These people defending MIcrosoft's behaviour are just tools... I wouldn't pay much attention to them. Microsoft can't "kill the hosts file off" because the behaviour is part of the IP specification (defined in the RFC's)
1) Im not defending it, im saying its uber low on "list of things I care about". 2) Theyre not "killing it off", theyre preventing common hijacks to it. Its a pretty retarded way to do it IMO, but whatever.
I make use of the hosts file for various purposes, including getting my forum users set up with hosts file entries to the new server, beforehand, whenever our DNS entries are changing so they can still reach the forum while changes are propagating
This falls under "bad ideas / DNS does it better" from above, sorry. Prior to any DNS changes, set your TTL to 30 minutes or however low it goes, make the change, viola. 30 minutes, max, before propogation. Encouraging HOSTS file use is just going to cause massive breakage down the road when one of your users forgets to remove that entry.
THIS is a prime example of why the hosts file still exists and the behaviour should not be fucked with by those assclowns at Microsoft.
And the breakage that some of your users will experience next DNS change is why we have moved on to DNS, and why what MS does to the HOSTS file is of little concern to me or my clients. There is ONE client that I have that would remotely care about HOSTS behavior change, and Im going to go out on a limb and say hostname-only entries ("SERVER 10.5.5.5") are probably not on the radar of things they mess with, which are about the only major HOSTS file use left in businesses.
Fight malware in other ways.
Then disable the behavior in their antimalware software. This is such a non-issue, its remarkable that it made it through the firehose.
Windows is deployed on at least hundreds of millions of machines world wide, if Microsoft got these ad companies together and told them they could "fix" people trying to block their servers ads you think they would pony up a couple bucks?
The number of people who block ads with HOSTS is positively miniscule. The number of THOSE who would be thwarted by hosts being unavailable is even smaller.
The idea that this is somehow a conspiracy for advertising makes literally no sense, as it would help its rival by an infintesimal amount and gain it no money.
Hosts file doesnt have to be loaded into RAM? Rejecting packets outright is more CPU intensive than trying to route to 0.0.0.0, having to do a route lookup, failing, and discarding the session? Hosts file doesnt incur I/O penalty?
Dude, you are so far out there on this one, Im not sure you understand how quick your average firewall can drop a session compared to relying on a crappy HOSTS file redirect to 0.0.0.0.
Hell, look up rootkit.com, & see their article on "Windows Firewall" Vista onwards being EASIER to "unhook".
When I spoke of a "centrally managed firewall", that is most emphatically not the Windows Firewall. Cisco, Sonicwall, pfSense, ipTables, take your pick, all of them are zillions of times better than Hosts: 1) faster 2) easier to maintain 3) has built in logging 4) user cant bypass or tamper, even with escalation exploit 5) less prone to breakage 6) can filter by protocol, hostname, and port, not just IP
But you know what? Keep pushing hosts files as a viable business solution, Im sure youll get lots of business doing so.
I agree, I just dont think theres anything remotely noteworthy here. If it werent for awful 90s era programs that cant handle DNS, Id say kill the entire thing off and end the stupid "Hosts is a good idea" myth altogether.
I was about to post the same thing, as I'm often tinkering with the hosts file in a development setting just because it's quick and easy,
This is why dealing with devs can be painful. Just request that the IP be added to DNS so that the IT admin can actually reprovision IPs without having to check each and every PC for custom HOSTS.
This is why one of my clients is such a pain to deal with; we could rearchitect the network into something less painful, but each developer seems to think its a good idea to ignore DNS and directly refer to server IPs. Which is great, up until those IPs change.
No, its another reason to say "wow, Slashdot really likes to make mountains out of molehills".
Is this retarded and probably not terribly useful? Yeah. Is it terribly noteworthy, except for a very few people who still rely on something as arcane as HOSTS filtering? No, not really.
The reason to skip Win8 is the training overhead and the massive mess that is the new GUI. Changes to the way HOSTS files are dealt with dont really fit my top 100 things that I care about, because if I want something blocked Ill use a system that is actually designed for it-- not some stupid hack for a kludgy system thats been outdated for about 20 years (Protip: redirecting to 127.0.0.1 is NOT what it was designed for, and is a retarded method for people who dont understand networking; 0.0.0.0 is slightly better, but still a stupid way of filtering).
No, it will not. If a malicious program is writing to your hosts file then it can also disable Windows Defender or just white-list itself or the hosts file.
