Why Avast Won't Show Source Code To the Government, But Others Do

An anonymous reader writes: Avast, a security and antivirus company based in Prague, says they refuse to share their source code, and that the U.S. government hasn't even asked them. This is not necessarily the case for the rest of the industry. Over the summer we learned from a report at The Intercept that GCHQ and the NSA had a project to subvert security software so they could use vulnerabilities and exploits to their own advantage. Antivirus firms McAfee and Symantec were notably absent from the list of targets, and Symantec later confirmed over email that they "permitted source code review in controlled environments to meet government requirements." In addition to raising questions about whether a security product can be trusted under such circumstances, it also causes political problems: "Giving assurances to one country, and receiving government certification, can harm a security company in another. China, a known cyber-adversary of the US, accused Symantec last year of including backdoors that could allow outside access -- though it did not specifically say how -- and banned the product from the country."

Ask?

[ememisya]

They didn't ask Avast for their source code?

Re:Ask?

They didn't ask Avast for their source code?

Why bother if they already knew Avast would refuse? It would be "much easier" (TM) to just hack in and take it.

RE Security Software

[rawtatoor]

Security Software is a misnomer in this case. You can not convince me that any software that is not open source (with open source hardware btw) is safe or secure in any way. That's not what the NSA says tho

Re:RE Security Software

[CastrTroy]

What good is open source hardware? How are you sure that your open source hardware hasn't been compromised between the factory and your house? Can you really be sure that the documents detailing the open source design of your hardware are actually being followed. Is there really anyway for people to verify what's going on inside the CPU?

Re:RE Security Software

[fizzer06]

How are you sure that your open source hardware hasn't been compromised between the factory and your house?

That Fed-Ex driver is a sneaky one with mad hacking skills!

Re:RE Security Software

[rawtatoor]

Its this. ITs Peanut butter. He's going to ask me if I understand etc. He's going to confuse the subject. He's going to pretend and insist to the end that he doesnt understand. I understand -- he's a charlatan. Thinking I'm going to try and make him understand that's his mistake. Don't watch me wind up or nothing but your going to get jerked pal

Re:RE Security Software

[JustAnotherOldGuy]

That Fed-Ex driver is a sneaky one with mad hacking skills!

Actually there are numerous documented instances where one three-letter agency or another has intercepted computer hardware en route, added tracking or monitoring hardware/software, and then resealed the box so it could be delivered. I don't have citations at hand, but I believe both the FBI and CIA have admitted to doing this. I think possibly the NSA as well but I don't recall for certain.

Re:RE Security Software

[rtb61]

It still means that open source software in many areas is likely to get a huge, spy vs spy, push, because no one trusts any one any more because a lot of the spying has devolved to extortion scams (to force political alignment against the wishes of the majority, also very corrupt government private business 'er' partnerships) and industrial espionage as well as off course very focused capital investment espionage (think insider trading upon a mass scale based upon stolen data, NSA/CIA insiders, literally billions to be made).

Hardware is trickier so don't trust your PC at all, consider it a compromised device, so wired connection and your modem, router, firewall, being much more locked down and restrictive when it comes to blocked external IP addresses, port controls and allowed communications. Smart Phone use should be limited to not to personal or financially risky communications. Want to share something private do it in person with your phone locked in the car, other than of course very public communications on forums, that also still works, possible ideas vs defined actions.

Re:RE Security Software

[rawtatoor]

Peanut butter loves your mom. You love peanut butter right?

Re:RE Security Software

Actually there are numerous documented instances where one three-letter agency or another has intercepted computer hardware en route, added tracking or monitoring hardware/software, and then resealed the box so it could be delivered. I don't have citations at hand, but I believe both the FBI and CIA have admitted to doing this. I think possibly the NSA as well but I don't recall for certain.

If they are that interested in you, you are already fucked.

Re:RE Security Software

[AHuxley]

Re "... added tracking or monitoring hardware/software, and then resealed the box so it could be delivered"
"Photos of an NSA “upgrade” factory" (May 15, 2014)
http://arstechnica.com/tech-po...

Re: RE Security Software

[StikyPad]

"Numerous" is an inflation. There's one known instance, which is reason to believe there may be others, but no other examples are known publicly.

As for why Avast hasn't been asked -- the government hasn't used their software. It's as simple as that.

Re:RE Security Software

[Actually,+I+do+RTFA]

You can not convince me that any software that is not open source (with open source hardware btw) is safe or secure in any way. That's not what the NSA says tho

Based on the Symantec quote, it seems more like the NSA wants to audit the anti-virus before it gets used on government systems. So, more likely, Avast isn't asked for their source because they're not getting greenlit to be installed.

Re: RE Security Software

Is your "one known instance" the hacking of Petrobras' (Brazilian government oil company) routers, done en route (he!) from China on the transporting boat, that is in the s,now,den docs, with photos and all?

Re: RE Security Software

[JustAnotherOldGuy]

"Numerous" is an inflation. There's one known instance, which is reason to believe there may be others, but no other examples are known publicly.

I tried to locate the page which detailed this but couldn't find it. I seem to recall it was an ex-DEA or NSA employee who was explaining it. He recounted that this was done very frequently, with his involvement in over "a couple of hundred" instances. Unfortunately I can't find the page, but it was quite clear that it was by no means limited to one or even a few instances.

He detailed how they worked closely with UPS, FedEx, DHL, and the USPS to divert packages, fiddle with the hardware, and then seal everything up and have it delivered. Apparently UPS and FedEx had a regular procedure for diverting the packages using a liaison whose job was to coordinate with the particular agency (again, I think it was the DEA or NSA but I can't recall for certain).

In any case, he made it clear that this was by no means a "one off" thing, but rather an ongoing operation that affected a number of packages from different companies.

Re:RE Security Software

Yes, yes, yes you are, because you visited this thread. Important advisory for you, now that you are on the radar: buy only via walk'in, use cash, and DO NOT look up at the cameras (they're usually overhead, and pointed straight down to catch tiller cheaters). Before hand, apply a little grecian gray, purchase an elderly gentleman's cane (don't use credit for that either), and on check-out exhibit some very bad posture (covers the no-face tactic). Then, never, ever, ever let the device be out of your possession. Further note: never take off your shoes.

