Browser Extensions Are Undermining Privacy

pizzutz writes: Chrome's popular Web Developer plugin was briefly hijacked on Wednesday when an attacker gained control of the author's Google account and released a new version (0.49) which injected ads into web pages of more than a million users who downloaded the update. The version was quickly replaced with an uncompromised version (0.5) and all users are urged to update immediately.
Lauren Weinstein has a broader warning: While the browser firms work extensively to build top-notch security and privacy controls into the browsers themselves, the unfortunate fact is that these can be undermined by add-ons, some of which are downright crooked, many more of which are sloppily written and poorly maintained. Ironically, some of these add-on extensions and apps claim to be providing more security, while actually undermining the intrinsic security of the browsers themselves. Others (and this is an extremely common scenario) claim to be providing additional search or shopping functionalities, while actually only existing to silently collect and sell user browsing activity data of all sorts.
Lauren also warns about sites that "push users very hard to install these privacy-invasive, data sucking extensions" -- and believes requests for permissions aren't a sufficient safeguard for most users. "Expecting them to really understand what these permissions mean is ludicrous. We're the software engineers and computer scientists -- most users aren't either of these. They have busy lives -- they expect our stuff to just work, and not to screw them over."

Anti-extension Narrative Ramping Up?

[Kunedog]

While the browser firms work extensively to build top-notch security and privacy controls into the browsers themselves, the unfortunate fact is that these can be undermined by add-ons

Not false, but it's also true that ad-blocking (ublock) and script-blocking (flashblock, noscript) extension have done more for user privacy and security than most any other software, sometimes by working against the aims of the browser makers. I fear this story may be part of an anti-extension (and anti-user-control in general) narrative.

Re: Anti-extension Narrative Ramping Up?

Yup. Google wants browser users to have "privacy", so long as Google can still snoop everything they do.

Re: Anti-extension Narrative Ramping Up?

[Antique+Geekmeister]

This is _exactly_ right. The data is much more valuable to any one vendor of they have it and their competitors do not, especially if it can be used for monopoly control or even fraud.

Re:Anti-extension Narrative Ramping Up?

It's worth noting that extensions _can_ undermine your privacy though. I'm not anti-extension at all, but I seem to recall NoScript phoning back to some homesite (informaction.com) periodically. Like once an hour or something weird. That might not be the case anymore, but still, I definately do NOT expect privacy/security related plugins to do fishy crap like "beaconing".

Re: Anti-extension Narrative Ramping Up?

Yup. Google wants browser users to have "privacy", so long as Google can still snoop everything they do.

But that would be evil. Didn't they promise not to be evil?

Re: Anti-extension Narrative Ramping Up?

But that would be evil*. Didn't they promise not to be evil?

* Our definition of evil can change at any time, without having to notify our users.

Re:Anti-extension Narrative Ramping Up?

[MrMr]

You almost remember correctly. Do you happen to work for an advertising company? https://addons.mozilla.org/en-...

Re:Anti-extension Narrative Ramping Up?

[mapkinase]

Not false, but it's also true that ad-blocking (ublock) and script-blocking (flashblock, noscript) extension have done more for user privacy and security than most any other software, sometimes by working against the aims of the browser makers

Correcto mundo. I would claim that ad-blocking extensions of internet browsers are even more significant inventions than the internet itself. The impact of these two humble guys ADP and NS on my life is more than internet itself.

They completely eliminated advertisement from my life at home.

My home is ad free. It is hard to overemphasize how important this is.

Re:Anti-extension Narrative Ramping Up?

Lol, are you one of the informaction clowns? Cause your extension did do exactly that, and it collected browser info as well. Even worse there was no way to disable it, which is a real scumbag thing to do.

Request Policy did no such thing. It's a much better tool for stopping data exfil, malware and ads, while denying both the advertisers and low-key spyware extension authors of their undeserved revenue.

Re:Anti-extension Narrative Ramping Up?

[geekmux]

While the browser firms work extensively to build top-notch security and privacy controls into the browsers themselves, the unfortunate fact is that these can be undermined by add-ons

Not false, but it's also true that ad-blocking (ublock) and script-blocking (flashblock, noscript) extension have done more for user privacy and security than most any other software, sometimes by working against the aims of the browser makers. I fear this story may be part of an anti-extension (and anti-user-control in general) narrative.

Imagine if an aftermarket vendor offered a vehicle modification that disabled the air bags without telling the driver, which ultimately resulted in killing people. You would tend to want to not only go after the aftermarket vendor, but you would probably also question the automobile manufacturer, and their security mechanism that was undermined.

