What does HackerNews think of hosts?

For those times I find the following tools really useful.

But like the article says... its is hard to trust a company that build all this adware crap into my OS in the first place. =P

* O&O ShutUp10++ – Free antispy tool for Windows 10 and 11 || https://www.oo-software.com/en/shutup10

(I turn all the recommend options off, and then re-enable Clipboard History.)

* GitHub - StevenBlack/hosts: Consolidating and extending hosts files from several well-curated sources. Optionally pick extensions for porn, social media, and other categories. || https://github.com/StevenBlack/hosts

(And if you block things at the host level, remember to disable DNS Caching.)

* How to disable Windows 10 DNS Cache services || https://social.technet.microsoft.com/Forums/windows/en-US/a0...

* Wise Program Uninstaller - Uninstall, Remove or Force Uninstall Programs Completely || https://www.wisecleaner.com/wise-program-uninstaller.html

And lately it's the same sort of shit... My dad will get a text message on Facebook from a "friend" (usually a dead friend) and it'll say something like, "I'm Joe's kid, and things are hard since Joe died and we need some money or we'll have to pull our kid out of school..." paraphrased, but that's generally the angle people take. And the scammers will send hundreds of messages... it makes it so hard.

I'll ask, "Dad, why did you have a 200 message conversation with this person?"

"Oh, I thought they were a scammer, but you never know... and after a while they just seemed legit." Again, paraphrased. Dad can't talk for less than 30 minutes at a time. =P

So what do I do?

1) I lock his devices and home router. I turn off data on his phone so he can only make calls when he's not on Wifi. I block ads (since those can take him to sites he doesn't need to be on), and I block fake news. https://github.com/StevenBlack/hosts

2) I sit down with him once a month and delete people on his Facebook account. I want to delete the whole account... but he uses it to talk to some of his friends... and it's important for him to keep connections. That said... FUCK Facebook for not doing more to prevent scammers. On some level, there's just no way to stay clean there. We delete anyone who died, or anyone who he hasn't spoken with in 1 year, and anyone who he has had any sort of falling out with. And man... the most frustrating thing is how many of these people we delete that just keep re-adding themselves. Facebook really should not re-suggest a friend if you delete them. It's such a sticky cancer with how it operates.

3) I sit down with him once every 2-3 months and we delete everyone in his phone and make sure contacts are up to date. I tell him to never take a call from a number he doesn't recognize, and to call me immediately if there's ever any doubt.

4) I run all the updates on his computer every month. And I check for programs that he doesn't need. Dad only has "User" access on his laptop, and I've toyed with the idea of taking away his ability to install any programs... but when we did that it meant he'd call me a lot more because someone had a Zoom meeting and he needed me to run an update. It's always a cost vs. benefit analysis with restrictions.

5) I have his phone paired to an old Tablet so I can keep tabs on him... I hate that I have to do this, but he's lost over $50k in the last 10 years to scams. And it's not the money that even matters... it's how down and how he cuts off connections with everyone once he gets scammed. The las time he lost like $5k... he wrote a check and mailed it, and somehow the person was able to cash it even though they weren't the name on the check. Anyway Dad really beat himself up over that, but it's not healthy for old people to be shut-ins. They need to talk with other people every day or the risk of dementia goes through the roof...

6) While not a perfect protection... we keep like $2k in his debit card, and we don't use credit cards. He has protections on his debit card from his bank, and that way he's got minimal exposure to online spending and credit card fraud. We just transfer over money every month from his savings / retirement accounts. And now that Dad is in his 80s, I mostly manage those for him.

7) I love for him to interact with people. Every time he goes to the dog park or gets out and meets a new friend... I'm happy and I want him to have conversations with people. But fucking hell, I swear 90% of the people who want to talk to the elderly are scammers. And at some level too... Dad doesn't mind being scammed if someone is willing to talk to him for 30 minutes... just listen to his stories. That's the hardest part. I tried hiring a nanny, just a local kid who was a baby sitter... to go and talk to him. It was OK. I tried Better Help, and tried to find a shrink that would work with him and not tell him she was a shrink... not be so overt about the whole process, but that was a disaster. Once Dad found out it was a "mental health" related call he got really mad... past generations don't have good opinions on that sort of thing. It's hard... I don't have a great solution. I got Dad a personal trainer, and a maid, and a nanny... and between them he has enough random people to talk to every week. He looks forward to it, and that helps him avoid being lonely and talking to scammers online I guess. I don't know, it's sad and it's hard.

