Chrome 59 To Address Punycode Phishing Attack

Google says it will be rolling out a patch to Chrome in v59 to address a decade-old unicode vulnerability called Punycode that allowed attackers to fool people into clicking on compromised links. Engadget adds: Thanks to something called Punycode, phishers are able to register bogus domains that look identical to a real website. Take this proof-of-concept from software engineer Xudong Zheng, where apple.com won't take you to a store selling Macs, iPhones and iPads. The real website is actually https://www.xn--80ak6aa92e [dot] com. The xn-- prefix tells browsers like Chrome that the domain uses ASCII compatible encoding. It allows companies and individuals from countries with non-traditional alphabets to register a domain that contains A-Z characters but renders in their local language. The issue was first reported to Google and Mozilla on January 20th and Google has issued a fix in Chrome 59. It's currently live in the Canary (advance beta release) but the search giant will likely make it available to all Chrome users soon.

First post now visit my new link everyone!

Just click this easy to use link and enter your login credentials -> https://www.xn--1fake33book7.com

Puny?

Got your fucking attention!

We never learn do we?

It allows companies and individuals from countries with non-traditional alphabets to register a domain that contains A-Z characters but renders in their local language.

So once again, trying to be multi-cultural has found some way to bite us in the ass. In fact I cannot find in all of history a multi-cultural society that lasted very long, and they tend to fail the same way - Balkanization and infighting, which is great for the politicians until the whole thing collapses. Let's not do the same thing with browsers please.

Michael Weiner (state name: Michael Savage - do you blame him?) was correct, a country must defend three basic things to remain a country: borders, language, culture. The US somehow feels like it must apologize for even the most feeble effort at border patrols, as though every other country doesn't do the same thing, tries to accommodate every culture until its own gets lost in the noise, and won't even declare English as its official language. This, the land where almost all Internet innovation happened in the first place. Stop apologizing for being a dominant culture - that's what all the others would love to do.

Re:We never learn do we?

The parent comment should be modded up. It may not be "politically correct" from a leftist's perspective, but it is very relevant to this discussion.

For a lot of people, internationalization and localization really is more of a risk than a benefit.

I'm fluent in three languages, so I can appreciate the need for internationalization and localization for those who need it. Nobody is saying internationalization and localization shouldn't be supported. What we're saying is that it should be trivial to disable them when they aren't needed.

For example, I don't know Chinese, and I don't expect to ever learn it. The same goes for Arabic, Korean, Japanese, and the various languages of India that don't use Latin or Latin-like alphabets. I would love to be able to disable these languages in my browser, or at least be given a warning before they're used. Since I don't understand them, there's no legitimate reason for me to ever see content in them, at least not without a warning.

I'd like to take it a step beyond that. I'd like it if my browser could automatically block all content hosted at TLDs or IP addresses associated with third-world ("developing", for the politically correct crowd) nations. After decades of Internet use, I have never had any reason to view content hosted in China, or India, or any African nation. And if I ever did have a legitimate reason to access content from such areas, I would prefer to opt in to viewing it.

Disabling text and content from these third-world places wouldn't just make my browsing experience more enjoyable, it would also make it safer. I'd lose out on very little by disabling internationalization and localization, and I'd actually gain a whole lot.

Re:We never learn do we?

[Pascoea]

tries to accommodate every culture until its own gets lost in the noise

Which culture is it that's getting "lost in the noise"? The one we brought from Europe? The Native one we stepped on in the process? The African one we kidnapped to pick our cotton? The Chinese one that came to build our railroads? Or one of the hundreds of other cultures that have been coming in to our country since its inception?

We are a nation of immigrants. Unless you are full blood Native you don't have to go back more than a handful of generations to find a foreign parent.

The US somehow feels like it must apologize for even the most feeble effort at border patrols

This one I agree with you on. All of the "I'm moving to Canada" people would be in for a hell of a shock when they got the border and were promptly (but probably politely) told to piss off.

Re:We never learn do we?

[known_coward_69]

Rome lasted for 1500 years or more

Re: We never learn do we?