Quite often with shitty extensions or shitty apps, consumers are unaware that safety and security has been compromised. The narrative is not anti-user-control, it's anti-user-manipulation.

And if you're worried about the automobile manufacturer making an unsafe product from the factory, then you find a different car to drive.

Re:Anti-extension Narrative Ramping Up?

You just don't remember correctly at all. Here's the developer discussing it with other people it made uncomfortable: https://forums.informaction.com/viewtopic.php?f=7&t=4743

I think NoScript is great, but I also think that kind of background network behavior is a very poor design feature in a privacy/security product.

Re:Anti-extension Narrative Ramping Up?

I use Pale Moon because it allows me to disable automatic updates for both the browser and extensions. I will never use any Chrome based browser because while you might be able to disable automatic browser updates in something like Vivaldi, you still cannot disable automatic extension updates.

Automatic updates are an idiotic idea because if something goes wrong, you'll have a very difficult time pinning it down. If I do updates manually and something goes wrong, then I'll know EXACTLY what caused it.

Re:Anti-extension Narrative Ramping Up?

[Baloo+Uriza]

Can it be both? Because it's probably both.

Re: Anti-extension Narrative Ramping Up?

Their unofficial motto used to be "don't be evil", but a motto is not a promise and it has been many years since they dropped it.

"Lauren" is mentally ill.

"While the browser firms work extensively to build top-notch security and privacy controls into the browsers themselves"

Are you kidding? There is no major browser today in existence that isn't FULL of keyloggers and spyware down to the very core. No matter how much I try, I can't stop Firefox from giving that horrible trash server "Google" random hits when I type something wrong. Browsers today are pure shit. It's a huge reason why I stopped making websites -- I no longer want people to even visit any page of mine in the shitware that is today's browsers.

Re: "Lauren" is mentally ill.

It's worth reading Mr Weinstein's blog to get a feel for his thoroughly nomenklaturist political bias: https://lauren.vortex.com/

Note the "Impeach Trump" banner displayed prominently at the top of the page. Also note the first blog entry, a cluckingly self-righteous hatchet job against the recently leaked anti-PC essay by an apostate Googlecuck.

Re: "Lauren" is mentally ill.

[MrMr]

I actually missed that story. The most interesting thing about it appears to be the reaction of Danielle Brown at Google: "...expressing views on the natural abilities and characteristics of different genders, as well as whether one can speak freely of these things at Google. And like many of you, I found that it advanced incorrect assumptions about gender. I’m not going to link to it here as it’s not a viewpoint that I or this company endorses, promotes or encourages...."

Google does not approve of linking to stuff that it doesn't endorse promote or encourage? That made me smile.

Re: "Lauren" is mentally ill.

I don't notice banners at the top. "Banner blindness" is an adblock built into my brain, developed in the early days of net advertising.

Nobody ever had anything of interest in banners, so I don't look there.

Re:"Lauren" is mentally ill.

"While the browser firms work extensively to build top-notch security and privacy controls into the browsers themselves"

Are you kidding? There is no major browser today in existence that isn't FULL of keyloggers and spyware down to the very core. No matter how much I try, I can't stop Firefox from giving that horrible trash server "Google" random hits when I type something wrong. Browsers today are pure shit. It's a huge reason why I stopped making websites -- I no longer want people to even visit any page of mine in the shitware that is today's browsers.

You may have stopped making websites, but you didn't stop making excuses.

Don't like browsers? Make a fucking browser then. Want to get paid for your work? Then fucking charge for your product.

If the roads are shitty, you don't stop driving cars. You fix the fucking road.

Re: "Lauren" is mentally ill.

Dunce.

Shortsighted

If the extension undermines privacy then so does the browser for allowing it to run.

Re:Shortsighted

[Aighearach]

They can't take away open source software that we already have.

If they muck it up, we'll select a fork and be done with it.

Solved, easy.

Re: Shortsighted

And yet systemd persists.

What about the privacy-undermining browser itself?

[Rosco+P.+Coltrane]

Because you know... Google.

I guess they don't like it when lose their data-sucking monopoly.

extensions are all that remains to guard privacy

Ublock Origin, UMatrix, HTTPS Everywhere, Better Priavcy, DecentralEyes... these are the only things that allow even a tiny shred of private browsing given the total clusterfuck that is the modern web.

