Fingerprinting Methods Identify Users Across Different Browsers On the Same PC

An anonymous reader quotes a report from BleepingComputer: A team of researchers from universities across the U.S. has identified different fingerprinting techniques that can track users when they use different browsers installed on the same machine. Named "cross-browser fingerprinting" (CBF), this practice relies on new technologies added to web browsers in recent years, some of which had been previously considered unreliable for cross-browser tracking and only used for single browser fingerprinting. These new techniques rely on making browsers carry out operations that use the underlying hardware components to process the desired data. For example, making a browser apply an image to the side of a 3D cube in WebGL provides a similar response in hardware parameters for all browsers. This is because the GPU card is the one carrying out this operation and not the browser software. According to the three-man research team led by Assistant Professor Yinzhi Cao from the Computer Science and Engineering Department at Lehigh University, the following browser features could be (ab)used for cross-browser fingerprinting operations: [Screen Resolution, Number of CPU Virtual Cores, AudioContext, List of Fonts, Line, Curve, and Anti-Aliasing, Vertex Shader, Fragment Shader, Transparency via Alpha Channel, Installed Writing Scripts (Languages), Modeling and Multiple Models, Lighting and Shadow Mapping, Camera and Clipping Planes.] Researchers used all these techniques together to test how many users they would be able to pin to the same computer. For tests, researchers used browsers such as Chrome, Firefox, Edge, IE, Opera, Safari, Maxthon, UC Browser, and Coconut. Results showed that CBF techniques were able to correctly identify 99.24% of all test users. Previous research methods achieved only a 90.84% result.

The DOM model strikes again

Someone tell me why a browser needs to tell this stuff to the Internet?

Re:The DOM model strikes again

[Tablizer]

DOM = DUM

What sites??

What sleezy cock mother fuckers are currently doing this cross-browser tracking? So i can 127.0.0.1 the cock suckers in my /etc/hosts

Re:What sites??

[sexconker]

What benefit does using a HOSTS file have over using a plugin to block JS/tracking shit/ads/etc?
Is the HOSTS file more dependable? Is the HOSTS file faster?

Re:What sites??

[0100010001010011]

Someone that has advanced personal knowledge of this should definitely chime in about the glories of the HOSTS file over all other options.

Re: What sites??

Here comes APK!!!!

Re:What sites??

You should use 0.0.0.0

Re:What sites??

Modding the host file can also slow down the loading time. Some (many) sites wait for [blocked site/IP] to load first, and if they can't contact it they just sit there until they arbitrarily timeout before loading everything else.

Re:What sites??

[0100010001010011]

Which is why I have a whole house DNS server that redirects to a catchall Nginx server that returns a 204.

Re:What sites??

[bob4u2c]

Let me explain how this all works.

A hosts file is a local copy of site urls to ip addresses. When the web page delivers scripts/ad sites they are urls in the page that need to be looked up for ip addresses to make a tcp/ip connection to. The browser first makes a system call that checks the memory cache and if there is a miss it checks this hosts file for a matching entry. If that is a miss the request if forwarded to your isp or dns provider and so on until you get an answer back. Now if you put in script/ad site urls in your local host file and set the resulting ip to 127.0.0.1 (you local machine) or better yet 0.0.0.0 (invalid ip), when the browser makes the request to that site url it gets your fake ip and the call immediately fails and no script/ad is loaded.

Since this is how each request is made there is no extra processing a plugin has to do. Of course this fails if the scripts/ads are coming from the same site, then yes plug-ins work for this. My suggestion, do both and the web will seem so much faster.

Re:What sites??

[sexconker]

woosh

Re:What sites??

HOSTS is not failproof.

Hosts is faster as long as the HOSTS file is small. A Plugin is always slower because it has to lookup all the requests (adblock plus is the slowest goddamned plugin in the world, use Ghostery instead)

However, HOSTS can not "override" an ip address with another ip address. Likewise sources like cloudflare allow shitheel malware vendors to change DNS every few minutes, so at midnight you might get i-am-stupid.example.com and at midnight+2 minutes you will get i-am-with-stupid.example , so manually blacklisting with HOSTS only works to block legitimate ad networks (even if they have shitty behavior like komoona and taboola) but does absolutely nothing to block first-party ads or malware (trademark of wordpress sites) originating from the same domain, nor does it block randomshitsubdomaineveryminute.example

Re:What sites??

