Slashdot Mirror
It's Way Too Easy To Hack the Hospital (bloomberg.com)
schwit1 sends along a lengthy piece from Bloomberg about the chaos currently surrounding medical device security: The Mayo Clinic had assembled an all-star team of about a dozen computer jocks, investigators from some of the biggest cybersecurity firms in the country, as well as the kind of hackers who draw crowds at conferences such as Black Hat and Def Con. The researchers split into teams, and hospital officials presented them with about 40 different medical devices. Do your worst, the researchers were instructed. Hack whatever you can.
Like the printers, copiers, and office telephones used across all industries, many medical devices today are networked, running standard operating systems and living on the Internet just as laptops and smartphones do. Like the rest of the Internet of Things—devices that range from cars to garden sprinklers—they communicate with servers, and many can be controlled remotely. As quickly became apparent to Rios and the others, hospital administrators have a lot of reasons to fear hackers. For a full week, the group spent their days looking for backdoors into magnetic resonance imaging scanners, ultrasound equipment, ventilators, electroconvulsive therapy machines, and dozens of other contraptions. The teams gathered each evening inside the hospital to trade casualty reports.
"Every day, it was like every device on the menu got crushed," Rios says. "It was all bad. Really, really bad." The teams didn't have time to dive deeply into the vulnerabilities they found, partly because they found so many—defenseless operating systems, generic passwords that couldn't be changed, and so on.
Sooner or later, hospitals would be hacked, and patients would be hurt. He'd gotten privileged glimpses into all sorts of sensitive industries, but hospitals seemed at least a decade behind the standard security curve. "Someone is going to take it to the next level. They always do," says Rios. "The second someone tries to do this, they'll be able to do it. The only barrier is the goodwill of a stranger."
Like the printers, copiers, and office telephones used across all industries, many medical devices today are networked, running standard operating systems and living on the Internet just as laptops and smartphones do. Like the rest of the Internet of Things—devices that range from cars to garden sprinklers—they communicate with servers, and many can be controlled remotely. As quickly became apparent to Rios and the others, hospital administrators have a lot of reasons to fear hackers. For a full week, the group spent their days looking for backdoors into magnetic resonance imaging scanners, ultrasound equipment, ventilators, electroconvulsive therapy machines, and dozens of other contraptions. The teams gathered each evening inside the hospital to trade casualty reports.
"Every day, it was like every device on the menu got crushed," Rios says. "It was all bad. Really, really bad." The teams didn't have time to dive deeply into the vulnerabilities they found, partly because they found so many—defenseless operating systems, generic passwords that couldn't be changed, and so on.
Sooner or later, hospitals would be hacked, and patients would be hurt. He'd gotten privileged glimpses into all sorts of sensitive industries, but hospitals seemed at least a decade behind the standard security curve. "Someone is going to take it to the next level. They always do," says Rios. "The second someone tries to do this, they'll be able to do it. The only barrier is the goodwill of a stranger."
all the big hacks have been around money. stealing CC cards to buy stuff or wiring money right out of a bank account. what do i get out of hacking medical devices except a free and painful medical experience along with being forced to eat hospital food?
the vendors don't let them do the windows / os updates on the devices.
That's because the vendors are concerned the updates could break the device. Which is a valid concern as there have been many OS updates that have broke stuff over the years. Pretty much ever OS has had this issue at one time or another, not just Windows.
Medical equipment vendors definitely need to address this.
However, that being said, anyone that hacks medical devices should be taken out and shot. This would be a good cause for reviving capital punishment in those jurisdictions that have retired it.
It's not just that, it's also that vendors assume that hospitals have competent IT departments and devices will be appropriately firewalled away from the rest of the network.
Is that hackers want to get treated also...
don't forget blackmail revenge etc... ask ed snowden the value of your md chart here on /. ? for marketing health scare hypenosys,,, not much you say but it could add up to both physical & spiritual paralysis deepending on which side of the stretcher we fall under?
Nobody really cares anymore. Computers are toys, or in a professional setting, devices with perhaps 3-4 commonly used functions outside of web browsing. Most people see and use them as glorified chumbies, and really there's nothign wrong with that. It does however mean that the idea of the "Personal Computer" has probably reached saturation. Most people just want a smartphone with apps, not a PC.
I watched TV entertainment documentary about an American aircraft carrier. All over the ship, a human operator was tasked with roles which could clearly have been totally automated, but weren't. As the programme got as far as the crew who managed the flight deck, as they moved little plastic models of aircraft on a magnetic board. one officer spelled it out. "This is reliable. If the power goes out or [some other interimable computer issue arises] this will be here". At that moment it became clear that the US Navy at least, following decades of experience, had decided what roles computer could and more importantly could not be relied upon to work in.
I imagine hospitals are the same. Their general purpose PC computers are probably assigned to admin roles. Specific, single task machines, are likely only quasi-networked, and probably expected to fail and treated accordingly. Devices that blue-screen or kernel panic won't retain their certifications over the course of decades, and the only way to avoid those is to strip down the computer until it is to all intents a single purpose old analog device. The security issues which plague, aand will forever hobble personal computers will simply not apply to near bare-metal single purpose, constantly reflashable devices. No-one will care, because no-one will fully trust these devices to work perfectly anyway.
Captcha: calcify
it's time
These devices are not generally in some server room with limited physical access.
The M&M security model sucks, sure it can mitigate things till patches can get applied but it's not a long term solution.