Hmm, I wonder who would benefit from an anti-extension narrative....

not properly restricted

[Gravis+Zero]

Part of the problem is that extensions are not properly restricted because they can get/send data to/from anywhere regardless of the permissions you give it. What they really need to do is restrict arbitrary URL requests. If the domain name isn't part of the [content of] requested page then it should require explicit permissions to access it.

Re:not properly restricted

If the domain name isn't part of the [content of] requested page then it should require explicit permissions to access it.

You know, there's an extension for that: Request Policy.

Re:not properly restricted

[Gravis+Zero]

That defines which websites the extension will be enabled and which stored data it can access. When it's enabled, there are no restrictions on which sites it can communicate with.

Re:not properly restricted

[Waccoon]

Hey... why bother going through all that trouble when you can just force mandatory code signing to ENSURE things are safe, and then drop support for extensions altogether because the people in charge of the platform always know better?

Re:not properly restricted

[Gravis+Zero]

I'm going to assume that is sarcasm because if it is not, GTFO.

Re:not properly restricted

[preflex]

If the domain name isn't part of the [content of] requested page then it should require explicit permissions to access it.

You know, there's an extension for that: Request Policy.

Or you could use the all-in-one solution uMatrix. It gives the user control over cookies, css, images, media files, scripts, XHR, frames, and other requests, by domain. It allows for conveinent whitelisting, blacklisting, and greylisting of domains as well as resource types. It even comes with lists of known-to-be-hostile domains which are blacklisted by default.

This functionality should be included by in all browsers. It would be included too, if the browser vendors considered the "user-agent" to be an agent of the user, instead of the ad companies.

Cant disable extension update in Chrome

[citizenr]

Chrome forces extension updates from the mothership. No way of disabling it. Even editing out update server address in extension .xml doesnt do it. = its all Googles fault in the end.

Re:Cant disable extension update in Chrome

[The+MAZZTer]

Being able to change the update server would just open the door for malware to infect your machine by issuing updates for all your extensions through their own server. Don't blame Google for a developer who fails to use provided security mechanisms like two factor authentication (at least, I don't see how the author's account could have been compromised so easily if he was using it, and using it properly).

Re:Cant disable extension update in Chrome

[Rockoon]

Stop being a stooge... or are you actually a shill?

The problem is that the user has no defense against whats on the update server. Full stop. It does not matter that you vetted adblock+ because the next time you run the browser it may be a different version throwing your data at the NSA/CIA/DNC

Users Have Busy Lives?

Or in other words don't make me think. Sorry, but very little in life is like that. Knowledge may be expensive, but ignorance is rarely free.

Google could potentially fix this

[The+MAZZTer]

by requiring any extension developer to have 2FA enabled on their Google account, which will make it much harder to compromise accounts. That's really the only thing I see Google doing wrong here, ultimately it's the developer's responsibility to maintain control of the account used to publish updates.

That, and maybe requiring extension updates be signed with the developer's private key. I believe Android's Play Store requires this. Last I checked Chrome Web Store just accepted plain ZIP uploads? The thing is, Chrome has the ability to sign extensions built in. So they could do this today.

But I think the bigger problem is extension devs who sell out their extensions... and their user bases... to individuals who embed malware or ads into it. That's not a technological problem that can be solved that way, unfortunately.

Score one for FF

[WoodstockJeff]

"However, the Firefox version of both the extensions was unaffected."

The difference is that Chrome will automagically update things, while Firefox makes you manually update extensions.

Biggest issue I see is that all of the popular browsers are in an all-out war to include as many extensions in their core code, so that you don't need ones they don't control. This may be "more secure", but, it makes the browsers bloody slow for ALL users, instead of the few who need their browser to keep them connected to 145 different social media sites.

And that means you need a browser extension to shut crap off...

False flag?

Pot .. kettle? I can't be the only one to think this is rather ironic timing given the push from all sides to kill addons.

If they really cared about the implications of this, they would also have pointed out their own applications auto update too. Much to the anger of end users.

Re:What about the privacy-undermining browser itse

[AHuxley]

Thats why Firefox is good.
The ads stop with a nice selection of quality add ons.
The next step is to ensure the add ons are correct in what they offer and do.

Re:Lunacy

[sheramil]

Data is not fact. Who fucking cares.

"Interesting! AC there doesn't seem to be capable of putting together a grammatical sentence. Let's steer some advertisements for grammar books his way. Slant the ads so he feels inadequate with his present, sad command of the language. Couldn't hurt."

Not the only one: Copyfish too

[alanw]

https://a9t9.com/blog/chrome-e...