Yes. Hosts is more reliable and quicker than plugins. Plugins tend to block the content AFTER resolving the DNS entry (tracked), sending the handshake(tracked) and requesting the content(tracked). Plugins stop the execution and display but only AFTER your machine has done at least half the work and contacted the remote server.

HOSTS file sits right on the TCP stack regardless of browser vendor or support. Requests aren't send to a DNS server nor is the initial handshake or content request made to the remote server.

Re:What sites??

[allo]

nope, you should not.

0.0.0.0 means "use a random* ip of the system".
Your should either use 127.0.0.1 (and make sure NOT to run a webserver on your host) or some unroutable ip.

* depending on the order of network interfaces.

Price of you vacation

[Bender+Unit+22]

So it will be easier for the travel industry to keep track of you and keep the prices up for the places you have been looking at information for, even when you try to use different browsers, ip adresses etc?

Re:Price of you vacation

[voxel]

Technically yes. You could even browse with Internet Explorer as usual, then connect a VPN and switch to Icognito mode in Google Chrome and they still know who you are.

VirtualBox

I guess now we need a bunch of VMs with different distros on them or something. This is really getting tiring.

Btw, I bet javascript was used to pull all these variables somehow.

Re:VirtualBox

[mlts]

I've been browsing in a VM for a while. This not just limits browser fingerprinting, but also what damage malicious software can do.

Re:VirtualBox

I've been browsing in a VM for a while. This not just limits browser fingerprinting, but also what damage malicious software can do.

If you create an independent non-persistent disk or start from a snapshot and revert to snapshot when you are done then it will reset the VM to a clean state.

Re:VirtualBox

[techno-vampire]

Using multiple VMs with different distros won't help a bit here, because when you come right down to it, they're all using the same hardware, and that's what this is exploiting. Now, if you had multiple graphics cards and let different distros use different cards, that might throw them off.

Re:VirtualBox

[lkroll4565]

Yup. Viva la Virtualbox. :)

Re:VirtualBox

Wrong, it's virtualised at that point.

Re:VirtualBox

You're not particularly well versed in virtualization, are you? -PCP

Re:VirtualBox

No need to run stuff in a VM. If you want to lie about number of cores or GPU parts - just compile/download a lying version of the API that provides such information. You may have 8 cores - it won't really ruin sw if the API starts giving answers in the 6-10 range.

Fro web clients specifically, disable the API. A script can't do anything useful with "the number of cores" anyway.

Advice - How to avoid?

So how can someone easily prevent or avoid this? Is there any tech out there that will let grandma easily not be tracked or is this hard core geek land only?

Re:Advice - How to avoid?

[The-Ixian]

Unplug your computer from the Internet...

I really think that is the only way.

But then you still have all the public surveillance, credit cards, wifi, cell towers and who knows what else tracking you.... so.... good luck.

Re: Advice - How to avoid?

VPN and a live OS used on a machine dedicated to non personal browsing. It doesn't matter if they track you, they need to tie browsing history to a real person. So you use a dedicated PC for banking, social media, online orders etc.. And you use a dedicated one for whatever the hell you are doing that you DONT want tracked. Make sure to use VPN so they don't notice the same IP.

Re:Advice - How to avoid?

[AHuxley]

Some kind of VM with one browser in it and a good VPN on a router?

Re: Advice - How to avoid?

OP:
"Is there any tech out there that will let grandma easily not be tracked or is this hard core geek land only?"
You:
"Have grandma use multiple VMs over different VPNs with Tails ISO"

You could have just said "No, there's no tech to do that".

Re:Advice - How to avoid?