Re: RE Security Software

RFID tags are already embedded in all consumer electronics devices. These are used during automatic assembly processes, and for inventory control of components. For that reason, electronics are already pretty good for spycraft utilization, as is. From there, it's likely a simple matter to coerce automatic door opener manufacturers to log all threshold crossings based on UHF level tags (good for about ten feet of range). Anybody they want to add to the radar screen simply has to be scanned once to associate the tag(s) in the equipment. Think of the gasoline they'd save? In such a case theyd surely be spending our tax dollars frugally, wouldn't they? More money for the good stuff, I guess. And vacations.

Re:RE Security Software

But, be sure to throw away the coal afterwards, use gloves, and do the whole procedure out in the park somewhere. Wear paper coveralls during the process, and when you're done wrap it all up, including the cloth (no print latex) gloves, and put into a no-print paper bag, and use a black ski cap whilst dumping them in a convenient late night, but unpopular convenience store dumpster (unpopular means they can afford fewer cameras). It might be a good idea to pour a little low-level acid across the top of the bag to erase unintended prints. Drive to the intended recipient's house, and deliver the paper.

Re:RE Security Software

[tippen]

Based on the Symantec quote, it seems more like the NSA wants to audit the anti-virus before it gets used on government systems. So, more likely, Avast isn't asked for their source because they're not getting greenlit to be installed.

Bingo. There are certain gov organizations that you can't sell into unless you let them audit your source. It's not just the US either. Also required for certain Russian certifications (for example).

Security through obscurity?

[Lead+Butthead]

Well, that one never did worked...

Re:Security through obscurity?

Security through obscurity will work, but only if you combine it with something else.

heh

so that's it for Symantec and Mcafee. Keeping Avast, kthxbye.

my theory

[kelemvor4]

The USG probably didn't think avast was a big enough player to bother with.

Re:my theory

[truck_soccer]

Considering Avast currently leads the AV marketshare with almost 25%.....

Re: my theory

Or they already had what they needed from Avast.

Re:my theory

[samson13]

My theory is that avast didn't ask to have their product evaluated so no government asked for their code to evaluate. To be able to sell security products to a lot of governments you need to be evaluated. Common criteria is an international group that standardizes and recognizes the evaluations across its members. Being CC evaluated puts you on the shopping list for a reasonably large government market.
For a list of products that have had at least one government(or their representatives) crawl through the code https://www.commoncriteriaport...

Re:my theory

Or there's already a gaping hole in security?

Re:my theory

[AHuxley]

Yes a lot of the AV brands do that. They give their code to different governments and then tell the world their products are good. Governments looked at the code and allowed them to bid.

Re: my theory

or the Russians beat them to it.

Re: my theory

Really, this thread is pretty pointless. Obviously, for internal use, there is extreme nation state-of-origin bias. To think otherwise is mental mas$5%#$##.

We need community alternatives

[metrix007]

Truecrypt was a community project as is its successor. Not to mention Linux and the like. There is no question this model works at this point.

We need something similar for anti-virus/general security software for non technical-people.

Let corporations wast money on junk like McAfee and Symantec...millions for peace of mind and not much else.

Let the community have an option that we can rely on as being non-backdoored, and that non technical users who need this such as journalists can have a reliable option.

KGIII, please ignore this post. No irrelevant anecdotes thanks.

Re:We need community alternatives

clamav, clam sentinel, clamwin. For servers they are okay. For desktop use not so much.

Re:We need community alternatives

[DarkOx]

The model works for Linux and True Crypt because the barrier to entry is low. Anyone can work on those projects with just about any PC from the last decade in their basement.

No you can't probably hack on a specific hardware driver much without buying some kit but most people doing that have said kit and are incentivized to make it work for them, then they just share. I know some of the kernel driver devs 'work for kit' too send me a shiny new iWhatever and I'll try and update the iWhatever N-1 driver to work with the new device, etc.

A/V on the other hand still relies first and foremost on signatures be they for files on disk or IPS like signatures for the integrated firewalls. Yes anyone can work on the heuristic and IOC monitoring side of things but you can't probably build an effective package that way. To create signatures you need a vast network of monitoring and information gathering points. You need to have honey pots stood up, etc. Its big coordinated effort to aggregate all the data too which won't be 'fun' for really anyone to work on.

Its really the same issue we see with open source games, GIS applications, and anything that is as content heavy as it is tech heavy. The open source model is very good and building the tooling basic infrastructure. Its pretty good at solving 'interesting' problems and other blue sky efforts. It falls down when it come to doing things that require running the infrastructure or grinding work creating content, like scanning 1000s of USGS maps or something.

So OSS could create the AV software, it could create the analysis tools to monitor malware execution on a vast array of virtual machines and compile the results into defs, but it will not host the vast array of virtual machines, because that costs real money, real big money, that has to come from some place.

Re:We need community alternatives

[AHuxley]

The other issue is how a government will log a users daily AV upgrade patterns. What brand, version, when they update.
A unique "equipment interference" project would then create gov malware just for that user. No signature would/will ever exist as it is one of one. Any outgoing software firewall would see it as been allowed/trusted by the user.
Heuristic analysis can help. More security on the average AV phone home, update functions was often lacking allowing governments to have a good understanding of a user, system just from provider network logs.

Re:We need community alternatives

There's always one of these posts "i need somebody other than me to make an open alternative for me".

Truecrypt was a community project as is its successor. Not to mention Linux and the like. There is no question this model works at this point.

Well actually there is: if the model works then after all this time why is there no competitive product? The answer is that the model is really really slow at making progress and even the most widely used projects are woefully under resourced.

At the point that you ask who specifically will do it the answer is always "somebody will" or "the community will", but ultimately this is wrong. The ability to audit and verify is fantastic but unless the right people actually do it there is little benefit. What project is verified secure?

We need something similar for anti-virus/general security software for non technical-people.

We already have such things, they just aren't that good.

Let the community have an option that we can rely on as being non-backdoored

Who are you begging to let the community have it? If you want it then go for it, start it yourself or pay somebody to do it, that's the open source model. Not just beg somebody else to do it for you.

China is dumb

[Grishnakh]

China is dumb for disallowing Symantec because they think it includes backdoors for the USG, while they continue to use Windows which almost certainly has such backdoors.

Re:China is dumb

[zlives]

they are relying on MS incompetence to do it in a easy to intercept/decipher/block if needed.

Re:China is dumb

Microsoft gives the Chinese government (and many other governments) access to the Windows source code.