No sir I dont like it.
I'm wondering how feasible it is to have separate devices handle the security.
It should be more feasible than having every device be secure? any programmer from any supplier in the entire hospital can now break the security, and everything is down the drain...
seeing how cheap small computers are now, how hard would it be to put a small secure module before each machine securing everything? I think that would be a far more feasible approach in getting a hospital secure!
So they're so completely and utterly insecure we can't even tell you how badly insecure most of it is or what we could do with it.
That should be setting off big huge alarm bells for a lot of people, but nobody ever does anything until it's too late.
Lost at C:>. Found at C.
Imagine a broad attack where people in hospitals start dieing from the equipment. Add in attacks on other infrastructure and you'll have 9/11 times a thousand.
The medical devices can't be patched without software validation taking place on the device, which means the patches are installed and the V&V teams need to test and verify that the patching does not affect the output of results for these instruments. This happens where I used to work, but not as often as it should, due to $$$. Often times because of this, there are ways to limit physical access, firewall / vlan the device and allowing only the service that is required to perform the function. Of course when that service becomes vulnerable, all bets are off.
Large concerning point and I can agree with the poster is that most hospitals have security plans and they do vendor assessments, but the vendors are allowed to (Through convincing arguments and due to financial reasons) have their vulnerable equipment on the hospital network in a segmented fashion. I have of course visited a few places where they have a /16 and that is just scary!!
In my experience, the hospital networks are also extremely vulnerable. IT at hospitals is focused on making sure interactions with insurance go smoothly, the doctors are happy and the next remodel. They have added guest networks to appease their clientele without one thought to security. The result being you can see anything from anywhere, so not only are hospitals full of vulnerable equipment, they are full of vulnerable easily accessed equipment.
In the 90's, I worked for a hospital that shall remain nameless. Their billing system had a root password of "Superman", and the vendor (on whom they leaned for everything) wouldn't let them change it. They also assumed phone lines were secure (which is a joke.)
I'd imagine things are better now, but there was really a total lack of security awareness at that time.
"He who would learn astronomy, and other recondite arts, let him go elsewhere. " -- John Calvin, commenting on Genesis 1
I doubt that the goodwill of strangers has been enough to keep people from hacking these devices, and I doubt that those lacking that goodwill haven't yet thought to hack hospitals, especially if someone of note was known to stay at a hospital for whatever reason. Probably the only reason nobody has heard of anything really bad happening as a result of hacking is that actual patient interaction (for drug administration, monitoring, etc.) still requires physical presence of medical staff. Once that changes, though -- for example, once doctors can review status and order changes via their smartphones without relying on intermediate nurses and such -- shit will hit the fan pretty quickly. When that happens, I wonder who will be left holding the bag. The hospital? Device maker? Doctor? Patient?
We will never be the change to the weather and the sea
The chattering classes were all "ooohhh portable electronic records" and this and that about the transformative impact of technology without any appreciation for the absolute, non-negotiable need for a security first posture. Of all private sector systems, hospitals are the closest (with a few other industries like utilities) to the use case for a classified government network on security.
This won't be fixed until the federal government and states get together and task the DNI with drafting guidelines derived from how they regulate Top Secret networks to be used by the medical industry. If left to the industry or DHHS, this won't get done until some hospital gets hacked and dozens of patients are murdered by some piece of shit in China, Russia or the Middle East.
I've worked in a few hospital system. While I'm not an IT guy I'm an engineer and I often serve as a de-facto IT guy for companies. The quality of IT staff in the hospitals I've work with were for the most part deplorable. They tend to be understaffed, underfunded and underpaid and not supported well by management. It should surprise no one that they don't tend to get the best and brightest. While there are some good people, the system sets them up to fail. Quite frankly, hospitals are among the least secure and least well administered companies I've seen when it comes to IT. Their business is extremely complex and very few of the people working in it are IT focused, particularly those in positions of power. Worse a lot of the equipment uses special versions of software that either is not or (usually for regulatory reasons) cannot be updated.
What security people constantly miss is that our society is kind of founded on the goodwill of the stranger. That's also why there's little physical security at hospitals. Sure there are mentally sick people out there but it takes somebody especially incredibly sick and twisted to turn off somebody's pacemaker just for the hell of it.
I'm all for security, and there are some evil people out there, but really there are reasons why hospitals are often the least secured places anywhere you go
It's not just that, it's also that vendors assume that hospitals have competent IT departments and devices will be appropriately firewalled away from the rest of the network.
Vendors of these products know damn well that hospitals routinely lack competent IT departments and they know (or should know) that they will be improperly secured if they are secured at all.
Why are we holding up these devices up to some insane standards that were never a consideration until "IoT" became the buzz word of the year?
Do you know how many mission critical infrastructure systems are running completely unencrypted, non-obfuscated, clear text RS485/232? Wireless backhauls with next to zero security because who would have the kit to interface with it so why bother locking it down? (20 dollar SDR? What's an SDR?). Your local ISPs reckless abandon of cabling from the drop on the corner to your CPE.
But please lets all stop the presses and talk about how unbelievable it is that I can reset a pace maker with just a smart phone. (instead of a microwave oven which always worked.) Do I care if the particle accelerator is on the hospitals intranet with admin:admin? Only as much as I care about a random person throwing a road flare at a gas station as they drive by. Only as much as I care about someone with a bic pen or bump-key getting in the subdivisions phone exchange to listen to phone calls/reroute calls/disable service entirely and start a door to door rape party.