Turning off Javascript disables most of this shit, but then Grandma won't be able to play her lotto games on Publishers Clearing House. That won't do, so you're gonna have to get under the hood for her instead. Good browsers like Firefox provide options to disable the WebGL stuff (set webgl.disabled = true, webgl.disable-extensions = true). Use a good ad blocking extension like uBlock Origin; if your browser won't talk to the tracking sites, they can't fingerprint you. An extension like CanvasBlocker is a good idea too. And the next version of Firefox will stop leaking the list of fonts, which is one of the major sources of uniqueness.

Time for counter-measures

[davidwr]

Browsers should present a "generic" capabilities list to web sites unless the user white-lists that site to receive some or all of the "real" capabilities. An online video-gaming site may need to know if I can play a GPU-intensive online game through the web browser, but very few other sites need to know.

For example, "generic capabilities" would be:

Screen size would be "small" for tablets, phones, and small notebooks, or "normal" for everything else. Pixel density would not be disclosed.
"List of fonts" would be the most common "web fonts" in the main language of the operating system.
As for the rest, they would be shown as "not disclosed."

Re:Time for counter-measures

if you read the article you'd know they're not getting a "lists of fonts" or other capabilities. they're most likely drawing to a canvas and then comparing what's draw. looking for boxes after drawing a series of characters known to be in a font that aren't in other fonts. most likely the same with almost all the other data.

Re:Time for counter-measures

[hcs_$reboot]

Screen size would be "small" for tablets, phones, and small notebooks, or "normal" for everything else.

Important information for the web site and CSS is the viewport size, i.e. the size of the browser window usable by the site scripts. The screen size itself should not be disclosed.

Re:Time for counter-measures

No, that's not how it works at all. You create a CSS list of single widely-known fonts that people have if they have installed certain software (eg Windows, Office, Adobe products, etc) with a fallback only sans-serif , then requery the dom (thanks Chrome/Firefox) to see if it's using sans-serif by checking a rendered character width (eg M or W.)

That's easier said, but because so many damned sites have jQuery on them, all they need to do is invoke font.isInstalled(fontname); The real trick is NOT doing this.

Re:Time for counter-measures

todays surveillance friendly 'standards' deny you the ability to be an opaque client.
but google 'methbot'. the criminals don't have 'our' problems; but glad you're waking up.

i wish noscript could sideload javascript reflectors to control the inquisitor apis and give us what the criminals have.
then you can have your list of fake-out responses and i can have mine ;)

its all the same browser packed by apple and google and google's mozilla now. standard bodies won't touch privacy and thus the one and only js/dom/rendering engine wont take patches that enable them. counter-measures - dont disclose that you're not disclosing. again, see how the 'methbot' crew solved this for themselves.

Re:Time for counter-measures

[tepples]

Given the "all maximized all the time" window management policy of popular web browsing environments, the viewport size is a very good predictor of screen size. In fact, exact viewport size might even help with fingerprinting because different system fonts may cause the the notification bar to be larger or smaller.

Local Timezone not mentioned

Why have they failed to include numerous other items including the local time zone, and accepted languages?

Why isn't Mozilla doing more?!

What I always wonder is why Mozilla isn't doing more to protect user privacy. This is one thing that could really differentiate them from Chrome and other browsers.

I always hear from Mozilla supporters that Firefox is already "the best" when it comes to this. But the summary claims that Firefox is affected by these methods.

Then there are problems like how Firefox includes "telemetry" support that can be disabled, but it can't be easily removed completely. This should be opt-in, in the sense of the functionality not even being present unless you download a special non-default build that includes it. Yeah, that means Mozilla likely won't get as much user data to mine. That's the whole point, though: the browser shouldn't unnecessarily share data with anyone, including Mozilla. It's not like whatever data they've been collecting so far has done them any good; Firefox's share of the market is continually dropping as users get more and more disappointed with its awful user experience. All of the smart Firefox users (the ones being driven away) likely already disabled "telemetry", so they're probably already basing their decisions on incomplete data from the dumbest Firefox users.

It also doesn't help that they're so eager to include all of this unnecessary Web 2.0 and HTML5 functionality that lets websites track your location, or use your microphone, or other nonsense like that. This is the kind of crap that has one purpose only: providing personal data to advertisers. Any other use case is better handled by non-browser applications.