Re:What about the privacy-undermining browser itse

[ckatko]

Open source always means no privacy violations!

Just ask Canonical!

Har, har

> browser firms work extensively to build top-notch security and privacy controls into the browsers themselves [...]
- A machine to download and execute random code from the Internet?
- Most of the implementations funded by advertising industry [1]?
C'm on. You must be kidding.

On a personal note: If I (half) trust any of the bunch, it'll be Mozilla. But I see a lot of perception bias in them.
One example: remember that "disable Javascript" checkbox? When you argue with folks deeper in that Mozilla bubble, they say "telemetry has shown that this confused users...".
Yah. Your users are as stupid as you make them, I guess.

[1] Google is not only Chrome, but also has been Mozilla's main sponsor. Microsoft in this context is also ad industry. Apple...

Sounds more like a Chrome issue

[TheOuterLinux]

The title is misleading or there are more idiots out there than I thought. "Why do my privacy add-ons not work right?" Maybe it's because Google, a search engine company, made the browser? You know that web browser, Tor...something or other I think it is, that's based off of Chrome? *sarcasm. Me neither. -_- It would be interesting to see a security comparison between Chrome and Chromium for these privacy add-ons. I'm sure there are plenty convinced a derivative = same, but if that were true, then I guess all us Linux users are nut-cases. Don't answer that. Chrome needs to be renamed to Chrime.

Re:Sounds more like a Chrome issue

[Teun]

Same here, when you use Chrome you know you share your browsing habits with Google.
Aside from the memory footprint an important reason to avoid that browser.
I sometimes use Chromiium for some multi media sites that just won't work in FF and assume it has better privacy than Chrome but would love to see an expert's view on this.

Re:Sounds more like a Chrome issue

[TheOuterLinux]

Someone other party would have to do it because the Chromium developers would probably worry about recourse from Google. Also, I'm not so sure if all of Google's Chrome is open source; this makes it harder for security researchers to do their job. Though, I'm sure Google has plenty of their own, not that means anything to a healthy skeptic.

Funny

[johannesg]

Most of the extensions I have installed are there for the express purpose of improving my privacy: privacy badger, sharemenot, ublock, etc.

Never use them myself

Even the Ad Blockers are doing deal to stay alive. Because the users who think they are so great never contribute a dime to the developer. I just wonder how successful extensions would be if users had to pay for each one? Even if the extension was properly vetted for privacy issues? Of course some of them harvest data and some even present a security risk. This is not new.

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re: Prepare for privacy stealing in Firefox 57

?

Sometimes I ask myself whether this alt-right drivel is written by real people or rather by some perverse, reverse-run deep learning network.

Any sufficiently advanced technology is insistinguishable from Pepe the Frog (Sorry, Mr. Clarke).

Re:What about the privacy-undermining browser itse

[allo]

Ask systemd.

What no rust

[jmccue]

You mean they are writing these extensions in rust ???

Inconceivable !! Not only is in impossible to have insecure rust code, it will also bake and put an apple pie on your window sill :)

Re:What no rust

No, not Rust. Firefox extensions are almost always written in Javascript, and Chrome extensions in ECMAScript (virtually the same thing).

Re:Lunacy

That's a horribly uncompromising (0.5) attitude!

Untrue: This does far more for FAR less

See subject: Better in efficiency & abilities vs. browser addons APK Hosts File Engine 9.0++ SR-7 32/64-bit https://www.google.com/search?hl=en&source=hp&biw=&bih=&q=%22APK+Hosts+File+Engine%22+and+%22start64%22&btnG=Google+Search&gbv=1/

Ads/script & malware rob speed/security/privacy

Hosts add speed (via hardcodes/adblocks), security (vs. bad sites/malware/poisoned dns), reliability (vs. dns down), & anonymity (vs. dns requestlogs/trackers).

Less power/cpu/ram + IO use vs. DNS/routers/addons/antivirus + less security bugs/complexity & faster vs. addons/routers/remote dns!

Avoids DNSChangers in routers/IP settings & dns redirects (99.999% of ISP DNS != patched vs. it) + lightens DNS load & resolves faster from local system RAM!

* Via what u NATIVELY have in the FASTER kernelmode IP stack!

