Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

We are sorry to see you leave - Beta is different and we value the time you took to try it out. Before you decide to go, please take a look at some value-adds for Beta and learn more about it. Thank you for reading Slashdot, and for making the site better!

One Boston Marathon Bomb Suspect Dead, Other At Large After Shootout With Police

Soulskill posted about a year and a half ago | from the apparently-this-stuff-does-actually-happen-in-real-life dept.

Crime 1109

theodp writes "During the night, The Tech broke news that gunshots were reported at MIT near 32 Vassar Street (the Ray and Maria Stata Center for Computer, Information, and Intelligence Sciences), and one officer was shot and taken to Mass General Hospital. MIT's Emergency Information page also reports that injuries have been reported. Sadly, CNN is now reporting that the university police officer has died. Look for updates on Twitter." The two suspects identified earlier as being behind the Boston Marathon bombings are believed to be responsible for this. They were found by police. One suspect, 26-year-old Tamerlan Tsarnaev, was killed in a shootout. The other suspect, 19-year-old Dzhokhar Tsarnaev, is still being pursued. The Associated Press reports that the two are believed to be from the Russian region near Chechnya. During the firefight, the suspects threw explosive devices at police. Public transit in Boston has been shut down, and hundreds of thousands of people have been asked to not leave their homes. Here are live feed for local TV news and emergency services audio. Police have been warned that the remaining suspect may have a suicide vest.

Reader Okian Warrior points out a related story worthy of notice: "The 4chan crowd, poring over images of the Boston marathon, identified two dark-skinned and bag-carrying suspects (among others). This was then picked up by The New York Post, who ran the image on Thursday's front page with the headline 'Feds seek these two pictured at Boston Marathon.' And now, a completely innocent teen now finds himself scared to leave his home."

Sorry! There are no comments related to the filter you selected.

Holy crap! (0)

JGsmiles (2881775) | about a year and a half ago | (#43491645)

This just getting worse and worse!

Re:Holy crap! (4, Funny)

Adult film producer (866485) | about a year and a half ago | (#43491659)

Hide your kids, hide your wife!

Re: Holy crap! (0)

Anonymous Coward | about a year and a half ago | (#43491767)

It's the new normal. Get used to it.

Oh now you wake up (-1)

Anonymous Coward | about a year and a half ago | (#43491657)

Hey how come you forgot to mention these are Chechen Bagger NRA loving bible thumpers huh?

"Tamerlan Tsarnaev, was killed in a shootout"

That is not known, it is quite possible he died of bast from his suicide vest at the hospital or on the way, It is believed his last words were "I love the NRA, hold by beer and watch this!"

Fuckwads.

Re:Oh now you wake up (0)

Anonymous Coward | about a year and a half ago | (#43491763)

hold by beer

Incompetent. You had one job, and you fucked that up!

infowars.com (-1)

Anonymous Coward | about a year and a half ago | (#43491667)

Are there any MSM reports about the Navy Seals at the Boston Marathon, with backpacks?

Re:infowars.com (5, Interesting)

anjrober (150253) | about a year and a half ago | (#43491775)

there are military at nearly every marathon with backpacks.
especially the big ones
they hike the course alongside the runners.
i've run 8 marathons (including this years boston marathon) and at 6 of them there were various military hikers. they are always very supportive of the runners and vice versa
this has nothing to do with the bombings.

Re:infowars.com (1)

Anonymous Coward | about a year and a half ago | (#43492091)

Oh shush, you aren't helping at all with your reasonable, logical and calm interpretation of fact.

Re:infowars.com (-1, Flamebait)

Sockatume (732728) | about a year and a half ago | (#43491777)

It's only escalated from site security staff to Navy Seals? I would've thought Infowars would have a comprehensive thesis for them being Imperial Stormtroopers wearing illuminati sigils by now. I'm disappointed.

Re:infowars.com (5, Funny)

Anonymous Coward | about a year and a half ago | (#43491965)

clearly you don't know how conspiracy theories work.

the fact that they weren't wearing illuminati sigils proves that it was the stone masons pretending to be illuminati to hide the fact that there were martians disguised as humans running in the marathon.

Re:infowars.com (1)

Sockatume (732728) | about a year and a half ago | (#43492047)

Martians! Ha! Everyone knows that the martians were wiped out and replaced by lizard simulants from Draco.

Re:infowars.com (1)

GameboyRMH (1153867) | about a year and a half ago | (#43491807)

Of course not, that's not noteworthy to the MSM, which doesn't cover crazy people news.

Will Box for Passport (3, Interesting)

alphatel (1450715) | about a year and a half ago | (#43491669)

Will also plant bombs for passport apparently. Tamerlan Tsarnaev [photoshelter.com] seeks US Passport for "Olympics"

Re:Will Box for Passport (-1)

Anonymous Coward | about a year and a half ago | (#43491959)

That's why you shouldn't let Muslims on sporting events. They just can't behave themselves.

MIT (5, Insightful)

symes (835608) | about a year and a half ago | (#43491689)

It looks like, from what I can gather from online media etc., that they were carrying explosives to plant around MIT. And it was campus security that first become suspicious. If this is the case, then thoughts are with the campus security officer that gave his life - a lot of students are probably a lot better off because of his bravery. Thoughts are with everyone in boston and hope this is over soon.

Re:MIT (5, Insightful)

Anonymous Coward | about a year and a half ago | (#43492021)

If this is the case, then thoughts are with the campus security officer that gave his life
 
Why aren't your thoughts with him anyway? Even if he was just pulling the guys over for driving too fast on campus the bottom line is still the same; he's a guy who's dead for just doing his job.
 
There are tons of crappy cops, yes. The ratio of crappy versus good cops seems to go up when you're dealing with rent-a-cops and security, yes. But the bulk of people enforcing the law are just looking to do the right thing, go home alive and enjoy life just as much as you and me. I believe it's a profession that gets a bad rap because there are plenty of abusive asses who are drawn to a job with the prospect of beating people down but I think there are many more who are drawn to the profession because they have an honest interest in serving and protecting.
 
Sorry if you didn't mean it that way but there are just so many people around here who are willing to look down on a cop just because he is a cop. No different a form of bigotry than any other.

Watch the total absence (-1, Flamebait)

Chrisq (894406) | about a year and a half ago | (#43491691)

Watch the total absence of the posters who previously seemed to think that it was just as likely to be the tea party or the Mormon tabernacle choir as Muslims. Though there have been exceptions this sort of attack, aimed at killing and injuring indiscriminately is the hallmark of Islam.

Re:Watch the total absence (4, Insightful)

Anonymous Coward | about a year and a half ago | (#43491871)

Don't forget the IRA and their fundraisers in various US cities, including Boston.

Re:Watch the total absence (0)

Chrisq (894406) | about a year and a half ago | (#43492073)

Don't forget the IRA and their fundraisers in various US cities, including Boston.

The IRA were nasty. They wanted to cause alarm and panic, and they didn't mind too much if bystanders got hurt. But unlike the Muslims they did issue warnings [telegraph.co.uk] . The killing and maiming was a not the primary aim, the panic and disruption was.

Re:Watch the total absence (0)

Anonymous Coward | about a year and a half ago | (#43491885)

I've been pointing this out back hours ago... crickets.

Why do you bother to maintain an ID here, they must hate you. The question you ask is valid, I ask how many slashdot douchebags currently go to MIT and knew these animals. More than one I would bet money on.

Bush Tax Cuts!

MFM: They are white supremacists, NRA members, sexists, bigots, homophobes who can't stand a black man is in the White House. That's our story and we're running with it!

Re:Watch the total absence (3, Insightful)

Anonymous Coward | about a year and a half ago | (#43491901)

You guessed right, sucks when bigots feel validated through confirmation bias. You were wrong about the Norway attacks though, I remember what you posted in that thread. So, one right, one wrong, you're about as good as a flipped coin.

Re:Watch the total absence (0)

Anonymous Coward | about a year and a half ago | (#43491973)

"bigots feel validated"

Go fuck yourself, it's Chechen teabaggers and NRA members.

Re:Watch the total absence (0)

Anonymous Coward | about a year and a half ago | (#43491909)

Tell that to the IR-fucking-A.

Re:Watch the total absence (-1)

moeinvt (851793) | about a year and a half ago | (#43491927)

Wish I had some mod points. The coincidence with tax day has had the political left excited all week with the hopes that this was someone with anti-government views. Now you're getting modded troll/flamebait for rubbing their faces in it.

Well Slate.com is saving the day (1, Interesting)

SmallFurryCreature (593017) | about a year and a half ago | (#43492061)

Slate is twisting itself in new corners. Now that it seems the bombers are Tjetchen, they are claiming that since they are technically Caucasian, they are white and therefor it ain't brown people just as they said.

EXCEPT that in the shooting of Trevor by a Hispanic guy, suddenly Hispanic does NOT mean your white because they are Caucasian... wow, it certainly seems as if being white and Caucasian are only the same thing if it is convenient. (By the way, this goes for the left and right).

And by the way, slate is NOT left wing, it is the bleeding heart wing. Real left can and often is very hard and most definitely anti-faith.

Re:Watch the total absence (2)

Mashdar (876825) | about a year and a half ago | (#43491997)

I was going with Octo-mom, myself.

On a serious note, And "this sort of attack, aimed at killing and injuring indiscriminately is the hallmark of ALL TERRORISTS". FTFY.
Refer to Irish Troubles, Tamil Tigers, Shining Path, etc.

Pretty much the only terrorist groups I can think of that avoid civilian casualties are the anti-corporate flavor (Weather Underground).

Re:Watch the total absence (0)

Anonymous Coward | about a year and a half ago | (#43492043)

Chris Matthews on suicide watch, ever since toothless white American rednecks determined by Big Bull Napolitano and FBI not to be involved. Chris heard to wail: But may be they were from Georgia, you know the one that's near Russia and there's some connection to Sons of the Confederacy!

Pics from overnight live-tweeted (4, Informative)

girlinatrainingbra (2738457) | about a year and a half ago | (#43491703)

http://t.co/0A3Mjmshkz [t.co]
.
https://twitter.com/AKitz/status/325121071479156736/photo/1 [twitter.com]
.
https://twitter.com/akitz [twitter.com] = andrew kitzenberg's twitter site
.
supposedly, backpacks on Laurel Street where a police shoot-out occured. http://slashdot.org/comments.pl?sid=3664323&cid=43490229 [slashdot.org]

Re:Pics from overnight live-tweeted (0)

Anonymous Coward | about a year and a half ago | (#43491983)

More chaos is being caused by the police than by the suspects.

Gotta Love 4chan (5, Insightful)

Anonymous Coward | about a year and a half ago | (#43491717)

Reader Okian Warrior points out a related story worthy of notice:
"The 4chan crowd, poring over images of the Boston marathon, identified two dark-skinned and bag-carrying suspects (among others). This was then picked up by The New York Post, who ran the image on Thursday's front page with the headline 'Feds seek these two pictured at Boston Marathon.' And now, a completely innocent teen now finds himself scared to leave his home."