User privacy is one area where Firefox could really shine. It's perhaps the one thing that could really draw users back from Chrome, Edge, Safari, and the other browsers they've moved to after Firefox's user experience went to hell. Yet what the Firefox devs have done in this direction so far has been uninspiring.

Re:Why isn't Mozilla doing more?!

[buswolley]

Its a good point. Make them earn the white hat mug. https://society6.com/product/w...

Re: Why isn't Mozilla doing more?!

Privacy issues aside, the biggest gain is for fraud prevention. This accuracy is well above anything the online fraud prevention industry has (with current fingerprinting techniques).

Re: Why isn't Mozilla doing more?!

[TheOuterLinux]

I think Fitefox doesn't feel the need to do more to prevent tracking because of Tor Browser project already exists. Plus, placing blockers inside their software by default slows them down just enough to affect the Firefox vs. Chrome speed war each year. And, they may use that data themselves for the Browser Health Report that's turned on by default. If anyone is interested in browser privacy, I have a few links on my website: http://theouterlinux.com/priva... There's other cool stuff there too.

Re:Why isn't Mozilla doing more?!

I think we're going to see a redux of "flash exploits" via webGL/HTML5

This is what browser vendors should be doing:
1) Initializing WebGL in "sandbox" mode (eg reports that WebGL functionality exists, but does not allow WebGL content until clicked first, basically whatever script first queries WebGL is paused until the user initiates it.) This would also save enormous battery life. "This site would like to run WebGL content (animations or games)", which then white lists the site.
2) Same with Video cameras, Microphones and Location data. If you don't explicitly whitelist the site, it is "present" but paused, so no content is returned.
3) Web browsers should have a mandatory blacklist (eg equal to setting 127.0.01 in hosts files) and whitelist (always allow content from this IP address or DNS name) so that annoying behavior, be it ads, hijacked wordpress sites, malware downloaders, and so forth, that is checked before doing a DNS query. While this may allow people to blacklist all ads, they would have to do it one at a time. A related feature would be "greylist thirdparty urls from this site" which would log all network requests from outside the domain so they can be manually blacklisted or whitelisted.

I'm not a strong advocate for blacklisting, but I find there is one section of the internet (the one populated by 4chan and reddit) where a blacklisting of all third-party URL's is required because of the amount of cheeky bullshit links.

Re:Why isn't Mozilla doing more?!

[TheRaven64]

I'm wondering why Edge isn't. Not only would more privacy features be a good differentiator, anything that makes ads less effective would harm Google, which seems like it would be in Microsoft's best interests.

Re: Why isn't Mozilla doing more?!

Fraud prvention? Lots uses mass produced machines. Same number of pixels, cpu cores, gpu whatever. Also, a fraudster can compile a firefox to lie, i.e. same number of cores as some mark.

Re:Why isn't Mozilla doing more?!

[chefmonkey]

Mozilla is; there's just not much marketing around it.

To be clear, the level of de-featuring you're asking for makes for pretty good privacy, but a shitty modern browser. However, Mozilla is strongly committed to the prospect that the trade-off between features and privacy should remain in users' hands, which is why we work very closely with the Tor project to produce a browser that does exactly what you're proposing. The reason Firefox doesn't do this out of the box is that a browser that has been de-featured in this way does not come close to fitting the average user's needs. But you have choices, and Mozilla is committed to supporting Tor Browser to give people like you exactly what you're asking for.

In case you missed it, Mozilla recently started taking Tor's modifications in as part of core Firefox code, both to make thing easier for the team that maintains Tor Browser, and to allow users to turn certain Tor-provided privacy-focused features on in base Firefox.

Re: Why isn't Mozilla doing more?!

[chefmonkey]

What's interesting about a lot of these fingerprinting metrics is that they aren't the result of just asking something like "navigator.getCoreCount()" -- these are sophisticated techniques that run very carefully crafted bits of code, and then measure the time certain operations take in order to deduce the number of effective cores. There's really no way to "lie" other than to intentionally be slow.

Re:Why isn't Mozilla doing more?!

