Hello,
Suggestions
I'd like to suggest a few corrections to the current hosts file because I believe there may be redundant entries therein.
127.0.0.1 .hitbox.com
^should just be 127.0.0.1 hitbox.com. The existing entry would probably be more useful in a Proxy Auto-Config (PAC) file, without the prefix 127.0.0.1 of course.
Lastly, to remove the other redundant entry search for "127.0.0.1 link.p0.comBug][SiteAdvisor.p0.com". An existing entry exists for link.p0.com, but not for siteadvisor.p0.com. I think the brackets are invalid characters and probably shouldn't be there.
In future, I'd suggest scanning for errors via abelhadigital's HostsMan which also features removing duplicate entries and a more efficient arrangement of hosts file entries (maximum of 9 sites can be listed per line) - effectively saving space. Alternatively, I'd consider playing with sed educational.
Nonetheless, many thanks for sharing your knowledge. However, there are more to threats than simply having a site serving malware. It should be noted that the hosts file was
not specifically designed to be implemented as a security measure. There are far more capable tools to use to secure a system. The focus should be on the network and what is accepted across that network, not just the device accessing whatever may reside on the Interwebs, e.g. legitimate sites have been compromised and hijacked; advertisements have and still are being served via IP addresses rather than domain names, not to mention the seemingly endless array of pseudo-domain names e.g. runforrestrun etc.
Furthermore, the weakness of a hosts file is the repetitiveness and exact string match required to filter content. A PAC is more better equipped to handle IP Address and domain filtering than a hosts file. A hosts file is just a map to reference locations, not to block or prevent malware from reaching a host. For example, if an existing entry exists for fs01.eviladnetwork.net.ua and fs03.eviladnetwork.net.ua, and the app is communicating via fs02.eviladnetwork.net.ua, it effectively circumvented the hosts file. A PAC would just require 1 entry to do a more effective job of blocking the eviladnetwork, such as through the use of wildcards. For further clarification, the hosts file is not analogous to signature-based preventative measures, because by its very design, it would be unsuitable for that task.
Installing the hosts file
Additionally, I noticed some users in this thread have posted some comments in relation to ADFree. Based on my observation, the concept of using a hosts file to redirect requests to sites to localhost is the same, but the _content_ is significantly different because the app retrieves hosts files from pgl.yoyo.org and perhaps the mvps hosts file. To confirm, simply inspect the hosts file after using ADFree. The hosts file the OP has uploaded contains entries specifically for use on mobile platforms.
Finally, there are numerous ways to install the hosts file, but also certain requirements that must be met.
Enough space
I've seen some hosts files that range from 5MB to 20MB, so enough space on the /system partition is necessary (checking with the command 'df' from a terminal emulator will suffice.
Permission
Generally, on Android systems, the /system partition requires enough space to make modifications. Otherwise, it will return an error. You also require root privileges since you will have to mount the /system partition as writable before modifying anything in /system and its sub-directories. Some apps such as ES File Manager have settings that simplifies the process. If you are using ADB, you can issue commands along the lines of:
Code:
su
mount -o rw,remount -t yaffs2 /dev/block/mtdblock3 /system
The first line requests root privileges and sends a message to superuser or SuperSU etc.
The second line mounts the /system partition to a block with the permissions rw (read-write).
To keep things simple, if you are rooted, you can just use ES File Manager (free) or Root Explorer (paid) or even the Terminal Emulator (free, requires technical knowledge) to push the hosts file to /system/etc/. If you have ADB enabled, simply run adb root and then adb push <path to your hosts file here> /system/etc/hosts. As always, verify the filesize and permission of the hosts file with ls -l /system/etc/hosts.
For unrooted users, there are many restrictions and sometimes you shouldn't change anything that might affect the functionality of your device. Simply configuring your device to use a DNS server with content filtering such as OpenDNS (Web Spam category or simply Advertisements), DynDNS (phishing, fraud, spyware, advertisements) etc. should be sufficient since the scope is so great, a hosts file cannot compare. I only mention this because it has Phishtank and other projects that I support.
Anyway, I digress.
Another way is to use symbolic links (again requires root)
You can attempt to use symbolic links to create a map. It should be noted that some features of your device, such as HTC S-ON, will prevent modifications to the /system partition.
The symlink informs the Android system that the hosts file is located somewhere else. In this case, you can setup a symbolic link that maps itself to /system/etc. Something along the lines of "ln -s <path to your hosts file here> /system/etc/hosts".
Alternatively, if you are flashing a custom ROM and can check that there is enough space on the /system partition (I usually just remove unnecessary apps) you can simply replace the hosts file with your own one. Using 7-Zip or WinZip/WinRAR or just Windows shell, you can just open up the custom ROM file and drag your hosts file into the ROM and then flash it. No need to worry about setting custom permissions either.
Anyway, usual caveats are as follows:-
If you don't understand it, don't do it - just yet.
If you are unsure, ask, but it's still your responsibility to do with it what you will. Just don't forget people who may be involved.
Does it feel right?
And, maybe I should contribute and find ways to help developers out more.
Okay, that last one was just subliminal, but you get the point
On a final note, a hosts file can prevent apps from calling home and serving you with an ad if there is an existing entry that matches that address - though not an IP address. Considering the number of developers and advertising agencies and networks, it is bound to miss many. In this case, patching and other workarounds exist to remove the ad-space allocated to apps.
On the other hand, some ads can contain malicious content, and it would be wise to block well known malvertising sites that deceive both the developer and the end-user. Nevertheless, some developers rely on serving ads to earn enough to support their efforts, so perhaps purchasing an ad-free version of the app is the next best step (opportunity cost lingo here) to becoming a good citizen.
If you cared enough to follow that, thank-you. I should probably just TL;DR this, but you are a smart bunch, so take care and good luck.