Dark skinned. He must be guilty. Basically 4chan, like anonymous, is simply a bastion of the socially immature taking vigilante justice into their own hands. Stoke the fire of society's fears and then claim innocence when someone acts on their "information".

Re:Gotta Love 4chan (3, Insightful)

craigminah (1885846) | about a year and a half ago | (#43491971)

There were probably a lot of erroneous reports of dark-skinned males, light-skinned males, etc. Why don't you complain about the news reporters that "were hoping the perpetrators were white"?

Islam produces a lot of radicals and their modus operandi (e.g. IED-style device) matches this attack so the odds are people will assume it was Islamist radicals. They shouldn't have said anything about the description of the suspects unless they were sure they were right so as not to distract anyone from finding the culprits.

Re:Gotta Love 4chan (4, Insightful)

Sockatume (732728) | about a year and a half ago | (#43491993)

None of those news reports were front-page stories on a physically distributed newspaper identifying specific, vulnerable individuals, you ass.

Re:Gotta Love 4chan (0)

Anonymous Coward | about a year and a half ago | (#43492027)

Essentially your thesis is that if I point out how one group was stupid that I am invalidated by not pointing out how other groups were also stupid. Basically, your thesis is stupid.

Re:Gotta Love 4chan (1)

Anonymous Coward | about a year and a half ago | (#43492045)

i also like how in one of the images they point out that one guy no longer has his backpack. you can clearly see the strap over his shoulder in that picture and in another image of the same guy you can see his backpack is hanging around his waist so no you wouldn't be able to see it in the picture he is "missing" it anyway.

Clippy (-1)

Anonymous Coward | about a year and a half ago | (#43491719)

Culturally aware stereotyping Microsoft Clippy explains Boston news coverage, both correct and incorrect. "You wrote bad guy, possibly foreign. DID YOU MEAN RUSSIAN BAD GUY?" "You wrote Russian bad guy, DID YOU MEAN ISLAMIC RUSSIAN BAD GUY?" "You identified an Islamic Russian villain, DID YOU MEAN ISLAMIC RUSSIAN VILLAIN WHO BOXES?" "You identified Islamic Russian Villain who boxes, DID YOU MEAN ILLEGAL ALIEN RUSSIAN BOXER VILLAIN?" "This guy seems like a really bad guy, SHOULD I CALL FOR SYLVESTER STALLONE, CLAIRE DANES, KIEFER SUTHERLAND, OR THE WOLVERINES?"

The Muzzies are coming! (-1)

Anonymous Coward | about a year and a half ago | (#43491721)

The Muzzies are coming! The Muzzies are coming!
Everyone keep calm
They're violent and they're evil
And they mean to do us harm.

Boston is closed (1)

Anonymous Coward | about a year and a half ago | (#43491727)

I mean, completely closed until they hunt down suspect #2. I guess they're worried that he'll emerge from his hiding place (somewhere in Watertown, a close suburb) and carjack someone and start throwing explosives in random neighborhoods, which is pretty much what he already did.

Not News For Nerds (-1, Offtopic)

Anonymous Coward | about a year and a half ago | (#43491731)

Stop this please. Stay in your lane and stick to news for nerds.

Re:Not News For Nerds (4, Insightful)

Cwix (1671282) | about a year and a half ago | (#43491957)

Whenever one of you idiots wander in here and complain that its not "News for nerds" you always seem to forget the "Stuff that matters" part.

Slashdot: Always 12+ hours behind. (-1)

Anonymous Coward | about a year and a half ago | (#43491733)

Seriously, it's a incredible slow aggregator.

That's nice, it'll be easier now (-1)

Anonymous Coward | about a year and a half ago | (#43491735)

... to dope up the one patsy with Scopolamine and get him to say whatever the "interrogators" want.

Operation Gladio
Strategy of Tension

And, so you understand the history of "interrogators"

The Gulag Archipelago

Use a search engine that doesn't cookie you so you don't get put into the 'nutso' tranche.

One Suspect Dead (2)

hcs_$reboot (1536101) | about a year and a half ago | (#43491739)

Police did what they could to take them alive, since a dead person doesn't talk much. In that kind of situation, couldn't they use some kind of anaesthetic bullets? Sure, many people prefer them dead, but taking them alive is a way to collect more relevant information.

Re:One Suspect Dead (4, Insightful)

Xest (935314) | about a year and a half ago | (#43491815)

"couldn't they use some kind of anaesthetic bullets?"

What, call the local vet and tell him to bring his tranquilliser gun because they have a wild terrorist on the loose?

Re:One Suspect Dead (5, Funny)

Anonymous Coward | about a year and a half ago | (#43491825)

A brilliant plan with only two drawbacks. One, they didn't have any anaesthetic bullets. Two, there isn't such a thing as anaesthetic bullets.

Re:One Suspect Dead (4, Informative)

firex726 (1188453) | about a year and a half ago | (#43491961)

Yea, despite how it's seen in movies, anaesthesia is actually rather complicated.
You can't just pump a guy full of ketamine in the middle of a live shootout and expect him to be just fine.

Re:One Suspect Dead (2)

leonardluen (211265) | about a year and a half ago | (#43492081)

wouldn't that just make the bullets painless?

Re:One Suspect Dead (1)

Hentes (2461350) | about a year and a half ago | (#43491867)

These guys seem to be armed and good with guns. A policeman is dead and another injured, they don't want to risk more of their men.

Re:One Suspect Dead (4, Interesting)

evil_aaronm (671521) | about a year and a half ago | (#43491985)

"Good with guns"? Out of all the cops chasing them, they hit 2.

"don't want to risk more of their men." Isn't that their job?

Re:One Suspect Dead (1)

RazzleFrog (537054) | about a year and a half ago | (#43491873)

There are reports that his brother actually drove over him trying to escape so it isn't clear what actually killed him.

Re:One Suspect Dead (2)

Jason Levine (196982) | about a year and a half ago | (#43491875)

"anaesthetic bullets"? I don't think there's any such thing. The police were pursuing them and they were (from the reports I've heard) firing back. At that point, the police needed to protect themselves (not to mention everyone in the area since they had tons more bombs). If the reports I've heard are accurate, then using deadly force was completely justified.

Re:One Suspect Dead (1)

BasilBrush (643681) | about a year and a half ago | (#43491989)

There's anaesthetic darts, and they use them to tranquillise wild animals. But I don't think they'd be much use in a gun-fight.

Re:One Suspect Dead (0)

Anonymous Coward | about a year and a half ago | (#43491889)

This is the real world, not a science-fiction make-believe.

The difference between something functioning as an anaesthetic or as a poison are a function of dosage --- there's no way to control that in a firefight and it's going to be a long wait until it is.

Re:One Suspect Dead (1)

Nidi62 (1525137) | about a year and a half ago | (#43491903)

Police did what they could to take them alive, since a dead person doesn't talk much. In that kind of situation, couldn't they use some kind of anaesthetic bullets?

XXX was a movie. There are no such things as anaesthetic bullets. And regular patrol police cerainly wouldn't be carrying them if they did. And when a bombing suspect (who has been throwing grenade-like devices at you as you chase him) starts charging at you, you shoot to kill.

Re:One Suspect Dead (1)

aPoorBoy (2809507) | about a year and a half ago | (#43492017)

So Metal Gear and Chuck was wrong?? It can't be

Re:One Suspect Dead (0)

Anonymous Coward | about a year and a half ago | (#43491929)

Let me know about your fast thoughts on the matter about some technology that you don't have with you the next time you're in an active firefight.
 
When it comes right down to it, I'd rather see an aggressor dead than take the risk of losing friendlies over some idea that they could be taken alive. Especially when these guys are using explosives at the same time. This isn't some wild hillbilly or hood rat on the run with a cheap pistol.
 
But hey, if you're willing to go in there with some dart gun and try to wrestle this guy to the ground while the drug does or does not take hold, have at it. With courage like that you should be down signing up for the police force right now.

Re:One Suspect Dead (1)

Anonymous Coward | about a year and a half ago | (#43491963)

In that kind of situation, couldn't they use some kind of anaesthetic bullets?

No.

Any anesthetic capable of incapacitating a random target is just as, if not more likely, to result in their death. There's a reason anesthesiologists make what they do, and why you get rather grim forms to sign before being put under.

Also, these guys were shooting at them. Cops are poorly trained as is without throwing the nonsense of 'non-lethality*' into the mix.

(* An asinine moniker, as tazers for example are not non-lethal. This sort of thing needs to be purged from policy; all it does is increase the application of potentially lethal force where absolutely none is warranted.)

Re:One Suspect Dead (4, Informative)

wireloose (759042) | about a year and a half ago | (#43492071)

There is no such thing as an anesthetic bullet. The closest possible device would be tranquilizer darts, which are usually fired from shotguns. They aren't very accurate, so you have to get pretty close. Plus, they take a while to work. Sometimes minutes.

Murphy's First Law of Armed Conflict: If the Enemy is in range, so are You.

Boston Police Radio Feed (2)

hexagonc (1986422) | about a year and a half ago | (#43491741)

tunein [tunein.com]

SOLUTION: NUKE EM NOW !! (-1)

Anonymous Coward | about a year and a half ago | (#43491761)

Lifetime movie is in the works !! Working title:

"Theatre of the Damned !!"

Starring Ed Norton as bomber #1 !! Tom Sizemore as bombed #2 !! Nicole Kidman plays the woman seduced them !! Coming this summer !!

News for nerds? (0, Offtopic)

Misagon (1135) | about a year and a half ago | (#43491765)

I don't mean to be disrespectful to the victims of the bombings in Boston, or to those students in Cambridge, Mass. USA. who are terrified right now, but ...

Does this story really have a place on Slashdot?
You can read more about it on practically every major news site, and it is live on all news-oriented TV channels all over the world. It does not need to be on the tech sites too.

If you already are anxious, you don't need to be bombarded with more news that make you even more terrified. You need a place to relax, to help you concentrate on other matters.

Ever heard of MIT? (-1)

Anonymous Coward | about a year and a half ago | (#43491819)

It's a little school known for its small geek population. Perhaps you've heard of it? Well, if you read the story, you'd realize the suspects where there, and an MIT officer was killed as a result.

Re:News for nerds? (4, Insightful)

DRJlaw (946416) | about a year and a half ago | (#43491827)

Does this story really have a place on Slashdot?

Is it really your place to question what Slashdot decides to post on Slashdot?

Start your own news site, and then you can tell your own editors what they can and cannot put on the front page.