You can either
a) support client-side scripting with 1 or more turingcomplete languages, or
b) support privacy

You cannot do both, DOWN WITH JS

Meh

It sounds nefarious but there are hundreds of identically configured PCs on my floor. The only reason they have a good hit % in this study is because the PCs were actually different. But PCs aren't really that different. So you have no real way of knowing if I have 1000 PCs behind my proxy, or just 1. /shrug

Re:Meh

Whoosh. Over time, your browser is subtly changed (by whatever users use them) over time. So, over time, the individual PCs look different to fingerprinting. Caring if you have 1000 PCs or 1 PC behind the proxy, is not the goal, result or point.

You're far too generous

[bsdasym]

The game site does not need to know what your capabilities are. If you try to run it, and it doesn't work, you don't try again. It doesn't need to know *any* of the fonts or even font-families you have installed, it just needs to do what the web has always done; Present a list of fonts the site designer would like the browser to use, if they are available and the user allows it. No site needs to know even the simple small/med/large screen size, as that can all be (and usually is) handled entirely within the browser via CSS.

Give them even less info than you propose and it'll still be too much, generally speaking.

Re:You're far too generous

No site needs to know even the simple small/med/large screen size, as that can all be (and usually is) handled entirely within the browser via CSS.

"handled within the browser via CSS" IS telling the site.

CSS media queries can conditionally use different source URLs for various images on the page (heck, that's actually one of the most useful things they can do, sending the 8k wallpaper image to a low-res screen and expecting the handheld to resize it kills battery life) and as soon as you do anything that changes the set of network requests, you've made that information available to the server.

Re: You're far too generous

The game site can load reduced number of textures if it knows your GPU cannot handle it. It can load a simpler shader if it sees the number of uniform/varying attributes on your device is limited etc.

Re:You're far too generous

Give no information at all, and every website will end up being optimized for the smallest possible device, since otherwise they would not work well on small touch interfaces.

"Tell users to use the mobile site instead when using a mobile device" would be both more inconvenient (remember, no way for server/javascript to tell devices apart) and still leak as much information as before, so that's not a good solution.

Re: You're far too generous

[tepples]

Then the browser could lie to sites that want to use WebGL, telling them "My device's GPU is no more powerful than that of the original PlayStation from 1995" until the user has opted into full-featured WebGL for that domain.

What the hell

What the hell, is there no way I can hide from advertising companies?

Not interesting

[Kergan]

Wake me up when we're able to fingerprint the same user across different devices. *That* will be freaky - and, admittedly, will interest me as a marketer.

Re:Not interesting

Your alarm clock went off 20+ years ago.
They all have the IP address of the router they use to connect to the net.

What, you think this ability to reliably identify people by their GPU performance works with a million datapoints?
Nope.

Re:Not interesting

You've been sleeping too much. Ultrasound beacons are already here.

Re:Not interesting

>as a marketer.

Well there's yer problem. As a marketer you have limited capacity to understand humans.

This should read identify computer, not user

This should say used to identify a computer, not a user. You can have multiple individuals using the same PC. These methods identify the PC, not the users.

Meh.

A lot of bruhaha over nothing. EVERY device can be used to fingerprint users. They are not secure. Browsers are just the one that gets the most attention, because they're the easiest target. If you really don't want to be fingerprinted, you're SOL. At this point you might as well be asking "who the hell will really benefit from knowing it's me using these devices, and why" rather than "how can I stop them?"

shiny new features and more features!

this practice relies on new technologies added to web browsers in recent years,

That's why new and modern applications won't necessarily make you safer. Higher version don't mean better. Remember how modern Firefox browsers removes your anonymity, even with Tor, because of webrtc feature added into Firefox? Older Firefox versions don't have webrtc.

Tricks to avoid this fingerprinting technique

I am sure any of these would disable this fingerprinting

Disable your graphics card and use the lowest screen resolution with 800x600 dpi.
Disable Javascript in browser
Disable all images in your browser
Disable 3D rendering in OS and/or browser
Download firefox source, remove all those "unwanted" features then recompile.

But remember, resistance is futile. We will, sooner or later, be assimilated.

All because it is legal for them to leave software

On your computer but not you on theirs. No browser should ut anything on a computer unless you click download.