Re:China is dumb

[ahodgson]

They give the Chinese government something they claim is the Windows source code. Unless China is compiling it and distributing the output, there is no reason to believe it's what they're actually running.

Re:China is dumb

[fullmetal55]

And Symantec is competent in what reality? Have you used Backup Exec? or Antivirus? or their Anti-Spam or really anything of theirs?

China is whaaat?

"China, a known cyber-adversary of the US"
Says who?
Says the same folks that fingered Iraq for 911?
And just what constitutes a "cyber-adversary"
Does that mean we are both in the playoffs?

Welcome to SlashFox!

Re:China is whaaat?

[Coren22]

Says the same folks that fingered Iraq for 911?

So, um, no one?

Iraq was about their claims to be building a nuke, while importing Yellow Cake Uranium, and refusing nuclear arms inspectors. It never had anything to do with 9/11 except that it happened shortly afterwards.

Re:China is whaaat?

Iraq was about oil.

Every weapons inspector, including ones appointed by the UN said there is no WMD in Iraq. To top it all, one weapons inspector was accused of something and removed, the next one died after he said in the UN that Iraq has to WMD.

https://en.wikipedia.org/wiki/David_Kelly_%28weapons_expert%29
https://en.wikipedia.org/wiki/Scott_Ritter

Re:China is whaaat?

Thousands of active chemical weapons, millions of liters of dual-purpose chemicals, and hundreds of tons of uranium don't count as WMDs?

And if Iraq was about oil, why did not one US company get in on the rebuilding, transport, or refining of Iraqi oil?

Re:China is whaaat?

[hyades1]

I always find it amusing when Americans like you don't even know your own recent history. Read and learn, you smug, cretinous dumbass:

http://antiwar.com/blog/2013/0...

Re:China is whaaat?

[pixelpusher220]

And if Iraq was about oil, why did not one US company get in on the rebuilding, transport, or refining of Iraqi oil?

because the jackasses that lied our way in planned the exit just as well as the entrance?

Thousands of active chemical weapons, millions of liters of dual-purpose chemicals, and hundreds of tons of uranium don't count as WMDs?

No they don't. They didn't have ANYTHING remotely close to what was promised they had. A few relic bombs is not a justification for invasion of another country.

Re:China is whaaat?

[DarkOx]

I say again it takes two to tango. If there was nothing to hide when it became very clear we were moving forward with an invasion force Saddam still could have said "wait time out, look at whatever you want wherever any time" The US military rather than the UN inspectors could have gone in a done the verifying. He did not do that even though he had to have know there was no possibly way his forces could repel a US invasion.

This leads me to conclude there are a few possibilities:
1) Saddam thought he had weapons he did not have
2) There were in fact weapons and interested parties succeeded in removing/hiding them before our occupying force made that impossible
3) There were weapons we found them, and are being lied to about that for 'reasons'

My guess is 2, because three requires a cover up that would be hard in the modern world. To many people would have seen to much and there are two many people with strong political interests, not all of them domestic that would want to see some of that information out there. If nothing else Suni groups like ISIS would want to use it as anti-secular and anit-Shia propaganda.

1 bothers me for similar reasons, folks like Chemical-Ali existed and it would have been hard for them to cover up the fact the cupboard was bare to Saddam and his Sons in the context of weapons inspections and so fourth. Impossible no but unlikely I think.

Which leaves 2 again. There were allegations weapons were being smuggled into Syria during the Iraq war. Suddenly when the Syrian conflict breaks out chemical weapons are used. We know the regime had such weapons. There is cause to suspect some of the attacks might have been staged by the rebels, who could easily have obtained them from the chaos that was Iraq. It all fits, or Assad might have been sitting on even larger stock piles of the stuff after the collapse of Iraq and simply said might as well use some.

Finally WMDs or no WMDs the Bush lied narrative isn't really accurate unless you an apologist for the DNC. Plenty of folks of the foreign Intel committees had access to pretty much all the information the Administration did. Intel isn't an exact science. A case was made based on the evidence, maybe the evidence was weak, circumstantial, and tainted but lots of Senate and Congress critters went along and voted en mass to authorize the war, but "Bush espoused his inaccurate view" does not sound as good in a stump speech. Personal while I am happy to admit in hind sight Iraq was stupid and we should have known better. What I find more astonishing is the current Presidents total failure to learn anything from that experience. This is the type of mistake our nation probably has to make once a generation. We should only be making it once a generation though. Meanwhile the military misadventures in the middle easy continue.

Re:China is whaaat?

[Coren22]

I know the history quite well, I was an adult working in the defense industry for the whole thing. There was never any claim that Saddam had anything to do with 9/11, that was why the invasion of Afghanistan happened, not Iraq. Iraq was about WMD and the very strong and right belief of WMD there. Saddam thought he could bluff having the nukes to keep the US and Iran from invading him, he prevented UN weapons inspectors from entering the country and inspecting the weapons sites. He bought Yellow Cake Uranium, presumably to build the bombs. He had previously gassed the Kurds, and it was widely believed that he was insane enough to attack Iran and incure the wrath of the world, where Kim in North Korea is too chicken to try it.

It was a widely held belief on both sides of the Isle that Iraq/Saddam posed a real danger of nuclear and chemical war, it wasn't just some rumor.

http://politics.slashdot.org/c...

Re:China is whaaat?

[Coren22]

My assumption is also 2, my guess is that his were the chemical weapons used in Syria, not the Syrian chemical weapons.

The US telegraphed our attack way in advance, I don't recall exactly how long it was, but my belief is it was months. There was plenty of time to move the weapons over the border into Syria.

For the Bush lied fanatics, I keep this link in a text file on my desktop, it lists tons of people in the DNC and Clinton's cabinet talking about the WMD:
http://politics.slashdot.org/c...

Personally, I don't blame Obama for the current shape of Iraq, I blame the Iraqi president. He forced the US to withdraw with terms he knew we would never accept, he made his bed, and now has to sleep in it. I haven't heard of Iraq asking us to come back yet, and I would expect that would be all over the news stations if he did, so I can only assume he is being stubborn or honestly believes that his troops can handle ISIS.

Re:China is whaaat?

How exactly does this relate to Avast?

Re:China is whaaat?

[hyades1]

That is a plain, flat-out lie, and you know it.

Cheney and the rest of that odious crowd made it Job 1 to convince Americans there was a connection.

They succeeded.

Why they wont...

