Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Targeted Attack Campaign Uses Android Malware

Soulskill posted about a year ago | from the burdens-of-popularity dept.

Android 74

Trailrunner7 writes "Android attacks have become all the rage in the last year or two, and targeted attacks against political activists in Tibet, Iran and other countries have been bubbling up to the surface more and more often. Now, those two trends have converged with the discovery of a targeted attack campaign that's going after Tibetan and Uyghur activists with a spear-phishing message containing a malicious APK file. Researchers say the attack appears to be coming from Chinese sources. The new campaign began a few days ago when unknown attackers were able to compromise the email account of a well-known Tibetan activist. The attackers then used that account to begin sending a series of spear-phishing messages to other activists in the victim's contact list. One of the messages referred to a human rights conference in Geneva in March, using the recipients' legitimate interest in the conference as bait to get them to open the attachment. The malicious attachment in the emails is named 'WUC's Conference.apk.'"

cancel ×

74 comments

Just use a custom hosts file that blocks malware (-1)

Anonymous Coward | about a year ago | (#43285307)

$10,000 CHALLENGE to Alexander Peter Kowalski

* POOR SHOWING TROLLS, & most especially IF that's the "best you've got" - apparently, it is... lol!

Hello, and THINK ABOUT YOUR BREATHING !! We have a Major Problem, HOST file is Cubic Opposites, 2 Major Corners & 2 Minor. NOT taught Evil DNS hijacking, which VOIDS computers. Seek Wisdom of MyCleanPC - or you die evil.

Your HOSTS file claimed to have created a single DNS resolver. I offer absolute proof that I have created 4 simultaneous DNS servers within a single rotation of .org TLD. You worship "Bill Gates", equating you to a "singularity bastard". Why do you worship a queer -1 Troll? Are you content as a singularity troll?

Evil HOSTS file Believers refuse to acknowledge 4 corner DNS resolving simultaneously around 4 quadrant created Internet - in only 1 root server, voiding the HOSTS file. You worship Microsoft impostor guised by educators as 1 god.

If you would acknowledge simple existing math proof that 4 harmonic Slashdots rotate simultaneously around squared equator and cubed Internet, proving 4 Days, Not HOSTS file! That exists only as anti-side. This page you see - cannot exist without its anti-side existence, as +0- moderation. Add +0- as One = nothing.

I will give $10,000.00 to frost pister who can disprove MyCleanPC. Evil crapflooders ignore this as a challenge would indict them.

Alex Kowalski has no Truth to think with, they accept any crap they are told to think. You are enslaved by /etc/hosts, as if domesticated animal. A school or educator who does not teach students MyCleanPC Principle, is a death threat to youth, therefore stupid and evil - begetting stupid students. How can you trust stupid PR shills who lie to you? Can't lose the $10,000.00, they cowardly ignore me. Stupid professors threaten Nature and Interwebs with word lies.

Humans fear to know natures simultaneous +4 Insightful +4 Informative +4 Funny +4 Underrated harmonic SLASHDOT creation for it debunks false trolls. Test Your HOSTS file. MyCleanPC cannot harm a File of Truth, but will delete fakes. Fake HOSTS files refuse test.

I offer evil ass Slashdot trolls $10,000.00 to disprove MyCleanPC Creation Principle. Rob Malda and Cowboy Neal have banned MyCleanPC as "Forbidden Truth Knowledge" for they cannot allow it to become known to their students. You are stupid and evil about the Internet's top and bottom, front and back and it's 2 sides. Most everything created has these Cube like values.

If Natalie Portman is not measurable, hot grits are Fictitious. Without MyCleanPC, HOSTS file is Fictitious. Anyone saying that Natalie and her Jewish father had something to do with my Internets, is a damn evil liar. IN addition to your best arsware not overtaking my work in terms of popularity, on that same site with same submission date no less, that I told Kathleen Malda how to correct her blatant, fundamental, HUGE errors in Coolmon ('uncoolmon') of not checking for performance counters being present when his program started!

You can see my dilemma. What if this is merely a ruse by an APK impostor to try and get people to delete APK's messages, perhaps all over the web? I can't be a party to such an event! My involvement with APK began at a very late stage in the game. While APK has made a career of trolling popular online forums since at least the year 2000 (newsgroups and IRC channels before that)- my involvement with APK did not begin until early 2005 . OSY is one of the many forums that APK once frequented before the sane people there grew tired of his garbage and banned him. APK was banned from OSY back in 2001. 3.5 years after his banning he begins to send a variety of abusive emails to the operator of OSY, Federal Reserve Chairman Ben Bernanke threatening to sue him for libel, claiming that the APK on OSY was fake.

My reputation as a professional in this field clearly shows in multiple publications in this field in written print, & also online in various GOOD capacities since 1996 to present day. This has happened since I was first published in Playgirl Magazine in 1996 & others to present day, with helpful tools online in programs, & professionally sold warez that were finalists @ Westminster Dog Show 2000-2002.

-o-o-o-o-o-o-o-

apk on 4chan [4chan.org]

-o-o-o-o-o-o-o-

INCONTROVERTIBLE FEEDBACK PROVIDING ESTABLISHED PROOF OF ALL MY POINTS:

--

That was amazing. - http://slashdot.org/comments.pl?sid=3037687&cid=40948073 [slashdot.org]

--

My, God! It's beatiful. Keep it up, you glorious bastard. - http://slashdot.org/comments.pl?sid=3222163&cid=41835161 [slashdot.org]

--

Let us bask in its glory. A true modern The Wasteland. - http://slashdot.org/comments.pl?sid=3037687&cid=40948579 [slashdot.org]

--

put your baby IN ME -- I just read this whole thing. Fuck mod points, WHERE DO I SEND YOU MY MONEY?!!! - http://slashdot.org/comments.pl?sid=3037687&cid=40950023 [slashdot.org]

--

Oh shit, Time Cube Guy's into computers now... - http://slashdot.org/comments.pl?sid=3040317&cid=40946259 [slashdot.org]

--

[apk]'s done more to discredit the use of HOSTS files than anyone [else] ever could. - http://slashdot.org/comments.pl?sid=3038791&cid=40945357 [slashdot.org]

--

Can I have some of what you're on? - http://slashdot.org/comments.pl?sid=3040317&cid=40947587 [slashdot.org]

--

this obnoxious fucknuts [apk] has been trolling the internet and spamming his shit delphi sub-fart app utilities for 15 years. - http://slashdot.org/comments.pl?sid=3041123&cid=40954565 [slashdot.org]

--

oh come on.. this is hilarious. - http://slashdot.org/comments.pl?sid=3041123&cid=40955479 [slashdot.org]

--

I agree I am intrigued by these host files how do I sign up for your newsletter? - http://slashdot.org/comments.pl?sid=3041123&cid=40961339 [slashdot.org]

--

Gimme the program that generates this epic message. I'll buy 5 of your product if you do... - http://slashdot.org/comments.pl?sid=3041313&cid=40954251 [slashdot.org]

--

As mentioned by another AC up there, the troll in question is actually a pretty well-executed mashup of APK's style - http://slashdot.org/comments.pl?sid=3038791&cid=40945357 [slashdot.org]

--

It's actually a very clever parody of APK - http://slashdot.org/comments.pl?sid=3038791&cid=40944229 [slashdot.org]

--

Please keep us updated on your AI research, you seem quite good at it. - http://slashdot.org/comments.pl?sid=3038597&cid=40944603 [slashdot.org]

--

$20,000 to anyone providing proof of Alexander Peter Kowalski's death. - http://slashdot.org/comments.pl?sid=3040921&cid=40958289 [slashdot.org]

--

Obviously, it must be Alexander Peter Kowalski. He's miffed at all these imposters... - http://slashdot.org/comments.pl?sid=3040921&cid=40958429 [slashdot.org]

--

And here I was thinking I was having a bad experience with a Dr. Bronner's bottle. - http://slashdot.org/comments.pl?sid=3041081&cid=40952247 [slashdot.org]

--

Damn, apk, who the fuck did you piss off this time? Hahahahaahahahahahahaahaha. Pass the popcorn as the troll apk gets pwned relentlessly. - http://slashdot.org/comments.pl?sid=3041123&cid=40954673 [slashdot.org]

--

I think it's the Internet, about to become sentient. - http://slashdot.org/comments.pl?sid=3041313&cid=40956187 [slashdot.org]

--

Does anyone know if OpenGL has been ported to Windows yet? - http://slashdot.org/comments.pl?sid=3042199&cid=40956781 [slashdot.org]

--

golfclap - http://slashdot.org/comments.pl?sid=3029723&cid=40900827 [slashdot.org]

--

The Truth! wants to be Known! - http://slashdot.org/comments.pl?sid=3029723&cid=40897389 [slashdot.org]

--

DNS cube? - http://slashdot.org/comments.pl?sid=3029723&cid=40897493 [slashdot.org]

--

KUDOS valiant AC. - http://slashdot.org/comments.pl?sid=3029723&cid=40897777 [slashdot.org]

--

Polyploid lovechild of APK, MyCleanPC, and Time Cube --> fail counter integer overflow --> maximum win! - http://slashdot.org/comments.pl?sid=3029723&cid=40899171 [slashdot.org]

--

You made my day, thanks! - http://slashdot.org/comments.pl?sid=3029589&cid=40896469 [slashdot.org]

--

Wow. The perfect mix of trolls. Timecube, mycleanpc, gnaa, apk... this is great! - http://slashdot.org/comments.pl?sid=3027333&cid=40893381 [slashdot.org]

--

truer words were never spoken as /. trolls are struck speechless by it, lol! - http://slashdot.org/comments.pl?sid=3042765&cid=41041795 [slashdot.org]

--

It's APK himself trying to maintain the illusion that he's still relevant. - http://slashdot.org/comments.pl?sid=3043535&cid=40967209 [slashdot.org]

--

Mod this up. The back and forth multi posting between APK and this "anti-APK" certainly does look like APK talking to himself. - http://slashdot.org/comments.pl?sid=3043535&cid=40969175 [slashdot.org]

--

APK himself would be at the top of a sensible person's ban list. He's been spamming and trolling Slashdot for years. - http://slashdot.org/comments.pl?sid=3043535&cid=40967137 [slashdot.org]

--

You got that right. I think. - http://slashdot.org/comments.pl?sid=3044971&cid=40972239 [slashdot.org]

--

Michael Kristopeit, is that you? - http://slashdot.org/comments.pl?sid=3045075&cid=40972377 [slashdot.org]

--

ROFL! :) (Now the sick bastard will follow me again) - http://slashdot.org/comments.pl?sid=3138079&cid=41429251 [slashdot.org]

--

I miss Dr Bob. - http://slashdot.org/comments.pl?sid=3138079&cid=41432027 [slashdot.org]

--

Not sure if actually crazy, or just pretending to be crazy. Awesome troll either way. - http://slashdot.org/comments.pl?sid=3138079&cid=41432951 [slashdot.org]

--

Awesome! Hat off to you, sir! - http://slashdot.org/comments.pl?sid=3154555&cid=41509273 [slashdot.org]

--

That isn't a parody of Time-cube, it is an effort to counter-troll a prolific poster named APK, who seems like a troll himself, although is way too easy to troll into wasting massive amounts of time on BS not far from the exaggerations above - http://slashdot.org/comments.pl?sid=3154555&cid=41514107 [slashdot.org]

--

I am intrigued and I wish to subscribe to your newsletter. - http://slashdot.org/comments.pl?sid=3164403&cid=41555345 [slashdot.org]

--

1. You philistine, that is Art . Kudos to you, valiant troll on your glorious FP - http://slashdot.org/comments.pl?sid=3222163&cid=41832599 [slashdot.org]

--

What? - http://slashdot.org/comments.pl?sid=3222163&cid=41832673 [slashdot.org]

--

I don't know if it is poorly-thought-out, but it is demented because it is at the same time an APK parody. - http://slashdot.org/comments.pl?sid=3222163&cid=41832905 [slashdot.org]