APK

P.S. - Safe https://www.virustotal.com/en/file/e01211ca36aa02e923f20adee0a3c4f5d5187dc65bdf1c997b3da3c2b0745425/analysis/1433430542/

False & this does more for less

See subject: Vs. any single browser addon APK Hosts File Engine 9.0++ SR-7 32/64-bit https://www.google.com/search?hl=en&source=hp&biw=&bih=&q=%22APK+Hosts+File+Engine%22+and+%22start64%22&btnG=Google+Search&gbv=1/

Ads/script & malware rob speed/security/privacy

Hosts add speed (via hardcodes/adblocks), security (vs. bad sites/malware/poisoned dns), reliability (vs. dns down), & anonymity (vs. dns requestlogs/trackers).

Less power/cpu/ram + IO use vs. DNS/routers/addons/antivirus + less security bugs/complexity & faster vs. addons/routers/remote dns!

Avoids DNSChangers in routers/IP settings & dns redirects (99.999% of ISP DNS != patched vs. it) + lightens DNS load & resolves faster from local system RAM!

* Via what u NATIVELY have in the FASTER kernelmode IP stack!

APK

P.S. - Safe https://www.virustotal.com/en/file/e01211ca36aa02e923f20adee0a3c4f5d5187dc65bdf1c997b3da3c2b0745425/analysis/1433430542/

Just wait until Firefox 57.

Just wait until Firefox 57. That's when the planned transition to WebExtensions is expected to happen. WebExtensions is basically Firefox's imitation of Chrome's extension model. There could very well be severe breakage of existing Firefox extensions that aren't WebExtensions compatible. This could very well be the point when the last remaining Firefox users discard it. Firefox's extension system is the only thing going for it these days. Once it is gone, and Firefox is essentially a shitty Chrome clone, people won't have any reason to use Firefox. They'll just switch to Chrome. Firefox could very well be below 1% of the browser market by this time next year.

Re:APK Hosts File Engine 9.0++ SR-7 32/64-bit

Will your program block Windows 10's built-in spyware, adware and automatic updates?

This is not an extension issue....

It's an idiot developer team who got phished issue.

Not THIS adblocker (& much more)

See subject: Better in efficiency & abilities vs. browser addons (does far more for far less) APK Hosts File Engine 9.0++ SR-7 32/64-bit https://www.google.com/search?hl=en&source=hp&biw=&bih=&q=%22APK+Hosts+File+Engine%22+and+%22start64%22&btnG=Google+Search&gbv=1/

Ads/script/malware rob speed/security/privacy.

Hosts add speed (via hardcodes/adblocks), security (vs. bad sites/malware/poisoned dns), reliability (vs. dns down), & anonymity (vs. dns requestlogs/trackers).

Less power/cpu/ram + IO use vs. DNS/routers/addons/antivirus + less security bugs/complexity & faster vs. addons/routers/remote dns!

Avoids DNSChangers in routers/IP settings & dns redirect (99.999% of ISP DNS != patched vs. it) + lighten DNS load & resolve faster from local system RAM!

* Via what u NATIVELY have in the FASTER kernelmode IP stack!

APK

P.S. - Safe https://www.virustotal.com/en/file/e01211ca36aa02e923f20adee0a3c4f5d5187dc65bdf1c997b3da3c2b0745425/analysis/1433430542/

Re:APK Hosts File Engine 9.0++ SR-7 32/64-bit

1 thing is certain: Browser addons don't.

Re:Not THIS adblocker (& much more)

Absolutely nobody gives a shit about the crapware you've been spamming since 1999. Fuck off and die.

Re: Prepare for privacy stealing in Firefox 57

#baizou

APK Hosts File Engine 9.0++ SR-7 32/64-bit

See subject: Better in efficiency & abilities vs. browser addons (does far more for far less) APK Hosts File Engine 9.0++ SR-7 32/64-bit https://www.google.com/search?hl=en&source=hp&biw=&bih=&q=%22APK+Hosts+File+Engine%22+and+%22start64%22&btnG=Google+Search&gbv=1/

Ads/script/malware rob speed/security/privacy.

Hosts add speed (via hardcodes/adblocks), security (vs. bad sites/malware/poisoned dns), reliability (vs. dns down), & anonymity (vs. dns requestlogs/trackers).

Less power/cpu/ram + IO use vs. DNS/routers/addons/antivirus + less security bugs/complexity & faster vs. addons/routers/remote dns!

Avoids DNSChangers in routers/IP settings & dns redirect (99.999% of ISP DNS != patched vs. it) + lighten DNS load & resolve faster from local system RAM!

* Via what u NATIVELY have in the FASTER kernelmode IP stack!