Lynx

Protecting your privacy.

Javascript

[floodo1]

The VAST majority of fingerprinting and most of the useful stuff relies on whoever is doing the fingerprinting running their javascript in your browser (client). Using something like NoScript to block javascript by default and limiting what you allow is quite effective at fighting fingerprinting.

Definitely not a magic bullet but it's super helpful for this and lots of other web annoyances.
Plus, you get to learn just how much useless javascript most sites want you to run (3rd party that has no impact on functionality)

Use this to do so (best there is)

APK Hosts File Engine 9.0++ SR-5 https://www.google.com/search?hl=en&source=hp&biw=&bih=&q=%22APK+Hosts+File+Engine%22+and+%22start64%22&btnG=Google+Search&gbv=1/

Ads rob speed/security (malvertising)/privacy (tracking).

Hosts add speed (hardcode/adblock), security (bad sites/poison dns), reliability (dnsdown), & anonymity (dns requestlogs/trackers) natively.

Avg. page = Doom sized http://www.theregister.co.uk/2016/04/22/web_page_now_big_as_doom/ & ads = 40%.

Hosts != ClarityRay blockable (vs. souled-out crippled inferior wasteful redundant slow usermode addons)

Less power/cpu/ram + IO use vs. DNS/routers/addons/antivirus (slows you) + less security issues/complexity.

APK

P.S. - Safe https://www.virustotal.com/en/file/e01211ca36aa02e923f20adee0a3c4f5d5187dc65bdf1c997b3da3c2b0745425/analysis/1433430542/ Verified by Malwarebytes http://forum.hosts-file.net/viewtopic.php?f=5&t=4290/

All based on javascript

Turn off javascript and the browser wont be able to 'run' programs hidden in the background (javascript)

Firefox Addons to the Rescue

As usual, there are several Firefox addons available to help enhance privacy.

1. Canvas Blocker - This extension forces the API to return random values for sites not whitelisted. The server asks your browser to draw something on the canvas and return the results and your browser lies to the server and returns garbage instead. Perfect. As a bonus, this appears to affect WebGL as well. I get new random values for WebGL and Canvas hashes on each visit to the EFF Panopticlick.

2. Stop Fingerprinting - This extension randomizes the string order of the list of returned fonts supported by the browser as well as preventing enumeration of plugins and adding bits of randomness to heights and widths of inline elements to further frustrate font detection.

Using these extensions together with others (Privacy Badger, Ref Control, NoScript, AdBlock Plus), substantially enhances privacy and frustrates fingerprinting by making your browser fingerprint unique per request . The more people that do this the more noise that is generated and the more poisoned the fingerprinting databases of the advertisers and other snoopers become. The advertisers are trying to use as many pieces of discrete information about your browser as they can to make your fingerprint unique. By randomizing some of those pieces, especially ones that rely on local hardware, we can take advantage of their greed to ruin their fingerprinting algorithms.

Re:All because it is legal for them to leave softw

Ah, but you can leave sw on their computer. When their server ask for its cookie, have your altered browser serve them a buffer overflow. Bonus points if your buffer overflow disables the tracking on their end.

You're in the clear here - you have "do not tracking" set, but they asked for a cookie anyway! So basically, they didn't comply when you said "don't eat my poisoned pills".

Protect your firefox

[allo]

Have a look at ffprofile.com to generate a secured profile. Look at the github page to extend the site for more un-features.

Multi-PC means affluent ergo more valuable

[tepples]

You can have multiple individuals using the same PC.

I'm aware that multihead is possible with multiple graphics cards on an X11/Linux box.. But I thought home versions of Windows, the most popular operating system for desktop and laptop computers in the industrialized English-speaking world and therefore probably the most interesting to the marketing industry, were locked down to support only one desktop session at once.

Or perhaps you meant one at a time. Previous comments such as this one seem to indicate that multi-PC households are more common than family members taking turns on separate user accounts on the same PC. Furthermore, multi-PC households are more attractive to the marketing industry because they are more likely to be affluent enough to buy what the marketers are pushing.

Battery Life

Making the GPU do extra work for no real reason seems like a great use of my battery.