[viperidaenz]

Because they weren't asked. No need to make up other reasons Avast, just because you weren't picked.

The government obviously isn't trying to have a peek at all anti-virus/security software.

They probably only want to look at the code for the software they may want to actually use, since it runs at the highest privilege on all their workstations and inspects all the email on their mail server, etc.

Re:Why they wont...

[tlhIngan]

Because they weren't asked. No need to make up other reasons Avast, just because you weren't picked.

The government obviously isn't trying to have a peek at all anti-virus/security software.

They probably only want to look at the code for the software they may want to actually use, since it runs at the highest privilege on all their workstations and inspects all the email on their mail server, etc.

In other words, lemonade!

USG wants to purchase security software and roll it out across their various departments or so. They put in a call for bids to let anyone who has such software submit for testing and evaluation and maybe even purchase. (And believe me, government purchases are huge).

The problem is, Avast didn't make it past the first cut - presumably what happens is the bids are examined for how suitable the proposal is to meeting requirements, then after that cut (which will probably cut out the vast majority of submissions for being inappropriate, inadequate, and insufficient), they do far more technical evaluations. If you get 1000 entrants, it's harder to effectively test them all, than if you can eliminate 980 from the running, then you can test the 20 remaining ones more thoroughly.

Avast probably was one of those cut. Instead of the negative news that they were out of the running while their competitors was still in, they simply spun some PR around and make it seem like they took "the moral high ground", thus turning lemons (not being part of the bid) into lemonade (we won't release source code!). Presumably a source code audit might be one of the technical merits they'd be judged upon had they succeeded past the first round.

Reminds me of an old joke - the US and Russia decided to race each other in a classic car race. The US car won. The Russian newspapers had the following headline - "Russia comes in second. US comes in next to last."

i dont beleive this guy

they have their source code fo sho

Easy for them...

[acoustix]

"they refuse to share their source code, and that the U.S. government hasn't even asked them"

How wonderful of them! That's like me saying that I haven't killed anyone for $100,000 even though nobody every asked me.

It's easy to be moral when you haven't been challenged.

Hmmmm Well..

Although I think Avast is a piece of shit application, which poses no credible threat to any one.
I gotta give'em a high-fyve on this one..
as explained in the article, any collusion with any govt in a global playing field will allways yield loosers..
Either from a political stand point, a technical stand point, or a functional stand point..
it's all bad..
While I do agree independent testing is absolutely necessary to ensure the effectiveness of a product, or just to promote the fact that the product works even at a basic level all of which is GOVT independent.
Case in point RSA.
Like a fart on the wind, traveling hard and fast, but only to sit for a sec get smelled and then wiped by proverbial toilet paper.
Good Job Avast,, perhaps the product could pose another review session..

Symantec fake 2600 certificates

Symantec issued 2600 fake web domain certificate including Google ones that were spotted in the wild. So these were not 'test' certificates, they were being sent as fake Google ones.

http://www.engadget.com/2015/10/29/google-warns-symantec-over-certificates/

So personally I view all Symantec as something akin to a state sponsored spying agency. (Like AT & T, a company more loyal to the spying agency than the constitution).

Coren22 proven a LYING punk

"APK doesn't think that DNS servers are worth running and seems to believe that somehow Microsoft Active Directory can run without DNS." - by Coren22 (1625475) on Tuesday October 27, 2015 @12:58PM (#50811615)

Where'd I say AD will run minus DNS Coren22? I've said AD = internal network DNS dependent as far back as 2007 http://forums.tweaktown.com/wi...

(Searching this in BOLD "To warn users who have ActiveDirectory/AD LAN-WAN setups to NOT use external DNS servers!" referring to OpenDNS suggestions for those using AD stupid in the POSTS BEFORE IT in my security guides for users (geared to stand alone single machines no less), & right there on that page proves it stupid - so even if you posted as myself someplace here on /. "impersonating me", I have your ass NOW, shithead!)

I've also stated MANY TIMES I use remote DNS in OpenDNS @ home (but not @ work on AD networks + exchange/outlook: Free OpenDNS model doesn't work with AD dependent Exchange + Outlook specifically you lying little imbecile).

I also don't hardcode in "every site there is under the sun" is why, so I have to use DNS, but OpenDNS & rarely.

I also RARELY MISS A LOOKUP since I put where I spend a good 95++% of my time online in my favorite sites into hosts @ the TOP of hosts for utmost LOCAL FASTER RESOLUTION SPEEDS and more reliability vs. Open DNS (not OpenDNS) resolvers being abused, Kaminsky redirect poisoned DNS servers (of which 99.999% of ISP DNS are not proofed against to this very day even though a patch exists which OpenDNS uses), rogue DNS servers, and yes ROUTERS with bushwhacked by malware DNS settings (happening a LOT lately).

Hardcodes in hosts are faster than remote DNS, waste less resources than local dns in power, cpu cycles, RAM, & other I/O by FAR considering ALL THE PARTS of such a setup in programs, data, I/O, & power (especially if setup as a separate machine).

APK

P.S.=> You're a disgusting liar... apk

Re:Coren22 proven a LYING punk

The big biz now is proxies, anyway, so DNS is a non sequitur. Your local host won't mean squat there.

Coren22's desperation, lies, & libel

"I guess we should avoid your crap, it looks like it is marked as malware. Good luck getting that removed." - by Coren22 (1625475) on Monday November 02, 2015 @03:52PM (#50850445)

False positive: I've wrote 'em long ago, no response vs. 60++ REPUTABLE sources (not nobodies) below that fries you Coren22!

Is that your fake site for more lies Coren22?

Lying about me LIKE YOU DID HERE punk? -> http://slashdot.org/comments.p... ??

---

MalwareBytes' hpHosts Admin (MalwareBytes employee) hosts & recommends it -> http://hosts-file.net/?s=Downl... & MalwareBytes = BEST antivirus per this VERY recent testing of them all http://www.av-test.org/en/news...

&

It's safe proven by 57 antivirus programs recently in BOTH its 64-bit model https://www.virustotal.com/en/...

+

Its 32-bit model too https://www.virustotal.com/en/...

More "SALT IN YOUR WOUNDS" -> http://f.virscan.org/APKHostsF...