Is it a serious security concern that every major auto manufacturer was shipping vehicles with all the same, standard bolts and fasteners? ANYONE with a toolbox could alter your car or disable your breaks!
And yet I'm not actually worried about going to the hospital and getting irradiated to death from a hacked x-ray machine. What incentive would someone have to make the effort and take the risk to hack these machines? The actual likely fallout from such a thing might be some invalid test results, and maybe even one or two direct deaths from an exploding MRI. The best scenario I can think of would be a foreign nation just wanting to do general economic damage to a country, but targeting a hospital would put them in violation of so many international treaties that they would be far more likely to damage their own economies after being sanctioned. Frankly I'd be far more worried about US gunships killing me at the hospital than hacked devices.
End of life expenses are a huge chunk of overall healthcare costs. Imagine a hacker who sees people on extended life support or vegetative state and makes a change to the equipment that kills the patient. Unless lawyers get involved.
That sounds a bit too toasty and uncomfortable. Seriously, WTF are they doing trying to unnerd nerds?
No some vendors say there system can't be walled off and we need remote access to them / they must be able to send data to our systems. Have you read the list of ports that are doc's say must be open to us?
Most medical devices should either be stand-alone or in a "closed network" such as a network that only includes patent-care devices in a single building and doctor-and nurse-accessible workstations around the building, but without any connection to any network or device that touches any outside network.
Exceptions like operating rooms used for tele-medicine/remote-operated-robo-surgery/etc. can be handled as special cases.
If you want to hack them, you'll need to use "out of band/side-channel" techniques like compromising the employees who have access to them or listening in on (and interpreting) the nearly-inevitable RF signals that the equipment puts on nearby wires or on the air, watching for vibrations on windows or pointing a camera to the room windows to see or "hear" the alarms or status lights as they go off, etc. Except for the "compromising the employees" bit or gaining physical access yourself, it's very hard to force a non-networked device to do your bidding except in a very rough way, such as by cutting of the power supply or triggering some condition that puts the device in a fail-safe mode.
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
It's not just medical devices. Anything reasonably proprietary has historically had the security by obscurity defense and that hasn't changed. Why do you think manufacturers of SCADA gear, connected sensors, etc. beg customers to put them on their own disconnected network? I've done a lot of work in this sector and see lots of this all the time --
- Currently shipping devices running old versions of Windows, Linux, etc. with no way to patch them
- Simple passwords that can't easily be changed
- Obviously hacked-on network connectivity, where the connection is running vulnerable firmware unmodified from the firmware provided in a test kit by its manufacturer (complete with default passwords)
Manufacturers of these devices have historically not cared. Look at magnetic stripe credit cards -- the system was designed in an era where a magstripe encoder was a magical tool that cost thousands of 1970s dollars. That was the only thing that kept the technology safe. Other devices rely on the fact that no one knows their proprietary firmware (or so they think.) Avionics systems were designed in an era where the Internet didn't exist for the public. My experience has been that vendors do not fix security problems even when presented with them. Medical devices might be a different story if the FDA gets serious about it.
I think that if Microsoft, Amazon, Google, etc. get their way and force everyone into the cloud, it'll take a few major hacks into things like these for people to change their security mindset.
and be done with it, forever.
Right, that would require re-validation, which is time consuming and expensive.
If you're interested in helping with problems like this one, check out this group: https://www.iamthecavalry.org/
They are attempting to make changes in critical infrastructure/industries (think medicial, automotive, etc) which have not had the 'benefit' of learning the lessons yet that we have learned in the web-based IT world over the last 20 years. Let's face it, we can't afford to have a slammer type incident that involves cars or hospitals to open the local Microsoft-equivalent vendor's eyes and have them find religion around security. Some people literally can't survive that.
It's not glamorous, but it's important work.
Min
On the whole, I find that I prefer Slashdot posts to twitter ones because I don't get limited to 140 chars before
If you go through some effort to hack something, you are doing it for some reason.
1- You might be doing it for the lulz, in which case, you probably are taking some pains to not totally screw your victim. If you look at actual full fledged computer viruses from an era when the vector (floppy disk) and targets (DOS box) were pretty reliably similar, you'll see the majority of the viruses just screwed with you. They'd invert some text. One replaced every "Microsoft" string on your machine with "Machosoft". While there were ruinous ones, they weren't ludicrously common, and that brings us to...
2- You might be doing it to "teach them a lesson". Some people do think like this, and their goal is not entirely malicious, their sadism masked by some sense of superiority and purpose.
3- You could want to further an agenda- in the modern day, a group like Anonymous will seek out targets that they feel further their message, and, by their standards, improve the world- hacktivism.
4- You might just be doing it to learn more about it- for instance, you might want to gain access to a remote machine just to see what it looks like. This is extremely common.
5- You could gain financially.
6- Finally, you could want to just hurt people maliciously.
If you are (1), (2) or (4) you don't want to mess with medical machines because a screw up might hurt or kill someone, while you don't have anywhere near the sympathy for crashing a server or desktop. The server crash occupies IT for a few hours, the desktop crash has damage limited to one person, who may be occupied for several hours or have lost something of value (if no backups).
If you are in (3), you don't further an agenda by fucking with sick people.
If you are in (5), you don't gain anything that couldn't be obtained safer elsewhere.
This leaves (6)- purely malicious motivation- and it is frankly not common in people, and generally even rarer in hackers. There's generally much easier ways to hurt people, after all, and people wired this wrong are just so scarce.
