How to navigate away from quicksand domains which hold your browser captive until you install their software?

[Alfred Einstein]

"Ed Mullen" <ed@edmullen.net> wrote in message
newsIGdnTP_78JRXufVnZ2dnUVZ_uydnZ2d@comcast.com...
> Tom wrote:
>> On Sun, 13 Jul 2008 14:52:18 -0400, Ed Mullen wrote:
>>
>>> Why are you jumping through all these hoops? The Windows "hosts" file
>>> is a plain text file you can edit in Notepad.
>>
>> I know, I know. Microsoft put the c:\windows\system32\drivers\etc\hosts
>> file in the most
>> ridiculous non-intuitive spot it could possibly find, deep in muck, deep
>> under large directories that take a while to load, and without a decent
>> extension so you have to grope for your text editor (mine is vim
>> freeware).
>>
>> So, rather than "jump thru hoops" each time just to edit the hosts file,
>> I
>> add a one-time-only registry key "hosts" which opens up the TEXT file (so
>> that I have a backup if I need it). When I type "Start -> Run -> hosts",
>> vim opens up that
>> c:\windows\system32\drivers\etc\hosts.txt text file, where I edit and
>> save
>> to "hosts" which it saves in the current directory (i.e.,
>> c:\windows\system32\drivers\etc\hosts).
>>
>> That's a LOT easier than navigating deep into the windows hierarchy into
>> the least logical place MS could have placed the hosts file and then
>> fumbling around to get notepad to edit the file with no extension.
>
> Nonsense!
>
> You have detailed a process that does not work in my standard install of
> WXP-SP3. You have further created a questionable process involving
> editing the Windows Registry which is, at best, a questionable process in
> and of itself, and hardly something to be posting to a newsgroup.
>
> Further, you have not answered satisfactorily any questions of the links
> you posted. And, your bizarre approach to a HOSTS file is ...
> mind-blowingly stupid.
>
> I deem this entire thread bogus at best, threatening at worst. I
> encourage no one to do anything that "Tom" has recommended until he
> demonstrates that he actually knows what he's doing by citing
> authoritative references.
>
> That HOSTS file and registry stuff is total nonsense and the product of
> (at best) someone who has not a clue and who has been surfing and copied
> suspect references.

Nonsense. This is a fine solution (though I can think of simpler ones ...
like just creating a shortcut to vim-edit the hosts file).

[Alfred Einstein]

"Ed Mullen" <ed@edmullen.net> wrote in message
news:X7Cdnc2HA5I5UufVnZ2dnUVZ_tXinZ2d@comcast.com. ..
> Tom wrote:
>> On Sun, 13 Jul 2008 21:36:51 +0100, hummingbird wrote:
>>
>>>> Rather after-the-fact isn't it?
>>> He can use the hosts file to avoid going to that site
>>
>> The whole point is to be able to get out of the quicksand without having
>> to
>> kill the entire browser session (losing all your tabs).
>
> You have not demonstrated that this is an issue. Most of the URLS you
> posted died as a 403 or something. This is a non-issue for 99% of users
> and I believe you are (at best) spamming, at worst trying to suck people
> into your links. Well, ok, you could just be stupid.
>
>>
>> If you kill the browser, yet you wanted the OTHER tabs (not the quicksand
>> tab), you can't ever start it again 'cuz you can only recover all the
>> tabs
>> or none of the tabs.
>
> What? You are clueless.
>
>> So, this hosts edit and then doing a shift reload, allows you to blank
>> out
>> the one quicksand tab and move on with your life.
>>
>> Elegant, isn't it?
>
> Not!
>
> Idiotic at best when considered in light of his other posts.

Hey Ed. Are you Bare Bottoms in disguise. Or just a wannabee?.