APK

P.S.=> /.'ers say my work is good too:

"his hosts program is actually pretty good" - by xenotransplant (4179011) on Monday August 10, 2015 @03:34PM (#50287195)

"I like your host file system." - by Karmashock (2415832) on Wednesday September 09, 2015 @03:57PM (#50489401)

"APK is kinda right... I've given up on JS based adblocking and gone to blackholing in /etc/hosts, just like it was back in the 90s. The computational load has gotten intolerable for any ad-blocking using JS. I've tried his hosts file generating software. It works." - by bmo (77928) on Thursday October 15, 2015 @11:30AM (#50736071)

"his hosts tool is actually useful for those cases in which one does indeed want to locally block stuff outright while consuming minimum system resources" by alexgieg (948359) on Friday September 25, 2015 @09:57AM (#50596461)

Coren22 "security guru" wannabe fails security

YOU say "hosts=bad" (but they add security, speed, & reliability) & bitch on admin privelege to UPDATE vs. threats:

"So, have you figured out why privilege escalation is a bad thing yet?" - by Coren22 on Tuesday September 22, 2015 @05:15PM (#50577809)

Hypocrite - You use admin priv admitting it

&

How else can I programmatically update hosts minus it in Windows?

---

"Of course it requires elevation to write to the hosts file" - by Coren22 (1625475) on Wednesday September 23, 2015 @05:35PM (#50585879)

You FINALLY later admit there's no other way!

FACT:

Even MalwareBytes AntiMalware (best one) DEMANDS you use admin privelege (you saying it's "bad" too?) it can't do its job fully otherwise, like many security tools do!

---

Aryeh Goretsky NOD32/ESET says hosts = good security-> http://it.slashdot.org/comment...

Oliver Day (Symantec) does-> http://www.securityfocus.com/c...

MalwareBytes' hpHosts hosts & recommends my APK Hosts File Engine 9.0++ SR-2 32/64-bit-> http://hosts-file.net/?s=Downl...

---

* HOW MANY SECURITY PROS DO I NEED TO KNOCK THE CHOCOLATE OUTTA YOU?

---

Those security pros INCLUDE me: I work w/ guys from malwarebytes' hpHosts on a regular basis!

I've professionally worked for decades as a combined domain-wide network admin & software engineer since 1994 (Even showing you HOW to migrate a hosts across an enterprise-> http://slashdot.org/comments.p... )

I've also been securing computers + WRITING GUIDES using CIS Tool (who took fixes from me http://slashdot.org/comments.p... - bonus) http://www.bing.com/search?q=%...

You told me you learn from guides?

I write good ones that MILLIONS USE & was PAID FOR IT http://pcpitstop.com/news/winn...

+ WARES TO PROTECT USERS that are endorsed & hosted by security pros -> http://hosts-file.net/?s=Downl...

You did all that? No!

(& that's ONLY a SMALL part of what I could put out)

APK

P.S.=> You're all TALK -> http://slashdot.org/comments.p... & a "ne'er-do-well" in security... apk

Re:Coren22 "security guru" wannabe fails security

Recommends me use, see many likes hostfile solution, the bestest!

(Coren22 wrong again, nothing knew clearly, from my GUIDES you can tell)

APK

P.S.=> Don't drink the coke...apk

Where's Fisted? apk

See subject: This is yet another reason I won't release my source to "just anyone" (though malwarebytes' hpHosts admin has it along with hosting + recomending my app on their website)!

This is ontop of Chrome being abused for malware creation http://it.slashdot.org/comment... where YOU, fisted, bugged me for days when I told you "no" (& even afterward just to troll me).

(Which IS, clearly, a HUGE DOWNSIDE of "Open SORES" code - it can be used not only to create a clone of one's wares, stealing one's work, but also for malware!)

APK

P.S.=> From the links I read this article leads to, it refreshed my mind how the NSA + GCHQ are out subverting security softwares that way as well as reverse-engineering via debuggers (targetting antivirus software a lot since it uses kernelmode drivers & thus gives access to "ALL" in the system when you get the best of those)... apk

Coren22 proven a LYING punk

"APK doesn't think that DNS servers are worth running and seems to believe that somehow Microsoft Active Directory can run without DNS." - by Coren22 (1625475) on Tuesday October 27, 2015 @12:58PM (#50811615)

Where'd I say AD will run minus DNS Coren22? I've said AD = internal network DNS dependent as far back as 2007 http://forums.tweaktown.com/wi...

(Searching this in BOLD "To warn users who have ActiveDirectory/AD LAN-WAN setups to NOT use external DNS servers!" referring to OpenDNS suggestions for those using AD stupid in the POSTS BEFORE IT in my security guides for users (geared to stand alone single machines no less), & right there on that page proves it stupid - so even if you posted as myself someplace here on /. "impersonating me", I have your ass NOW, shithead!)

I've also stated MANY TIMES I use remote DNS in OpenDNS @ home (but not @ work on AD networks + exchange/outlook: Free OpenDNS model doesn't work with AD dependent Exchange + Outlook specifically you lying little imbecile).

I also don't hardcode in "every site there is under the sun" is why, so I have to use DNS, but OpenDNS & rarely.

I also RARELY MISS A LOOKUP since I put where I spend a good 95++% of my time online in my favorite sites into hosts @ the TOP of hosts for utmost LOCAL FASTER RESOLUTION SPEEDS and more reliability vs. Open DNS (not OpenDNS) resolvers being abused, Kaminsky redirect poisoned DNS servers (of which 99.999% of ISP DNS are not proofed against to this very day even though a patch exists which OpenDNS uses), rogue DNS servers, and yes ROUTERS with bushwhacked by malware DNS settings (happening a LOT lately).

Hardcodes in hosts are faster than remote DNS, waste less resources than local dns in power, cpu cycles, RAM, & other I/O by FAR considering ALL THE PARTS of such a setup in programs, data, I/O, & power (especially if setup as a separate machine).

APK

P.S.=> You're a disgusting liar... apk

Coren22's desperation, lies, & libel

"I guess we should avoid your crap, it looks like it is marked as malware. Good luck getting that removed." - by Coren22 (1625475) on Monday November 02, 2015 @03:52PM (#50850445)

False positive: I've wrote 'em long ago, no response vs. 60++ REPUTABLE sources (not nobodies) below that fries you Coren22!

Is that your fake site for more lies Coren22?

Lying about me LIKE YOU DID HERE punk -> http://slashdot.org/comments.p... ??