Who fed you that bs?

Hosts resolve from LOCAL system RAM via favorites hardcodes (faster vs. remote DNS & no redirect poisoning).

* IF you refer to MS' shitty dnsapi.dll (local dns slow usermode cache service)?

It operates via a fixed sized buffer (dumb) vs. a redimmable array/list & causes issues w/ large hosts files!

Turn it off, save CPU cycles, RAM, & other I/O wasted on it (Linux has no such issue) & let a kernelmode subsystem (faster) cache (local diskcache) instead (faster kernemode to kernelmode transfers, no context switch speedhit either between it & IP stack).

APK

P.S.=> Does it for FAR less security & inefficiency issues vs. DNS https://news.slashdot.org/comments.pl?sid=9007355&threshold=-1&commentsort=0&mode=thread&pid=51969075/ enumerated there (especially remote where 99.99% of ISP dns are not patched vs. kaminsky redirect poisoning) & less resource use + moving parts to exploit (or breakdown) locally... apk

Hosts = superior & faster + proof

See subject: NoScript parses to block scripts - hosts do it before it in 1 step blocking ad/tracker script sources in fast kernelmode (vs. slow usermode in browsers slowing 'em w/ excess cpu, ram, & other I/O use - especially in firefox 'stacking' addons)

Ab+ does less less efficiently - 128-151mb http://cdn.ghacks.net/wp-content/uploads/2014/06/adblocker-memory-consumption.jpg/

Ab+'s bribed not to work by default http://www.businessinsider.com/google-microsoft-amazon-taboola-pay-adblock-plus-to-stop-blocking-their-ads-2015-2/

AdBlock's SLOWER: http://superuser.com/questions/686041/which-leads-to-faster-browsing-an-ad-blocker-or-an-edited-hosts-file/

UBlock now uses hosts (no DNS benefits - not a resolver itself) - poor imitation = "sincerest form of flattery"

Hosts ~3mb vs. UBlock = 64MB -> http://cdn.ghacks.net/wp-content/uploads/2014/06/adblocker-memory-consumption.jpg/

APK

P.S.=> Hosts = native vs. adding inefficient ClarityRay blockable easily detected addons

WRONG (w/ proof)... apk

0.0.0.0 is equivalent to "null routing" (it's the trashcan to nowhere in other words) proof https://www.google.com/search?hl=en&source=hp&biw=&bih=&q=What+is+0.0.0.0+%3F&btnG=Google+Search&gbv=1/

* You fucking idiot...

APK

P.S.=> "Allo"? You just said "goodbye" to any thought of credibility directed your way online... apk

Re:WRONG (w/ proof)... apk

[allo]

Nope. Just open two terminals:

$ nc -vlp 2000 #first terminal
$ nc 0.0.0.0 2000 # second terminal

listening on [any] 2000 ...
connect to [127.0.0.1] from localhost [127.0.0.1] 47888

I'll let /.ers speak for me #1/2

his hosts program is actually pretty good by xenotransplant

his hosts tool is actually useful for those cases in which one does indeed want to locally block stuff outright while consuming minimum system resources by alexgieg

I've never tried to belittle (APK's) work, I've flat out said it's good by BronsCon

take a look at the APK hosts file engine by SuperKendall

APK is kinda right. I've tried his hosts file generating software. It works by bmo

APK is totally right on this count. Adblock Plus on Firefox mobile is a dog on older, or lower end, phones. A hostfile based adblocker makes for a much better experience by chihowa

I like your host file system by Karmashock

I find your hosts file admirable by vel-ex-tech

* My code's liked + recommended/hosted by Malwarebytes' hpHosts!

Hosts in fast kernelmode = superior vs. crippled/security issue riddled options (slow usermode) w/ what you natively have (vs illogically bolting on more doing less using more).

APK

P.S.=> More coming... apk

I'll let /.ers speak for me #2/2

I support APK's stand on the hosts file by Trax3001BBS

Your premise that hostfiles are a good way to deal with advertising and malvertising is quite valid by JazzLad

No complaints from me, I like APK... Reminds me to use a host file. Also, his stuff is free by aaaaaaargh!