[Alfred Einstein]

"Ed Mullen" <ed@edmullen.net> wrote in message
newsIGdnTL_78LaWefVnZ2dnUVZ_uydnZ2d@comcast.com...
> Tom wrote:
>> On Sun, 13 Jul 2008 14:52:18 -0400, Ed Mullen wrote:
>>
>>> And do a search on "hosts.exe" and you'll find things like this:
>>
>> I know. I know.
>>
>> Those who know the Windows registry know that, in Microsoft's infinite
>> wisdom, the "App Paths" key MUST end with "exe" for it to work. There is
>> no hosts.exe (I repeat) there is no hosts.exe. The whole point of the App
>> Paths key is to make the editing of hosts a
>> simple one-click affair.
>>
>> But, Microsoft insists that ALL "Apps Paths" keys end with "exe" whether
>> or
>> not the file you're trying to open ends with ".exe".
>>
>> So, that's the ONLY reason the hosts App Path key is called "hosts.exe".
>>
>> Please reply if you understand this 'cuz I feel badly that this was
>> misunderstood by a few of you.
>
> You do not have a freaking clue. Your entire rant about the HOSTS file
> management process in Windows is ignorant at best, damaging most likely,
> possibly intent on some nefarious goal.

I think Ed is dead in the head.

[Beauregard T. Shagnasty]

Me Here wrote:

> If you have other tabs open that you want to keep viewing, then yes,
> it's a good immediate, albeit 'temporary' solution to the problem. I
> say temporary because using a Hosts file isn't a good solution. Many
> malware sites scan and remove their listings from hosts files (and even
> locking it via the read-only attribute won't protect you).

What? You are gonna have to find reliable cites for that nonsense.

> They do it by making you log into a benign site first (one that isn't
> blocked) and using that to remove their entry from your Hosts file
> before redirecting you and trapping your browser. Even running free
> FireFox addons such as NoScript won't protect you unless you've been
> caught before and know not to allow the site access to Java or JS.

More bollox.

--
-bts
-Friends don't let friends drive Windows

[Me Here]

Beauregard T. Shagnasty wrote:
> Me Here wrote:
>
>> If you have other tabs open that you want to keep viewing, then yes,
>> it's a good immediate, albeit 'temporary' solution to the problem. I
>> say temporary because using a Hosts file isn't a good solution. Many
>> malware sites scan and remove their listings from hosts files (and even
>> locking it via the read-only attribute won't protect you).
>
> What? You are gonna have to find reliable cites for that nonsense.

Google is your friend. I won't do your homework for you.



--
Me Here


Now each one of us, black or white, is a symbol. The war is out in the
open and the skin color is a uniform. All the deep and basic
similarities of the human condition are forgotten so that we can
exaggerate the few differences that exist. -- John D. MacDonald, The
Girl in the Plain Brown Wrapper

[Michael Fesser]

..oO(Me Here)

>If you have other tabs open that you want to keep viewing, then yes,
>it's a good immediate, albeit 'temporary' solution to the problem. I
>say temporary because using a Hosts file isn't a good solution. Many
>malware sites scan and remove their listings from hosts files (and even
>locking it via the read-only attribute won't protect you). They do it
>by making you log into a benign site first (one that isn't blocked) and
>using that to remove their entry from your Hosts file before redirecting
>you and trapping your browser.

Indeed. I do the same on my own websites. I always scan the machines of
my visitors for nude pics and contact info of their girlfriends.

>Even running free FireFox addons such as
>NoScript won't protect you unless you've been caught before and know not
>to allow the site access to Java or JS. You should really be running
>an IP blocking program like PeerGuardian or if that is too much hassle,
>do what I do and use OpenDNS. I'm sure there are other solutions, those
>two just spring to mind. My advice, if you don't want this happening
>again and you're the type that's likely to run across sites like these
>often, is to do a bit of research into blocking methods and choose the
>one that best suits your need.

I don't block anything, I don't even have anti-spyware or virus scanners
on my workstation, still my box is clean. What am I doing wrong? Help!!1

Mi'amused'cha

[Me Here]

Beauregard T. Shagnasty wrote:
> Me Here wrote:
>
>> If you have other tabs open that you want to keep viewing, then yes,
>> it's a good immediate, albeit 'temporary' solution to the problem. I
>> say temporary because using a Hosts file isn't a good solution. Many
>> malware sites scan and remove their listings from hosts files (and even
>> locking it via the read-only attribute won't protect you).
>
> What? You are gonna have to find reliable cites for that nonsense.
>

Oh, just so I don't get the wrong idea - are you saying that malware
can't change the hosts file or that you've never heard of it being done?