8) I try and go grocery shopping with him, so that way random people don't "offer to help" and then hit him up for payment. One other thing I noticed is that Dad literally has no concept of money. On one hand, "Candy bars cost a nickel!" and on the other, "Oh that Uber ride to the VA at peak hours just cost you $155..." or "The dentist wants $8,500..." and like... it's hard to have any sense of what things should cost. He doesn't want to be seen as cheap, so if someone drives him to the grocery store he normally gives them like $100... and then, if that person is shady they'll start offering to drive him other places... and like I said I don't know the answer here, at some point he will need to be put in a home away from people. It's hard. Right now he lives in an apartment near me, and there area all ages there. He isn't sick, he walks 5-10 miles a day with his dog... he's active, likes to go dancing, but he's just so SO very lonely. Desperate for anyone to talk to... but he can't hear, and he only wants to talk about things he's an expert in, and only to people who want to listen to him with a lot of respect... so it's hard. The moment someone scoffs at a story, or doesn't just sit attentive and focused... Dad will get mad. He just wants to be relevant, and he's not. Right? Like that's the core problem is how do you gracefully allow yourself to be comfortable with not being relevant? All of his friends are dead. Most of his knowledge is really old. It's all part of the dying process I guess, but it sucks. And I'm sure it'll suck for me too if I ever get that age.

9) Dad has coverage through the VA -- and just real quick, we're all so screwed if we don't fix health care. The only thing that makes any of this possible is that it's "free" and there aren't insurance companies sending bills... I can't hardly deal with my insurance companies now, and if I have to do this when I'm 80... well, fuck... I'm sure I'll just not bother going. It's all so damn complicated. I have no clue how much money something will cost -- and while that's "ok" for me now, for someone on a fixed income that would be debilitating. I just don't know... I feel like we're all really sunk if we don't get health costs under control in the US. It's a total shit show.

10) "Use the app" -- fuck this for the elderly... every time someone is like, "Please use this call system, that changes the volume every recording..." (those just blow out his hearing aids) or someone tells him to "download an app to book an appointment!" I want to scream. Accessibility issues are real, especially for the elderly. And nobody takes any of it seriously. His phone uses 250% font size. Guess what apps work? Like none. And still everyone wants him to use an app. I hate it. I end up installing all the apps for him on my phone and just doing it for him.

11) Fuck all the people who sell data about the elderly. Looking at you, American Airlines. Not 30 seconds after I booked a flight where I requested "Sky Cab" (the golf cart service) they called him to offer him some sort of emergency medical alert device, that comes with a monthly service fee. AND they told me it was "to help with your upcoming flight" -- Dad totally would have bought this if I hadn't gotten the call. And this sort of shit is all over... it's not just people scamming the elderly, it's all these shitty companies. Highly recommend using your phone number for a few months to get a feel for what it's like for the old folks. It's really bad out there to be old. Any sort of predatory advertising to the elderly... I wish I could just zap the people doing it in the balls. It shouldn't exist. Makes me so mad... and like I said, it's all over. The scammers sales people know where to find data on who is old, and AI is just going to make spotting the real messages that much harder.

That was a rant, sorry... this shit is hard. And I wish it wasn't.

And... don't get me started on how child care has a tax break, but elder care doesn't. And how shitty workplaces generally are about taking time off to help elderly parents, vs. someone just calling in, "My kid is sick." I don't want things to be harder for parents with kids, but I do want things to be easier for adults to who take care of their parents. It's all just really shitty and a ton of work. Dad has PT once a week, and he had some other health issues that were once a week... and let's be honest... my boss at the time was a real See You Next Thursday about me taking time off to help Dad, meanwhile she never gave anyone flak for cutting out early to have to pick their kids up from school. Having older parents who need a hand... it all just sucks. But it beats the alternative.

Sure, you had to use O&O ShutUp (1) and block ads via hosts table (2) and turn off DNS Caching (3) or it would take like 10 minutes to find your internet connection again every time you re-booted... but I felt like they were going in the right direction, and I could mute all the crap I hated.

And then Windows 11 came out. And it has zilch in the way of any new features, and they keep pushing more and more of the annoying crap. Like a "search" button that forces Bing, and weather than forces Bing, and "online" that forces Teams and whatever else. And you can turn stuff off, for the most part...

But I just feel like they're constantly trying to find new ways to spam their crap on me, and force their other products or services -- many of which I've already told them numerous times I hate. I hate Bing. I hate Teams. I hate all that schlock they're peddling. And they keep making it more pervasive, and harder to turn off.

