Bill Would Legalize Active Defense Against Hacks

Trailrunner7 quotes a report from On the Wire: A new bill intended to update the Computer Fraud and Abuse Act would allow victims of computer attacks to engage in active defense measures to identify the attacker and disrupt the attack. Proposed by Rep. Tom Graves (R-Ga.), the bill would grant victims of computer intrusions unprecedented rights. Known as the Active Cyber Defense Certainty Act, the legislation seeks to amend the CFAA, the much-maligned 1986 law that is used in most computer crime prosecutions. The proposed legislation includes the caveat that victims can't take any actions that destroy data on another person's computer, causes physical injury to someone, or creates a threat to public safety. The concept of active defense has been a controversial one in the security community for several years, with many experts saying the potential downside outweighs any upside. Not to mention that it's generally illegal.

A giant step ... sideways

[mnemotronic]

victims can’t take any actions that destroy data on another person’s computer, causes physical injury to someone, or creates a threat to public safety

The hackers are quaking in their valenkis.

Re:A giant step ... sideways

[currently_awake]

So DDOS'ing some computer that tried to hack your computer is ok? What if you later find out it was the NSA? Or the police? I assume ignorance is a legitimate excuse, right? Or does this law allow you to knowingly "Respond" against police intrusion attempts?

Re:A giant step ... sideways

If you manage to DDOS the NSA, which literally hoovers up the Internet, I don't think you're the sort of person who worries too much about breaking some trifling law.

Re:A giant step ... sideways

[hey!]

Well, according to TFA the "active defenses" consist of "consisting of accessing without authorization the computer of the attacker to the victim’ own network to gather information in order to establish attribution of criminal activity."

So it sounds innocuous, but I do see a problem: it's a bit like pulling yourself up by the bootstraps, isn't it? You get permission to poke around on the attacker's network... to prove he's the attacker. It's not hard to dream up a lot of squirrely corner cases for that.

Also "active defense" of this sort provides the perfect cover... for hacking. You infect a competitor's computer network to launch an ineffective attack on your own, and then you invade his network with legal impunity.

It's not impossible to do a law like this right, but what are the chances?

Re:A giant step ... sideways

The likelihood of catching someone who hacked into your computer is remote.

7 proxies. That's all you need to know.

Re:A giant step ... sideways

[rtb61]

Forget crashing a single computer. This has every oppurtunity of spreading out of control. Think hosted server fasley identifying an attack and then launching it.s own attack against another hosted server, which detects an attack and launces it own attack not against the hosted server but the server hoster and all other servers, who then retaliate. This then spreads to other server hosters who host server from the same network and you get the idea. Utterly moronic and the only purpose, the only true purpose, is to allow corporations to, whoops, sorry we attacked your political activist site by mistake, oh and the police raid and half a dozen people beaten up, well thats you fault for, saying we do bad things. Basically corrupt politicians allowing corporations to use vigilantism to attack anyone they want for any reason they want based upon evidence they self fabricate of an false flag attack, repercussion, zero. Next step corporations being able to send mercenaries to conduct a direct raid ie private police.

So I gather the penalty for a false defence attack is to be charge with a computer crime and imprisonment for the false defence attack, what no it isn't, let me fucking guess, there is no penalty what so ever for a false defence attack (that a solid sign of political corruption).

Re:A giant step ... sideways

DDOS and hacking are wrong!

Re:A giant step ... sideways

[ShanghaiBill]

It will also provide the perfect defense for any hacker that gets caught: "He hacked me first!"

Re:A giant step ... sideways

[mnemotronic]

So DDOS'ing some computer ... is ok?

I merely pointed out that any and all possible actions that would dissuade the perpetrators are forbidden, effectively rendering the law useless.

All the Slashdot threads will focus on the technology. Firewall this, DDOS that. It is not a technological problem -- it's a people problem. Today it's done with computers and networks. Fifty years ago it was telephones and prank calls or postal mail with white dust. The attacker is anonymous and remote, which does not require great physical distances. That virtual distance isolates the attacker from the victim and breaks the bonds of shared humanity. Like viewing the victim from behind a one-way mirror, the attacker feels safe, secure and superior and becomes emboldened to do things they would not do if they were face to face with the victim. If they feel like they can get away with it, they will do it again. This law ensures that.

Re:A giant step ... sideways

[hackwrench]

Morpheus: I've seen an agent punch through a concrete wall. Men have emptied entire clips at them and hit nothing but air. Yet their strength and their speed are still based in a world that is built on rules. Because of that, they will never be as strong or as fast as you can be.
Neo: What are you trying to tell me, that I can dodge bullets?
Morpheus: No, Neo. I'm trying to tell you that when you're ready, you won't have to.

These are the rules they construct. You can use them to protect yourself when you do things that the rules permit but weren't envisioned to allow. You won't have to dodge bullets, because they are stupid enough to hand you the tools to be bulletproof.

Re:A giant step ... sideways

[hackwrench]

I merely pointed out that any and all possible actions that would dissuade the perpetrators are forbidden, effectively rendering the law useless.