---

MalwareBytes' hpHosts Admin (MalwareBytes employee) hosts & recommends it -> http://hosts-file.net/?s=Downl... & MalwareBytes = BEST antivirus per this VERY recent testing of them all http://www.av-test.org/en/news...

&

It's safe proven by 57 antivirus programs recently in BOTH its 64-bit model https://www.virustotal.com/en/...

+

Its 32-bit model too https://www.virustotal.com/en/...

More "SALT IN YOUR WOUNDS" -> http://f.virscan.org/APKHostsF...

APK

P.S.=> /.'ers say my work is good too:

"his hosts program is actually pretty good" - by xenotransplant (4179011) on Monday August 10, 2015 @03:34PM (#50287195)

"I like your host file system." - by Karmashock (2415832) on Wednesday September 09, 2015 @03:57PM (#50489401)

"APK is kinda right... I've given up on JS based adblocking and gone to blackholing in /etc/hosts, just like it was back in the 90s. The computational load has gotten intolerable for any ad-blocking using JS. I've tried his hosts file generating software. It works." - by bmo (77928) on Thursday October 15, 2015 @11:30AM (#50736071)

"his hosts tool is actually useful for those cases in which one does indeed want to locally block stuff outright while consuming minimum system resources" by alexgieg (948359) on Friday September 25, 2015 @09:57AM (#50596461)

Coren22 "security guru" wannabe fails security

YOU say "hosts=bad" (but they add security, speed, & reliability) & bitch on admin privelege to UPDATE vs. threats:

"So, have you figured out why privilege escalation is a bad thing yet?" - by Coren22 on Tuesday September 22, 2015 @05:15PM (#50577809)

Hypocrite - You use admin priv admitting it

&

How else can I programmatically update hosts minus it in Windows?

---

"Of course it requires elevation to write to the hosts file" - by Coren22 (1625475) on Wednesday September 23, 2015 @05:35PM (#50585879)

You FINALLY later admit there's no other way!

FACT:

Even MalwareBytes AntiMalware (best one) DEMANDS you use admin privelege (you saying it's "bad" too?) it can't do its job fully otherwise, like many security tools do!

---

Aryeh Goretsky NOD32/ESET says hosts = good security-> http://it.slashdot.org/comment...

Oliver Day (Symantec) does-> http://www.securityfocus.com/c...

MalwareBytes' hpHosts hosts & recommends my APK Hosts File Engine 9.0++ SR-2 32/64-bit-> http://hosts-file.net/?s=Downl...

---

* HOW MANY SECURITY PROS DO I NEED TO KNOCK THE CHOCOLATE OUTTA YOU?

---

Those security pros INCLUDE me: I work w/ guys from malwarebytes' hpHosts on a regular basis!

I've professionally worked for decades as a combined domain-wide network admin & software engineer since 1994 (Even showing you HOW to migrate a hosts across an enterprise-> http://slashdot.org/comments.p... )

I've also been securing computers + WRITING GUIDES using CIS Tool (who took fixes from me http://slashdot.org/comments.p... - bonus) http://www.bing.com/search?q=%...

You told me you learn from guides?

I write good ones that MILLIONS USE & was PAID FOR IT http://pcpitstop.com/news/winn...

+ WARES TO PROTECT USERS that are endorsed & hosted by security pros -> http://hosts-file.net/?s=Downl...

You did all that? No!

(& that's ONLY a SMALL part of what I could put out)

APK

P.S.=> You're all TALK -> http://slashdot.org/comments.p... & a "ne'er-do-well" in security... apk

Coren22 proven a LYING punk

"APK doesn't think that DNS servers are worth running and seems to believe that somehow Microsoft Active Directory can run without DNS." - by Coren22 (1625475) on Tuesday October 27, 2015 @12:58PM (#50811615)

Where'd I say AD will run minus DNS Coren22? I've said AD = internal network DNS dependent as far back as 2007 http://forums.tweaktown.com/wi...

(Searching this in BOLD "To warn users who have ActiveDirectory/AD LAN-WAN setups to NOT use external DNS servers!" referring to OpenDNS suggestions for those using AD stupid in the POSTS BEFORE IT in my security guides for users (geared to stand alone single machines no less), & right there on that page proves it stupid - so even if you posted as myself someplace here on /. "impersonating me", I have your ass NOW, shithead!)

I've also stated MANY TIMES I use remote DNS in OpenDNS @ home (but not @ work on AD networks + exchange/outlook: Free OpenDNS model doesn't work with AD dependent Exchange + Outlook specifically you lying little imbecile).

I also don't hardcode in "every site there is under the sun" is why, so I have to use DNS, but OpenDNS & rarely.

I also RARELY MISS A LOOKUP since I put where I spend a good 95++% of my time online in my favorite sites into hosts @ the TOP of hosts for utmost LOCAL FASTER RESOLUTION SPEEDS and more reliability vs. Open DNS (not OpenDNS) resolvers being abused, Kaminsky redirect poisoned DNS servers (of which 99.999% of ISP DNS are not proofed against to this very day even though a patch exists which OpenDNS uses), rogue DNS servers, and yes ROUTERS with bushwhacked by malware DNS settings (happening a LOT lately).

Hardcodes in hosts are faster than remote DNS, waste less resources than local dns in power, cpu cycles, RAM, & other I/O by FAR considering ALL THE PARTS of such a setup in programs, data, I/O, & power (especially if setup as a separate machine).

APK

P.S.=> You're a disgusting liar... apk

Coren22's desperation, lies, & libel

"I guess we should avoid your crap, it looks like it is marked as malware. Good luck getting that removed." - by Coren22 (1625475) on Monday November 02, 2015 @03:52PM (#50850445)

False positive: I've wrote 'em long ago, no response vs. 60++ REPUTABLE sources (not nobodies) below that fries you Coren22!

Is that your fake site for more lies Coren22?

Lying about me LIKE YOU DID HERE punk -> http://slashdot.org/comments.p... ??

---

MalwareBytes' hpHosts Admin (MalwareBytes employee) hosts & recommends it -> http://hosts-file.net/?s=Downl... & MalwareBytes = BEST antivirus per this VERY recent testing of them all http://www.av-test.org/en/news...

&

It's safe proven by 57 antivirus programs recently in BOTH its 64-bit model https://www.virustotal.com/en/...

+

Its 32-bit model too https://www.virustotal.com/en/...

More "SALT IN YOUR WOUNDS" -> http://f.virscan.org/APKHostsF...