APK

P.S. - Safe https://www.virustotal.com/en/file/e01211ca36aa02e923f20adee0a3c4f5d5187dc65bdf1c997b3da3c2b0745425/analysis/1433430542/

Hosts have no such issue (WFP/ACL protected)

See subject: Plus by this ontop of 'em APK Hosts File Engine 9.0++ SR-7 32/64-bit https://www.google.com/search?hl=en&source=hp&biw=&bih=&q=%22APK+Hosts+File+Engine%22+and+%22start64%22&btnG=Google+Search&gbv=1/

Ads/script/malware rob speed/security/privacy.

Hosts add speed (via hardcodes/adblocks), security (vs. bad sites/malware/poisoned dns), reliability (vs. dns down), & anonymity (vs. dns requestlogs/trackers).

Less power/cpu/ram + IO use vs. DNS/routers/addons/antivirus + less security bugs/complexity & faster vs. addons/routers/remote dns!

Avoids DNSChangers in routers/IP settings & dns redirect (99.999% of ISP DNS != patched vs. it) + lighten DNS load & resolve faster from local system RAM!

* Via what u NATIVELY have in the FASTER kernelmode IP stack!

APK

P.S. - Safe https://www.virustotal.com/en/file/e01211ca36aa02e923f20adee0a3c4f5d5187dc65bdf1c997b3da3c2b0745425/analysis/1433430542/

Beat google @ their own game via

See subject: Better in efficiency & abilities vs. browser addons (does far more for far less) APK Hosts File Engine 9.0++ SR-7 32/64-bit https://www.google.com/search?hl=en&source=hp&biw=&bih=&q=%22APK+Hosts+File+Engine%22+and+%22start64%22&btnG=Google+Search&gbv=1/

Ads/script/malware rob speed/security/privacy.

Hosts add speed (via hardcodes/adblocks), security (vs. bad sites/malware/poisoned dns), reliability (vs. dns down), & anonymity (vs. dns requestlogs/trackers).

Less power/cpu/ram + IO use vs. DNS/routers/addons/antivirus + less security bugs/complexity & faster vs. addons/routers/remote dns!

Avoids DNSChangers in routers/IP settings & dns redirect (99.999% of ISP DNS != patched vs. it) + lighten DNS load & resolve faster from local system RAM!

* Via what u NATIVELY have in the FASTER kernelmode IP stack!

APK

P.S. - Safe https://www.virustotal.com/en/file/e01211ca36aa02e923f20adee0a3c4f5d5187dc65bdf1c997b3da3c2b0745425/analysis/1433430542/

You clearly do & other /.ers disagree

I'm going to continue using the Host File Engine. Your software is well written, functional. The Host File Engine performs exactly as promised by mmell

his hosts program is actually pretty good by xenotransplant

his hosts tool is actually useful for those cases in which one does indeed want to locally block stuff outright while consuming minimum system resources by alexgieg

(APK's) work, I've flat out said it's good by BronsCon

I've tried his hosts file generating software. It works by bmo

APK your posts on this & the hosts file posts, and more, have never been in error &/or bad advice by BlueStrat

Your premise that hostfiles are a good way to deal with advertising & malvertising is quite valid by JazzLad

I like your host file system by Karmashock

* It's recommended/hosted by Malwarebytes' hpHosts!

APK

P.S.=> China imitated me http://www.theregister.co.uk/2017/04/26/boffins_supercharge_the_hosts_file_to_save_users_plagued_by_dns_outages/ - more coming in part #2... apk

Security & Web pros disagree... apk

Steve Gibson endorses hosts https://www.grc.com/sn/sn-045.htm/

Aryeh Goretsky/ESET/NOD32: hosts = good security http://it.slashdot.org/comments.pl?sid=7442373&cid=49747129/

Malwarebytes hpHosts' hosts/RECOMMENDS me!

Brocke Wilders of WILDERS' SECURITY does inferior clone of MY work http://www.wilderssecurity.com/threads/hosts-block.378901/

Oliver Day (SYMANTEC/SECURITYFOCUS) http://www.securityfocus.com/columnists/491/ "Host file accessing the Internet - particularly browsing the Web - is actually faster... Spybot Search & Destroy offer lists of known malicious servers to add a layer of defense against trojans & other forms of malware"

OReilly hosts security -> http://oreilly.com/pub/a/windows/2004/03/30/hosts.html/ & hosts speed -> http://www.oreillynet.com/pub/a/network/excerpt/winxphacks_chap1/index1.html?page=3/

APK

P.S.=> EAT YOUR WORDS, lol... apk