Microsoft Edge Lets Facebook Run Flash Code Behind Users' Backs

An anonymous reader writes: Microsoft's Edge browser contains a secret whitelist that lets Facebook run Adobe Flash code behind users' backs. The whitelist allows Facebook's Flash content to bypass Edge security features such as the click-to-play policy that normally prevents websites from running Flash code without user approval beforehand.

The whitelist isn't new. It existed in Edge before, and prior to February 2018, it included 58 entries, including domains and subdomains for Microsoft's main site, the MSN portal, music streaming service Deezer, Yahoo, and Chinese social network QQ. The list was narrowed down to only two Facebook domains (facebook.com and apps.facebook.com) after a Google security researcher found that the whitelist mechanism had some security issues. The bug report also contains the original version of the whitelist, with all the 58 domains.

Microsoft security

[QuietLagoon]

An oxymoron if I ever saw one.

Re:Microsoft security

Windows used to be (and arguably still is) crazy securable if you take the time to lock it down. The real mystery is why it isn't out of the box. And why they added even more insecure BS that has to be disabled to Windows 10.

lol k

I'm sure the one guy who tried Edge a while back will be really shocked.

Re:lol k

[ThomasD3]

He probably gave up on the internet :) The funny thing is that after MS tortured everyone with IE, even if Edge was amazing, most of us wouldn't even give it a chance.

How many times do we have to go over this?

Look, if you want security, privacy, and freedom then use open source software.
Otherwise, you made your bed now sleep in it and shut up.

LaLaLaLALA

Weird. What was that doing there?

Is this like Net Neutrality.

[jellomizer]

Except for a fast lane, big companies are bypassing necessary security blocks to "trusted" (aka paying) sites.
These free passes are really an issue on the open web. As it means Facebook can have features enabled that other sites may not (at least without a warning).

As doing web development, when I see something interesting, I will dig into the code to figure it out. Like how Google gave the search suggestions while typing, and Google Maps a while back, that is where I learned Ajax. But if all the major browser makers, just made a <GoogleSearchAhead> tag If I were to try to make something based on the technology, it would be blocked to me.

Re:Is this like Net Neutrality.

Except for a fast lane, big companies are bypassing necessary security blocks to "trusted" (aka paying) sites.
These free passes are really an issue on the open web. As it means Facebook can have features enabled that other sites may not (at least without a warning).

You can do everything you need to do and live a very nice life without Facebook or Edge.

Don't use Edge and Facebook blocked in hosts file (and at the router, just to be sure). Problem solved.

Re:Is this like Net Neutrality.

[viperidaenz]

You can only block IP addresses on your router, of which I'm sure Facebook use hundreds as part of their CDN.
Browsers are moving towards dns over http, which bypasses your hosts file.

Good luck with your blocking.

Re:Is this like Net Neutrality.

I may not use Facebook. But it provides some value to many of the users. To protect their IP, Facebook may implement certain features explicitly through flash. Nothing wrong with that. They spent resources on it and want to keep it away from the competitors.

However if I figure it out on my own or would like to protect my IP similar to how FB does, visitors to my site would be shown a warning and discouraged from enabling the nice feature I developed. I am at an unfair disadvantage at this point.

Also, flash has documented history of security vulnerabilities. If FB flash is whitelisted, god knows what level of freedom is given - storage limits, reading files outside their sandbox, etc. And user is not even made aware of this exception. After a tech savvy user knows this and figures out a way to indicate that FB should not be on the whitelist (dunno if that's even possible), what guarantee is there to actually honor user's preference?

Re:Is this like Net Neutrality.

[jellomizer]

The issue isn't DRM, but the fact that Facebook has an unfair advantage, in terms of it having Flash greenlighted to them. While someone else, if they chose to use flash will get warnings, and wouldn't have the resources to get MS to green-light it for them.

Re: Is this like Net Neutrality.

My router has a built-in local DNS. What bullshit are you spouting?

Re:Is this like Net Neutrality.

[msauve]

Perhaps, but any decent firewall can block based on much more than IP addresses. Create your own cert, and run it as an SSL proxy, so it can inspect your own https traffic.

Re:Is this like Net Neutrality.

Ever heard of DNS? It's a thing.

https://pi-hole.net/

And yes, my blocking is good luck. LOL. Silly turkey.

Re:Is this like Net Neutrality.

[fahrbot-bot]

You can only block IP addresses on your router, of which I'm sure Facebook use hundreds as part of their CDN.

Kashmir Hill at Gizmodo did a series where she spent a week each blocking Amazon, Facebook, Google, Microsoft, and Apple from her life (devices and internet sites), then a week blocking them all. (link to series) She had a friend setup a VPN for her devices configured to block access to the provider(s) and she noted in the articles how many IPs each controlled: Amazon: 23 million, Apple: 6 million, Facebook: 122,880, Google: 8 million, Microsoft: 21 million -- there's a link in each article to the data. She noted that blocking / not using Amazon was virtually impossible.

Browsers are moving towards dns over http, which bypasses your hosts file.

