I mentioned "Sanford and Son" today in another part of the internet. Someone else asks "What's Sanford and Son"? LOL.....okay, this person says they're from the US so I must assume they're about 15 years old.

Re:Flash is either VERY buggy, or deliberately bug

[KGIII]

Don't mention Nethack. Or Zork. I'm not even sure if half the people who play Fallout actually played the first two. I stopped gaming around the time of my enjoyment of the Fallout 2 game. It was awesome. I've not really gamed since but I remember (and played) Rogue. Or, ahem... Rouge... *sighs* Yes, yes I played the French word for Red. I dunno what people do with their spare time but it doesn't appear to be learning new things or improving themselves. I'm glad I'm not a people.

Re:Flash is either VERY buggy, or deliberately bug

https://www.gnu.org/software/g...
Stallman called it...

Hosts do that & far more (for less)

Can adblock+ do 16 things hosts do 4 speed, security & reliability:

1.) Protect vs. malicious sites (past ads)
2.) Protect vs. fastflux botnets + stop C&C talkback
3.) Protect vs. dynamic dns botnets + stop C&C talkback
4.) Protect vs. DGA botnets + stop C&C talkback
5.) Protect vs. downed DNS (for reliability)
6.) Protect vs. DNS redirect poisoning
7.) Protect vs. trackers
8.) Protect vs. spam
9.) Protect vs. phish
10.) Protect vs. caps
11.) Get you past dns blocks
12.) Keep you off dns request logs
13.) Speed up surfing by adblocks & hardcoded fav. sites
14.) Work on anything webbound multiplatform.
15.) Easily controlled data
16.) Do all that & block ads better vs. addons more efficiently in cpu cycles + memory usage

* ANSWER ="NO" on ab+ doing it as well or @ ALL + hosts = already on every device natively.

APK

P.S.=> Ab+ does less than hosts & less efficiently - hosts do MORE w/ less + Hosts start w/ the IP stack before REDUNDANT inefficient addons BEGIN to operate (as 1st resolver).

---

Ab+'s 128mb memory inefficiency http://cdn.ghacks.net/wp-conte... (hosts consume 3-11mb using my program initially).

---

ClarityRay defeats it dumping addons in use in browsers via native browser methods!

---

Ab+'s paid to not do its job by default http://www.businessinsider.com... & ABP bought out adblock http://www.theregister.co.uk/2...

---

Ab+ adds complexity in a slower mode of operations (usermode = more messagepassing overhead vs. hosts in kernelmode).

---

AdBlock's SLOWER vs. hosts: http://superuser.com/questions...

---

What's best?

APK Hosts File Engine 9.0++ SR-2 32/64-bit http://start64.com/index.php?o...

MalwareBytes' hpHosts Admin (MalwareBytes employee) hosts & recommends it http://hosts-file.net/?s=Downl... & MalwareBytes = BEST antivirus http://www.av-test.org/en/news...

&

It's safe per 57 antivirus programs in BOTH its 64-bit model https://www.virustotal.com/en/...

+

a 32-bit model too https://www.virustotal.com/en/...

... apk