Re:News for nerds? (5, Insightful)

Bill_the_Engineer (772575) | about a year and a half ago | (#43491837)

The nerdy part being that social media and the large number of photos taken by people in the crowd from their smartphones were used in the quick investigation which lead to the alleged bombers.

Re:News for nerds? (-1)

Anonymous Coward | about a year and a half ago | (#43492039)

That's a bit of a stretch

Re:News for nerds? (-1)

Anonymous Coward | about a year and a half ago | (#43491847)

I don't mean to be disrespectful to fucking morons such as yourself, but can't you retards stop posting this same bullshit every other story?

Re:News for nerds? (3, Insightful)

Iskender (1040286) | about a year and a half ago | (#43491849)

Does this story really have a place on Slashdot?
You can read more about it on practically every major news site, and it is live on all news-oriented TV channels all over the world. It does not need to be on the tech sites too.

Slashdot has never claimed to be just a tech site. Also, you can't discuss events with your peers on major news sites.

Re:News for nerds? (0)

Anonymous Coward | about a year and a half ago | (#43491851)

The suspects apparently tried to bomb MIT.

And even if they hadn't, this is a site with a wide audience, not specialized in Linux kernel development for example.

Re:News for nerds? (0)

Anonymous Coward | about a year and a half ago | (#43491877)

Nowhere on Slashdot does it say that it is "news for nerds" or a "tech site".

Re:News for nerds? (0)

Anonymous Coward | about a year and a half ago | (#43491967)

Actually, if you look at the main page, the title is:

  <title>Slashdot: News for nerds, stuff that matters</title>

They change it with javascript in a lot of cases, but it is there. I think the MIT angle makes it news for nerds, though.

Re:News for nerds? (1)

khallow (566160) | about a year and a half ago | (#43491883)

How about the "looking at pictures means you're a irresponsible 4chan vigilante" angle?

Re:News for nerds? (1)

BasilBrush (643681) | about a year and a half ago | (#43492031)

You missed out "racist". They were picking out people based on whether they had brown skin.

Re:News for nerds? (1)

dissy (172727) | about a year and a half ago | (#43491887)

If you don't want such stories posted here, why on earth did you just add an additional 4 "desired" points to it telling Slashdot you DO want more???

Re:News for nerds? (1)

willcutaflip (2822571) | about a year and a half ago | (#43491947)

News for nerds AND Stuff that matters. I think this stuff matters.

Re:News for nerds? (0)

Anonymous Coward | about a year and a half ago | (#43492029)

/. is desperate for clicks for the same reason "news" outlets are. Anything big enough to bring in eyeballs will be posted.

Re:News for nerds? (1)

101percent (589072) | about a year and a half ago | (#43492053)

Well Reddit is suffering a massive DDoS, strangely.

Re:News for nerds? (3, Funny)

Anonymous Coward | about a year and a half ago | (#43492059)

Besides, the police said to not leave your home. A huge number of Redditors and Slashdotters won't be affected by this story at all.

Re:News for nerds? (1)

tehcyder (746570) | about a year and a half ago | (#43492095)

So slashdot should have just ignored any mention of the 9/11 attacks that day and subsequently and stuck to bashing Micro$oft and claiming that 2002 would be the year of the Linux desktop? Really?

hope these are the guys (1)

wbr1 (2538558) | about a year and a half ago | (#43491779)

I really do. Even though i have little love for police my condolences to the family of tue officer. However, to feed the conspiracy folks, it does seem convienent that one is dead already. Shades of Jack Ruby?

Re:hope these are the guys (0)

Anonymous Coward | about a year and a half ago | (#43491987)

I just heard the remaining suspect just posted "I will kill all of you, just like you killed my brother". Probably on his web site.

Re:hope these are the guys (0)

mrbester (200927) | about a year and a half ago | (#43492051)

There's been no proof yet that they were the actual perpetrators - they may have just been a couple of known badasses who got identified after being in the wrong place at the wrong time - so, even if they were, expect more "suspects" to be gathered up as this is a golden opportunity to get rid of some other undesirables. Who cares if they happen to die "resisting arrest"? They are all terrorists, right?

Big Echo Chamber (3, Insightful)

cosm (1072588) | about a year and a half ago | (#43491781)

Play by play......really slashdot? Give us a good post-op synopsis, don't fuel the speculation fire.

And Now the Crowd-sourcing Cleanup Phase (5, Insightful)

eldavojohn (898314) | about a year and a half ago | (#43491801)

"The 4chan crowd, poring over images of the Boston marathon, identified two dark-skinned and bag-carrying suspects (among others). This was then picked up by The New York Post, who ran the image on Thursday's front page with the headline 'Feds seek these two pictured at Boston Marathon.' And now, a completely innocent teen now finds himself scared to leave his home."

Yesterday on my facebook news feed I saw no less than three fake images that could have been mean pranks. And I didn't even see the one listed above. So now all the "crowd sourced" news folks are going to remove images of this man [abcactionnews.com] and this woman [abcactionnews.com] and this guy [abcactionnews.com] . The reason I didn't propagate these things was that they could have been anybody! You could play a mean prank on a friend/enemy if you have a picture of him with a backpack.

Also there are many fake first hand accounts but also some real first hand accounts in crowdsourced news. Ignore the former and herald the latter. People will think you're doing god's work simply because they didn't watch the shitfest that is crowdsourced news in the moments of pure confusion immediately following the event. The signal to noise ratio, the added noise, the fact that people can start leads anonymously, it all reeks of a really bad, lawless, unaccountable lynch mob.

So now post hoc you scrub out all those false leads and you clean up all the things you were wrong about. Then when that's done you point out the few leads you were right about. Then you go on and on at length about how 4chan and reddit are the new real sources of journalism. The mainstream press is busted to all hell (do not confuse this with a free pass or defense for them) but they know they'll be held accountable and the New York Post's gamble should really turn into a slander/libel suit with damages paid out to that young man. NYP made money off those 'exclusive' images at the expense of a person's safety and that should be a civil suit that should expose the NYP for what it really is: a piece of shit rag no better than a tabloid version of "crowd-sourced" news.

Who was it that initially fingered Salah Eddin Barhoum? You don't know and no one ever will because there is no integrity with how that lead was developed.

Perhaps the best argument for gun control (5, Interesting)

Overzeetop (214511) | about a year and a half ago | (#43492009)

I know...mod me down as an anti-gun nut. But at least try to make the connection.

The advantage of crowdsourcing is that you get a shit-ton of information quickly, and it gets disseminated just as quickly. Everybody with a cell phone and a social media account has had this stuff in front of them since the bombing. It's great because it happens so fast, and millions of people being on alert can make for a quicker break in the case. It also has the downside of putting up a lot of false positives.

The NRA's stance is that if everyone had a gun, criminals would know not to so bad stuff and if they did there would be someone right there to stop them. It's basically crowd sourcing police/law enforcement work. Yes, there are now lots more people who can intervene with a criminal who is armed and dangerous. Just as everyone with a cell phone can photograph a scene and post the pictures on line for the world to peruse and instantly identify criminals.

Thing is, the more people who are involved, the higher the likelihood of a false positive. In the case of photos and social media, the mis-identified have a reason to be concerned short term, but once the media self-corrects and the correct criminals are identified their lives will slowly get back to normal. When guns are involved, a mis-identified person or bystander doesn't get a new life when the actual criminal is killed. The "oops" is permanent.

If you don't think there isn't the equivalent of 4chan in the vigilante world, you're sorely mistaken. It's part of the human condition to jump to conclusions based on limited evidence and not everyone will have the forethought or presence of mind not to take out someone who they think is about to cause harm to others.

If we used the NRA method of justice, Salah Eddin Barhoum would have been dead before the FBI even published the photos of the actual bombers.

(nb: I am a gun owner)

When will they work on catching my stalker? (-1)

Anonymous Coward | about a year and a half ago | (#43491809)

A corrupt slashdot luser has pentrated the moderation system to downmod all my posts while impersonating me.

Nearly 230++ times that I know of @ this point for all of March/April 2013 so far, & others here have told you to stop - take the hint, lunatic (leave slashdot)...

Sorry folks - but whoever the nutjob is that's attempting to impersonate me, & upset the rest of you as well, has SERIOUS mental issues, no questions asked! I must've gotten the better of him + seriously "gotten his goat" in doing so in a technical debate & his "geek angst" @ losing to me has him doing the:

---

A.) $10,000 challenges, ala (where the imposter actually TRACKED + LISTED the # of times he's done this no less, & where I get the 230 or so times I noted above) -> http://it.slashdot.org/comments.pl?sid=3585795&cid=43285307 [slashdot.org]

&/or

B.) Reposting OLD + possibly altered models - (this I haven't checked on as to altering the veracity of the info. being changed) of posts of mine from the past here

---

(Albeit massively repeatedly thru all threads on /. this March/April 2013 nearly in its entirety thusfar).

* Personally, I'm surprised the moderation staff here hasn't just "blocked out" his network range yet honestly!

(They know it's NOT the same as my own as well, especially after THIS post of mine, which they CAN see the IP range I am coming out of to compare with the ac spamming troll doing the above...).

APK

P.S.=> Again/Stressing it: NO guys - it is NOT me doing it, as I wouldn't waste that much time on such trivial b.s. like a kid might...

Plus, I only post where hosts file usage is on topic or appropriate for a solution & certainly NOT IN EVERY POST ON SLASHDOT (like the nutcase trying to "impersonate me" is doing for nearly all of March/April now, & 230++ times that I know of @ least)... apk

P.S.=> here is CORRECT host file information just to piss off the insane lunatic troll:

--

21++ ADVANTAGES OF CUSTOM HOSTS FILES (how/what/when/where/why):

Over AdBlock & DNS Servers ALONE 4 Security, Speed, Reliability, & Anonymity (to an extent vs. DNSBL's + DNS request logs).

1.) HOSTS files are useable for all these purposes because they are present on all Operating Systems that have a BSD based IP stack (even ANDROID) and do adblocking for ANY webbrowser, email program, etc. (any webbound program). A truly "multi-platform" UNIVERSAL solution for added speed, security, reliability, & even anonymity to an extent (vs. DNS request logs + DNSBL's you feel are unjust hosts get you past/around).

2.) Adblock blocks ads? Well, not anymore & certainly not as well by default, apparently, lol - see below:

Adblock Plus To Offer 'Acceptable Ads' Option

http://news.slashdot.org/story/11/12/12/2213233/adblock-plus-to-offer-acceptable-ads-option [slashdot.org] )

AND, in only browsers & their subprogram families (ala email like Thunderbird for FireFox/Mozilla products (use same gecko & xulrunner engines)), but not all, or, all independent email clients, like Outlook, Outlook Express, OR Window "LIVE" mail (for example(s)) - there's many more like EUDORA & others I've used over time that AdBlock just DOES NOT COVER... period.