Don't know about Chrome (or other browsers), but this can be controlled and/or disabled in Firefox by setting "network.trr.mode" to 0. From my Firefox / Thunderbird "user.js" file:

// https://blog.nightly.mozilla.o...
// https://wiki.mozilla.org/Trust...
// 0: Off by default, 1: Firefox chooses faster, 2: TRR default w/DNS fallback,
// 3: TRR only mode, 4: Use DNS and shadow TRR for timings, 5: Disabled.

user_pref("network.trr.mode", 0);

Re: Is this like Net Neutrality.

[Archangel+Michael]

Add in Pi-Hole to the mix, and you'll be even better off.

Re:Is this like Net Neutrality.

You can do everything you need to do and live a very nice life without Facebook or Edge.

Indeed, like the 50+ years I've lived prior to their existence.

Re:Is this like Net Neutrality.

[viperidaenz]

Sounds like a good way to compromise security and performance in one shot.

I suppose you could do some kind of dynamic IP blocking, by using the router as a DNS proxy, and blocking what ever IP addresses are resolved for specific host names. That doesn't work with dns-over-http but it's better than maintaining a huge list of ever changing IP addresses.

Re:Is this like Net Neutrality.

[_merlin]

This is something that really shouldn't be buried like this. When using the OS name resolver, I can point it at a DNS server that I control or trust, and alter resolution with the hosts file if necessary. With TRR, it goes to a provider of Mozilla's choosing that I have no control over and have no reason to trust. This kind of stuff shouldn't be hidden in an obscure, hard-to-find setting.

Re:Is this like Net Neutrality.

[msauve]

"Sounds like a good way to compromise security and performance in one shot."

Sounds like it to you, but then you obviously don't know much about network security. It's a very common enterprise solution, where any security or performance issues are much more pronounced than in a home environment.

Re:Is this like Net Neutrality.

[fahrbot-bot]

With TRR, it goes to a provider of Mozilla's choosing that I have no control over and have no reason to trust.

As mentioned in both Mozilla links I included, you can specify the DoH server with "network.trr.uri" :

Link 1: 4. Set "network.trr.uri" to your DoH server. Cloudflare’s is https://mozilla.cloudflare-dns... but you can use any DoH compliant endpoint.

Link 2: Set "network.trr.uri". Ones that you may use: https://mozilla.cloudflare-dns..., https://dns.google.com/experim...

I believe I read that Google is considering a GUI implementation for the DoH configuration for Chrome.

Re:Is this like Net Neutrality.

[_merlin]

So it can be changed in another buried setting that I have to fuck around searching for and won't remember. Lovely. Do I need to get another add-on to manage this like I had to get CookieBro to manage individual cookies? I really hate this dumbing down of the browser.

Re:Is this like Net Neutrality.

[viperidaenz]

The enterprise solutions aren't perfect.
Not only does it slow things down, it increases latency too. These are compromises enterprises make to monitor traffic.
You end up with a situation where your browser never sees the certificate from the website in question. You can't inspect it yourself.
You have another certificate store to keep up to date.
It completely breaks public key pinning and fires off reports for public key pin reporting.
You don't have a choice to ignore certificate errors.

The one I'm behind right now makes an exception for Extended Validation certificates, it doesn't intercept them at all so users who expect to see an EV cert in the address bar can still see it and know its still secure.

Hardware firewall

All these recent news articles basically plead the case for just blocking fb/google/etc domains and ip ranges at the hardware/router level.

Re:Hardware firewall

[green1]

As pointed out earlier by another poster, that's getting harder and harder as well.

More programs *cough*Chrome*cough* are using their own internal resolvers instead of the system one, and running those over HTTPS specifically to bypass local domain blocks. IP blocks are also difficult with today's CDNs with large numbers of ever changing IPs, and domain based virtual hosts.

Sure, you can get around all this for now, but I'm not sure that long term you'll be able to.

Re: Hardware firewall

[cunina]

Chrome does DNS query caching; it doesnâ(TM)t have its own DNS it consults.

Re: Hardware firewall

[green1]

After investigating, it looks like Google backtracked on it, and removed the async dns resolver a little while ago (here's a post that talks about what it was: https://discourse.pi-hole.net/t/disable-async-dns-resolver-in-google-chrome/9500)

So yes, Chrome DID have it's own internal resolver, but they seem to have backtracked and now only have a cache (which still will cause problems if you're switching between servers such as internal corporate DNS to outside world when you connect/disconnect your company VPN).

That said other apps (especially mobile games) have been caught with their own internal resolvers so as to ensure no adblocker (or malware blocker) can be used.

Cooties

Back in my day, you had to trade floppies to get cooties. We called it "sneaker-net" and Disco was all the rage!

Now, you just boot up a new Windows PC and right away, you get that hot, itchy feeling.

And even if you did get cooties, the cooties didn't blab about it to the rest of the world, because Apple lle's and IBM clones didn't gossip, because they had no modems.

Back in my day, when we got cooties, we suffered with our cooties in silence, and loaded up a special floppy to give to that person who gave us the floppy cooties.