And that's how we end up with a world where medical devices are stupendously insecure- black hat hackers don't fuck with hospitals, so the hospitals, like almost every other business, don't see a problem worth paying to fix.
It's definitely good that this event is calling attention to the fact. It gets reported on pages like slashdot reasonably often, but it doesn't seem to have really gotten to the mainstream yet as something that should be fixed.
Some men just want to watch the world burn.
Disclaimer: Imaging Informatics IT Systems Analyst here...
What does that mean? I admin servers, storage, VM's , applications, etc.. for all the fancy Scanning technology our hospital system has. Up to the 3/4 of a petabyte of images, we retain, and growing, and the 1TB db that manages it all...
Sorry, but half the problem is vendors. Application testing against monthly Windows OS security patching? NOPE! Not on this release. What about the latest, or coming releases? NOPE!
What? You're running Linux (Centos, Ubuntu, etc..) on the box managing that giant MRI machine? Great. Any recent updates on it? NOPE!
Hardware device security? HAHAHAHA! Is it connected to the network? YUP! Any firewalling on that new UltraSound Cart formerly running Embedded XP, now Win7 ? NOPE!
One would think, with the amount the vendors are charging, they would have forward patching development accounted for at this point. HELL NO THEY DON'T!!!!
So have a division of the medical device company dedicated to Q/Aing Windows updates. This is an easy problem to solve, and frankly the manufacturer should be held responsible for the inevitable malpractice lawsuits.
There is no reason that a medical device should be as much as a month out of date on updates, let alone the years and years out of date these devices get to be.
APK likes to ask for responses to the same things over and over. Maybe he just likes the responses?
Sure there's an analog kill switch, etc.
But if you read the reports of a lethal bug in the Therac 25, patients were in the treatment room being literally burned to death, yelling that they were in pain, but the operator didn't shut the machine down. Why? Because the intercom was broken.
Everyone is so focused on BlackBerry's supposed death spiral due to their loss of market share in the mobile phone arena they forget that BlackBerry isn't a phone company. BlackBerry is a secure mobile communications company. To that end they supply the most stable and secure OS in the medical industry (QNX) and are working with NantHealth to supply an end-2-end secure medical communications system. My first real job in electronics was working for a pacemaker OEM. The device we used to program pacemakers back then was literally a wound coil sending unsecured pulse waves to the device. It's why patients couldn't get near microwaves because a stray pulse from the microwave could wipe the entire program on a pacemaker. NantHealth's system is both robust and secure from the hospital to the medicine cabinet at home.
"A person is smart. People are dumb, panicky dangerous animals and you know it." - K
"Virus scanners/Adblock software don't need admin priv to update" - by Coren22 (1625475) on Tuesday November 10, 2015 @04:14PM (#50904323)
AV does to remove threats - Adblock addons = VASTLY INFERIOR in abilities + efficiency vs. hosts as I've proven w/ noone proved me wrong to date!
---
"your software does" - by Coren22 (1625475) on Tuesday November 10, 2015 @04:14PM (#50904323)
No, hosts do due to WFP/SFP!
---
"won't reveal your source code" - by Coren22 (1625475) on Tuesday November 10, 2015 @04:14PM (#50904323)
I don't owe you it. I don't give away work to be stolen by others so it's misused like GOOGLE CHROME http://it.slashdot.org/story/1...
---
"What's stopping you from pointing my bank's web site at your private server?" - by Coren22 (1625475) on Tuesday November 10, 2015 @04:14PM (#50904323)
I don't keep a server. You're a security guru (not - you create no ware for security & your forensics skills = non-existent): Put it in a VM, trace it using process monitor + wireshark to prove it (don't need code) & I only put in hardcodes of fav sites @ top of hosts for speed & reliabilty - you'd spot it easily & bulk of the file is sorted blocked known bad threat origins.
---
"the possibility of being caught, which would be pretty hard to catch w/ such a large hosts file, as no one can go through it manually." - by Coren22 (1625475) on Tuesday November 10, 2015 @04:14PM (#50904323)
See just above!
---
"What are you going to do when Windows gets rid of the hosts file completely?" - by Coren22 (1625475) on Tuesday November 10, 2015 @04:14PM (#50904323)
Hasn't happened!
---
"They have already taken steps to make it useless in Windows 10." - by Coren22 (1625475) on Tuesday November 10, 2015 @04:14PM (#50904323)
It still works there!
APK
P.S.=> To be continued in part #3/5... apk
Being a world leader in medicine and medical research has put a huge target on Mayo Clinic. This only started because they have dropped the ball over the last decade on this and many other IT issues.
Just because they are a world leader doesn't make them any more secure than a local hospital in many cases. They too for many years neglected security concerns in relation to networked devices and services. Hungry hungry HIPPA got them a little more concerned, but recent attacks and compromises that never made the wide news in the last 3 years really got them going.
Many lead medical research locations and hospitals like Johns Hopkins, and Mayo Clinic have one other huge problem they don't like to talk about. Foreign workers, they have been tricked and hacked by them multiples of times over the years. They come mainly from asia and eastern Europe to plunder research and information. They have falsified credentials and get placed in prime locations in these orgs.
So have a division of the medical device company dedicated to Q/Aing Windows updates. This is an easy problem to solve, and frankly the manufacturer should be held responsible for the inevitable malpractice lawsuits.