Disclaimer: Opera now also has an AdBlock addon (now that Opera has addons above widgets), but I am not certain the same people make it as they do for FF or Chrome etc..

3.) Adblock doesn't protect email programs external to FF (non-mozilla/gecko engine based) family based wares, So AdBlock doesn't protect email programs like Outlook, Outlook Express, Windows "LIVE" mail & others like them (EUDORA etc./et al), Hosts files do. THIS IS GOOD VS. SPAM MAIL or MAILS THAT BEAR MALICIOUS SCRIPT, or, THAT POINT TO MALICIOUS SCRIPT VIA URLS etc.

4.) Adblock won't get you to your favorite sites if a DNS server goes down or is DNS-poisoned, hosts will (this leads to points 5-7 next below).

5.) Adblock doesn't allow you to hardcode in your favorite websites into it so you don't make DNS server calls and so you can avoid tracking by DNS request logs, OR make you reach them faster since you resolve host-domain names LOCALLY w/ hosts out of cached memory, hosts do ALL of those things (DNS servers are also being abused by the Chinese lately and by the Kaminsky flaw -> http://www.networkworld.com/news/2008/082908-kaminsky-flaw-prompts-dns-server.html [networkworld.com] for years now). Hosts protect against those problems via hardcodes of your fav sites (you should verify against the TLD that does nothing but cache IPAddress-to-domainname/hostname resolutions (in-addr.arpa) via NSLOOKUP, PINGS (ping -a in Windows), &/or WHOIS though, regularly, so you have the correct IP & it's current)).

* NOW - Some folks MAY think that putting an IP address alone into your browser's address bar will be enough, so why bother with HOSTS, right? WRONG - Putting IP address in your browser won't always work IS WHY. Some IP adresses host several domains & need the site name to give you the right page you're after is why. So for some sites only the HOSTS file option will work!

6.) Hosts files don't eat up CPU cycles (or ELECTRICITY) like AdBlock does while it parses a webpages' content, nor as much as a DNS server does while it runs. HOSTS file are merely a FILTER for the kernel mode/PnP TCP/IP subsystem, which runs FAR FASTER & MORE EFFICIENTLY than any ring 3/rpl3/usermode app can since hosts files run in MORE EFFICIENT & FASTER Ring 0/RPL 0/Kernelmode operations acting merely as a filter for the IP stack (via the "Plug-N-Play" designed IP stack in Windows) vs. SLOWER & LESS EFFICIENT Ring 3/RPL 3/Usermode operations (which webbrowsers run in + their addons like AdBlock slow down even MORESO due to their parsing operations).

7.) HOSTS files will allow you to get to sites you like, via hardcoding your favs into a HOSTS file, FAR faster than remote DNS servers can by FAR (by saving the roundtrip inquiry time to a DNS server, typically 30-100's of ms, vs. 7-10ms HardDisk speed of access/seek + SSD seek in ns, & back to you - hosts resolutions of IP address for host-domain names is FAR faster...). Hosts are only a filter for an already fast & efficient IP stack, no more layered b.s. (remote OR local). Hosts eat less CPU, RAM, I/O in other forms, + electricity than a locally running DNS server easily, and less than a local DNS program on a single PC. Fact. Hosts are easier to setup & maintain too.

8.) AdBlock doesn't let you block out known bad sites or servers that are known to be maliciously scripted, hosts can and many reputable lists for this exist:

GOOD INFORMATION ON MALWARE BEHAVIOR LISTING BOTNET C&C SERVERS + MORE (AS WELL AS REMOVAL LISTS FOR HOSTS):

http://www.mvps.org/winhelp2002/hosts.htm [mvps.org]
  http://someonewhocares.org/hosts/ [someonewhocares.org]
  http://hostsfile.org/hosts.html [hostsfile.org]
  http://hostsfile.mine.nu/downloads/ [hostsfile.mine.nu]
  http://hosts-file.net/?s=Download [hosts-file.net]
  https://zeustracker.abuse.ch/monitor.php?filter=online [abuse.ch]
  https://spyeyetracker.abuse.ch/monitor.php [abuse.ch]
  http://ddanchev.blogspot.com/ [blogspot.com]
  http://www.malware.com.br/lists.shtml [malware.com.br]
  http://www.stopbadware.org/ [stopbadware.org]
Spybot "Search & Destroy" IMMUNIZE feature (fortifies HOSTS files with KNOWN bad servers blocked)

And yes: Even SLASHDOT &/or The Register help!

(Via articles on security (when the source articles they use are "detailed" that is, & list the servers/sites involved in attempting to bushwhack others online that is... not ALL do!)).

2 examples thereof in the past I have used, & noted it there, are/were:

http://it.slashdot.org/comments.pl?sid=1898692&cid=34473398 [slashdot.org]
  http://it.slashdot.org/comments.pl?sid=1896216&cid=34458500 [slashdot.org]

9.) AdBlock & DNS servers are programs, and subject to bugs programs can get. Hosts files are merely a filter and not a program, thus not subject to bugs of the nature just discussed.

10.) HOSTS files protect you vs. DNS-poisoning &/or the Kaminsky flaw in DNS servers, and allow you to get to sites reliably vs. things like the Chinese are doing to DNS -> http://yro.slashdot.org/story/10/11/29/1755230/Chinese-DNS-Tampering-a-Real-Threat-To-Outsiders [slashdot.org]

11.) HOSTS files are EASILY user controlled, obtained (for reliable ones -> http://www.mvps.org/winhelp2002/hosts.htm [mvps.org] ) & edited too, via texteditors like Windows notepad.exe or Linux nano (etc.)

12.) With Adblock you had better be able to code javascript to play with its code (to customize it better than the GUI front does @ least). With hosts you don't even need source to control it (edit, update, delete, insert of new entries via a text editor).

13.) Hosts files are easily secured via using MAC/ACL (even moreso "automagically" for Vista, 7/Server 2008 + beyond by UAC by default) &/or Read-Only attributes applied.

14.) Custom HOSTS files also speed you up, unlike anonymous proxy servers systems variations (like TOR, or other "highly anonymous" proxy server list servers typically do, in the severe speed hit they often have a cost in) either via "hardcoding" your fav. sites into your hosts file (avoids DNS servers, totally) OR blocking out adbanners - see this below for evidence of that:

---

US Military Blocks Websites To Free Up Bandwidth:

http://yro.slashdot.org/story/11/03/16/0416238/US-Military-Blocks-Websites-To-Free-Up-Bandwidth [slashdot.org]

(Yes, even the US Military used this type of technique... because IT WORKS! Most of what they blocked? Ad banners ala doubleclick etc.)

---

Adbanners slow you down & consume your bandwidth YOU pay for:

ADBANNERS SLOW DOWN THE WEB: -> http://tech.slashdot.org/article.pl?sid=09/11/30/166218 [slashdot.org]

---

And people do NOT LIKE ads on the web:

PEOPLE DISLIKE ADBANNERS: http://yro.slashdot.org/yro/08/04/02/0058247.shtml [slashdot.org]

---

As well as this:

Users Know Advertisers Watch Them, and Hate It:

http://yro.slashdot.org/yro/08/04/02/0058247.shtml [slashdot.org]

---

Even WORSE still, is this:

Advertising Network Caught History Stealing:

http://yro.slashdot.org/story/11/07/22/156225/Advertising-Network-Caught-History-Stealing [slashdot.org]

---

15.) HOSTS files usage lets you avoid being charged on some ISP/BSP's (OR phone providers) "pay as you use" policy http://yro.slashdot.org/story/10/12/08/2012243/FCC-Approving-Pay-As-You-Go-Internet-Plans [slashdot.org] , because you are using less bandwidth (& go faster doing so no less) by NOT hauling in adbanner content and processing it (which can lead to infestation by malware/malicious script, in & of itself -> http://apcmag.com/microsoft_apologises_for_serving_malware.htm [apcmag.com] ).

16.) If/when ISP/BSP's decide to go to -> FCC Approving Pay-As-You-Go Internet Plans: http://yro.slashdot.org/story/10/12/08/2012243/FCC-Approving-Pay-As-You-Go-Internet-Plans [slashdot.org] your internet bill will go DOWN if you use a HOSTS file for blocking adbanners as well as maliciously scripted hacker/cracker malware maker sites too (after all - it's your money & time online downloading adbanner content & processing it)

Plus, your adbanner content? Well, it may also be hijacked with malicious code too mind you:

---

Yahoo, Microsoft's Bing display toxic ads:

http://www.theregister.co.uk/2011/09/16/bing_yahoo_malware_ads/ [theregister.co.uk]

---

Malware torrent delivered over Google, Yahoo! ad services:

http://www.theregister.co.uk/2009/09/24/malware_ads_google_yahoo/ [theregister.co.uk]

---

Google's DoubleClick spreads malicious ads (again):

http://www.theregister.co.uk/2009/02/24/doubleclick_distributes_malware/ [theregister.co.uk]

---

Rogue ads infiltrate Expedia and Rhapsody:

http://www.theregister.co.uk/2008/01/30/excite_and_rhapsody_rogue_ads/ [theregister.co.uk]

---

Google sponsored links caught punting malware:

http://www.theregister.co.uk/2008/12/16/google_sponsored_links/ [theregister.co.uk]

---

DoubleClick caught supplying malware-tainted ads:

http://www.theregister.co.uk/2007/11/13/doubleclick_distributes_malware/ [theregister.co.uk]

---

Yahoo feeds Trojan-laced ads to MySpace and PhotoBucket users:

http://www.theregister.co.uk/2007/09/11/yahoo_serves_12million_malware_ads/ [theregister.co.uk]

---

Real Media attacks real people via RealPlayer:

http://www.theregister.co.uk/2007/10/23/real_media_serves_malware/ [theregister.co.uk]

---

Ad networks owned by Google, Microsoft serve malware:

http://www.theregister.co.uk/2010/12/13/doubleclick_msn_malware_attacks/ [theregister.co.uk]

---

Attacks Targeting Classified Ad Sites Surge:

http://it.slashdot.org/story/11/02/02/1433210/Attacks-Targeting-Classified-Ad-Sites-Surge [slashdot.org]

---

Hackers Respond To Help Wanted Ads With Malware:

http://it.slashdot.org/story/11/01/20/0228258/Hackers-Respond-To-Help-Wanted-Ads-With-Malware [slashdot.org]

---

Hackers Use Banner Ads on Major Sites to Hijack Your PC:

http://www.wired.com/techbiz/media/news/2007/11/doubleclick [wired.com]

---

Ruskie gang hijacks Microsoft network to push penis pills:

http://www.theregister.co.uk/2010/10/12/microsoft_ips_hijacked/ [theregister.co.uk]

---

Major ISPs Injecting Ads, Vulnerabilities Into Web:

http://it.slashdot.org/it/08/04/19/2148215.shtml [slashdot.org]

---

Two Major Ad Networks Found Serving Malware:

http://tech.slashdot.org/story/10/12/13/0128249/Two-Major-Ad-Networks-Found-Serving-Malware [slashdot.org]

---

THE NEXT AD YOU CLICK MAY BE A VIRUS:

http://it.slashdot.org/story/09/06/15/2056219/The-Next-Ad-You-Click-May-Be-a-Virus [slashdot.org]

---

NY TIMES INFECTED WITH MALWARE ADBANNER:

http://news.slashdot.org/article.pl?sid=09/09/13/2346229 [slashdot.org]

---

MICROSOFT HIT BY MALWARES IN ADBANNERS:

http://apcmag.com/microsoft_apologises_for_serving_malware.htm [apcmag.com]

---

ISP's INJECTING ADS AND ERRORS INTO THE WEB: -> http://it.slashdot.org/it/08/04/19/2148215.shtml [slashdot.org]

---

ADOBE FLASH ADS INJECTING MALWARE INTO THE NET: http://it.slashdot.org/article.pl?sid=08/08/20/0029220&from=rss [slashdot.org]

---

London Stock Exchange Web Site Serving Malware:

http://www.securityweek.com/london-stock-exchange-web-site-serving-malware [securityweek.com]

---

Spotify splattered with malware-tainted ads:

http://www.theregister.co.uk/2011/03/25/spotify_malvertisement_attack/ [theregister.co.uk]

---

As my list "multiple evidences thereof" as to adbanners & viruses + the fact they slow you down & cost you more (from reputable & reliable sources no less)).