Both Edge users are terribly upset

[spywhere]

(sorry)

Re:Both Edge users are terribly upset

[DickBreath]

Why are you sorry? Both Edge users aren't upset, but are happy that they can play their Facebook Flash games. And that is probably about the only thing that a Microsoft browser is good for. Especially since REAL browsers aren't the most welcoming of Flash. And Facebook and its third parties cannot be bothered to migrate from Flash to a more 21st century technology.

Yet again I calll for browser indepenance

[xack]

And yet again no one listens. I expect Mozilla and Google have "secret lists" too. Brave was recently exposed sending "secret headers" to certain websites too.

Re:Yet again I calll for browser indepenance

[rudy_wayne]

Feel free to go ahead and develop an independent browser. Nobody is stopping you.

Oh, that's right, you want somebody else to do it.

Re:Yet again I calll for browser indepenance

[green1]

Not everyone is a skilled coder. Some people just want to use the internet without being a victim. Telling them to build their own browser isn't exactly helpful.

Re:Yet again I calll for browser indepenance

[religionofpeas]

Feel free to go ahead and develop your own internet, then.

Re:Yet again I calll for browser indepenance

Use lynx.

Re:Yet again I calll for browser indepenance

[Dragonslicer]

Feel free to go ahead and develop your own internet, then.

But this one already has blackjack and hookers, so what's the point?

Re:Yet again I calll for browser indepenance

[WCMI92]

A hosts file doesn't take any great amount of expertise to edit.

The problem is that in Windows 10 and the later versions of Windows server not even Administrator is Administrator.

So Microsoft trusts Facebook more than it's customers. That is like trusting a burglar over a homeowner. And I am not at all wrong in the comparison. Zuckerberg/Sandberg are known abusers.

Re:Yet again I calll for browser indepenance

[scdeimos]

The problem is that in Windows 10 and the later versions of Windows server not even Administrator is Administrator.

UAC has been around since at least Windows Vista. Has nobody ever shown you the Run as Administrator options so you can do administrative things with the Administrator account?

Re:Yet again I calll for browser indepenance

[grep+-v+'.*'+*]

Not everyone is a skilled coder. Telling them to build their own browser isn't exactly helpful.

??? You don't need to, it's all easy enough -- doesn't everyone know "telnet site 80"? It's all that math at 443 that's hard -- the sage Barbie was PRESCIENT!

Although binary-decoding moving GIFs in your head in real-time IS fairly hard, I'll give you that.

Re:Yet again I calll for browser indepenance

[Waccoon]

More appropriately, many of the problems we experience in communication technology are driven by politics. It's really hard to develop a technical solution to a political problem, no matter how much skill and spare time you have.

I've been running my own e-mail server for over 15 years, because I don't want my ISP or a media mogul to do it for me. Ask me how many mails I can actually send/receive with so many big networks blacklisting smaller domains they don't recognize. Oh well... might as well give up and get a Discord like everyone else! All the cool kids are doing it (since they allready forgot what happened to Skype).

Re:Yet again I calll for browser indepenance

[green1]

I've been running my own mail server for almost 20 years. I have no trouble sending or receiving mail to any of the big players. There are a couple of caveats though, you must have several things in place in the modern world of email:
- you must be hosted on a "server" IP, if big names think it's a dynamic or residential IP, you'll never get through.
- Reverse DNS that matches your domain's MX
- SPF records
- DKIM signatures
- DMARC records
- No open relays, all your users must be authenticated.
- Never let SPAM, or anything that could be construed as SPAM originate from your server.
And for your own sanity:
- Positively exceptional SPAM filtering

Failure to have any of those set up perfectly will get you in big trouble. But with all of that set up right, I haven't had any problems.

THIS is why closed-source is bad

I mean, come on, the fact they encrypted the list and it had to be brute-forced meant that a) Microsoft didn't want us know and b) they knew it was sneaky. How much more anti-consumer can a program be -- it was hiding intentional violations of its own touted 'security policies' for some privileged group that isn't the user.

Re:THIS is why closed-source is bad

[thegarbz]

Did you post this from a personally vetted browser? Or do you just assume because something is magically open source that someone else trustworthy vetted it for you?

Re:THIS is why closed-source is bad

How is this modded insightful?
Would you rather the list were plain text that could be modified by a bad actor?

The lack of published detail is sneaky, the fact they encrypted this "feature" is not - if you have a white list it sure as hell should be protected.

How is this different from other browsers?

[The+MAZZTer]

In the transition time to deprecating Flash and removing it from browsers entirely, there are still sites that use Flash and users of those sites which rely on it. So, all of the browsers have a whitelist which allows some sites to continue working while preventing others from introducing brand-new Flash content. This helps with the transition. Eventually the browsers narrow this list down in scope and add more security barriers in front of Flash until they can remove it entirely. That sounds exactly like what is happening here; the whitelist is down to two entries both of which are extremely popular sites. The whitelist and Flash itself will likely be removed at some point. I am not sure why the cause for alarm here; it wasn't too long ago that flash ran by default on ALL websites.