Are you trying to use Rome as a counterexample? If so, it's one of the worst you could have chosen. Rome wasn't multicultural. It was the opposite: conquered cultures were usually Romanized within a single generation. That's why Romance languages are still spoken across much of southern Europe even today, from Portugal to Romania. Rome was one unified culture, as much as was possible for such a large state. Roman culture didn't accommodate foreign cultures; foreign cultures changed to become Roman.

Re: We never learn do we?

What? If an American shows up at the Canadian border with a passport and clean record, they're getting in without hassle.
Unless the border agent asks, "are you moving here?" Same if I wanted to drive over to the US right now.

Re:We never learn do we?

tries to accommodate every culture until its own gets lost in the noise

Which culture is it that's getting "lost in the noise"? The one we brought from Europe? The Native one we stepped on in the process? The African one we kidnapped to pick our cotton? The Chinese one that came to build our railroads?
  Or one of the hundreds of other cultures that have been coming in to our country since its inception?

We are a nation of immigrants. Unless you are full blood Native you don't have to go back more than a handful of generations to find a foreign parent.

The US somehow feels like it must apologize for even the most feeble effort at border patrols

This one I agree with you on. All of the "I'm moving to Canada" people would be in for a hell of a shock when they got the border and were promptly (but probably politely) told to piss off.

The "Native" Americans migrated here as well, in several waves. They juts did it 10-20 thousand years before it was cool.

Re:We never learn do we?

[EmeraldBot]

The parent comment should be modded up. It may not be "politically correct" from a leftist's perspective, but it is very relevant to this discussion.

Damn, it's completely obvious what a racist tirade against multicuturalism has to do with a zero day involving a Unicode exploit. The next time a cow shits, is that going to be taken as an example of the failings of multiculturalism?

I'm fluent in three languages, so I can appreciate the need for internationalization and localization for those who need it. Nobody is saying internationalization and localization shouldn't be supported. What we're saying is that it should be trivial to disable them when they aren't needed.

No, your parent CLEARLY states, and I quote, "Let's not do the same thing with browsers please.", in an implied response to supporting multiple languages. So not only is your position ridiculous for someone who supposedly knows three languages, a violation of your parent's claims, you didn't even bother to read his fucking message.

For example, I don't know Chinese, and I don't expect to ever learn it. The same goes for Arabic, Korean, Japanese, and the various languages of India that don't use Latin or Latin-like alphabets. I would love to be able to disable these languages in my browser, or at least be given a warning before they're used. Since I don't understand them, there's no legitimate reason for me to ever see content in them, at least not without a warning.

For what benefit? Why should the browser designers add in a layer to check for foreign localization, and store a setting, when the only possible impact is you seeing characters you don't understand? The end result is the same anyway - you'll get an effectively useless webpage. Do you not want to see Chinese characters because they'll steal your job and take your kids or what??? You're proposing a solution that just adds work for everyone else all so you don't have to see scary foreign characters, and it wouldn't even work at all for languages like French or German that use the same character set.

I'd like to take it a step beyond that. I'd like it if my browser could automatically block all content hosted at TLDs or IP addresses associated with third-world ("developing", for the politically correct crowd) nations. After decades of Internet use, I have never had any reason to view content hosted in China, or India, or any African nation. And if I ever did have a legitimate reason to access content from such areas, I would prefer to opt in to viewing it.

Alright. We are going to maintain an international IP address, which apparently we are supposed to update on our own time, to isolate you from the non-specified dangers of China, which means you will no longer be able to use any Amazon or Google instance located their. Oh, and I expect you think this should all be done by somebody else too. You are one of the most childishly self-centered assholes on this page, and a racist one at that (and yes, not wanting to see an African webpage because they're black is racist, and you are on the same level as a white southerner in the 1800's, citing the very same intelligent points - which is to say, none at all).

Disabling text and content from these third-world places wouldn't just make my browsing experience more enjoyable, it would also make it safer. I'd lose out on very little by disabling internationalization and localization, and I'd actually gain a whole lot.

You would gain absolutely nothing. We as a community, however, would gain tremendously, because now we can simply post a Chinese character and we will never again have to worry about you wandering in here.