17.) Per point #16, a way to save some money: ANDROID phones can also use the HOSTS FILE TO KEEP DOWN BILLABLE TIME ONLINE, vs. adbanners or malware such as this:

---

Infected Androids Run Up Big Texting Bills:

http://it.slashdot.org/story/11/03/01/0041203/Infected-Androids-Run-Up-Big-Texting-Bills [slashdot.org]

---

AND, for protection vs. other "botnets" migrating from the PC world, to "smartphones" such as ZITMO (a ZEUS botnet variant):

http://www.google.com/search?hl=en&source=hp&q=ZITMO&btnG=Google+Search [google.com]

---

It's easily done too, via the ADB dev. tool, & mounting ANDROID OS' system mountpoint for system/etc as READ + WRITE/ADMIN-ROOT PERMISSIONS, then copying your new custom HOSTS over the old one using ADB PULL/ADB PUSH to do so (otherwise ANDROID complains of "this file cannot be overwritten on production models of this Operating System", or something very along those lines - this way gets you around that annoyance along with you possibly having to clear some space there yourself if you packed it with things!).

18.) Bad news: ADBLOCK CAN BE DETECTED FOR: See here on that note -> http://arstechnica.com/business/news/2010/03/why-ad-blocking-is-devastating-to-the-sites-you-love.ars [arstechnica.com]

HOSTS files are NOT THAT EASILY "webbug" BLOCKABLE by websites, as was tried on users by ARSTECHNICA (and it worked on AdBlock in that manner), to that websites' users' dismay:

PERTINENT QUOTE/EXCERPT FROM ARSTECHNICA THEMSELVES:

----

An experiment gone wrong - By Ken Fisher | Last updated March 6, 2010 11:11 AM

http://arstechnica.com/business/news/2010/03/why-ad-blocking-is-devastating-to-the-sites-you-love.ars [arstechnica.com]

"Starting late Friday afternoon we conducted a 12 hour experiment to see if it would be possible to simply make content disappear for visitors who were using a very popular ad blocking tool. Technologically, it was a success in that it worked. Ad blockers, and only ad blockers, couldn't see our content."

and

"Our experiment is over, and we're glad we did it because it led to us learning that we needed to communicate our point of view every once in a while. Sure, some people told us we deserved to die in a fire. But that's the Internet!"

Thus, as you can see? Well - THAT all "went over like a lead balloon" with their users in other words, because Arstechnica was forced to change it back to the old way where ADBLOCK still could work to do its job (REDDIT however, has not, for example). However/Again - this is proof that HOSTS files can still do the job, blocking potentially malscripted ads (or ads in general because they slow you down) vs. adblockers like ADBLOCK!

----

19.) Even WIKILEAKS "favors" blacklists (because they work, and HOSTS can be a blacklist vs. known BAD sites/servers/domain-host names):

---

PERTINENT QUOTE/EXCERPT (from -> http://www.theregister.co.uk/2010/12/16/wikileaks_mirror_malware_warning_row/ [theregister.co.uk] )

"we are in favour of 'Blacklists', be it for mail servers or websites, they have to be compiled with care... Fortunately, more responsible blacklists, like stopbadware.org (which protects the Firefox browser)...

---

20.) AND, LASTLY? SINCE MALWARE GENERALLY HAS TO OPERATE ON WHAT YOU YOURSELF CAN DO (running as limited class/least privlege user, hopefully, OR even as ADMIN/ROOT/SUPERUSER)? HOSTS "LOCK IN" malware too, vs. communicating "back to mama" for orders (provided they have name servers + C&C botnet servers listed in them, blocked off in your HOSTS that is) - you might think they use a hardcoded IP, which IS possible, but generally they do not & RECYCLE domain/host names they own (such as has been seen with the RBN (Russian Business Network) lately though it was considered "dead", other malwares are using its domains/hostnames now, & this? This stops that cold, too - Bonus!)...

21.) Custom HOSTS files gain users back more "screen real estate" by blocking out banner ads... it's great on PC's for speed along with MORE of what I want to see/read (not ads), & efficiency too, but EVEN BETTER ON SMARTPHONES - by far. It matters MOST there imo @ least, in regards to extra screen real-estate.

Still - It's a GOOD idea to layer in the usage of BOTH browser addons for security like adblock ( http://adblockplus.org/en/ [adblockplus.org] ), IE 9's new TPL's ( http://ie.microsoft.com/testdrive/Browser/TrackingProtectionLists/ [microsoft.com] ), &/or NoScript ( http://noscript.net/ [noscript.net] especially this one, as it covers what HOSTS files can't in javascript which is the main deliverer of MOST attacks online & SECUNIA.COM can verify this for anyone really by looking @ the past few years of attacks nowadays), for the concept of "layered security"....

It's just that HOSTS files offer you a LOT MORE gains than Adblock ( http://adblockplus.org/en/ [adblockplus.org] ) does alone (as hosts do things adblock just plain cannot & on more programs, for more speed, security, and "stealth" to a degree even), and it corrects problems in DNS (as shown above via hardcodes of your favorite sites into your HOSTS file, and more (such as avoiding DNS request logs)).

ALSO - Some more notes on DNS servers & their problems, very recent + ongoing ones:

---

DNS flaw reanimates slain evil sites as ghost domains:

http://www.theregister.co.uk/2012/02/16/ghost_domains_dns_vuln/ [theregister.co.uk]

---

BIND vs. what the Chinese are doing to DNS lately? See here:

http://yro.slashdot.org/story/10/11/29/1755230/Chinese-DNS-Tampering-a-Real-Threat-To-Outsiders [slashdot.org]

---

SECUNIA HIT BY DNS REDIRECTION HACK THIS WEEK:

http://www.theregister.co.uk/2010/11/26/secunia_back_from_dns_hack/ [theregister.co.uk]

(Yes, even "security pros" are helpless vs. DNS problems in code bugs OR redirect DNS poisoning issues, & they can only try to "set the DNS record straight" & then, they still have to wait for corrected DNS info. to propogate across all subordinate DNS servers too - lagtime in which folks DO get "abused" in mind you!)

---

DNS vs. the "Kaminsky DNS flaw", here (and even MORE problems in DNS than just that):

http://www.scmagazineus.com/new-bind-9-dns-flaw-is-worse-than-kaminskys/article/140872/ [scmagazineus.com]

(Seems others are saying that some NEW "Bind9 flaw" is worse than the Kaminsky flaw ALONE, up there, mind you... probably corrected (hopefully), but it shows yet again, DNS hassles (DNS redirect/DNS poisoning) being exploited!)

---

Moxie Marlinspike's found others (0 hack) as well...

Nope... "layered security" truly IS the "way to go" - hacker/cracker types know it, & they do NOT want the rest of us knowing it too!...

(So until DNSSEC takes "widespread adoption"? HOSTS are your answer vs. such types of attack, because the 1st thing your system refers to, by default, IS your HOSTS file (over say, DNS server usage). There are decent DNS servers though, such as OpenDNS, ScrubIT, or even NORTON DNS (more on each specifically below), & because I cannot "cache the entire internet" in a HOSTS file? I opt to use those, because I have to (& OpenDNS has been noted to "fix immediately", per the Kaminsky flaw, in fact... just as a sort of reference to how WELL they are maintained really!)

---

DNS Hijacks Now Being Used to Serve Black Hole Exploit Kit:

https://threatpost.com/en_us/blogs/dns-hijacks-now-being-used-serve-black-hole-exploit-kit-121211 [threatpost.com]

---

DNS experts admit some of the underlying foundations of the DNS protocol are inherently weak:

http://it.slashdot.org/story/11/12/08/1353203/opendns-releases-dns-encryption-tool [slashdot.org]

---

Potential 0-Day Vulnerability For BIND 9:

http://it.slashdot.org/story/11/11/17/1429259/potential-0-day-vulnerability-for-bind-9 [slashdot.org]

---

Five DNS Threats You Should Protect Against:

http://www.securityweek.com/five-dns-threats-you-should-protect-against [securityweek.com]

---

DNS provider decked by DDoS dastards:

http://www.theregister.co.uk/2010/11/16/ddos_on_dns_firm/ [theregister.co.uk]

---

Ten Percent of DNS Servers Still Vulnerable: (so much for "conscientious patching", eh? Many DNS providers weren't patching when they had to!)

http://it.slashdot.org/it/05/08/04/1525235.shtml?tid=172&tid=95&tid=218 [slashdot.org]

---

DNS ROOT SERVERS ATTACKED:

http://it.slashdot.org/it/07/02/06/2238225.shtml [slashdot.org]

---

TimeWarner DNS Hijacking:

http://tech.slashdot.org/article.pl?sid=07/07/23/2140208 [slashdot.org]

---

DNS Re-Binding Attacks:

http://crypto.stanford.edu/dns/ [stanford.edu]

---

DNS Server Survey Reveals Mixed Security Picture:

http://it.slashdot.org/it/07/11/21/0315239.shtml [slashdot.org]

---

Halvar figured out super-secret DNS vulnerability:

http://www.zdnet.com/blog/security/has-halvar-figured-out-super-secret-dns-vulnerability/1520 [zdnet.com]

---

BIND Still Susceptible To DNS Cache Poisoning:

http://tech.slashdot.org/tech/08/08/09/123222.shtml [slashdot.org]