APK

P.S.=> /.'ers say my work is good too:

"his hosts program is actually pretty good" - by xenotransplant (4179011) on Monday August 10, 2015 @03:34PM (#50287195)

"I like your host file system." - by Karmashock (2415832) on Wednesday September 09, 2015 @03:57PM (#50489401)

"APK is kinda right... I've given up on JS based adblocking and gone to blackholing in /etc/hosts, just like it was back in the 90s. The computational load has gotten intolerable for any ad-blocking using JS. I've tried his hosts file generating software. It works." - by bmo (77928) on Thursday October 15, 2015 @11:30AM (#50736071)

"his hosts tool is actually useful for those cases in which one does indeed want to locally block stuff outright while consuming minimum system resources" by alexgieg (948359) on Friday September 25, 2015 @09:57AM (#50596461)

Coren22 "security guru" wannabe fails security

YOU say "hosts=bad" (but they add security, speed, & reliability) & bitch on admin privelege to UPDATE vs. threats:

"So, have you figured out why privilege escalation is a bad thing yet?" - by Coren22 on Tuesday September 22, 2015 @05:15PM (#50577809)

Hypocrite - You use admin priv admitting it

&

How else can I programmatically update hosts minus it in Windows?

---

"Of course it requires elevation to write to the hosts file" - by Coren22 (1625475) on Wednesday September 23, 2015 @05:35PM (#50585879)

You FINALLY later admit there's no other way!

FACT:

Even MalwareBytes AntiMalware (best one) DEMANDS you use admin privelege (you saying it's "bad" too?) it can't do its job fully otherwise, like many security tools do!

---

Aryeh Goretsky NOD32/ESET says hosts = good security-> http://it.slashdot.org/comment...

Oliver Day (Symantec) does-> http://www.securityfocus.com/c...

MalwareBytes' hpHosts hosts & recommends my APK Hosts File Engine 9.0++ SR-2 32/64-bit-> http://hosts-file.net/?s=Downl...

---

* HOW MANY SECURITY PROS DO I NEED TO KNOCK THE CHOCOLATE OUTTA YOU?

---

Those security pros INCLUDE me: I work w/ guys from malwarebytes' hpHosts on a regular basis!

I've professionally worked for decades as a combined domain-wide network admin & software engineer since 1994 (Even showing you HOW to migrate a hosts across an enterprise-> http://slashdot.org/comments.p... )

I've also been securing computers + WRITING GUIDES using CIS Tool (who took fixes from me http://slashdot.org/comments.p... - bonus) http://www.bing.com/search?q=%...

You told me you learn from guides?

I write good ones that MILLIONS USE & was PAID FOR IT http://pcpitstop.com/news/winn...

+ WARES TO PROTECT USERS that are endorsed & hosted by security pros -> http://hosts-file.net/?s=Downl...

You did all that? No!

(& that's ONLY a SMALL part of what I could put out)

APK

P.S.=> You're all TALK -> http://slashdot.org/comments.p... & a "ne'er-do-well" in security... apk

Coren22 proven a TROLL

See subject - OR did you NOT say this:

"Maybe I should change my signature again just to rile him up some more." - by Coren22 (1625475) on Tuesday November 03, 2015 @10:07AM (#50855451) FROM http://slashdot.org/comments.p...

behind my back (since I can't see signatures) like the punk you are & KGIII noted it:

"In an earlier thread, I saw that APK quoted your signature" - by KGIII (973947) on Monday November 02, 2015 @10:22PM (#50852845) FROM http://slashdot.org/comments.p...

Which I COMPLETELY SHUT DOWN due to your lies about me on AD + DNS (GPO too from my security guides which I see you've read, that are geared to single stand alone machines no less NOT networked ones but I advise vs. using external DNS with AD there too, here) -> http://slashdot.org/comments.p...

---

* You're a disgusting LIAR & burying yourself ALL THE MORE for me... thank you!

APK

P.S.=> The beatings WILL continue libeling liar... much to YOUR OWN dismay, & you've only brought it on yourself (signatures? what a punk... man to man, I've shown how technically inept you are, & I doubt you're what you CLAIM to be in MCSE, SystemEngineer, & Security - most posts that are that 'beating' on you show QUITE otherwise)... apk

Ever Since Sony ....

Ever since Sony planted their trojan, and all the 'major' security anti virus companies "failed" to detect it, I have not trusted the anti virus industry. How could they not detect Sony's trojan unless they had been paid off?
pgmer6809

Coren22 proven a troll (NSA/GCHQ?)

See subject - OR did you NOT say this:

"Maybe I should change my signature again just to rile him up some more." - by Coren22 (1625475) on Tuesday November 03, 2015 @10:07AM (#50855451) FROM http://slashdot.org/comments.p...

behind my back (since I can't see signatures) like the punk you are & KGIII noted it:

"In an earlier thread, I saw that APK quoted your signature" - by KGIII (973947) on Monday November 02, 2015 @10:22PM (#50852845) FROM http://slashdot.org/comments.p...

Which I COMPLETELY SHUT DOWN due to your lies about me on AD + DNS (GPO too from my security guides which I see you've read, that are geared to single stand alone machines no less NOT networked ones but I advise vs. using external DNS with AD there too, here) -> http://slashdot.org/comments.p...

---

* You're a disgusting LIAR & burying yourself ALL THE MORE for me... thank you!

---

DEFENSE INDUSTRY?

LOL - "theory" here - you working for the NSA or GCHQ now too??

They tend to "recruit from within" - & are KNOWN to attack SECURITY SOFTWARE (like mine) to subvert it -> https://theintercept.com/2015/...

(Boy if so THEY PICKED BADLY possibly using YOU as a lapdog - (not theory ->) you're brain-damaged with Aspergers as you've admitted - too bad "the sins of the father" are visited on his children in your case also - I say this since you PROVE to be very mentally weak while failing in trolling me!)

Dumb - folks like me HELP SECURE the world doing wares like mine - folks in those organizations are spying on us actually NOT helping folks in the USA!

APK

P.S.=> The beatings WILL continue libeling liar... much to YOUR OWN dismay, & you've only brought it on yourself (signatures? what a punk... man to man, I've shown how technically inept you are, & I doubt you're what you CLAIM to be in MCSE, SystemEngineer, & Security - most posts that are that 'beating' on you show QUITE otherwise)... apk

Coren22 proven a troll (NSA/GCHQ?)