Re:We never learn do we?

zero day involving a Unicode exploit.

Zero day? Hardly! The concept of a homograph attack against internationalized domain names was identified way back in 2001, but should have been incredibly obvious to anyone working on IDN development from the very beginning in the 1990s. The trouble was that there was an immense push to implement *something* to make it so that people could type in web addresses in their own languages, and considerations on how homographs could screw things up for unsuspecting users--including the non-Latin-character users the plans wanted to assist--was just not on their radar.

The people doing the intense early work on IDN were mostly not in North America: the biggest centers were Singapore and Switzerland. They were entirely too blind to the mischief that homographs could pose. They absolutely should have worked on mitigation strategies against the inevitable fraud and deception that IDN homographs would pose before putting it out for all the world to use.

The implementation vehicle for IDN, Punycode, is not the culprit that TFA seems to paint it to be. Punycode is nothing but an encoding that allows the representation of Unicode codepoints in a representation that is still straight-up ASCII to retain compatibility with the Domain Name System. What was the problem, though, was pushing it all out as an internet standard before a solid mitigation strategy could be put into place. There should have been a well-known and pretty well universal way to signal to unsuspecting users that a domain name might contain characters from multiple Unicode blocks with the potential for deceiving users.

All of this should come off as a lesson to people who want to implement things in entirely too much haste. Alas, ICANN is a loose cannon.

Re: We never learn do we?

Avtually Romans incorporated culture from occupied territories. It's for example why they had so many different gods and religions.

Re:We never learn do we?

Your points would be valid if you even pretend to acknowledge why he desires those behaviors....

There is no way to prove what we observe and it's starting to really piss people off.

What if perhaps some of this has some truth to it? What if it's obvious to us that only websites from China/Russia/Iran/Africa are attacking us more than helping us? I don't find myself reading any of their content, finding zero benefit from it, yet I have to PRETEND that it's beneficial to not blacklist those into oblivion?

Sites I've read in Chinese: 0
Chinese sites that have served malware to me: hundreds of thousands.

I totally get the idea that stereotyping is wrong but that's at the first stages of getting to know someone. But if after awhile the REAL perception ends up looking like a stereotype it's now impossible to hold that belief.

We need a way to resolve the ambiguity of the decision... "No sir I am not stereotyping you, I have now known you for many years and have observed enough of your bullshit that it's no longer a stereotype, but reality".

How do I say that? How do I say that I've given you many chances and been kind to you for many years only to finally realize you ARE all the stereotypes I heard about? In the most respectful and politically correct way.

Ooh, I get to complain about the Slashdot post qua

[Kiwikwi]

Horrible summary... Punycode is an encoding, not a vulnerability. The vulnerability is a variant of the well-known homograph attack.

The original source explains it better: https://www.xudongz.com/blog/2...

So what's the fix?

The article mentions an upcoming patch twice, but is silent on what it does.

Re:So what's the fix?

[unrtst]

The article mentions an upcoming patch twice, but is silent on what it does.

Apparently, though not listed explicitly, they will display the unicode version (Ex: www.xn--80ak6aa92e.com instead of www..com) for these edge cases - though I'm not sure how they're detecting them.

IMO, it's all stupid mistakes and fixes because it's only an issue because they're trying to make it so "easy to use" and transparent for the dumbest of folks, while making it more and more complex to actually find the real info. For example, you used to be able to click the padlock icon next to the URL if it was an SSL domain, and that'd pop up security and cert info on Chrome. Now, you can't do that... you have to go into developer tools, then expand the tabs (security tab is often outside the window, because they moved the developer console to split the screen vertically instead of horizontally) to find security tab, then get the cert info there.

All domains should have a very very easy way to see both versions (the unicode/punycode version, and the localized version). Some options:
* right click on the domain, include both in that menu
* mouse over the domain, show alt version in the status bar (bring back the status bar!)
* mouse over the domain, include alt version in mousever text
* include both on the location bar (one in parenthesis). Eg. [lock icon] Secure | [www.xn--80ak6aa92e.com] https://www./.com/
* ... or vice-versa: Eg. [lock icon] Secure | [www..com] https://www.xn--80ak6aa92e.com...
* add a little colored (red?) icon next to the name if punycode is in use. Mouseover on it would display info saying what that did. Clicking it would remove/add the decoding. IE: display the decoded localized characters by default; click the red dot to display the punycode; click again to go back to localized; set a preference from the right click menu on the red dot.