Depending on how well you think you can persuade the necessary people, the perpetrator and victim become indistinguishable, and all possible actions become allowed with the defense being that an attack originated with the McGuffin being attacked.

Re:A giant step ... sideways

[buck-yar]

Or you just fake a few logs and you're off hacking with legal invulnerability.

Re: A giant step ... sideways

[turbiina]

I haven't seen _hacker_ stupid enough to crack stuff from his own computer. So active countermeasures most likely will hit just other owned computers or innocent free wifi installations etc...

Re:A giant step ... sideways

No, just like shooting a rapist as he's about to stick it in your daughter, when it turns out he owned a badge, you retroactively become a monster and a criminal all along.

The only ones this amendment will help are companies making use of the various abuses and loopholes to brick firmware when they detect various programs they don't like, or even after having gotten bad reviews. People like you and me will have no recourse to this, as we are either "the perp" or "insignificant collateral damage"

Re: A giant step ... sideways

I will watch this tonight. Thank you.

Re: A giant step ... sideways

I think this is because of my java web crawler videos...

Re:A giant step ... sideways

How about a nice game of chess?

Re:A giant step ... sideways

[DeVilla]

- fire up TAILS
- create a free tier node in AWS
- attack one of your own systems
- being 'legal active defensive' probing of Amazon's network
- ???
- profit

Finally!

I got me a product to do just that. It's about time! So tired of fake news and politically correct hampering our life.

Nuclear holocaust, on the Internet

[Gaygirlie]

26 to disrupt continued unauthorized activity against the victim’s own network

Way too vague, neither "disrupt" or "continued unauthorized activity" not defined; this'd very quickly result in these so-called victims in just using DDoS against anyone who they disagree with, with the claim that they're "hacking, " and then everyone loses when everything gets slowed down to a crawl. Great. Oh, as these things tend to go, the law would only be applied to large corporations or rich people -- if an individual, not-very-rich person or a small company tried to do any sort of "active defense" they'd get hefty fines and possibly even jail-time for illegal activity! You know, "computer crimes."

Illegal?? HaHaHa

[zenlessyank]

I didn't get that memo. He who doesn't hack back deserves a lot of flack.

What about government hacking?

[hawguy]

Do people get the right to disrupt police/FBI hacking of their devices as well? That's probably the only hackers that would actually be disrupted by this new law, since criminal hackers use someone else's computer to hack you -- if you hack back, you're only hurting some innocent third party that had *his* computer hacked.

Re:What about government hacking?

Do people get the right to disrupt police/FBI hacking of their devices as well? That's probably the only hackers that would actually be disrupted by this new law, since criminal hackers use someone else's computer to hack you -- if you hack back, you're only hurting some innocent third party that had *his* computer hacked.

By "innocent third party" you mean "ignorant schmuck who didn't understand what 'hostile network' actually meant and decided that unprotected Windows machines was a great idea?"

Re:What about government hacking?

[AHuxley]

The NSA and GCHQ can do what they want as granted by a gov or what ever section of a gov they work for or got established by.
Different US law enforcement agencies working in the US have to respond to Congress as that is who has oversight and can demand all paperwork over any policy, funding or staffing issue. Government lawyers redacting internal documents that go to Congress is not the best policy to hide issues.

So the way around Congress for equipment interference is usually from third party staging servers and is made to look like any other normal company doing 'ads' or tracking or some expected packet flow.
The US gov get their ip lists, users just see another third party script, ad, tracker on a site. The other method is to turn the entire admin team and replace them with gov workers to keep a site/service running for a while.
No need for equipment interference as the server is 100% gov.
What the NSA or US police would like to do domestically but don't want to show in open court as the origin of an investigation, some trusted nation like Australia, the UK, NZ or Canada will report to provide a tip to the USA about. So domestic collect it all spying stays hidden from any US legal team in open US court.

The really bad news is NATO, the wider EU and what the NSA and other US contractors shared with such nations.
The US gave its very best tools and hardware to a lot of different EU nations, not just their top police forces or foreign intelligence services. Random gov/mil staff all over NATO and the EU got to work on projects. Smaller EU nations are now operating within the USA with NSA like methods for their own governments domestic politics.
So what might seem like the NSA in the USA using a very complex staging server could be some random NATO or EU nation now doing their own covert work to collect it all in the USA. The results of such NATO or smaller EU nations can then enter the press for very party political reasons.
The US has lost its keys to global crypto thanks to trusting new EU nations beyond 5 eye nations who had kept US secrets for decades.
The NSA cant get its older network tools back as too many nations mil/police and contractors got/made/found/shared copies.
So anyone of 20 nations could be looking out for their own domestic self interest and try some very advanced equipment interference.
The CIA also has its own vast global collect it all network thats very different from the NSA so never to have to ask the NSA for help.
Different US federal agencies have also given or offered very advanced US hardware to their friends in the EU to track crime. Hearts and minds. Such staff in other nations are very supportive of helping the US with any and all later requests thanks to that trust with advance software or hardware.
The US is never informed that such methods are passed around and used globally beyond the original case or taskforce.
Contractors who worked for work with a mil/gov get to see such methods and then work for the private sector walking out with advance US software, hardware needed to ensure they can attract clients in the private sector years later.
So a lot of teams, nations, contractors move around networks with a lot of different advanced US only methods.
All the enduser will see is a perfect supported site or server or a staging server selling ads from some front company.
Or old malware that AV can detect that reports back to a staging server that could be anyone.
"OPERATION SOCIALIST The Inside Story of How British Spies Hacked Belgium’s Largest Telco" (December 13 2014)
https://theintercept.com/2014/...
"Under the conditions of a non-disclosure agreement, they could not speak about what they had found, nor could they publicly warn against the malware. Moreover, they were not allowed to remove the malware."
Such changes to US laws will only encounter many different nations and their contractors in the wild that are totally protected by their own nations.