There is no reason that a medical device should be as much as a month out of date on updates, let alone the years and years out of date these devices get to be.
In some respects I agree with you. In a perfect world all the devices would be re-certified with every patch as soon as the patch is available, updated promptly, and all the latest security safeguards in place. They would be re-certified and verified to meet all the latest security requirements, safety requirements, and efficacy requirements.
However, these are not home computers.
These are medical devices that must meet strict certification requirements that they do exactly what they say they do.
Any time the device changes or the software is updated, it must be re-certified. Getting a full PMA (Pre-Market Approval) certification is both expensive and time consuming, the current fee is $261,388. The wait is normally anywhere from 3 to 6 months for certification. If the product fails for any reason, it means fixing it and paying re-submission fees.
When "install the latest Windows update" comes with a $261,388 fee to re-certify, any business is going to reject that idea unless they are required to do it.
//TODO: Think of witty sig statement
That isn't necessarily a reason not to do it.
Never underestimate the power of stupid people in large groups.
That's because the vendors are concerned the updates could break the device
No they aren't. They don't do updates because they get no money for the updates. If there was money to be made in maintaining these devices then you can be sure they would do it. Additionally if they make changes to certain devices they have to get them recertified which is a huge and expensive proposition.
Just follow the dollars and it all makes sense.
It's worse than that. Even the machines in doctors offices are vulnerable, because they are only supposed to install HIPA approved software, and so, e.g., they run the (presumably) most recently approved version of MSWindows. Connected to the internet.
Basically there's no awareness of even a potential threat.
OTOH, they don't browse random web sites. They may not have Flash installed. (I didn't ask to check just what they had installed, it was just blatantly MSWindows...I don't even know which version.) So they probably avoid attack by lurkers.
I suppose the first estimate of vulnerability would be "How many doctors offices were running botnet software?", but I don't know how frequent it is. A simple Google search shows that it happens.
I think we've pushed this "anyone can grow up to be president" thing too far.
Caveat, Most everything said above is true, but... I work in hospital IT, we don't go near anything like these devices. They are FDA approved - If a WD HDD goes out in a device I can't even replace it with the same model from CDW, the replacement has to come from the vendor with an FDA sticker on it. The "Sticker Price" is usually about $500... We have a BioMed department that handles all that and I work with them often. Very few devices are network connected, most all are stand-alone. Most all devices that are connected to the network are "send only," they push reports to a server. They have a very specific and limited interface to change settings and you have to be touching it to get into it. BioMed does things like adjust/calibrate but on most devices that is only available via direct serial connection... I am sure security needs significant changes but you really need physical access to most everything.
"Apk doesn't think DNS servers are worth running & believes Microsoft Active Directory can run w/out DNS." - by Coren22 (1625475) on Tuesday October 27, 2015
Where'd I say it? I say AD needs internal DNS far back as 2007 http://forums.tweaktown.com/wi...
See "To warn users who have ActiveDirectory/AD LAN-WAN setups to NOT use external DNS servers" there on OpenDNS free (I use it) + AD in my security guide.
+ Migrate hosts across a LAN (admin/scripts not GPO)-> http://slashdot.org/comments.p...
---
I'm RIGHT on admin priv + hosts update (WFP/SFP)!
"figured out why privilege escalation's a bad thing?" - by Coren22 on Tuesday September 22, 2015
How else can I programmatically update it?
---
"it requires elevation to write hosts" - by Coren22 (1625475) on Wednesday September 23, 2015
Hypocrite later admits it!
Even MalwareBytes AntiMalware (best one) DEMANDS it or it can't do its job fully like many security tools!
Guess what?
Don't NEED to run my program as ADMIN - I do it here manually vs. auto.
---
"Needing admin privileges every time a program updates is poor design" - by Coren22 (1625475) on Tuesday November 10, 2015
Users set it, not programmatic impersonation for autoupdate. You design zero & say what's what here?
---
"90's technology to fight modern war" - by Coren22 (1625475) on Tuesday November 10, 2015
Ozymandias/Watchmen per a namesake:
"I resolved to use antiquities teachings" (hosts) "to our world today & began my path to conquest - Conquest not of men but of the evils that beset them: Fossil Fuels (antispyware), Oil (antivir), Nuclear Power (addons) are like a drug & you gentlemen along w/ foreign interests are the pushers"
It works Aryeh Goretsky NOD32/ESET said hosts = good security-> http://it.slashdot.org/comment...
Oliver Day (Symantec) too-> http://www.securityfocus.com/c...
MalwareBytes' hpHosts' Admin hosts+recommends APK Hosts File Engine 9.0++ SR-2 32/64-bit-> http://hosts-file.net/?s=Downl...
APK
P.S.=> Continued in #2/5... apk
"Virus scanners/Adblock software don't need admin priv to update" - by Coren22 (1625475) on Tuesday November 10, 2015 @04:14PM (#50904323)
AV does to remove threats - Adblock addons = VASTLY INFERIOR in abilities + efficiency vs. hosts as I've proven w/ noone proved me wrong to date!
---
"your software does" - by Coren22 (1625475) on Tuesday November 10, 2015 @04:14PM (#50904323)
No, hosts do due to WFP/SFP!
---
"won't reveal your source code" - by Coren22 (1625475) on Tuesday November 10, 2015 @04:14PM (#50904323)
I don't owe you it. I don't give away work to be stolen by others so it's misused like GOOGLE CHROME http://it.slashdot.org/story/1...