And look, there's no UX improvements I enjoy, there's no features I need... Windows 11, and all of Microsoft's new features for Windows are just garbage. And it was hard to install, I had to do some hacky stuff to get my motherboard to spoof some settings so I could even put Windows 11 on what was at the time a 2-year-old computer.

If I had one wish for Microsoft, it would be to stop trying to sell me things via the OS. Just build a good OS, and stop all the other crap. It's not making me say, "Gosh, I love all your new features!" It's making me actively look for alternatives.

(1) https://www.oo-software.com/en/shutup10

(2) https://github.com/StevenBlack/hosts

(3) https://learn.microsoft.com/en-us/answers/questions/47441/ho...

Pull all the (URL)s for Instagram from the lists.

Adding blockers to the hosts table still works with Chrome... hope they don't muck with that...

https://github.com/StevenBlack/hosts

But if they do... there are always DNS solutions you can add to your Router.

https://nextdns.io/

I use Firefox, but even things like Windows spams ads at you if you let it. So many things have Google trackers built in too...

Most VPS providers don't have the technical resources to track down the command-and-control nodes. This requires a higher level of visibility they do not have. The folks that have this level of visibility will not likely assist with bot noise unless the bots are also being used to steal government secrets or embarrass government officials or attack public infrastructure. There are ways to trick some of the bots into attacking public infrastructure but I would not want to be caught up in that legal quagmire as I am easy to find and bot owners are not.

In summary, the best one can do is either configure systems to discard the noise in web logs and block low reputation IP addresses in their mail servers or if one feels the desire to do something, create tarpits/honeypots for the bots to get stuck in. Tarpits have very little impact on bots but if one wanted to feel like they were doing something it's a start. For example, I have numerous nodes that accept email for all the popular domains. Spam bots think they are relaying thousands of emails through my nodes per day but that is a tiny fraction of a tiny fraction of the spam that people will receive. I am not even making a tiny dent in the problem.

As a side note, there are ways to block some of these bots if you control your web and email servers but that is another topic all together and if too many people implemented such techniques then the bot developers would evolve around it. Apologies if this sounds defeatist. Some use blocklists [1][2] to reduce the noise on their web servers and RBL/RSL [3][4][5] servers to reduce the noise on their mail servers but this has limited efficacy and I think it just takes up memory by increasing the routing table or takes up CPU by making large ipset lists for iptables.

[1] - https://github.com/firehol/blocklist-ipsets

[2] - https://github.com/StevenBlack/hosts

[3] - https://www.uceprotect.net/en/index.php?m=6&s=0

[4] - https://www.spamcop.net/fom-serve/cache/291.html

[5] - https://www.spamhaus.org/zen/

Pity as they are great, so I often pass on them!

[] https://github.com/StevenBlack/hosts

That takes care of a significant chunk of the ever increasing pollution.

The adtech world is totally reponsible for the state of affairs. They need to pay a big price or its not going to slow down anytime soon.

I am really interested in the social media blocking. I have been quitting social media for 5 or 6 years now. The hardest for me was Quora, I think. I don't know why, they where like the mafia: "Just when I thought I was out, they pulled me back in" What worked for me was blocking them on the router and the hosts files[0]. This meant there where two steps to unlocking a blocked site. And for extra friction I used a long router password and don't save it. The longer it takes you to reach the thing, the more opportunity to change your mind.

The good news is that social media addiction is relatively quick and painless to cure. I stopped missing them after about a week.

And there are a lot of positive outcomes from quitting this stuff (especially for doomscrollers and dopamine junkies ;) I have been quitting a lot of stuff recently like sugar, sweeteners, coffee, carbs and processed food! And for a little while it's rough. Quitting anything will be rough for at least a few days. But as you strip away more sources of artificial dopamine stimulation, the body compensates, or maybe you just become more sensitive to it. Real life starts to give you some of that dopamine buzz that you where chasing online (or in a can of diet soda!)

But but now I start to feel little dopamine kicks whenever I take some small positive action like doing some exercise or fasting, or walking past the junk food.

[0] crowd sourced hosts files to block ads, social-media and porn: https://github.com/StevenBlack/hosts

This way you become mostly invisible to the ad and malware industry, no matter which browser you use.

Have JavaScript toggle next to address bar and keep JavaScript off by default. Most cookie banners will disappear.

Use Reader mode for daily news browsing. Most things will disappear except for main content. And it makes Internet less addictive.