Re:What about government hacking?

Oh no.. you can't just exclude congress and the white house from this shit. Obama white house made it clear that they were going to launch an attach on the Russians for alleged embarrassment of the DNC. Congress and the white house were behind this attack. Presumably this attack would be carried out by the NSA. Who else would do it? There are hackers and then there are GOV HACKERS.

Re:What about government hacking?

This bill is also not compatible with international legal standards. Hacking from the US into a computer in another country is still a criminal offense in that country, no matter what US law says about it. Granted, in practice this law would not pose many serious problems, since the US does often not even extradite murderers, but of course it will lead to a whole new range of problems and isolate the US. There will be search warrants for seemingly 'legal' US counter-hackers outside the US, and only dictatorships can do something against that, because in a democracy politics cannot interfere arbitrarily with the work of prosecutors when the law was clearly broken.

The is still pretty good at bullying other countries into submission, but there would be still be some backlash and negative consequences for many US citizens.

So - Business As Usual

Business As Usual - if you have a small army of corporate lawyers, then you can do whatever the hell you were going to do anyway. Maybe they'll pull a Bill Clinton and ask the opposing lawyers to define the word "is" (clever - "to be" is a cornerstone of the language and all). Of course if you or me tried that in a court of law, our asses would be thrown in jail for contempt, but this is normal: one standard for us, another standard for them.

"Monied corporations may retaliate with impunity" would be a much better name for this bill. Call it the MCMRWI Act!

eHolocaust

[Roger+W+Moore]

Way too vague, neither "disrupt" or "continued unauthorized activity" not defined; this'd very quickly result in these so-called victims in just using DDoS against anyone who they disagree with

Even a strict interpretation will lead to an eHolocaust. Attacker hijacks a machine in company A and uses it to attack company B. Company B retaliates against the machine in company A. Company A detects attack from company B and returns the favour. Multiply that by all the machines in a botnet and you can kiss goodbye to the internet.

Re:eHolocaust

[gmack]

Even more fun: What if the attack involved spoofed packets?

NRA

[BenBoy]

Because if 'sploits are criminal, only criminals will have 'sploits? Discuss.

Re:NRA

You will need an amendment to the constitution before this type of circular reasoning applies.

Danger Will Robinson!

What constitutes an attacker? Warning: PDF

(C) the term ‘attacker’ means a person or an entity that is the source of the persistent unauthorized intrusion into the victim’s computer.

If you want to be able to legally counter-hack a large group of people all you need to do is spread a virus that will first infiltrate a lot of machines, then use those machines to start attacking your machine's IP. This allows you take countermeasures, easily accomplished via a vulnerability that the existing virus leaves open. So let's take a look at some scenarios and the implications.

I can imagine the RIAA and MPAA and their goons drooling over this capability. They can search for and destroy pirated materials, which of course would accidentally have many false positives. To get around the requirement to avoid to destroying data all they have to do is claim those files were infected (which the virus of course handles, providing 'proof').

Facebook would love to know even more about you than they do now. Plausible deniability: 'it was just a bad ad, not our fault'. There's all sorts of Facebook malware out there, with many guides on how to deal with it.

The government could use this scheme to justify their intrusions into your system. They can claim probable cause for anything they find while trying to ascertain the identity of the 'attacker'.

Re:Danger Will Robinson!

Well, as written, the draft of the bill doesn't prohibit unauthorized access of a government system if the system is "attacking" the victim's computer.

Re:Danger Will Robinson!

Well, as written, the draft of the bill doesn't prohibit unauthorized access of a government system if the system is "attacking" the victim's computer.

That will be left up to case law. Pray it does not go to the Supreme Court. The Fourth Amendment means absolutely nothing to them if the word "drugs" is used - asset forfeiture laws, somehow a search using a dog as a tool of the search is not a search... abusing eminent domain to increase local tax revenue is A-OK ... forcing people to buy an insurance product or face a government penalty is somehow implied by the Constitution ... the "interstate commerce" clause means it's OK to tell people what they may do on their own intrastate land ... "stop and frisk" without probable cause is somehow acceptable despite the Fourth Amendment especially if you have dark skin ... I could go on and on but that's what I could think of off the top of my head that's actually happened in recent memory.

No, when this gets to any significant court, it will be determined that government systems are special and somehow exempt, even if the law doesn't say that at all. The Supreme Court hasn't met an authoritarian precedent it didn't like, not in a very long time. Must be nice, being a lifetime member of the Supreme Court, knowing that you're important and have status, that bad laws will probably never be aimed at you, and if somehow they are, you have the clout and connections it takes to resist them. Yes that must be nice, indeed.