This isn't something that can be definitively solved programmaticly. It's still a case of tricking users. Just give the users the info they need so they can make a fair decision. The real DNS name is the fully encoded one (ex. xn--80ak6aa92e.com), not the one decoded from that, so please make that readily available to the user. IMO, displaying the localized text should be an added feature, not the primary display.

Re:So what's the fix?

[unrtst]

:-( I should have previewed that comment.
The two examples I provided should have been:

* include both on the location bar (one in parenthesis). Eg. [lock icon] Secure | [www.xn--80ak6aa92e.com] https://www.apple.com/
* ... or vice-versa: Eg. [lock icon] Secure | [www.apple.com] https://www.xn--80ak6aa92e.com/

NOTE: in the above, the word "apple" would be the phishing version with the "l" replaced by a unicode character, or the "a" replaced by the greek "a", but slashdot doesn't like unicode, so I just entered the ascii versions. IE. use your imagination :-)

it's a long time known problem

Note this problem was widely predicted at the time that non-ASCII characters were first allowed in domain names.

Not to say they should not be, just that people thought of it at the time of the change, so it is not anything new or unexpected.

Firefox config switch

[Jason69]

In Firefox / about:config set: network.IDN_show_punycode;true

Re:Firefox config switch

Does Chrome have a similar setting? I want to always show punycode domains in their original ascii form, and never in the unicode that they were intended to be shown in. As an english-only speaker, it's highly unlikely that such a domain would ever be anything but phishing for me.

Re:Firefox config switch

[antdude]

Yes, but will Firefox change/fix this soon?

Re:Firefox config switch

[Jason69]

Chrome's fix is available in version 59 which is in Canary currently.

Re:Firefox config switch

[Jason69]

That is Firefox's fix. You can set it to display punycode if you choose.

Re:Firefox config switch

[antdude]

That's dumb/stupid and won't help for those who don't know about this. Mozilla should just enable it by default with a patch or something.

Re:Firefox config switch

And then people will freak out when their url suddenly looks like xn--tacqweci.com because it had an ä?

Blacklisted

Appears the PoC dns name has been blacklisted? Maybe lawyers sent some nasty notice?

NX domain and the SSL cert was showing as valid but now does not.

Of course registering any of the other domains would work too.

Re:Ooh, I get to complain about the Slashdot post

[speranta]

Of course it's horrible. Engadget just recycles news from other more technical sites. There is also a factual error. The issue will be addressed in Chrome 58. It was already addressed in Chrome Canary 59.

you should also complain about Slashdot subject le

Joke in subject, this is just filler.

multiple languages vs local language

[MSG]

The original post notes that "In Chrome and Firefox, the Unicode form will be hidden if a domain label contains characters from multiple different languages."

It seems to me that a better solution would be to simply display the unicode version only if it contains only characters in the language that the browser is running in (such as the LANG setting on POSIX systems)... especially if the purpose of punycode is to allow domains that "render in their local language."

Admittedly, that fails to protect Cyrillic systems from the domain used as an example, but it does limit the scope of the problem.

Re:multiple languages vs local language

Or don't display any unicode for the global .com, .net, .org TLDs, and force local language domains to sit on local TLDs or new TLDs.

Re:multiple languages vs local language

[wbr1]

How about displaying both ie:

https://xn--pple-43d.comhttps/...

Re:multiple languages vs local language

[Vadim+Makarov]

If this is a real security issue, displaying both domains sounds like a non-elegant but working solution. The punicode domain should be displayed where the domain name usually is, and decoded version in the right half of the address bar. Ditto for mouse holdover pop-ups.