---

DNS Poisoning Hits One of China's Biggest ISPs:

http://it.slashdot.org/it/08/08/21/2343250.shtml [slashdot.org]

---

DDoS Attacks Via DNS Recursion:

http://it.slashdot.org/it/06/03/16/1658209.shtml [slashdot.org]

---

High Severity BIND DNS Vulnerability Advisory Issued:

http://tech.slashdot.org/story/11/02/23/156212/High-Severity-BIND-Vulnerability-Advisory-Issued [slashdot.org]

---

Photobucketâ(TM)s DNS records hijacked:

http://blogs.zdnet.com/security/?p=1285 [zdnet.com]

---

Protecting Browsers from DNS Rebinding Attacks:

http://crypto.stanford.edu/dns/ [stanford.edu]

---

DNS Problem Linked To DDoS Attacks Gets Worse:

http://tech.slashdot.org/story/09/11/15/1238210/DNS-Problem-Linked-To-DDoS-Attacks-Gets-Worse [slashdot.org]

---

HOWEVER - Some DNS servers are "really good stuff" vs. phishing, known bad sites/servers/hosts-domains that serve up malware-in-general & malicious scripting, botnet C&C servers, & more, such as:

Norton DNS -> http://nortondns.com/ [nortondns.com]
  ScrubIT DNS -> http://www.scrubit.com/ [scrubit.com]
  OpenDNS -> http://www.opendns.com/ [opendns.com]

(Norton DNS in particular, is exclusively for blocking out malware, for those of you that are security-conscious. ScrubIT filters pr0n material too, but does the same, & OpenDNS does phishing protection. Each page lists how & why they work, & why they do so. Norton DNS can even show you its exceptions lists, plus user reviews & removal procedures requests, AND growth stats (every 1/2 hour or so) here -> http://safeweb.norton.com/buzz [norton.com] so, that ought to "take care of the naysayers" on removal requests, &/or methods used plus updates frequency etc./et al...)

HOWEVER - There's ONLY 1 WEAKNESS TO ANY network defense, including HOSTS files (vs. host-domain name based threats) & firewalls (hardware router type OR software type, vs. IP address based threats): Human beings, & they not being 'disciplined' about the indiscriminate usage of javascript (the main "harbinger of doom" out there today online), OR, what they download for example... & there is NOTHING I can do about that! (Per Dr. Manhattan of "The Watchmen", ala -> "I can change almost anything, but I can't change human nature")

HOWEVER AGAIN - That's where NORTON DNS, OpenDNS, &/or ScrubIT DNS help!

(Especially for noob/grandma level users who are unaware of how to secure themselves in fact, per a guide like mine noted above that uses "layered-security" principles!)

ScrubIT DNS, &/or OpenDNS are others alongside Norton DNS (adding on phishing protection too) as well!

( & it's possible to use ALL THREE in your hardware NAT routers, and, in your Local Area Connection DNS properties in Windows, for again, "Layered Security" too)...

---

20++ SLASHDOT USERS EXPERIENCING SUCCESS USING HOSTS FILES QUOTED VERBATIM:

---

"Ever since I've installed a host file (http://www.mvps.org/winhelp2002/hosts.htm) to redirect advertisers to my loopback, I haven't had any malware, spyware, or adware issues. I first started using the host file 5 years ago." - by TestedDoughnut (1324447) on Monday December 13, @12:18AM (#34532122)

"I use a custom /etc/hosts to block ads... my file gets parsed basically instantly ... So basically, for any modern computer, it has zero visible impact. And even if it took, say, a second to parse, that would be more than offset by the MANY seconds saved by not downloading and rendering ads. I have noticed NO ill effects from running a custom /etc/hosts file for the last several years. And as a matter of fact I DO run http servers on my computers and I've never had an /etc/hosts-related problem... it FUCKING WORKS and makes my life better overall." - by sootman (158191) on Monday July 13 2009, @11:47AM (#28677363) Homepage Journal

"I actually went and downloaded a 16k line hosts file and started using that after seeing that post, you know just for trying it out. some sites load up faster." - by gl4ss (559668) on Thursday November 17, @11:20AM (#38086752) Homepage Journal

"Better than an ad blocker, imo. Hosts file entries: http://www.mvps.org/winhelp2002/hosts.htm [mvps.org] " - by TempestRose (1187397) on Tuesday March 15, @12:53PM (#35493274)

"^^ One of the many reasons why I like the user-friendliness of the /etc/hosts file." - by lennier1 (264730) on Saturday March 05, @09:26PM (#35393448)

"They've been on my HOSTS block for years" - by ScottCooperDotNet (929575) on Thursday August 05 2010, @01:52AM (#33147212)

"I'm currently only using my hosts file to block pheedo ads from showing up in my RSS feeds and causing them to take forever to load. Regardless of its original intent, it's still a valid tool, when used judiciously." - by Bill Dog (726542) on Monday April 25, @02:16AM (#35927050) Homepage Journal

"you're right about hosts files" - by drinkypoo (153816) on Thursday May 26, @01:21PM (#36252958) Homepage

"APK's monolithic hosts file is looking pretty good at the moment." - by Culture20 (968837) on Thursday November 17, @10:08AM (#38085666)

"I also use the MVPS ad blocking hosts file." - by Rick17JJ (744063) on Wednesday January 19, @03:04PM (#34931482)

"I use ad-Block and a hostfile" - by Ol Olsoc (1175323) on Tuesday March 01, @10:11AM (#35346902)

"I do use Hosts, for a couple fake domains I use." - by icebraining (1313345) on Saturday December 11, @09:34AM (#34523012) Homepage

"It's a good write up on something everybody should use, why you were modded down is beyond me. Using a HOSTS file, ADblock is of no concern and they can do what they want." - by Trax3001BBS (2368736) on Monday December 12, @10:07PM (#38351398) Homepage Journal

"I want my surfing speed back so I block EVERY fucking ad. i.e. http://someonewhocares.org/hosts/ [someonewhocares.org] and http://winhelp2002.mvps.org/hosts.htm [mvps.org] FTW" - by UnknownSoldier (67820) on Tuesday December 13, @12:04PM (#38356782)

"Let me introduce you to the file: /etc/hosts" - by fahrbot-bot (874524) on Monday December 19, @05:03PM (#38427432)

"I use a hosts file" - by EdIII (1114411) on Tuesday December 13, @01:17PM (#38357816)

"I'm tempted to go for a hacked hosts file that simply resolves most advert sites to 127.0.0.1" - by bLanark (123342) on Tuesday December 13, @01:13PM (#38357760)

"this is not a troll, which hosts file source you recommend nowadays? it's a really handy method for speeding up web and it works." - by gl4ss (559668) on Thursday March 22, @08:07PM (#39446525) Homepage Journal

"A hosts file certainly does not require "a lot of work" to maintain, and it quite effectively kills a LOT of advertising and tracking schemes. . In fact, I never would have considered trying to use it for ddefending against viruses or malware." - by RocketRabbit (830691) on Thursday December 30 2010, @05:48PM (#34715060)

---

Then, there is also the words of respected security expert, Mr. Oliver Day, from SECURITYFOCUS.COM to "top that all off" as well:

A RETURN TO THE KILLFILE:

http://www.securityfocus.com/columnists/491 [securityfocus.com]

Some "PERTINENT QUOTES/EXCERPTS" to back up my points with (for starters):

---

"The host file on my day-to-day laptop is now over 16,000 lines long. Accessing the Internet -- particularly browsing the Web -- is actually faster now."

Speed, and security, is the gain... others like Mr. Day note it as well!

---

"From what I have seen in my research, major efforts to share lists of unwanted hosts began gaining serious momentum earlier this decade. The most popular appear to have started as a means to block advertising and as a way to avoid being tracked by sites that use cookies to gather data on the user across Web properties. More recently, projects like Spybot Search and Destroy offer lists of known malicious servers to add a layer of defense against trojans and other forms of malware."

Per my points exactly, no less... & guess who was posting about HOSTS files a 14++ yrs. or more back & Mr. Day was reading & now using? Yours truly (& this is one of the later ones, from 2001 http://www.furtherleft.net/computer.htm [furtherleft.net] (but the example HOSTS file with my initials in it is FAR older, circa 1998 or so) or thereabouts, and referred to later by a pal of mine who moderates NTCompatible.com (where I posted on HOSTS for YEARS (1997 onwards)) -> http://www.ntcompatible.com/thread28597-1.html [ntcompatible.com] !

---

"Shared host files could be beneficial for other groups as well. Human rights groups have sought after block resistant technologies for quite some time. The GoDaddy debacle with NMap creator Fyodor (corrected) showed a particularly vicious blocking mechanism using DNS registrars. Once a registrar pulls a website from its records, the world ceases to have an effective way to find it. Shared host files could provide a DNS-proof method of reaching sites, not to mention removing an additional vector of detection if anyone were trying to monitor the use of subversive sites. One of the known weaknesses of the Tor system, for example, is direct DNS requests by applications not configured to route such requests through Tor's network."

There you go: AND, it also works vs. the "KAMINSKY DNS FLAW" & DNS poisoning/redirect attacks, for redirectable weaknesses in DNS servers (non DNSSEC type, & set into recursive mode especially) and also in the TOR system as well (that lends itself to anonymous proxy usage weaknesses I noted above also) and, you'll get to sites you want to, even IF a DNS registrar drops said websites from its tables as shown here Beating Censorship By Routing Around DNS -> http://yro.slashdot.org/story/10/12/09/1840246/Beating-Censorship-By-Routing-Around-DNS [slashdot.org] & even DNSBL also (DNS Block Lists) -> http://en.wikipedia.org/wiki/DNSBL [wikipedia.org] as well - DOUBLE-BONUS!