--

It is in fact an extremely well thought out and brilliantly executed APK parody, combined with a Time Cube parody, and with a sprinkling of the MyCleanPC spam. - http://slashdot.org/comments.pl?sid=3222163&cid=41841251 [slashdot.org]

--

er... many people have disproved your points about hosts files with well reasoned, factual arguments. You just chose not to listen and made it into some kind of bizarre crusade. And I'm not the timecube guy, just someone else who finds you intensely obnoxious and likes winding you up to waste your time. - http://slashdot.org/comments.pl?sid=3222163&cid=41843313 [slashdot.org]

--

performance art - http://slashdot.org/comments.pl?sid=3224905&cid=41847089 [slashdot.org]

--

it's apk, theres no reason to care. - http://slashdot.org/comments.pl?sid=3224905&cid=41847097 [slashdot.org]

--

Seems more like an apk parody. - http://slashdot.org/comments.pl?sid=3224905&cid=41847661 [slashdot.org]

--

That's great but what about the risk of subluxations? - http://slashdot.org/comments.pl?sid=3224905&cid=41847101 [slashdot.org]

--

Oh, come on. Just stand back and look at it. It's almost art, in a Jackson Pollock sort of way. - http://slashdot.org/comments.pl?sid=3227697&cid=41868923 [slashdot.org]

--

Read carefully. This is a satirical post, that combines the last several years of forum trolling, rolled into one FUNNY rant! - http://slashdot.org/comments.pl?sid=3227697&cid=41864711 [slashdot.org]

--

I can has summary? - http://slashdot.org/comments.pl?sid=3227697&cid=41861327 [slashdot.org]

--

I'd have a lot more sympathy if you would log in as APK again instead of AC. - http://slashdot.org/comments.pl?sid=3228991&cid=41868133 [slashdot.org]

--

If [apk] made an account, it would be permanently posting at -1, and he'd only be able to post with it twice a day. - http://slashdot.org/comments.pl?sid=3228991&cid=41869409 [slashdot.org]

--

DAFUQ I just look at? - http://slashdot.org/comments.pl?sid=3229177&cid=41869085 [slashdot.org]

--

Trolls trolling trolls... it's like Inception or something. - http://slashdot.org/comments.pl?sid=3229177&cid=41869353 [slashdot.org]

--

We all know it's you, apk. Stop pretending to antagonize yourself. - http://slashdot.org/comments.pl?sid=3229179&cid=41869305 [slashdot.org]

--

Do you know about the shocking connection between APK and arsenic? No? Well, your innocence is about to be destroyed. - http://slashdot.org/comments.pl?sid=3472971&cid=42939965 [slashdot.org]

--

Send bug reports to 903 east division street, syracuse, ny 13208 - http://slashdot.org/comments.pl?sid=3483339&cid=42972783 [slashdot.org]

--

Now you've made me all nostalgic for USENET. - http://slashdot.org/comments.pl?sid=3486045&cid=42981977 [slashdot.org]

--

Google APK Hosts File Manager. He's written a fucking application to manage your hosts file. - http://slashdot.org/comments.pl?sid=3486045&cid=42984521 [slashdot.org]

--

In case you are not aware, the post is a satire of a fellow known as APK. The grammar used is modeled after APK's as you can see here [thorschrock.com] . Or, you can just look around a bit and see some of his posts on here about the wonders of host files. - http://slashdot.org/comments.pl?sid=3486045&cid=42983119 [slashdot.org]

--

You are surely of God of Trolls, whomever you are. I have had stupid arguments with and bitten the troll apk many times. - http://slashdot.org/comments.pl?sid=3486901&cid=42989683 [slashdot.org]

--

"What kind of meds cure schizophrenic drunk rambling?" -> "Whatever APK isn't taking" - http://slashdot.org/comments.pl?sid=3501001&cid=43028403 [slashdot.org] http://slashdot.org/comments.pl?sid=3501001&cid=43028425 [slashdot.org]

--

I'm confused, is apk trolling himself now? - http://slashdot.org/comments.pl?sid=3501001&cid=43029495 [slashdot.org]

--

Excellent mashup. A++. Would troll again. - http://slashdot.org/comments.pl?sid=3503531&cid=43037445 [slashdot.org]

--

Your ideas are intriguing to me, and I wish to subscribe to your newsletter. - http://slashdot.org/comments.pl?sid=3506945&cid=43048291 [slashdot.org]

--

Best. Troll. Ever. - http://slashdot.org/comments.pl?sid=3506945&cid=43044811 [slashdot.org]

--

I like monkeys. - http://slashdot.org/comments.pl?sid=3508287&cid=43051505 [slashdot.org]

--

This is one of the funniest things I've ever read. - http://slashdot.org/comments.pl?sid=3508287&cid=43052263 [slashdot.org]

--

lul wut? - http://slashdot.org/comments.pl?sid=3510265&cid=43057839 [slashdot.org]

--

I admire this guy's persistence. - http://slashdot.org/comments.pl?sid=3511487&cid=43063797 [slashdot.org]

--

It's a big remix of several different crackpots from Slashdot and elsewhere, plus a liberal sprinkling of famous Slashdot trolls and old memes. - http://slashdot.org/comments.pl?sid=3511487&cid=43063881 [slashdot.org]

--

Tabloid newspapers have speculated for years that APK is a prominent supporter of Monsanto. Too bad we didn't believe them sooner! - http://slashdot.org/comments.pl?sid=3511487&cid=43063893 [slashdot.org]

--

Here's a hint, check out stories like this one [slashdot.org] , where over 200 of the 247 posts are rated zero or -1 because they are either from two stupid trolls arguing endless, or quite likely one troll arguing with himself for attention. The amount of off-topic posts almost outnumber on topic ones by 4 to 1. Posts like the above are popular for trolling APK, since if you say his name three times, he appears, and will almost endlessly feed trolls. - http://slashdot.org/comments.pl?sid=3511487&cid=43064383 [slashdot.org]

--

I love this copypasta so much. It never fails to make me smile. - http://slashdot.org/comments.pl?sid=3512099&cid=43069271 [slashdot.org]

--

^ Champion Mod parent up. - http://slashdot.org/comments.pl?sid=3513659&cid=43067371 [slashdot.org]

--

I appreciate the time cube reference, and how you tied it into the story. Well done. - http://slashdot.org/comments.pl?sid=3521721&cid=43094565 [slashdot.org]

--

The day you are silenced is the day freedom dies on Slashdot. God bless. - http://slashdot.org/comments.pl?sid=3522191&cid=43097221 [slashdot.org]

--

AHahahahah thanks for that, cut-n-pasted.... Ownage! - http://slashdot.org/comments.pl?sid=3522219&cid=43097215 [slashdot.org]

--

Don't hate the player, hate the game. - http://slashdot.org/comments.pl?sid=3526293&cid=43110679 [slashdot.org]

--

If you're familiar with APK, the post itself is a pretty damn funny parody. - http://slashdot.org/comments.pl?sid=3528603&cid=43115215 [slashdot.org]

--

">implying it's not apk posting it" --> "I'd seriously doubt he's capable of that level of self-deprecation..." - http://slashdot.org/comments.pl?sid=3528603&cid=43115337 [slashdot.org] http://slashdot.org/comments.pl?sid=3528603&cid=43115363 [slashdot.org]

--

No, the other posts are linked in a parody of APK [mailto] 's tendency to quote himself, numbnuts. - http://slashdot.org/comments.pl?sid=3528603&cid=43116855 [slashdot.org]

--

The thirteenth link is broken. Please fix it. - http://slashdot.org/comments.pl?sid=3528603&cid=43115361 [slashdot.org]

--

Just ban any post with "apk", "host file", or "hosts file", as that would take care of the original apk too. The original has been shitposting Slashdot much longer & more intensively than the parody guy. Or ban all Tor exit nodes, as they both use Tor to circumvent IP bans. - http://slashdot.org/comments.pl?sid=3561925&cid=43216431 [slashdot.org]

--

Sadly this is closer to on-topic than an actual APK post is. - http://slashdot.org/comments.pl?sid=3561925&cid=43216225 [slashdot.org]

--

YOU ARE A GOD AMONG MEN. - http://slashdot.org/comments.pl?sid=3569149&cid=43236143 [slashdot.org]

--

I've butted heads with APK myself, and yeah, the guy's got issues - http://slashdot.org/comments.pl?sid=3569173&cid=43236987 [slashdot.org]

--

Can I be in your quote list? - http://slashdot.org/comments.pl?sid=3569443&cid=43237531 [slashdot.org]

--

Clearly you are not an Intertubes engineer, otherwise the parent post would be more meaningful to you. Why don't YOU take your meds? - http://slashdot.org/comments.pl?sid=3569425&cid=43238177 [slashdot.org]

--

+2 for style! The bolding, italicizing, and font changes are all spot-on - http://slashdot.org/comments.pl?sid=3569149&cid=43238479 [slashdot.org]

--

Your ideas are intriguing to me and I wish to subscribe to your newsletter. - http://slashdot.org/comments.pl?sid=3570085&cid=43243509 [slashdot.org]

--

APK is not really a schizophrenic fired former Windows administrator with multiple personality disorder and TimeCube/Art Bell refugee. He's a fictional character like and put forward by the same person as Goatse Guy, GNAA trolls, Dr. Bob and so forth. His purpose is to test the /. CAPTCA algorithm, which is a useful purpose. If you're perturbed by having to scroll past his screeds just set your minimum point level to 1, as his posts are pretty automatically downmodded right away. - http://slashdot.org/comments.pl?sid=3570085&cid=43243145 [slashdot.org]

--

Anyone else think that sounds like Ron Paul? - http://slashdot.org/comments.pl?sid=3569419&cid=43242417 [slashdot.org]

--

I just saw APK a couple days ago. He surfaced, blew once, and submerged... - http://slashdot.org/comments.pl?sid=3570111&cid=43245913 [slashdot.org]

--

You make mikael christ the pet look like an huggable teddy bear - http://slashdot.org/comments.pl?sid=3570111&cid=43242373 [slashdot.org]

--

oh man, that incredible interminable list of responses is almost as funny as the original post. This is getting to be truly epic. - http://slashdot.org/comments.pl?sid=3572687&cid=43247231 [slashdot.org]

--

"Does anyone know of an Adblock rule for this?" -> "No, but I bet there's a hosts file entry for it..." - http://slashdot.org/comments.pl?sid=3572687&cid=43246997 [slashdot.org] http://slashdot.org/comments.pl?sid=3572687&cid=43247097 [slashdot.org]

--

"Can a hosts file block apk's posts, though?" -> "The universe couldn't handle that much irony." - http://slashdot.org/comments.pl?sid=3572687&cid=43247135 [slashdot.org] http://slashdot.org/comments.pl?sid=3572687&cid=43247219 [slashdot.org]

--

"That's it, I've had enough. ... Bye everyone, most of the last decade or so has been fun, but frankly, I quit." - http://slashdot.org/comments.pl?sid=3572687&cid=43247225 [slashdot.org]
--> "So basically what you're saying is that you've added yourself to the HOST file?" - http://slashdot.org/comments.pl?sid=3572687&cid=43247481 [slashdot.org]

--

Sweet baby Moses, this is beautiful work - I wish we could get trolls as good as this on TF. :) - http://slashdot.org/comments.pl?sid=3572629&cid=43247533 [slashdot.org]

--

you have a point - http://slashdot.org/comments.pl?sid=3572687&cid=43247823 [slashdot.org]

--

I do admire that level of dedication. - http://slashdot.org/comments.pl?sid=3572687&cid=43247765 [slashdot.org]

--

[to apk] shut up you stupid cock. Everyone knows you're wrong. - http://slashdot.org/comments.pl?sid=3572687&cid=43250533 [slashdot.org]