One does not follow from the other. The HOSTS file is just a file, and can be written by anything with administrative priveleges. Antivirus software tends to be much harder to disable than simply "get admin, and disable"-- there can be boot-time drivers that prevent such tampering.
Because noone will know what HOSTS is-- mostly because its a largely disused relic from an age before DNS, and is basically only used by poorly written DOS-era programs (which are still DNS-ignorant) and a niche of geeks who seem to think it somehow superior to firewall rules or adblock lists.
If a non-privileged program is permitted to ignore the fact that a file is set to be Read-Only, you have absolutely no protection against malicious code changing anything it wants.
Im going to go out on a limb and say you have no idea what youre talking about-- primarily because you seem to think that Windows Defender is non-privileged. It would be a pretty sorry anti-malware / virus software that ran in user-mode.
Im going to go further out on a limb here and say that Defender probably runs with System rights, and can do pretty much whatever it wants from a OS security perspective.
An IT manager using Hosts is an IT manager that needs to be replaced.
First, if you are doing your web filtering on the workstation, you are doing it badly, badly wrong. Second, HOSTS is not somethin that is easily maintained or modified. Third, there are about a zillion better ways to accomplish blocking than using a HOSTS file.
Its basically a kludge from bygone days before DNS, and for 99% of use cases where you might think "I can use a HOSTS file for that", there are far better methods-- or else the thing you are trying to do is retarded.
Countries much poorer than America, more corrupt, and still with large populations and land area have done it.
Maybe the reason is because they are much poorer and more corrupt. Its kind of hard to make this a pressing issue here, given that checks and credit cards arent generally a problem; Ill agree that the system with credit cards is retarded but we just dont have a large scale problem of pizza guys lifting cc numbers. If that happens, that will probably provide the impetus for change.
As with most things, unless there is a huge problem, people tend to not want to change what "works".
I dont much like it, but youre out of your mind if you want to compare the two scenarios as you post from your comfortable, heated, internet connected house with a belly full of food.
Part of what makes slashdot slashdot is that 90% of the posters utterly lack any sense of perspective.
Theres a story about how Facebook is selling your data to russian mafia? Clearly, that is just as bad as what Hitler did in WW2. Obama enacts a healthcare plan youre not a fan of? Communist china, and Obama is Mao. Romney takes a stance on abortion that you dont like? Clearly, this man is as repressive as Stalin.
It should come as no suprise that in any particular thread about surveilance, at least one person insists that things are as bad as they are in 1984-- even if they happen to have not read that particular book.
If they are going to waste our money, then they deserved to be taxed to discourage such practises.
Discourage WHAT practices? Providing support for military action that the government has committed itself to? Listen, if you have a problem with the "war", dont take it out on the corp that fulfills the contract, take it out on the government that requested it. Its like youre getting mad that a cop shot an unarmed civilian, but you've directed your anger at the producer of the ammo. This is how capitalism works: Someone has a market demand, and a company finds a way to fulfill it.
Tax breaks for good things are good, but when people abuse them, then it's not too much to ask for taxes.
What does "abuse them" mean? The gov't has said "do these things and we reduce your tax burden". If theres supposed to be a limit on how many of those "things" they can do, perhaps we should do something about the tax code rather than going after companies for following it.
Youre claiming that all people with lots of money get government bailouts?
As for tax breaks, please. Corporate tax rate is significantly higher than personal, and in order to get these "loopholes" you have to satisfy conditions-- thats the ENTIRE point. The tax breaks are to get corps to do certain things, and taking advantage of them is, in theory, exactly what we want-- thats WHY we have the incentive!
And whats wrong with taking a government contract?
These people defending MIcrosoft's behaviour are just tools... I wouldn't pay much attention to them. Microsoft can't "kill the hosts file off" because the behaviour is part of the IP specification (defined in the RFC's)
1) Im not defending it, im saying its uber low on "list of things I care about".
2) Theyre not "killing it off", theyre preventing common hijacks to it. Its a pretty retarded way to do it IMO, but whatever.
I make use of the hosts file for various purposes, including getting my forum users set up with hosts file entries to the new server, beforehand, whenever our DNS entries are changing so they can still reach the forum while changes are propagating
This falls under "bad ideas / DNS does it better" from above, sorry. Prior to any DNS changes, set your TTL to 30 minutes or however low it goes, make the change, viola. 30 minutes, max, before propogation. Encouraging HOSTS file use is just going to cause massive breakage down the road when one of your users forgets to remove that entry.