I think the only real point of concern here is the lack of click to play, especially since anyone can make a Flash app with who knows what spyware as content and get it uploaded as a Facebook app.

Re:How is this different from other browsers?

I think the assumption is that the other browsers are either leaving the whitelist in the hands of users or at least making exceptions transparent.

Re: How is this different from other browsers?

No no no. You put the flash label on something it better have fuckin flash on the site :P

Re:How is this different from other browsers?

In the transition time to deprecating Flash and removing it from browsers entirely, there are still sites that use Flash and users of those sites which rely on it.

Flash has been a constant source of security holes since literally in the late 90's ... about as long as it has existed.

Flash is shit. Sites which rely on Flash are by definition shit. If you run a website which relies on Flash, you're fucking incompetent and deserve to have your website break, because you're too fucking lazy and stupid to fix your shit.

No, fuck that ... Flash should not be getting a free pass, no matter for who. Least of all from the company who has made the least secure browsers ever, and has done so since the first version of IE.

Flash has been dangerous to run for 20 years, and utterly stupid to run for the last 10 years.

Flash should have been killed off years ago.

Re:How is this different from other browsers?

[viperidaenz]

Because it's a "secret" list users don't have the ability to change.

Facebook obviously doesn't need to use Flash to function, as Chrome and Firefox don't have this exemption.

Re:How is this different from other browsers?

In the transition time to deprecating Flash and removing it from browsers entirely, there are still sites that use Flash and users of those sites which rely on it. So, all of the browsers have a whitelist which allows some sites to continue working while preventing others from introducing brand-new Flash content. This helps with the transition.

What is this transition you are speaking of? It's 2019... flash has been dead for a half dozen years.

If a company with the resources of Facebook can't get its shit together by now what specifically makes it deserving of special exemptions not available to smaller sites?

At this point only reason to use flash is tracking / cyber stalking.

Re:How is this different from other browsers?

[DontBeAMoran]

You think FACEBOOK has been too small and without have enough ressources to remove anything Flash-related for the last decade?

Re:How is this different from other browsers?

Sometimes I can't believe what is coming out of people's mouths. How anyone can defend this practice, I do not know.

Re:How is this different from other browsers?

That absolutely absurd part of this is that these flash apps likely aren't even maintained by Facebook devs, so Microsoft is trusting that their amateur publishing platform is secure enough. This happens all the while they're usurping user's choices involving updates "because security". Facebook doesn't exactly have a stellar reputation of maintaining applications either given their recent "vpn" scam.

Re:How is this different from other browsers?

[AHuxley]

Ad company gets the approved power to do that?

Re:How is this different from other browsers?

[tepples]

Flash has been dangerous to run for 20 years

Twenty years ago, what would have been superior to Flash for making things like All Your Base, Hatt-baby, Hyakugojyuuichi, Badger Badger Badger, Weebl and Bob, Homestar Runner, and everything on Newgrounds? Consider that many people still had 0.05 Mbps Internet at the time.

Re:How is this different from other browsers?

[dunkelfalke]

It would still be superior for that task. All that classic stuff has been converted to streaming video nowadays, eating far more bandwidth, yet with worse quality.

Re:How is this different from other browsers?

[jbmartin6]

More interesting, perhaps, is Facebook knew nothing about it and asked for their domains to be removed. At least that is what they said.

And this is why...

...I use Firefox. No hidden crap! :)

Re:And this is why...

[rudy_wayne]

And you know this because you have carefully examined every line of source code, right?

Re: And this is why...

Ii think you are the purveyor of bad opinions

Re: And this is why...

Somebody else did it for me.

Re:And this is why...

...I use Firefox. No hidden crap! :)

All of Firefox's crap is out in the open. I don't know that it makes it any better.

Re:And this is why...

...and compiled it yourself?

Re:And this is why...

[JustAnotherOldGuy]

...and compiled it yourself?

Yes, and I wrote the compiler and fabricated the integrated circuits myself.

Re:And this is why...

And I dug the sand that created those chips. And I know the guy who created that sand. So we're good.

So MS Up On Charges Right?

MS broke US laws doing thatand endangered the world.

Time to nationalize BigTech!

Useless browser, untrustworthy Facebook

Great combination, a worthless insecure browser (Edge) and a untrustworthy web site Facebook that still uses Flash. This is why you need to disable Flash player completely.

What's that?

[raymorris]

> Don't use Edge and Facebook blocked in hosts file

What is hosts file and how do you block things in it?

Re:What's that?

[DontBeAMoran]

What is hosts file and how do you block things in it?

Oh shit, now you've done it.

Prepare for hosts-related spamming in this thread! Everyone take cover!

Re: What's that?

Have you seen my baseball?

Re:What's that?

http://winhelp2002.mvps.org/hosts.htm

Ignore his convoluted installation instructions. Extract the zip to a temp folder. Then go to C:\windows\system32\drivers\etc and rename your hosts there to "hosts.old" or something, and then move the hosts from the temp folder to etc. Reboot. Done. I update these about every 6 months on my systems. If you add to it, add to the top so you can copy/paste that stuff off in notepad easily when you update the main list.