IE's approach seems to be to silently block these URLs from opening, which is also bad.

countries with non-traditional alphabets

[remi2402]

countries with non-traditional alphabets

Say what now? Non-traditional? How about simply "languages with non-latin scripts"! And even that description isn't completely accurate as there are plenty of languages written using variants of latin scripts that could benefit from punycode (Spanish, French, German, Scandinavian languages, quite a few Slavic languages, Vietnamese, and I'm probably forgetting a lot).

I usually don't care about this sort of things but this time I'll bite: there are about 6.5+ billion people on this planet that use "non-traditional alphabets". It's about time whoever wrote the FA at Engadget learns a little bit about the rest of the world.

Re:countries with non-traditional alphabets

[wonkey_monkey]

They should've just said un-American.

Re:countries with non-traditional alphabets

This is an article about URL encoding. Anything but ASCII is very much non-traditional in this context.

Re:countries with non-traditional alphabets

Say what now? Non-traditional?

What it meant to say was "non-traditional in the context of the internet". The internet started out as an ASCII7 medium (not even ASCII8!). Then other encodings came along, but until very recently you couldn't use things like unicode in domain names at all.

So in the context being discussed - domain names - anything beyond UTF8 is "non traditional".

Re:countries with non-traditional alphabets

[arth1]

URLs don't allow for ASCII. Try using a BEL character.
It is even inconsistent within the URL itself, with the domain names being case insensitive and having their own restrictions that aren't mirrored in the rest of the URL.

Re:countries with non-traditional alphabets

[Espectr0]

While you are right, i believe the sentiment of the statement is to point out that almost all websites use a restricted ASCII alphabet. And i say this as a spanish speaker.

Re:countries with non-traditional alphabets

[radarskiy]

Any alphabet I don't agree with is a Nazi alphabet.

Re:countries with non-traditional alphabets

almost all websites use a restricted ASCII alphabet

Because until the invention of Punycode, it was IMPOSSIBLE to use anything else (and because of fucking legacy systems, it still is economically hurting to use non-ASCII domains).

Re:countries with non-traditional alphabets

[thegarbz]

almost all websites use a restricted ASCII alphabet

Almost all english websites maybe. There's a huge frigging world out there in unicode if you dared to look. It just doesn't show up neatly in a Google search result resulting in observer bias.

59??? my chrome is 57

[goombah99]

My mac tells me it's running version 57.___ and it is up to date. So how long do I have to wait for 59?

For extra security

Maybe they could also prevent that site from saying that it's secure. Cause if you allow browsers to accept any HTTPS under the pretense that the content is secure, you'll exactly get this situation.

It should only display "secure" if you see something similar to the higher end security certificates, which are meant to actually verify the company exists and isn't trying to impersonate.

Re:Ooh, I get to complain about the Slashdot post

xudongz.com
You expect me to click on that?

TEN YEARS

[Khyber]

An easy phishing exploit, left untouched for ten years.

Does Google not bother hiring black hats to check for this kind of stuff? It's obvious their white-hats have no BOFH credentials.

Hosts files stop phishing attacks

See subject: Even "punycode" ones via hpHosts & APK Hosts File Engine 9.0++ SR-7 32/64-bit https://www.google.com/search?hl=en&source=hp&biw=&bih=&q=%22APK+Hosts+File+Engine%22+and+%22start64%22&btnG=Google+Search&gbv=1/

Ads/script & malware rob speed/security/privacy

Hosts add speed (via hardcodes/adblocks), security (vs. bad sites/malware/poisoned dns), reliability (vs. dns down), & anonymity (vs. dns requestlogs/trackers).

Less power/cpu/ram + IO use vs. DNS/routers/addons/antivirus + less security bugs/complexity & faster vs. addons/routers/remote dns!

Avoids DNSChangers in routers/IP settings & dns redirects (99.999% of ISP DNS != patched vs. it) + lightens DNS load & resolves faster from local system RAM!

* Via what u NATIVELY have in the IP stack in FASTER kernelmode!