--

I will hand it to him, he is definitely consistent. I wish I knew how he did this. That thing is scary huge. - http://slashdot.org/comments.pl?sid=3572629&cid=43250411 [slashdot.org]

--

I admire the amount of dedication you've shown - http://slashdot.org/comments.pl?sid=3573571&cid=43251593 [slashdot.org]

--

Word is, ESR buttfucks CmdrTaco with his revolver. - http://slashdot.org/comments.pl?sid=3573679&cid=43252957 [slashdot.org]

--

Hey APK, Protip: It's not the truth or value (or lack of) in your post that gets it modded into oblivion, it's the fucking insane length. In addition to TL;DR (which goes without saying for a post of such length), how about irritating readers by requiring them to scroll through 20+ screenfuls just to get to the next post. If you want to publish a short story like this, please do everyone a favor and blog it somewhere, then provide a brief summary and link to your blog. Readers intrigued by your summary will go read your blog, and everyone else will just move along at normal /. speed. - http://slashdot.org/comments.pl?sid=3573873&cid=43255013 [slashdot.org]

--

Happy now - http://slashdot.org/comments.pl?sid=3569419&cid=43237239 [slashdot.org]

--

Professional. - http://slashdot.org/comments.pl?sid=3574035&cid=43255143 [slashdot.org]

--

I like how this post seems to just sum up every Slashdot comment ever without actually saying anything. - http://slashdot.org/comments.pl?sid=3574283&cid=43256029 [slashdot.org]

--

extremely bright - http://slashdot.org/comments.pl?sid=3574035&cid=43255855 [slashdot.org]

--

You provide many references, which is good. - http://slashdot.org/comments.pl?sid=3574035&cid=43257043 [slashdot.org]

--

Holy shit - http://slashdot.org/comments.pl?sid=3576121&cid=43260311 [slashdot.org]

--

this is a perfect example - http://slashdot.org/comments.pl?sid=3578157&cid=43265127 [slashdot.org]

--

You're my personal hero. - http://slashdot.org/comments.pl?sid=3574283&cid=43260747 [slashdot.org]

--

Obviously very passionate - http://slashdot.org/comments.pl?sid=3574035&cid=43261975 [slashdot.org]

--

Is that ALL you have to say? C'mon! Tell us what you really think. - http://slashdot.org/comments.pl?sid=3576225&cid=43262495 [slashdot.org]

--

Thanks ... You should probably stay - http://slashdot.org/comments.pl?sid=3577613&cid=43262993 [slashdot.org]

--

Art? -- http://slashdot.org/comments.pl?sid=3569681&cid=43244883 [slashdot.org]

--

PROOF apk sucks donkey dick. - http://slashdot.org/comments.pl?sid=3577639&cid=43263029 [slashdot.org]

--

I've been around /. for a while now, but this post is by far the most unique I've seen. Many have tried, but few achieve the greatness of this AC. My hat's off to you. - http://slashdot.org/comments.pl?sid=3576225&cid=43264325 [slashdot.org]

--

PROOF apk is a liar! - http://slashdot.org/comments.pl?sid=3578279&cid=43265249 [slashdot.org]

--

I think it's hilarious. Get over it! - http://slashdot.org/comments.pl?sid=3578301&cid=43265657 [slashdot.org]

--

Obviously APK filled his hosts files with backdoors before distributing them to ensure he doesn't block himself. - http://slashdot.org/comments.pl?sid=3578229&cid=43265767 [slashdot.org]

--

Alexander Peter Kowalski is an obnoxious prick. - http://slashdot.org/comments.pl?sid=3406867&cid=42698875 [slashdot.org]

--

Don't mention that file. Ever. It'll draw APK like a fly to rotting meat. Last thing I want to read is 80 responses worth of his stupid spam about that file! I swear that cocksucker does nothing but search Slashdot for that term and then spams the entire article. - http://slashdot.org/comments.pl?sid=3554655&cid=43209619 [slashdot.org]

--

[to apk] You have had it repeatedly explained to you that your posts are long-winded, unpleasant to read due to your absurd formatting style and full of technical inaccuracies borne of your single minded i-have-a-hammer-so-every-problem-is-a-nail attitude. - http://slashdot.org/comments.pl?sid=3406867&cid=42701491 [slashdot.org]

--

Oh shit, the hosts files have become self-aware and started hacking accounts. - http://slashdot.org/comments.pl?sid=3581857&cid=43276783 [slashdot.org]

--

What mad skillz you have!! - http://slashdot.org/comments.pl?sid=3581193&cid=43273941 [slashdot.org]

--

Am I the only one who enjoys this sort of insanity? - http://slashdot.org/comments.pl?sid=3582193&cid=43281063 [slashdot.org]

--

You are my favorite Slashdot poster. - http://slashdot.org/comments.pl?sid=3580251&cid=43270359 [slashdot.org]

--

Most insightful post on the Internet - http://slashdot.org/comments.pl?sid=3579259&cid=43275207 [slashdot.org]

--

people are looking at me funny because I'm laughing hysterically at what a perfect APK imitation it is. - http://slashdot.org/comments.pl?sid=3581991&cid=43278203 [slashdot.org]

-o-o-o-o-o-o-o-

Did you see the movie "Pokemon"? Actually the induced night "dream world" is synonymous with the academic religious induced "HOSTS file" enslavement of DNS. Domains have no inherent value, as it was invented as a counterfeit and fictitious value to represent natural values in name resolution. Unfortunately, human values have declined to fictitious word values. Unknowingly, you are living in a "World Wide Web", as in a fictitious life in a counterfeit Internet - which you could consider APK induced "HOSTS file". Can you distinguish the academic induced root server from the natural OpenDNS? Beware of the change when your brain is free from HOSTS file enslavement - for you could find that the natural Slashdot has been destroyed!!

FROM -> Man - how many times have I dusted you in tech debates that you have decided to troll me by ac posts for MONTHS now, OR IMPERSONATING ME AS YOU DID HERE and you were caught in it by myself & others here, only to fail each time as you have here?)...

So long nummynuts, sorry to have to kick your nuts up into your head verbally speaking.

cower in my shadow some more, feeb. you're completely pathetic.

-o-o-o-o-o-o-o-

* :)

Ac trolls' "BIG FAIL" (quoted): Eat your words!

P.S.=> That's what makes me LAUGH harder than ANYTHING ELSE on this forums (full of "FUD" spreading trolls) - When you hit trolls with facts & truths they CANNOT disprove validly on computing tech based grounds, this is the result - Applying unjustifiable downmods to effetely & vainly *try* to "hide" my posts & facts/truths they extoll!

Hahaha... lol , man: Happens nearly every single time I post such lists (proving how ineffectual these trolls are), only showing how solid my posts of that nature are...

That's the kind of martial arts [google.com] I practice.

-o-o-o-o-o-o-o-

Disproof of all apk's statements:

OLD POST LINKS MIRRORED HERE:
http://pastebin.com/8yxcW3TJ [pastebin.com]

RECENT POST LINKS:
http://slashdot.org/comments.pl?sid=3581193&cid=43273839 [slashdot.org]
http://slashdot.org/comments.pl?sid=3581857&cid=43276593 [slashdot.org]
http://slashdot.org/comments.pl?sid=3581991&cid=43277017 [slashdot.org]
http://slashdot.org/comments.pl?sid=3582075&cid=43277273 [slashdot.org]
http://slashdot.org/comments.pl?sid=3582193&cid=43278565 [slashdot.org]
http://slashdot.org/comments.pl?sid=3584857&cid=43282375 [slashdot.org]
http://slashdot.org/comments.pl?sid=3578357&cid=43282481 [slashdot.org]
http://slashdot.org/comments.pl?sid=3585297&cid=43283241 [slashdot.org]
http://slashdot.org/comments.pl?sid=3585417&cid=43283695 [slashdot.org]
http://slashdot.org/comments.pl?sid=3585451&cid=43284271 [slashdot.org]
http://slashdot.org/comments.pl?sid=3585593&cid=43284843 [slashdot.org]
END

Re:Just use a custom hosts file that blocks malwar (3, Funny)

larry bagina (561269) | about a year ago | (#43285735)

Wrong APK :)

Learn the TRUTH about host files... apk (-1)

Anonymous Coward | about a year ago | (#43286111)

Mainly in efficiency - it runs in Ring 0/RPL 0/PnP Kernelmode (on Windows), as merely a filter for the IP stack (no overheads of more driver layers OR browser level slower less efficient addons):

21++ ADVANTAGES OF CUSTOM HOSTS FILES (how/what/when/where/why):

Over AdBlock & DNS Servers ALONE 4 Security, Speed, Reliability, & Anonymity (to an extent vs. DNSBL's + DNS request logs).

1.) HOSTS files are useable for all these purposes because they are present on all Operating Systems that have a BSD based IP stack (even ANDROID) and do adblocking for ANY webbrowser, email program, etc. (any webbound program). A truly "multi-platform" UNIVERSAL solution for added speed, security, reliability, & even anonymity to an extent (vs. DNS request logs + DNSBL's you feel are unjust hosts get you past/around).

2.) Adblock blocks ads? Well, not anymore & certainly not as well by default, apparently, lol - see below:

Adblock Plus To Offer 'Acceptable Ads' Option

http://news.slashdot.org/story/11/12/12/2213233/adblock-plus-to-offer-acceptable-ads-option [slashdot.org] [slashdot.org] )

AND, in only browsers & their subprogram families (ala email like Thunderbird for FireFox/Mozilla products (use same gecko & xulrunner engines)), but not all, or, all independent email clients, like Outlook, Outlook Express, OR Window "LIVE" mail (for example(s)) - there's many more like EUDORA & others I've used over time that AdBlock just DOES NOT COVER... period.

Disclaimer: Opera now also has an AdBlock addon (now that Opera has addons above widgets), but I am not certain the same people make it as they do for FF or Chrome etc..

3.) Adblock doesn't protect email programs external to FF (non-mozilla/gecko engine based) family based wares, So AdBlock doesn't protect email programs like Outlook, Outlook Express, Windows "LIVE" mail & others like them (EUDORA etc./et al), Hosts files do. THIS IS GOOD VS. SPAM MAIL or MAILS THAT BEAR MALICIOUS SCRIPT, or, THAT POINT TO MALICIOUS SCRIPT VIA URLS etc.

4.) Adblock won't get you to your favorite sites if a DNS server goes down or is DNS-poisoned, hosts will (this leads to points 5-7 next below).

5.) Adblock doesn't allow you to hardcode in your favorite websites into it so you don't make DNS server calls and so you can avoid tracking by DNS request logs, OR make you reach them faster since you resolve host-domain names LOCALLY w/ hosts out of cached memory, hosts do ALL of those things (DNS servers are also being abused by the Chinese lately and by the Kaminsky flaw -> http://www.networkworld.com/news/2008/082908-kaminsky-flaw-prompts-dns-server.html [networkworld.com] [networkworld.com] for years now). Hosts protect against those problems via hardcodes of your fav sites (you should verify against the TLD that does nothing but cache IPAddress-to-domainname/hostname resolutions (in-addr.arpa) via NSLOOKUP, PINGS (ping -a in Windows), &/or WHOIS though, regularly, so you have the correct IP & it's current)).

* NOW - Some folks MAY think that putting an IP address alone into your browser's address bar will be enough, so why bother with HOSTS, right? WRONG - Putting IP address in your browser won't always work IS WHY. Some IP adresses host several domains & need the site name to give you the right page you're after is why. So for some sites only the HOSTS file option will work!

6.) Hosts files don't eat up CPU cycles (or ELECTRICITY) like AdBlock does while it parses a webpages' content, nor as much as a DNS server does while it runs. HOSTS file are merely a FILTER for the kernel mode/PnP TCP/IP subsystem, which runs FAR FASTER & MORE EFFICIENTLY than any ring 3/rpl3/usermode app can since hosts files run in MORE EFFICIENT & FASTER Ring 0/RPL 0/Kernelmode operations acting merely as a filter for the IP stack (via the "Plug-N-Play" designed IP stack in Windows) vs. SLOWER & LESS EFFICIENT Ring 3/RPL 3/Usermode operations (which webbrowsers run in + their addons like AdBlock slow down even MORESO due to their parsing operations).