Even better on a pi hole, and can protect your whole network:
https://pi-hole.net/

Re:What's that?

[dryeo]

https://raw.githubusercontent....
or start here,
https://github.com/StevenBlack...

this is why...

...I only use Netscape Navigator.

Re:this is why...

[viperidaenz]

Which has supported Flash since 1996

Re:this is why...

[green1]

Navigator? c'mon, real men use lynx!

Re:this is why...

[chthon]

Emacs M-x browse-web

Re:this is why...

[PPH]

NCSA Mosaic.

How I block JEWS Ballmer and Zuckerberg... apk

See subject: APK Hosts File Engine 1.0++ 64-bit for MacOS h t t p : / / a p k . i t - m a t e . c o . u k / A P K H o s t s F i l e E n g i n e F o r M a c O S . z i p

Yields more security/speed/reliability/anonymity vs. any 1 solution (99% of threats use hostnames vs. IP address most firewalls use) more efficiently/FASTER + NATIVELY 4 less!

Vs. "Bolt on 'MoAr' illogic-logic" slowing you hosts speed u up 2 ways: Adblocks + Hardcode fav. sites u spend most time @ vs. competition loaded w/ security bugs (DNS/AntiVir) + overheads slowing u (messagepass 'souled-out' to advertisers easily detected & blocked addons + firewall filtering drivers) & their complexity leads to exploitation!

* ONLY 1 of its kind in GUI 4 MacOS!

(Better vs. Windows model in speed/efficiency)

APK

P.S.=> Protects against ALL known & unknown vulnerabilities. Now supports port filters in hosts. My work is world-class & China copied it because they can't do better. I am God's gift to Slashdot... apk

Re: How I block JEWS Ballmer and Zuckerberg... apk

What?

How I block JEWS Ballmer and Zuckerberg... apk

See subject: APK Hosts File Engine 1.0++ 64-bit for MacOS h t t p : / / a p k . i t - m a t e . c o . u k / A P K H o s t s F i l e E n g i n e F o r M a c O S . z i p

Yields more security/speed/reliability/anonymity vs. any 1 solution (99% of threats use hostnames vs. IP address most firewalls use) more efficiently/FASTER + NATIVELY 4 less!

Vs. "Bolt on 'MoAr' illogic-logic" slowing you hosts speed u up 2 ways: Adblocks + Hardcode fav. sites u spend most time @ vs. competition loaded w/ security bugs (DNS/AntiVir) + overheads slowing u (messagepass 'souled-out' to advertisers easily detected & blocked addons + firewall filtering drivers) & their complexity leads to exploitation!

* ONLY 1 of its kind in GUI 4 MacOS!

(Better vs. Windows model in speed/efficiency)

APK

P.S.=> Protects against ALL known & unknown vulnerabilities. Now supports port filters in hosts. My work is world-class & China copied it because they can't do better. I am God's gift to Slashdot... apk

IMPERSONATING me again? apk

See subject: Amusing you also downmod hid the post you replied to while IMPERSONATING me (why is that? Can't prove it wrong and want it hidden??).

* HILARIOUS u ADMIT u have a registered 'luser' acct & STALK me by UNIDENTIFIABLE anon https://hardware.slashdot.org/... - YOU have ISSUES, lunatic.

See subject & that's the "best ya got"?

It proves You WISH you were ME (as your POOR imitation = the sincerest form of flattery).

* MacOS model's not done: Stop IMPERSONATING me lying & proof portfilter err's can't happen in my work https://news.slashdot.org/comm...

APK

P.S.=> I know WHY you do it though (out of "butthurt angst", lol): I've BLOWN YOU AWAY so many times under your MANY alter-ego SOCKPUPPET /. accounts FAKENAMES you're out for "revenge" only to have EGG ON YOUR FACE yet again... apk

So it's trivial for a wifi portal to run Flash

[viperidaenz]

All you need to do is redirect your "WiFi login" page to a whitelisted domain, MITM that domain, since you control the wifi network, and deliver what ever malicious Flash content you desire.
Easy to do, since the whitelist is not restricted to HTTPS connections.

Re:So it's trivial for a wifi portal to run Flash

All you need to do is redirect your "WiFi login" page to a whitelisted domain, MITM that domain, since you control the wifi network

Exactly.

This has nothing to do with Microsoft or Edge, per se, but ..

I was a hotel recently, and upon connecting to their wifi (some Cisco solution I believe), upon trying to visit even just Google I was getting errors saying it couldn't validate the host as authentic, when not being able to confirm the identity of Google means you can't trust the network because Google uses https.

Immediately, I disconnected from their wifi, because what they'd clearly done was install a cheap ass proxy, which either on purpose or due to incompetence was essentially a 'man in the middle'.

No way in hell would I trust any traffic over a network which gives me errors about the authenticity of Google, because it means everything on that network is compromised.