APK

P.S. - Safe https://www.virustotal.com/en/file/e01211ca36aa02e923f20adee0a3c4f5d5187dc65bdf1c997b3da3c2b0745425/analysis/1433430542/

Re:Hosts files stop phishing attacks

This is a crap solution, between computers and phones there are 9 devices in my home, I'm not going to babysit a hosts file on them all. I don't think my wife's iPhone lets you touch the host file at all. Way easier to run a Pihole and set it as the DNS server on everything.

Re:Hosts files stop phishing attacks

APK Hosts File Engine 9.0++ SR-7 32/64-bit

Or as it's now known, "ETERNALBLUE"

Re:Hosts files stop phishing attacks

Is there a reason you don't have your own website for this, or at least put it on GitHub, instead of incessantly spamming links through Google? Everything about you and your program screams "SHADY" at high volume.

Malwarebytes' hpHosts phish data

See subject: Specifically vs. phish = this file there https://hosts-file.net/psh.txt/ where Malwarebytes' hpHosts hosts & recommends my APK Hosts File Engine 9.0++ SR-7 32/64-bit https://www.google.com/search?hl=en&source=hp&biw=&bih=&q=%22APK+Hosts+File+Engine%22+and+%22start64%22&btnG=Google+Search&gbv=1/ program vs. host-domain based attacks (by FAR the majority of 'em vs. IP address based ones).

APK

P.S.=> Malwarebytes' hpHosts website (classifies each type of attack into separate databases OR the bulk entirety of them in 1 file) http://hosts-file.net/?s=Download/ ... apk

Proof of punycode phish detections

Search xn--p1ai w/in https://hosts-file.net/psh.txt & you see Malwarebytes' hpHosts covers punycode as I stated...

APK

P.S.=> Hosts files - accept NO substitute for endpoint protection vs. modern threats & for the BEST custom hosts file accept no substitute vs. APK Hosts File Engine 9.0++ SR-7 32/64-bit https://www.google.com/search?hl=en&source=hp&biw=&bih=&q=%22APK+Hosts+File+Engine%22+and+%22start64%22&btnG=Google+Search&gbv=1/ ... apk

is punycode readable?

so, people expecting a non-latin-script domain name will then see punycode. I rather doubt that many people can translate punycode in their head, and many will not detect minor variations in the punycode from what they expect. Punycode was never intended to be shown to humans. Fixing it to always display punycode will give us a new (different) set of problems.

VERY readable w/ proof... apk

See subject & this example of phishing using it (protected vs. it too in that data) https://tech.slashdot.org/comm...

* It's 'compensation' vs. using UNICODE (doubles the size of files via its double-byte character set: e.g. - IF a hosts file, or any other text file in std. ASCII, were to use UNICODE? It would literally be DOUBLE++ it's size in ASCII) & unicode new gTLD's using say, Cyrillic, Hebrew & Arabic scripts for example.

Older programs aren't prepared for UNICODE (mine is on intake) so this is how the "powers that be" compensated for that.

APK

P.S.=> I've been protecting vs. punycode threats of ALL kinds (not just phishing) for YEARS via APK Hosts File Engine 9.0++ SR-7 32/64-bit https://www.google.com/search?hl=en&source=hp&biw=&bih=&q=%22APK+Hosts+File+Engine%22+and+%22start64%22&btnG=Google+Search&gbv=1/ which is hosted & recommended by Malwarebytes' hpHosts @ the very site that data comes from... apk

Actually Chrome 58

[campuscodi]

It will get a fix in Chrome 59, not 59. There's already a fix in Chrome Canary 59. But the stable branch will get it by the end of the month.

It's a working ez solution 4 endpoints

Move dumbphones off faulty routers (loaded w/ bugs shown below partially only by 100's) they're unprotected: Hosts stop it on endpoints in good layered security/defense in depth security pros agree w/ me on https://tech.slashdot.org/comm... & router perimeter only single point of exploit fail are loaded w/ security bugs galore https://it.slashdot.org/commen... & NOT good layered security/defense in depth alone.

DNS = another SINGLE point of fail loaded w/ security & inefficiency issues too (partial again only, there are FAR more) https://news.slashdot.org/comm...

