Do you prefer AdBlock or Adblock Plus?

Yes what you did is a little learning curve but that is the nature of computing these days - learning curve to what will work and not work for your needs.

 

So I went to sleep last night scratching my head about this. When I woke up and checked things out there was indeed an error in the log for that one site, faulting module version 0.0.0.0
But they were in there from before as well when it was still set to 127.0.0.1 as the IP prefix.

All the ads are getting blocked as expected. There aren't any crashes except for the known sites that have poorly written/designed modules and those are infrequent now.

 

Thanks to you and everyone else who brought up the use of the "hosts" file for ad blocking and security :thumbsup:

I definitely see why some users would prefer to use a third party tool if available, though I'm not sure it removes all the maintenance chores or any learning curve. For me, I prefer to avoid them wherever possible if I can do it myself and by that I mean merging a couple lists together with my own, sorting and removing dupes, and achieving that with excel. The list don't need frequent updating unless there are serious new threats that need to be shielded.

 

Neither I use Privacy Badger


Cheers
3Fees

 

You've provided almost no argument for a host file being better than adblocking, you've just repeatedly stated that it is.

I've read the entire topic, that's including your posts. You've said nothing of value.



And as for security, as another user seems to have started using it for that reason...

hosts files are *bad* for security. Not only are they entirely inneffictive, because all that's required to get around it is a direct-IP, which most malware uses anyways, but it's downloaded over HTTP, an insecure connection, which could easily allow an attacker to *map valid websites to malicious IPs*. This is dangerous behavior.

 

uBlock just got released for Firefox!

Trying it now:

µBlock ( uBlock ) for Firefox | Wilders Security Forums

 

Whether or not you listen that is up to you.

 

I'm not using as a primary for security.

My very first line of defense is to not run my computer as an administrator. Block all cookies unless explicitly in allowed list. Restrict sites. Real time virus scanner. Windows updates current. Bitlocker. File encryption. File passwords. Firewall. Router security. Set read only to hosts file. Use keepass auto type with obfuscation.

As it is, these computers are probably more secure than my front door or my car and motorcycle.

Whatever slowdown that should be expected doesn't seem to bother me. I haven't noticed any. But that is probably just because of my usage style. Surely something should slow if only a tiny bit.

 

RCB,

Whatever works for you. Just as long as you understand what I've said. That's really all I'm aiming for.

 

Thanks...

Interesting: Ad filtering - Wikipedia, the free encyclopedia

Snippet:

Hosts file and DNS manipulation

Most operating systems, even those which are aware of the Domain Name System (DNS), still offer backwards compatibility with a locally-administered list of foreign hosts. This configuration, for historical reasons, is stored in a flat text file that by default contains very few hostnames and their associated IP addresses. Editing this hosts file is simple and effective because most DNS clients will read the local hosts file before querying a remote DNS server. Storing blackhole entries in the hosts file prevents the browser from accessing an ad server by manipulating the name resolution of the ad server to a local or nonexistent IP address (127.0.0.1 or 0.0.0.0 are typically used for IPv4 addresses). While simple to implement, these methods are also very easy to circumvent. One method to circumvent this form of ad filtering is to load ads from servers with hard coded IP addresses, thus skipping name resolution altogether. Another method to evade this form of filtering is to load the advertisements from a server which also serves the main content; blocking name resolution of this server would also block the useful content of the site.

-------------------

Should I use a two pronged approach, say ad blocker plus and a smaller hosts file containing known really bad servers?

 

Yes, as I said, there are a multitude of easily implemented ways to bypass a host file. In fact, on most websites distributing malware, there will be a direct IP address to the malicious content, making the host file quite useless. Content Security Policy was designed directly to prevent that sort of attack, so it's perfect for adblocking, especially from a security perspective.

Other attacks on host files exist than what's mentioned there, and the host file itself opens up an attack vector.

Only root can write to that host file. That means that the software used to write to it must run as root.

To put it simply, you can't trust what it downloads, because an attacker can modify it (it's over HTTP). So an attacker could be modifying content that a root program is then reading through. Any vulnerability in that program would lead to a root compromise of the system.

 

I went and downloaded AdBlock Plus to give it a whirl and of course she wanted the facebook buttons gone on webpages after seeing that feature. So I go to download that and of course it doesn't download.

I guess the IE version of this ABP plugin is fairly new and can't use that feature yet.

I really hate spending time on stuff like this when if that is the case they should just say it right up front. Still can't figure out if I'm the stupid one and am missing something.

Geez.

 

I have the file downloaded if you want, it's not bad, but not the same as the Firefox version or Chrome version, also, you can't add the Block Facebook Annoyances Feature.

I contacted them on their Twitter account last month and they said it will happen soon but don't hold your breathe

 

Adblock works great.

 

FYI least one forgets why the hosts files is needed....

hosts (file) - Wikipedia, the free encyclopedia

This how you can kill any pop sites before you even see it...

And you think the ad program doesn't get attached and codes get stolen that attackers can fool the ad program update to load the malware??? Lot's of koolaid here....