---

* POSTS ABOUT HOSTS FILES I DID on "/." THAT HAVE DONE WELL BY OTHERS & WERE RATED HIGHLY, 26++ THUSFAR (from +3 -> +1 RATINGS, usually "informative" or "interesting" etc./et al):

BANNER ADS & BANDWIDTH:2011 -> http://hardware.slashdot.org/comments.pl?sid=2139088&cid=36077722 [slashdot.org]
  HOSTS MOD UP:2010 -> http://yro.slashdot.org/comments.pl?sid=1907266&cid=34529608 [slashdot.org]
  HOSTS MOD UP:2009 -> http://tech.slashdot.org/comments.pl?sid=1490078&cid=30555632 [slashdot.org]
  HOSTS MOD UP:2010 -> http://it.slashdot.org/comments.pl?sid=1869638&cid=34237268 [slashdot.org]
  HOSTS MOD UP:2009 -> http://tech.slashdot.org/comments.pl?sid=1461288&threshold=-1&commentsort=0&mode=thread&cid=30272074 [slashdot.org]
  HOSTS MOD UP:2009 -> http://tech.slashdot.org/comments.pl?sid=1255487&cid=28197285 [slashdot.org]
  HOSTS MOD UP:2009 -> http://tech.slashdot.org/comments.pl?sid=1206409&cid=27661983 [slashdot.org]
  HOSTS MOD UP:2010 -> http://apple.slashdot.org/comments.pl?sid=1725068&cid=32960808 [slashdot.org]
  HOSTS MOD UP:2010 -> http://it.slashdot.org/comments.pl?sid=1743902&cid=33147274 [slashdot.org]
  APK 20++ POINTS ON HOSTS MOD UP:2010 -> http://news.slashdot.org/comments.pl?sid=1913212&cid=34576182 [slashdot.org]
  HOSTS MOD UP:2010 -> http://it.slashdot.org/comments.pl?sid=1862260&cid=34186256 [slashdot.org]
  HOSTS MOD UP:2010 (w/ facebook known bad sites blocked) -> http://tech.slashdot.org/comments.pl?sid=1924892&cid=34670128 [slashdot.org]
  HOSTS FILE MOD UP FOR ANDROID MALWARE:2010 -> http://mobile.slashdot.org/comments.pl?sid=1930156&cid=34713952 [slashdot.org]
  HOSTS MOD UP ZEUSTRACKER:2011 -> http://it.slashdot.org/comments.pl?sid=2059420&cid=35654066 [slashdot.org]
  HOSTS MOD UP vs AT&T BANDWIDTH CAP:2011 -> http://tech.slashdot.org/comments.pl?sid=2116504&cid=35985584 [slashdot.org]
  HOSTS MOD UP CAN DO SAME AS THE "CloudFlare" Server-Side service:2011 -> http://it.slashdot.org/comments.pl?sid=2220314&cid=36372850 [slashdot.org]
  HOSTS and BGP +5 RATED (BEING HONEST):2010 http://tech.slashdot.org/comments.pl?sid=1901826&cid=34490450 [slashdot.org]
  HOSTS & PROTECT IP ACT:2011 http://yro.slashdot.org/comments.pl?sid=2368832&cid=37021700 [slashdot.org]
  HOSTS MOD UP:2011 -> http://yro.slashdot.org/comments.pl?sid=2457766&cid=37592458 [slashdot.org]
  HOSTS MOD UP & OPERA HAUTE SECURE:2011 -> http://yro.slashdot.org/comments.pl?sid=2457274&cid=37589596 [slashdot.org]
  0.0.0.0 in HOSTS:2009 -> http://tech.slashdot.org/comments.pl?sid=1197039&cid=27556999 [slashdot.org]
  0.0.0.0 IN HOSTS:2009 -> http://tech.slashdot.org/comments.pl?sid=1143349&cid=27012231 [slashdot.org]
  0.0.0.0 in HOSTS:2009 -> http://it.slashdot.org/comments.pl?sid=1198841&cid=27580299 [slashdot.org]
  0.0.0.0 in HOSTS:2009 -> http://tech.slashdot.org/comments.pl?sid=1139705&cid=26977225 [slashdot.org]
  HOSTS MOD UP:2009 -> http://hardware.slashdot.org/comments.pl?sid=1319261&cid=28872833 [slashdot.org] (still says INSIGHTFUL)
  HOSTS MOD UP vs. botnet: 2012 -> http://it.slashdot.org/comments.pl?sid=2603836&cid=38586216 [slashdot.org]

---

Windows 7, VISTA, & Server 2008 have a couple of "issues" I don't like in them, & you may not either, depending on your point of view (mine's based solely on efficiency & security), & if my take on these issues aren't "good enough"? I suggest reading what ROOTKIT.COM says, link URL is in my "p.s." @ the bottom of this post:

1.) HOSTS files being unable to use "0" for a blocking IP address - this started in 12/09/2008 after an "MS Patch Tuesday" in fact for VISTA (when it had NO problem using it before that, as Windows 2000/XP/Server 2003 still can)... & yes, this continues in its descendants, Windows Server 2008 &/or Windows 7 as well.

So, why is this a "problem" you might ask?

Ok - since you can technically use either:

a.) 127.0.0.1 (the "loopback adapter address")
b.) 0.0.0.0 (next smallest & next most efficient)
c.) The smallest & fastest plain-jane 0

PER EACH HOSTS FILE ENTRY/RECORD...

You can use ANY of those, in order to block out known bad sites &/or adbanners in a HOSTS file this way??

Microsoft has "promoted bloat" in doing so... no questions asked.

Simply because

1.) 127.0.0.1 = 9 bytes in size on disk & is the largest/slowest
2.) 0.0.0.0 = 7 bytes & is the next largest/slowest in size on disk
3.) 0 = 1 byte

(& HOSTS files extend across EVERY webbrowser, email program, or in general every webbound program you use & thus HOSTS are "global" in coverage this way AND function on any OS that uses the BSD derived IP stack (which most all do mind you, even MS is based off of it, as BSD's IS truly, "the best in the business"), & when coupled with say, IE restricted zones, FireFox addons like NoScript &/or AdBlock, or Opera filter.ini/urlfilter.ini, for layered security in this capacity for webbrowsers & SOME email programs (here, I mean ones "built into" browsers themselves like Opera has for example))

MS has literally promoted bloat in this file, making it load slower from disk, into memory! This compounds itself, the more entries your HOSTS file contains... & for instance? Mine currently contains nearly 654,000 entries of known bad adbanners, bad websites, &/or bad nameservers (used for controlling botnets, misdirecting net requests, etc. et al).

Now, IF I were to use 127.0.0.1? My "huge" HOSTS file would be approximately 27mb in size... using 0.0.0.0 (next smallest) it would be 19mb in size - HOWEVER? Using 0 as my blocking IP, it is only 14mb in size. See my point?

(For loads either in the local DNS cache, or system diskcache if you run w/out the local DNS client service running, this gets slower the larger each HOSTS file entry is (which you have to stall the DNS client service in Windows for larger ones, especially if you use a "giant HOSTS file" (purely relative term, but once it goes over (iirc) 4mb in size, you have to cut the local DNS cache client service)))

NO questions asked - the physics of it backed me up in theory alone, but when I was questioned on it for PROOF thereof?

I wrote a small test program to load such a list into a "pascal record" (which is analagous to a C/C++ structure), which is EXACTLY what the DNS client/DNS API does as well, using a C/C++ structure (basically an array of sorts really, & a structure/record is a precursor part to a full-blown CLASS or OBJECT, minus the functions built in, this is for treating numerous variables as a SINGLE VARIABLE (for efficiency, which FORTRAN as a single example, lacks as a feature, @ least Fortran 77 did, but other languages do not))!

I even wrote another that just loaded my HOSTS file's entirety into a listbox, same results... slowest using 127.0.0.1, next slowest using 0.0.0.0, & fastest using 0.

And, sure: Some MORE "goes on" during DNS API loads (iirc, removal of duplicated entries (which I made sure my personal copy does not have these via a program I wrote to purge it of duplicated entries + to sort each entry alphabetically for easier mgt. via say, notepad.exe) & a conversion from decimal values to hex ones), but, nevertheless? My point here "holds true", of slower value loads, record-by-record, from a HOSTS file, when the entries become larger.

So, to "prove my point" to my naysayers?

I timed it using the Win32 API calls "GetTickCount" & then again, using the API calls of "QueryPerformanceCounter" as well, seeing the SAME results (a slowdown when reading in this file from disk, especially when using the larger 127.0.0.1 or 0.0.0.0 line item entries in a HOSTS file, vs. the smaller/faster/more efficient 0).

In my test, I saw a decline in speed/efficiency in my test doing so by using larger blocking addresses (127.0.0.1 &/or 0.0.0.0, vs. the smallest/fastest in 0)... proving me correct on this note!

On this HOSTS issue, and the WFP design issue in my next post below?

I also then questioned MS' own staff, even their VP of development (S. Sinofsky) on this here -> http://blogs.msdn.com/e7/archive/2009/02/09/recognizing-improvements-in-windows-7-handwriting.aspx?CommentPosted=true#commentmessage [msdn.com] & other places in their blogs, to get them to tell me WHY this seemingly intentional inefficiency was implemented... & I have YET to get a solid LOGICAL answer on this as to why it was done - THUS, @ this point?

I am convinced they (MS) do NOT have a good reason for doing this... because of their lack of response there on this note. Unless it has something to do with IPv6 (most folks use IPv4 still), I cannot understand WHY this design mistake imo, has occurred, in HOSTS files...

AND

2.) The "Windows Filtering Platform", which is now how the firewall works in VISTA, Server 2008, & Windows 7...

Sure it works in this new single point method & it is simple to manage & "sync" all points of it, making it easier for network techs/admins to manage than the older 3 part method, but that very thing works against it as well, because it is only a single part system now!

Thus, however?

This "single layer design" in WFP, now represents a SINGLE POINT OF FAILURE/ATTACK for malware makers to 'take down'!

(Which is 1 of the 1st things a malware attempts to do, is to take down any software firewalls present, or even the "Windows Security Center" itself which should warn you of the firewall "going down", & it's fairly easy to do either by messaging the services they use, or messing up their registry init. settings)

VS. the older (up to) 3 part method used in Windows 2000/XP/Server 2003, for protecting a system via IP Filtering, the Windows native Firewall, &/or IPSEC. Each of which uses diff. drivers, & layers of the IP stack to function from, as well as registry initialization settings.

Think of the older 3 part design much the same as the reason why folks use door handle locks, deadbolt locks, & chain locks on their doors... multipart layered security.

(Each of which the latter older method used, had 3 separate drivers & registry settings to do their jobs, representing a "phalanx like"/"zone defense like" system of backup of one another (like you see in sports OR ancient wars, and trust me, it WORKS, because on either side of yourself, you have "backup", even if YOU "go down" vs. the opponent)).

I.E.-> Take 1 of the "older method's" 3 part defenses down? 2 others STILL stand in the way, & they are not that simple to take them ALL down...

(Well, @ least NOT as easily as "taking out" a single part defensive system like WFP (the new "Windows Filtering Platform", which powers the VISTA, Windows Server 2008, & yes, Windows 7 firewall defense system)).

On this "single-part/single-point of attack" WFP (vs. Windows 2000/XP/Server 2003's IP stack defense design in 3-part/zone defense/phalanx type arrangement) as well as the HOSTS issue in my post above?

I also then questioned MS' own staff, even their VP of development (S. Sinofsky) on this here -> http://blogs.msdn.com/e7/archive/2009/02/09/recognizing-improvements-in-windows-7-handwriting.aspx?CommentPosted=true#commentmessage [msdn.com] & other places in their blogs, to get them to tell me WHY this seemingly intentional inefficiency was implemented... & I have YET to get a solid LOGICAL answer on this as to why it was done - THUS, @ this point?