APK

P.S.=> Securing 'smartphones' (dumbphones full of exploits really) is easy for rooted droids via ADB pull command & SSH for Apple iPhones (their devs have godmode ones & do exactly that - I know - my relative builds ALL Apple OS there for them controlling that dept.)... apk

Does right by /.ers using it (quoted)... apk

I'm going to continue using the Host File Engine. Your software is well written, functional. The Host File Engine performs exactly as promised by mmell

his hosts program is actually pretty good by xenotransplant

his hosts tool is actually useful for those cases in which one does indeed want to locally block stuff outright while consuming minimum system resources by alexgieg

I've never tried to belittle (APK's) work, I've flat out said it's good by BronsCon

take a look at the APK hosts file engine by SuperKendall

APK is kinda right. I've tried his hosts file generating software. It works by bmo

I like your host file system by Karmashock

I find your hosts file admirable by vel-ex-tech

* My code's liked + recommended & hosted by Malwarebytes' hpHosts!

APK

P.S.=> See subject: They're far from all I have quoted here on /. & 1,000's worldwide... apk

The problem with .com really

[cardiology]

IMHO it's the problem with .com domain policy – no top level domain should allow the use of different scripts/alphabets. Countries using cyrillic don't allow using cyrillic IDN domains under .ru and .bg for example, there are . and . for that. In the same way .com should allow ASCII only. Yes, there is theoretically homographs problem with top level domains as well, but it is realistically controllable.

Goole Chrome EFast "opensores" = why not

See subject: Google made a huge mistake in "OpenSORES" via Chrome EFast (a doppleganger malware from Chrome code) & THAT is largely why I don't opensource my ware (I won't have that on MY conscience but JOOGLE does).

* Why should I have my own site when Malwarebytes' hpHosts (highly esteemed) HOSTS + RECOMMENDS my ware (& Mr. Burn is a highly competent webmaster)? No need for it.

APK

P.S.=> Plus, I am a FIRM believer that coders should do their OWN code/work, otherwise, they're plagiarists & aren't 'sharpening their own sword' copying others work (stealing it imo)... apk

Re:59??? my chrome is 57

[tobiasly]

My mac tells me it's running version 57.___ and it is up to date. So how long do I have to wait for 59?

Probably about 3 months. Beta is the next version, Dev is weekly build, Canary is nightly build. Stable releases are every 6 weeks.

https://www.chromium.org/getti...

Has NOTHING to do w/ port 445 stupid

See subject: My prog has NOTHING to do w/ port 445 or SMB1/2/3 exploit by the NSA ala https://isc.sans.edu/forums/di... dumbass!

APK

P.S.=> You UNIDENTIFIABLE anonymous trolls are REAL pieces of work (pieces of lying shit's more like it) - no class & NO shame... apk

Hosts files stop punycode phish attack

Seek xn--p1ai in https://hosts-file.net/psh.txt & see Malwarebytes stop punycode phish w/ APK Hosts File Engine 9.0++ SR-7 32/64-bit https://www.google.com/search?hl=en&source=hp&biw=&bih=&q=%22APK+Hosts+File+Engine%22+and+%22start64%22&btnG=Google+Search&gbv=1/

Ads/script/malware rob speed/security/privacy

Hosts add speed (by hardcodes/adblocks), security (vs. bad sites/malware/poisoned dns), reliability (vs. dns down), & anonymity (vs. dns requestlogs/trackers).

Less power/cpu/ram + IO vs. DNS/routers/addons/antivirus + less security bugs/complexity & faster vs. addons/routers/remote dns!

Avoids DNSChangers in routers/IP settings & dns redirects (99.999% ISP DNS != patched vs. it) + lightens DNS load & resolve faster from local system RAM!

* Via what u NATIVELY have in the IP stack in FASTER kernelmode!

APK

P.S. - Safe https://www.virustotal.com/en/file/e01211ca36aa02e923f20adee0a3c4f5d5187dc65bdf1c997b3da3c2b0745425/analysis/1433430542/

It's a working ez solution 4 endpoints

Move dumbphones off faulty routers (loaded w/ bugs shown below partially only by 100's) they're unprotected: Hosts stop it on endpoints in good layered security/defense in depth security pros agree w/ me on https://tech.slashdot.org/comm... & router perimeter only single point of exploit fail are loaded w/ security bugs galore https://it.slashdot.org/commen... & NOT good layered security/defense in depth alone.