See subject - OR did you NOT say:

"Maybe I should change my signature again just to rile him up some more." - by Coren22 (1625475) on Tuesday November 03, 2015 @10:07AM (#50855451) FROM http://slashdot.org/comments.p...

behind my back (as I can't see signatures) like a punk & KGIII noted it:

"In an earlier thread, I saw that APK quoted your signature" - by KGIII (973947) on Monday November 02, 2015 @10:22PM (#50852845) FROM http://slashdot.org/comments.p...

Which I SHUT DOWN due to your lies about me on AD + DNS (GPO too from my security guides which I see you've read, that are geared to single stand alone machines no less NOT networked ones but I advise vs. using external DNS with AD there too, here) -> http://slashdot.org/comments.p...

---

* You're a disgusting LIAR & burying yourself!

---

DEFENSE INDUSTRY? Coren22 from http://slashdot.org/comments.p...

"Theory" here - you working for the NSA/GCHQ now?

They tend to "recruit from within"!

They're KNOWN to attack SECURITY SOFTWARE (like mine) https://theintercept.com/2015/...

(If so THEY PICKED BADLY using YOU as a lapdog - (not theory ->) you're brain-damaged w/ Aspergers as you admit- "the sins of the father" = visited on his children too)

Dumb - folks like me HELP SECURE folks doing wares like mine - folks in NSA/GCHQ are spying on us is NOT helping folks in the USA!

This "theory" of mine wouldn't surprise me 1 bit!

Not after proof I put up above (IF you are their crony tell your "masters/handlers" they're busting on the WRONG guy for "character assasination" as I help do the RIGHT thing, not the wrong one spying on US folks! I protect folks)

Wouldn't be a 1st: I've had PROFESSIONAL trolls try it (Cito) & advertisers' cronies (AndyMadigan & RayMorris) do it on /. - I dusted them.

APK

P.S.=> You've bring it on yourself (signatures? what a punk! I've shown you're technically inept & I doubt you're MCSE, SystemEngineer, & Security - my posts show QUITE otherwise)... apk

"Impersonating me"? Please... lol! apk

See subject - you FAIL when you resort to that (this is probably the 100th time I've had this happen).

APK

P.S.=> Utterly pitiful... apk

This might (some theory, MOST not)

See subject as it directly relates to Coren22 http://slashdot.org/comments.p...

* I hope not - I could be wrong but then I'm only speculating @ this point (but based on prior history of those organizations & their antics vs. security wares).

Jeremiah Cornelius a member here (works for VMWare, Microsoft before it - very politically active person too) told me that when I released my ware & said to me that the SECOND I said it was useful vs. threats online + DNS block lists, I painted a target on my head...

Despite our differences, JC is pretty smart. I told him LONG before arguments & trollings he did to me (MyCleanPC & yes he posted it as spam under his REGISTERED ACCOUNT making a huge mistake there) I liked what he had to say on things political.

I've "had it out" with JC too - but overall, we get along well. I didn't listen well to him on it, figuring he was just 'attacking me' but it was ALL about "character assasination" since according to him, they have to make you look "crazy" before "taking you out" (as in dead so nobody will care if you got shot dead etc.).

This article does the rest - read the links on how the NSA/GCHQ tried subverting security wares... put 2+2 together.

Coming from Coren22, pro Bush/pro gov't. too always? WHO KNOWS!

APK

P.S.=> Yes, yes, I am SURE some will call me nuts - but that method is "SOP" (std. operating procedure) for those boys (which we all know due to HBGary & the like + advertisers doing it) - & it's only speculation on my part but based on what he said & I don't consider myself that important by ANY means - but, the possibility IS there due to Coren22's background (defense industry allegedly, but believing Coren22 is like believing "the boy who cried wolf" which my other posts there show clearly regarding his "honesty & integrity")... apk

Sure it would on single rigs

See subject & I didn't design the program for that - it's for regular users, not business... & business should, but often DOESN'T, secure ALL ENDPOINTS (printers get 'exhausted of paper' a lot if you don't) - they don't & often rely on 'eggshell' perimeter-level defenses (& we ALL know how much businesses get hacked/cracked/security-breached from the news we get here) - it's partly due to that (& websites + DB servers NOT being properly secured & designed).

* The 1st resolver used IS the hosts file (especially with large ones like my program creates, where you're instructed to disable the slower usermode dnscache client since it breaks down due to a fixed-size structure it uses - when a redimensionable one is easy to create no less AND the way I do it INCURS NO 'CONTEXT-SWITCH' OVERHEADS TO USERMODE, between hosts cached in RAM locally & used by the kernelmode tcpip.sys IP stack resolver + the kernelmode diskcache caching it, accessing cached hosts in memory too - for the UTMOST in speed).

I also "UP THE PRIORITY" of that read via a simple registry hack too!

DNS is chock full of exploitable flaws in Open DNS (not OpenDNS) resolvers, Kaminsky redirect poisoning flaws (99.999% of ISP DNS' are NOT PATCHED vs. it to this very day though a patch is out there, which OpenDNS uses mind you), DNS settings EXPLOITED ROUTERS, rogue DNS servers malware makers + botnets use & more!

Lastly - hosts is a HELL of a lot less in terms of excess I/O (especially in usermode), RAM, CPU, & other things considering ALL of its VERY EXPLOITABLE PARTS shown above as well as complexity + room for 'breakdown' also.

APK

P.S.=> It'd be easy for a LAN-WAN admin to migrate hosts across a network via batches/.cmd files & logon scripts OR timed ones on a scheduled task/chronjob also - if not by Group Policy as well on AD networks (either way works)... apk

Bullshit (privoxy OR put it on the proxy)

See subject: Placing hosts ON THE PROXY SERVER ITSELF will work & there's proxies that work with hosts (see subject, & iirc, perhaps "off" here? Proximotron does too but on this one I may be 'off'...)

* Then, there's the REST of what I crushed you with here too http://slashdot.org/comments.p...

APK

P.S.=> When WILL you unidentifiable ac trolls EVER LEARN that you are NOT IN MY LEAGUE in the art & science of computing? Keep coming - I take on, & DESTROY, all 'naysayer troll' comers, easily... even ones that hide by unidentifiable ac posts harassing me when they have a registered 'luser' /. account (Coren22, that you again? YOU FAIL ONCE MORE fool)... apk