My God, I cannot wait until the day we all read on Slashdot (no doubt, it will be posted on the front page, I assure you!)

"Alex, the one known as the "Super Fag" APK, has been found dead today in his home from an apparent intestines puncture. It would seem Mr APK was forcing what is known as a 'fake horse cock' up his rectum, which resulted in his colon and intestines being perforated and, ultimately, causing him to bleed out. He shall be missed greatly in this world as is known as "THE BEST SOFTWARE WRITER EVER" due to his AMAZING invention KNOWN AS THE HOST FILE. Who will ever take up his mantle now?

More on this horrific story at 11!"

I'll have you all now though, be careful using his "WaReZ" that he's pushing. Be sure to step through some IDA or something else, first. You'll be shocked when you find out what his software is doing behind the scene. Talk about 'soul'd out! (as he says)'

Ugh, you too? I had one of those at my shop. Old lady refused to accept that AOL stopped being 'cool' decades ago.

I always hated when she brought her machine in. It was basically, "Pick a virus from a hat" every time.

34GB is a -DOZEN- AAA games? What? Where?

Just on my machine alone:

Doom: 54.0 GB
Fallout 4: 25.3GB
Withcer 3: 50.04

What AAA games are -you- playing? It's not unheard of for Steam to chew through a couple hundred GB a month for me, and that's just for updates.

(In reply to ALL the replies to me)

Let me clarify for the record: I do NOT believe it was a bullet. I was merely stating that no one would hear a bullet with the loudness of a rocket. As I said, those things are -loud-.

Also, I think the whole conspiracy thing is a bunch of BS. Rocket science is -hard-, very hard. And things go boom all the time. Suck it up, Princess.

Not saying this theory is true, but have you ever heard a rocket? Especially a space bound rocket?

Those things are -loud- -- Even when sitting on the pad and going through pre-flight checks -- or anything where they're throttling the engines.

A .50bmg round wound sound like a chirp against all that background noise.

I have yet to see a single one that can decrypt SSL. I tried. A lot.

The only way to 'decrypt' is to force your own cert, which must be trusted on the devices (WPAD or manually) before it can actually do it without a browser throwing a fit. Unfortunately, once you have a mobile device enter, they tend to throw all kinds of hissy fits.

If I am wrong in assuming there is not a router that can actually decrypt ssl, then please, inform me. Because I looked for ages and even attempted to figure it out on my own. SSL is NOT perfect, but it does have a decent chain of trust.

I could not agree more on the point of treating all devices at hostile and, for the most part, I do.

I should note, since I didn't note it earlier - this is a home network, not a business, thankfully. All devices are mac-white list only. I do have a separate, highly restricted and segregated "friends" (Guest) network for hostiles that I cannot control. They also don't have all the protections of my main network.

A single point of failure, however, does make me think though. I did not consider that fact. Maybe it's time to rework a little of my little slice of heaven and see if I can add some better protections. FWIW, though; each device is accounted for on my network (non-guest) and all traffic (I don't "look" at traffic. Just have scripts and stuff to make sure it's not doing anything bad) is monitored. The 'firewall' portion, DPI and whatnot, works quite hard on all the packets, but for the most part, I've ran a clean network for many years. I just make sure to check the data at least once a day and fix / check out any irregularities. It's also helpful that there's approximately one windows machine in the network and it has a few more checks on it.

Thankfully, my network is more complex than most home networks. All my devices are set to ONLY work on my network. Wireless devices route through vpn to my network.

Thank you for the reply, either way.

I would love a better way to have a cert, a signed and proper cert, for my network, but I think the only choice is Let's Encrypt or whatever it's called now. I still am kind of leery about them. Some times, something that looks too good to be true, truly is. I will await the verdict in a year or so to see how they actually do.

So this runs to a different question: Any way to obtain a cert, for my network only, to authenticate my hosts and clients (At any given time, my network has ~25 clients, depending on which systems I have running at the time and which phones are powered on) before going out on that damn internet? I really don't want to pay for a cert, especially if it's fallible (Symantec.) -- Are they are any truly trustworthy ones left? Or should we just byte the bullet, roll our own cert and keep vigilant on logs (what I'm doing now)?

Would using squid reverse proxy on a PF sense (or other firewall setup) with your own certs, on machines you control that trust those certs, defeat something like this?

You, sir, owe me a new keyboard and carpet.

I was enjoying this tea, too!

I seriously like the way you think. A lot of these are pipe dreams, but wonderful dreams, nonetheless.

Unfortunately, typing this got rid of my mod for you, but I think words work better than a +1, at this point.

I like this.

You've encouraged me, and inspired me, to do something like this my self now. Thank you, sir.

Would you mind giving a little more detail of what kind of things you keep (or should keep) on the USB stick? And what encryption set up? Veracrypt would be nice but might be overkill.

I've never thought of this type of thing before and now that I am, I realize it's something I really need to do for my wife. Because I won't be here much longer.

If only APK's program could stop all wArEz on the internet.

If only APK's program could stop google's indexing of WaReZ on the internet.

If only APK could prove me wrong!

It has nothing to do with apt. I was just replying to the original A/C who said YUM was slow.