ACDCA? - It should be CUT-THROAT

[Overzeetop]

I mean, sure, it's a palindrome, but real, working Americans can't even spell palindrome, much less know what one is. In fact, palindrome is the kind of work you only hear from those faggy intellectuals.

They need a better acronym, like Cyber Undermining Threat-Tactics for Heaping Righteous Offensive Action on Terrorists. Now That's a bill with balls. Big. Fat. Hairy. Balls. That you can shove down the throat of those bastard attackers of your computer systems.

Re:ACDCA? - It should be CUT-THROAT

WTF is a palindrome

Re:Bill would do that?

[Joe_Dragon]

Hillary come quick you got to see this.

Wrong Term

A Defense is not the same as a Counter-Offensive. Apparently few people know this.

Re:Wrong Term

A Defense is not the same as a Counter-Offensive. Apparently few people know this.

Excepting those who have actually participated in both. Those few souls definitely understand the difference.

Most people have never seriously had to engage in physical combat for their lives against multiple determined aggressors. Those who have, be they military personnel, police officers, or would-be victims of street crime, understand the difference very well. In fact most "special snowflakes" in their "safe spaces" are soft pasty know-nothings by comparison. Yet I am sure they will have strongly-felt opinions about a subject they've never personally experienced, because somehow their ignorance is worth as much as someone else's hard-won experience ... somehow.

Sometimes, destroying your adversarys' ability to continue attacking you is a legitimate defense. Home invasion is the staple scenario here, where it's ok to assume hostility on the part of your opponent and even the bullshit laws (written by people with legions of armed guards) respect that. Othertimes, retaliation is more like revenge which the law tends not to honor, however well-earned it may be. The difference is whether you are responding to a clear and present ongoing threat, or whether you are responding to a past event. I disagree with the laws' tendency to distinguish between the two, for I believe that all unprovoked aggressors deserve worse than whatever response they receive, but apparently I am unique in that belief. I tend to think that anytime you fuck with someone who would have left you alone, you forfeit your right to any sort of safety and well-being.

Re:Wrong Term

I tend to think that anytime you fuck with someone who would have left you alone, you forfeit your right to any sort of safety and well-being.

And thus the circle of vengeance continues... They had problems, they caused you problems, you had problems, you caused problems for others...

You think you are protecting yourself and your dear ones, but you are in fact perpetuating the very same problems you are trying to avoid, both for yourself and your dear ones, and for others, indefinitely...

Yes, it its complete insanity, in today's society, to not be able to protect oneself effectively in the short term... It's infuriating, it's oppressing, and you feel weak and exposed... But it will never change, if you are not thinking about the longer term...

People have been cutting hands, puncturing eyes, smashing teeth, blowing up heads, etc., for 12,000 years of human civilization, and even longer before that... Did it help one bit? Are we free of (real) crimes today? Are we free of violence now? Do you really think being even more violent than we historically have been for 12,000 years, will help this, and the consequences won't be worse yet?

Nothing will ever change, without the necessary psychological, philosophical and political total reconstruction of our society and existence. Thinking it would be too hard, too dangerous, or even impossible, does not help. It is a reactionary psychological complex: the fear of reconsideration, the fear of change, the fear of the unknown (and yes, we know nothing today about peace, love and happiness). It is the only, precise path, to a much better society. And it will be much easier, much safer, and much more substantial, than perpetuating today's insanity, which many people only think tolerable because they are largely repressing the massive amount of stress and frustration they endure from birth to death.

Those who can spend the time and energy, should focus on researching, on determining through logic, busting prejudices and taboos, "what constitutes a good civilization, then proclaim it to the people and help them to erect it"...

(You can laugh all you want if it helps you in the short term, I don't really mind. Then hopefully look around you, and reflect on it all).

Re: Wrong Term

Awesome sentiment.

Better define "Attack"

[Nkwe]

An attempt to create a TCP connection to an Internet connected machine is not an attack, or I at least hope not. I would hate to click on a link, be taken to a site that considers a regular connection as an attack, and be subject to legal retaliatory hacking. How about a ping? It would be bad if packets blocked by a firewall are considered an attack...

Re:Better define "Attack"

[mysidia]

An attempt to create a TCP connection to an Internet connected machine is not an attack

One attempt is not. But many attempts to create a TCP connection including randomized or incrementing destination attempts
can be viewed as an attack. Either as a flood, or as an obvious invasive "probe" to attempt to gain reconnaissance for hacking the system.

Re:Better define "Attack"

[Plus1Entropy]

Copied from an AC above:

the term ‘attacker’ means a person or an entity that is the source of the persistent unauthorized intrusion into the victim’s computer.

So I don't think any of your examples would apply, but I understand your underlying concern. I also wonder how much effort must the "victim" put into identifying the true source of the attack before launching a counter-offensive.

Obligatory

[JustAnotherOldGuy]

Obligatory "Nothing could possibly go wrong with this plan".

Russia

Where was this bill BEFORE the election?

