V
VanguardLH
Mayayana said:
Didn't know it was a difficult query. It *is* someone's hosts file.
You used the default one that Microsoft compiled, you compiled your own
blacklist, or you used someone else's pre-compiled blacklist. Obviously
you're not using Microsoft's default hosts file because that won't do
any of the blocking that you are discussing. It looks like YOU compiled
the blacklist in the hosts file and are not using someone else's (e.g.,
MVPS) pre-compiled(*) hosts file.
* Compile does not always mean converting from text into some computer
binary code. See http://dictionary.reference.com/browse/compile:
only definition 4 relates to coding or conversion to the instruction
set recognizable by a processor.
You can use a synonym for compiling if that eliminates your confusion,
like listing, building, assembling, constructing, or collecting. I
speak English (although I see that I should better review my posts or
not be so groggy before submitting them) and quite often discuss topics
outside of computers. "Compile" and "compilation" existed long before
getting adopted into computerese. Anyone that knows what is in the
hosts file shouldn't get confused what it means to compile that list or
using a pre-compiled list. What do you call the act of aggregating
lines of text entries into a file? Once you create that content, how do
you then refer to it (not the container, the file, but the set of all
those entries)? No matter what term you use, someone might assume it
means something else.
How does that script obtain the hostname for 3rd party content which is
not retrieved via hyperlinks or targets in Javascript in the web page,
like it coming from the site but uses redirects at the server to the 3rd
party content? You can't read the scripts up on the server.
Does your script with whatever it does find identify the 3rd party
source with the object in the web page you're trying to block?
Since review of the output of the script seems to be required to decide
what to add to the blacklist, it seems you could do the same using other
tools. In IE, I can hit F12 and select Network to see what connections
are effected by a web page. I can do the same with Fiddler2 which works
with any web browser since Fiddler monitors the web traffic. I've used
Fiddler quite often to determine the source of content that I want to
block or just further research. F12 gives me much of the same info as
Fiddler but I'm just not yet used to using F12. Doesn't Firefox have a
similar network monitoring feature to let you see to to what sources a
web page effects connects? Maybe that's why you had to come up with a
script to do that.
An old trick is to split up an URL so capture of them results in useless
separate snippets. One is to use Javascript to concatenate multiple
variables (but you disable Javascript so that kills this trick).
Another is to split up a URL across cells in a table. Another, as I
recall said:
Javascript is neither good or bad. That depends on the purpose for
which it is [ab]used. I also don't see "heavy" use of Javascript as
mandating "bad" use. There are good programmers and crappy ones. AJAX
is still a foreign or unknown coding paradigm to some. Gmail uses AJAX.
Is it slow for you to visit their home page? Is it slow for you to
login (assuming you have an account)? Is it slow to render their web
pages to use their webmail client? Go to and login at outlook.com.
Does their UI seems slow to you? Have you ever looked at all the script
for outlook.com? Yes, they are usually slower than local apps (although
I too often have severe slowdowns in Thunderbird that were never present
in MS Outlook) but no expects apps across the web to be as speedy as
local apps. It takes time to drive to and from the grocery store to
gather the food you need to make a meal.
No matter what web browser you choose to use, it can take very little
but poorly coded Javascript to get into an infinite loop that will hang
the web browser. The programmer may forget to preload the image files
into a web page using SSI (server-side includes). That can be done
using Javascript but it can also be done using SSI. Some coders do it
using Javascript inside of <HEAD> but you disabling Javascript means
that preloading for faster rendering is lost. If you've managed to only
visit sites without images then preloading is not an issue for you. Not
everyone profiles their web pages to tweak them for best performance.
So it's more of how badly Javascript gets used than its presence being
the problem.
Look at all the crappy add-ons for Firefox that someone dashed out and
poop onto the public. Is the feature of add-ons in Firefox a bad
feature or is it the add-ons that are bad (because of bad programmers)?
It looks like you're blaming the pot for the bad soup within.
You're such a card.I've never had Flash installed. I don't need to
see dancing car ads, and I certainly don't need the extra malware
attacks.
I didn't know I was being funny. I've never used Pale Moon. My use of
Firefox was too long ago to remember if Mozilla caved to add a Flash
plug-in to Firefox or if users had to get get it themselves.
You must also not watch video news, too. Not everyone is a top-notch
speed reader that can read the news in the same time it takes to watch
it. Say a video shows someone getting hit by a train. Twould take a
lot of words to convey mentally the same image and emotional reaction.
I do still get the Sunday newspaper in my postal mailbox yet I mostly
rely upon online news to stay current and I simply don't have all the
time in having to read everything that I now view via videos. I can
read a lot on how to remove and install a new toilet, a job I've never
done before, but a few YouTube videos educates me a lot faster and much
more thoroughly.
And you're equating your educated compilation, er, construction of a
user-defined hosts file to tailer the web experience to your particular
wants to users of pre-compiled hosts file that never review its contents
and are blocking EVERY possible ad in every web page they visit. From
our discussion, it looks like both you and I are not interested in
squeezing out 1% more blocking effect from 99% more perspiration. We
aren't trying to block every ad. That's not the intent I see exhibited
by those using pre-compiled hosts files, the Adblock Plus add-on,
Ghostery, NoScript, and so on. Those folks are trying to squeeze out
every ad. That's what I call excessive hence crazed hence over
sensitive.