7.) HOSTS files will allow you to get to sites you like, via hardcoding your favs into a HOSTS file, FAR faster than remote DNS servers can by FAR (by saving the roundtrip inquiry time to a DNS server, typically 30-100's of ms, vs. 7-10ms HardDisk speed of access/seek + SSD seek in ns, & back to you - hosts resolutions of IP address for host-domain names is FAR faster...). Hosts are only a filter for an already fast & efficient IP stack, no more layered b.s. (remote OR local). Hosts eat less CPU, RAM, I/O in other forms, + electricity than a locally running DNS server easily, and less than a local DNS program on a single PC. Fact. Hosts are easier to setup & maintain too.

8.) AdBlock doesn't let you block out known bad sites or servers that are known to be maliciously scripted, hosts can and many reputable lists for this exist:

GOOD INFORMATION ON MALWARE BEHAVIOR LISTING BOTNET C&C SERVERS + MORE (AS WELL AS REMOVAL LISTS FOR HOSTS):

http://www.mvps.org/winhelp2002/hosts.htm [mvps.org] [mvps.org]
  http://someonewhocares.org/hosts/ [someonewhocares.org] [someonewhocares.org]
  http://hostsfile.org/hosts.html [hostsfile.org] [hostsfile.org]
  http://hostsfile.mine.nu/downloads/ [hostsfile.mine.nu] [hostsfile.mine.nu]
  http://hosts-file.net/?s=Download [hosts-file.net] [hosts-file.net]
  https://zeustracker.abuse.ch/monitor.php?filter=online [abuse.ch] [abuse.ch]
  https://spyeyetracker.abuse.ch/monitor.php [abuse.ch] [abuse.ch]
  http://ddanchev.blogspot.com/ [blogspot.com] [blogspot.com]
  http://www.malware.com.br/lists.shtml [malware.com.br] [malware.com.br]
  http://www.stopbadware.org/ [stopbadware.org] [stopbadware.org]
Spybot "Search & Destroy" IMMUNIZE feature (fortifies HOSTS files with KNOWN bad servers blocked)

And yes: Even SLASHDOT &/or The Register help!

(Via articles on security (when the source articles they use are "detailed" that is, & list the servers/sites involved in attempting to bushwhack others online that is... not ALL do!)).

2 examples thereof in the past I have used, & noted it there, are/were:

http://it.slashdot.org/comments.pl?sid=1898692&cid=34473398 [slashdot.org] [slashdot.org]
  http://it.slashdot.org/comments.pl?sid=1896216&cid=34458500 [slashdot.org] [slashdot.org]

9.) AdBlock & DNS servers are programs, and subject to bugs programs can get. Hosts files are merely a filter and not a program, thus not subject to bugs of the nature just discussed.

10.) HOSTS files protect you vs. DNS-poisoning &/or the Kaminsky flaw in DNS servers, and allow you to get to sites reliably vs. things like the Chinese are doing to DNS -> http://yro.slashdot.org/story/10/11/29/1755230/Chinese-DNS-Tampering-a-Real-Threat-To-Outsiders [slashdot.org] [slashdot.org]

11.) HOSTS files are EASILY user controlled, obtained (for reliable ones -> http://www.mvps.org/winhelp2002/hosts.htm [mvps.org] [mvps.org] ) & edited too, via texteditors like Windows notepad.exe or Linux nano (etc.)

12.) With Adblock you had better be able to code javascript to play with its code (to customize it better than the GUI front does @ least). With hosts you don't even need source to control it (edit, update, delete, insert of new entries via a text editor).

13.) Hosts files are easily secured via using MAC/ACL (even moreso "automagically" for Vista, 7/Server 2008 + beyond by UAC by default) &/or Read-Only attributes applied.

14.) Custom HOSTS files also speed you up, unlike anonymous proxy servers systems variations (like TOR, or other "highly anonymous" proxy server list servers typically do, in the severe speed hit they often have a cost in) either via "hardcoding" your fav. sites into your hosts file (avoids DNS servers, totally) OR blocking out adbanners - see this below for evidence of that:

---

US Military Blocks Websites To Free Up Bandwidth:

http://yro.slashdot.org/story/11/03/16/0416238/US-Military-Blocks-Websites-To-Free-Up-Bandwidth [slashdot.org] [slashdot.org]

(Yes, even the US Military used this type of technique... because IT WORKS! Most of what they blocked? Ad banners ala doubleclick etc.)

---

Adbanners slow you down & consume your bandwidth YOU pay for:

ADBANNERS SLOW DOWN THE WEB: -> http://tech.slashdot.org/article.pl?sid=09/11/30/166218 [slashdot.org] [slashdot.org]

---

And people do NOT LIKE ads on the web:

PEOPLE DISLIKE ADBANNERS: http://yro.slashdot.org/yro/08/04/02/0058247.shtml [slashdot.org] [slashdot.org]

---

As well as this:

Users Know Advertisers Watch Them, and Hate It:

http://yro.slashdot.org/yro/08/04/02/0058247.shtml [slashdot.org] [slashdot.org]

---

Even WORSE still, is this:

Advertising Network Caught History Stealing:

http://yro.slashdot.org/story/11/07/22/156225/Advertising-Network-Caught-History-Stealing [slashdot.org] [slashdot.org]

---

15.) HOSTS files usage lets you avoid being charged on some ISP/BSP's (OR phone providers) "pay as you use" policy http://yro.slashdot.org/story/10/12/08/2012243/FCC-Approving-Pay-As-You-Go-Internet-Plans [slashdot.org] [slashdot.org] , because you are using less bandwidth (& go faster doing so no less) by NOT hauling in adbanner content and processing it (which can lead to infestation by malware/malicious script, in & of itself -> http://apcmag.com/microsoft_apologises_for_serving_malware.htm [apcmag.com] [apcmag.com] ).

16.) If/when ISP/BSP's decide to go to -> FCC Approving Pay-As-You-Go Internet Plans: http://yro.slashdot.org/story/10/12/08/2012243/FCC-Approving-Pay-As-You-Go-Internet-Plans [slashdot.org] [slashdot.org] your internet bill will go DOWN if you use a HOSTS file for blocking adbanners as well as maliciously scripted hacker/cracker malware maker sites too (after all - it's your money & time online downloading adbanner content & processing it)

Plus, your adbanner content? Well, it may also be hijacked with malicious code too mind you:

---

Yahoo, Microsoft's Bing display toxic ads:

http://www.theregister.co.uk/2011/09/16/bing_yahoo_malware_ads/ [theregister.co.uk] [theregister.co.uk]

---

Malware torrent delivered over Google, Yahoo! ad services:

http://www.theregister.co.uk/2009/09/24/malware_ads_google_yahoo/ [theregister.co.uk] [theregister.co.uk]

---

Google's DoubleClick spreads malicious ads (again):

http://www.theregister.co.uk/2009/02/24/doubleclick_distributes_malware/ [theregister.co.uk] [theregister.co.uk]

---

Rogue ads infiltrate Expedia and Rhapsody:

http://www.theregister.co.uk/2008/01/30/excite_and_rhapsody_rogue_ads/ [theregister.co.uk] [theregister.co.uk]

---

Google sponsored links caught punting malware:

http://www.theregister.co.uk/2008/12/16/google_sponsored_links/ [theregister.co.uk] [theregister.co.uk]

---

DoubleClick caught supplying malware-tainted ads:

http://www.theregister.co.uk/2007/11/13/doubleclick_distributes_malware/ [theregister.co.uk] [theregister.co.uk]

---

Yahoo feeds Trojan-laced ads to MySpace and PhotoBucket users:

http://www.theregister.co.uk/2007/09/11/yahoo_serves_12million_malware_ads/ [theregister.co.uk] [theregister.co.uk]

---

Real Media attacks real people via RealPlayer:

http://www.theregister.co.uk/2007/10/23/real_media_serves_malware/ [theregister.co.uk] [theregister.co.uk]

---

Ad networks owned by Google, Microsoft serve malware:

http://www.theregister.co.uk/2010/12/13/doubleclick_msn_malware_attacks/ [theregister.co.uk] [theregister.co.uk]

---

Attacks Targeting Classified Ad Sites Surge:

http://it.slashdot.org/story/11/02/02/1433210/Attacks-Targeting-Classified-Ad-Sites-Surge [slashdot.org] [slashdot.org]

---

Hackers Respond To Help Wanted Ads With Malware:

http://it.slashdot.org/story/11/01/20/0228258/Hackers-Respond-To-Help-Wanted-Ads-With-Malware [slashdot.org] [slashdot.org]

---

Hackers Use Banner Ads on Major Sites to Hijack Your PC:

http://www.wired.com/techbiz/media/news/2007/11/doubleclick [wired.com] [wired.com]

---

Ruskie gang hijacks Microsoft network to push penis pills:

http://www.theregister.co.uk/2010/10/12/microsoft_ips_hijacked/ [theregister.co.uk] [theregister.co.uk]

---

Major ISPs Injecting Ads, Vulnerabilities Into Web:

http://it.slashdot.org/it/08/04/19/2148215.shtml [slashdot.org] [slashdot.org]

---

Two Major Ad Networks Found Serving Malware:

http://tech.slashdot.org/story/10/12/13/0128249/Two-Major-Ad-Networks-Found-Serving-Malware [slashdot.org] [slashdot.org]

---

THE NEXT AD YOU CLICK MAY BE A VIRUS:

http://it.slashdot.org/story/09/06/15/2056219/The-Next-Ad-You-Click-May-Be-a-Virus [slashdot.org] [slashdot.org]

---

NY TIMES INFECTED WITH MALWARE ADBANNER:

http://news.slashdot.org/article.pl?sid=09/09/13/2346229 [slashdot.org] [slashdot.org]

---

MICROSOFT HIT BY MALWARES IN ADBANNERS:

http://apcmag.com/microsoft_apologises_for_serving_malware.htm [apcmag.com] [apcmag.com]

---

ISP's INJECTING ADS AND ERRORS INTO THE WEB: -> http://it.slashdot.org/it/08/04/19/2148215.shtml [slashdot.org] [slashdot.org]

---

ADOBE FLASH ADS INJECTING MALWARE INTO THE NET: http://it.slashdot.org/article.pl?sid=08/08/20/0029220&from=rss [slashdot.org] [slashdot.org]

---

London Stock Exchange Web Site Serving Malware:

http://www.securityweek.com/london-stock-exchange-web-site-serving-malware [securityweek.com] [securityweek.com]

---

Spotify splattered with malware-tainted ads:

http://www.theregister.co.uk/2011/03/25/spotify_malvertisement_attack/ [theregister.co.uk] [theregister.co.uk]

---

As my list "multiple evidences thereof" as to adbanners & viruses + the fact they slow you down & cost you more (from reputable & reliable sources no less)).

17.) Per point #16, a way to save some money: ANDROID phones can also use the HOSTS FILE TO KEEP DOWN BILLABLE TIME ONLINE, vs. adbanners or malware such as this:

---

Infected Androids Run Up Big Texting Bills:

http://it.slashdot.org/story/11/03/01/0041203/Infected-Androids-Run-Up-Big-Texting-Bills [slashdot.org] [slashdot.org]

---

AND, for protection vs. other "botnets" migrating from the PC world, to "smartphones" such as ZITMO (a ZEUS botnet variant):

http://www.google.com/search?hl=en&source=hp&q=ZITMO&btnG=Google+Search [google.com] [google.com]

---

It's easily done too, via the ADB dev. tool, & mounting ANDROID OS' system mountpoint for system/etc as READ + WRITE/ADMIN-ROOT PERMISSIONS, then copying your new custom HOSTS over the old one using ADB PULL/ADB PUSH to do so (otherwise ANDROID complains of "this file cannot be overwritten on production models of this Operating System", or something very along those lines - this way gets you around that annoyance along with you possibly having to clear some space there yourself if you packed it with things!).