Backward

[s.petry]

This would allow vigilantism and encourage anti-competitive attacking. "We thought they were the ones trying to hack us, see our logs? (cat log | sed -e 's/someip/theirip/g'

As much as I hate big Government, I would rather see an easy to interface with government agency with law enforcement capabilities handling this. In fact, isn't that what the NSA is supposed to be for?

Re:Backward

[mysidia]

"We thought they were the ones trying to hack us, see our logs? (cat log | sed -e 's/someip/theirip/g'

I would suggest formal Licensure for Cybersecurity professionals requiring Passing a practical Examination, also a Test, and committing
to a code of conduct including No Espionage, Theft, or Disclosure of Data --- requiring any item of data unrelated to an attack be kept confidential and not shared, even with a boss, employer, or co-worker.

Then have the bill so the Active Defense argument is ONLY valid for an individual Response reviewed and directed by a Licensed professional, Regardless if the Professional is a member of Law Enforcement or working in private industry and Protects only the direct actions of the licensed professional, Not actions that automatically selected and committed a response without specified human judgement and scrutiny.

Also, modify the act so Law Enforcement professionals Otherwise excluded from the Act are Subject to prosecution for any Hacking, If they don't have the same license.

Any misbehavior such as Hacking an innocent system, will be brought before a board, and their license will be revoked or
on a minor offense suspended for a minimum of 5, 6, or 7 years.

Re:Backward

[s.petry]

Interesting ideas, but passing a test does not ensure morality. Morality is the problem, and I can tell you quite plainly that the immoral and moral in today's society are pretty evenly numbered. Even if you required 3rd party defensive action, there is no way to prevent or prove collusion.

Re:Backward

[ShanghaiBill]

I would suggest formal Licensure for Cybersecurity professionals

Licenses mean compliance with a bureaucratic checklist, which is very different from actual competence. In a fast evolving field like computer security, the checklist will lag actual best practices by about a decade. Most existing formal computer certifications are widely considered to be negatively correlated with competence, so the track record is not good.

Re:Backward

"We thought..." don't hold up in court. If you disrupt the attacker's machine - fine. If you disrupt what you were tricked into believing was the attackers machien (but was an innocent third party), you get the same punishment as your attacker.

That should limit escalations and all-shoot-all scenarios.

Re:Backward

[mysidia]

but passing a test does not ensure morality. Morality is the problem, and I can tell you quite plainly that the immoral and moral in today's society are pretty evenly numbered.

It's not about 'ensuring morality'. It's about Restricting the population who can do it to a population that will not have Plausible deniability for improper actions, And then By making sure the people who can do this have something of Value which can be taken away for a long time as a consequence for abuse ---- providing a major disincentive for abuse.

Re:Backward

Great idea! The slightest slip-up by the most skilled security people on the planet will cost them their careers for "a minimum of 5, g, or 7 years." Surely people that know how to get away with whatever technology related crime they please will take their lumps, lie down and wait to die because they lack bureaucratic licensing.

Re:Backward

[professorguy]

So what you're saying, a well regulated militia should be the only ones able to wield these weapons?

Re:Backward

[DeVilla]

Sounds to me like he wants a TSA for the internet.

Re:Bill would do that?

[hey!]

No, Pence. And Pruitt too.

What could possibly go wrong?

[Gravis+Zero]

This was inadvertently make DDoS for hire a legitimate business model. "Being attacked? Defend yourself and DDoS your foes into the afterlife!"

Internet,,

[Sir+Lurkalot]

Is getting to look like C.B. radio in the mid '80"s

Proposed by Rep. Tom Graves (R-Ga.)

[PopeRatzo]

The cyber is hard.

What will be found?

[AHuxley]

What will be found at the end of such private sector tracking?
A home computer in another nation? Fully infected with malware that runs at 2am from some advanced wifi router?
Some site that offers free wifi? Can the company can ask for the log and CCTV?
The logs show the access but the CCTV shows nothing at the times. More investigation shows a wifi extender was used to stay away from all CCTV.
The person knows high quality CCTV is now kept for months.
A computer network in a small nation with lots of fast internet and no much CCTV.
A network of consumer IoT networks?

Re:What will be found?

Government tracking would include all of the above plus constitution-shattering attacks on citizens. big brother would stampede society trampling those 'evildoers' and whoever else ends up caught between his jackboots and the ground.

Ghost in the Shell Attack Barrier

These are the first steps to implementing Attack Barriers that are similar in concept to the ones used in Ghost in the Shell except on computers and not on brains. =p

Re:Numbered vs matched

[hackwrench]

I think the term you might have preferred to use would have been matched. But then you have people whose ethics range from leaving people to their own devices, helping "true seekers", helping everyone, ensuring a level playing field among others, so the whole ethics/morality thing isn't that simple.

Re:The meaning of "is" is.

[hackwrench]

Well when people try to conjugate is without "Dr. Dan Streetmentioner's Book of 1001 Tenses", they are just asking for trouble.

"Come w/ me if U wanna live..."