The difference between swimming and drowning is subtle - flailing your limbs frantically vs relaxed movement. To many complex solutions will make us drown.

Consider swimming instead :)

To reduce your data consumption and improve load times as well as security/privacy you may consider a /etc/hosts blocklist[1]. It's not going to help with reducing data in zoom calls, Netflix and podcasts but it adds up. Also don't forget application/service specific settings like switching all preferred resolution in video to the lowest quality etc.

DNS traffic can be reduced (and sped-up) with a local cache (dnsmasq - or better yet dnscrypt-proxy[2]).

[1] https://github.com/StevenBlack/hosts

[2] https://github.com/DNSCrypt/dnscrypt-proxy

A lot of popular block lists are hosted on GitHub, so that made it really easy to clone the repo and do a full history import of the project. I made a little script that could walk the git history and generate a JSON file containing all the unique versions to import [1]. The oldest lists from Steven Black's popular hosts project: April 2012 [2]. Other lists are harder to find history on, so they just go back as far as this project does.

As a test to watch domains from one list get consumed by other lists, I added a fake domain to my list 'developer-dan-list.clksite.com'. This root domain is particularly useful since it is a wildcard and will have a valid DNS response to any subdomain. As expected, I saw it get added to multiple lists in the following days.

[0] https://www.github.developerdan.com/hosts/

[1] https://github.com/blocklist-tools/github-history-generator

[2] https://github.com/StevenBlack/hosts

Disclosure: Some of us have been actively curating such amalgamated lists for a long time. https://github.com/StevenBlack/hosts

The internet experience has improved a lot since ads and trackers are blocked system wide.

A few block lists that I would recommend:

1. Steven Hosts - https://github.com/StevenBlack/hosts

2. Adguard DNS - https://github.com/AdguardTeam/AdguardSDNSFilter

3. disconnect.me

The amount of DNS requests made silently in the background is astonishing across all devices.

https://github.com/StevenBlack/hosts

That is about 60,000 hosts, so I added MaraDNS support to have up to 500,000 blacklisted names. Since it’s a speed-optimized (not size-optimized) cache, each element takes about a kilobyte of memory, so a blacklist this size takes about 60 megabytes of memory for MaraDNS to store (on a modern Core i7 7600U processor, it only takes about two seconds to load all 60,000 elements in to memory), but it’s very rapid to use.

The script to take that blacklist and convert it in to a MaraDNS compatible format is here:

https://github.com/samboy/MaraDNS/blob/master/deadwood-githu...

There are ways to make the memory footprint of the blacklist smaller, but this was a quick and simple way to implement a medium sized blacklist. Finding ways to have, say, 10 million blacklist elements with a small memory footprint is left as an exercise for the reader.

My current project is to make a proper Docker container for MaraDNS.

[1] https://github.com/StevenBlack/hosts

[2] https://pi-hole.net/

I'm sure there are other options...

https://github.com/StevenBlack/hosts

Disclosure: there are many like it, but this one's mine.

Sounds like a hosts file, and the same end result could be achieved in any browser/system-wide by using a curated one such as:

https://github.com/StevenBlack/hosts

Or is Edge Tracking Prevention more effective in some way?

gmail/youtube etc work fine

[1] https://github.com/StevenBlack/hosts

- [0] https://github.com/StevenBlack/hosts

Repo: https://github.com/StevenBlack/hosts

https://github.com/StevenBlack/hosts

You can also run a ridiculously simple script from time to time (or create a cron job that does it for you, for example) to update your hosts file periodically, using the same blacklists[0]. No extra hardware needed.

[0]: https://github.com/StevenBlack/hosts.

git clone https://github.com/StevenBlack/hosts.git && cd hosts && pip3 install --user -r requirements.txt && python3 updateHostsFile.py --auto --replace --extensions social porn gambling

and going strong.

What I figured so far is that the trick is to stay away from the browser. So I've removed Safari on my iPhone (well, more like hidden), I've changed my rss client to newsboat - command line one, I moved all of my youtube subscriptions into rss, I've written a script that keeps track of videos I would like to watch from those rss subscriptions, downloads them in bulk in background (all hail systemd timers) and then gives me dmenu to pick a video to play in mpv.

I had Google app installed on my iPhone but I noticed that I use this thing to surf mindlessly again, so I deleted it. Basically I can't google stuff anymore on my phone =/. But so be it, it turned into communicator/navigator/music player/food orderer.