DNS = another SINGLE point of fail loaded w/ security & inefficiency issues too (partial again only, there are FAR more) https://news.slashdot.org/comm...

* NOTICE YOU HAD TO "DOWNMOD HIDE" THIS LAST TIME I POSTED IT UNIDENTIFIABLE BULLSHITTER TROLL lol https://tech.slashdot.org/comm... hahaha!

APK

P.S.=> Securing 'smartphones' (dumbphones full of exploits) = ez 4 rooted droids/iphones via ADB pull command & SSH respectively... apk

Wrong: No NSA malware & /.ers like + use it

I'm going to continue using the Host File Engine. Your software is well written, functional. The Host File Engine performs exactly as promised by mmell

his hosts program is actually pretty good by xenotransplant

his hosts tool is actually useful for those cases in which one does indeed want to locally block stuff outright while consuming minimum system resources by alexgieg

I've never tried to belittle (APK's) work, I've flat out said it's good by BronsCon

take a look at the APK hosts file engine by SuperKendall

APK is kinda right. I've tried his hosts file generating software. It works by bmo

I like your host file system by Karmashock

I find your hosts file admirable by vel-ex-tech

* My code's liked + recommended & hosted by Malwarebytes' hpHosts!

APK

P.S.=> See subject: It's no SMB1/2/3 (nothing to do w/ those) NSA malware either ala https://isc.sans.edu/forums/di...

Goole Chrome EFast "opensores" = why not

See subject: Google made a huge mistake in "OpenSORES" via Chrome EFast (a doppleganger malware from Chrome code) & THAT is largely why I don't opensource my ware (I won't have that on MY conscience but JOOGLE does).

* Why should I have my own site when Malwarebytes' hpHosts (highly esteemed) HOSTS + RECOMMENDS my ware (& Mr. Burn is a highly competent webmaster)? No need for it!

APK

P.S.=> Plus, I am a FIRM believer that coders should do their OWN code/work, otherwise, they're plagiarists & aren't 'sharpening their own sword' copying others work (stealing it imo)... apk

Capt. Brin "CENSOR BEAMS @ MAXIMUM!!!"

Joogle hides truth above here & @ InfoWars cutting off ad gold https://www.youtube.com/watch?... but JOOGLE allows violent jihadist videos to get ad GOLD + JOOgle infects users w/ their ads https://blog.malwarebytes.org/...

Capt. Brin "CENSOR BEAMS @ MAXIMUM!!!"

Joogle hides truth above here & @ InfoWars cutting off ad gold https://www.youtube.com/watch?... but JOOGLE allows violent jihadist videos to get ad GOLD + JOOgle infects users w/ their ads https://blog.malwarebytes.org/... + their execs like heroin https://www.google.com/?gws_rd...

Capt. Brin "CENSOR BEAMS @ MAXIMUM!!!"

Joogle hides truth above here & @ InfoWars cutting off ad gold https://www.youtube.com/watch?... but JOOGLE allows violent jihadist videos to get ad GOLD + JOOgle infects users w/ their ads https://blog.malwarebytes.org/... + their execs like heroin https://www.google.com/?gws_rd...

You're a little late (patched a month ago)

In March, Microsoft patched the SMB Server vulnerability (MS17-010) exploited by ETERNALBLUE - http://www.theregister.co.uk/2017/04/21/windows_hacked_nsa_shadow_brokers/ showing how dumb UNIDENTIFIABLE LIAR "ne'er-do-wells" like you truly are...

APK

P.S.=> Unbelievable incompetence as always on your part - you can't even get your LIBEL right... apk

PoC and Mail clients

Outlook Mail Client and Gmail is vulnerable as well. Our PoC and article: https://ciberseguridad.lamula.pe/2017/04/22/ataque-de-phishing-imperceptible-con-unicode-tambien-afecta-clientes-de-correo-electronico/delphins/