"I'm here to help you - I'm Reese Sgt. TechCom DN38416 assigned to protect you" via APK Hosts File Engine 9.0++ SR-7 32/64-bit https://www.google.com/search?hl=en&source=hp&biw=&bih=&q=%22APK+Hosts+File+Engine%22+and+%22start64%22&btnG=Google+Search&gbv=1/ "you've been TARGETTED for TERMINATION!"

Best shield vs. online threats & speed gains (others slow you). Does more 4 less vs. ANY 1 illogical "Bolt on 'MoAr' so-called exploitable 'security solution'" (DNS/antivirus) using more doing less (dns/antivirus/browser addons)

As "that terminator is out there: It can't be bargained with. It can't be reasoned with. It doesn't feel pity, remorse, or fear & it absolutely will not stop EVER (until U R DEAD)"

P.S.=> "It's a HYPER-ALLOY Combat Chassis - Microprocessor controlled: FULLY armored, VERY tough!"

Code's VIRUS-PROOF (every proc/function checks vs. alteration) & crash-proof (via std. structured errhandler refactored override reset on abend)

Re:"Come w/ me if U wanna live..."

I was saving that mod point just in case you showed up, nutbar boy. => HAND.

Re:"Come w/ me if U wanna live..."

R o T f L m A o CNN fake news BANNED from the whitehouse by President Trump? The PLANET's laughing @ arseholetechnica hahahahahahahahahaha!

"Come w/ me if you wanna live..."

"I'm here to help you - I'm Reese Sgt. TechCom DN38416 assigned to protect you" via APK Hosts File Engine 9.0++ SR-7 32/64-bit https://www.google.com/search?hl=en&source=hp&biw=&bih=&q=%22APK+Hosts+File+Engine%22+and+%22start64%22&btnG=Google+Search&gbv=1/ "you've been TARGETTED for TERMINATION!"

Best shield vs. online threats & speed gains (others slow you). Does more 4 less vs. ANY 1 illogical "Bolt on 'MoAr' so-called exploitable 'security solution'" (DNS/antivirus) using more doing less (dns/antivirus/browser addons)

As "that terminator is out there: It can't be bargained with. It can't be reasoned with. It doesn't feel pity, remorse, or fear & it absolutely will not stop EVER (until U R DEAD)"

P.S.=> "It's a HYPER-ALLOY Combat Chassis - Microprocessor controlled: FULLY armored, VERY tough!"

Code's VIRUS-PROOF (every proc/function checks vs. alteration) & crash-proof (via std. structured errhandler refactored override reset on abend)

"Come w/ me if you wanna live..."

"I'm here to help you - I'm Reese Sgt. TechCom DN38416 assigned to protect you" via APK Hosts File Engine 9.0++ SR-7 32/64-bit https://www.google.com/search?hl=en&source=hp&biw=&bih=&q=%22APK+Hosts+File+Engine%22+and+%22start64%22&btnG=Google+Search&gbv=1/ "you've been TARGETTED for TERMINATION!"

Best shield vs. online threats & speed gains (others slow you). Does more 4 less vs. ANY 1 illogical "Bolt on 'MoAr' so-called exploitable 'security solution'" (DNS/antivirus) using more doing less (dns/antivirus/browser addons)

As "that terminator is out there: It can't be bargained with. It can't be reasoned with. It doesn't feel pity, remorse, or fear & it absolutely will not stop EVER (until U R DEAD)"

P.S.=> "It's a HYPER-ALLOY Combat Chassis - Microprocessor controlled: FULLY armored, VERY tough!"

Code's VIRUS-PROOF (every proc/function checks vs. alteration) & crash-proof (via std. structured errhandler refactored override reset on abend)

We need black ice

If someone attacks us, we must retaliate with black ice! Neural death to all attackers .

You can do it

[AndyKron]

So what? I would have done it anyway if I could regardless of the law. I have a right to protect myself and my property.

"Come w/ me if you wanna live..."

"I'm here to help you - I'm Reese Sgt. TechCom DN38416 assigned to protect you" via APK Hosts File Engine 9.0++ SR-7 32/64-bit https://www.google.com/search?hl=en&source=hp&biw=&bih=&q=%22APK+Hosts+File+Engine%22+and+%22start64%22&btnG=Google+Search&gbv=1/ "you've been TARGETTED for TERMINATION!"

Best shield vs. online threats & speed gains (others slow you). Does more 4 less vs. ANY 1 illogical "Bolt on 'MoAr' so-called exploitable 'security solution'" (DNS/antivirus) using more doing less (dns/antivirus/browser addons)

As "that terminator is out there: It can't be bargained with. It can't be reasoned with. It doesn't feel pity, remorse, or fear & it absolutely will not stop EVER (until U R DEAD)"

P.S.=> "It's a HYPER-ALLOY Combat Chassis - Microprocessor controlled: FULLY armored, VERY tough!"

Code's VIRUS-PROOF (every proc/function checks vs. alteration) & crash-proof (via std. structured errhandler refactored override reset on abend)

"Come w/ me if you wanna live..."

"I'm here to help you - I'm Reese Sgt. TechCom DN38416 assigned to protect you" via APK Hosts File Engine 9.0++ SR-7 32/64-bit https://www.google.com/search?hl=en&source=hp&biw=&bih=&q=%22APK+Hosts+File+Engine%22+and+%22start64%22&btnG=Google+Search&gbv=1/ "you've been TARGETTED for TERMINATION!"