18.) Bad news: ADBLOCK CAN BE DETECTED FOR: See here on that note -> http://arstechnica.com/business/news/2010/03/why-ad-blocking-is-devastating-to-the-sites-you-love.ars [arstechnica.com] [arstechnica.com]

HOSTS files are NOT THAT EASILY "webbug" BLOCKABLE by websites, as was tried on users by ARSTECHNICA (and it worked on AdBlock in that manner), to that websites' users' dismay:

PERTINENT QUOTE/EXCERPT FROM ARSTECHNICA THEMSELVES:

----

An experiment gone wrong - By Ken Fisher | Last updated March 6, 2010 11:11 AM

http://arstechnica.com/business/news/2010/03/why-ad-blocking-is-devastating-to-the-sites-you-love.ars [arstechnica.com] [arstechnica.com]

"Starting late Friday afternoon we conducted a 12 hour experiment to see if it would be possible to simply make content disappear for visitors who were using a very popular ad blocking tool. Technologically, it was a success in that it worked. Ad blockers, and only ad blockers, couldn't see our content."

and

"Our experiment is over, and we're glad we did it because it led to us learning that we needed to communicate our point of view every once in a while. Sure, some people told us we deserved to die in a fire. But that's the Internet!"

Thus, as you can see? Well - THAT all "went over like a lead balloon" with their users in other words, because Arstechnica was forced to change it back to the old way where ADBLOCK still could work to do its job (REDDIT however, has not, for example). However/Again - this is proof that HOSTS files can still do the job, blocking potentially malscripted ads (or ads in general because they slow you down) vs. adblockers like ADBLOCK!

----

19.) Even WIKILEAKS "favors" blacklists (because they work, and HOSTS can be a blacklist vs. known BAD sites/servers/domain-host names):

---

PERTINENT QUOTE/EXCERPT (from -> http://www.theregister.co.uk/2010/12/16/wikileaks_mirror_malware_warning_row/ [theregister.co.uk] [theregister.co.uk] )

"we are in favour of 'Blacklists', be it for mail servers or websites, they have to be compiled with care... Fortunately, more responsible blacklists, like stopbadware.org (which protects the Firefox browser)...

---

20.) AND, LASTLY? SINCE MALWARE GENERALLY HAS TO OPERATE ON WHAT YOU YOURSELF CAN DO (running as limited class/least privlege user, hopefully, OR even as ADMIN/ROOT/SUPERUSER)? HOSTS "LOCK IN" malware too, vs. communicating "back to mama" for orders (provided they have name servers + C&C botnet servers listed in them, blocked off in your HOSTS that is) - you might think they use a hardcoded IP, which IS possible, but generally they do not & RECYCLE domain/host names they own (such as has been seen with the RBN (Russian Business Network) lately though it was considered "dead", other malwares are using its domains/hostnames now, & this? This stops that cold, too - Bonus!)...

21.) Custom HOSTS files gain users back more "screen real estate" by blocking out banner ads... it's great on PC's for speed along with MORE of what I want to see/read (not ads), & efficiency too, but EVEN BETTER ON SMARTPHONES - by far. It matters MOST there imo @ least, in regards to extra screen real-estate.

Still - It's a GOOD idea to layer in the usage of BOTH browser addons for security like adblock ( http://adblockplus.org/en/ [adblockplus.org] [adblockplus.org] ), IE 9's new TPL's ( http://ie.microsoft.com/testdrive/Browser/TrackingProtectionLists/ [microsoft.com] [microsoft.com] ), &/or NoScript ( http://noscript.net/ [noscript.net] [noscript.net] especially this one, as it covers what HOSTS files can't in javascript which is the main deliverer of MOST attacks online & SECUNIA.COM can verify this for anyone really by looking @ the past few years of attacks nowadays), for the concept of "layered security"....

It's just that HOSTS files offer you a LOT MORE gains than Adblock ( http://adblockplus.org/en/ [adblockplus.org] [adblockplus.org] ) does alone (as hosts do things adblock just plain cannot & on more programs, for more speed, security, and "stealth" to a degree even), and it corrects problems in DNS (as shown above via hardcodes of your favorite sites into your HOSTS file, and more (such as avoiding DNS request logs)).

ALSO - Some more notes on DNS servers & their problems, very recent + ongoing ones:

---

DNS flaw reanimates slain evil sites as ghost domains:

http://www.theregister.co.uk/2012/02/16/ghost_domains_dns_vuln/ [theregister.co.uk] [theregister.co.uk]

---

BIND vs. what the Chinese are doing to DNS lately? See here:

http://yro.slashdot.org/story/10/11/29/1755230/Chinese-DNS-Tampering-a-Real-Threat-To-Outsiders [slashdot.org] [slashdot.org]

---

SECUNIA HIT BY DNS REDIRECTION HACK THIS WEEK:

http://www.theregister.co.uk/2010/11/26/secunia_back_from_dns_hack/ [theregister.co.uk] [theregister.co.uk]

(Yes, even "security pros" are helpless vs. DNS problems in code bugs OR redirect DNS poisoning issues, & they can only try to "set the DNS record straight" & then, they still have to wait for corrected DNS info. to propogate across all subordinate DNS servers too - lagtime in which folks DO get "abused" in mind you!)

---

DNS vs. the "Kaminsky DNS flaw", here (and even MORE problems in DNS than just that):

http://www.scmagazineus.com/new-bind-9-dns-flaw-is-worse-than-kaminskys/article/140872/ [scmagazineus.com] [scmagazineus.com]

(Seems others are saying that some NEW "Bind9 flaw" is worse than the Kaminsky flaw ALONE, up there, mind you... probably corrected (hopefully), but it shows yet again, DNS hassles (DNS redirect/DNS poisoning) being exploited!)

---

Moxie Marlinspike's found others (0 hack) as well...

Nope... "layered security" truly IS the "way to go" - hacker/cracker types know it, & they do NOT want the rest of us knowing it too!...

(So until DNSSEC takes "widespread adoption"? HOSTS are your answer vs. such types of attack, because the 1st thing your system refers to, by default, IS your HOSTS file (over say, DNS server usage). There are decent DNS servers though, such as OpenDNS, ScrubIT, or even NORTON DNS (more on each specifically below), & because I cannot "cache the entire internet" in a HOSTS file? I opt to use those, because I have to (& OpenDNS has been noted to "fix immediately", per the Kaminsky flaw, in fact... just as a sort of reference to how WELL they are maintained really!)

---

DNS Hijacks Now Being Used to Serve Black Hole Exploit Kit:

https://threatpost.com/en_us/blogs/dns-hijacks-now-being-used-serve-black-hole-exploit-kit-121211 [threatpost.com] [threatpost.com]

---

DNS experts admit some of the underlying foundations of the DNS protocol are inherently weak:

http://it.slashdot.org/story/11/12/08/1353203/opendns-releases-dns-encryption-tool [slashdot.org] [slashdot.org]

---

Potential 0-Day Vulnerability For BIND 9:

http://it.slashdot.org/story/11/11/17/1429259/potential-0-day-vulnerability-for-bind-9 [slashdot.org] [slashdot.org]

---

Five DNS Threats You Should Protect Against:

http://www.securityweek.com/five-dns-threats-you-should-protect-against [securityweek.com] [securityweek.com]

---

DNS provider decked by DDoS dastards:

http://www.theregister.co.uk/2010/11/16/ddos_on_dns_firm/ [theregister.co.uk] [theregister.co.uk]

---

Ten Percent of DNS Servers Still Vulnerable: (so much for "conscientious patching", eh? Many DNS providers weren't patching when they had to!)

http://it.slashdot.org/it/05/08/04/1525235.shtml?tid=172&tid=95&tid=218 [slashdot.org] [slashdot.org]

---

DNS ROOT SERVERS ATTACKED:

http://it.slashdot.org/it/07/02/06/2238225.shtml [slashdot.org] [slashdot.org]

---

TimeWarner DNS Hijacking:

http://tech.slashdot.org/article.pl?sid=07/07/23/2140208 [slashdot.org] [slashdot.org]

---

DNS Re-Binding Attacks:

http://crypto.stanford.edu/dns/ [stanford.edu] [stanford.edu]

---

DNS Server Survey Reveals Mixed Security Picture:

http://it.slashdot.org/it/07/11/21/0315239.shtml [slashdot.org] [slashdot.org]

---

Halvar figured out super-secret DNS vulnerability:

http://www.zdnet.com/blog/security/has-halvar-figured-out-super-secret-dns-vulnerability/1520 [zdnet.com] [zdnet.com]

---

BIND Still Susceptible To DNS Cache Poisoning:

http://tech.slashdot.org/tech/08/08/09/123222.shtml [slashdot.org] [slashdot.org]

---

DNS Poisoning Hits One of China's Biggest ISPs:

http://it.slashdot.org/it/08/08/21/2343250.shtml [slashdot.org] [slashdot.org]

---

DDoS Attacks Via DNS Recursion:

http://it.slashdot.org/it/06/03/16/1658209.shtml [slashdot.org] [slashdot.org]

---

High Severity BIND DNS Vulnerability Advisory Issued:

http://tech.slashdot.org/story/11/02/23/156212/High-Severity-BIND-Vulnerability-Advisory-Issued [slashdot.org] [slashdot.org]

---

Photobucketâ(TM)s DNS records hijacked:

http://blogs.zdnet.com/security/?p=1285 [zdnet.com] [zdnet.com]

---

Protecting Browsers from DNS Rebinding Attacks:

http://crypto.stanford.edu/dns/ [stanford.edu] [stanford.edu]

---

DNS Problem Linked To DDoS Attacks Gets Worse:

http://tech.slashdot.org/story/09/11/15/1238210/DNS-Problem-Linked-To-DDoS-Attacks-Gets-Worse [slashdot.org] [slashdot.org]

---

HOWEVER - Some DNS servers are "really good stuff" vs. phishing, known bad sites/servers/hosts-domains that serve up malware-in-general & malicious scripting, botnet C&C servers, & more, such as:

Norton DNS -> http://nortondns.com/ [nortondns.com] [nortondns.com]
  ScrubIT DNS -> http://www.scrubit.com/ [scrubit.com] [scrubit.com]
  OpenDNS -> http://www.opendns.com/ [opendns.com] [opendns.com]

(Norton DNS in particular, is exclusively for blocking out malware, for those of you that are security-conscious. ScrubIT filters pr0n material too, but does the same, & OpenDNS does phishing protection. Each page lists how & why they work, & why they do so. Norton DNS can even show you its exceptions lists, plus user reviews & removal procedures requests, AND growth stats (every 1/2 hour or so) here -> http://safeweb.norton.com/buzz [norton.com] [norton.com] so, that ought to "take care of the naysayers" on removal requests, &/or methods used plus updates frequency etc./et al...)

HOWEVER - There's ONLY 1 WEAKNESS TO ANY network defense, including HOSTS files (vs. host-domain name based threats) & firewalls (hardware router type OR software type, vs. IP address based threats): Human beings, & they not being 'disciplined' about the indiscriminate usage of javascript (the main "harbinger of doom" out there today online), OR, what they download for example... & there is NOTHING I can do about that! (Per Dr. Manhattan of "The Watchmen", ala -> "I can change almost anything, but I can't change human nature")

HOWEVER AGAIN - That's where NORTON DNS, OpenDNS, &/or ScrubIT DNS help!

(Especially for noob/grandma level users who are unaware of how to secure themselves in fact, per a guide like mine noted above that uses "layered-security" principles!)

ScrubIT DNS, &/or OpenDNS are others alongside Norton DNS (adding on phishing protection too) as well!

( & it's possible to use ALL THREE in your hardware NAT routers, and, in your Local Area Connection DNS properties in Windows, for again, "Layered Security" too)...