--
Me Here


"Your vote certainly counts. On the other hand, your vote may not be
counted." -- Robert Richie, Center for Voting and Democracy, commenting
on the 2000 Presidential election.

[Michael Fesser]

..oO(Me Here)

>Beauregard T. Shagnasty wrote:
>> Me Here wrote:
>>
>>> If you have other tabs open that you want to keep viewing, then yes,
>>> it's a good immediate, albeit 'temporary' solution to the problem. I
>>> say temporary because using a Hosts file isn't a good solution. Many
>>> malware sites scan and remove their listings from hosts files (and even
>>> locking it via the read-only attribute won't protect you).
>>
>> What? You are gonna have to find reliable cites for that nonsense.
>
>Google is your friend. I won't do your homework for you.

A website alone doesn't do that. A good browser doesn't do that. An
appropriate system setup doesn't allow that. Many things have to go
really wrong in order for this to be possible. The most important:

* You have to use a "browser" like IE, preferrably with all ActiveX crap
enabled (not necessary, but makes it a bit easier for the attacker).

or

You have to disable your brain before executing a mail attachment.

* You have to be logged-in with admin privileges.

In such an insecure environment it's no surprise when you get infected
with a trojan. And if the malware is on a system with admin privileges,
then good night. But if you are at that point, you've already made some
huge mistakes before. On a properly configured system such things don't
happen.

Micha

[Me Here]

Beauregard T. Shagnasty wrote:
> Me Here wrote:
>
>> If you have other tabs open that you want to keep viewing, then yes,
>> it's a good immediate, albeit 'temporary' solution to the problem. I
>> say temporary because using a Hosts file isn't a good solution. Many
>> malware sites scan and remove their listings from hosts files (and even
>> locking it via the read-only attribute won't protect you).
>
> What? You are gonna have to find reliable cites for that nonsense.
>
>> They do it by making you log into a benign site first (one that isn't
>> blocked) and using that to remove their entry from your Hosts file
>> before redirecting you and trapping your browser. Even running free
>> FireFox addons such as NoScript won't protect you unless you've been
>> caught before and know not to allow the site access to Java or JS.
>
> More bollox.
>

Ahh ****it, I wasn't going to do your homework but I just couldn't help
Googling to see how many links popped up - so many I just shook my head
and laughed. Of course, wikipedia was among the top 3...

Here's two to start you off explaining why hosts files by themselves
aren't secure and how easily they get hijacked:

http://en.wikipedia.org/wiki/Hosts_file

and just in case you have doubts about the authenticity of information
in wikipedia:

http://www.virusbtn.com/resources/gl...hosts_file.xml


Once you've grasped that, then you may begin to realise why, if you use
a hosts file to block stuff, you need to run a hosts file manager (all
good hosts file managers monitor the hosts file for unauthorised
attempts at changing it) or else you're just pissing in the wind.

Next time, please Google and get your facts right before slighting
someone else's post.


--
Me Here


The speed is a pain, but better than a 1/2 hour drive across Munich. --
Bernhard Schneck, Re: disk NFS-mounted via PPP (1993)

[Hendrik Maryns]

Tom schreef:
> On Sun, 13 Jul 2008 19:16:24 +0200, Hendrik Maryns wrote:
>
>> If I click on this in Firefox 3 (on Linux, but that shouldn’t make a
>> difference), I get a page warning that it is a scam page, with a button
>> ‘Get me out of here!’.
>
> That warning must be coming from the browser.

Of course it is. In the Preferences: Security → ‘Tell me whether the
website I am visiting is a possible attack site’ and ‘Tell me whether
the website I am visiting is a possible spoof site’ or something similar
(I have a Dutch version).

H.
--
Hendrik Maryns
http://tcl.sfs.uni-tuebingen.de/~hendrik/
==================
http://aouw.org
Ask smart questions, get good answers:
http://www.catb.org/~esr/faqs/smart-questions.html