---
"What's stopping you from pointing my bank's web site at your private server?" - by Coren22 (1625475) on Tuesday November 10, 2015 @04:14PM (#50904323)
I don't keep a server. You're a security guru (not - you create no ware for security & your forensics skills = non-existent): Put it in a VM, trace it using process monitor + wireshark to prove it (don't need code) & I only put in hardcodes of fav sites @ top of hosts for speed & reliabilty - you'd spot it easily & bulk of the file is sorted blocked known bad threat origins.
---
"the possibility of being caught, which would be pretty hard to catch w/ such a large hosts file, as no one can go through it manually." - by Coren22 (1625475) on Tuesday November 10, 2015 @04:14PM (#50904323)
See just above!
---
"What are you going to do when Windows gets rid of the hosts file completely?" - by Coren22 (1625475) on Tuesday November 10, 2015 @04:14PM (#50904323)
Hasn't happened!
---
"They have already taken steps to make it useless in Windows 10." - by Coren22 (1625475) on Tuesday November 10, 2015 @04:14PM (#50904323)
It still works there!
APK
P.S.=> To be continued in part #3/5... apk
"I guess we should avoid your crap, it looks like it is marked as malware. Good luck getting that removed." - by Coren22 (1625475) on Monday November 02, 2015 @03:52PM (#50850445)
62 sources of good repute show + /. users say otherwise:
Proven safe by 57 antivirus programs in its 64-bit model https://www.virustotal.com/en/...
+
Same for the 32-bit model https://www.virustotal.com/en/...
&
Per VirScan its installer too -> http://f.virscan.org/APKHostsF...
---
MalwareBytes' hpHosts Admin (MalwareBytes employee) hosts & recommends it -> http://hosts-file.net/?s=Downl... & MalwareBytes = BEST antivirus per this VERY recent testing of them all http://www.av-test.org/en/news... /.'ers say my work is good too:
"his hosts program is actually pretty good" - by xenotransplant (4179011) on Monday August 10, 2015 @03:34PM (#50287195)
"I like your host file system." - by Karmashock (2415832) on Wednesday September 09, 2015 @03:57PM (#50489401)
"APK is kinda right... I've given up on JS based adblocking and gone to blackholing in /etc/hosts, just like it was back in the 90s. The computational load has gotten intolerable for any ad-blocking using JS. I've tried his hosts file generating software. It works." - by bmo (77928) on Thursday October 15, 2015 @11:30AM (#50736071)
"his hosts tool is actually useful for those cases in which one does indeed want to locally block stuff outright while consuming minimum system resources" by alexgieg (948359) on Friday September 25, 2015 @09:57AM (#50596461)
---
You tried using Computer Associates another antivirus I turned over on false positives (1/8 over time) & they were caught in ACCOUNTING SCANDALS FRAUD http://www.bing.com/search?q=c...
Reputable source (not): They had to sell off their PC security suite too (crap fraud also) LOWERING the 'threat level' on THAT program (not my hosts file engine) TO ZERO!
* YOU ARE WRONG ON EVERY ACCOUNT NOTED!
APK
P.S.=> To be continued in part #4/5... apk
"nowhere in there did you actually say what you are using that isn't a proxy/VPN" - by Coren22 (1625475) on Thursday November 12, 2015 @02:25PM (#50916751)
I don't use proxies/VPN (or anonymous relays).
"APK ... uses anonymous relays to get around the limits of posting anonymous" - by Coren22 (1625475) on Wednesday November 04, 2015 @10:06AM (#50863109)
I'm not stupid enough to do what YOU want (make me as stupid as an easily tracked for retrolling sheep like you).
There's 3-4 ways to do what I do & those? Aren't them in your mistake accusations.
What I do, like all I do = FAST + EFFICIENT, NO extra "moving parts" - less IS more = GOOD engineering, using what you have natively vs. "Bolting on 'MoAr'" stupidly & illogically.
You're MCSE, networking admin 'god', & security guru (not) - figure it out, I gave clues - I'm NOT going to tell you!
All you know is I do it WHEN combatting little scumbags like you that hide behind fake names online trolling me.
It works, like all I do does with testimonials to that effect no less.
"it's funny how little you know of security APK" - by Coren22 (1625475) on Thursday November 12, 2015 @02:25PM (#50916751)
Funny how little you know in computing (no code, especially for security - I have it. You don't)
(& you're stumped on an anti-troll technique I use too!)
I've long ago done far more than you will or have in the art & science of computing! For security?
CIS Tool took fixes from me http://slashdot.org/comments.p... which you doubted & my layered security guides got me paid http://pcpitstop.com/news/winn... & MILLIONS use it.
APK
P.S.=> To be continued in part #5/5... apk
"but rather than take my advise on various things, he feels that he is allowed to defame me by saying things he knows are not true - by Coren22 (1625475) on Wednesday November 04, 2015 @10:06AM (#50863109)
Hypocrite, I show you're projecting in my posts. What "advice" can you, an INFERIOR to me, like yourself give?
"I have offered him advise on ways to improve what he does to reduce the feeling of icky his software - by Coren22 (1625475) on Wednesday November 04, 2015 @10:06AM (#50863109)
I've shown /.'er saying differently - Show us you've done better: YOU can't - & you're "advising"? Talking out your ass on things you haven't done is what you're doing.
"posting them so often that maybe, just maybe, someone will think they are true - by Coren22 (1625475) on Wednesday November 04, 2015 @10:06AM (#50863109)
Quotes of you are true! You can't keep your word as you're replying to me yet again + projecting what I prove YOU do (AD/DNS lie).