Best shield vs. online threats & speed gains (others slow you). Does more 4 less vs. ANY 1 illogical "Bolt on 'MoAr' so-called exploitable 'security solution'" (DNS/antivirus) using more doing less (dns/antivirus/browser addons)

As "that terminator is out there: It can't be bargained with. It can't be reasoned with. It doesn't feel pity, remorse, or fear & it absolutely will not stop EVER (until U R DEAD)"

P.S.=> "It's a HYPER-ALLOY Combat Chassis - Microprocessor controlled: FULLY armored, VERY tough!"

Code's VIRUS-PROOF (every proc/function checks vs. alteration) & crash-proof (via std. structured errhandler refactored override reset on abend)

Hand? CNN = BANNED from the Whitehouse lol!

See my subject: LMAO - isn't "arseholetechnica" OWNED by CNN? Yes - PWNED & BANNED by President Trump too, lmao...

* :)

(Hahahahahahahaha)

How many times will you nutjob weasel's impersonate me trying YOUR "fake news" too I wonder? It's you hence being BANNED (hahahaha) from the whitehouse boys!

APK

P.S.=> No balls, demons like YOU have to hide from the sunlight or you wither - hence your UNIDENTIFIABLE anonymous post you WORM that's ashamed of his own name (dying a 1,000 arstechnica deaths of the "ne'er-do-well" cowards you ALL are there & you KNOW it)... apk

Re:Hand? CNN = BANNED from the Whitehouse lol!

You modded yourself back up with a sockpuppet account. Isn't that precious.

And all that nonsense you posted does not alter in the slightest the fact that you're a sad little troll who's had nothing better to do for the last 20 years than to spam the same piece of crud-ware over and over again, and getting kicked off Web boards over and over again. I can't begin to imagine what horrible things you must have done in your previous life to be condemned to such an awful, meaningless existence in this one.

If I had nothing better than that to do with my life, I'd have killed myself 19 years, 364 days, 23 hours, and 59 minutes ago.

Re:Hand? CNN = BANNED from the Whitehouse lol!

Did President Trump's boot leave a mark on your CNN arseholetechnica ass as he banned you? https://www.google.com/search?hl=en&source=hp&biw=&bih=&q=%22CNN+Banned%22&btnG=Google+Search&gbv=1/

President Trump slapped your asses down!

CNN fakenews cronies @ arseholetechnica GOT BANNED from the Whitehouse https://www.google.com/search?hl=en&source=hp&biw=&bih=&q=%22CNN+Banned%22&btnG=Google+Search&gbv=1/

* Hohohohohohohoho...

APK

P.S.=> "Oh, the SHAME of it" but then, that's nothing NEW to unidentifiable little WORMS from the "arsehole" now is it? Nope - your ENTIRE "ne'er-do-well" LIVES are a shame (& waste of food, water + oxygen)... apk

Not always malicious

Active defense doesn't have to damage systems.

"B I T C H S L A P !!!!" *snicker* *chortle*

*snicker* *chortle* @ arseholetechnica CNN fakenews PWNED & BANNED by POTUS "BITCHSLAP" https://www.google.com/search?... u got slapped up hard! A slap that echoes across the world too hahahahaha!

Re:"Come w/ me if you wanna live..."

Code's VIRUS-PROOF (every proc/function checks vs. alteration)

Do you mean like those old Commodore 64 anti-piracy mechanisms that got cracked anyway?

crash-proof (via std. structured errhandler refactored override reset on abend)

So crash-proof as in it auto-restarts the application when it crashes?

I've seem certain apps mysteriously crash a few seconds after launch. Such a system would perhaps do an infintite loop - and perhaps doesn't fix the underlying problem.

Also, your hosts file doesn't support wildcards.

What happens if you DDOS somebody

[rsilvergun]

because they've got a network Zombie and they DDOS you back? Also, since when is vigilantism a good idea?

It'd take custom hack work

See my subject: I told raymorris about it - he was impressed in his reply below it https://slashdot.org/comments.pl?sid=10168471&cid=53779911 & being full of myself is better than HIS being FULL OF SHIT & full of my rod up his wannabe ass, lol!

* Now, of course, a "TALKER" like YOU is welcome to do better (but then, you can't - you're ALL talk & I've never seen a program by UNIDENTIFIABLE ANONYMOUS WORM (you)).

So what hosts don't support wildcards!

Hosts do TONS

/.ers speak for it #1/2

I'm going to continue using the Host File Engine. Your software is well written, functional. The Host File Engine performs exactly as promised by mmell

his hosts program is actually pretty good by xenotransplant

I've never tried to belittle (APK's) work, I've flat out said it's good by BronsCon

take a look at the APK hosts file engine by SuperKendall

APK is kinda right. I've tried his hosts file generating software. It works by bmo

I like your host file system by Karmashock

I find your hosts file admirable by vel-ex-tech

his hosts tool is actually useful for those cases in which one does indeed want to locally block stuff outright while consuming minimum system resources by alexgieg

APK is totally right on this count. Adblock Plus on Firefox mobile is a dog on older, or lower end, phones. A hostfile based adblocker makes for a much better experience by chihowa

* Recommended & hosted by Malwarebytes' hpHosts!