That's highly likely. I use the Internet to research a topic and find
solutions when helping users here in Usenet or to provide references to
them for the info they need. I'm in software QA and am always
researching how to code something, setup up something, educate myself,
or maintain or increase my skills set. That means I have to go wherever
is the information. In fact, I've had to request updates directly to
Websense to get them to recategorize a site so it doesn't get blocked
because it was miscategorized (Websense is a censoring service that many
companies use to control to where their employees connect, like not
wanting them wasting time at entertainment or porn sites, or not even
let them access webmail sites because company policy is that all
e-mailing should be through the corporate mail server). Right now I'm
into a new personal project with a buddy to write an app that runs under
Android OS which means I have to install, learn, and get help on
Eclipse, the Android plug-in, using a VM running Android OS instead of
the emulator in the Android SDK (which I had to research to even make
this decision), and start learning and get help on C#. So who knows
where I'll have to visit to get information on all that. Someone who is
a vet intern at a animal rescue center is in education mode and along
with finding and contacting various DNR-certified rehabilitators for
nursery care of the animals, and who know where they end up visiting on
the web. With any profession, the Internet is a wealth of information
from which to cull help and its spread all over.
The hyperlink could be on-domain but uses an attribute to specify an
off-domain target source. That requires URL filtering since the site is
referenced, not directly targeted by the hyperlink. For example,
http://visiteddomain.com/...&url=http://baddomain.com/adpage.htm,
how are you going to block a visit to the bad domain when you click the
hyperlink you thought was for the domain you visited? The example I
showed was shortened versus a redirection link that is usually so long
that the users cannot view it all at once unless they copy it and paste
into Notepad to look at it all (and know how to parse URLs).
I figure if you went to the effort of compiling (yes, compiling) a hosts
file and using DNS blocks that using URL filtering would a natural next
step in your arsenal. However, if you review every hyperlink before
clicking on it (including those that are clickable maps, like images)
then you don't need URL filtering. Since you're not crazed about
eradicating every 3rd party content however it is delivered, you also
don't care about a site that delivers the 3rd party (off-domain) content
through its own domain, like for an image, video, or whatever whose
source is at http://visiteddomain.com/adsrv/ref.php&id=12537 where they
use their own server-side PHP script (which still runs regardless of
what you do about Javascript on your end) that finds an ad to insert
into their web page that uses an ID number to reference the off-domain
source of the ad. Nothing in the link points at the bad domain (which
could be, for example, Doubleclick). The ad comes through their domain
but is sourced elsewhere. If the server-side reference points at a
hostname (FQDN) then DNS blocking would still work (e.g., Acrylic DNS,
OpenDNS). If they use an IP address, DNS is not involved so nothing at
the DNS server is going to block (fail the lookup) the client from
getting to the ad source. You and I know about DNS-based blocking. So
do they.
| I know you're going to deny visiting there because of their use of
| scripts and Flash, but say you visited YouTube. Filtering out on the
| URL substrings of "*/iv3_module*" and "*/annotations_invideo*" get rid
| of those annoying annotation popups that show during playback of the
| video. Can you do that with Acrylic DNS?
You don't need script and Flash at Youtube, silly.
I don't watch anything I have to stream. When I go
to Youtube I use DownloadHelper to download the
video. I see no ads or popups. Nor do I see any
video running that I didn't choose to play.
So you using another client (and add-on) to capture the Flash media
stream to play in a local player. That means you have to wait for the
download to finish before you can even start to view it. N time to
download and M time to view so it takes you N+M time to get done viewing
the captured stream. Watching it while it plays means it only take N
time (plus a few seconds for buffering) to completely view the stream.
I have no need to locally store all those streams since most are only
viewed once and I'm really not interested in viewing them later. When
talking on the telephone, I don't want the other party to record their
response on a recorder to then play it to me.
In IE11 using its safety feature to default to disabling AX, and
somewhat similar to how NoScript will block Flash by default in FF, I
don't see any Flash content until I decide that I want to see it. If I
choose to view the video, I want to see it now, not sometime after it
gets downloaded in using another app that runs in a shell with greater
privilages then when viewed within the web browser. If I want to
permanently save a streamed video, I have a program just for that and
which continues to run even after exiting all instances of the web
browser.
Yes, *I* and many others *do* want Flash support to see the streamed
video when we choose to see it. You prefer a different access method
that delays viewing the video. I, like many users, are bouncing around
many web pages during a web session and don't want to wait around to
view the content in a web page.
Are you capturing the actual stream or just the .swf file that has the
Flash player (whichever one you use) still go out to connect via the
Internet the the stream server? If so, you've nullified your argument
about security concerns with Flash in web pages. Plus the video is now
playing in a viewer app that has the same privileges as the account
under which you log into the OS rather than the throttled environment of
a player used inside a web browser.
The FBI and agencies in other gov'ts are busy mapping the exit nodes for
Tor and similar. The process is easy but resource intensive. The
number of exit nodes is small compared to the number of relay nodes to
obfuscate the pathing. You connect to a Tor node. Every computer knows
the IP address of the other computer to which it connects and every
computer that connects to it. That's required for IP handshaking and
data transfer. You know the Tor node to which you connected and you
know the Tor node connection to your destination host.
Tor node operator that was arrested for abetting in the transfer of
illegal content (child porn).
http://preview.tinyurl.com/p75tlhx.
Tis something of little interest to me but I have seen mention of
mapping out the entrance/exit nodes of Tor and even penetrating into the
darknet. Searching on "mapping tor nodes" returns lots of articles but
I don't use it so it has as much interest to me as gardening tips on how
to prevent weeds from growing around your flowers (as you can guess, I'm
not into gardening, either).