"I don't have time for the Troll APK, and refuse to respond anymore to a post signed APK" - by Coren22 (1625475) on Tuesday November 03, 2015 @04:27PM (#50858983)
No troll. I protect users for free w/ a program that speeds them up, helps reliability, & even anonymity online w/ more abilities & efficiency than ANY other 1 solution doing more w/ less - do you? No.
"Maybe I should change my signature again just to rile him up some more." - by Coren22 (1625475) on Tuesday November 03, 2015 @10:07AM (#50855451) FROM http://slashdot.org/comments.p...
"Rile" me? Childish sig bs is all you've got!
"I have repeatedly refuted his assertions - by Coren22 (1625475) on Wednesday November 04, 2015 @10:06AM (#50863109)
BS - See my last 4 posts here!
APK
P.S.=>
"I never admitted you were right" - by Coren22 (1625475) on Tuesday November 10, 2015 @04:14PM (#50904323)
You PROVE I AM FOR ME part #1-#5 of your "Greatest Hits Fails"... apk
"Apk doesn't think DNS servers are worth running & believes Microsoft Active Directory can run w/out DNS." - by Coren22 (1625475) on Tuesday October 27, 2015
Where'd I say it? I say AD needs internal DNS far back as 2007 http://forums.tweaktown.com/wi...
See "To warn users who have ActiveDirectory/AD LAN-WAN setups to NOT use external DNS servers" there on OpenDNS free (I use it) + AD in my security guide.
+ Migrate hosts across a LAN (admin/scripts not GPO)-> http://slashdot.org/comments.p...
---
I'm RIGHT on admin priv + hosts update (WFP/SFP)!
"figured out why privilege escalation's a bad thing?" - by Coren22 on Tuesday September 22, 2015
How else can I programmatically update it?
---
"it requires elevation to write hosts" - by Coren22 (1625475) on Wednesday September 23, 2015
Hypocrite later admits it!
Even MalwareBytes AntiMalware (best one) DEMANDS it or it can't do its job fully like many security tools!
Guess what?
Don't NEED to run my program as ADMIN - I do it here manually vs. auto.
---
"Needing admin privileges every time a program updates is poor design" - by Coren22 (1625475) on Tuesday November 10, 2015
Users set it, not programmatic impersonation for autoupdate. You design zero & say what's what here?
---
"90's technology to fight modern war" - by Coren22 (1625475) on Tuesday November 10, 2015
Ozymandias/Watchmen per a namesake:
"I resolved to use antiquities teachings" (hosts) "to our world today & began my path to conquest - Conquest not of men but of the evils that beset them: Fossil Fuels (antispyware), Oil (antivir), Nuclear Power (addons) are like a drug & you gentlemen along w/ foreign interests are the pushers"
It works Aryeh Goretsky NOD32/ESET said hosts = good security-> http://it.slashdot.org/comment...
Oliver Day (Symantec) too-> http://www.securityfocus.com/c...
MalwareBytes' hpHosts' Admin hosts+recommends APK Hosts File Engine 9.0++ SR-2 32/64-bit-> http://hosts-file.net/?s=Downl...
APK
P.S.=> Continued in #2/5... apk
"Virus scanners/Adblock software don't need admin priv to update" - by Coren22 (1625475) on Tuesday November 10, 2015 @04:14PM (#50904323)
AV does to remove threats - Adblock addons = VASTLY INFERIOR in abilities + efficiency vs. hosts as I've proven w/ noone proved me wrong to date!
---
"your software does" - by Coren22 (1625475) on Tuesday November 10, 2015 @04:14PM (#50904323)
No, hosts do due to WFP/SFP!
---
"won't reveal your source code" - by Coren22 (1625475) on Tuesday November 10, 2015 @04:14PM (#50904323)
I don't owe you it. I don't give away work to be stolen by others so it's misused like GOOGLE CHROME http://it.slashdot.org/story/1...
---
"What's stopping you from pointing my bank's web site at your private server?" - by Coren22 (1625475) on Tuesday November 10, 2015 @04:14PM (#50904323)
I don't keep a server. You're a security guru (not - you create no ware for security & your forensics skills = non-existent): Put it in a VM, trace it using process monitor + wireshark to prove it (don't need code) & I only put in hardcodes of fav sites @ top of hosts for speed & reliabilty - you'd spot it easily & bulk of the file is sorted blocked known bad threat origins.
---
"the possibility of being caught, which would be pretty hard to catch w/ such a large hosts file, as no one can go through it manually." - by Coren22 (1625475) on Tuesday November 10, 2015 @04:14PM (#50904323)
See just above!
---
"What are you going to do when Windows gets rid of the hosts file completely?" - by Coren22 (1625475) on Tuesday November 10, 2015 @04:14PM (#50904323)
Hasn't happened!
---
"They have already taken steps to make it useless in Windows 10." - by Coren22 (1625475) on Tuesday November 10, 2015 @04:14PM (#50904323)
It still works there!
APK
P.S.=> To be continued in part #3/5... apk
"I guess we should avoid your crap, it looks like it is marked as malware. Good luck getting that removed." - by Coren22 (1625475) on Monday November 02, 2015 @03:52PM (#50850445)
62 sources of good repute show + /. users say otherwise:
Proven safe by 57 antivirus programs in its 64-bit model https://www.virustotal.com/en/...