I did start reading books again because... Well, taking phone into toilet is pointless now, gotta do something, so I started reading books again. I'm actually reading multiple at the time, there is a paper book in the toilet, there is a book on my iphone and there is a book on my laptop, three completely unrelated topics so whenever I feel like procrastinating I read one of them. Well, except the one in toilet, I'm not procrastinating, I'm working hard there ;-).

Stay away from the browser guys.

Solve all my problems with ads and also effective against social, porn and gaming addiction.

The nice thing about this is that it blocks requests from any device in my network, especially from those which cannot be configured with a firewall or adblocker.

[1] https://github.com/StevenBlack/hosts

The first time I experienced a malicious ad in Spotify on my Linux machine, I started blocking them via my hosts file [1]. I was only hoping to block malicious sites but it ended up giving me a completely ad-free experience in Spotify.

As a free user I accept that I will be exposed to ads in exchange for not paying for the service, but they seriously need to do a better job vetting for malicious ads.

[1] https://github.com/StevenBlack/hosts

https://github.com/StevenBlack/hosts

https://github.com/StevenBlack/hosts

"This repository consolidates several reputable hosts files, and merges them into a unified hosts file with duplicates removed. A variety of tailored hosts files are provided."

* Pi-hole®: A black hole for Internet advertisements – curl -sSL https://install.pi-hole.net | bash || https://pi-hole.net/

* GitHub - StevenBlack/hosts: Extending and consolidating hosts files from several well-curated sources like adaway.org, mvps.org, malwaredomainlist.com, someonewhocares.org, and potentially others. You can optionally invoke extensions to block additional sites by category. || https://github.com/StevenBlack/hosts

Someone will make money selling an ad blocker device that's just a configured Raspberry Pi with a consumer-friendly way to install it on a home network.

https://github.com/StevenBlack/hosts

It seems to be well curated. Breakages are rare, and if there is one, you can file a bug.

Works well.

[1] https://pi-hole.net

[2] https://github.com/StevenBlack/hosts

[0] https://github.com/StevenBlack/hosts

[1] https://github.com/StreisandEffect/streisand

https://github.com/StevenBlack/hosts

and you don't need a device.

I use dnsmasq to resolve DNS queries on the server side. Dnsmasq's configuration file includes entries to block connections to ad networks, based on Steven Black's host file [0]. It's a great to achieve ad blocking on Android, since Google has banned ad blockers from the Play Store.

Jason Donenfeld, Wireguard's author, has a Patreon page: https://www.patreon.com/zx2c4

[0] https://github.com/StevenBlack/hosts

https://github.com/StevenBlack/hosts

Which sinkholes every known ad/malicious domain. It's been pretty useful, and it hasn't broken nothing important yet.

I have effectived block lots of analytic service. I can see how well it works when I open Chrome Dev Tool aand see bunch of console error due to js tracking fail to load.

I don't even waste time or cpu cycles with browser based blocking applications. Steven Black's[1] maintained hosts files are the best for blocking adware, malware, fakenews, gambling , porn and social media outlets.

[1] - https://github.com/StevenBlack/hosts/

I have a (fairly bad) smartphone and no data plan (just a small 200mb/mo emergency contingent). I have deleted all social media apps (Facebook, Twitter, Instagram, Messenger, all Games). On the go, I use apps with offline capabilities. Pocket Casts for Podcasts, the Kindle app for my books, Spotify for music. Those get synced on Wifi

If I use any apps of this kind, I do so on my Laptop:

Here, I have more control by using three Chrome extensions:

- Stay Focused (https://chrome.google.com/webstore/detail/stayfocusd/laankej...) which gives me a few minutes per day on a set of blacklisted sites.

- Newsfeed Eradicator ( https://chrome.google.com/webstore/detail/news-feed-eradicat... ) - does exactly what the name suggests. Still possible to use Facebook for events and to talk to friends

- Distraction Free Youtube (https://chrome.google.com/webstore/detail/df-youtube-distrac... ) deactivates the features that suck you down the Youtube rabbit whole of by clicking on recommended videos.

On top of that, I use uBlock which blocks all the ads that I would have to endure on my phone.

A little lower level, I have a modified hosts file which blocks social media sites: https://github.com/StevenBlack/hosts

Obviously it is possible to circumvent all of these self-imposed obstacles, but taking a couple of seconds to "take the safety off" is often enough to remind me why I have blocked those pages in the first place. It is enough time to let my prefrontal cortex reign in my dopamine seeking reptile brain.

Taking these measures has allowed me to drastically reduce my time spent on distracting sites.