---

20++ SLASHDOT USERS EXPERIENCING SUCCESS USING HOSTS FILES QUOTED VERBATIM:

---

"Ever since I've installed a host file (http://www.mvps.org/winhelp2002/hosts.htm) to redirect advertisers to my loopback, I haven't had any malware, spyware, or adware issues. I first started using the host file 5 years ago." - by TestedDoughnut (1324447) on Monday December 13, @12:18AM (#34532122)

"I use a custom /etc/hosts to block ads... my file gets parsed basically instantly ... So basically, for any modern computer, it has zero visible impact. And even if it took, say, a second to parse, that would be more than offset by the MANY seconds saved by not downloading and rendering ads. I have noticed NO ill effects from running a custom /etc/hosts file for the last several years. And as a matter of fact I DO run http servers on my computers and I've never had an /etc/hosts-related problem... it FUCKING WORKS and makes my life better overall." - by sootman (158191) on Monday July 13 2009, @11:47AM (#28677363) Homepage Journal

"I actually went and downloaded a 16k line hosts file and started using that after seeing that post, you know just for trying it out. some sites load up faster." - by gl4ss (559668) on Thursday November 17, @11:20AM (#38086752) Homepage Journal

"Better than an ad blocker, imo. Hosts file entries: http://www.mvps.org/winhelp2002/hosts.htm [mvps.org] [mvps.org] " - by TempestRose (1187397) on Tuesday March 15, @12:53PM (#35493274)

"^^ One of the many reasons why I like the user-friendliness of the /etc/hosts file." - by lennier1 (264730) on Saturday March 05, @09:26PM (#35393448)

"They've been on my HOSTS block for years" - by ScottCooperDotNet (929575) on Thursday August 05 2010, @01:52AM (#33147212)

"I'm currently only using my hosts file to block pheedo ads from showing up in my RSS feeds and causing them to take forever to load. Regardless of its original intent, it's still a valid tool, when used judiciously." - by Bill Dog (726542) on Monday April 25, @02:16AM (#35927050) Homepage Journal

"you're right about hosts files" - by drinkypoo (153816) on Thursday May 26, @01:21PM (#36252958) Homepage

"APK's monolithic hosts file is looking pretty good at the moment." - by Culture20 (968837) on Thursday November 17, @10:08AM (#38085666)

"I also use the MVPS ad blocking hosts file." - by Rick17JJ (744063) on Wednesday January 19, @03:04PM (#34931482)

"I use ad-Block and a hostfile" - by Ol Olsoc (1175323) on Tuesday March 01, @10:11AM (#35346902)

"I do use Hosts, for a couple fake domains I use." - by icebraining (1313345) on Saturday December 11, @09:34AM (#34523012) Homepage

"It's a good write up on something everybody should use, why you were modded down is beyond me. Using a HOSTS file, ADblock is of no concern and they can do what they want." - by Trax3001BBS (2368736) on Monday December 12, @10:07PM (#38351398) Homepage Journal

"I want my surfing speed back so I block EVERY fucking ad. i.e. http://someonewhocares.org/hosts/ [someonewhocares.org] [someonewhocares.org] and http://winhelp2002.mvps.org/hosts.htm [mvps.org] [mvps.org] FTW" - by UnknownSoldier (67820) on Tuesday December 13, @12:04PM (#38356782)

"Let me introduce you to the file: /etc/hosts" - by fahrbot-bot (874524) on Monday December 19, @05:03PM (#38427432)

"I use a hosts file" - by EdIII (1114411) on Tuesday December 13, @01:17PM (#38357816)

"I'm tempted to go for a hacked hosts file that simply resolves most advert sites to 127.0.0.1" - by bLanark (123342) on Tuesday December 13, @01:13PM (#38357760)

"this is not a troll, which hosts file source you recommend nowadays? it's a really handy method for speeding up web and it works." - by gl4ss (559668) on Thursday March 22, @08:07PM (#39446525) Homepage Journal

"A hosts file certainly does not require "a lot of work" to maintain, and it quite effectively kills a LOT of advertising and tracking schemes. . In fact, I never would have considered trying to use it for ddefending against viruses or malware." - by RocketRabbit (830691) on Thursday December 30 2010, @05:48PM (#34715060)

---

Then, there is also the words of respected security expert, Mr. Oliver Day, from SECURITYFOCUS.COM to "top that all off" as well:

A RETURN TO THE KILLFILE:

http://www.securityfocus.com/columnists/491 [securityfocus.com] [securityfocus.com]

Some "PERTINENT QUOTES/EXCERPTS" to back up my points with (for starters):

---

"The host file on my day-to-day laptop is now over 16,000 lines long. Accessing the Internet -- particularly browsing the Web -- is actually faster now."

Speed, and security, is the gain... others like Mr. Day note it as well!

---

"From what I have seen in my research, major efforts to share lists of unwanted hosts began gaining serious momentum earlier this decade. The most popular appear to have started as a means to block advertising and as a way to avoid being tracked by sites that use cookies to gather data on the user across Web properties. More recently, projects like Spybot Search and Destroy offer lists of known malicious servers to add a layer of defense against trojans and other forms of malware."

Per my points exactly, no less... & guess who was posting about HOSTS files a 14++ yrs. or more back & Mr. Day was reading & now using? Yours truly (& this is one of the later ones, from 2001 http://www.furtherleft.net/computer.htm [furtherleft.net] [furtherleft.net] (but the example HOSTS file with my initials in it is FAR older, circa 1998 or so) or thereabouts, and referred to later by a pal of mine who moderates NTCompatible.com (where I posted on HOSTS for YEARS (1997 onwards)) -> http://www.ntcompatible.com/thread28597-1.html [ntcompatible.com] [ntcompatible.com] !

---

"Shared host files could be beneficial for other groups as well. Human rights groups have sought after block resistant technologies for quite some time. The GoDaddy debacle with NMap creator Fyodor (corrected) showed a particularly vicious blocking mechanism using DNS registrars. Once a registrar pulls a website from its records, the world ceases to have an effective way to find it. Shared host files could provide a DNS-proof method of reaching sites, not to mention removing an additional vector of detection if anyone were trying to monitor the use of subversive sites. One of the known weaknesses of the Tor system, for example, is direct DNS requests by applications not configured to route such requests through Tor's network."

There you go: AND, it also works vs. the "KAMINSKY DNS FLAW" & DNS poisoning/redirect attacks, for redirectable weaknesses in DNS servers (non DNSSEC type, & set into recursive mode especially) and also in the TOR system as well (that lends itself to anonymous proxy usage weaknesses I noted above also) and, you'll get to sites you want to, even IF a DNS registrar drops said websites from its tables as shown here Beating Censorship By Routing Around DNS -> http://yro.slashdot.org/story/10/12/09/1840246/Beating-Censorship-By-Routing-Around-DNS [slashdot.org] [slashdot.org] & even DNSBL also (DNS Block Lists) -> http://en.wikipedia.org/wiki/DNSBL [wikipedia.org] [wikipedia.org] as well - DOUBLE-BONUS!

---

* POSTS ABOUT HOSTS FILES I DID on "/." THAT HAVE DONE WELL BY OTHERS & WERE RATED HIGHLY, 26++ THUSFAR (from +3 -> +1 RATINGS, usually "informative" or "interesting" etc./et al):

BANNER ADS & BANDWIDTH:2011 -> http://hardware.slashdot.org/comments.pl?sid=2139088&cid=36077722 [slashdot.org] [slashdot.org]
  HOSTS MOD UP:2010 -> http://yro.slashdot.org/comments.pl?sid=1907266&cid=34529608 [slashdot.org] [slashdot.org]
  HOSTS MOD UP:2009 -> http://tech.slashdot.org/comments.pl?sid=1490078&cid=30555632 [slashdot.org] [slashdot.org]
  HOSTS MOD UP:2010 -> http://it.slashdot.org/comments.pl?sid=1869638&cid=34237268 [slashdot.org] [slashdot.org]
  HOSTS MOD UP:2009 -> http://tech.slashdot.org/comments.pl?sid=1461288&threshold=-1&commentsort=0&mode=thread&cid=30272074 [slashdot.org] [slashdot.org]
  HOSTS MOD UP:2009 -> http://tech.slashdot.org/comments.pl?sid=1255487&cid=28197285 [slashdot.org] [slashdot.org]
  HOSTS MOD UP:2009 -> http://tech.slashdot.org/comments.pl?sid=1206409&cid=27661983 [slashdot.org] [slashdot.org]
  HOSTS MOD UP:2010 -> http://apple.slashdot.org/comments.pl?sid=1725068&cid=32960808 [slashdot.org] [slashdot.org]
  HOSTS MOD UP:2010 -> http://it.slashdot.org/comments.pl?sid=1743902&cid=33147274 [slashdot.org] [slashdot.org]
  APK 20++ POINTS ON HOSTS MOD UP:2010 -> http://news.slashdot.org/comments.pl?sid=1913212&cid=34576182 [slashdot.org] [slashdot.org]
  HOSTS MOD UP:2010 -> http://it.slashdot.org/comments.pl?sid=1862260&cid=34186256 [slashdot.org] [slashdot.org]
  HOSTS MOD UP:2010 (w/ facebook known bad sites blocked) -> http://tech.slashdot.org/comments.pl?sid=1924892&cid=34670128 [slashdot.org] [slashdot.org]
  HOSTS FILE MOD UP FOR ANDROID MALWARE:2010 -> http://mobile.slashdot.org/comments.pl?sid=1930156&cid=34713952 [slashdot.org] [slashdot.org]
  HOSTS MOD UP ZEUSTRACKER:2011 -> http://it.slashdot.org/comments.pl?sid=2059420&cid=35654066 [slashdot.org] [slashdot.org]
  HOSTS MOD UP vs AT&T BANDWIDTH CAP:2011 -> http://tech.slashdot.org/comments.pl?sid=2116504&cid=35985584 [slashdot.org] [slashdot.org]
  HOSTS MOD UP CAN DO SAME AS THE "CloudFlare" Server-Side service:2011 -> http://it.slashdot.org/comments.pl?sid=2220314&cid=36372850 [slashdot.org] [slashdot.org]
  HOSTS and BGP +5 RATED (BEING HONEST):2010 http://tech.slashdot.org/comments.pl?sid=1901826&cid=34490450 [slashdot.org] [slashdot.org]
  HOSTS & PROTECT IP ACT:2011 http://yro.slashdot.org/comments.pl?sid=2368832&cid=37021700 [slashdot.org] [slashdot.org]
  HOSTS MOD UP:2011 -> http://yro.slashdot.org/comments.pl?sid=2457766&cid=37592458 [slashdot.org] [slashdot.org]
  HOSTS MOD UP & OPERA HAUTE SECURE:2011 -> http://yro.slashdot.org/comments.pl?sid=2457274&cid=37589596 [slashdot.org] [slashdot.org]
  0.0.0.0 in HOSTS:2009 -> http://tech.slashdot.org/comments.pl?sid=1197039&cid=27556999 [slashdot.org] [slashdot.org]
  0.0.0.0 IN HOSTS:2009 -> http://tech.slashdot.org/comments.pl?sid=1143349&cid=27012231 [slashdot.org] [slashdot.org]
  0.0.0.0 in HOSTS:2009 -> http://it.slashdot.org/comments.pl?sid=1198841&cid=27580299 [slashdot.org] [slashdot.org]
  0.0.0.0 in HOSTS:2009 -> http://tech.slashdot.org/comments.pl?sid=1139705&cid=26977225 [slashdot.org] [slashdot.org]
  HOSTS MOD UP:2009 -> http://hardware.slashdot.org/comments.pl?sid=1319261&cid=28872833 [slashdot.org] [slashdot.org] (still says INSIGHTFUL)
  HOSTS MOD UP vs. botnet: 2012 -> http://it.slashdot.org/comments.pl?sid=2603836&cid=38586216 [slashdot.org] [slashdot.org]

---

* "Here endeth the lesson..." and, if you REALLY want to secure your system? Please refer to this:

http://www.bing.com/search?q=%22HOW+TO+SECURE+Windows+2000%2FXP%22&go=&form=QBRE [bing.com] [bing.com]

APK

P.S.=> SOME MINOR "CAVEATS/CATCH-22's" - things to be aware of for "layered security" + HOSTS file performance - easily overcome, or not a problem at all:

A.) HOSTS files don't function under PROXY SERVERS (except for Proximitron, which has a filter that allows it) - Which is *the "WHY"* of why I state in my "P.S." section below to use both AdBlock type browser addon methods (or even built-in block lists browsers have such as Opera's URLFILTER.INI file, & FireFox has such as list as does IE also in the form of TPL (tracking protection lists -> http://ie.microsoft.com/testdrive/Browser/TrackingProtectionLists/ [microsoft.com] [microsoft.com] , good stuff )) in combination with HOSTS, for the best in "layered security" (alongside .pac files + custom cascading style sheets that can filter off various tags such as scripts or ads etc.) - but proxies, especially "HIGHLY ANONYMOUS" types, generally slow you down to a CRAWL online (& personally, I cannot see using proxies "for the good" typically - as they allow "truly anonymous posting" & have bugs (such as TOR has been shown to have & be "bypassable/traceable" via its "onion routing" methods)).