THIS is a prime example of why the hosts file still exists and the behaviour should not be fucked with by those assclowns at Microsoft.
And the breakage that some of your users will experience next DNS change is why we have moved on to DNS, and why what MS does to the HOSTS file is of little concern to me or my clients. There is ONE client that I have that would remotely care about HOSTS behavior change, and Im going to go out on a limb and say hostname-only entries ("SERVER 10.5.5.5") are probably not on the radar of things they mess with, which are about the only major HOSTS file use left in businesses.
Fight malware in other ways.
Then disable the behavior in their antimalware software. This is such a non-issue, its remarkable that it made it through the firehose.
Windows is deployed on at least hundreds of millions of machines world wide, if Microsoft got these ad companies together and told them they could "fix" people trying to block their servers ads you think they would pony up a couple bucks?
The number of people who block ads with HOSTS is positively miniscule. The number of THOSE who would be thwarted by hosts being unavailable is even smaller.
The idea that this is somehow a conspiracy for advertising makes literally no sense, as it would help its rival by an infintesimal amount and gain it no money.
2.) Eats CPU cycles, RAM, & other forms of I/O
Hosts file doesnt have to be loaded into RAM? Rejecting packets outright is more CPU intensive than trying to route to 0.0.0.0, having to do a route lookup, failing, and discarding the session? Hosts file doesnt incur I/O penalty?
Dude, you are so far out there on this one, Im not sure you understand how quick your average firewall can drop a session compared to relying on a crappy HOSTS file redirect to 0.0.0.0.
Hell, look up rootkit.com, & see their article on "Windows Firewall" Vista onwards being EASIER to "unhook".
When I spoke of a "centrally managed firewall", that is most emphatically not the Windows Firewall. Cisco, Sonicwall, pfSense, ipTables, take your pick, all of them are zillions of times better than Hosts:
1) faster
2) easier to maintain
3) has built in logging
4) user cant bypass or tamper, even with escalation exploit
5) less prone to breakage
6) can filter by protocol, hostname, and port, not just IP
But you know what? Keep pushing hosts files as a viable business solution, Im sure youll get lots of business doing so.
Not much of a limb, considering that I stated that I no longer use Windows.
Maybe you shouldnt comment on the state of OS security for an OS you know nothing about, then.
I agree, I just dont think theres anything remotely noteworthy here. If it werent for awful 90s era programs that cant handle DNS, Id say kill the entire thing off and end the stupid "Hosts is a good idea" myth altogether.
I was about to post the same thing, as I'm often tinkering with the hosts file in a development setting just because it's quick and easy,
This is why dealing with devs can be painful. Just request that the IP be added to DNS so that the IT admin can actually reprovision IPs without having to check each and every PC for custom HOSTS.
This is why one of my clients is such a pain to deal with; we could rearchitect the network into something less painful, but each developer seems to think its a good idea to ignore DNS and directly refer to server IPs. Which is great, up until those IPs change.
No, its another reason to say "wow, Slashdot really likes to make mountains out of molehills".
Is this retarded and probably not terribly useful? Yeah. Is it terribly noteworthy, except for a very few people who still rely on something as arcane as HOSTS filtering? No, not really.
The reason to skip Win8 is the training overhead and the massive mess that is the new GUI. Changes to the way HOSTS files are dealt with dont really fit my top 100 things that I care about, because if I want something blocked Ill use a system that is actually designed for it-- not some stupid hack for a kludgy system thats been outdated for about 20 years (Protip: redirecting to 127.0.0.1 is NOT what it was designed for, and is a retarded method for people who dont understand networking; 0.0.0.0 is slightly better, but still a stupid way of filtering).
If anyone is considering trying this, I highly recommend you leave SYSTEM read privileges in there if you want it to continue to work.
No, it will not. If a malicious program is writing to your hosts file then it can also disable Windows Defender or just white-list itself or the hosts file.
One does not follow from the other. The HOSTS file is just a file, and can be written by anything with administrative priveleges. Antivirus software tends to be much harder to disable than simply "get admin, and disable"-- there can be boot-time drivers that prevent such tampering.
Because noone will know what HOSTS is-- mostly because its a largely disused relic from an age before DNS, and is basically only used by poorly written DOS-era programs (which are still DNS-ignorant) and a niche of geeks who seem to think it somehow superior to firewall rules or adblock lists.