+
Same for the 32-bit model https://www.virustotal.com/en/...
&
Per VirScan its installer too -> http://f.virscan.org/APKHostsF...
---
MalwareBytes' hpHosts Admin (MalwareBytes employee) hosts & recommends it -> http://hosts-file.net/?s=Downl... & MalwareBytes = BEST antivirus per this VERY recent testing of them all http://www.av-test.org/en/news... /.'ers say my work is good too:
"his hosts program is actually pretty good" - by xenotransplant (4179011) on Monday August 10, 2015 @03:34PM (#50287195)
"I like your host file system." - by Karmashock (2415832) on Wednesday September 09, 2015 @03:57PM (#50489401)
"APK is kinda right... I've given up on JS based adblocking and gone to blackholing in /etc/hosts, just like it was back in the 90s. The computational load has gotten intolerable for any ad-blocking using JS. I've tried his hosts file generating software. It works." - by bmo (77928) on Thursday October 15, 2015 @11:30AM (#50736071)
"his hosts tool is actually useful for those cases in which one does indeed want to locally block stuff outright while consuming minimum system resources" by alexgieg (948359) on Friday September 25, 2015 @09:57AM (#50596461)
---
You tried using Computer Associates another antivirus I turned over on false positives (1/8 over time) & they were caught in ACCOUNTING SCANDALS FRAUD http://www.bing.com/search?q=c...
Reputable source (not): They had to sell off their PC security suite too (crap fraud also) LOWERING the 'threat level' on THAT program (not my hosts file engine) TO ZERO!
* YOU ARE WRONG ON EVERY ACCOUNT NOTED!
APK
P.S.=> To be continued in part #4/5... apk
"nowhere in there did you actually say what you are using that isn't a proxy/VPN" - by Coren22 (1625475) on Thursday November 12, 2015 @02:25PM (#50916751)
I don't use proxies/VPN (or anonymous relays).
"APK ... uses anonymous relays to get around the limits of posting anonymous" - by Coren22 (1625475) on Wednesday November 04, 2015 @10:06AM (#50863109)
I'm not stupid enough to do what YOU want (make me as stupid as an easily tracked for retrolling sheep like you).
There's 3-4 ways to do what I do & those? Aren't them in your mistake accusations.
What I do, like all I do = FAST + EFFICIENT, NO extra "moving parts" - less IS more = GOOD engineering, using what you have natively vs. "Bolting on 'MoAr'" stupidly & illogically.
You're MCSE, networking admin 'god', & security guru (not) - figure it out, I gave clues - I'm NOT going to tell you!
All you know is I do it WHEN combatting little scumbags like you that hide behind fake names online trolling me.
It works, like all I do does with testimonials to that effect no less.
"it's funny how little you know of security APK" - by Coren22 (1625475) on Thursday November 12, 2015 @02:25PM (#50916751)
Funny how little you know in computing (no code, especially for security - I have it. You don't)
(& you're stumped on an anti-troll technique I use too!)
I've long ago done far more than you will or have in the art & science of computing! For security?
CIS Tool took fixes from me http://slashdot.org/comments.p... which you doubted & my layered security guides got me paid http://pcpitstop.com/news/winn... & MILLIONS use it.
APK
P.S.=> To be continued in part #5/5... apk
"but rather than take my advise on various things, he feels that he is allowed to defame me by saying things he knows are not true - by Coren22 (1625475) on Wednesday November 04, 2015 @10:06AM (#50863109)
Hypocrite, I show you're projecting in my posts. What "advice" can you, an INFERIOR to me, like yourself give?
"I have offered him advise on ways to improve what he does to reduce the feeling of icky his software - by Coren22 (1625475) on Wednesday November 04, 2015 @10:06AM (#50863109)
I've shown /.'er saying differently - Show us you've done better: YOU can't - & you're "advising"? Talking out your ass on things you haven't done is what you're doing.
"posting them so often that maybe, just maybe, someone will think they are true - by Coren22 (1625475) on Wednesday November 04, 2015 @10:06AM (#50863109)
Quotes of you are true! You can't keep your word as you're replying to me yet again + projecting what I prove YOU do (AD/DNS lie).
"I don't have time for the Troll APK, and refuse to respond anymore to a post signed APK" - by Coren22 (1625475) on Tuesday November 03, 2015 @04:27PM (#50858983)
No troll. I protect users for free w/ a program that speeds them up, helps reliability, & even anonymity online w/ more abilities & efficiency than ANY other 1 solution doing more w/ less - do you? No.
"Maybe I should change my signature again just to rile him up some more." - by Coren22 (1625475) on Tuesday November 03, 2015 @10:07AM (#50855451) FROM http://slashdot.org/comments.p...
"Rile" me? Childish sig bs is all you've got!
"I have repeatedly refuted his assertions - by Coren22 (1625475) on Wednesday November 04, 2015 @10:06AM (#50863109)
BS - See my last 4 posts here!
APK
P.S.=>
"I never admitted you were right" - by Coren22 (1625475) on Tuesday November 10, 2015 @04:14PM (#50904323)
You PROVE I AM FOR ME part #1-#5 of your "Greatest Hits Fails"... apk
I've been aware of, and concerned about, these vulnerabilities for years. Nothing is going to change until both the manufacturers and the medical groups (hospitals, clinics, doctors) are held both financially as well as criminally liable for failure to secure these systems to at least a "reasonable" level in today's environment.