I'll stick to my thoughts on it, until I am shown otherwise & proven wrong.

----

Following up on what I wrote up above, so those here reading have actual technical references from Microsoft themselves ("The horses' mouth"), in regards to the Firewall/PortFilter/IPSec designs (not HOSTS files, that I am SURE I am correct about, no questions asked) from my "Point #2" above?

Thus, I'll now note how:

----

1.) TCP/IP packet processing paths differences between in how Windows 2000/XP/Server 2003 did it (IPSEC.SYS (IP Security Policies), IPNAT.SYS (Windows Firewall), IPFLTDRV.SYS (Port Filtering), & TCPIP.SYS (base IP driver))...

2.) AND, how VISTA/Server 2008/Windows 7 do it now currently, using a SINGLE layer (WFP)...

----

First off, here is HOW it worked in Windows 2000/XP/Server 2003 - using 3 discrete & different drivers AND LEVELS/LAYERS of the packet processing path they worked in:

http://technet.microsoft.com/en-us/library/bb878072.aspx [microsoft.com]

The Cable Guy - June 2005: TCP/IP Packet Processing Paths

====

The following components process IP packets:

IP forwarding Determines the next-hop interface and address for packets being sent or forwarded.

TCP/IP filtering Allows you to specify by IP protocol, TCP port, or UDP port, the types of traffic that are acceptable for incoming local host traffic (packets destined for the host). You can configure TCP/IP filtering on the Options tab from the advanced properties of the Internet Protocol (TCP/IP) component in the Network Connections folder.

* "Here endeth the lesson..." and, if you REALLY want to secure your system? Please refer to this:

http://www.bing.com/search?q=%22HOW+TO+SECURE+Windows+2000%2FXP%22&go=&form=QBRE [bing.com]

APK [mailto]

P.S.=> SOME MINOR "CAVEATS/CATCH-22's" - things to be aware of for "layered security" + HOSTS file performance - easily overcome, or not a problem at all:

A.) HOSTS files don't function under PROXY SERVERS (except for Proximitron, which has a filter that allows it) - Which is *the "WHY"* of why I state in my "P.S." section below to use both AdBlock type browser addon methods (or even built-in block lists browsers have such as Opera's URLFILTER.INI file, & FireFox has such as list as does IE also in the form of TPL (tracking protection lists -> http://ie.microsoft.com/testdrive/Browser/TrackingProtectionLists/ [microsoft.com] , good stuff )) in combination with HOSTS, for the best in "layered security" (alongside .pac files + custom cascading style sheets that can filter off various tags such as scripts or ads etc.) - but proxies, especially "HIGHLY ANONYMOUS" types, generally slow you down to a CRAWL online (& personally, I cannot see using proxies "for the good" typically - as they allow "truly anonymous posting" & have bugs (such as TOR has been shown to have & be "bypassable/traceable" via its "onion routing" methods)).

B.) HOSTS files do NOT protect you vs. javascript (this only holds true IF you don't already have a bad site blocked out in your HOSTS file though, & the list of sites where you can obtain such lists to add to your HOSTS are above (& updated daily in many of them)).

C.) HOSTS files (relatively "largish ones") require you to turn off Windows' native "DNS local client cache service" (which has a problem in that it's designed with a non-redimensionable/resizeable list, array, or queue (DNS data loads into a C/C++ structure actually/afaik, which IS a form of array)) - mvps.org covers that in detail and how to easily do this in Windows (this is NOT a problem in Linux, & it's 1 thing I will give Linux over Windows, hands-down). Relatively "smallish" HOSTS files don't have this problem (mvps.org offers 2 types for this).

D.) HOSTS files, once read/loaded, once? GET CACHED! Right into the kernelmode diskcaching subsystem (fast & efficient RAM speed), for speed of access/re-access (@ system startup in older MS OS' like 2000, or, upon a users' 1st request that's "Webbound" via say, a webbrowser) gets read into either the DNS local caching client service (noted above), OR, if that's turned off? Into your local diskcac

Re:When will they work on catching my stalker? (-1)

Anonymous Coward | about a year and a half ago | (#43491943)

Thanks! I learned a lot from reading your post. I'm going to replace my DNS with a giant hosts file containing every domain.

vk.com site + New York Times Article review (5, Interesting)

girlinatrainingbra (2738457) | about a year and a half ago | (#43491833)

Website of Djohar Tsarnaev [vk.com] at vk.com

The New York Times [nytimes.com] is reporting that the two suspects attempted to light a bomb while engaging in gun-fire with the police during a standoff outside of the Watertown, MA, house of Andrew Kitzenberg. Andy Kitzenberg has been live tweeting [twitter.com] images of the police activity, shootout, and bomb explosions, and a bullet going through his wall and his armchair on twitter as linked above.

One of the brothers went to Cambridge Rindge and Latin [wikipedia.org] , one of the oldest high schools in the USA.

Good live tweeting can also be found here (1)

Zaldarr (2469168) | about a year and a half ago | (#43491839)

https://twitter.com/JpDeathBlade

Thanks, Surveillance Society (4, Insightful)

Anonymous Coward | about a year and a half ago | (#43491863)

You know what they will use this anecdote to justify: more cameras with better resolution that are always on. Think 'Eye of Sauron'.

bruce schneier was right. (3, Insightful)

nimbius (983462) | about a year and a half ago | (#43491891)

and, i fully expect to be modded down for this: if we allow ourselves to be terrorized, the point of the action was successful. Locking down the entire city, ordering businesses closed, and shutting down the mass transit system is the very definition of "successful terrorist attack." No amount of national anthem sing-song is going to somehow magically avoid this fact.

Re:bruce schneier was right. (0, Troll)

Anonymous Coward | about a year and a half ago | (#43491945)

Bullshit, you have a mad bomber Chechen NRA teabagger on the lose with who knows what the fuck strapped to his chest and clearly has NRA sanctioned FULLY AUTOMATIC WEAPONS.

Perimeters and cops with guns is fucking called prudence.

What the fuck is wrong with you people?

Re:bruce schneier was right. (0)

Anonymous Coward | about a year and a half ago | (#43491975)

Thank you. Full ack!

Re:bruce schneier was right. (1)

belthize (990217) | about a year and a half ago | (#43491977)

Singing anthems around the bonfire tonight, pitchforks 2 for $1.

I wouldn't sweat it too much, by next week we can all go back to watching honey booboo and free-basing corn syrup.

Re:bruce schneier was right. (0)

Anonymous Coward | about a year and a half ago | (#43492055)

Do you want people out on the streets in the area of a live manhunt instead? There could be bombs in the street, it is not exactly unreasonable given what has happened so far. I think that, for a few hours, safety can take precedence over economics.

Terrorist or freedom fighter? (5, Insightful)

roman_mir (125474) | about a year and a half ago | (#43491981)

So what do you call them now, Americans, are these Chechen guys "terrorists" or "freedom fighters"?

They are Islamist, that much certain, so why are they bombing USA, after all USA was probably more on the side of Chechens in their search for independence from Russia (this is of-course about oil, there is oil in Chechnya).

However it is my personal guess that these guys wanted to bring some terror to USA as an asymmetric response to USA being in the Middle East, Afghanistan most likely. What is interesting is that the two brothers (Johar [vk.com] is the younger one) lived in USA as refugees since 2000-2001. What else could be their motivation if not a newly discovered sympathy towards their 'brothers in religion' somewhere in the Afghan mountains, being attacked by the US empire?

I think this is an example of how exactly the war on Terror will backfire just like the war on drugs did with more violence and more drugs.

War on terror creates more terrorists that were just kids just a few years ago. War on drugs creates more drug related violence.

There is an old idea that violence begets violence, I think it's very much true.

Re:Terrorist or freedom fighter? (4, Insightful)

Grantbridge (1377621) | about a year and a half ago | (#43492065)

Just because someone has Islam on his facebook page doesn't make him an Islamic terrorist. Were all the school shootings in the states Christian terrorists (Crusaders?) because they had Christian on their facebook page? We don't currently know what the brother's motivations were. Perhaps it was do with Chechen independence. Perhaps it was to do with religion. Perhaps they are just mentally ill individuals with an axe to grind with their local community. We don't know at the moment.

Full stop (1)

lcam (848192) | about a year and a half ago | (#43492019)

How do they know they killed the right guy?

A suspect is not known to be guilty, only circumstantially involved in some way that draws attention the the possibility of guilty involvement, hence the meaning of suspect.

At the end of the day it doesn't matter. Maybe it's better to consider he/they are guilty until proven innocent. It can be sorted out later anyways, right?

I remember watching interview with a Reagan SS agent and a story about a kid who held a water pistol a "threatening manner" and almost got drilled. I suppose he would be a suspect worth taking out to avoid the risk these days.

It's better they call the drones in if they already haven't.

Blue team: Go!

"From the Russian region near Chechnya"? (5, Interesting)

Anonymous Coward | about a year and a half ago | (#43492049)

He's not from _near_ Chechnya. It's not a city, it's a region. They are Chechens. References to "his native Chechnya". (The capital is Grozny).

He doesn't consider himself Russian, and he doesn't think he comes from "the Russian region near Chechnya". It was a de facto republic that Russia regained control of militarily.

He's likely a Sunni muslim, but it's quite possible that isn't really a factor here; this could simply be an international protest bombing regarding the west's stance on Chechen independence. Chechens are Muslims the way that Russians are Orthodox Christians and Americans are Catholic or Calvinist in origin; Islam hasn't as far as I understand it been a feature element of their struggle.

pussy Bostonians without mini-14s must hide (0)

noshellswill (598066) | about a year and a half ago | (#43492067)

Hide pussy hide! Too bad 150,000 citizen mini-14s are not aiding in the Muzzi-wog slap_down. Bet that towel-headed bytch would be dead already and fyucking his 70 houri one-by-one.

451 (-1)

Anonymous Coward | about a year and a half ago | (#43492083)

On the screen, a man turned a corner. The Mechanical Hound rushed forward into the viewer, suddenly. The helicopter light shot down a dozen brilliant pillars that built a cage all about the man.
            A voice cried, “There's Montag! The search is done!”
            The innocent man stood bewildered, a cigarette burning in his hand. He stared at the Hound, not knowing what it was. He probably never knew. He glanced up at the sky and the wailing sirens. The cameras rushed down. The Hound leapt up into the air with a rhythm and a sense of timing that was incredibly beautiful. Its needle shot out. It was suspended for a moment in their gaze, as if to give the vast audience time to appreciate everything, the raw look of the victim's face, the empty street, the steel animal a bullet nosing the target.
            “Montag, don't move!” said a voice from the sky.
            The camera fell upon the victim, even as did the Hound. Both reached him simultaneously. The victim was seized by Hound and camera in a great spidering, clenching grip. He screamed. He screamed. He screamed!
            Blackout.
            Silence.
            Darkness.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?