APK

P.S.=> More coming... apk

/.ers speak for it #2/2

I support APK's stand on the hosts file by Trax3001BBS

Your premise that hostfiles are a good way to deal with advertising and malvertising is quite valid by JazzLad

No complaints from me, I like APK... Reminds me to use a host file. Also, his stuff is free by aaaaaaargh!

APK's monolithic hosts file is looking pretty good by Culture20

APK... Awesome to see he's still spreading the good word by Molochi

ABP is insufficient as a solid hosts file does everything that APK reminds us about by fast turtle

APK isn't wrong by cfalcon

APK, I know people give you a lot of shit regarding hosts, but please don't ever stop by nasredin

You need APK's hosts file by Teun

APK solution STILL relevant by Thud457

you're right about hosts files by drinkypoo

APK

P.S.=> They're in addition to https://yro.slashdot.org/comments.pl?sid=10320833&cid=53975687/ many more earlier + 1,000's worldwide - there's no arguing w/ success... apk

The ACDC Act?

Wow, we truly are on the highway to hell.

More 'fakenews' banned arsehole? I did not

It bit you in the ass allowing me to EXPOSE who & WHAT you slimebags are BANNED from the WHITEHOUSE https://www.google.com/search?hl=en&source=hp&biw=&bih=&q=%22CNN+Banned%22&btnG=Google+Search&gbv=1/ CNN losers, lol!

See subject: I post ac & sign off unlike YOU cowardly unidentifiable arsworm hiding from sunlight like demons you are - you'd wither & have before vs. myself I am SURE of it, hence your unidentifiable worm posts). You did that to yourself repeatedly I am sure & can blame nobody but yourself for having to be ashamed of WHO & what you are, "ne'er-do-well"!

You project YOUR OWN bogus "modus operandi" in your false accusations scumbag!

APK

P.S.=> It sucks to be you - How can "your kind" LIVE with themselves? apk

/.ers disagree CNN banned by POTUS #1/2

I'm going to continue using the Host File Engine. Your software is well written, functional. The Host File Engine performs exactly as promised by mmell

his hosts program is actually pretty good by xenotransplant

I've never tried to belittle (APK's) work, I've flat out said it's good by BronsCon

take a look at the APK hosts file engine by SuperKendall

APK is kinda right. I've tried his hosts file generating software. It works by bmo

I like your host file system by Karmashock

I find your hosts file admirable by vel-ex-tech

his hosts tool is actually useful for those cases in which one does indeed want to locally block stuff outright while consuming minimum system resources by alexgieg

APK is totally right on this count. Adblock Plus on Firefox mobile is a dog on older, or lower end, phones. A hostfile based adblocker makes for a much better experience by chihowa

* Recommended & hosted by Malwarebytes' hpHosts.

APK

P.S.=> More coming... apk

/.ers disagree CNN banned by POTUS #2/2

I support APK's stand on the hosts file by Trax3001BBS

Your premise that hostfiles are a good way to deal with advertising and malvertising is quite valid by JazzLad

No complaints from me, I like APK... Reminds me to use a host file. Also, his stuff is free by aaaaaaargh!

APK's monolithic hosts file is looking pretty good by Culture20

APK... Awesome to see he's still spreading the good word by Molochi

ABP is insufficient as a solid hosts file does everything that APK reminds us about by fast turtle

APK isn't wrong by cfalcon

APK, I know people give you a lot of shit regarding hosts, but please don't ever stop by nasredin

You need APK's hosts file by Teun

APK solution STILL relevant by Thud457

you're right about hosts files by drinkypoo

APK

P.S.=> In addition to https://yro.slashdot.org/comments.pl?sid=10320833&cid=53976475/ earlier + 1,000's worldwide - there's no arguing w/ MY success & YOUR fail... apk

Why hack those who hack?

To show that hacking is wrong?

That doesn't mean what you think it means

Active defense vs passive defense vs retaliation... three very different concepts

Active defense IS ALREADY LEGAL , it's what you're doing when you monitor logs and adjust firewall rules and apply patches and reimage systems based on activity you see.

Passive defense is blocking port # 25 because thats how email viruses spread and hoping attackers are dumber than you.

Retaliation is and should always remain illegal because it's not defense , it's attack , and as other posters have mentioned it's too easy to abuse.

The governments monopoly on use of force must extend to networks.

LIFT

LIFT FOR PRIDE

always

Always follow the money,who ever ends the game with the money in their grubby little hands is the one you target,in which ever way you fancy,legal or illegal..
If script kiddies etc get the idea that this no longer a very low risk crime/hobby etc,fewer will be willing to take the risk,if,with a few well picked targets it can be made obvious to the people carrying out attacks that w en the best of them can be found and taken care of,then you will end up with a small core of idiots to sort out,most will not think it worth the risk ...

Needed, for Win10 admins

You cannot use or manage Win10 unless you formulate and execute an active defense against all the spyware.