The problem is Microsoft has a very long history, of making very stupid decisions which gravely impacted security all in the name of 'convenience' ... from hiding file extensions to automatically executing scripts in attachments in email ... to hard-coding security exceptions.

The mere knowledge that facebook.com is exempt means using that as an exploit is trivial.

Re:So it's trivial for a wifi portal to run Flash

True. All this comes from a company which thinks it is OK to force push weekly and re-install Candy crush, Skype and other malwares into Windows 10 machines even if one has uninstalled them many times before. MS clearly believes they can do whatever they want on their customers machines.

IMPERSONATING me YET again? apk

See subject: Amusing you also downmod hid the post you replied to while IMPERSONATING me (why is that? Can't prove it wrong and want it hidden??).

* HILARIOUS u ADMIT u have a registered 'luser' acct & STALK me by UNIDENTIFIABLE anon https://hardware.slashdot.org/... - YOU have ISSUES, lunatic.

See subject & that's the "best ya got"??

It proves You WISH you were ME (as your POOR imitation = the sincerest form of flattery).

* MacOS model's not done: Stop IMPERSONATING me lying & proof portfilter err's can't happen in my work https://news.slashdot.org/comm...

APK

P.S.=> I know WHY you do it though (out of "butthurt angst", lol): I've BLOWN YOU AWAY so many times under your MANY alter-ego SOCKPUPPET /. accounts FAKENAMES you're out for "revenge" only to have EGG ON YOUR FACE yet again... apk

Welcome!

Wlcome to my host file! Enjoy your new IP address:127.0.0.1

Joke:

"Microsoft security: An oxymoron if I ever saw one."

You are making a mistake. Don't think of Microsoft as a software company. That's not it's prime goal. Microsoft is primarily an ABUSE company.

Criticism of Windows 10.

Re:Joke:

[Darinbob]

But I came here for an argument!

Re: Joke:

Where's the joke?

How I block JEWS Balmer and Zuckerberg... apk

See subject: APK Hosts File Engine 1.0++ 64-bit for MacOS h t t p : / / a p k . i t - m a t e . c o . u k / A P K H o s t s F i l e E n g i n e F o r M a c O S . z i p

Yields more security/speed/reliability/anonymity vs. any 1 solution (99% of threats use hostnames vs. IP address most firewalls use) more efficiently/FASTER + NATIVELY 4 less!

Vs. "Bolt on 'MoAr' illogic-logic" slowing you hosts speed u up 2 ways: Adblocks + Hardcode fav. sites u spend most time @ vs. competition loaded w/ security bugs (DNS/AntiVir) + overheads slowing u (messagepass 'souled-out' to advertisers easily detected & blocked addons + firewall filtering drivers) & their complexity leads to exploitation!

* ONLY 1 of its kind in GUI 4 MacOS!

(Better vs. Windows model in speed/efficiency)

APK

P.S.=> Protects against ALL known & unknown vulnerabilities. Now supports port filters in hosts. My work is world-class & China copied it because they can't do better. I am God's gift to Slashdot... apk

I do & so does everyone else... apk

See subject & realize those who control the media (& we all KNOW who those SWINE are kicked nation to nation thru time) are in league w/ the chinks per Davos switzerland BANKERS (aka Rothchild jews) where Xi Ping the 2" prick himself dictator said he'd "get the USA" or something much like it...

* As to the REST of my subject & what it says? Here is what I THINK of CHINGOLAND https://news.slashdot.org/comm... & agree w/ you 100% IF you read that.

Do you REALLY think the 'trolls' that are Anti-Trump are REALLY believing that bs? Hell no - they're on SOROS' payroll, like Antifa was (Jew Soros was caught NOT PAYING THEM & they spilt the beans on that too) - they merely execute what is TOLD them but when cornered? They can't think for themselves & only spit back what their paymasters told them - little depth, that's HOW you beat them into the dirt too by the by!

So when you THINK others don't? That's what the JEW MEDIA wants you to think so it upsets you - tell them:

"Save the WEAK wannabe 'Jedi mind tricks' that work on the weak minded - you don't THINK for ME - I do, for myself & KNOW you're FUCKING LIARS!"

APK

P.S.=> Lastly, understand EVERY FORUMS YOU GO TO is PUSHING someone's "AGENDA" for SHEKELS - & they tried the "RUSSIA" bs, nothing behind it for YEARS now & FAILED - they tried to crap on Catholic school kids too (gosh wonder WHY jews?) & SHIT THEMSELVES on that too w/ Joy Behar the Jewess ADMITTING they were "desperate" - born LIARS is more like it & for greed/for the love of the "Holy dollar" SHEKELS (& yes that INCLUDES /. pushing others' REAL AGENDA w/ JOOgle @ the helm here funding it MOSTLY & pulling "whipslash"'s chain like the GOOD "Lil' DOG" he is, the mangy cur whom I've SHIT ON for the past 2 yrs. no less showing everyone how STUPID the fuck is trying to "get the better of me" & "ban me" (lol, good luck that, the stupid punk bitch he is))... apk

IMPERSONATING me STILL YET again? apk

See subject: Amusing you also downmod hid the post you replied to while IMPERSONATING me (why is that? Can't prove it wrong and want it hidden??).

