PDA

View Full Version : Spybot reaction to Anniversary Update and Question re Effectiveness of Host File



HarryStottle
2016-08-10, 14:35
For those unaware of the threat posed by the latest major Windoze 10 update, here is a brief summary of the main attacks (http://www.ghacks.net/2016/07/28/microsoft-removes-policies-windows-10-pro/):

I have been recommending and installing Anti-Beacon to all friends and associates since last October.

Saw early negative comments from other sources about the likely effectiveness of your host file telemetry blocking additions but my own tests seemed to confirm that the blocks worked.

Just performed my first "Anniversary Update" cleanup, on a friend's laptop, which I (now) always begin with an offline installation of anti-beacon (and various other forms of protection) before allowing the system to go online.

Regret to say that I saw first evidence that the telemetry blocks are no longer working (for at least some of the addresses)

So far the only solution I can find to that is manual addition of the relevant urls or their associated ip addresses to your router's blocking table, which is a) a pain in the ass (has to be done one address at a time) and b) singularly useless for anyone who carries around their laptop to multiple locations and regularly depends on wifi (and has no rights or access to the relevant routers).

Are the authors addressing - or even able to address - the issues raised by the "Anniversary Update" (also referred to as version 1607)

So far my only advice is to block the update completely. Anybody got any better ideas?

yul2000
2016-08-20, 00:03
For those unaware of the threat posed by the latest major Windoze 10 update, here is a brief summary of the main attacks (http://www.ghacks.net/2016/07/28/microsoft-removes-policies-windows-10-pro/):

I have been recommending and installing Anti-Beacon to all friends and associates since last October.

Saw early negative comments from other sources about the likely effectiveness of your host file telemetry blocking additions but my own tests seemed to confirm that the blocks worked.

Just performed my first "Anniversary Update" cleanup, on a friend's laptop, which I (now) always begin with an offline installation of anti-beacon (and various other forms of protection) before allowing the system to go online.

Regret to say that I saw first evidence that the telemetry blocks are no longer working (for at least some of the addresses)

So far the only solution I can find to that is manual addition of the relevant urls or their associated ip addresses to your router's blocking table, which is a) a pain in the ass (has to be done one address at a time) and b) singularly useless for anyone who carries around their laptop to multiple locations and regularly depends on wifi (and has no rights or access to the relevant routers).

Are the authors addressing - or even able to address - the issues raised by the "Anniversary Update" (also referred to as version 1607)

So far my only advice is to block the update completely. Anybody got any better ideas?

I just posted on another thread this is looks like a real hard task at this point to keep up with the changes.