APK's monolithic hosts file is looking pretty good by Culture20

APK... Awesome to see he's still spreading the good word by Molochi

ABP is insufficient as a solid hosts file does everything that APK reminds us about by fast turtle

APK isn't wrong by cfalcon

APK, I know people give you a lot of shit regarding hosts, but please don't ever stop by nasredin

You need APK's hosts file by Teun

APK solution STILL relevant by Thud457

you're right about hosts files by drinkypoo

APK

P.S.=> They're in addition to https://yro.slashdot.org/comments.pl?sid=10112421&cid=53672591/ many more earlier + 1,000's worldwide - there's no arguing w/ success... apk

Simple realworld experiment (not netcat bs)

TELL YOU WHAT, TRY THIS ENTRY IN YOUR HOSTS FILE (not your bullshit):

0.0.0.0 slashdot.org

TELL US WHAT HAPPENS WHEN YOU TRY CONNECT TO SLASHDOT AFTER YOU SAVE IT!

ANSWER - YOU WILL NOT BE ABLE TO CONNECT TO THIS SITE!

(On a server system that *MIGHT* not be the case, but on a PC it is!)

APK

P.S.=> Plus 0.0.0.0 does less work than loopback adapter address (if that's installed) of 127.0.0.1 & is less to parse per line by 2 chars per line too inside hosts to load it to memory (makes a huge diff. in a large hosts file)... apk

Untrue on hosts size & how so... apk

Cut crappy broken w/ large hosts files dnsapi.dll usermode slower dns cache service IN WINDOWS https://yro.slashdot.org/comments.pl?sid=10112421&cid=53672379/ Linux has no such issue, you can make hosts as large as you like & as quick as ever!

Additionally hosts runs in kernelmode which is MUCH faster than slower usermode that addons clot up with more messagepassing, resource & power usage to do their jobs)

https://yro.slashdot.org/comments.pl?sid=10112421&cid=53672457/ & there are some proofs of what I just said from reputable sources!

APK

P.S.=> Funniest FOOL I am running into is 'allo' here & he's about to "hit the wall" via this simple experiment I am having him do-> https://slashdot.org/comments.pl?sid=10112421&cid=53673233/ ... apk

Additionally on lookup lag in addons?

See subject: It's ALSO true of PAC files - they also have to do a dns resolution lookup (this is also part of why I gravitate to hosts).

APK

P.S.=> NOTHING 'does it all' but hosts DO do FAR MORE for FAR LESS, natively (vs. stupidly illogically "Bolting on 'MoAr'") vs. other "so-called 'solutions'" that are crippled by default to NOT work (adblock), inefficient (ublock & other browser level usermode slower clotted w/ resource waste vs. hosts https://yro.slashdot.org/comments.pl?sid=10112421&cid=53672457/ & messagepassing bloat inefficiency in SLOWER usermode (vs. hosts in kernelmode faster speed), most visible on FireFox when you 'stack' multiple addons WHICH INCLUDES GHOSTERY TOO (owned by advertiser evidon)) OR security issues & moving parts complexity + room for breakdown (antivirus or remote DNS, 99.999% of the latter are NOT patched @ ISP level vs. kaminsky redirect security bug)... apk

DNS = security issues & inefficiency

Know what OCCAM'S RAZOR IS? The simplest solution's the BEST & Hosts ARE far simpler to use/manage & is a NATIVE part of the OS, completely in kernelmode speed that uses far less resources & has less parts for breakdown/exploit.

See my subject & this DNS SECURITY ISSUES GALORE w/ inefficiency https://news.slashdot.org/comments.pl?sid=9007355&threshold=-1&commentsort=0&mode=thread&pid=51969075/ FAR from a full list of them but 18 categories w/ dozens of issues each regarding DNS security problems (some are inefficiency in RAM use + more moving parts for exploit &/or breakdown).

APK

P.S.=> 99.999% of ISP DNS are NOT PATCHED vs. the kaminsky redirect flaw & IF you want to 'fix' that? You can try TCP vs. UDP & become MORE INEFFICIENT (doubling work needed)... apk