HILARIOUS u ADMIT u have a registered 'luser' acct & STALK me by UNIDENTIFIABLE anon https://hardware.slashdot.org/... - YOU have ISSUES, lunatic.

See subject & that's the "best ya got"?

That proves You WISH you were ME (as your POOR imitation = the sincerest form of flattery).

* MacOS model's not done: Stop IMPERSONATING me lying & proof portfilter err's can't happen in my work https://news.slashdot.org/comm...

APK

P.S.=> I know WHY you do it though (out of "butthurt angst", lol): I've BLOWN YOU AWAY so many times under your MANY alter-ego SOCKPUPPET /. accounts FAKENAMES you're out for "revenge" only to have EGG ON YOUR FACE yet again... apk

Still IMPERSONATING me? apk

See subject: Amusing you also downmod hid the post you replied to while IMPERSONATING me (why's that? Can't prove it wrong and want it hidden?).

HILARIOUS u ADMIT u have a registered 'luser' acct & STALK me by UNIDENTIFIABLE anon https://hardware.slashdot.org/... - YOU have ISSUES, lunatic.

See subject & that's the "best ya got"?

That proves You WISH you were ME (as your POOR imitation = the sincerest form of flattery).

* MacOS model's not done: Stop IMPERSONATING me lying & proof portfilter err's can't happen in my work https://news.slashdot.org/comm...

APK

P.S.=> I know WHY you do it though (out of "butthurt angst", lol): I've BLOWN YOU AWAY so many times under your MANY alter-ego SOCKPUPPET /. accounts FAKENAMES you're out for "revenge" only to have EGG ON YOUR FACE yet again... apk

Better joke:

How many Edge users were upset to learn about the secret whitelist that allows Facebook to run Flash?

Both!

Re: Better joke:

I would never use bookface or edge browser. #bringjussietojustice

Facebook can't be trusted

[WCMI92]

As even Apple has learned. Now Microsoft will be burned.

Re:Facebook can't be trusted

[strikethree]

As even Apple has learned. Now Microsoft will be burned.

Really?! Microsoft gave themselves access to ALL of your files and you think that THIS misuse of trust is the one that will get them?

Pardon me for a second. I can't type while I am laughing so hard. I think I might be getting a broken rib here. OMGWTFBBQ

Ubuntu 18.04.2

No flamewar meant about which distro is best etc. but this is a reminder that Ubuntu 18.04.2 LTS with kernel 4.18 is out. (up from the older 4.15 version)
I may narrow it down to main edition and Mate edition, arbitrarily. This covers a very large breadth of hardware from 8 core / 32 GB RAM etc. to 1 core / 1 GB RAM, latest or recent GPU to completely unaccelerated graphics.

This new thing and other random issues e.g. in Windows 1809 but I don't remember why, mean we're probably losing Microsoft as a honest provider of sorts. Yeah like integrating propaganda as an Edge browser extension which will put a green check on Washington Post and a red cross on "websites under the influence of mischievous foreign agents" but I don't want to get too political even though it is.
Therefore I am proposing we help propagating GNU/Linux distros on the desktop (I guess there's debian 10 soon as well, or others), we could ban Windows on some computers when it finally gets updated from version 1803 to 1809, there are also Windows 7 systems out there where the update system has failed for years and the clock is running out on these.

Re:Ubuntu 18.04.2

And it also doesn't run any of the applications I need to use. Plus all that's changed from the last version is they've redesigned the UI again... removing anything useful and adding more spinning, whirring, crap that gets in the way (just like they've done for every release since the got the very first GUIs working) .

Rinse & repeat next year when the next "super new Linux" comes out.

The CDs do make reasonable coasters though.

How I block JEWS Balmer and Zuckerberg... apk

See subject: APK Hosts File Engine 1.0++ 64-bit for MacOS h t t p : / / a p k . i t - m a t e . c o . u k / A P K H o s t s F i l e E n g i n e F o r M a c O S . z i p

Yields more security/speed/reliability/anonymity vs. any 1 solution (99% of threats use hostnames vs. IP address most firewalls use) more efficiently/FASTER + NATIVELY 4 less!

Vs. "Bolt on 'MoAr' illogic-logic" slowing you hosts speed u up 2 ways: Adblocks + Hardcode fav. sites u spend most time @ vs. competition loaded w/ security bugs (DNS/AntiVir) + overheads slowing u (messagepass 'souled-out' to advertisers easily detected & blocked addons + firewall filtering drivers) & their complexity leads to exploitation!

* ONLY 1 of its kind in GUI 4 MacOS!

(Better vs. Windows model in speed/efficiency)

APK

P.S.=> Protects against ALL known & unknown vulnerabilities. Now supports port filters in hosts. My work is world-class & China copied it because they can't do better. I am God's gift to Slashdot... apk

Pre-emptive treatment

Standing by with the SPH just in case the infection shows up...