...I think you mean the Owner/Admin can write to the hosts file...root is wrong wording ... it's the Owner/Admin that is logged in that can in Windows can write to the windows hosts file. Also to further protect the hosts file... I change the attribute to "Read Only"... that extra change stops anyone other then the Owner account to prevent unauthorized access to change the hosts file. This is also something that the most savvy computer will know about but if you do that each time you edit the hosts files changing from Read Only so you can edit it and change it back to Read Only. Will stop any other account users for Vista and Windows 7 users unless they are Admin to make the change. This is how malware and redirects attacked users to go to malware and adware sites but with this small edit those sites die a slow internet death. So beyond the PC hosts edit the "Read Only" change further protects the browser and any sites trying to rewrite the hosts file. You can't stop the browser but stopping it at the PC level will stop your system from getting spam ads...

Really and your telling me a attackers hasn't stolen ad program source code and made a malware to look like a legit update to ad program where it downloads and takes over that program...not sure what world utopia you live but that is not for me. Simply put it you haven't even looked at the site have you....but I see that my advice will be looked at by open minded users willing to see what options they have out there.

and reverse that....

PC hosts works great.....

 

I'm well aware, I've stated this multiple times, actually. The host file was originally used to map IPs directly, this was used mostly for internal networks to map physical machines on the network.

Attacks on a host file are trivial. It uses HTTP, and some root service is installing it.

Extensions don't run with administrative rights, they actually run in a sandbox in Chrome. Beyond that, they're cryptographically signed, and are transferred over HTTPS. All extensions themsevles have a Content Security Policy, making them difficult to attack.

The code for the program I linked to is all open source, so it can't really "get stolen".

It's analogous.

Great?

This isn't a big deal. No one but the administrative account can write to it anyways. It's a good idea to remove read access too, but the updater still runs as the administrator.

No, malware rarely ever reads the host file. I've never even seen it. It may write to it once it has full admin rights, but that's it.

The browser never could write to it anyways, and certainly not malicious websites. It makes 0 difference.

Like I said, it's digitally signed and updated over HTTPS strictly.

If an attacker were to compromise the program that updates the Host file, they get root control ovre the system. If an attacker were to compromise the adblocker, they'd be at Low or Untrusted integrity, with a content security policy dictating their internet access.

 

Curios how a simple question can draw so much heat.

Cool down a notch, guys. I'm sure you're better than this.

 

Please avoid getting personal as you discuss this. That applies to all, though some seem to have a harder time keeping it in check than others. We're watching this.

 

I don't think I've gotten very personal. If I have, it certainly wasn't intentional, I'm trying very hard to stay only to the facts of the matter.

That said, I think I've made my point very clear, and anyone reading this has the necessary information to make an informed decision about how they do these things. 'Enough said'

 

No worries. I simply meant the rule applies to all, though the posts of some member(s) were the reason Katalin and I stepped in. We didn't call out any names nor were any infractions issued in this case. Again, no worries. It's Christmas

 

Wow, that was funny! The "Read-Only" attribute? Seriously? Man, that's stuff from the dark ages of DOS, 30+ years ago. You could look here, for example, in order to understand that your setting of the "read-only" attribute serves no useful purpose whatsoever.

P.S.: I have a strong feeling you do not understand the concept of the CREATOR/OWNER group in NTFS, either. Note in particular that there is no such thing as an "Owner account". Here is a good place to read up on this topic.

 

Guess people have small minds don't they - this is even more funny....Guess one been living their small world to often. Funny someone claims to be a high rep power but has a small mind when it comes to computing and customization. I guess that's how their world turns.

 

Or you could try to rebut him with facts to the contrary. Otherwise, you're losing credibility by saying, "small minds" all the time. When people see that level of ad hominen, they don't think, "yep, this guy must know what he's talking about. He's detected that minds are small."


The best way to overcome what you perceive as "small minds" is to make a strong case for your position. You haven't done that yet. You hardly even made the case that using hosts files is more efficient, more convenient, more secure and simpler to implement. You just made the case that "you" prefer it in spite of certain disadvantages over what most other people use.

At a minimum, make the case for why using "read only attribute" is a good security measure. And be prepare for counter-arguments without the need to brand someone who disagrees with you as having a small mind. Demonstrate that you can weigh the pros and cons.

I'd rather not have to close the thread as there's some useful info in it.

 

Yes, I'll happily have a real discussion with anyone, or answer any questions.

But I'm not really interested in participating in more one sided arguments now that all of the relevant information is posted.

 

You may want to read what it is I wrote. If you do so, you will notice that I did not say a single word about "customization", and I did not comment in any way on your choice of solution for ad-blocking. I focused entirely on your apparent take on file system security. Feel free to respond to what I did in fact say in any way you feel appropriate.

I will also point out that technically, I do not "claim" anything regarding my "rep power". This is done by the forum software, without any input on my part.

 

It would substantial but when one keep saying adblock adblock constantly this will not make it truth isn't truthful in itself as well.

 

Put this way when others demean another posters' view point and doesn't try to test the program before replying it does tell alot about how open minded one is. I already did provide enough support especially the site where one can look at but then again some refuses to look and if one doesn't want to do that then that is their choice to do so.