If a non-privileged program is permitted to ignore the fact that a file is set to be Read-Only, you have absolutely no protection against malicious code changing anything it wants.
Im going to go out on a limb and say you have no idea what youre talking about-- primarily because you seem to think that Windows Defender is non-privileged. It would be a pretty sorry anti-malware / virus software that ran in user-mode.
Im going to go further out on a limb here and say that Defender probably runs with System rights, and can do pretty much whatever it wants from a OS security perspective.
Advantages over "other things"? Two words:
Firewall entries.
More flexible, centrally maintained, more granular, more reliable, and not prone to user tampering. Yea, how horrible.
IIRC doubleclick is Google. Are you seriously implying that MS is in some sort of conspiracy to give more money to Google?
Stop and think about that for a second, then get back to us once you remove the tinfoil hat.
And this move makes sure you will never consider using a Windows-based platform as a small office-firewall,
And it also guarentees you will never use it as a stapler. Thing is, noone was doing either of those things before, nor will they now.
An IT manager using Hosts is an IT manager that needs to be replaced.
First, if you are doing your web filtering on the workstation, you are doing it badly, badly wrong. Second, HOSTS is not somethin that is easily maintained or modified. Third, there are about a zillion better ways to accomplish blocking than using a HOSTS file.
Its basically a kludge from bygone days before DNS, and for 99% of use cases where you might think "I can use a HOSTS file for that", there are far better methods-- or else the thing you are trying to do is retarded.
More than anything, this sort of thing should give slashdotters pause before they say "The US is as bad as it gets in terms of human rights."
Just like they went quiet and are trying to do stealth-passage of CISPA
Just like Hitler went quiet and tried to do a stealth-takeover of the world...
Seriously, do you have no sense of perspective, or different levels of "things I dont like"? The one situation is not like the other.
People who want a refuge while Chrome's pepper-flash is un unstable lump?
Im just happy they finally have their update system finally in order.
Countries much poorer than America, more corrupt, and still with large populations and land area have done it.
Maybe the reason is because they are much poorer and more corrupt. Its kind of hard to make this a pressing issue here, given that checks and credit cards arent generally a problem; Ill agree that the system with credit cards is retarded but we just dont have a large scale problem of pizza guys lifting cc numbers. If that happens, that will probably provide the impetus for change.
As with most things, unless there is a huge problem, people tend to not want to change what "works".
I dont much like it, but youre out of your mind if you want to compare the two scenarios as you post from your comfortable, heated, internet connected house with a belly full of food.
Part of what makes slashdot slashdot is that 90% of the posters utterly lack any sense of perspective.
Theres a story about how Facebook is selling your data to russian mafia? Clearly, that is just as bad as what Hitler did in WW2. Obama enacts a healthcare plan youre not a fan of? Communist china, and Obama is Mao. Romney takes a stance on abortion that you dont like? Clearly, this man is as repressive as Stalin.
It should come as no suprise that in any particular thread about surveilance, at least one person insists that things are as bad as they are in 1984-- even if they happen to have not read that particular book.
If they are going to waste our money, then they deserved to be taxed to discourage such practises.
Discourage WHAT practices? Providing support for military action that the government has committed itself to? Listen, if you have a problem with the "war", dont take it out on the corp that fulfills the contract, take it out on the government that requested it. Its like youre getting mad that a cop shot an unarmed civilian, but you've directed your anger at the producer of the ammo. This is how capitalism works: Someone has a market demand, and a company finds a way to fulfill it.
Tax breaks for good things are good, but when people abuse them, then it's not too much to ask for taxes.
What does "abuse them" mean? The gov't has said "do these things and we reduce your tax burden". If theres supposed to be a limit on how many of those "things" they can do, perhaps we should do something about the tax code rather than going after companies for following it.
Youre claiming that all people with lots of money get government bailouts?
As for tax breaks, please. Corporate tax rate is significantly higher than personal, and in order to get these "loopholes" you have to satisfy conditions-- thats the ENTIRE point. The tax breaks are to get corps to do certain things, and taking advantage of them is, in theory, exactly what we want-- thats WHY we have the incentive!
And whats wrong with taking a government contract?
He's a mormon (not that that really matters (of course not)) shh!" Romney loses.
How bout we leave Romney's religion out of it, and the right can (maybe) leave Obama's religion out of it.
Honestly, this is an election for president, not pastor.
Not war! Its "Kinetic Military Activity"!