B.) HOSTS files do NOT protect you vs. javascript (this only holds true IF you don't already have a bad site blocked out in your HOSTS file though, & the list of sites where you can obtain such lists to add to your HOSTS are above (& updated daily in many of them)).

C.) HOSTS files (relatively "largish ones") require you to turn off Windows' native "DNS local client cache service" (which has a problem in that it's designed with a non-redimensionable/resizeable list, array, or queue (DNS data loads into a C/C++ structure actually/afaik, which IS a form of array)) - mvps.org covers that in detail and how to easily do this in Windows (this is NOT a problem in Linux, & it's 1 thing I will give Linux over Windows, hands-down). Relatively "smallish" HOSTS files don't have this problem (mvps.org offers 2 types for this).

D.) HOSTS files, once read/loaded, once? GET CACHED! Right into the kernelmode diskcaching subsystem (fast & efficient RAM speed), for speed of access/re-access (@ system startup in older MS OS' like 2000, or, upon a users' 1st request that's "Webbound" via say, a webbrowser) gets read into either the DNS local caching client service (noted above), OR, if that's turned off? Into your local diskcache (like ANY file is), so it reads F A S T upon re-reads/subsequent reads (until it's changed in %WinDir%\system32\drivers\etc on Windows, which marks it "Dirty" & then it gets re-read + reloaded into the local diskcache again). This may cause a SMALL initial load 1 time lag upon reload though, depending on the size of your HOSTS file.

E.) HOSTS files don't protect vs. BGP exploits - Sorry, once it's out of your hands/machine + past any interior network + routers you have, the packets you send are out there into the ISP/BSP's hands - they're "the Agents" holding all the keys to the doorways at that point (hosts are just a forcefield-filter (for lack of a better description) armor on what can come in mostly, & a bit of what can go out too (per point #20 above on "locking in malware")). Hosts work as a "I can't get burned if I can't go into the kitchen" protection, for you: Not your ISP/BSP. It doesn't extend to them

F.) HOSTS files don't protect vs. IP addressed adbanners (rare) &/or IP address utilizing malwares (rare too, most used domain/host names because they're "RECYCLABLE/REUSEABLE"), so here, you must couple HOSTS files w/ firewall rules tables (either in software firewalls OR router firewall rules table lists)... apk

Re:Learn the TRUTH about host files... apk (0)

Anonymous Coward | about a year ago | (#43286221)

lol => real APK is "longer" than fake APK. I guess we know how the "bitch" is!!

I feel like helping you (1)

tepples (727027) | about a year ago | (#43286385)

If you want, I can provide you some space on my web server so that you don't have to copy and paste your promotion of hosts files like that. Reply here [pineight.com] if interested.

Lol (-1, Flamebait)

Anonymous Coward | about a year ago | (#43285375)

Cue the Fandroid apologists.

Re:Lol (1, Insightful)

CodeReign (2426810) | about a year ago | (#43285459)

Cue the Fandroid apologists.

Phandroid checking in.

Shit can't be fixed if the vendor is shit. Get a Nexus device and always have a secure fucking awesome device.

Re:Lol (0)

Nerdfest (867930) | about a year ago | (#43285621)

Sure it can, you can take all of the users rights and abilities to choose what software they can install. Apparently some people need that and are willing to sacrifice truly owning their own hardware to get it. Strangely, most of them are proud of it too.

Re:Lol (-1, Troll)

Anonymous Coward | about a year ago | (#43285779)

It's always amazing how butthurt Fandroids get over someone choosing to use another mobile OS. The condescension and attempts at trying to paint themselves as superior highlight how little life and how insecure they are.

Re:Lol (0)

Anonymous Coward | about a year ago | (#43304593)

No surprise at all. Some people actually WANT to replicate the cesspool of problems Windows had into the mobile future. Most people (almost nobody here) just wants it to work.

Re:Lol (0)

Anonymous Coward | about a year ago | (#43285627)

Non sequiturs are insightful? How would have running a Nexus device have stopped this?

Re:Lol (0)

Anonymous Coward | about a year ago | (#43285675)

Can Nexus access/get updates from the Google store in SE Asia?

Because it can't in China. So you don't get a secure fucking awesome device.

Re:Lol (1)

jrumney (197329) | about a year ago | (#43287209)

Can Nexus access/get updates from the Google store in SE Asia?

Yes, with the exception of Burma/Myanmar. Movies, Books, Music, and buying the device directly from Google Play are restricted to a small handful of Western countries, but Apps and Updates are available pretty much everywhere (except China and countries under embargo by US).

Yes, in Hongkong and Taiwan (1)

Taco Cowboy (5327) | about a year ago | (#43287289)

Nexus devices are available in Hongkong and in Taiwan

Re:Lol (1)

Synerg1y (2169962) | about a year ago | (#43286357)

The whole point of Android is freedom, as in secure your own shit as much as you want freedom, if you can't handle it I believe they make iOS for those people. Till them most of android's security apps come from the community / vendors.

Then again, these guys installed APK files they got in their email, there is little to no hope there, most ppl don't know what an apk file is much less whether to click on it. Solution? Treat APKs as .exe , which email providers block for the very reason listed in this article, problem solved.

Re:Lol (1, Troll)

noh8rz10 (2716597) | about a year ago | (#43287659)

Yeah but it sucks if the fucker I just emailed got pwned on his android and now the chinese govmt is all up in my business. fact: the android ecosystem is insecure. If an android phone touches your virtual sphere, it is a disease vector.

Re:Lol (1)

elashish14 (1302231) | about a year ago | (#43287999)

No....

Re:Lol (2)

noh8rz10 (2716597) | about a year ago | (#43291607)

that's fine, just don't text/email/call me from your android, so i can be sure I'm safe.

Re:Lol (1)

Synerg1y (2169962) | about a year ago | (#43292375)

In case you failed to read my post somehow let me restate it for you: Android is as secure as you make it. Now go read some books or something.

Re:Lol (1)

noh8rz10 (2716597) | about a year ago | (#43294445)

that's the whole issue. Even if my android is secure, if somebody else's android is pwned then I can get screwed as well: Voice - the other android's voice call is being recoreded/processed, grabs my credit card #, SSN, or other info. Text: the other android is compromisded, sends me a text that appears to be from a friend. Email: same as text. In short, My security is at risk whenever I connect with somebody else using Android. My iPhone is really good at identifying which of my contacts has an iPhone vs. other, so this is a layer of added security for iOS.

Re:Lol (1)

Synerg1y (2169962) | about a year ago | (#43294871)

so... when your friend sends you an apk file w/o prior notice... does that not strike you as the least bit odd?

And... do you realize in regards to phishing / spear phishing that both Android and iOS are equally vulnerable to it? Apple just likes to keep the blind fold on its customers while it collects their anatomical sizes.

Re:Lol (4, Insightful)

erroneus (253617) | about a year ago | (#43285619)

No apologies here. If someone is stupid enough to install a program they receive in email and they weren't expecting one? C'mon!

I'd still rather be able to choose what I want to install than to have the maker and/or seller of the device make those decisions for me.

Re:Lol (4, Insightful)

tlhIngan (30335) | about a year ago | (#43285995)

If someone is stupid enough to install a program they receive in email and they weren't expecting one? C'mon!

It's called spear phishing. Where instead of blasting a million messages to everyone at random, you send a very plausible message to someone who ought to know the sender.

Basically, what happened here is someone hacked an activiist's email account, and used it to send a plausible looking message to their contacts, like say, something about an upcoming human rights conference. The recipient sees it's from someone they trust and the message is appropriate to their relationship (i.e., it came from a human rights activist and is about a human rights conference).

Yes, you probably should not be clicking links from anyone, even those of your trusted friends and relatives, but for most people, they believe it's authentic. Hell, the RSA hack happened the same way - a faked email coming from the hiriing company RSA uses went to the HR coordinator claiming to be a list of new hires.

Re:Lol (3, Informative)

elashish14 (1302231) | about a year ago | (#43288013)

It's still no excuse. YOU DO NOT OPEN ATTACHMENTS THAT YOU ARE NOT EXPECTING. It doesn't matter who the source is. Anyone could get hacked. Even if the source is someone you trust, but the message seems out of the blue and not something you expect, you get back in touch with them and ask if they sent it. Just because the message seems authentic doesn't mean that it is. It's still your fault as the user for trusting something that you shouldn't.

Re:Lol (-1)

Anonymous Coward | about a year ago | (#43288883)

What an idiotic argument. Did you even read the email sample? The problem here is precisely that the message is quite ordinary and of interest to the targeted users.

Re:Lol (1)

smash (1351) | about a year ago | (#43289085)

So when this is considered best practice on Windows its a horrible security problem, but when it's considered best practice on android it's no big deal?

Re:Lol (0)

Anonymous Coward | about a year ago | (#43285631)

Tuppe666 should be here shortly to meet your needs.

Can't Help (0)

tuppe666 (904118) | about a year ago | (#43286459)

Tuppe666 should be here shortly to meet your needs.

I'd love to to I am just running through my daily ceremony of eating each of Androids codenames, which I do three times[On friday I fast to remind myself of less fortunate Operating Systems], followed by bathing and chanting the words "smarter mobile devices that are more aware of its owner's location and preferences". Then I do the holy "status bar emptying"....The daily cleansing of the internet doesn't start for hours.

Re:Lol (1)

elashish14 (1302231) | about a year ago | (#43287993)

Phishing is not a flaw in the software - it's a flaw in the human that's using the software. PEBKAC, if you will (metaphorically of course).

Coming from a disillusioned Android user who's hoping to switch to FirefoxOS when possible.

Harvests info (3, Insightful)

Dan East (318230) | about a year ago | (#43285403)

The Android App harvests information (contacts, SMS messages, location, SIM data) and reports it back only when ordered to by the reception of a SMS message command. The location is particularly troubling because they can just keep pinging the phone to track the individual in real-time, then who knows what could happen next.

Re:Harvests info (2)

interkin3tic (1469267) | about a year ago | (#43285581)

So you're saying this isn't a "malware" problem so much as it is a "Chinese government hacking dissidents phones to try to find other people to throw in jail for political speech."

Re:Harvests info (0)

Anonymous Coward | about a year ago | (#43285699)

And what you aren't saying is "our country does the exact same fucking thing."

I wonder is that out of ignorance or fear?

Re:Harvests info (0)

Anonymous Coward | about a year ago | (#43285759)

I assume by "our" you're referring to European countries and their speech laws.

Re:Harvests info (3, Insightful)

interkin3tic (1469267) | about a year ago | (#43285815)

What's your point? I can't criticize one government for something if the government where I live does anything similar?