Here come the three letters

you know which letters

Re:Here come the three letters

Hey Jew tell us why you jews get kicked out of everywhere you go over history https://tech.slashdot.org/comm... ?

IMPERSONATING me YET AGAIN? apk

See subject: Amusing you also downmod hid the post you replied to while IMPERSONATING me (why is that? Can't prove it wrong and want it hidden??).

HILARIOUS u ADMIT u have a registered 'luser' acct & STALK me by UNIDENTIFIABLE anon https://hardware.slashdot.org/... - YOU have ISSUES, lunatic.

See subject & that's the "best ya got"? It proves You WISH you were ME (as your POOR imitation = the sincerest form of flattery).

* MacOS model's not done: Stop IMPERSONATING me lying & proof portfilter err's can't happen in my work https://news.slashdot.org/comm...

APK

P.S.=> I know WHY you do it though (out of "butthurt angst", lol): I've BLOWN YOU AWAY so many times under your MANY alter-ego SOCKPUPPET /. accounts FAKENAMES you're out for "revenge" only to have EGG ON YOUR FACE yet again... apk

pihole breaks mobile apps

that POS breaks mobile app usage. recommending its use is as bad as recommending that apk stupidity.

Re:pihole breaks mobile apps

[Archangel+Michael]

Hey Wiretap, what is a good recipe for Chocolate Cake?

vmware

[nnet]

and vsphere mgmt.

more reasons

more reasons to not use edge

Who still uses Edge?

[Locke2005]

Other than as the world's most popular method of downloading Chrome...

Ohhhhh

[JustAnotherOldGuy]

Nothing nefarious here, just good ol' Microsoft secretly fucking over you and your PC behind your back.

I will say this is different; usually they do it right to your face.

So glad I switched to Mint, not that I ever would have allowed Edge* to run. The ONLY thing Edge might be good for is downloading another browser, beyond that it's pure rubbish.

.

*Edge, AKA "The Little Browser That Couldn't"

Open. Fucking. Source.

For any morons who are reading this with Edge, *THIS* is why you do *NOT* run proprietary browsers.

u so autistic

u very autistic bout dis subject aint ya ?

Wot no Silverlight?

Shouldn't Microsoft be whitelisting Silverlight apps rather than Flash?

Speaking of flash

Can we add native browser support to swf files, just like a browser can natively read jpg files? All it need is proper sandboxing. Hell, remove all net access and it's harmless. I don't want to lose a million browser games and animations just because a circle of companies decided it's time to drop flash. These swfs will NOT get rebuilt by anybody in HTML+JavaScript. We are losing something precious with flash. Should be fixed instead of discarded.

Microsoft cannot be trusted

I see lots of well deserved MS bashing but most of you are happily running Microsoft Windows, Office, Defender. If you can't trust MS Edge, why do you trust MS's other products?

One more reason I will never run Edge...

Just stop trying, Microsoft. The only way you will get people to run your browser is if you 1. stop collecting information and 2. let the user control and know what's actually running inside it.

Trust

Don't trust Microsoft. Don't trust Facebook.

MS chrome browser

[sad_]

expect the same tricks from the MS chrome based browser, another reason just to not use it.
changing rendering engines will not make me change my mind.

Internet Explorer on Windows 10.

I write programs that scrape websites mostly for numeric data that they post publicly that would cost money for a subscription to get in a timely manor. Writing webrequests in C# I would use a userstring that was consistent with MS Edge current version except where Edge was blocked and I would use a CHROME userstring.

One day I was working on gathering posted numeric data from a site that we had a subscription to, to figure out the lag time between subscription data and publicly posted data, using both an Edge userstring and a CHROME user string. Each userstring returned a slightly different page layout after getting the program to log into the site. I wanted to see if there was a different page layout on other browsers as the div names and ID's were different between Edge and Chrome. So I grabbed the URL from the page that Edge used to request the data and copied that URL into Internet Explorer program on Windows 10. The data was displayed and I right clicked to display "View Source" to see if there was any difference in the HTML layout....

Then it hit me.... Wait WHAT??? I never logged into the website using Internet Explorer. I went to another Windows 10 machine and typed in the URL in to Edge.... NOPE.... HTML Error 403.... typed it into Chrome.... Same 403 error.... Typed it into Internet Explorer on Windows 10.... It displayed the subscription data without signing in..... I had access to another company computer that is Windows 7 and typed the URL into Internet explorer v11. HTML Error 403.

So, by changing the UserString to the same userstring to that Internet Explorer uses on Windows 10 gets us subscription data without ever logging in to the website.

AND... this works on more than just a few websites. Although I will say using Internet Explorer on Windows 10 and trying to get the screen that will have a URL to the data without signing in is not possible. But if that URL is easily guessable there would never be a reason to ever subscribe.

I'm wondering if this is a "Feature" with IIS or other web-server.

Microsoft continues evil

Impressively, Microsoft continues to F the customer. Windows and other products steal your data, spy on you , oh shit I'll just stop here.