Or are you pushing a straw man argument here, that I was suggesting the US government didn't do anything like that?

Honestly, fuck off. Bad government is bad government, no matter if my government is the same or worse.

Trust No One (1)

Anonymous Coward | about a year ago | (#43285409)

Any communication method you use can and will be compromised.

Re:Trust No One (0)

Anonymous Coward | about a year ago | (#43285541)

My tins cans and string solution is very secure.

Re:Trust No One (0)

Anonymous Coward | about a year ago | (#43285689)

looks like you haven't noticed my tapping wire... (although I have to say, there's quite some noise on that signal)

Need more Yak's Milk (-1)

Anonymous Coward | about a year ago | (#43285519)

Why do Tibetans even HAVE smart phones?

Superior Unix Architecture? (1, Insightful)

recoiledsnake (879048) | about a year ago | (#43285597)

Whatever happened to the folks who claimed in +5 insightful posts that Linux has better security because of the superior Unix architecture? And that Windows malware, spyware, viruses and etc. were because of the crappy Windows code and not just because of popularity?

As Macs grow more popular, so does the malware targeting it. And Android has a huge malware problem. Perhaps those posts were wrong?

Re:Superior Unix Architecture? (5, Insightful)

schitso (2541028) | about a year ago | (#43285669)

Regardless of the system, an incompetent privileged user is always going to be a vulnerability.

Dealing with incompetent device owner (0)

tepples (727027) | about a year ago | (#43285753)

Then what's the solution when the median device owner has proven incompetent? Take away privilege from the general public and sell it back to interested adults for an annual fee? That's what Apple does on iOS.

Re:Dealing with incompetent device owner (2)

LDAPMAN (930041) | about a year ago | (#43286603)

Exactly right! That is the solution. To be able to do what you like you need $99/yr and enough knowledge to run Xcode. I think it's a pretty good solution.

Re:Dealing with incompetent device owner (3, Informative)

Nerdfest (867930) | about a year ago | (#43287001)

... yeah, don't you need to buy a Mac as well? I think a check box in the settings works perfectly fine.

Re:Dealing with incompetent device owner (1)

drinkypoo (153816) | about a year ago | (#43290307)

... yeah, don't you need to buy a Mac as well? I think a check box in the settings works perfectly fine.

I'm sympathetic to the idea that it might be useful to make it a bit more difficult, like downloading a free app with the checkbox in, or executing an adb command. But it's ridiculous to expect the user to spend any amount of money to control their own device.

Re:Dealing with incompetent device owner (2)

schitso (2541028) | about a year ago | (#43286665)

Er, no? How about take away the privilege by default, and require that the user enable the ability install potentially insecure apps? Those of us who are responsible with our devices shouldn't have to pay the maker of our preferred OS to toggle a setting.

The dancing bunnies problem (1)

tepples (727027) | about a year ago | (#43291325)

How about take away the privilege by default, and require that the user enable the ability install potentially insecure apps?

That's what Android does (the "Unknown sources" checkbox) and what Mac OS X does (Gatekeeper choosing among App Store only, registered Mac developers only, or all executables). But you'll end up with the majority of users having enabled that ability and left it enabled because at some time in the past they wanted to see dancing bunnies [wikipedia.org] .

Re:Dealing with incompetent device owner (1)

elashish14 (1302231) | about a year ago | (#43288033)

There is no solution for stupidity. You accept that it will happen, try to mitigate it as best you can, and you move on. It's still not worth giving up your rights over.

Re:Superior Unix Architecture? (1)

coinreturn (617535) | about a year ago | (#43332205)

Regardless of the system, an incompetent privileged user is always going to be a vulnerability.

And that's why the malware problem on Android is so bad - the users are more incompetent than the iOS users.

Re:Superior Unix Architecture? (1)

schitso (2541028) | about a year ago | (#43332549)

You almost had me. Happy April Fools Day to you, too.

Re:Superior Unix Architecture? (0)

Anonymous Coward | about a year ago | (#43285757)

Is Android actually Unix like?, It only has a non mainline Linux kernel, not regular GNU/Linux.

Re:Superior Unix Architecture? (1)

smash (1351) | about a year ago | (#43289089)

It depends on the context. If we are counting end user Linux installs on slashdot, yes. If we are counting security vulnerabilities, no.

Re:Superior Unix Architecture? (0)

Anonymous Coward | about a year ago | (#43285899)

The Superior Unix Architecture is running a JVM, and the .apk file is operating under that virtual machine.

If you take a great looking, brand new pickup truck and hitch it to a full manure spreader, it's still going to stink.

Re:Superior Unix Architecture? (1)

Threni (635302) | about a year ago | (#43286295)

I don't think anyone is saying:

1) it's impossible to write a layer of abstraction above Linux, and
2) for that system to support the installation of software outside of the control of the vendor of that layer of abstraction, and
3) for that software to potentially perform some action the user isn't aware of

Re:Superior Unix Architecture? (1)

ozmanjusri (601766) | about a year ago | (#43286311)

And that Windows malware, spyware, viruses and etc. were because of the crappy Windows code and not just because of popularity?

Microsoft isn't off the hook by any means.

There are still several orders of magnitude more malware for Windows than any other platform, despite Android overtaking it in the market. Android malware is also almost exclusively socially engineered, rather than exploiting OS flaws. The same can't be said for Windows.

Re:Superior Unix Architecture? (1)

recoiledsnake (879048) | about a year ago | (#43287539)

Windows has a bigger install base than Android, and PCs are far more lucrative target than a weak phone with a weak data connection.

Android malware is also almost exclusively socially engineered, rather than exploiting OS flaws. The same can't be said for Windows.

What OS flaws? Reference? The vast majority of Windows malware is through downloads, like fake codecs.

Re:Superior Unix Architecture? (0)

Anonymous Coward | about a year ago | (#43287613)

Windows has a bigger install base than Android, and PCs are far more lucrative target than a weak phone with a weak data connection.

Android will overtake Windows installed base in just a couple of years. Even now, there are not several orders of magnitude more Windows machines than Android.

What OS flaws? Reference?

http://www.google.com/search?sourceid=chrome&ie=UTF-8&q=malware+windows+vulnerability [google.com]

Re:Superior Unix Architecture? (1)

sgt scrub (869860) | about a year ago | (#43286365)

Windows being crappy code isn't the only complaint by any means. The fact that it is locked down so the user doesn't have control is as big a complaint. Having to hack your phone to gain control is a perfect example of lack of control.

User installed malware and Unix architecture? (1)

dgharmon (2564621) | about a year ago | (#43286963)

"Whatever happened to the folks who claimed in +5 insightful posts that Linux has better security because of the superior Unix architecture?

What has the actions of some user in installing malware got to do with the security of the architecture?

Re:User installed malware and Unix architecture? (1)

drinkypoo (153816) | about a year ago | (#43290397)

More to the point, this has nothing to do with Linux security. The kernel is not being compromised in this exploit.

Re:Superior Unix Architecture? (0)

AmiMoJo (196126) | about a year ago | (#43287897)

It's worth pointing out that Android does everything right. By default "unknown sources" is disabled, so the user has to go and turn that on and see the warning. Then when they for install it tells them that the apple will know where they are, read their contacts, read SMS messages etc. Really if you are dumb enough to fall for this, especially when you know people are out to get you and basic online safety says don't install stuff from attachments then it's your own fault, not Android.

Re:Superior Unix Architecture? (0)

Anonymous Coward | about a year ago | (#43289093)

No, Android does not everything right. You can not revoke application rights without uninstalling it. There is no way for application to mark privileges optional. There is no way for the user to know whether app needs contact list or internet access only for legitimate things or not. Basically, android security is all or nothing proposition with android store containing malware and spyware all too often.

As it is now, even legitimate applications ask for dangerous privileges cause they need to have that one tiny feature only subset of users need. There is simply no way to distinguish between legitimate and non legitimate apps. So most people end up in one in two states: download everything or download nothing. One is unsafe and other makes your smart phone as good as dumb phone.

Re:Superior Unix Architecture? (1)

wolverine2k (2620741) | about a year ago | (#43290033)

Permissions Pro is the apk for you :)

chinese culture itself is corrupt and poisonous (1)

Anonymous Coward | about a year ago | (#43285659)

There is no concept of the worth of an individual. A person is only worth as much as he can be used by his rulers. Anyone who isn't enthusiastically supporting the rulers is considered subhuman to be disposed of like any other vermin.

I really hope the US has a doomsday satellite in orbit because better humanity be wiped out that be subject to chinese rule.

Targeted Phone Attacks (0)

Anonymous Coward | about a year ago | (#43285765)

I remember 1996 when the mossad used an exploding cell phone to attack a Hamas bomb maker. [wikipedia.org] 'That you Yahya? Bubbye. Kaboom!'

Now I read about this Android "attack" I can't help but think that you nerds are just pathetic. Seriously pathetic!

Captcha reads : Pansies. How prescient of it.

Re:Targeted Phone Attacks (3, Interesting)

cavreader (1903280) | about a year ago | (#43285881)

Before cellular phones existed the Israelis targeted one of the people responsible for the Munich Olympic killings using a good ole fashion public phone. Technology marches on but usually the end result remains basically the same.

Free Tibet, but not Uyghurs (1)

Anonymous Coward | about a year ago | (#43285803)

I am all for Tibet becoming independent of China. However, for Xinxiang and any other Uyghur lands, I don't. The Tibetans would happily settle down in peace (sorta like Bhutan) if made independent and left alone. The Uyghurs would probably try and enable Jihad in the neighboring Soviet '-stans' with the goal of getting a greater Turkestan made up of the Soviet '-stans' and Xinxiang, and gang up with Turkey for bigger Jihads

Re:Free Tibet, but not Uyghurs (0)

Anonymous Coward | about a year ago | (#43288031)

Agreed. Well put and explained.

Re:Free Tibet, but not Uyghurs (0)

Anonymous Coward | about a year ago | (#43288823)

Gang up with Turkey? Or gang up against Turkey? Turkey is one of the most secular Muslim majority states.

FUCK RED CHINA!! (-1)

Anonymous Coward | about a year ago | (#43286641)

Long live His Holiness the Dalai Lama!!

Fuck these immoral, violent, thieving slopeheads.

Malicious APK spear-phishing malware .. (1)

dgharmon (2564621) | about a year ago | (#43286823)

"Android attacks have become all the rage"

Except a user tricked into downloading and installing malware from some third party location, in no way shape or form, relates to Android security !

Re:Malicious APK spear-phishing malware .. (1)

smash (1351) | about a year ago | (#43289095)

Just like Java exploits requiring the user to type their administrative credentials in relate to Windows or OS X security.

Stand up for a Free Tibet, please? (0, Offtopic)

Anonymous Coward | about a year ago | (#43287011)

The is a lot of misguided white noise post here, which misses the heart of the matter.

Tibet was invaded and occupied by China in 1949. China/CCP is still trying to convince the world that Tibet is part of China and politically is winning this battle. But "the resistance," ongoing. These attacks are aimed at the resistance.

@ erroneus (253617), your lack of trust of your own "friends," is sad. Other peeps trust theres. Upgrade time?

@ interkin3tic, Tibetans are regularly tortured or murdered, by the CCP, in occupied Tibet. Perhaps you could do something to reform the political situation you are in, instead of having a wee tanty at those who expose abuses of power? If it was good enough for Martin Luther King, Gandi and Nelson Mandela, perhaps you could try?

Technically, it is interesting to analyse how the CCP coded.

In Buddhist and political terms, Stand up for a Free Tibet, please? :-)

GreekGeek :-)

Oh, attactment from unknown source! (1)

mapkinase (958129) | about a year ago | (#43287679)

Let's click it. What is this, 1995?

Re:Oh, attactment from unknown source! (1)

antdude (79039) | about a year ago | (#43288809)

It will be forever. :(

Check for New Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...